package com.l7tech.msso.policy;

import android.content.Context;
import com.l7tech.msso.MobileSsoConfig;
import com.l7tech.msso.cert.CertUtils;
import com.l7tech.msso.conf.ConfigurationProvider;
import com.l7tech.msso.context.MssoContext;
import com.l7tech.msso.context.MssoException;
import com.l7tech.msso.key.KeyUtils;
import com.l7tech.msso.policy.exceptions.CredentialRequiredException;
import com.l7tech.msso.policy.exceptions.DeviceRegistrationAwaitingActivationException;
import com.l7tech.msso.policy.exceptions.JwtValidationException;
import com.l7tech.msso.policy.exceptions.MAGException;
import com.l7tech.msso.policy.exceptions.MssoStateException;
import com.l7tech.msso.policy.exceptions.TokenStoreUnavailableException;
import com.l7tech.msso.store.TokenManager;
import com.l7tech.msso.store.TokenStoreException;
import com.l7tech.msso.token.Credentials;
import com.l7tech.msso.token.IdToken;
import com.l7tech.msso.token.TokenServerClient;
import java.security.KeyPair;
import java.security.cert.CertificateException;
import org.apache.http.HttpResponse;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class DeviceRegistrationPolicy implements MssoPolicy {
    private ConfigurationProvider conf;
    private TokenManager tokenManager;

    private void registerDevice(MssoContext mssoContext) throws MssoStateException, MAGException {
        KeyPair keyPair;
        if (!this.tokenManager.isTokenStoreReady()) {
            throw new TokenStoreUnavailableException();
        }
        Credentials credentials = mssoContext.getCredentials();
        if (credentials == null) {
            throw new CredentialRequiredException();
        }
        if (!credentials.isValid()) {
            throw new CredentialRequiredException();
        }
        KeyPair clientKeyPair = this.tokenManager.getClientKeyPair();
        if (clientKeyPair == null) {
            Integer num = (Integer) this.conf.getProperty(MobileSsoConfig.PROP_CLIENT_CERT_RSA_KEYBITS);
            if (num == null) {
                num = 1024;
            }
            KeyPair generateRsaKeyPair = KeyUtils.generateRsaKeyPair(num.intValue());
            try {
                this.tokenManager.saveClientKeyPair(generateRsaKeyPair);
                keyPair = generateRsaKeyPair;
            } catch (TokenStoreException e) {
                throw new TokenStoreUnavailableException(e);
            }
        } else {
            keyPair = clientKeyPair;
        }
        String deviceId = mssoContext.getDeviceId();
        String deviceName = mssoContext.getDeviceName();
        try {
            String str = (String) this.conf.getProperty(MobileSsoConfig.PROP_ORGANIZATION);
            if (str == null) {
                str = "Unknown Organization";
            }
            byte[] generateCertificateSigningRequest = CertUtils.generateCertificateSigningRequest(credentials.getUsername(), deviceId, deviceName, str, keyPair);
            mssoContext.resetHttpClient();
            Boolean bool = (Boolean) this.conf.getProperty(MobileSsoConfig.PROP_SSO_ENABLED);
            TokenServerClient.DeviceRegistrationResult registerDevice = new TokenServerClient(mssoContext).registerDevice(generateCertificateSigningRequest, credentials, mssoContext.getClientId(), mssoContext.getClientSecret(), deviceId, deviceName, bool != null && bool.booleanValue());
            IdToken idToken = registerDevice.getIdToken();
            try {
                this.tokenManager.saveClientCertificateChain(registerDevice.getClientCertificateChain());
                this.tokenManager.saveDeviceIdentifier(registerDevice.getDeviceIdentifier());
                mssoContext.onDeviceRegistrationCompleted();
                if (idToken != null) {
                    try {
                        mssoContext.onIdTokenAvailable(idToken);
                    } catch (JwtValidationException e2) {
                        throw new JwtValidationException(e2.getErrorCode(), e2.getMessage(), e2);
                    }
                }
                if (TokenServerClient.DeviceStatus.REGISTERED.equals(registerDevice.getDeviceStatus())) {
                    throw new DeviceRegistrationAwaitingActivationException();
                }
            } catch (TokenStoreException e3) {
                throw new TokenStoreUnavailableException("Token store unavailable: " + e3.getMessage(), e3);
            }
        } catch (CertificateException e4) {
            throw new MssoException(e4);
        }
    }

    @Override // com.l7tech.msso.policy.MssoPolicy
    public void close() {
    }

    @Override // com.l7tech.msso.policy.MssoPolicy
    public void init(MssoContext mssoContext, Context context) throws MssoException {
        if (mssoContext == null) {
            throw new NullPointerException("mssoContext");
        }
        this.tokenManager = mssoContext.getTokenManager();
        if (this.tokenManager == null) {
            throw new NullPointerException("mssoContext.tokenManager");
        }
        this.conf = mssoContext.getConfigurationProvider();
        if (this.conf == null) {
            throw new NullPointerException("mssoContext.configurationProvider");
        }
    }

    @Override // com.l7tech.msso.policy.MssoPolicy
    public void processRequest(MssoContext mssoContext, RequestInfo requestInfo) throws MssoStateException, MAGException {
        if (this.tokenManager == null || this.conf == null) {
            throw new IllegalStateException("not initialized");
        }
        if (mssoContext.isDeviceRegistered()) {
            return;
        }
        try {
            registerDevice(mssoContext);
            if (mssoContext.getCredentials() == null || mssoContext.getCredentials().isReuseable()) {
            }
        } finally {
            mssoContext.setCredentials(null);
        }
    }

    @Override // com.l7tech.msso.policy.MssoPolicy
    public void processResponse(MssoContext mssoContext, RequestInfo requestInfo, HttpResponse httpResponse) throws MssoStateException {
    }
}
