package com.citrix.client.authmanager.accessgateway;

import android.util.Log;
import com.citrix.client.authmanager.accessgateway.AccessGateway;
import com.citrix.client.authmanager.accessgateway.authentication.AgAuthResult;
import com.citrix.client.authmanager.accessgateway.authentication.AgAuthResultStdEdition;
import com.citrix.client.authmanager.accessgateway.authentication.AgRsaAuthnData;
import com.citrix.client.authmanager.accessgateway.authentication.AgRsaDomainAuthnData;
import com.citrix.client.authmanager.accessgateway.callbacks.GatewayUserInputCallbackHandler;
import com.citrix.client.authmanager.accessgateway.networking.HttpHelper;
import com.citrix.client.httputilities.CookieKeyValuePair;
import com.citrix.client.pnagent.enums.AsyncTaskStatus;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.ProtocolException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import org.htmlparser.Parser;
import org.htmlparser.filters.NodeClassFilter;
import org.htmlparser.tags.InputTag;
import org.htmlparser.tags.ScriptTag;
import org.htmlparser.util.NodeList;
import org.htmlparser.util.ParserException;

/* loaded from: classes.dex */
public class AgStdEdition extends AccessGateway {
    public static final String NET6_COOKIE = "net6_cookie";
    public static final String NET6_USER_SESSION_COOKIE = "net6_user_session";

    private char[] buildNewPinString(char[] cArr) {
        String str = new String(cArr);
        return String.format(AccessGatewaySupport.SE_NEW_PIN_STRING_UNFORMATTED, str, str).toCharArray();
    }

    private char[] buildNextTokencodeString(String str) {
        return String.format(AccessGatewaySupport.SE_NEXT_TOKENCODE_STRING_UNFORMATTED, str, str).toCharArray();
    }

    private int determineResponseType(HttpsURLConnection httpsURLConnection) throws ParserException {
        int i = 0;
        NodeList extractAllNodesThatMatch = new Parser(httpsURLConnection).extractAllNodesThatMatch(new NodeClassFilter(InputTag.class));
        int size = extractAllNodesThatMatch.size();
        for (int i2 = 0; i2 < size && i == 0; i2++) {
            String attribute = ((InputTag) extractAllNodesThatMatch.elementAt(i2)).getAttribute("name");
            if (AccessGatewaySupport.SE_VAR_NEXT_TOKENCODE.equalsIgnoreCase(attribute) || AccessGatewaySupport.SE_VAR_VERIFY_NEXT_TOKENCODE.equalsIgnoreCase(attribute)) {
                Log.v("determineResponseType", "Detected next tokencode request");
                i = 2;
            } else if (AccessGatewaySupport.SE_VAR_NEW_PIN.equalsIgnoreCase(attribute) || AccessGatewaySupport.SE_VAR_VERIFY_NEW_PIN.equalsIgnoreCase(attribute)) {
                Log.v("determineResponseType", "Detected new pin page");
                i = 1;
            }
        }
        return i;
    }

    private void getCookies(HttpsURLConnection httpsURLConnection, AgAuthResultStdEdition agAuthResultStdEdition) {
        CookieKeyValuePair[] cookieKeyValuePairArr = {new CookieKeyValuePair(NET6_COOKIE), new CookieKeyValuePair(NET6_USER_SESSION_COOKIE)};
        HttpHelper.getNamedCookies(httpsURLConnection, cookieKeyValuePairArr);
        agAuthResultStdEdition.set_net6_cookie(cookieKeyValuePairArr[0]);
        agAuthResultStdEdition.set_net6_user_session(cookieKeyValuePairArr[1]);
    }

    private boolean getNextTokencodeAfterPinChangedSuccessfully(AgAuthResultStdEdition agAuthResultStdEdition) {
        if (!this.m_userInputCallback.displayPinChangedSuccessfullyNextTokencodeDialog()) {
            Log.v("handleNextTokencodeAfterPinChange", "User cancelled dialog - ending");
            agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusUserCancelled);
            return false;
        }
        String nextTokencode = this.m_userInputCallback.getNextTokencode();
        if (this.m_authnData instanceof AgRsaAuthnData) {
            ((AgRsaAuthnData) this.m_authnData).setTokenCode(nextTokencode);
        } else {
            ((AgRsaDomainAuthnData) this.m_authnData).setTokenCode(nextTokencode);
        }
        Log.v("handleNextTokencodeAfterPinChange", "Got next tokencode will restart login process with new tokencode");
        return true;
    }

