package com.enterprise.permission.inner;

import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.database.ContentObserver;
import android.net.ConnectivityManager;
import android.net.Network;
import android.os.Binder;
import android.os.Handler;
import android.os.Looper;
import android.os.Message;
import android.os.PowerManager;
import android.os.Process;
import android.os.SystemClock;
import android.os.SystemProperties;
import android.provider.Settings;
import android.text.TextUtils;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.TypeReference;
import com.alibaba.fastjson.parser.Feature;
import com.enterprise.permission.inner.PermissionManagerInner;
import com.enterprise.permission.inner.info.AppInfo;
import com.enterprise.permission.inner.info.PermissionInfo;
import com.enterprise.permission.inner.server.ServerHelper;
import com.enterprise.permission.inner.session.CertificateSession;
import com.enterprise.permission.inner.session.EnterpriseSession;
import com.enterprise.permission.inner.session.LicenseSession;
import com.enterprise.permission.inner.utils.DateUtil;
import com.enterprise.permission.inner.utils.DigestUtil;
import com.enterprise.permission.inner.utils.LogUtil;
import com.enterprise.permission.inner.utils.TerminalUtil;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.function.IntConsumer;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.HttpUrl;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.xmlpull.v1.XmlPullParserException;

/* loaded from: classes.dex */
public class PermissionManagerInner {
    private static final String APK_CONTAINS_CERT = "apk_contains_cert";
    private static final String APK_CONTAINS_ENT_CERT = "apk_contains_ent_cert";
    private static final int APK_CONTAINS_ENT_CERT_VALUE = 1;
    private static final String CONTROLLED_PERMISSION_CONFIG = "/etc/cerp.cfg";
    private static final String MDM_CRITICAL_API_FOR_TESTMDM = "2111";
    private static final String MDM_PERMISSION_CRITICAL = "com.oplus.permission.sec.MDM_CRITICAL";
    private static final String MDM_PERMISSION_PHONE_MANAGER = "com.oplus.permission.sec.MDM_PHONE_MANAGER";
    private static final int MSG_DO_SERVER_VALIDATION = 2;
    private static final int MSG_FETCH_DOMAINS = 1;
    private static final int MSG_GET_API_VERSION_FROM_SERVER = 6;
    private static final int MSG_GET_SERVER_TIME = 5;
    private static final int MSG_PACKAGE_ADDED = 3;
    private static final int MSG_PACKAGE_REMOVED = 4;
    private static final int NO_APK_CONTAINS_ENT_CERT_VALUE = 0;
    public static long POLLING_INTERVAL = 28800000;
    private static final long RANDOM_RANGE = 14400000;
    private static final String SETTINGS_CTA_UPDATE_SERVICE = "oplus_customize_cta_update_service";
    private static final String TAG = "PermissionManagerInner";
    private static final String TESTMDM_PACKAGE_NAME = "com.oplustest.testmdm";
    private volatile String apiVersion;
    private Map<String, String> appsScannedDuringBoot;
    private ConnectivityManager connectivityManager;
    private final Context context;
    private volatile int ctaUpdateService;
    private String deviceId;
    private int internalKey;
    private boolean isTestMdmInstalled;
    private String openId;
    private PackageManager packageManager;
    private String replaceLicenseKey;
    private final ServerHelper serverHelper;
    private int verificationType;
    private final Map<String, EnterpriseSession> enterpriseSessionMap = new ConcurrentHashMap(1);
    private int domainFetchRetryCount = 0;
    private boolean isNeedSkipPermissionCheck = false;
    private volatile boolean networkAvailable = false;
    private volatile long bootTime = -1;
    private final AtomicInteger getServerTimeRetryCount = new AtomicInteger(0);
    private final AtomicInteger matchAPIVersionRetryCount = new AtomicInteger(0);
    private final BroadcastReceiver packageChangeReceiver = new BroadcastReceiver() { // from class: com.enterprise.permission.inner.PermissionManagerInner.6
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            String action = intent.getAction();
            if ("android.intent.action.PACKAGE_ADDED".equals(action)) {
                PermissionManagerInner.this.sendPackageChangedMessage(3, intent.getData().getSchemeSpecificPart());
            } else if ("android.intent.action.PACKAGE_REMOVED".equals(action)) {
                PermissionManagerInner.this.sendPackageChangedMessage(4, intent.getData().getSchemeSpecificPart());
            }
        }
    };
    private final BroadcastReceiver shutdownReceiver = new BroadcastReceiver() { // from class: com.enterprise.permission.inner.PermissionManagerInner.7
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            synchronized (PermissionManagerInner.class) {
                if (intent != null) {
                    if ("android.intent.action.ACTION_SHUTDOWN".equals(intent.getAction()) || "android.intent.action.REBOOT".equals(intent.getAction())) {
                        PowerManager.WakeLock newWakeLock = ((PowerManager) context.getSystemService("power")).newWakeLock(1, "PermissionManagerInner:");
                        newWakeLock.acquire(600000L);
                        PermissionManagerInner.this.storeValidSessionsToFile();
                        newWakeLock.release();
                    }
                }
            }
        }
    };
    private final Handler handler = new AnonymousClass8(Looper.getMainLooper());
    private final Set<String> controlledPermissions = new HashSet(2);
    private final String spTestMdmVerificationType = "testMdmVerificationType";
    private final String spVerificationType = "verificationType";
    private final String spReplaceLicenseKey = "replaceLicenseKey";

    /* renamed from: com.enterprise.permission.inner.PermissionManagerInner$8, reason: invalid class name */
    /* loaded from: classes.dex */
    public class AnonymousClass8 extends Handler {
        public AnonymousClass8(Looper looper) {
            super(looper);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public /* synthetic */ void lambda$handleMessage$0(EnterpriseSession enterpriseSession) {
            LogUtil.i(PermissionManagerInner.TAG, enterpriseSession.getAppInfo().getPackageName() + " terminal verification passed");
            PermissionManagerInner.this.addSessionToCacheMap(enterpriseSession);
            PermissionManagerInner.this.doServerVerification(enterpriseSession);
        }

