package com.citrix.client.authmanager.storefront;

import android.text.TextUtils;
import android.util.Log;
import com.citrix.client.deliveryservices.security.messages.RequestToken;
import com.citrix.client.deliveryservices.security.messages.RequestTokenChoice;
import com.citrix.client.deliveryservices.security.messages.RequestTokenChoices;
import com.citrix.client.deliveryservices.security.messages.RequestTokenResponse;
import com.citrix.client.deliveryservices.utilities.AGAuthenticationInfo;
import com.citrix.client.deliveryservices.utilities.DeliveryServicesException;
import com.citrix.client.deliveryservices.utilities.HttpHelpers;
import com.citrix.client.deliveryservices.utilities.StoreFrontUtilities;
import com.citrix.client.httputilities.HttpClientHelper;
import com.citrix.client.pnagent.enums.AsyncTaskStatus;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Map;
import javax.net.ssl.SSLException;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.xpath.XPathExpressionException;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.xml.sax.SAXException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class AuthenticationController {
    private AGAuthenticationInfo m_agAuthInfo;
    private boolean m_bUseSmartcard;
    private CertificateAuthenticator m_certAuthenticator;
    private String m_deviceId;
    private ExplicitAuthenticator m_explicitAuthenticator;
    private HttpClientHelper.IExtendedHttpClient m_httpClient;
    private RequestTokenResponse m_primaryToken;
    private ProtocolEnumerator m_protocolEnumerator;
    private CitrixAuthChallenge m_tokenChallenge;
    private TokenManager m_tokenManager;

    private void GetProtocolInformationForChallenge() throws SSLException, IllegalStateException, ClientProtocolException, URISyntaxException, TransformerException, ParserConfigurationException, IOException, DeliveryServicesException {
        RequestTokenChoices protocolChoices = this.m_protocolEnumerator.getProtocolChoices();
        if (protocolChoices != null && protocolChoices.getChoicesCount() != 0) {
            Log.d("AuthenticationController::GetProtocolInformationForChallenge", "Already have protocol choices - no need to requery");
            return;
        }
        this.m_protocolEnumerator.Initialise(this.m_tokenChallenge, TokenRequestClient.EIGHTHOURLIFETIME, TokenRequestClient.EIGHTHOURLIFETIME, null, this.m_agAuthInfo, this.m_deviceId);
        RequestTokenChoices GetProtocolListForService = this.m_protocolEnumerator.GetProtocolListForService(this.m_httpClient);
        if (GetProtocolListForService.getChoicesCount() <= 0) {
            Log.e("AuthenticationController::GetProtocolInformationForChallenge", "No protocol choices returned from server");
            throw new DeliveryServicesException(AsyncTaskStatus.StatusErrorUnexpectedProtocolChoiceResponse);
        }
        for (RequestTokenChoice requestTokenChoice : GetProtocolListForService.getProtocolList()) {
            Log.d("AuthenticationController::GetProtocolInformationForChallenge", "Protocol = " + requestTokenChoice.m_protocol + " location = " + requestTokenChoice.m_location);
        }
        this.m_tokenManager.Initialise(this.m_httpClient, this.m_tokenChallenge.getLocation(0), this.m_agAuthInfo, this.m_deviceId);
    }

    private LoginRet doAGBasic() throws DeliveryServicesException, SSLException, IllegalStateException, ClientProtocolException, XPathExpressionException, TransformerException, ParserConfigurationException, IOException, SAXException {
        RequestTokenChoice FindProtocol = this.m_protocolEnumerator.FindProtocol("CitrixAGBasic");
        if (FindProtocol != null && !TextUtils.isEmpty(FindProtocol.m_location)) {
            return doAGSSOLogin_internal(FindProtocol);
        }
        LoginRet loginRet = new LoginRet();
        loginRet.result = AsyncTaskStatus.StatusErrorUnsupportedAuthProtocol;
        return loginRet;
    }