    private boolean handleNewPinRequest(AgAuthResultStdEdition agAuthResultStdEdition) throws MalformedURLException, IOException, ParserException {
        CookieKeyValuePair[] cookies = agAuthResultStdEdition.getCookies();
        if (!this.m_userInputCallback.displayNewPinDialog()) {
            Log.v("handleNewPinRequest", "User cancelled dialog");
            agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusUserCancelled);
            return false;
        }
        HttpsURLConnection httpsPost = httpsPost(null, buildNewPinString(this.m_userInputCallback.getNewPin()), cookies);
        if (200 != httpsPost.getResponseCode()) {
            return false;
        }
        Log.v("handleNewPinRequest", "Received 200 OK response code from post of new PIN - checking to see whether PIN was successfully changed");
        if (isPinChangedSuccessfullyPage(httpsPost)) {
            Log.v("handleNewPinRequest", "PIN was successfully changed - now need to get the next tokencode and relogin");
            return getNextTokencodeAfterPinChangedSuccessfully(agAuthResultStdEdition);
        }
        Log.v("handleNewPinRequest", "NEW PIN was not accepted - failing - trying again");
        return true;
    }

    private boolean handleNextTokencodeRequest(AgAuthResultStdEdition agAuthResultStdEdition) throws MalformedURLException, IOException {
        CookieKeyValuePair[] cookies = agAuthResultStdEdition.getCookies();
        if (!this.m_userInputCallback.displayNextTokencodeDialog()) {
            Log.v("handleNextTokencodeRequest", "User cancelled dialog");
            agAuthResultStdEdition.setTaskResult(this.m_userInputCallback.getAuthTaskResult());
            return false;
        }
        HttpsURLConnection httpsPost = httpsPost(null, buildNextTokencodeString(this.m_userInputCallback.getNextTokencode()), cookies);
        int responseCode = httpsPost.getResponseCode();
        if (200 != responseCode) {
            Log.v("handleNextTokencodeRequest", "POST of new tokencode returned invalid response of " + responseCode + " restarting authn");
            return true;
        }
        Log.v("handleNextTokencodeRequest", "POST of new tokencode returned 200 OK response code");
        getCookies(httpsPost, agAuthResultStdEdition);
        if (agAuthResultStdEdition.get_net6_cookie() == null || agAuthResultStdEdition.get_net6_user_session() == null) {
            Log.v("handleNextTokencodeRequest", "Not all cookies were returned-expecting all cookies by this stage");
            return true;
        }
        Log.v("handleNextTokencodeRequest", "Authentication succeeded after next tokencode request");
        agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusSuccess);
        return false;
    }

    private boolean isPinChangedSuccessfullyPage(HttpURLConnection httpURLConnection) throws ParserException {
        Parser parser = new Parser(httpURLConnection);
        parser.setEncoding("UTF-8");
        NodeList extractAllNodesThatMatch = parser.extractAllNodesThatMatch(new NodeClassFilter(ScriptTag.class));
        int size = extractAllNodesThatMatch.size();
        for (int i = 0; i < size; i++) {
            if (((ScriptTag) extractAllNodesThatMatch.elementAt(0)).getScriptCode().contains("var PIN_change_succeeded = true")) {
                return true;
            }
        }
        return false;
    }

    private boolean isPreAuthPage(HttpsURLConnection httpsURLConnection) {
        boolean z = false;
        try {
            Parser parser = new Parser(httpsURLConnection);
            parser.setEncoding("UTF-8");
            NodeList extractAllNodesThatMatch = parser.extractAllNodesThatMatch(new NodeClassFilter(ScriptTag.class));
            int size = extractAllNodesThatMatch.size();
            for (int i = 0; !z && i < size; i++) {
                if (((ScriptTag) extractAllNodesThatMatch.elementAt(i)).getScriptCode().toLowerCase().contains("prescan")) {
                    z = true;
                }
            }
        } catch (ParserException e) {
            e.printStackTrace();
        }
        return z;
    }