        @Override // android.os.Handler
        public void handleMessage(Message message) {
            super.handleMessage(message);
            int i2 = message.what;
            switch (i2) {
                case 1:
                    PermissionManagerInner.this.doVerificationWork();
                    return;
                case 2:
                    Object obj = message.obj;
                    if (obj == null || hasMessages(i2, obj)) {
                        return;
                    }
                    EnterpriseSession enterpriseSession = (EnterpriseSession) PermissionManagerInner.this.enterpriseSessionMap.get((String) message.obj);
                    if (enterpriseSession != null) {
                        PermissionManagerInner.this.doServerVerification(enterpriseSession);
                        return;
                    }
                    return;
                case 3:
                    Object obj2 = message.obj;
                    if (obj2 != null) {
                        String str = (String) obj2;
                        if (str.equals(PermissionManagerInner.TESTMDM_PACKAGE_NAME)) {
                            LogUtil.i(PermissionManagerInner.TAG, "testMdm is added, set enterprise flag");
                            PermissionManagerInner.this.isTestMdmInstalled = true;
                            PermissionManagerInner.this.setEnterpriseFlag();
                        }
                        try {
                            PermissionManagerInner.this.doTerminalVerification(new AppInfo(str, TerminalUtil.getApkSourceDir(str, PermissionManagerInner.this.packageManager))).ifPresent(new Consumer() { // from class: com.enterprise.permission.inner.r
                                @Override // java.util.function.Consumer
                                public final void accept(Object obj3) {
                                    PermissionManagerInner.AnonymousClass8.this.lambda$handleMessage$0((EnterpriseSession) obj3);
                                }
                            });
                            return;
                        } catch (PackageManager.NameNotFoundException e3) {
                            LogUtil.e(PermissionManagerInner.TAG, str + " not found", e3);
                            return;
                        }
                    }
                    return;
                case 4:
                    Object obj3 = message.obj;
                    if (obj3 != null) {
                        String str2 = (String) obj3;
                        if (str2.equals(PermissionManagerInner.TESTMDM_PACKAGE_NAME)) {
                            LogUtil.i(PermissionManagerInner.TAG, "testMdm is removed");
                            PermissionManagerInner.this.isTestMdmInstalled = false;
                        }
                        EnterpriseSession enterpriseSession2 = (EnterpriseSession) PermissionManagerInner.this.enterpriseSessionMap.get(str2);
                        if (enterpriseSession2 != null) {
                            PermissionManagerInner.this.removeSessionFromCacheMap(enterpriseSession2);
                            return;
                        }
                        return;
                    }
                    return;
                case 5:
                    if (hasMessages(5)) {
                        return;
                    }
                    PermissionManagerInner.this.getServerTimeStampFromServer();
                    return;
                case 6:
                    if (hasMessages(6)) {
                        return;
                    }
                    PermissionManagerInner.this.getAPIVersionFromServer();
                    return;
                default:
                    return;
            }
        }
    }

    /* loaded from: classes.dex */
    public static class ResponseObject<T> {
        public static final int INTERNAL_ERROR = 10500;
        public static final int INVALID = 10400;
        public static final int OPENID_INVALID = 10401;
        public static final int SUCCESS = 10200;
        public Integer code;
        public T data;
        public String msg;

        private ResponseObject() {
        }

        public static <T> ResponseObject<T> fromJson(String str, Class<T> cls) {
            try {
                return (ResponseObject) JSON.parseObject(str, new TypeReference<ResponseObject<T>>(cls) { // from class: com.enterprise.permission.inner.PermissionManagerInner.ResponseObject.1
                }, new Feature[0]);
            } catch (Throwable th) {
                LogUtil.e(PermissionManagerInner.TAG, "parse json failed", th);
                return null;
            }
        }

        public String toString() {
            return "Response is {code=" + this.code + ", msg=" + this.msg + ", data={" + this.data + "}}";
        }
    }

    /* loaded from: classes.dex */
    public static class ValidationResult {
        public static final int DISABLED = 4;
        public static final int EXPIRED = 3;
        public static final int GUID_NOT_FOUND = 5;
        public static final int LICENSE_NOT_EXIST = 2;
        public static final int NORMAL = 1;
        public String apis;
        public Long fromTime;
        public String permissions;
        public Long serverTime;
        public Integer status;
        public Long toTime;

        private ValidationResult() {
        }

        public static String statusToString(int i2) {
            return i2 != 1 ? i2 != 2 ? i2 != 3 ? i2 != 4 ? i2 != 5 ? "unknown status" : "guid not fount" : "disabled" : "expired" : "certificate or license not exist" : "normal";
        }

        public String toString() {
            return "fromTime=" + this.fromTime + ", toTime=" + this.toTime + ", status=" + this.status + ", serverTime=" + this.serverTime + ", permissions=" + this.permissions + ", apis=" + this.apis;
        }
    }

    public PermissionManagerInner(Context context) {
        LogUtil.v(TAG, "permissionManagerInner start creating");
        this.context = context;
        this.serverHelper = new ServerHelper(context);
        this.ctaUpdateService = Settings.System.getInt(context.getContentResolver(), SETTINGS_CTA_UPDATE_SERVICE, 0);
        initControlledPermissions();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addSessionToCacheMap(EnterpriseSession enterpriseSession) {
        LogUtil.v(TAG, "put " + enterpriseSession.getAppInfo().getPackageName() + " session to cache map");
        this.enterpriseSessionMap.put(enterpriseSession.getAppInfo().getPackageName(), enterpriseSession);
        setEnterpriseFlag();
    }

    private boolean areDomainsReady() {
        this.deviceId = TerminalUtil.getDeviceId(this.context);
        this.openId = TerminalUtil.getOpenId(this.context);
        this.packageManager = this.context.getPackageManager();
        this.connectivityManager = (ConnectivityManager) this.context.getSystemService("connectivity");
        if (!TextUtils.isEmpty(this.deviceId) && !TextUtils.isEmpty(this.openId) && this.packageManager != null && this.connectivityManager != null) {
            LogUtil.i(TAG, "domains are all ready");
            return true;
        }
        int i2 = this.domainFetchRetryCount + 1;
        this.domainFetchRetryCount = i2;
        if (i2 > 1000) {
            return false;
        }
        LogUtil.v(TAG, "domainFetchRetryCount = " + this.domainFetchRetryCount);
        this.handler.sendEmptyMessageDelayed(1, ((long) this.domainFetchRetryCount) * 100);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cancelWorkIfNetworkLost() {
        LogUtil.i(TAG, "cancel network-dependent work, remove all delay messages and reset retry count");
        this.handler.removeMessages(2);
        this.handler.removeMessages(5);
        this.handler.removeMessages(6);
        this.enterpriseSessionMap.values().forEach(new Consumer() { // from class: com.enterprise.permission.inner.p
            @Override // java.util.function.Consumer
            public final void accept(Object obj) {
                PermissionManagerInner.lambda$cancelWorkIfNetworkLost$3((EnterpriseSession) obj);
            }
        });
        this.getServerTimeRetryCount.set(0);
        this.matchAPIVersionRetryCount.set(0);
    }

    private boolean checkCallingUidPermission() {
        LogUtil.v(TAG, "checkCallingUidPermission getCallingUid: " + Binder.getCallingUid() + "; myUid: " + Process.myUid());
        return Binder.getCallingUid() == Process.myUid();
    }

    private boolean checkPermission(String str, String str2) {
        if (skipCheckPermission(str) || checkCallingUidPermission()) {
            return true;
        }
        final String[] split = str2.split(",");
        String str3 = split[0];
        final ArrayList arrayList = new ArrayList();
        IntStream.range(1, split.length).forEach(new IntConsumer() { // from class: com.enterprise.permission.inner.e
            @Override // java.util.function.IntConsumer
            public final void accept(int i2) {
                PermissionManagerInner.lambda$checkPermission$9(arrayList, split, i2);
            }
        });
        if (!this.controlledPermissions.contains(str3)) {
            return false;
        }
        if (isSpecialApiForTestMdm(str, str3, arrayList)) {
            return true;
        }
        return checkPermissionAndApis(str, str3, arrayList);
    }

