package com.sonicwall.sra.authentication;

import android.content.Context;
import android.database.Cursor;
import android.os.AsyncTask;
import android.preference.PreferenceManager;
import android.util.Base64;
import androidx.appcompat.widget.ActivityChooserView;
import com.sonicwall.connect.util.CertDetails;
import com.sonicwall.mobileconnect.BuildConfig;
import com.sonicwall.mobileconnect.R;
import com.sonicwall.mobileconnect.dao.VPNConfiguration;
import com.sonicwall.mobileconnect.db.FingerprintCredentialsTable;
import com.sonicwall.mobileconnect.exception.ServerCertHostnameMismatchException;
import com.sonicwall.mobileconnect.logging.Logger;
import com.sonicwall.mobileconnect.ui.SettingsFragment;
import com.sonicwall.mobileconnect.util.KeyStoreHelper;
import com.sonicwall.mobileconnect.util.TrustManagerListener;
import com.sonicwall.mobileconnect.util.Util;
import com.sonicwall.sra.service.SraHttpClientManager;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HttpsURLConnection;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class SraLoginManager implements TrustManagerListener {
    private static final String AUTHENTICATE_API_NEED_EPC = "needEpc";
    private static final String AUTHENTICATE_API_NEED_PDA = "needPda";
    private static final String AUTHENTICATE_API_NEED_SAML_LOGOUT = "needlogout";
    private static final String AUTHENTICATE_API_NEED_SUCCESS = "success";
    private static final String CLIENT_CERT_ERROR_MSG = "Unable to verify client certificate";
    private static final String HEADER_PASSWORD_CHANGE_RESULT = "X-PWD-change";
    private static final String MOBILECONNECT_HEADER_SUPPORTS_BOOKMARKS = "MC-bookmarks";
    private static final String NETEXTENDER_HEADER_MAY_CHANGE_PWD = "X-NE-maychangepwd";
    private static final String NETEXTENDER_HEADER_MESSAGE = "X-NE-message";
    private static final String NETEXTENDER_HEADER_PDA = "X-NE-pda";
    private static final String NETEXTENDER_HEADER_PENDINGID = "X-NE-pendingId";
    private static final String NETEXTENDER_HEADER_PWD_EXP_DAYS = "X-NE-pwdexpdays";
    private static final String NETEXTENDER_HEADER_RSA_STATE = "X-NE-rsastate";
    private static final String NETEXTENDER_HEADER_SAML = "X-NE-saml";
    private static final String NETEXTENDER_HEADER_SESSIONPROMPT = "X-NE-SESSIONPROMPT";
    private static final String NETEXTENDER_HEADER_TWOFACTOR = "X-NE-tf";
    private static final String NETEXTENDER_HEADER_TWOFACTOR_RESULT = "X-NE-tfresult";
    private static final String NETEXTENDER_PDA_REQUIRED = "pdarequired";
    private static final String NETEXTENDER_TWOFACTOR_FAILURE = "2";
    private static final String NETEXTENDER_TWOFACTOR_NEED_CHALLENGE = "5";
    private static final String NETEXTENDER_TWOFACTOR_NEXT_CODE = "4";
    private static final String NETEXTENDER_TWOFACTOR_NONE = "0";
    private static final String NETEXTENDER_TWOFACTOR_OTP = "1";
    private static final String NETEXTENDER_TWOFACTOR_RETRY = "1";
    private static final String NETEXTENDER_TWOFACTOR_SUCCESS = "0";
    private static final String NETEXTENDER_TWOFACTOR_SYS_NEW_PIN = "3";
    private static final String NETEXTENDER_TWOFACTOR_USER_NEW_PIN = "2";
    private static final String PASSWORD_CHANGE_SUCCESS = "0";
    private static final String TAG = "SraLoginManager";
    private static final String USER_LOGIN_URL_FORMAT = "https://%s/cgi-bin/userLogin";
    private static final Logger logger = Logger.getInstance();
    private Context mContext;
    private SraLoginManagerDelegate mDelegate;
    private String mDomain;
    private String mEncodedSessionId;
    private String mNewPassword;
    private int mPasswordExpirationDays;
    private String mRsaState;
    private String mServer;
    private boolean mUserMayChangePassword;
    private String mUsername;
    private VPNConfiguration mVPNConfiguration;
    private boolean mIsCAAuth = false;
    private boolean mIsSAMLAuth = false;
    private String mClientCertAlias = null;
    private int mSraBookmarkVersion = 0;
    private boolean mCancelled = false;
    private HttpsURLConnection mCurrentHttpsConnection = null;

