package com.xiaomi.finddevice.v2.net;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.content.ComponentName;
import android.content.Context;
import android.content.ServiceConnection;
import android.os.IBinder;
import android.os.RemoteException;
import android.os.UserManager;
import android.text.TextUtils;
import com.xiaomi.accountsdk.account.IXiaomiAccountService;
import com.xiaomi.accountsdk.account.data.ExtendedAuthToken;
import com.xiaomi.finddevice.common.util.KeyTool;
import com.xiaomi.finddevice.v2.DeviceTypeBasedFactory;
import com.xiaomi.finddevice.v2.IDeviceCredential;
import com.xiaomi.finddevice.v2.IDeviceCredentialProvider;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.Condition;
import java.util.concurrent.locks.ReentrantLock;
import miui.cloud.common.XLogger;

/* loaded from: classes.dex */
public class SecurityManager implements ServiceConnection {
    private Condition mAccountServiceCondition;
    private ReentrantLock mAccountSeviceLock;
    private Context mCtx;
    private IDeviceCredentialProvider mDeviceCredentialProvider;
    private IXiaomiAccountService mMiAccountService;
    private boolean mMiAccountServiceRequested;

    /* loaded from: classes.dex */
    public class AccountException extends Exception {
        public AccountException(String str) {
            super(str);
        }

        public AccountException(String str, Throwable th) {
            super(str, th);
        }
    }

    /* loaded from: classes.dex */
    public class NullDeviceCredentialException extends Exception {
        public NullDeviceCredentialException() {
        }

        public NullDeviceCredentialException(String str) {
            super(str);
        }
    }

    /* loaded from: classes.dex */
    public class SecurityContext {
        private Account[] mAccount;
        private IDeviceCredential[] mDeviceCredential;
        private ExtendedAuthToken mLastUsedAuthToken;

        public SecurityContext() {
        }

        public String deviceMark(String str, String str2, Map map, Map map2) {
            IDeviceCredential deviceCredential = getDeviceCredential();
            if (deviceCredential != null) {
                return SecurityManager.this.deviceMarkInner(deviceCredential, str, str2, map, map2);
            }
            throw new NullDeviceCredentialException();
        }

        public String deviceSign(String str, String str2, Map map, Map map2) {
            IDeviceCredential deviceCredential = getDeviceCredential();
            if (deviceCredential != null) {
                return SecurityManager.this.deviceSignInner(deviceCredential, str, str2, map, map2);
            }
            throw new NullDeviceCredentialException();
        }

        public IDeviceCredential getDeviceCredential() {
            if (this.mDeviceCredential == null) {
                this.mDeviceCredential = new IDeviceCredential[]{SecurityManager.this.getDeviceCredentialInner()};
            }
            return this.mDeviceCredential[0];
        }

        public Account getXiaomiAccount() {
            if (this.mAccount == null) {
                this.mAccount = new Account[]{SecurityManager.this.getXiaomiAccountInner()};
            }
            return this.mAccount[0];
        }

        public void invalidateAccountAuthToken() {
            if (!UserManager.get(SecurityManager.this.mCtx).isUserUnlocked()) {
                XLogger.logd("no need invalidateAccountAuthToken while user locked");
                return;
            }
            ExtendedAuthToken extendedAuthToken = this.mLastUsedAuthToken;
            if (extendedAuthToken != null) {
                SecurityManager.this.invalidateAccountAuthTokenInner(extendedAuthToken);
            }
        }

        public void markDeviceSignError() {
            IDeviceCredential[] iDeviceCredentialArr = this.mDeviceCredential;
            IDeviceCredential iDeviceCredential = iDeviceCredentialArr != null ? iDeviceCredentialArr[0] : null;
            if (iDeviceCredential != null) {
                iDeviceCredential.onSignError();
            }
        }

        public String passportMarkIfPossible(String str, String str2, Map map, Map map2) {
            Account xiaomiAccount = getXiaomiAccount();
            if (xiaomiAccount == null) {
                return null;
            }
            SecurityManager.this.passportMarkInner(xiaomiAccount, str, str2, map, map2);
            return xiaomiAccount.name;
        }

        public String passportSign(String str, String str2, Map map, Map map2) {
            if (!UserManager.get(SecurityManager.this.mCtx).isUserUnlocked()) {
                throw new AccountException("Account service unavailable before user unlocked. ");
            }
            Account xiaomiAccount = getXiaomiAccount();
            if (xiaomiAccount == null) {
                throw new AccountException("No account. ");
            }
            this.mLastUsedAuthToken = SecurityManager.this.passportSignInner(xiaomiAccount, str, str2, map, map2);
            return xiaomiAccount.name;
        }
    }