    private boolean checkPermissionAndApis(String str, String str2, List<String> list) {
        synchronized (PermissionManagerInner.class) {
            EnterpriseSession enterpriseSession = this.enterpriseSessionMap.get(str);
            if (enterpriseSession == null || !enterpriseSession.isValidSession(getCurrentTime())) {
                LogUtil.w(TAG, "not contain valid session for " + str);
                return false;
            }
            if (!enterpriseSession.getPermissionInfo().getPermissions().contains(str2)) {
                LogUtil.w(TAG, "check permission failed for " + str + " use permission " + str2);
                return false;
            }
            for (String str3 : list) {
                if (!enterpriseSession.getPermissionInfo().getApis().contains(str3)) {
                    LogUtil.w(TAG, "check api failed for " + str + " use api " + str3);
                    return false;
                }
            }
            LogUtil.i(TAG, "check permission and apis pass for " + str + " use permission " + str2 + " use api " + list);
            return true;
        }
    }

    private void deleteStoredSessionFile(EnterpriseSession enterpriseSession) {
        File file = new File(this.context.getFilesDir(), enterpriseSession.getAppInfo().getPackageName());
        if (file.exists() && file.delete()) {
            LogUtil.v(TAG, "delete stored session file for " + enterpriseSession.getAppInfo().getPackageName());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doServerVerification(final EnterpriseSession enterpriseSession) {
        final String packageName = enterpriseSession.getAppInfo().getPackageName();
        LogUtil.i(TAG, "try to do server verification for " + packageName);
        if (!enterpriseSession.isNeedServerVerification(getCurrentTime())) {
            LogUtil.i(TAG, packageName + " does not need server verification now, cancel server verification");
            return;
        }
        if (isNetworkAvailable()) {
            Map<String, String> uploadFields = enterpriseSession.getUploadFields();
            uploadFields.put("openId", this.openId);
            this.serverHelper.doServerVerificationWork(uploadFields, new Callback() { // from class: com.enterprise.permission.inner.PermissionManagerInner.3
                @Override // okhttp3.Callback
                public void onFailure(Call call, IOException iOException) {
                    PermissionManagerInner.this.sendServerVerificationMessageDelayed(enterpriseSession, false);
                }

                /* JADX WARN: Multi-variable type inference failed */
                @Override // okhttp3.Callback
                public void onResponse(Call call, Response response) throws IOException {
                    LogUtil.i(PermissionManagerInner.TAG, "receiver server verification response for " + packageName);
                    ResponseBody body = response.body();
                    try {
                        if (!response.isSuccessful()) {
                            LogUtil.w(PermissionManagerInner.TAG, "server verification response failed throw Exception " + response.code());
                            PermissionManagerInner.this.sendServerVerificationMessageDelayed(enterpriseSession, false);
                            if (body != null) {
                                body.close();
                                return;
                            }
                            return;
                        }
                        String string = body.string();
                        ResponseObject fromJson = ResponseObject.fromJson(string, ValidationResult.class);
                        if (fromJson != null) {
                            LogUtil.d(PermissionManagerInner.TAG, "json:" + string + ", result: " + fromJson);
                            if (fromJson.code.intValue() == 10200) {
                                PermissionManagerInner.this.updateSessionFromServer(enterpriseSession, (ValidationResult) fromJson.data);
                            } else {
                                PermissionManagerInner.this.responseErrorLog(fromJson);
                            }
                            PermissionManagerInner.this.sendServerVerificationMessageDelayed(enterpriseSession, true);
                        } else {
                            PermissionManagerInner.this.sendServerVerificationMessageDelayed(enterpriseSession, false);
                        }
                        body.close();
                    } catch (Throwable th) {
                        if (body != null) {
                            try {
                                body.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                }
            }, TESTMDM_PACKAGE_NAME.equals(packageName));
            return;
        }
        LogUtil.i(TAG, "network is unavailable, cancel server verification for " + packageName);
        enterpriseSession.serverVerificationRetryCount.set(0);
    }

    private void doServerVerificationForCachedApps() {
        LogUtil.i(TAG, "do server verification for cached apps");
        this.enterpriseSessionMap.values().forEach(new Consumer() { // from class: com.enterprise.permission.inner.k
            @Override // java.util.function.Consumer
            public final void accept(Object obj) {
                PermissionManagerInner.this.doServerVerification((EnterpriseSession) obj);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Optional<? extends EnterpriseSession> doTerminalVerification(AppInfo appInfo) {
        int sessionType;
        try {
            sessionType = TerminalUtil.getSessionType(appInfo, this.packageManager);
            if (appInfo.getPackageName().equals(TESTMDM_PACKAGE_NAME)) {
                sessionType = this.verificationType;
            }
        } catch (Throwable th) {
            LogUtil.e(TAG, "unknown session type", th);
        }
        if (sessionType == 0) {
            LogUtil.i(TAG, appInfo.getPackageName() + " session type is certificate");
            return doTerminalVerificationForCertificate(appInfo);
        }
        if (sessionType == 1) {
            LogUtil.i(TAG, appInfo.getPackageName() + " session type is license");
            return doTerminalVerificationForLicense(appInfo);
        }
        return Optional.empty();
    }