    private VPNConfiguration getFingerprintCredentials(int i, String str, String str2) {
        VPNConfiguration vPNConfiguration = new VPNConfiguration();
        vPNConfiguration.setHostAddress(str);
        vPNConfiguration.setID(i);
        if (str == null) {
            return vPNConfiguration;
        }
        Cursor query = this.mContext.getContentResolver().query(FingerprintCredentialsTable.CONTENT_URI, FingerprintCredentialsTable.PROJECTION, "((vpnid=?) AND (server=?))", new String[]{Integer.toString(i), str}, "vpnid COLLATE LOCALIZED ASC");
        if (query != null) {
            query.moveToFirst();
            if (!query.isAfterLast()) {
                if (query.getInt(query.getColumnIndex(FingerprintCredentialsTable.COLUMN_PERMITTED)) != 0) {
                    vPNConfiguration.setUsername(query.getString(query.getColumnIndex("username")));
                    vPNConfiguration.setDomain(query.getString(query.getColumnIndex("domain")));
                    vPNConfiguration.setPassword(query.getString(query.getColumnIndex("password")));
                }
            }
            query.close();
        }
        try {
            if (!isEmptyString(str2) && !KeyStoreHelper.getInstance().decrypt(vPNConfiguration.getUsername()).equals(str2)) {
                vPNConfiguration.setUsername(null);
            }
        } catch (Exception e) {
            vPNConfiguration.setUsername(null);
            logger.logError(TAG, "failed to decrypt fingerprint credentials", e);
        }
        return vPNConfiguration;
    }

    private void getPasswordExpirationDaysHeader(HttpsURLConnection httpsURLConnection, boolean z) {
        try {
            this.mPasswordExpirationDays = httpsURLConnection.getHeaderFieldInt(NETEXTENDER_HEADER_PWD_EXP_DAYS, ActivityChooserView.ActivityChooserViewAdapter.MAX_ACTIVITY_COUNT_UNLIMITED);
        } catch (Throwable unused) {
            if (z) {
                this.mPasswordExpirationDays = ActivityChooserView.ActivityChooserViewAdapter.MAX_ACTIVITY_COUNT_UNLIMITED;
            }
        }
    }

    private void getSraBookmarkVersionHeader(HttpsURLConnection httpsURLConnection, boolean z) {
        try {
            this.mSraBookmarkVersion = httpsURLConnection.getHeaderFieldInt(MOBILECONNECT_HEADER_SUPPORTS_BOOKMARKS, 0);
        } catch (Throwable unused) {
            if (z) {
                this.mSraBookmarkVersion = 0;
            }
        }
    }

    private void getUserMayChangePassswordHeader(HttpsURLConnection httpsURLConnection, boolean z) {
        try {
            boolean z2 = true;
            if (httpsURLConnection.getHeaderFieldInt(NETEXTENDER_HEADER_MAY_CHANGE_PWD, 0) != 1) {
                z2 = false;
            }
            this.mUserMayChangePassword = z2;
        } catch (Throwable unused) {
            if (z) {
                this.mUserMayChangePassword = false;
            }
        }
    }

    private void handleSAMLResponse(HttpsURLConnection httpsURLConnection) {
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpsURLConnection.getInputStream(), "UTF-8"));
            while (true) {
                try {
                    try {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        } else if (readLine.contains("location")) {
                            this.mVPNConfiguration.setSAMLLogoutUrl(new String(Base64.decode(onReceiveCallGetApi(readLine, "location"), 0)));
                        }
                    } catch (IOException e) {
                        logger.logError(TAG, "IOException during fetch logout content:" + e);
                    }
                } finally {
                    bufferedReader.close();
                }
            }
        } catch (IOException e2) {
            logger.logError(TAG, "IOException during fetch content:" + e2);
        }
    }

    private boolean isEmptyString(String str) {
        return str == null || str.trim().length() == 0;
    }

    private void logResponsePageContent(HttpsURLConnection httpsURLConnection) throws IOException {
        if (httpsURLConnection.getContentLength() <= 0) {
            return;
        }
        logger.logDebug(TAG, "Page content:\n\n" + SraHttpClientManager.readResponseContent(httpsURLConnection));
    }

    private void loginDidSucceed() {
        this.mDelegate.loginDidSucceed();
        if (this.mPasswordExpirationDays < Integer.MAX_VALUE) {
            logger.logDebug(TAG, "Password will expire in " + this.mPasswordExpirationDays + " days");
            this.mDelegate.passwordWillExpireSoon(this.mPasswordExpirationDays, this.mUserMayChangePassword);
        }
    }

