package com.sangfor.vpn.client.service.mdm.operation;

import android.app.admin.DevicePolicyManager;
import android.content.BroadcastReceiver;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.Handler;
import android.os.Message;
import com.sangfor.vpn.client.service.mdm.MdmProto;
import com.sangfor.vpn.client.service.mdm.register.AdminReceiver;
import com.sangfor.vpn.client.service.utils.logger.Log;
import com.sangfor.vpn.client.service.utils.plist.NSDictionary;
import com.sangfor.vpn.client.service.utils.plist.NSNumber;
import com.sangfor.vpn.client.service.utils.plist.NSString;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;

/* loaded from: classes.dex */
public class PasswordPolicy implements IMdmPolicy {
    public static final String EXTRAS_KEY_DEVICE_ADMIN_REPORT = "PasswordPolicy.DeviceAdminReport";
    private static final String KEY_ALLOW_SIMPLE = "allowSimple";
    private static final String KEY_MAX_FAILED_ATTEMPTS = "maxFailedAttempts";
    private static final String KEY_MAX_GRACE_PERIODS = "maxGracePeriod";
    private static final String KEY_MAX_INACTIVITY = "maxInactivity";
    private static final String KEY_MAX_PINAGE_INDAYS = "maxPINAgeInDays";
    private static final String KEY_MIN_LENGTH = "minLength";
    private static final String KEY_PIN_HISTORY = "pinHistory";
    private static final int MSG_NEWPASSWORD_STOPPED = 2;
    private static final int MSG_PASSWORD_CHANGED = 4;
    private static final int MSG_PASSWORD_EXPIRATION = 3;
    private static final int MSG_STOP_NEW_PASSWORD_TIMER = 1;
    private static final String TAG = "PasswordPolicy";
    private static final NSNumber VALUE_CLEAR = NSNumber.wrap(0L);
    private static final String VALUE_FALSE = "false";
    private static final String VALUE_TRUE = "true";
    private ComponentName mComponentName;
    private Context mContext;
    private int mMaxFailedAttempts;
    private long mMaxGracePeriod;
    private long mMaxInactivity;
    private long mMaxPinAgeInDays;
    private int mMinLength;
    private ScheduledFuture mNewPasswordTask;
    private MdmPolicyManager mParent;
    private PASSWORD_FORMAT mPasswordFormat;
    private int mPinHistory;
    private DevicePolicyManager mPolicyManager;
    private ScheduledExecutorService mTimer;
    private BroadcastReceiver mNewPasswordStopped = new BroadcastReceiver() { // from class: com.sangfor.vpn.client.service.mdm.operation.PasswordPolicy.1
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            PasswordPolicy.this.mHandler.sendEmptyMessage(2);
        }
    };
    private BroadcastReceiver mPasswordExpirationReceiver = new BroadcastReceiver() { // from class: com.sangfor.vpn.client.service.mdm.operation.PasswordPolicy.2
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            PasswordPolicy.this.mHandler.sendEmptyMessage(3);
        }
    };
    private BroadcastReceiver mPasswordChangedReceiver = new BroadcastReceiver() { // from class: com.sangfor.vpn.client.service.mdm.operation.PasswordPolicy.3
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            PasswordPolicy.this.mHandler.sendEmptyMessage(4);
        }
    };
    private Handler mHandler = new Handler() { // from class: com.sangfor.vpn.client.service.mdm.operation.PasswordPolicy.4
        /* JADX WARN: Failed to find 'out' block for switch in B:2:0x0004. Please report as an issue. */
        @Override // android.os.Handler
        public void handleMessage(Message message) {
            switch (message.what) {
                case 1:
                    if (PasswordPolicy.this.mNewPasswordTask == null) {
                        return;
                    }
                    PasswordPolicy.this.mNewPasswordTask.cancel(false);
                    PasswordPolicy.this.mNewPasswordTask = null;
                    return;
                case 2:
                    Boolean bool = (Boolean) message.obj;
                    if (bool == null || !bool.booleanValue()) {
                        PasswordPolicy.this.onNewPasswordStopped();
                        return;
                    }
                    if (PasswordPolicy.this.mNewPasswordTask == null) {
                        return;
                    }
                    PasswordPolicy.this.mNewPasswordTask.cancel(false);
                    PasswordPolicy.this.mNewPasswordTask = null;
                    return;
                case 3:
                    PasswordPolicy.this.onPasswordExpiration();
                    return;
                case 4:
                    PasswordPolicy.this.onPasswordChanged();
                    return;
                default:
                    return;
            }
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public enum PASSWORD_FORMAT {
        ANY,
        SIMPLE,
        COMPLEX
    }