    private Optional<CertificateSession> doTerminalVerificationForCertificate(AppInfo appInfo) {
        try {
            String parseCertificateToString = TerminalUtil.parseCertificateToString(appInfo.getSourceDir(), this.context.getCacheDir());
            if (TextUtils.isEmpty(parseCertificateToString)) {
                LogUtil.w(TAG, "parse certificate failed");
                return Optional.empty();
            }
            if (!TerminalUtil.isValidCertificate(parseCertificateToString)) {
                LogUtil.w(TAG, "invalid certificate, some properties not exist");
                return Optional.empty();
            }
            LogUtil.d(TAG, "loading certificate: " + parseCertificateToString);
            Properties properties = new Properties();
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(parseCertificateToString.getBytes());
            try {
                properties.load(byteArrayInputStream);
                int indexOf = parseCertificateToString.indexOf(TerminalUtil.CERT_TAG_SIGNATURE);
                if (indexOf == -1) {
                    LogUtil.w(TAG, "invalid certificate, invalid content");
                    Optional<CertificateSession> empty = Optional.empty();
                    byteArrayInputStream.close();
                    return empty;
                }
                if (!TerminalUtil.checkSignature(parseCertificateToString.substring(0, indexOf), properties.getProperty(TerminalUtil.CERT_TAG_SIGNATURE))) {
                    LogUtil.w(TAG, "invalid certificate, invalid signature");
                    Optional<CertificateSession> empty2 = Optional.empty();
                    byteArrayInputStream.close();
                    return empty2;
                }
                String property = properties.getProperty(TerminalUtil.CERT_TAG_PACKAGE_NAME);
                String property2 = properties.getProperty(TerminalUtil.CERT_TAG_LICENCE_CODE);
                String property3 = properties.getProperty(TerminalUtil.CERT_TAG_PERMISSIONS);
                String property4 = properties.getProperty(TerminalUtil.CERT_TAG_VALID_FROM);
                String property5 = properties.getProperty(TerminalUtil.CERT_TAG_VALID_TO);
                String property6 = properties.getProperty(TerminalUtil.CERT_TAG_TYPE, TerminalUtil.CERT_TYPE_ONLINE);
                String property7 = properties.getProperty(TerminalUtil.CERT_TAG_CRITICAL_APIS, HttpUrl.FRAGMENT_ENCODE_SET);
                String property8 = properties.getProperty(TerminalUtil.CERT_TAG_DEVICE_IDS);
                String property9 = properties.getProperty(TerminalUtil.CERT_TAG_APK_HASH);
                String property10 = properties.getProperty(TerminalUtil.CERT_TAG_MATCHING_TABLE, HttpUrl.FRAGMENT_ENCODE_SET);
                if (!TextUtils.isEmpty(property) && !TextUtils.isEmpty(property2) && !TextUtils.isEmpty(property3) && !TextUtils.isEmpty(property4) && !TextUtils.isEmpty(property5) && !TextUtils.isEmpty(property8) && !TextUtils.isEmpty(property9)) {
                    if (!appInfo.getPackageName().equals(property)) {
                        LogUtil.w(TAG, "invalid certificate, invalid packageName");
                        Optional<CertificateSession> empty3 = Optional.empty();
                        byteArrayInputStream.close();
                        return empty3;
                    }
                    if (!"*".equals(property9.trim())) {
                        DigestUtil manifestDigest = TerminalUtil.getManifestDigest(appInfo.getSourceDir(), this.context.getCacheDir());
                        if (manifestDigest == null) {
                            LogUtil.w(TAG, "invalid certificate, Failed to get META-INF/MANIFEST.MF");
                            Optional<CertificateSession> empty4 = Optional.empty();
                            byteArrayInputStream.close();
                            return empty4;
                        }
                        String hash = manifestDigest.getHash();
                        if (!property9.equals(hash)) {
                            LogUtil.w(TAG, "invalid certificate, Package has mismatched apk hash: expected " + property9 + ", got " + hash);
                            Optional<CertificateSession> empty5 = Optional.empty();
                            byteArrayInputStream.close();
                            return empty5;
                        }
                    } else if ("*".equals(property8.trim())) {
                        LogUtil.w(TAG, "invalid certificate, both apkhash & deviceid are *");
                        Optional<CertificateSession> empty6 = Optional.empty();
                        byteArrayInputStream.close();
                        return empty6;
                    }
                    if (!"*".equals(property8.trim()) && !property8.contains(this.deviceId)) {
                        LogUtil.w(TAG, "invalid certificate, IMEI isn't in the device list");
                        Optional<CertificateSession> empty7 = Optional.empty();
                        byteArrayInputStream.close();
                        return empty7;
                    }
                    PermissionInfo permissionInfo = new PermissionInfo((List) Arrays.stream(property3.split(";")).map(c.f1481a).collect(Collectors.toList()), (List) Arrays.stream(property7.split(";")).map(c.f1481a).collect(Collectors.toList()));
                    boolean equals = property6.equals(TerminalUtil.CERT_TYPE_ONLINE);
                    Date parseStringToDate = DateUtil.parseStringToDate(property4);
                    Date parseStringToDate2 = DateUtil.parseStringToDate(property5);
                    CertificateSession certificateSession = new CertificateSession(appInfo, permissionInfo, property9, property2, property8, equals);
                    certificateSession.setValidFrom(parseStringToDate);
                    certificateSession.setValidTo(parseStringToDate2);
                    if (!equals) {
                        LogUtil.i(TAG, "mark offline certificate session for " + property + " as verity success");
                        certificateSession.setVerifyStatus(1);
                        getAPIVersionFromOfflineCertificate(property10);
                    }
                    Optional<CertificateSession> of = Optional.of(certificateSession);
                    byteArrayInputStream.close();
                    return of;
                }
                LogUtil.w(TAG, "invalid certificate, some values not exist");
                Optional<CertificateSession> empty8 = Optional.empty();
                byteArrayInputStream.close();
                return empty8;
            } finally {
            }
        } catch (IOException | ParseException e3) {
            LogUtil.e(TAG, "parse certificate failed for " + appInfo.getPackageName(), e3);
            return Optional.empty();
        }
    }

    private Optional<LicenseSession> doTerminalVerificationForLicense(AppInfo appInfo) {
        try {
            String mdmLicenseKey = TerminalUtil.getMdmLicenseKey(appInfo, this.packageManager);
            if (appInfo.getPackageName().equals(TESTMDM_PACKAGE_NAME) && this.verificationType == 1) {
                mdmLicenseKey = this.replaceLicenseKey;
            }
            if (TextUtils.isEmpty(mdmLicenseKey)) {
                LogUtil.w(TAG, appInfo.getPackageName() + " license is empty, license verification failed");
                return Optional.empty();
            }
            DigestUtil fromInputStream = DigestUtil.fromInputStream(new FileInputStream(appInfo.getSourceDir()));
            if (fromInputStream == null) {
                LogUtil.w(TAG, appInfo.getPackageName() + " digest is null, license verification failed");
                return Optional.empty();
            }
            String hash = fromInputStream.getHash();
            LogUtil.i(TAG, "packageName = " + appInfo.getPackageName() + ", licenseKey = " + mdmLicenseKey + ", apkHash = " + hash);
            return Optional.of(new LicenseSession(appInfo, hash, mdmLicenseKey));
        } catch (PackageManager.NameNotFoundException | FileNotFoundException e3) {
            LogUtil.e(TAG, "parse license failed for " + appInfo.getPackageName(), e3);
            return Optional.empty();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doWorkIfNetworkAvailable() {
        LogUtil.i(TAG, "do network-dependent work");
        doServerVerificationForCachedApps();
        getServerTimeStampFromServer();
        getAPIVersionFromServer();
    }