    private String onReceiveCallGetApi(String str, String str2) {
        JSONObject jSONObject;
        logger.logDebug(TAG, "Received Get type API response");
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user; ignoring response");
            this.mDelegate.loginCancelledByUser();
            return null;
        }
        logger.logDebug(TAG, "Page content:\n\n" + str);
        try {
            jSONObject = new JSONObject(str);
        } catch (JSONException e) {
            logger.logDebug(TAG, e.toString());
        }
        if (jSONObject.has(str2)) {
            return jSONObject.getString(str2);
        }
        if (jSONObject.has("defaultMessage")) {
            return jSONObject.getString("defaultMessage");
        }
        return null;
    }

    private void onReceiveLoginResponse(HttpsURLConnection httpsURLConnection) throws IOException {
        logger.logDebug(TAG, "Received login response");
        logResponsePageContent(httpsURLConnection);
        this.mRsaState = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_RSA_STATE);
        this.mEncodedSessionId = SraHttpClientManager.getCookie("swap");
        String headerField = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR);
        String headerField2 = httpsURLConnection.getHeaderField("X-NE-message");
        String headerField3 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR_RESULT);
        String headerField4 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_PDA);
        String headerField5 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_SAML);
        getPasswordExpirationDaysHeader(httpsURLConnection, true);
        getUserMayChangePassswordHeader(httpsURLConnection, true);
        getSraBookmarkVersionHeader(httpsURLConnection, true);
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user");
            this.mDelegate.loginCancelledByUser();
            return;
        }
        if (this.mEncodedSessionId != null) {
            logger.logDebug(TAG, "Find session id in cookie");
            if (!"1".equals(headerField)) {
                if (NETEXTENDER_PDA_REQUIRED.equals(headerField4)) {
                    this.mDelegate.loginRequiresPDAuth();
                }
                loginDidSucceed();
                return;
            } else if ("2".equals(headerField3)) {
                this.mDelegate.loginDidFail(headerField2);
                return;
            } else {
                this.mDelegate.loginRequiresOTP(headerField2);
                return;
            }
        }
        logger.logDebug(TAG, "Don't find session id in cookie");
        if (headerField == null || "0".equals(headerField)) {
            if ("-1".equals(httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_PWD_EXP_DAYS)) && "1".equals(httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_MAY_CHANGE_PWD))) {
                this.mDelegate.loginRequiresPasswordChange(this.mContext.getString(R.string.authPasswordMustChange));
                return;
            }
            String headerField6 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_PENDINGID);
            if (headerField6 != null) {
                this.mDelegate.loginRequiresConfirmation(headerField2, headerField6);
                return;
            }
            if (headerField2 != null && headerField2.contains(CLIENT_CERT_ERROR_MSG)) {
                this.mDelegate.loginRequiresClientCertificate(this.mClientCertAlias == null);
                return;
            } else {
                if (headerField5 != null) {
                    this.mDelegate.loginRequiresSAML();
                    return;
                }
                if (headerField2.contains("Login failed - Incorrect username/password")) {
                    this.mDelegate.clearPasswordFromCache();
                }
                this.mDelegate.loginDidFail(headerField2);
                return;
            }
        }
        if ("2".equals(headerField)) {
            this.mDelegate.loginRequiresRSAUserPin(headerField2);
            return;
        }
        if (NETEXTENDER_TWOFACTOR_SYS_NEW_PIN.equals(headerField)) {
            this.mDelegate.loginRequiresRSASysPin(headerField2);
            return;
        }
        if (NETEXTENDER_TWOFACTOR_NEXT_CODE.equals(headerField)) {
            this.mDelegate.loginRequiresRSANextCode(headerField2);
            return;
        }
        if (NETEXTENDER_TWOFACTOR_NEED_CHALLENGE.equals(headerField)) {
            this.mDelegate.loginRequiresRadiusHandshake(headerField2);
            return;
        }
        this.mDelegate.loginDidFail("Two-factor login type " + headerField + " not yet implemented for Android");
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [com.sonicwall.sra.authentication.SraLoginManager$1] */
    private void onReceiveLogoutResponse(HttpsURLConnection httpsURLConnection) throws IOException {
        if (this.mIsSAMLAuth) {
            handleSAMLResponse(httpsURLConnection);
            this.mDelegate.logoutDidFinish();
        } else {
            new AsyncTask<HttpsURLConnection, Void, Void>() { // from class: com.sonicwall.sra.authentication.SraLoginManager.1
                /* JADX INFO: Access modifiers changed from: protected */
                @Override // android.os.AsyncTask
                public Void doInBackground(HttpsURLConnection... httpsURLConnectionArr) {
                    try {
                        httpsURLConnectionArr[0].getInputStream();
                        return null;
                    } catch (Exception e) {
                        SraLoginManager.logger.logWarn(SraLoginManager.TAG, "Failed to get logout response: " + e.getCause());
                        if (e.getCause() == null) {
                            return null;
                        }
                        SraLoginManager.logger.logError(SraLoginManager.TAG, e);
                        return null;
                    }
                }
            }.executeOnExecutor(AsyncTask.THREAD_POOL_EXECUTOR, httpsURLConnection);
            this.mDelegate.logoutDidFinish();
        }
    }

