package oracle.idm.mobile.auth;

import android.annotation.TargetApi;
import android.os.Build;
import android.text.TextUtils;
import android.util.Log;
import android.webkit.ClientCertRequest;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Map;
import oracle.idm.mobile.OMErrorCode;
import oracle.idm.mobile.OMMobileSecurityException;
import oracle.idm.mobile.OMMobileSecurityService;
import oracle.idm.mobile.auth.AuthenticationService;
import oracle.idm.mobile.certificate.ClientCertificatePreference;
import oracle.idm.mobile.certificate.OMCertificateService;
import oracle.idm.mobile.configuration.OMAuthenticationScheme;

/* loaded from: classes.dex */
public class f0 extends x {

    /* renamed from: o, reason: collision with root package name */
    private static final String f6345o = "f0";

    /* renamed from: e, reason: collision with root package name */
    private boolean f6346e;

    /* renamed from: f, reason: collision with root package name */
    private d f6347f;

    /* renamed from: g, reason: collision with root package name */
    private ClientCertRequest f6348g;

    /* renamed from: h, reason: collision with root package name */
    private AuthenticationService f6349h;

    /* renamed from: i, reason: collision with root package name */
    private OMAuthenticationContext f6350i;

    /* renamed from: j, reason: collision with root package name */
    private oracle.idm.mobile.a f6351j;

    /* renamed from: k, reason: collision with root package name */
    private w f6352k;

    /* renamed from: l, reason: collision with root package name */
    private String f6353l;

    /* renamed from: m, reason: collision with root package name */
    private ClientCertificatePreference.Storage f6354m;

    /* renamed from: n, reason: collision with root package name */
    private x f6355n;

    /* loaded from: classes.dex */
    static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f6356a;

        static {
            int[] iArr = new int[OMAuthenticationScheme.values().length];
            f6356a = iArr;
            try {
                iArr[OMAuthenticationScheme.FEDERATED.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f6356a[OMAuthenticationScheme.OAUTH20.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public f0(d dVar, ClientCertRequest clientCertRequest, oracle.idm.mobile.a aVar, AuthenticationService authenticationService, OMAuthenticationContext oMAuthenticationContext) {
        super(dVar.q().n(), dVar.m());
        x xVar;
        boolean z3 = clientCertRequest != null;
        this.f6346e = z3;
        this.f6347f = dVar;
        this.f6348g = clientCertRequest;
        this.f6351j = aVar;
        this.f6349h = authenticationService;
        this.f6350i = oMAuthenticationContext;
        if (z3) {
            int i4 = a.f6356a[dVar.q().n().g().ordinal()];
            if (i4 == 1) {
                xVar = (i) dVar.k(AuthenticationService.Type.FED_AUTH_SERVICE);
            } else if (i4 != 2) {
                return;
            } else {
                xVar = (n) dVar.k(AuthenticationService.Type.OAUTH20_AC_SERVICE);
            }
            this.f6355n = xVar;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.idm.mobile.auth.x
    public void a(OMMobileSecurityService oMMobileSecurityService, w wVar, b bVar) {
        k3.a.e(f6345o, "createChallengeRequest");
        this.f6352k = wVar;
        this.f6347f.m().c(oMMobileSecurityService, wVar, this);
    }

    @Override // oracle.idm.mobile.auth.x
    public void c(Map<String, Object> map) {
        String str = f6345o;
        k3.a.e(str, "proceed");
        try {
            e(map);
            ClientCertificatePreference clientCertificatePreference = new ClientCertificatePreference(this.f6353l, this.f6354m);
            k3.a.e(str, "Provided Client alias: " + this.f6353l + " from: " + this.f6354m);
            if (this.f6346e) {
                g(this.f6348g, clientCertificatePreference);
                return;
            }
            this.f6350i.v().put("ClientCertificatePreference", clientCertificatePreference);
            this.f6347f.q().z(clientCertificatePreference);
            d dVar = this.f6347f;
            dVar.F(dVar.m(), this.f6351j, this.f6349h, this.f6350i);
        } catch (OMMobileSecurityException unused) {
            this.f6347f.N(this.f6347f.m(), null, new OMMobileSecurityException(OMErrorCode.INVALID_CLIENT_CERTIFICATE));
        }
    }

    @Override // oracle.idm.mobile.auth.x
    public void e(Map<String, Object> map) {
        ClientCertificatePreference.Storage storage;
        if (map == null) {
            k3.a.c(f6345o, "Response fields are null.");
            throw new OMMobileSecurityException(OMErrorCode.INVALID_CLIENT_CERTIFICATE);
        }
        this.f6353l = (String) map.get("client_certificate_alias_key");
        this.f6354m = (ClientCertificatePreference.Storage) map.get("client_certificate_storage_pref_key");
        if (TextUtils.isEmpty(this.f6353l) || (storage = this.f6354m) == null) {
            k3.a.c(f6345o, "Invalid response fields.");
            throw new OMMobileSecurityException(OMErrorCode.INVALID_CLIENT_CERTIFICATE);
        }
        if (storage != ClientCertificatePreference.Storage.APP_LEVEL_ANDROID_KEYSTORE || Build.VERSION.SDK_INT >= 18) {
            k3.a.a(f6345o, "Have the required fields.");
        } else {
            k3.a.c(f6345o, "AndroidKeyStore is available only in Android 4.3 and above.");
            throw new OMMobileSecurityException(OMErrorCode.ANDROID_KEYSTORE_NOT_AVAILABLE);
        }
    }

    @TargetApi(21)
    public void g(ClientCertRequest clientCertRequest, ClientCertificatePreference clientCertificatePreference) {
        if (clientCertificatePreference.a() == null) {
            Log.d(f6345o, "No Client alias selected hence canceling the client certificate request.");
            clientCertRequest.cancel();
            return;
        }
        try {
            KeyStore.PrivateKeyEntry e4 = new OMCertificateService(this.f6347f.h()).e(clientCertificatePreference.a(), clientCertificatePreference.b());
            clientCertRequest.proceed(e4.getPrivateKey(), (X509Certificate[]) e4.getCertificateChain());
        } catch (Exception e5) {
            Log.e(f6345o, e5.getLocalizedMessage(), e5);
            clientCertRequest.ignore();
        }
    }
}