    private SecurityManager(Context context, IDeviceCredentialProvider iDeviceCredentialProvider) {
        ReentrantLock reentrantLock = new ReentrantLock();
        this.mAccountSeviceLock = reentrantLock;
        this.mAccountServiceCondition = reentrantLock.newCondition();
        this.mMiAccountService = null;
        this.mMiAccountServiceRequested = false;
        this.mCtx = context;
        this.mDeviceCredentialProvider = iDeviceCredentialProvider;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String deviceMarkInner(IDeviceCredential iDeviceCredential, String str, String str2, Map map, Map map2) {
        String fId = iDeviceCredential.getFId();
        map.put("cloudsp_fid", fId);
        return fId;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String deviceSignInner(IDeviceCredential iDeviceCredential, String str, String str2, Map map, Map map2) {
        String fId = iDeviceCredential.getFId();
        map.put("cloudsp_fid", fId);
        StringBuilder sb = new StringBuilder();
        sb.append(str.toUpperCase() + "&" + str2);
        for (Map.Entry entry : new TreeMap(map).entrySet()) {
            if (((String) entry.getKey()).startsWith("cloudsp_")) {
                sb.append("&" + ((String) entry.getKey()) + "=" + ((String) entry.getValue()));
            }
        }
        try {
            map.put("cloudp_sign", KeyTool.byteArrayToHex(iDeviceCredential.sign(sb.toString().getBytes("UTF-8"))).toLowerCase());
            return fId;
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("UTF-8 not supported?", e);
        }
    }

    private ExtendedAuthToken getAuthToken(Account account) {
        try {
            String string = AccountManager.get(this.mCtx).getAuthToken(account, "micloudfind", true, null, null).getResult(30000L, TimeUnit.MILLISECONDS).getString("authtoken");
            if (TextUtils.isEmpty(string)) {
                throw new AccountException("NULL auth token returned. ");
            }
            ExtendedAuthToken parse = ExtendedAuthToken.parse(string);
            if (parse != null) {
                return parse;
            }
            throw new AccountException("Bad auth token " + string + ". ");
        } catch (AuthenticatorException e) {
            throw new AccountException("Get auth token failed. ", e);
        } catch (OperationCanceledException e2) {
            throw new AccountException("Get auth token failed. ", e2);
        } catch (IOException e3) {
            XLogger.loge("Failed to get auth token, caused by IOException. ");
            throw e3;
        } catch (NullPointerException e4) {
            throw new AccountException("Get auth token failed. ", e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public IDeviceCredential getDeviceCredentialInner() {
        return getDeviceCredentialProvider().get(this.mCtx);
    }

    private IDeviceCredentialProvider getDeviceCredentialProvider() {
        IDeviceCredentialProvider iDeviceCredentialProvider = this.mDeviceCredentialProvider;
        return iDeviceCredentialProvider != null ? iDeviceCredentialProvider : DeviceTypeBasedFactory.getDeviceCredentialManager(this.mCtx);
    }

    private String getEncryptedAccountName(Account account) {
        try {
            return "" + waitMiAccountService().getEncryptedUserId(account);
        } catch (RemoteException e) {
            throw new AccountException("Get encrypted user id falied. ", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Account getXiaomiAccountInner() {
        Account[] accountsByType = AccountManager.get(this.mCtx).getAccountsByType("com.xiaomi");
        if (accountsByType.length <= 0) {
            return null;
        }
        Account account = accountsByType[0];
        if (TextUtils.isEmpty(account.name)) {
            return null;
        }
        return account;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void invalidateAccountAuthTokenInner(ExtendedAuthToken extendedAuthToken) {
        AccountManager.get(this.mCtx).invalidateAuthToken("com.xiaomi", "" + extendedAuthToken.toPlain());
    }

    public static SecurityManager obtain(Context context, IDeviceCredentialProvider iDeviceCredentialProvider) {
        return new SecurityManager(context, iDeviceCredentialProvider);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void passportMarkInner(Account account, String str, String str2, Map map, Map map2) {
        String str3 = account.name;
        map.put("cloudsp_userId", str3);
        map.put("userId", str3);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ExtendedAuthToken passportSignInner(Account account, String str, String str2, Map map, Map map2) {
        boolean z;
        ExtendedAuthToken authToken = getAuthToken(account);
        String encryptedAccountName = getEncryptedAccountName(account);
        map.put("cloudsp_userId", account.name);
        map.put("userId", account.name);
        StringBuilder sb = new StringBuilder();
        sb.append("serviceToken=");
        sb.append("" + authToken.authToken);
        sb.append(";cUserId=");
        sb.append(encryptedAccountName);
        List list = (List) map2.get("Cookie");
        if (list == null) {
            list = new ArrayList();
            z = true;
        } else {
            z = false;
        }
        list.add(sb.toString());
        if (z) {
            map2.put("Cookie", list);
        }
        return authToken;
    }