    private void onReceiveOtpResponse(HttpsURLConnection httpsURLConnection) throws IOException {
        logger.logDebug(TAG, "Received OTP response");
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user; ignoring response");
            this.mDelegate.loginCancelledByUser();
            return;
        }
        logger.logDebug(TAG, httpsURLConnection.getHeaderFields().toString());
        getSraBookmarkVersionHeader(httpsURLConnection, false);
        String headerField = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR_RESULT);
        String headerField2 = httpsURLConnection.getHeaderField("X-NE-message");
        String headerField3 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_PDA);
        if ("1".equals(headerField)) {
            this.mDelegate.loginRequiresOTP(headerField2);
        } else {
            if (!"0".equals(headerField)) {
                this.mDelegate.loginDidFail(headerField2);
                return;
            }
            if (NETEXTENDER_PDA_REQUIRED.equals(headerField3)) {
                this.mDelegate.loginRequiresPDAuth();
            }
            loginDidSucceed();
        }
    }

    private void onReceivePasswordChangeResponse(HttpsURLConnection httpsURLConnection) {
        logger.logDebug(TAG, "Received password change response");
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user; ignoring response");
            this.mDelegate.onPasswordChangeCancel();
            return;
        }
        logger.logDebug(TAG, httpsURLConnection.getHeaderFields().toString());
        try {
            logResponsePageContent(httpsURLConnection);
        } catch (IOException e) {
            logger.logError(TAG, e);
        }
        String headerField = httpsURLConnection.getHeaderField(HEADER_PASSWORD_CHANGE_RESULT);
        String headerField2 = httpsURLConnection.getHeaderField("X-NE-message");
        if ("0".equals(headerField)) {
            this.mDelegate.onPasswordChangeSuccess(this.mNewPassword);
        } else {
            this.mDelegate.onPasswordChangeFail(headerField2);
        }
    }

    private void onReceiveRadiusHandshakeResponse(HttpsURLConnection httpsURLConnection) throws IOException {
        logger.logDebug(TAG, "Received RADIUS handshake response");
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user; ignoring response");
            this.mDelegate.loginCancelledByUser();
            return;
        }
        logResponsePageContent(httpsURLConnection);
        this.mRsaState = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_RSA_STATE);
        getPasswordExpirationDaysHeader(httpsURLConnection, false);
        getUserMayChangePassswordHeader(httpsURLConnection, false);
        getSraBookmarkVersionHeader(httpsURLConnection, false);
        String headerField = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR_RESULT);
        String headerField2 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR);
        String headerField3 = httpsURLConnection.getHeaderField("X-NE-message");
        String headerField4 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_PDA);
        if ("0".equals(headerField2) || "0".equals(headerField)) {
            this.mEncodedSessionId = SraHttpClientManager.getCookie("swap");
            if (NETEXTENDER_PDA_REQUIRED.equals(headerField4)) {
                this.mDelegate.loginRequiresPDAuth();
            }
            loginDidSucceed();
            return;
        }
        if ("1".equals(headerField2) && !"2".equals(headerField)) {
            this.mEncodedSessionId = SraHttpClientManager.getCookie("swap");
            this.mDelegate.loginRequiresOTP(headerField3);
            return;
        }
        if (NETEXTENDER_TWOFACTOR_NEED_CHALLENGE.equals(headerField2)) {
            this.mDelegate.loginRequiresRadiusHandshake(headerField3);
            return;
        }
        if ("2".equals(headerField)) {
            this.mDelegate.loginDidFail(headerField3);
            return;
        }
        if ("0".equals(headerField)) {
            this.mDelegate.loginRequiresRelogin(headerField3);
            return;
        }
        if (NETEXTENDER_TWOFACTOR_SYS_NEW_PIN.equals(headerField2)) {
            this.mDelegate.loginRequiresRSASysPin(headerField3);
        } else if ("2".equals(headerField2)) {
            this.mDelegate.loginRequiresRSAUserPin(headerField3);
        } else {
            this.mDelegate.loginDidFail(headerField3);
        }
    }

