package com.microsoft.intune.mam.client.app;

import android.content.Context;
import android.text.TextUtils;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.intune.mam.client.identity.MAMIdentity;
import com.microsoft.intune.mam.client.ipc.SdmInfo;
import com.microsoft.intune.mam.client.ipc.SdmInfoRepository;
import com.microsoft.intune.mam.client.ipcclient.MAMFeatureFlag;
import com.microsoft.intune.mam.client.notification.MAMNotificationReceiver;
import com.microsoft.intune.mam.client.notification.MAMNotificationReceiverRegistry;
import com.microsoft.intune.mam.client.telemetry.OnlineTelemetryLogger;
import com.microsoft.intune.mam.client.telemetry.events.TrackedOccurrence;
import com.microsoft.intune.mam.log.MAMLogPIIFactory;
import com.microsoft.intune.mam.log.MAMLogger;
import com.microsoft.intune.mam.log.MAMLoggerProvider;
import com.microsoft.intune.mam.policy.IMAMFlighting;
import com.microsoft.intune.mam.policy.MAMUserInfoInternal;
import com.microsoft.intune.mam.policy.appconfig.MAMAppConfig;
import com.microsoft.intune.mam.policy.appconfig.MAMAppConfigBase;
import com.microsoft.intune.mam.policy.appconfig.MAMAppConfigManagerImpl;
import com.microsoft.intune.mam.policy.notification.MAMNotification;
import com.microsoft.intune.mam.policy.notification.MAMNotificationType;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import kotlin.getRpc;
import kotlin.hasWakeLockPermission;
import kotlin.lambdastart0;

/* loaded from: classes4.dex */
public class AllowedAccountsBehaviorInternal extends AllowedAccountsBehaviorImpl {
    private static final MAMLogger LOGGER = MAMLoggerProvider.getLogger(AllowedAccountsBehaviorInternal.class);
    private final MAMAppConfigManagerImpl mAppConfigManager;
    private final Map<AllowedAccountsListener, MAMNotificationReceiver> mListeners;
    private boolean mListeningForSdmChanges;
    private final IMAMFlighting mMAMFlighting;
    private final MAMNotificationReceiverRegistry mNotificationReceiverRegistry;
    private final SdmInfoRepository mSdmInfoRepository;
    private final OnlineTelemetryLogger mTelemetryLogger;
    private final MAMUserInfoInternal mUserInfo;

    @getRpc
    public AllowedAccountsBehaviorInternal(Context context, MAMAppConfigManagerImpl mAMAppConfigManagerImpl, MAMUserInfoInternal mAMUserInfoInternal, MAMNotificationReceiverRegistry mAMNotificationReceiverRegistry, OnlineTelemetryLogger onlineTelemetryLogger, MAMLogPIIFactory mAMLogPIIFactory, IMAMFlighting iMAMFlighting, SdmInfoRepository sdmInfoRepository) {
        super(context, mAMLogPIIFactory);
        this.mListeners = new HashMap();
        this.mListeningForSdmChanges = false;
        this.mAppConfigManager = mAMAppConfigManagerImpl;
        this.mUserInfo = mAMUserInfoInternal;
        this.mNotificationReceiverRegistry = mAMNotificationReceiverRegistry;
        this.mTelemetryLogger = onlineTelemetryLogger;
        this.mMAMFlighting = iMAMFlighting;
        this.mSdmInfoRepository = sdmInfoRepository;
    }

    private List<AllowedAccountInfo> getAllowedUsersFromAppConfig() {
        List<AllowedAccountInfo> list = null;
        for (MAMIdentity mAMIdentity : this.mUserInfo.getAllEnrolledIdentitiesAnyMode()) {
            List<AllowedAccountInfo> allowedUsersFromAppConfig = getAllowedUsersFromAppConfig(mAMIdentity);
            if (allowedUsersFromAppConfig != null) {
                if (list == null) {
                    logTelemetryForMAMAppConfigUsage(mAMIdentity);
                    list = allowedUsersFromAppConfig;
                } else {
                    MAMLogger mAMLogger = LOGGER;
                    mAMLogger.warning("Cannot merge AllowedAccounts values from multiple identities.", new Object[0]);
                    mAMLogger.warning("The first one found wins, which is expected to result in other accounts being removed.", new Object[0]);
                    this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.ALLOWED_ACCOUNTS_MMA_CONFLICT);
                }
            }
        }
        return list;
    }