    private LoginRet doAGSSOLogin() throws DeliveryServicesException, SSLException, IllegalStateException, ClientProtocolException, XPathExpressionException, TransformerException, ParserConfigurationException, IOException, SAXException {
        RequestTokenChoice FindProtocol = this.m_protocolEnumerator.FindProtocol("CitrixAGBasicNoPassword");
        if (FindProtocol == null || TextUtils.isEmpty(FindProtocol.m_location)) {
            FindProtocol = this.m_protocolEnumerator.FindProtocol("CitrixAGBasic");
        }
        if (FindProtocol == null || TextUtils.isEmpty(FindProtocol.m_location)) {
            LoginRet loginRet = new LoginRet();
            loginRet.result = AsyncTaskStatus.StatusErrorUnsupportedAuthProtocol;
            return loginRet;
        }
        LoginRet doAGSSOLogin_internal = doAGSSOLogin_internal(FindProtocol);
        if (doAGSSOLogin_internal.result != AsyncTaskStatus.StatusDeliveryServicesUnexpectedResponse) {
            return doAGSSOLogin_internal;
        }
        Log.d("doAGSSOLogin", "CitrixAGBasicNoPassword failed with 403 as AG might have used password for authentication. So, try again with CitrixAGBasic");
        if (!"CitrixAGBasicNoPassword".equals(FindProtocol.m_protocol)) {
            return doAGSSOLogin_internal;
        }
        RequestTokenChoice FindProtocol2 = this.m_protocolEnumerator.FindProtocol("CitrixAGBasic");
        if (FindProtocol2 != null && !TextUtils.isEmpty(FindProtocol2.m_location)) {
            return doAGSSOLogin_internal(FindProtocol2);
        }
        LoginRet loginRet2 = new LoginRet();
        loginRet2.result = AsyncTaskStatus.StatusErrorUnsupportedAuthProtocol;
        return loginRet2;
    }

    private LoginRet doAGSSOLogin_internal(RequestTokenChoice requestTokenChoice) throws DeliveryServicesException, SSLException, IllegalStateException, ClientProtocolException, XPathExpressionException, TransformerException, ParserConfigurationException, IOException, SAXException {
        LoginRet loginRet = new LoginRet();
        AGAuthenticator aGAuthenticator = new AGAuthenticator();
        initializeAGAuthClient(this.m_httpClient, aGAuthenticator, this.m_protocolEnumerator, requestTokenChoice, TokenRequestClient.EIGHTHOURLIFETIME, this.m_agAuthInfo, this.m_deviceId);
        AGAuthenticationResult Authenticate = aGAuthenticator.Authenticate();
        loginRet.result = Authenticate.result;
        switch (Authenticate.ProtocolState) {
            case TokenReceived:
                this.m_primaryToken = Authenticate.PrimaryToken;
                loginRet.PrimaryToken = this.m_primaryToken;
                loginRet.SecondaryToken = getSecondaryToken();
                loginRet.ProtocolState = ExplicitState.TokenReceived;
                loginRet.result = Authenticate.result;
                return loginRet;
            default:
                Log.e("doAGSSOLogin", "Unhandled protocol state: " + Authenticate.ProtocolState.name());
                return loginRet;
        }
    }

    private LoginRet doExplicitLogin() throws ClientNotInitializedException, SSLException, IllegalStateException, ClientProtocolException, TransformerException, ParserConfigurationException, IOException, XPathExpressionException, SAXException, URISyntaxException, DeliveryServicesException {
        initializeExplicitClient(this.m_httpClient, this.m_explicitAuthenticator, this.m_protocolEnumerator, TokenRequestClient.EIGHTHOURLIFETIME, HttpHelpers.getAcceptLanguage());
        return this.m_explicitAuthenticator.Authenticate(ActionType.Login, StoreFrontUtilities.getHeaders(null, this.m_deviceId));
    }