    private void onReceiveRsaNextCodeResponse(HttpsURLConnection httpsURLConnection) throws IOException {
        logger.logDebug(TAG, "Received RSA next code response");
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user; ignoring response");
            this.mDelegate.loginCancelledByUser();
            return;
        }
        logger.logDebug(TAG, httpsURLConnection.getHeaderFields().toString());
        try {
            logResponsePageContent(httpsURLConnection);
        } catch (IOException e) {
            logger.logError(TAG, e);
        }
        String headerField = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR);
        String headerField2 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR_RESULT);
        String headerField3 = httpsURLConnection.getHeaderField("X-NE-message");
        String headerField4 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_PDA);
        this.mRsaState = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_RSA_STATE);
        getPasswordExpirationDaysHeader(httpsURLConnection, false);
        getUserMayChangePassswordHeader(httpsURLConnection, false);
        getSraBookmarkVersionHeader(httpsURLConnection, false);
        if ("0".equals(headerField2)) {
            this.mEncodedSessionId = SraHttpClientManager.getCookie("swap");
            if (NETEXTENDER_PDA_REQUIRED.equals(headerField4)) {
                this.mDelegate.loginRequiresPDAuth();
            }
            loginDidSucceed();
            return;
        }
        if ("2".equals(headerField2)) {
            this.mDelegate.loginDidFail(headerField3);
        } else if ("1".equals(headerField2) && NETEXTENDER_TWOFACTOR_NEXT_CODE.equals(headerField)) {
            this.mDelegate.loginRequiresRSANextCode(headerField3);
        } else {
            this.mDelegate.loginDidFail(headerField3);
        }
    }

    private void onReceiveRsaPinResponse(HttpsURLConnection httpsURLConnection) {
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user; ignoring response");
            this.mDelegate.loginCancelledByUser();
            return;
        }
        logger.logDebug(TAG, httpsURLConnection.getHeaderFields().toString());
        try {
            logResponsePageContent(httpsURLConnection);
        } catch (IOException e) {
            logger.logError(TAG, e);
        }
        String headerField = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR);
        String headerField2 = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_TWOFACTOR_RESULT);
        String headerField3 = httpsURLConnection.getHeaderField("X-NE-message");
        this.mRsaState = httpsURLConnection.getHeaderField(NETEXTENDER_HEADER_RSA_STATE);
        getPasswordExpirationDaysHeader(httpsURLConnection, false);
        getUserMayChangePassswordHeader(httpsURLConnection, false);
        if ("2".equals(headerField2)) {
            this.mDelegate.loginDidFail(headerField3);
            return;
        }
        if ("0".equals(headerField2)) {
            this.mDelegate.loginRequiresRelogin(headerField3);
            return;
        }
        if (NETEXTENDER_TWOFACTOR_SYS_NEW_PIN.equals(headerField)) {
            this.mDelegate.loginRequiresRSASysPin(headerField3);
        } else if ("2".equals(headerField)) {
            this.mDelegate.loginRequiresRSAUserPin(headerField3);
        } else {
            this.mDelegate.loginDidFail(headerField3);
        }
    }

    private void onReceiveRsaSysReplyResponse(HttpsURLConnection httpsURLConnection) {
        logger.logDebug(TAG, "Received RSA sys PIN response");
        onReceiveRsaPinResponse(httpsURLConnection);
    }

    private void onReceiveRsaUserPinResponse(HttpsURLConnection httpsURLConnection) {
        logger.logDebug(TAG, "Received RSA user PIN response");
        onReceiveRsaPinResponse(httpsURLConnection);
    }

    private void onReceiveSAMLResponse(String str) {
        String onReceiveCallGetApi = onReceiveCallGetApi(str, "status");
        if (this.mCancelled) {
            logger.logDebug(TAG, "Login cancelled by user; ignoring response");
            this.mDelegate.loginCancelledByUser();
            return;
        }
        this.mEncodedSessionId = SraHttpClientManager.getCookie("swap");
        if (AUTHENTICATE_API_NEED_SAML_LOGOUT.equals(onReceiveCallGetApi)) {
            this.mDelegate.loginCancelledByUser();
            return;
        }
        if (AUTHENTICATE_API_NEED_PDA.equals(onReceiveCallGetApi)) {
            this.mDelegate.loginRequiresPDAuth();
            loginDidSucceed();
        } else if ("success".equals(onReceiveCallGetApi) || AUTHENTICATE_API_NEED_EPC.equals(onReceiveCallGetApi)) {
            this.mDelegate.loginDidSucceed();
        } else {
            this.mDelegate.loginDidFail(onReceiveCallGetApi);
        }
    }