    private List<AllowedAccountInfo> getAllowedUsersFromAppConfig(MAMIdentity mAMIdentity) {
        String stringForKey;
        MAMAppConfig appConfig = this.mAppConfigManager.getAppConfig(mAMIdentity);
        if (appConfig.hasConflict("com.microsoft.intune.mam.AllowedAccountUPNs")) {
            this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.ALLOWED_ACCOUNTS_CONFIGURATION_CONFLICT);
            stringForKey = TextUtils.join(AuthenticationConstants.Broker.CHALLENGE_REQUEST_CERT_AUTH_DELIMETER, appConfig.getAllStringsForKey("com.microsoft.intune.mam.AllowedAccountUPNs"));
        } else {
            stringForKey = appConfig.getStringForKey("com.microsoft.intune.mam.AllowedAccountUPNs", MAMAppConfig.StringQueryType.Any);
        }
        return getAllowedAccounts(AllowedAccountsBehaviorImpl.canonicalizeRawUsers(stringForKey));
    }

    private MAMNotificationReceiver getReceiver(final AllowedAccountsListener allowedAccountsListener) {
        return new MAMNotificationReceiver() { // from class: com.microsoft.intune.mam.client.app.AllowedAccountsBehaviorInternal$$ExternalSyntheticLambda1
            @Override // com.microsoft.intune.mam.client.notification.MAMNotificationReceiver
            public final boolean onReceive(MAMNotification mAMNotification) {
                boolean lambda$getReceiver$0;
                lambda$getReceiver$0 = AllowedAccountsBehaviorInternal.lambda$getReceiver$0(AllowedAccountsListener.this, mAMNotification);
                return lambda$getReceiver$0;
            }
        };
    }

    private AllowedAccountInfo getSdmAllowedAccountInfo() {
        synchronized (this) {
            final SdmInfo sdmInfo = this.mSdmInfoRepository.sdmInfo();
            if (sdmInfo == null) {
                LOGGER.warning("[SDM] Failed to retrieve SDM allowed account info, returning null", new Object[0]);
                return null;
            }
            if (!this.mListeningForSdmChanges) {
                this.mSdmInfoRepository.addResetListener(new hasWakeLockPermission() { // from class: com.microsoft.intune.mam.client.app.AllowedAccountsBehaviorInternal$$ExternalSyntheticLambda0
                    @Override // kotlin.hasWakeLockPermission
                    public final Object invoke() {
                        lambdastart0 lambda$getSdmAllowedAccountInfo$1;
                        lambda$getSdmAllowedAccountInfo$1 = AllowedAccountsBehaviorInternal.this.lambda$getSdmAllowedAccountInfo$1();
                        return lambda$getSdmAllowedAccountInfo$1;
                    }
                });
                this.mListeningForSdmChanges = true;
            }
            final String username = sdmInfo.getUsername();
            if (username == null) {
                LOGGER.info("[SDM] No current SDM user, returning null", new Object[0]);
                return null;
            }
            return new AllowedAccountInfo() { // from class: com.microsoft.intune.mam.client.app.AllowedAccountsBehaviorInternal.1
                @Override // com.microsoft.intune.mam.client.app.AllowedAccountInfo
                public String getAADUserId() {
                    return sdmInfo.getAadId();
                }