    private LoginRet doSmartCardLogin() throws ClientNotInitializedException, SSLException, IllegalStateException, ClientProtocolException, TransformerException, ParserConfigurationException, IOException, XPathExpressionException, SAXException, URISyntaxException, DeliveryServicesException {
        Log.d("doSmartCardLogin", "Entry ");
        CertificateAuthenticator certificateAuthenticator = new CertificateAuthenticator();
        LoginRet loginRet = new LoginRet();
        initializeCertificateClient(this.m_httpClient, certificateAuthenticator, this.m_protocolEnumerator, TokenRequestClient.EIGHTHOURLIFETIME, HttpHelpers.getAcceptLanguage());
        CertificateAuthenticationResult Authenticate = certificateAuthenticator.Authenticate(StoreFrontUtilities.getHeaders(null, this.m_deviceId));
        switch (Authenticate.ProtocolState) {
            case TokenReceived:
                this.m_primaryToken = Authenticate.PrimaryToken;
                loginRet.PrimaryToken = this.m_primaryToken;
                loginRet.SecondaryToken = getSecondaryToken();
                loginRet.ProtocolState = ExplicitState.TokenReceived;
                return loginRet;
            default:
                Log.e("doSmartCardLogin", "Unhandled protocol state: " + Authenticate.ProtocolState.name());
                return loginRet;
        }
    }

    private AuthenticationMode getAuthenticationMode() {
        AuthenticationMode authenticationMode = AuthenticationMode.Unknown;
        if (this.m_protocolEnumerator.FindProtocol("CitrixAGBasicNoPassword") != null && this.m_bUseSmartcard) {
            authenticationMode = AuthenticationMode.AGSSO;
        } else if (this.m_protocolEnumerator.FindProtocol("CitrixAGBasic") != null) {
            authenticationMode = AuthenticationMode.AGBasic;
        } else if (this.m_protocolEnumerator.FindProtocol(CertificateConstants.CERTIFICATE) != null && this.m_bUseSmartcard) {
            authenticationMode = AuthenticationMode.Certificate;
        } else if (this.m_protocolEnumerator.FindProtocol("ExplicitForms") != null) {
            authenticationMode = AuthenticationMode.Explicit;
        }
        Log.d("AuthenticationController::getAuthenticationMode", "Authentication Mode :" + authenticationMode);
        return authenticationMode;
    }

    private LoginRet getResult(ActionType actionType, Map<String, String> map) throws SSLException, IllegalStateException, ClientProtocolException, XPathExpressionException, ClientNotInitializedException, TransformerException, ParserConfigurationException, IOException, SAXException, URISyntaxException, DeliveryServicesException {
        LoginRet Authenticate = this.m_explicitAuthenticator.Authenticate(actionType, map);
        switch (Authenticate.ProtocolState) {
            case TokenReceived:
                this.m_primaryToken = Authenticate.PrimaryToken;
                Authenticate.SecondaryToken = getSecondaryToken();
                return Authenticate;
            default:
                Log.e("getResult", "Unhandled switch case statement: " + Authenticate.ProtocolState.name());
                return Authenticate;
        }
    }

    private RequestTokenResponse getSecondaryToken() throws SSLException, IllegalStateException, ClientProtocolException, XPathExpressionException, TransformerException, ParserConfigurationException, IOException, SAXException, DeliveryServicesException {
        if (this.m_tokenChallenge == null) {
            throw new IllegalStateException("m_tokenChallenge");
        }
        if (this.m_primaryToken == null) {
            throw new IllegalStateException("m_primaryToken");
        }
        if (TextUtils.isEmpty(this.m_primaryToken.getToken())) {
            throw new IllegalStateException("m_primaryToken.getToken");
        }
        return this.m_tokenManager.RequestToken(new RequestToken(TokenRequestClient.EIGHTHOURLIFETIME, "", this.m_tokenChallenge.getRealm(), this.m_tokenChallenge.getRequestUri().toString()), this.m_primaryToken.getToken());
    }