    private void getAPIVersionFromOfflineCertificate(String str) {
        try {
            final LinkedHashMap linkedHashMap = new LinkedHashMap(5);
            Arrays.stream(str.split(";")).forEach(new Consumer() { // from class: com.enterprise.permission.inner.o
                @Override // java.util.function.Consumer
                public final void accept(Object obj) {
                    PermissionManagerInner.lambda$getAPIVersionFromOfflineCertificate$4(linkedHashMap, (String) obj);
                }
            });
            linkedHashMap.entrySet().stream().filter(new Predicate() { // from class: com.enterprise.permission.inner.g
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    boolean lambda$getAPIVersionFromOfflineCertificate$5;
                    lambda$getAPIVersionFromOfflineCertificate$5 = PermissionManagerInner.this.lambda$getAPIVersionFromOfflineCertificate$5((Map.Entry) obj);
                    return lambda$getAPIVersionFromOfflineCertificate$5;
                }
            }).findFirst().ifPresent(new Consumer() { // from class: com.enterprise.permission.inner.m
                @Override // java.util.function.Consumer
                public final void accept(Object obj) {
                    PermissionManagerInner.this.lambda$getAPIVersionFromOfflineCertificate$6((Map.Entry) obj);
                }
            });
        } catch (Throwable th) {
            LogUtil.e(TAG, "exception while matching APIVersion", th);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void getAPIVersionFromServer() {
        LogUtil.i(TAG, "try to get API version from server");
        if (this.internalKey == 0) {
            LogUtil.i(TAG, "internal key is 0, cancel get api version");
            return;
        }
        if (!TextUtils.isEmpty(this.apiVersion)) {
            LogUtil.i(TAG, "api version is successfully obtained");
            return;
        }
        if (!isNetworkAvailable()) {
            LogUtil.i(TAG, "network is unavailable, cancel get api version");
            this.matchAPIVersionRetryCount.set(0);
            return;
        }
        String str = SystemProperties.get("ro.build.version.oplusrom");
        if (TextUtils.isEmpty(str)) {
            LogUtil.i(TAG, "colorosVersion is null, can not getAPIVersion");
            return;
        }
        n.a aVar = new n.a(2);
        aVar.put("InternalKey", String.valueOf(this.internalKey));
        aVar.put("ColorosVersion", str);
        this.serverHelper.doMatchAPIVersionWork(aVar, new Callback() { // from class: com.enterprise.permission.inner.PermissionManagerInner.5
            @Override // okhttp3.Callback
            public void onFailure(Call call, IOException iOException) {
                PermissionManagerInner.this.sendMatchAPIVersionMessageDelayed();
            }

            /* JADX WARN: Multi-variable type inference failed */
            @Override // okhttp3.Callback
            public void onResponse(Call call, Response response) throws IOException {
                LogUtil.i(PermissionManagerInner.TAG, "receiver match api version response");
                ResponseBody body = response.body();
                try {
                    if (!response.isSuccessful()) {
                        LogUtil.w(PermissionManagerInner.TAG, "match api version response failed throw Exception " + response.code());
                        PermissionManagerInner.this.sendMatchAPIVersionMessageDelayed();
                        if (body != null) {
                            body.close();
                            return;
                        }
                        return;
                    }
                    String string = body.string();
                    ResponseObject fromJson = ResponseObject.fromJson(string, String.class);
                    if (fromJson != null) {
                        LogUtil.d(PermissionManagerInner.TAG, "json:" + string + ", result: " + fromJson);
                        if (fromJson.code.intValue() == 10200) {
                            PermissionManagerInner.this.apiVersion = (String) fromJson.data;
                            LogUtil.i(PermissionManagerInner.TAG, "successfully fetched api version from server @ " + PermissionManagerInner.this.apiVersion);
                        } else {
                            PermissionManagerInner.this.responseErrorLog(fromJson);
                        }
                    } else {
                        PermissionManagerInner.this.sendMatchAPIVersionMessageDelayed();
                    }
                    body.close();
                } catch (Throwable th) {
                    if (body != null) {
                        try {
                            body.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            }
        });
    }

    private Date getCurrentTime() {
        Date date = new Date();
        if (this.bootTime != -1) {
            date.setTime(SystemClock.elapsedRealtime() + this.bootTime);
        }
        return date;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void getServerTimeStampFromServer() {
        LogUtil.i(TAG, "try to get server time");
        if (this.bootTime != -1) {
            LogUtil.i(TAG, "time was successfully obtained from the server");
            return;
        }
        if (!isNetworkAvailable()) {
            LogUtil.i(TAG, "network is unavailable, cancel get server time");
            this.getServerTimeRetryCount.set(0);
        } else {
            n.a aVar = new n.a(1);
            aVar.put("openId", this.openId);
            this.serverHelper.doGetServerTimeWork(aVar, new Callback() { // from class: com.enterprise.permission.inner.PermissionManagerInner.4
                @Override // okhttp3.Callback
                public void onFailure(Call call, IOException iOException) {
                    PermissionManagerInner.this.sendGetServerTimeMessageDelayed();
                }

                /* JADX WARN: Multi-variable type inference failed */
                @Override // okhttp3.Callback
                public void onResponse(Call call, Response response) throws IOException {
                    LogUtil.i(PermissionManagerInner.TAG, "receiver server time response");
                    ResponseBody body = response.body();
                    try {
                        if (!response.isSuccessful()) {
                            LogUtil.w(PermissionManagerInner.TAG, "get server time response failed throw Exception " + response.code());
                            PermissionManagerInner.this.sendGetServerTimeMessageDelayed();
                            if (body != null) {
                                body.close();
                                return;
                            }
                            return;
                        }
                        String string = body.string();
                        ResponseObject fromJson = ResponseObject.fromJson(string, Long.class);
                        if (fromJson != null) {
                            LogUtil.d(PermissionManagerInner.TAG, "json:" + string + ", result: " + fromJson);
                            if (fromJson.code.intValue() == 10200) {
                                PermissionManagerInner.this.bootTime = ((Long) fromJson.data).longValue() - SystemClock.elapsedRealtime();
                                LogUtil.i(PermissionManagerInner.TAG, "successfully fetched time from server @ " + fromJson.data + ", set bootTime to " + PermissionManagerInner.this.bootTime);
                            } else {
                                PermissionManagerInner.this.responseErrorLog(fromJson);
                            }
                        } else {
                            PermissionManagerInner.this.sendGetServerTimeMessageDelayed();
                        }
                        body.close();
                    } catch (Throwable th) {
                        if (body != null) {
                            try {
                                body.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                }
            });
        }
    }

    private void initControlledPermissions() {
        this.controlledPermissions.add(MDM_PERMISSION_PHONE_MANAGER);
        this.controlledPermissions.add(MDM_PERMISSION_CRITICAL);
        readExtraPermissionsFromFile("/system/etc/cerp.cfg");
        readExtraPermissionsFromFile("/custom/etc/cerp.cfg");
        if (LogUtil.DEBUG) {
            readExtraPermissionsFromFile("/data/etc/cerp.cfg");
        }
    }

    private boolean isNetworkAvailable() {
        if (this.ctaUpdateService != 0) {
            return this.networkAvailable;
        }
        LogUtil.i(TAG, "ctaUpdateService is 0, can't access network");
        return false;
    }