    private boolean validateLoginParams(String str, String str2, String str3, boolean z, boolean z2) {
        return (z || z2 || !(isEmptyString(str) || isEmptyString(str2))) && !isEmptyString(str3);
    }

    public String callAuthenticateApi(String str, String str2, VPNConfiguration vPNConfiguration) throws IOException {
        String str3 = "https://" + this.mServer + "/__api__/v1/" + str;
        if (str.indexOf("authenticate") > 0 && this.mDomain != null) {
            StringBuilder sb = new StringBuilder();
            sb.append(str3);
            sb.append("?userName=");
            String str4 = this.mUsername;
            String str5 = BuildConfig.FLAVOR;
            sb.append(str4 != null ? URLEncoder.encode(str4, "UTF-8") : BuildConfig.FLAVOR);
            sb.append("&password=");
            if (vPNConfiguration.getPassword() != null) {
                str5 = URLEncoder.encode(vPNConfiguration.getPassword(), "UTF-8");
            }
            sb.append(str5);
            sb.append("&domainName=");
            sb.append(URLEncoder.encode(this.mDomain, "UTF-8"));
            sb.append("&clientSupportPDA=true");
            str3 = sb.toString();
        }
        String str6 = null;
        try {
            HttpsURLConnection initSSL = SraHttpClientManager.initSSL(str3, this.mServer, null, null, false);
            initSSL.setRequestProperty("accept-charset", "UTF-8");
            initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
            str6 = SraHttpClientManager.get(initSSL);
        } catch (Exception e) {
            logger.logError(TAG, e.toString());
        }
        return onReceiveCallGetApi(str6, str2);
    }

    public void cancel() {
        this.mCancelled = true;
    }

    public String getEncodedSessionId() {
        return this.mEncodedSessionId;
    }

    public String getServer() {
        return this.mServer;
    }

    public int getSraBookmarkVersion() {
        return this.mSraBookmarkVersion;
    }

    public boolean isFingerprintEnabled() {
        if (Util.isFingerprintAvailable()) {
            return PreferenceManager.getDefaultSharedPreferences(this.mContext).getBoolean(SettingsFragment.KEY_FINGERPRINT_AUTH, false);
        }
        return false;
    }

    public void loginToServer(int i, String str, String str2, String str3, String str4, boolean z, boolean z2, boolean z3) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        logger.logDebug(TAG, "loginToServer()");
        if (!validateLoginParams(str2, str3, str4, z, z2)) {
            if (!z2 && !z && !z3 && ((isEmptyString(str2) || isEmptyString(str3)) && Util.isFingerprintAvailable())) {
                VPNConfiguration fingerprintCredentials = getFingerprintCredentials(i, str, str2);
                if (!isEmptyString(fingerprintCredentials.getUsername()) && !isEmptyString(fingerprintCredentials.getPassword())) {
                    this.mDelegate.loginRequiresFingerprintCredentials(fingerprintCredentials.getUsername(), fingerprintCredentials.getPassword(), str4);
                    return;
                }
            }
            VPNConfiguration vPNConfiguration = new VPNConfiguration();
            vPNConfiguration.setID(i);
            vPNConfiguration.setHostAddress(str);
            vPNConfiguration.setUsername(str2);
            vPNConfiguration.setPassword(str3);
            vPNConfiguration.setDomain(str4);
            this.mDelegate.loginRequiresBasicCredentials(vPNConfiguration);
            return;
        }
        this.mServer = str;
        this.mUsername = str2;
        this.mDomain = str4;
        this.mIsCAAuth = z;
        this.mIsSAMLAuth = z2;
        this.mRsaState = null;
        this.mEncodedSessionId = null;
        SraHttpClientManager.clearCookies();
        String format = String.format(USER_LOGIN_URL_FORMAT, str);
        logger.logDebug(TAG, "url = " + format);
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL(format, this.mServer, this, this.mClientCertAlias, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setRequestProperty(NETEXTENDER_HEADER_PDA, "true");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        initSSL.setRequestProperty(NETEXTENDER_HEADER_SESSIONPROMPT, "true");
        StringBuilder sb = new StringBuilder();
        sb.append("username=");
        String str5 = BuildConfig.FLAVOR;
        sb.append(str2 == null ? BuildConfig.FLAVOR : URLEncoder.encode(str2, "UTF-8"));
        sb.append("&password=");
        sb.append(str3 == null ? BuildConfig.FLAVOR : URLEncoder.encode(str3, "UTF-8"));
        sb.append("&domain=");
        if (str4 != null) {
            str5 = URLEncoder.encode(str4, "UTF-8");
        }
        sb.append(str5);
        sb.append("&login=true&web=true");
        String sb2 = sb.toString();
        logger.logDebug(TAG, "Sending login request");
        SraHttpClientManager.post(initSSL, sb2);
        onReceiveLoginResponse(initSSL);
        SraHttpClientManager.cacheHostname(format);
        SraHttpClientManager.cacheLocalAddr(initSSL);
    }