    private void performAuthentication(AgAuthResultStdEdition agAuthResultStdEdition) throws IOException {
        boolean z;
        boolean z2 = false;
        do {
            z = false;
            try {
                agAuthResultStdEdition.clearCookies();
                Log.v("performAuthentication", "Perfoming HTTPS GET OF ROOOT");
                HttpsURLConnection httpsGet = httpsGet("/", null);
                int responseCode = httpsGet.getResponseCode();
                if (responseCode == 200) {
                    Log.v("performAuthentication", "HTTPS GET returned 200 status code - looking for pre-auth page");
                    if (isPreAuthPage(httpsGet)) {
                        Log.v("performAuthentication", "Detected pre-auth is in use");
                        agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusAGPreAuthEnabled);
                    } else {
                        Log.v("performAuthentication", "performing HTTPS POST to " + this.m_address);
                        HttpsURLConnection httpsPost = httpsPost(null, this.m_authnData.getHttpLoginString(0), null);
                        int responseCode2 = httpsPost.getResponseCode();
                        if (200 == responseCode2) {
                            Log.v("performAuthentication", "HTTPS POST returned 200 OK, looking for cookies....");
                            getCookies(httpsPost, agAuthResultStdEdition);
                            if (agAuthResultStdEdition.get_net6_cookie() != null && agAuthResultStdEdition.get_net6_user_session() != null) {
                                Log.v("performAuthentication", "Authentication successful - received net6_cookie and net6_user_session");
                                agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusSuccess);
                            } else if (agAuthResultStdEdition.get_net6_cookie() != null || agAuthResultStdEdition.get_net6_user_session() == null) {
                                if (this.m_agAuthMode != 3 || z2) {
                                    Log.v("performAuthentication", "Cookies not returned - failing with auth failed");
                                    agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusAGAuthenticationFailed);
                                } else {
                                    Log.v("performAuthentication", "Swapping primary and secondary auth for AGSE - might be a misconfigured gateway");
                                    ((AgRsaDomainAuthnData) this.m_authnData).swapPrimaryAndSecondaryFields();
                                    z2 = true;
                                    z = true;
                                }
                            } else if (this.m_agAuthMode == 3 || this.m_agAuthMode == 2) {
                                Log.v("performAuthentication", "Partial authentication -- looks like a form was returned - processing form");
                                z = processServerChallenge(httpsPost, agAuthResultStdEdition);
                            } else {
                                Log.v("performAuthentication", "Partial authentication when RSA not in use - bad state, failing");
                                agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusAGUnexpectedResponse);
                            }
                        } else {
                            Log.v("performAuthentication", "POST of credentials returned status code " + responseCode2 + " invalid credentials");
                            agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusAGAuthenticationFailed);
                        }
                    }
                } else {
                    Log.v("performAuthentication", "HTTPS GET OF ROOT returned response code " + responseCode);
                    agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusAGUnexpectedResponse);
                }
            } catch (UnsupportedEncodingException e) {
                Log.v("performAuthentication", "Caught UnsupportedEncodingException");
                agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusInvalidAddress);
                e.printStackTrace();
                return;
            } catch (ProtocolException e2) {
                Log.v("performAuthentication", "Caught ProtocolException");
                agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusProtocolException);
                e2.printStackTrace();
                return;
            }
        } while (z);
    }

    private boolean processServerChallenge(HttpsURLConnection httpsURLConnection, AgAuthResultStdEdition agAuthResultStdEdition) {
        boolean z = false;
        try {
            switch (determineResponseType(httpsURLConnection)) {
                case 1:
                    Log.v("startAgSeFormProcessing", "Detected new PIN request page");
                    z = handleNewPinRequest(agAuthResultStdEdition);
                    break;
                case 2:
                    Log.v("startAgSeFormProcessing", "Detected next tokencode request page");
                    z = handleNextTokencodeRequest(agAuthResultStdEdition);
                    break;
                default:
                    Log.v("startAgSeFormProcessing", "This is neither a next tokencode nor a new PIN request - failing");
                    agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusAGUnexpectedResponse);
                    break;
            }
        } catch (MalformedURLException e) {
            e.printStackTrace();
            agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusInvalidAddress);
        } catch (IOException e2) {
            e2.printStackTrace();
            agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusIOException);
        } catch (ParserException e3) {
            e3.printStackTrace();
            agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusAGUnexpectedResponse);
        }
        return z;
    }

    @Override // com.citrix.client.authmanager.accessgateway.AccessGateway
    public AgAuthResult authenticate(SSLSocketFactory sSLSocketFactory, AccessGateway.AuthenticationTarget authenticationTarget, GatewayUserInputCallbackHandler gatewayUserInputCallbackHandler) {
        Log.v("authenticate", "AGSE entry");
        this.m_userInputCallback = gatewayUserInputCallbackHandler;
        this.m_sslSocketFactory = sSLSocketFactory;
        AgAuthResultStdEdition agAuthResultStdEdition = new AgAuthResultStdEdition();
        boolean z = true;
        try {
            resolveAddressAndPath();
        } catch (MalformedURLException e) {
            Log.v("authenticate", "Caught MalformedURLException");
            e.printStackTrace();
            z = false;
            agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusInvalidAddress);
        }
        if (z) {
            try {
                performAuthentication(agAuthResultStdEdition);
            } catch (MalformedURLException e2) {
                agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusInvalidAddress);
                e2.printStackTrace();
            } catch (IOException e3) {
                agAuthResultStdEdition.setTaskResult(AsyncTaskStatus.StatusIOException);
                e3.printStackTrace();
            }
        }
        if (AsyncTaskStatus.StatusSuccess == agAuthResultStdEdition.getTaskResult()) {
            if (this.m_userConfigXmlPath.equals("")) {
                agAuthResultStdEdition.setConfigXmlPath(this.m_address + AccessGatewaySupport.DefaultConfigXmlPath);
            } else {
                agAuthResultStdEdition.setConfigXmlPath(this.m_address + this.m_userConfigXmlPath);
            }
            Log.v("authenticate", "configXmlPath = " + agAuthResultStdEdition.getConfigXmlPath());
        }
        return agAuthResultStdEdition;
    }

    @Override // com.citrix.client.authmanager.accessgateway.AccessGateway
    public void clearSessionState(AgAuthResult agAuthResult) {
    }
}