    private boolean isSpecialApiForTestMdm(String str, String str2, List<String> list) {
        if (!str.equals(TESTMDM_PACKAGE_NAME) || !str2.equals(MDM_PERMISSION_CRITICAL) || !list.contains(MDM_CRITICAL_API_FOR_TESTMDM)) {
            return false;
        }
        LogUtil.i(TAG, "isSpecialApiForTestMdm true for " + str);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void lambda$cancelWorkIfNetworkLost$3(EnterpriseSession enterpriseSession) {
        enterpriseSession.serverVerificationRetryCount.set(0);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void lambda$checkPermission$9(ArrayList arrayList, String[] strArr, int i2) {
        arrayList.add(strArr[i2]);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void lambda$doVerificationWork$0(EnterpriseSession enterpriseSession) {
        LogUtil.i(TAG, enterpriseSession.getAppInfo().getPackageName() + " terminal verification passed");
        addSessionToCacheMap(enterpriseSession);
        tryRestoreSessionFromFile(enterpriseSession);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void lambda$getAPIVersionFromOfflineCertificate$4(LinkedHashMap linkedHashMap, String str) {
        if (str.split(",").length == 2) {
            linkedHashMap.put(Integer.valueOf(str.split(",")[1]), str.split(",")[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ boolean lambda$getAPIVersionFromOfflineCertificate$5(Map.Entry entry) {
        return ((Integer) entry.getKey()).intValue() <= this.internalKey;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void lambda$getAPIVersionFromOfflineCertificate$6(Map.Entry entry) {
        if (TextUtils.isEmpty(this.apiVersion)) {
            this.apiVersion = (String) entry.getValue();
            LogUtil.i(TAG, "successfully get api version from offline certificate @ " + this.apiVersion);
            return;
        }
        if (Long.parseLong(((String) entry.getValue()).split("-")[2]) > Long.parseLong(this.apiVersion.split("-")[2])) {
            this.apiVersion = (String) entry.getValue();
            LogUtil.i(TAG, "successfully get api version from offline certificate @ " + this.apiVersion);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void lambda$getAllSessionsStateInfo$11(ArrayList arrayList, EnterpriseSession enterpriseSession) {
        arrayList.add(enterpriseSession.simpleOutput());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ boolean lambda$prepareApps$1(Map.Entry entry) {
        return Objects.nonNull(entry) && !TextUtils.isEmpty((CharSequence) entry.getKey());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ AppInfo lambda$prepareApps$2(Map.Entry entry) {
        AppInfo appInfo = new AppInfo((String) entry.getKey(), (String) entry.getValue());
        LogUtil.i(TAG, "prepare app " + appInfo);
        if (appInfo.getPackageName().equals(TESTMDM_PACKAGE_NAME)) {
            LogUtil.i(TAG, "testMdm is installed");
            this.isTestMdmInstalled = true;
        }
        return appInfo;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void lambda$setTestMdmVerificationType$10(EnterpriseSession enterpriseSession) {
        addSessionToCacheMap(enterpriseSession);
        doServerVerification(enterpriseSession);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ boolean lambda$storeValidSessionsToFile$7(EnterpriseSession enterpriseSession) {
        return enterpriseSession.isOnline() && enterpriseSession.isValidSession(getCurrentTime());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void lambda$storeValidSessionsToFile$8(EnterpriseSession enterpriseSession) {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(new File(this.context.getFilesDir(), enterpriseSession.getAppInfo().getPackageName()));
            try {
                fileOutputStream.write(enterpriseSession.toXmlString().getBytes(StandardCharsets.UTF_8));
                fileOutputStream.close();
            } finally {
            }
        } catch (IOException e3) {
            LogUtil.e(TAG, "store valid session failed", e3);
        }
    }

    private List<AppInfo> prepareApps(Map<String, String> map) {
        return (List) map.entrySet().stream().filter(new Predicate() { // from class: com.enterprise.permission.inner.h
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean lambda$prepareApps$1;
                lambda$prepareApps$1 = PermissionManagerInner.lambda$prepareApps$1((Map.Entry) obj);
                return lambda$prepareApps$1;
            }
        }).map(new Function() { // from class: com.enterprise.permission.inner.b
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                AppInfo lambda$prepareApps$2;
                lambda$prepareApps$2 = PermissionManagerInner.this.lambda$prepareApps$2((Map.Entry) obj);
                return lambda$prepareApps$2;
            }
        }).collect(Collectors.toList());
    }

    private void randomServerVerifyPollingInterval() {
        POLLING_INTERVAL += (long) (Math.random() * 1.44E7d);
        LogUtil.v(TAG, "random setting polling interval with fix value @ " + POLLING_INTERVAL);
    }

    private void readExtraPermissionsFromFile(String str) {
        File file = new File(str);
        if (file.exists()) {
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(new FileInputStream(file));
                try {
                    BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
                    for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                        this.controlledPermissions.add(readLine.trim());
                        LogUtil.d(TAG, "add controlled permission " + readLine);
                    }
                    inputStreamReader.close();
                } finally {
                }
            } catch (IOException e3) {
                LogUtil.e(TAG, "read permission file failed", e3);
            }
        }
    }

    private void registerBroadcastReceiver() {
        IntentFilter intentFilter = new IntentFilter();
        intentFilter.addAction("android.intent.action.PACKAGE_ADDED");
        intentFilter.addAction("android.intent.action.PACKAGE_REMOVED");
        intentFilter.addDataScheme("package");
        intentFilter.setPriority(1000);
        this.context.registerReceiver(this.packageChangeReceiver, intentFilter, null, this.handler);
        IntentFilter intentFilter2 = new IntentFilter();
        intentFilter2.addAction("android.intent.action.ACTION_SHUTDOWN");
        intentFilter2.addAction("android.intent.action.REBOOT");
        intentFilter2.setPriority(1000);
        this.context.registerReceiver(this.shutdownReceiver, intentFilter2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void removeSessionFromCacheMap(EnterpriseSession enterpriseSession) {
        LogUtil.v(TAG, "remove session from cache map for " + enterpriseSession.getAppInfo().getPackageName());
        this.enterpriseSessionMap.remove(enterpriseSession.getAppInfo().getPackageName());
        deleteStoredSessionFile(enterpriseSession);
        setEnterpriseFlag();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void responseErrorLog(ResponseObject<?> responseObject) {
        if (responseObject.code.intValue() == 10400) {
            LogUtil.w(TAG, "invalid: " + responseObject.msg);
            return;
        }
        if (responseObject.code.intValue() == 10401) {
            LogUtil.w(TAG, "openId invalid: " + responseObject.msg);
            return;
        }
        if (responseObject.code.intValue() != 10500) {
            LogUtil.w(TAG, "unknown error");
            return;
        }
        LogUtil.w(TAG, "internal error: " + responseObject.msg);
    }