    private static void initializeAGAuthClient(HttpClient httpClient, AGAuthenticator aGAuthenticator, ProtocolEnumerator protocolEnumerator, RequestTokenChoice requestTokenChoice, String str, AGAuthenticationInfo aGAuthenticationInfo, String str2) throws DeliveryServicesException {
        if (httpClient == null) {
            throw new IllegalArgumentException("httpClient");
        }
        if (aGAuthenticationInfo == null) {
            throw new IllegalArgumentException("agInfo");
        }
        if (aGAuthenticator == null) {
            throw new IllegalArgumentException("agAuthenticator");
        }
        if (protocolEnumerator == null) {
            throw new IllegalArgumentException("protocolEnumerator");
        }
        if (TextUtils.isEmpty(str)) {
            throw new IllegalArgumentException("tokenLifetime");
        }
        if (requestTokenChoice == null || TextUtils.isEmpty(requestTokenChoice.m_location)) {
            throw new DeliveryServicesException(AsyncTaskStatus.StatusErrorUnsupportedAuthProtocol);
        }
        CitrixAuthChallenge tokenForServiceChallenge = protocolEnumerator.getTokenForServiceChallenge();
        aGAuthenticator.SetTokenRequestParameters(httpClient, requestTokenChoice.m_location, tokenForServiceChallenge.getRealm(), tokenForServiceChallenge.getRequestUri().toString(), str, aGAuthenticationInfo, str2);
    }

    private static void initializeCertificateClient(HttpClient httpClient, CertificateAuthenticator certificateAuthenticator, ProtocolEnumerator protocolEnumerator, String str, String str2) throws DeliveryServicesException {
        if (httpClient == null) {
            throw new IllegalArgumentException("httpClient");
        }
        if (certificateAuthenticator == null) {
            throw new IllegalArgumentException("explicitAuthenticator");
        }
        if (protocolEnumerator == null) {
            throw new IllegalArgumentException("protocolEnumerator");
        }
        if (TextUtils.isEmpty(str)) {
            throw new IllegalArgumentException("tokenLifetime");
        }
        if (TextUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("languages");
        }
        RequestTokenChoice FindProtocol = protocolEnumerator.FindProtocol(CertificateConstants.CERTIFICATE);
        if (FindProtocol == null || TextUtils.isEmpty(FindProtocol.m_location)) {
            Log.e("initializeExplicitClient", "Explicit protocol not found - cannot perform authentication");
            throw new DeliveryServicesException(AsyncTaskStatus.StatusErrorUnsupportedAuthProtocol);
        }
        CitrixAuthChallenge tokenForServiceChallenge = protocolEnumerator.getTokenForServiceChallenge();
        certificateAuthenticator.Initialise(httpClient, FindProtocol.m_location, tokenForServiceChallenge.getRealm(), tokenForServiceChallenge.getRequestUri().toString(), str, str2);
    }

    private static void initializeExplicitClient(HttpClient httpClient, ExplicitAuthenticator explicitAuthenticator, ProtocolEnumerator protocolEnumerator, String str, String str2) throws DeliveryServicesException {
        if (httpClient == null) {
            throw new IllegalArgumentException("httpClient");
        }
        if (explicitAuthenticator == null) {
            throw new IllegalArgumentException("explicitAuthenticator");
        }
        if (protocolEnumerator == null) {
            throw new IllegalArgumentException("protocolEnumerator");
        }
        if (TextUtils.isEmpty(str)) {
            throw new IllegalArgumentException("tokenLifetime");
        }
        if (TextUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("languages");
        }
        RequestTokenChoice FindProtocol = protocolEnumerator.FindProtocol("ExplicitForms");
        if (FindProtocol == null || TextUtils.isEmpty(FindProtocol.m_location)) {
            Log.e("initializeExplicitClient", "Explicit protocol not found - cannot perform authentication");
            throw new DeliveryServicesException(AsyncTaskStatus.StatusErrorUnsupportedAuthProtocol);
        }
        CitrixAuthChallenge tokenForServiceChallenge = protocolEnumerator.getTokenForServiceChallenge();
        explicitAuthenticator.Initialise(httpClient, FindProtocol.m_location, tokenForServiceChallenge.getRealm(), tokenForServiceChallenge.getRequestUri().toString(), str, str2);
    }