    public void loginToServerPending(String str) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        if (!validateLoginParams(this.mUsername, str, this.mDomain, this.mIsCAAuth, this.mIsSAMLAuth)) {
            this.mDelegate.loginRequiresBasicCredentials(null);
            return;
        }
        String format = String.format(USER_LOGIN_URL_FORMAT, this.mServer);
        logger.logDebug(TAG, "url = " + format);
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL(format, this.mServer, this, this.mClientCertAlias, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setRequestProperty(NETEXTENDER_HEADER_PDA, "true");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        initSSL.setRequestProperty(NETEXTENDER_HEADER_PENDINGID, str);
        StringBuilder sb = new StringBuilder();
        sb.append("username=");
        String str2 = this.mUsername;
        String str3 = BuildConfig.FLAVOR;
        sb.append(str2 == null ? BuildConfig.FLAVOR : URLEncoder.encode(str2, "UTF-8"));
        sb.append("&domain=");
        String str4 = this.mDomain;
        sb.append(str4 == null ? BuildConfig.FLAVOR : URLEncoder.encode(str4, "UTF-8"));
        sb.append("&pendingId=");
        if (str != null) {
            str3 = URLEncoder.encode(str, "UTF-8");
        }
        sb.append(str3);
        sb.append("&login=true&web=true");
        String sb2 = sb.toString();
        logger.logDebug(TAG, "Sending login request with remove old session");
        SraHttpClientManager.post(initSSL, sb2);
        onReceiveLoginResponse(initSSL);
        SraHttpClientManager.cacheHostname(format);
        SraHttpClientManager.cacheLocalAddr(initSSL);
    }

    @Override // com.sonicwall.mobileconnect.util.TrustManagerListener
    public void onFailVerifyHostname(String str, CertDetails certDetails) {
        this.mDelegate.loginFailVerifyHost(new ServerCertHostnameMismatchException(str, certDetails));
    }

    public void sendLogout() throws IOException, URISyntaxException, KeyManagementException, NoSuchAlgorithmException {
        String str;
        String str2 = "https://" + this.mServer + "/cgi-bin/userLogout";
        if (this.mIsSAMLAuth) {
            str2 = "https://" + this.mServer + "/__api__/v1/logon/logout";
            str = BuildConfig.FLAVOR;
        } else {
            str = "userLogout=1";
        }
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL(str2, this.mServer, null, null, true);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        initSSL.setRequestProperty("User-Agent", Util.getUserAgentString());
        SraHttpClientManager.addCookie("swap", this.mEncodedSessionId, this.mServer, "/");
        try {
            try {
                SraHttpClientManager.post(initSSL, str);
                onReceiveLogoutResponse(initSSL);
            } catch (Exception e) {
                logger.logError(TAG, "Failed to send logout: " + e.getCause());
                if (e.getCause() != null) {
                    logger.logError(TAG, e);
                }
            }
        } finally {
            SraHttpClientManager.clearHostnameCacheReference(initSSL);
        }
    }

    public void sendOtp(String str) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL("https://" + this.mServer + "/cgi-bin/otpLogin", this.mServer, null, null, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        String str2 = "password=" + URLEncoder.encode(str, "UTF-8");
        logger.logDebug(TAG, "Sending OTP");
        SraHttpClientManager.post(initSSL, str2);
        onReceiveOtpResponse(initSSL);
    }

