package com.microsoft.intune.mam.client.identity;

import android.content.Context;
import com.microsoft.intune.mam.http.KnownClouds;
import com.microsoft.omadm.logging.MAMTelemetryLogger;
import dagger.Lazy;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.logging.Logger;
import java.util.stream.Stream;
import kotlin.CollapsingToolbarLayoutLayoutParams;
import kotlin.SafetyNetApiVerifyAppsUserResponse;
import kotlin.getReadingExceptionMessage;
import kotlin.r8lambdabZoaCm49JrDNg3UPCIlAWkp3Nnc;
import kotlin.zbab;
import kotlin.zbaj;

/* loaded from: classes2.dex */
public class MAMIdentityDatabasePersistenceManager implements MAMIdentityPersistenceManager {
    private static final String AUTHORITY_PROPERTY_NAME = "authority";
    private static final Logger LOGGER = Logger.getLogger("com.microsoft.intune.mam.client.identity.MAMIdentityDatabasePersistenceManager");
    private final String packageName;
    private final Lazy<SafetyNetApiVerifyAppsUserResponse> tableRepository;
    private final MAMTelemetryLogger telemetryLogger;

    @r8lambdabZoaCm49JrDNg3UPCIlAWkp3Nnc
    public MAMIdentityDatabasePersistenceManager(Context context, Lazy<SafetyNetApiVerifyAppsUserResponse> lazy, MAMTelemetryLogger mAMTelemetryLogger) {
        this.tableRepository = lazy;
        this.telemetryLogger = mAMTelemetryLogger;
        this.packageName = context.getPackageName();
    }

    private String getEffectiveValue(String str, boolean z, String str2, String str3) {
        if (getReadingExceptionMessage.newArray(str)) {
            return str2;
        }
        if (getReadingExceptionMessage.newArray(str2)) {
            return str;
        }
        if (!str.equals(str2)) {
            if (str3.equals("authority")) {
                logAuthorityChange(str, str2, z);
            } else {
                HashMap hashMap = new HashMap();
                hashMap.put("allowed", Boolean.toString(z));
                this.telemetryLogger.logTrackedOccurrence(this.packageName, CollapsingToolbarLayoutLayoutParams.tearDown, str3, hashMap);
            }
            if (z) {
                return str;
            }
        }
        return str2;
    }

    private Set<String> getUpnsForIdentity(String str) {
        HashSet hashSet = new HashSet();
        List<zbaj> INotificationSideChannel = this.tableRepository.get().INotificationSideChannel(zbaj.class, "OID=?", new String[]{str});
        if (INotificationSideChannel != null) {
            for (zbaj zbajVar : INotificationSideChannel) {
                if (getReadingExceptionMessage.removeSubscription(zbajVar.deprecated_encodedQuery)) {
                    hashSet.add(zbajVar.deprecated_encodedQuery);
                }
            }
        }
        return hashSet;
    }

    private void logAuthorityChange(String str, String str2, boolean z) {
        if (KnownClouds.fromAuthority(str) == KnownClouds.fromAuthority(str2)) {
            Logger logger = LOGGER;
            StringBuilder sb = new StringBuilder();
            sb.append(z ? "Allowing" : "Rejecting");
            sb.append(" attempt to change an already set authority within the same cloud to: ");
            sb.append(str);
            sb.append(" from: ");
            sb.append(str2);
            logger.info(sb.toString());
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("allowed", Boolean.toString(z));
        hashMap.put("existingValue", str2);
        hashMap.put("newValue", str);
        this.telemetryLogger.logTrackedOccurrence(this.packageName, CollapsingToolbarLayoutLayoutParams.tearDown, "authority", hashMap);
        Logger logger2 = LOGGER;
        StringBuilder sb2 = new StringBuilder();
        sb2.append(z ? "Allowing" : "Rejecting");
        sb2.append(" attempt to change an already set authority across clouds to: ");
        sb2.append(str);
        sb2.append(" from: ");
        sb2.append(str2);
        logger2.warning(sb2.toString());
    }

    private void logRejectedUpdate(zbab zbabVar, MAMIdentity mAMIdentity) {
        Logger logger = LOGGER;
        logger.info("rejecting MAMIdentity updates because the stored data is already validated.");
        if (!getReadingExceptionMessage.newArray(zbabVar.deprecated_encodedFragment) && !getReadingExceptionMessage.newArray(mAMIdentity.tenantId()) && !zbabVar.deprecated_encodedFragment.equals(mAMIdentity.tenantId())) {
            logger.info("Rejecting attempt to change Tenant Id");
        }
        if (getReadingExceptionMessage.newArray(zbabVar.deprecated_encodedPassword) || getReadingExceptionMessage.newArray(mAMIdentity.authority()) || zbabVar.deprecated_encodedPassword.equals(mAMIdentity.authority())) {
            return;
        }
        logAuthorityChange(mAMIdentity.authority(), zbabVar.deprecated_encodedPassword, false);
    }

