package oracle.idm.mobile.auth;

import android.annotation.TargetApi;
import android.os.Build;
import android.text.TextUtils;
import android.util.Log;
import android.webkit.ClientCertRequest;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Map;
import oracle.idm.mobile.OMErrorCode;
import oracle.idm.mobile.OMMobileSecurityException;
import oracle.idm.mobile.OMMobileSecurityService;
import oracle.idm.mobile.certificate.ClientCertificatePreference;
import oracle.idm.mobile.certificate.OMCertificateService;
import oracle.idm.mobile.configuration.OMAuthenticationScheme;

/* loaded from: classes.dex */
public class f0 extends x {
    private static final String m = "f0";
    private boolean e;
    private d f;
    private ClientCertRequest g;
    private AuthenticationService h;
    private OMAuthenticationContext i;
    private oracle.idm.mobile.a j;
    private String k;
    private ClientCertificatePreference.Storage l;

    /* loaded from: classes.dex */
    static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f2462a;

        static {
            int[] iArr = new int[OMAuthenticationScheme.values().length];
            f2462a = iArr;
            try {
                iArr[OMAuthenticationScheme.FEDERATED.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f2462a[OMAuthenticationScheme.OAUTH20.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public f0(d dVar, ClientCertRequest clientCertRequest, oracle.idm.mobile.a aVar, AuthenticationService authenticationService, OMAuthenticationContext oMAuthenticationContext) {
        super(dVar.q().n(), dVar.m());
        boolean z = clientCertRequest != null;
        this.e = z;
        this.f = dVar;
        this.g = clientCertRequest;
        this.j = aVar;
        this.h = authenticationService;
        this.i = oMAuthenticationContext;
        if (z) {
            int i = a.f2462a[dVar.q().n().g().ordinal()];
            if (i == 1) {
            } else {
                if (i != 2) {
                    return;
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.idm.mobile.auth.x
    public void a(OMMobileSecurityService oMMobileSecurityService, w wVar, b bVar) {
        oracle.idm.mobile.logging.a.e(m, "createChallengeRequest");
        this.f.m().c(oMMobileSecurityService, wVar, this);
    }

    @Override // oracle.idm.mobile.auth.x
    public void c(Map<String, Object> map) {
        String str = m;
        oracle.idm.mobile.logging.a.e(str, "proceed");
        try {
            e(map);
            ClientCertificatePreference clientCertificatePreference = new ClientCertificatePreference(this.k, this.l);
            oracle.idm.mobile.logging.a.e(str, "Provided Client alias: " + this.k + " from: " + this.l);
            if (this.e) {
                g(this.g, clientCertificatePreference);
                return;
            }
            this.i.v().put("ClientCertificatePreference", clientCertificatePreference);
            this.f.q().z(clientCertificatePreference);
            d dVar = this.f;
            dVar.F(dVar.m(), this.j, this.h, this.i);
        } catch (OMMobileSecurityException unused) {
            this.f.N(this.f.m(), null, new OMMobileSecurityException(OMErrorCode.INVALID_CLIENT_CERTIFICATE));
        }
    }

    @Override // oracle.idm.mobile.auth.x
    public void e(Map<String, Object> map) {
        ClientCertificatePreference.Storage storage;
        if (map == null) {
            oracle.idm.mobile.logging.a.c(m, "Response fields are null.");
            throw new OMMobileSecurityException(OMErrorCode.INVALID_CLIENT_CERTIFICATE);
        }
        this.k = (String) map.get("client_certificate_alias_key");
        this.l = (ClientCertificatePreference.Storage) map.get("client_certificate_storage_pref_key");
        if (TextUtils.isEmpty(this.k) || (storage = this.l) == null) {
            oracle.idm.mobile.logging.a.c(m, "Invalid response fields.");
            throw new OMMobileSecurityException(OMErrorCode.INVALID_CLIENT_CERTIFICATE);
        }
        if (storage != ClientCertificatePreference.Storage.APP_LEVEL_ANDROID_KEYSTORE || Build.VERSION.SDK_INT >= 18) {
            oracle.idm.mobile.logging.a.a(m, "Have the required fields.");
        } else {
            oracle.idm.mobile.logging.a.c(m, "AndroidKeyStore is available only in Android 4.3 and above.");
            throw new OMMobileSecurityException(OMErrorCode.ANDROID_KEYSTORE_NOT_AVAILABLE);
        }
    }

    @TargetApi(21)
    public void g(ClientCertRequest clientCertRequest, ClientCertificatePreference clientCertificatePreference) {
        if (clientCertificatePreference.a() == null) {
            Log.d(m, "No Client alias selected hence canceling the client certificate request.");
            clientCertRequest.cancel();
            return;
        }
        try {
            KeyStore.PrivateKeyEntry e = new OMCertificateService(this.f.h()).e(clientCertificatePreference.a(), clientCertificatePreference.b());
            clientCertRequest.proceed(e.getPrivateKey(), (X509Certificate[]) e.getCertificateChain());
        } catch (Exception e2) {
            Log.e(m, e2.getLocalizedMessage(), e2);
            clientCertRequest.ignore();
        }
    }
}