    public void sendPasswordChange(String str, String str2) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL("https://" + this.mServer + "/cgi-bin/loginChangePass", this.mServer, null, null, true);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        String str3 = "fromSAC=1&username=" + URLEncoder.encode(this.mUsername, "UTF-8") + "&domain=" + URLEncoder.encode(this.mDomain, "UTF-8") + "&oldPass=" + URLEncoder.encode(str, "UTF-8") + "&newPass1=" + URLEncoder.encode(str2, "UTF-8") + "&newPass2=" + URLEncoder.encode(str2, "UTF-8");
        this.mNewPassword = str2;
        try {
            SraHttpClientManager.post(initSSL, str3);
            onReceivePasswordChangeResponse(initSSL);
        } finally {
            SraHttpClientManager.clearHostnameCacheReference(initSSL);
        }
    }

    public void sendRadiusHandshake(String str) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL("https://" + this.mServer + "/cgi-bin/userLogin", this.mServer, null, null, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        initSSL.setRequestProperty(NETEXTENDER_HEADER_PDA, "true");
        SraHttpClientManager.post(initSSL, "state=RADIUSCHALLENGE&radiusReply=" + URLEncoder.encode(str, "UTF-8") + "&pstate=" + URLEncoder.encode(this.mRsaState, "UTF-8") + "&username=" + URLEncoder.encode(this.mUsername, "UTF-8") + "&domain=" + URLEncoder.encode(this.mDomain, "UTF-8"));
        onReceiveRadiusHandshakeResponse(initSSL);
    }

    public void sendRsaNextCode(String str) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL("https://" + this.mServer + "/cgi-bin/userLogin", this.mServer, null, null, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        initSSL.setRequestProperty(NETEXTENDER_HEADER_PDA, "true");
        SraHttpClientManager.post(initSSL, "state=RSANEWPIN&nextcode=" + URLEncoder.encode(str, "UTF-8") + "&pstate=" + URLEncoder.encode(this.mRsaState, "UTF-8") + "&username=" + URLEncoder.encode(this.mUsername, "UTF-8") + "&domain=" + URLEncoder.encode(this.mDomain, "UTF-8"));
        onReceiveRsaNextCodeResponse(initSSL);
    }

    public void sendRsaSysReply(String str) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL("https://" + this.mServer + "/cgi-bin/userLogin", this.mServer, null, null, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        initSSL.setRequestProperty(NETEXTENDER_HEADER_PDA, "true");
        SraHttpClientManager.post(initSSL, "state=RSANEWPIN&sysreply=" + URLEncoder.encode(str, "UTF-8") + "&pstate=" + URLEncoder.encode(this.mRsaState, "UTF-8") + "&username=" + URLEncoder.encode(this.mUsername, "UTF-8") + "&domain=" + URLEncoder.encode(this.mDomain, "UTF-8"));
        onReceiveRsaSysReplyResponse(initSSL);
    }

    public void sendRsaUserPin(String str) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL("https://" + this.mServer + "/cgi-bin/userLogin", this.mServer, null, null, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        initSSL.setRequestProperty(NETEXTENDER_HEADER_PDA, "true");
        SraHttpClientManager.post(initSSL, "state=RSANEWPIN&reply=" + URLEncoder.encode(str, "UTF-8") + "&rereply=" + URLEncoder.encode(str, "UTF-8") + "&pstate=" + URLEncoder.encode(this.mRsaState, "UTF-8") + "&username=" + URLEncoder.encode(this.mUsername, "UTF-8") + "&domain=" + URLEncoder.encode(this.mDomain, "UTF-8"));
        onReceiveRsaUserPinResponse(initSSL);
    }

    public void sendSAMLResponse(String str) throws IOException, KeyManagementException, NoSuchAlgorithmException {
        HttpsURLConnection initSSL = SraHttpClientManager.initSSL("https://" + this.mServer + "/__api__/v1/logon/" + str + "/status", this.mServer, null, null, false);
        initSSL.setRequestProperty("accept-charset", "UTF-8");
        initSSL.setReadTimeout(SraHttpClientManager.HTTP_READ_TIMEOUT);
        onReceiveSAMLResponse(SraHttpClientManager.get(initSSL));
    }

    public void setClientCertAlias(String str) {
        this.mClientCertAlias = str;
    }

    public void setContext(Context context) {
        this.mContext = context;
    }

    public void setDelegate(SraLoginManagerDelegate sraLoginManagerDelegate) {
        this.mDelegate = sraLoginManagerDelegate;
    }

    public void setVPNConfiguration(VPNConfiguration vPNConfiguration) {
        this.mVPNConfiguration = vPNConfiguration;
    }
}