    public void Initialize(HttpClientHelper.IExtendedHttpClient iExtendedHttpClient, ProtocolEnumerator protocolEnumerator, CitrixAuthChallenge citrixAuthChallenge, ExplicitAuthenticator explicitAuthenticator, TokenManager tokenManager, AGAuthenticationInfo aGAuthenticationInfo, String str, boolean z) {
        if (iExtendedHttpClient == null) {
            throw new IllegalArgumentException("httpClient");
        }
        if (protocolEnumerator == null) {
            throw new IllegalArgumentException("protocolEnumerator");
        }
        if (citrixAuthChallenge == null) {
            throw new IllegalArgumentException("challenge");
        }
        if (explicitAuthenticator == null) {
            throw new IllegalArgumentException("explicitAuthenticator");
        }
        if (tokenManager == null) {
            throw new IllegalArgumentException("tokenManager");
        }
        if (aGAuthenticationInfo == null) {
            throw new IllegalArgumentException("agInfo");
        }
        this.m_httpClient = iExtendedHttpClient;
        this.m_protocolEnumerator = protocolEnumerator;
        this.m_tokenChallenge = citrixAuthChallenge;
        this.m_explicitAuthenticator = explicitAuthenticator;
        this.m_tokenManager = tokenManager;
        this.m_agAuthInfo = aGAuthenticationInfo;
        this.m_deviceId = str;
        this.m_bUseSmartcard = z;
    }

    public LoginRet Login() throws SSLException, IllegalStateException, ClientProtocolException, URISyntaxException, TransformerException, ParserConfigurationException, IOException, ClientNotInitializedException, XPathExpressionException, SAXException, DeliveryServicesException {
        Log.d("AuthenticationController::Login", "Entry");
        if (this.m_protocolEnumerator == null) {
            throw new IllegalStateException("m_protocolEnumerator");
        }
        if (this.m_httpClient == null) {
            throw new IllegalStateException("m_httpClient");
        }
        if (this.m_tokenChallenge == null) {
            throw new IllegalStateException("m_tokenChallenge");
        }
        this.m_httpClient.getCookieStore().clear();
        GetProtocolInformationForChallenge();
        switch (getAuthenticationMode()) {
            case Explicit:
                return doExplicitLogin();
            case AGSSO:
                return doAGSSOLogin();
            case AGBasic:
                return doAGBasic();
            case Certificate:
                return doSmartCardLogin();
            default:
                Log.e("AuthenticationController::Login", "No support authentication protocols found");
                throw new DeliveryServicesException(AsyncTaskStatus.StatusErrorUnsupportedAuthProtocol);
        }
    }

    public LoginRet LoginAttempt(LoginRet loginRet) throws SSLException, IllegalStateException, ClientProtocolException, XPathExpressionException, ClientNotInitializedException, TransformerException, ParserConfigurationException, IOException, SAXException, URISyntaxException, DeliveryServicesException {
        return getResult(loginRet.loginAction, loginRet.postParams);
    }

    public LoginRet cancelLogin(LoginRet loginRet) throws SSLException, IllegalStateException, ClientProtocolException, XPathExpressionException, ClientNotInitializedException, TransformerException, ParserConfigurationException, IOException, SAXException, URISyntaxException, DeliveryServicesException {
        return getResult(loginRet.loginAction, loginRet.postParams);
    }
}