    private MAMIdentity mamIdentityFromDataObject(zbab zbabVar) {
        if (zbabVar == null) {
            return null;
        }
        return new MAMIdentity(getUpnsForIdentity(zbabVar.accessgetHEX_DIGITScp), zbabVar.accessgetHEX_DIGITScp, zbabVar.deprecated_encodedPassword, zbabVar.deprecated_encodedFragment, zbabVar.defaultPort.booleanValue());
    }

    private boolean shouldUpdateDatabase(String str, String str2) {
        return (getReadingExceptionMessage.newArray(str) || str.equals(str2)) ? false : true;
    }

    @Override // com.microsoft.intune.mam.client.identity.MAMIdentityPersistenceManager
    public List<MAMIdentity> getPersistedIdentities() {
        ArrayList arrayList = new ArrayList();
        List onItemLoaded = this.tableRepository.get().onItemLoaded(zbab.class);
        if (onItemLoaded != null) {
            Iterator it = onItemLoaded.iterator();
            while (it.hasNext()) {
                arrayList.add(mamIdentityFromDataObject((zbab) it.next()));
            }
        }
        return arrayList;
    }

    @Override // com.microsoft.intune.mam.client.identity.MAMIdentityPersistenceManager
    public MAMIdentity persistIdentity(MAMIdentity mAMIdentity) {
        synchronized (this) {
            if (!mAMIdentity.hasValidAadId()) {
                LOGGER.severe("Identity without valid OID received by persistIdentity");
                return null;
            }
            zbab zbabVar = (zbab) this.tableRepository.get().cancelAll(new zbab.cancel(mAMIdentity.aadId()));
            if (zbabVar == null) {
                zbabVar = new zbab(mAMIdentity.aadId(), mAMIdentity.tenantId(), mAMIdentity.authority(), Boolean.valueOf(mAMIdentity.validated()));
                this.tableRepository.get().asInterface(zbabVar);
                LOGGER.info("persisted new MAMIdentity.");
            } else if (zbabVar.defaultPort.booleanValue()) {
                logRejectedUpdate(zbabVar, mAMIdentity);
            } else {
                String effectiveValue = getEffectiveValue(mAMIdentity.tenantId(), mAMIdentity.validated(), zbabVar.deprecated_encodedFragment, "tenant id");
                boolean shouldUpdateDatabase = shouldUpdateDatabase(effectiveValue, zbabVar.deprecated_encodedFragment);
                String effectiveValue2 = getEffectiveValue(mAMIdentity.authority(), mAMIdentity.validated(), zbabVar.deprecated_encodedPassword, "authority");
                if ((shouldUpdateDatabase || shouldUpdateDatabase(effectiveValue2, zbabVar.deprecated_encodedPassword)) || mAMIdentity.validated()) {
                    zbabVar = new zbab(mAMIdentity.aadId(), effectiveValue, effectiveValue2, Boolean.valueOf(mAMIdentity.validated()));
                    this.tableRepository.get().asInterface(zbabVar);
                    LOGGER.info("updating MAMIdentity in the database.");
                } else {
                    LOGGER.info("not updating MAMIdentity because no changes were found.");
                }
            }
            Set<String> upnsForIdentity = getUpnsForIdentity(mAMIdentity.aadId());
            for (String str : mAMIdentity.upns()) {
                if (!getReadingExceptionMessage.registerCallbackMessenger(str)) {
                    Stream<String> stream = upnsForIdentity.stream();
                    Objects.requireNonNull(str);
                    if (!stream.anyMatch(new MAMIdentityDatabasePersistenceManager$$ExternalSyntheticLambda0(str))) {
                        this.tableRepository.get().asInterface(new zbaj(mAMIdentity.aadId(), str));
                        upnsForIdentity.add(str);
                        LOGGER.info("Persisting new UPN for MAMIdentity.");
                    }
                }
            }
            return new MAMIdentity(upnsForIdentity, zbabVar.accessgetHEX_DIGITScp, zbabVar.deprecated_encodedPassword, zbabVar.deprecated_encodedFragment, zbabVar.defaultPort.booleanValue());
        }
    }
}