    /* JADX WARN: Code restructure failed: missing block: B:17:0x0047, code lost:
    
        throw new com.xiaomi.finddevice.v2.net.SecurityManager.AccountException("Unable to bind to the account service. ");
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private com.xiaomi.accountsdk.account.IXiaomiAccountService waitMiAccountService() {
        /*
            r5 = this;
            java.lang.String r0 = "com.xiaomi.account"
            java.util.concurrent.locks.ReentrantLock r1 = r5.mAccountSeviceLock     // Catch: java.lang.Throwable -> L48
            r1.lock()     // Catch: java.lang.Throwable -> L48
        L7:
            com.xiaomi.accountsdk.account.IXiaomiAccountService r1 = r5.mMiAccountService     // Catch: java.lang.Throwable -> L48
            if (r1 != 0) goto L50
            boolean r1 = r5.mMiAccountServiceRequested     // Catch: java.lang.Throwable -> L48
            if (r1 != 0) goto L4a
            r1 = 1
            r5.mMiAccountServiceRequested = r1     // Catch: java.lang.Throwable -> L48
            java.lang.String r2 = "Connecting to account service"
            java.lang.Object[] r2 = new java.lang.Object[]{r2}     // Catch: java.lang.Throwable -> L48
            miui.cloud.common.XLogger.log(r2)     // Catch: java.lang.Throwable -> L48
            android.content.Intent r2 = new android.content.Intent     // Catch: java.lang.Throwable -> L48
            java.lang.String r3 = "com.xiaomi.account.action.BIND_XIAOMI_ACCOUNT_SERVICE"
            r2.<init>(r3)     // Catch: java.lang.Throwable -> L48
            android.content.Intent r3 = new android.content.Intent     // Catch: java.lang.Throwable -> L48
            java.lang.String r4 = "android.intent.action.BIND_XIAOMI_ACCOUNT_SERVICE"
            r3.<init>(r4)     // Catch: java.lang.Throwable -> L48
            r2.setPackage(r0)     // Catch: java.lang.Throwable -> L48
            r3.setPackage(r0)     // Catch: java.lang.Throwable -> L48
            android.content.Context r4 = r5.mCtx     // Catch: java.lang.Throwable -> L48
            boolean r2 = r4.bindService(r2, r5, r1)     // Catch: java.lang.Throwable -> L48
            if (r2 != 0) goto L4a
            android.content.Context r2 = r5.mCtx     // Catch: java.lang.Throwable -> L48
            boolean r1 = r2.bindService(r3, r5, r1)     // Catch: java.lang.Throwable -> L48
            if (r1 == 0) goto L40
            goto L4a
        L40:
            com.xiaomi.finddevice.v2.net.SecurityManager$AccountException r0 = new com.xiaomi.finddevice.v2.net.SecurityManager$AccountException     // Catch: java.lang.Throwable -> L48
            java.lang.String r1 = "Unable to bind to the account service. "
            r0.<init>(r1)     // Catch: java.lang.Throwable -> L48
            throw r0     // Catch: java.lang.Throwable -> L48
        L48:
            r0 = move-exception
            goto L56
        L4a:
            java.util.concurrent.locks.Condition r1 = r5.mAccountServiceCondition     // Catch: java.lang.Throwable -> L48
            r1.await()     // Catch: java.lang.Throwable -> L48
            goto L7
        L50:
            java.util.concurrent.locks.ReentrantLock r5 = r5.mAccountSeviceLock
            r5.unlock()
            return r1
        L56:
            java.util.concurrent.locks.ReentrantLock r5 = r5.mAccountSeviceLock
            r5.unlock()
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.xiaomi.finddevice.v2.net.SecurityManager.waitMiAccountService():com.xiaomi.accountsdk.account.IXiaomiAccountService");
    }

    public SecurityContext newSecurityContext() {
        return new SecurityContext();
    }

    @Override // android.content.ServiceConnection
    public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
        try {
            this.mAccountSeviceLock.lock();
            XLogger.log("Connected to account service");
            this.mMiAccountService = IXiaomiAccountService.Stub.asInterface(iBinder);
            this.mAccountServiceCondition.signalAll();
        } finally {
            this.mAccountSeviceLock.unlock();
        }
    }

    @Override // android.content.ServiceConnection
    public void onServiceDisconnected(ComponentName componentName) {
        try {
            this.mAccountSeviceLock.lock();
            XLogger.log("Account service disconnected. ");
            this.mMiAccountService = null;
            this.mMiAccountServiceRequested = false;
            this.mCtx.unbindService(this);
        } finally {
            this.mAccountSeviceLock.unlock();
        }
    }

    public void release() {
        try {
            this.mAccountSeviceLock.lock();
            if (this.mMiAccountServiceRequested) {
                this.mCtx.unbindService(this);
            }
        } finally {
            this.mAccountSeviceLock.unlock();
        }
    }
}