    private void restoreTestMdmVerificationTypeFromFile() {
        SharedPreferences sharedPreferences = this.context.getSharedPreferences("testMdmVerificationType", 0);
        this.verificationType = sharedPreferences.getInt("verificationType", 0);
        this.replaceLicenseKey = sharedPreferences.getString("replaceLicenseKey", HttpUrl.FRAGMENT_ENCODE_SET);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendGetServerTimeMessageDelayed() {
        long j2;
        if (!isNetworkAvailable()) {
            LogUtil.w(TAG, "network lost, cancel get server time retry");
            return;
        }
        if (this.getServerTimeRetryCount.incrementAndGet() <= 10) {
            LogUtil.w(TAG, "failed to get time from server, retry count " + this.getServerTimeRetryCount);
            j2 = ((long) this.getServerTimeRetryCount.get()) * 2000;
        } else {
            LogUtil.w(TAG, "failed to get time from server, waiting for next polling @ " + new Date(getCurrentTime().getTime() + POLLING_INTERVAL));
            j2 = POLLING_INTERVAL;
            this.getServerTimeRetryCount.set(0);
        }
        if (this.handler.hasMessages(5)) {
            this.handler.removeMessages(5);
        }
        this.handler.sendEmptyMessageDelayed(5, j2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendMatchAPIVersionMessageDelayed() {
        long j2;
        if (!isNetworkAvailable()) {
            LogUtil.w(TAG, "network lost, cancel match api version retry");
            return;
        }
        if (this.matchAPIVersionRetryCount.incrementAndGet() <= 10) {
            LogUtil.w(TAG, "failed to match api version from server, retry count " + this.matchAPIVersionRetryCount);
            j2 = ((long) this.matchAPIVersionRetryCount.get()) * 2000;
        } else {
            LogUtil.w(TAG, "failed to match api version from server, waiting for next polling @ " + new Date(getCurrentTime().getTime() + POLLING_INTERVAL));
            j2 = POLLING_INTERVAL;
            this.matchAPIVersionRetryCount.set(0);
        }
        if (this.handler.hasMessages(6)) {
            this.handler.removeMessages(6);
        }
        this.handler.sendEmptyMessageDelayed(6, j2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendPackageChangedMessage(int i2, String str) {
        Message obtain = Message.obtain();
        obtain.what = i2;
        obtain.obj = str;
        this.handler.sendMessage(obtain);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendServerVerificationMessageDelayed(EnterpriseSession enterpriseSession, boolean z2) {
        long j2;
        String packageName = enterpriseSession.getAppInfo().getPackageName();
        if (!isNetworkAvailable()) {
            LogUtil.w(TAG, "network lost, cancel server verification retry for " + packageName);
            return;
        }
        Message obtain = Message.obtain();
        obtain.what = 2;
        obtain.obj = packageName;
        if (z2) {
            LogUtil.i(TAG, packageName + " server verification is over, waiting for the next polling @ " + new Date(getCurrentTime().getTime() + POLLING_INTERVAL));
            j2 = POLLING_INTERVAL;
            enterpriseSession.serverVerificationRetryCount.set(0);
        } else if (enterpriseSession.serverVerificationRetryCount.incrementAndGet() <= 10) {
            LogUtil.w(TAG, "failed to do server verification for " + packageName + ", retry count " + enterpriseSession.serverVerificationRetryCount);
            j2 = ((long) enterpriseSession.serverVerificationRetryCount.get()) * 2000;
        } else {
            LogUtil.w(TAG, "failed to do server verification for " + packageName + ", waiting for next polling @ " + new Date(getCurrentTime().getTime() + POLLING_INTERVAL));
            j2 = POLLING_INTERVAL;
            enterpriseSession.serverVerificationRetryCount.set(0);
        }
        if (this.handler.hasMessages(obtain.what, obtain.obj)) {
            this.handler.removeMessages(obtain.what, obtain.obj);
        }
        this.handler.sendMessageDelayed(obtain, j2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setEnterpriseFlag() {
        if (this.isNeedSkipPermissionCheck) {
            return;
        }
        if (!this.enterpriseSessionMap.isEmpty() || this.isTestMdmInstalled) {
            setEnterpriseFlagAux(1);
        } else {
            setEnterpriseFlagAux(0);
        }
    }

    private void setEnterpriseFlagAux(int i2) {
        Settings.System.putInt(this.context.getContentResolver(), APK_CONTAINS_CERT, i2);
        SystemProperties.set("sys.apk_contains_ent_cert", String.valueOf(i2));
    }

    private boolean skipCheckPermission(String str) {
        if (!LogUtil.DEBUG || !str.equals(TESTMDM_PACKAGE_NAME)) {
            return false;
        }
        LogUtil.d(TAG, "COREAPP SKIP check permission :" + SystemProperties.getBoolean("persist.sys.oplus.coreapp.debug", false));
        return SystemProperties.getBoolean("persist.sys.oplus.coreapp.debug", false);
    }

    private void storeTestMdmVerificationTypeToFile() {
        this.context.getSharedPreferences("testMdmVerificationType", 0).edit().clear().putInt("verificationType", this.verificationType).putString("replaceLicenseKey", this.replaceLicenseKey).apply();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void storeValidSessionsToFile() {
        LogUtil.i(TAG, "store valid sessions to file");
        this.enterpriseSessionMap.values().stream().filter(new Predicate() { // from class: com.enterprise.permission.inner.f
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean lambda$storeValidSessionsToFile$7;
                lambda$storeValidSessionsToFile$7 = PermissionManagerInner.this.lambda$storeValidSessionsToFile$7((EnterpriseSession) obj);
                return lambda$storeValidSessionsToFile$7;
            }
        }).forEach(new Consumer() { // from class: com.enterprise.permission.inner.i
            @Override // java.util.function.Consumer
            public final void accept(Object obj) {
                PermissionManagerInner.this.lambda$storeValidSessionsToFile$8((EnterpriseSession) obj);
            }
        });
    }

    private void tryRestoreSessionFromFile(EnterpriseSession enterpriseSession) {
        File file = new File(this.context.getFilesDir(), enterpriseSession.getAppInfo().getPackageName());
        String packageName = enterpriseSession.getAppInfo().getPackageName();
        if (!file.exists()) {
            LogUtil.i(TAG, "no stored file for " + packageName);
            return;
        }
        synchronized (PermissionManagerInner.class) {
            if (enterpriseSession.isOnline()) {
                try {
                    enterpriseSession.restoreFromXmlFile(file);
                    LogUtil.i(TAG, "successfully restore session from file for " + packageName);
                } catch (IOException | ParseException | XmlPullParserException e3) {
                    LogUtil.e(TAG, "restore session from file failed for " + packageName, e3);
                }
            }
            if (file.delete()) {
                LogUtil.v(TAG, "delete stored file for " + packageName);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void updateSessionFromServer(EnterpriseSession enterpriseSession, ValidationResult validationResult) {
        synchronized (PermissionManagerInner.class) {
            try {
                LogUtil.i(TAG, "update session from server for " + enterpriseSession.getAppInfo().getPackageName() + ", result status is " + ValidationResult.statusToString(validationResult.status.intValue()));
                if (validationResult.status.intValue() == 1) {
                    enterpriseSession.setVerifyStatus(validationResult.status.intValue());
                    enterpriseSession.setLastVerifyTime(new Date(validationResult.serverTime.longValue()));
                    enterpriseSession.setValidFrom(new Date(validationResult.fromTime.longValue()));
                    enterpriseSession.setValidTo(new Date(validationResult.toTime.longValue()));
                    if (!TextUtils.isEmpty(validationResult.permissions)) {
                        enterpriseSession.getPermissionInfo().setPermissions((List) Arrays.stream(validationResult.permissions.split(";")).map(c.f1481a).collect(Collectors.toList()));
                    }
                    if (!TextUtils.isEmpty(validationResult.apis)) {
                        enterpriseSession.getPermissionInfo().setApis((List) Arrays.stream(validationResult.apis.split(";")).map(c.f1481a).collect(Collectors.toList()));
                    }
                } else {
                    enterpriseSession.setVerifyStatus(validationResult.status.intValue());
                    enterpriseSession.setLastVerifyTime(new Date(validationResult.serverTime.longValue()));
                }
            } finally {
            }
        }
    }