                @Override // com.microsoft.intune.mam.client.app.AllowedAccountInfo
                public String getUPN() {
                    return username;
                }
            };
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ boolean lambda$getReceiver$0(AllowedAccountsListener allowedAccountsListener, MAMNotification mAMNotification) {
        allowedAccountsListener.onAllowedAccountsChanged();
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ lambdastart0 lambda$getSdmAllowedAccountInfo$1() {
        notifyChange();
        return lambdastart0.INSTANCE;
    }

    private void logTelemetryForMAMAppConfigUsage(MAMIdentity mAMIdentity) {
        if (this.mMAMFlighting.isFeatureFlagEnabled(MAMFeatureFlag.TRACK_MAM_ALLOWED_ACCOUNTS)) {
            MAMAppConfigBase.AppConfigSource source = this.mAppConfigManager.getAppConfig(mAMIdentity).getSource("com.microsoft.intune.mam.AllowedAccountUPNs");
            if (source == MAMAppConfigBase.AppConfigSource.MAM || source == MAMAppConfigBase.AppConfigSource.MIXED) {
                this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.ALLOWED_ACCOUNTS_FROM_MAM_APP_CONFIG);
            }
        }
    }

    private void notifyChange() {
        Iterator<AllowedAccountsListener> it = this.mListeners.keySet().iterator();
        while (it.hasNext()) {
            it.next().onAllowedAccountsChanged();
        }
    }

    @Override // com.microsoft.intune.mam.client.app.AllowedAccountsBehaviorImpl, com.microsoft.intune.mam.client.app.AllowedAccountsBehavior
    public List<AllowedAccountInfo> getAllowedAccounts() {
        AllowedAccountInfo sdmAllowedAccountInfo;
        if (!this.mMAMFlighting.isFeatureFlagEnabled(MAMFeatureFlag.SDM_BRIDGE_AA) || !this.mSdmInfoRepository.isSharedDevice() || (sdmAllowedAccountInfo = getSdmAllowedAccountInfo()) == null) {
            List<AllowedAccountInfo> allowedUsersFromAppConfig = getAllowedUsersFromAppConfig();
            return allowedUsersFromAppConfig != null ? allowedUsersFromAppConfig : super.getAllowedAccounts();
        }
        this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.SDM_BRIDGE_ALLOWED_ACCOUNTS);
        LOGGER.fine("[SDM] Device is in SDM and a user is signed in, setting that user as the sole allowed account", new Object[0]);
        ArrayList arrayList = new ArrayList();
        arrayList.add(sdmAllowedAccountInfo);
        return arrayList;
    }

    @Override // com.microsoft.intune.mam.client.app.AllowedAccountsBehaviorImpl, com.microsoft.intune.mam.client.app.AllowedAccountsBehavior
    public boolean isAccountAllowed(String str) {
        return isAccountAllowed(getAllowedAccounts(), str);
    }

    @Override // com.microsoft.intune.mam.client.app.AllowedAccountsBehaviorImpl, com.microsoft.intune.mam.client.app.AllowedAccountsBehavior
    public void listenForChanges(AllowedAccountsListener allowedAccountsListener) {
        synchronized (this) {
            super.listenForChanges(allowedAccountsListener);
            if (this.mListeners.containsKey(allowedAccountsListener)) {
                return;
            }
            MAMNotificationReceiver receiver = getReceiver(allowedAccountsListener);
            this.mNotificationReceiverRegistry.registerReceiver(receiver, MAMNotificationType.REFRESH_APP_CONFIG);
            this.mListeners.put(allowedAccountsListener, receiver);
        }
    }

    @Override // com.microsoft.intune.mam.client.app.AllowedAccountsBehaviorImpl, com.microsoft.intune.mam.client.app.AllowedAccountsBehavior
    public void unregisterListener(AllowedAccountsListener allowedAccountsListener) {
        synchronized (this) {
            super.unregisterListener(allowedAccountsListener);
            if (this.mListeners.containsKey(allowedAccountsListener)) {
                this.mNotificationReceiverRegistry.unregisterReceiver(this.mListeners.get(allowedAccountsListener), MAMNotificationType.REFRESH_APP_CONFIG);
                this.mListeners.remove(allowedAccountsListener);
            }
        }
    }
}