    public int checkOplusPermission() {
        return checkCallingUidPermission() ? 0 : -1;
    }

    public void doVerificationWork() {
        LogUtil.v(TAG, "do verification work");
        if (areDomainsReady()) {
            randomServerVerifyPollingInterval();
            restoreTestMdmVerificationTypeFromFile();
            prepareApps(this.appsScannedDuringBoot).stream().map(new Function() { // from class: com.enterprise.permission.inner.q
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    Optional doTerminalVerification;
                    doTerminalVerification = PermissionManagerInner.this.doTerminalVerification((AppInfo) obj);
                    return doTerminalVerification;
                }
            }).flatMap(new Function() { // from class: com.enterprise.permission.inner.d
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return a.a((Optional) obj);
                }
            }).forEach(new Consumer() { // from class: com.enterprise.permission.inner.j
                @Override // java.util.function.Consumer
                public final void accept(Object obj) {
                    PermissionManagerInner.this.lambda$doVerificationWork$0((EnterpriseSession) obj);
                }
            });
            registerBroadcastReceiver();
            this.context.getContentResolver().registerContentObserver(Settings.System.getUriFor(SETTINGS_CTA_UPDATE_SERVICE), true, new ContentObserver(new Handler(Looper.getMainLooper())) { // from class: com.enterprise.permission.inner.PermissionManagerInner.1
                @Override // android.database.ContentObserver
                public void onChange(boolean z2) {
                    super.onChange(z2);
                    if (Settings.System.getInt(PermissionManagerInner.this.context.getContentResolver(), PermissionManagerInner.SETTINGS_CTA_UPDATE_SERVICE, 0) == 1) {
                        LogUtil.i(PermissionManagerInner.TAG, "the value of cta_update_service is 1");
                        PermissionManagerInner.this.ctaUpdateService = 1;
                        PermissionManagerInner.this.doWorkIfNetworkAvailable();
                    } else {
                        LogUtil.i(PermissionManagerInner.TAG, "the value of cta_update_service is not 1");
                        PermissionManagerInner.this.ctaUpdateService = 0;
                        PermissionManagerInner.this.cancelWorkIfNetworkLost();
                    }
                }
            });
            this.connectivityManager.registerDefaultNetworkCallback(new ConnectivityManager.NetworkCallback() { // from class: com.enterprise.permission.inner.PermissionManagerInner.2
                @Override // android.net.ConnectivityManager.NetworkCallback
                public void onAvailable(Network network) {
                    super.onAvailable(network);
                    LogUtil.i(PermissionManagerInner.TAG, "network available");
                    PermissionManagerInner.this.networkAvailable = true;
                    PermissionManagerInner.this.doWorkIfNetworkAvailable();
                }

                @Override // android.net.ConnectivityManager.NetworkCallback
                public void onLost(Network network) {
                    super.onLost(network);
                    LogUtil.i(PermissionManagerInner.TAG, "network lost");
                    PermissionManagerInner.this.networkAvailable = false;
                    PermissionManagerInner.this.cancelWorkIfNetworkLost();
                }
            });
        }
    }

    public String getAPIVersion() {
        return this.apiVersion;
    }

    public List<String> getAllSessionsStateInfo() {
        final ArrayList arrayList = new ArrayList();
        synchronized (PermissionManagerInner.class) {
            this.enterpriseSessionMap.values().forEach(new Consumer() { // from class: com.enterprise.permission.inner.n
                @Override // java.util.function.Consumer
                public final void accept(Object obj) {
                    PermissionManagerInner.lambda$getAllSessionsStateInfo$11(arrayList, (EnterpriseSession) obj);
                }
            });
        }
        return arrayList;
    }

    public int getServerType() {
        return this.serverHelper.getServerType();
    }

    public int getTestMdmVerificationType() {
        EnterpriseSession enterpriseSession = this.enterpriseSessionMap.get(TESTMDM_PACKAGE_NAME);
        if (enterpriseSession instanceof CertificateSession) {
            return 0;
        }
        return enterpriseSession instanceof LicenseSession ? 1 : -1;
    }

    public boolean isEnterpriseCustomApp(String str) {
        return this.enterpriseSessionMap.get(str) != null || str.equals(TESTMDM_PACKAGE_NAME);
    }

    public int oplusCheckPermission(String str, String str2) {
        return checkPermission(str2, str) ? 0 : -1;
    }

    public void setAppsScannedDuringBoot(Map<String, String> map) {
        this.appsScannedDuringBoot = map;
    }

    public void setFlagWhenNeedSkipPermissionCheck(boolean z2) {
        if (z2) {
            setEnterpriseFlagAux(1);
        } else {
            setEnterpriseFlag();
        }
        this.isNeedSkipPermissionCheck = z2;
    }

    public void setInternalKey(int i2) {
        this.internalKey = i2;
    }

    public void setServerType(int i2) {
        this.serverHelper.setServerType(i2);
        EnterpriseSession enterpriseSession = this.enterpriseSessionMap.get(TESTMDM_PACKAGE_NAME);
        if (enterpriseSession == null || !enterpriseSession.isOnline()) {
            return;
        }
        enterpriseSession.setLastVerifyTime(new Date(getCurrentTime().getTime() - POLLING_INTERVAL));
        enterpriseSession.setVerifyStatus(11);
        doServerVerification(enterpriseSession);
    }

    public void setTestMdmVerificationType(int i2, String str) {
        int i3 = this.verificationType;
        if (i2 != i3 && i2 == 0) {
            LogUtil.i(TAG, "set testMdm verification type to certificate");
            this.verificationType = 0;
            this.replaceLicenseKey = HttpUrl.FRAGMENT_ENCODE_SET;
        } else if ((i2 != i3 || !str.equals(this.replaceLicenseKey)) && i2 == 1) {
            LogUtil.i(TAG, "set testMdm verification type to license @ " + str);
            this.verificationType = 1;
            this.replaceLicenseKey = str;
        }
        storeTestMdmVerificationTypeToFile();
        try {
            doTerminalVerification(new AppInfo(TESTMDM_PACKAGE_NAME, TerminalUtil.getApkSourceDir(TESTMDM_PACKAGE_NAME, this.packageManager))).ifPresent(new Consumer() { // from class: com.enterprise.permission.inner.l
                @Override // java.util.function.Consumer
                public final void accept(Object obj) {
                    PermissionManagerInner.this.lambda$setTestMdmVerificationType$10((EnterpriseSession) obj);
                }
            });
        } catch (PackageManager.NameNotFoundException e3) {
            LogUtil.e(TAG, "testMdm is not installed, set verification type failed", e3);
        }
    }
}