    private void checkPassword() {
        if (this.mNewPasswordTask != null) {
            this.mNewPasswordTask.cancel(false);
            this.mNewPasswordTask = null;
        }
        if (isPasswordValid()) {
            return;
        }
        this.mNewPasswordTask = this.mTimer.scheduleWithFixedDelay(new Runnable() { // from class: com.sangfor.vpn.client.service.mdm.operation.PasswordPolicy.5
            @Override // java.lang.Runnable
            public void run() {
                if (PasswordPolicy.this.isPasswordValid()) {
                    PasswordPolicy.this.mHandler.sendEmptyMessage(1);
                    return;
                }
                Intent intent = new Intent(PasswordPolicy.this.mContext, (Class<?>) NewPasswordActivity.class);
                intent.setFlags(268435456);
                PasswordPolicy.this.mContext.startActivity(intent);
            }
        }, 0L, 1L, TimeUnit.MINUTES);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isPasswordValid() {
        if (this.mPasswordFormat == PASSWORD_FORMAT.ANY) {
            return true;
        }
        try {
            if (!this.mPolicyManager.isActivePasswordSufficient()) {
                Log.a(TAG, "password format is invalid");
                return false;
            }
            if (this.mMaxPinAgeInDays != 0) {
                long passwordExpiration = this.mPolicyManager.getPasswordExpiration(this.mComponentName);
                if (passwordExpiration > 0 && passwordExpiration - System.currentTimeMillis() < 0) {
                    Log.a(TAG, "password expired:" + this.mPolicyManager.getPasswordExpiration(this.mComponentName) + " now:" + System.currentTimeMillis());
                    return false;
                }
                Log.a(TAG, "password not expired:" + this.mPolicyManager.getPasswordExpiration(this.mComponentName) + " now:" + System.currentTimeMillis());
            }
            return true;
        } catch (Exception e) {
            Log.a(TAG, "check password fail", e.getCause());
            e.printStackTrace();
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onNewPasswordStopped() {
        Log.a(TAG, "new password stopped");
        checkPassword();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onPasswordChanged() {
        setPasswordExpiration();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onPasswordExpiration() {
        Log.a(TAG, "password expired");
        checkPassword();
    }

    private void setPasswordExpiration() {
        try {
            if (this.mPasswordFormat == PASSWORD_FORMAT.COMPLEX) {
                this.mPolicyManager.setPasswordExpirationTimeout(this.mComponentName, this.mMaxPinAgeInDays * 24 * 60 * 60 * 1000);
            } else {
                this.mPolicyManager.setPasswordExpirationTimeout(this.mComponentName, 0L);
            }
        } catch (Exception e) {
            Log.a(TAG, "set password expiration fail", e.getCause());
            e.printStackTrace();
        }
    }

    private boolean setPasswordPolicy() {
        DevicePolicyManager devicePolicyManager;
        ComponentName componentName;
        int i;
        if (!this.mPolicyManager.isAdminActive(this.mComponentName)) {
            Log.a(TAG, "EC is not MDM Admin");
            return false;
        }
        try {
            if (this.mPasswordFormat == PASSWORD_FORMAT.ANY) {
                this.mPolicyManager.setPasswordQuality(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumLength(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumNumeric(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumLetters(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumSymbols(this.mComponentName, 0);
                this.mPolicyManager.setMaximumTimeToLock(this.mComponentName, 0L);
                this.mPolicyManager.setPasswordHistoryLength(this.mComponentName, 0);
                this.mPolicyManager.setMaximumFailedPasswordsForWipe(this.mComponentName, 0);
            } else {
                if (this.mPasswordFormat == PASSWORD_FORMAT.SIMPLE) {
                    this.mPolicyManager.setPasswordQuality(this.mComponentName, 65536);
                    this.mPolicyManager.setPasswordMinimumLength(this.mComponentName, 0);
                    this.mPolicyManager.setPasswordMinimumNumeric(this.mComponentName, 0);
                    this.mPolicyManager.setPasswordMinimumLetters(this.mComponentName, 0);
                    this.mPolicyManager.setPasswordMinimumSymbols(this.mComponentName, 0);
                    this.mPolicyManager.setMaximumTimeToLock(this.mComponentName, 0L);
                    this.mPolicyManager.setPasswordHistoryLength(this.mComponentName, 0);
                    devicePolicyManager = this.mPolicyManager;
                    componentName = this.mComponentName;
                    i = this.mMaxFailedAttempts;
                } else {
                    this.mPolicyManager.setPasswordQuality(this.mComponentName, 393216);
                    this.mPolicyManager.setPasswordMinimumLength(this.mComponentName, this.mMinLength);
                    this.mPolicyManager.setPasswordMinimumNumeric(this.mComponentName, 1);
                    this.mPolicyManager.setPasswordMinimumLetters(this.mComponentName, 1);
                    this.mPolicyManager.setPasswordMinimumSymbols(this.mComponentName, 0);
                    this.mPolicyManager.setMaximumTimeToLock(this.mComponentName, this.mMaxInactivity * 60 * 1000);
                    this.mPolicyManager.setPasswordHistoryLength(this.mComponentName, this.mPinHistory);
                    devicePolicyManager = this.mPolicyManager;
                    componentName = this.mComponentName;
                    i = this.mMaxFailedAttempts;
                }
                devicePolicyManager.setMaximumFailedPasswordsForWipe(componentName, i);
            }
            return true;
        } catch (Exception e) {
            Log.a(TAG, "fail", e.getCause());
            e.printStackTrace();
            return false;
        }
    }

    @Override // com.sangfor.vpn.client.service.mdm.operation.IMdmPolicy
    public void onClear() {
        onStop();
        try {
            this.mPolicyManager.setPasswordExpirationTimeout(this.mComponentName, 0L);
            this.mPolicyManager.setPasswordQuality(this.mComponentName, 0);
            this.mPolicyManager.setPasswordMinimumLength(this.mComponentName, 0);
            this.mPolicyManager.setPasswordMinimumNumeric(this.mComponentName, 0);
            this.mPolicyManager.setPasswordMinimumLetters(this.mComponentName, 0);
            this.mPolicyManager.setPasswordMinimumSymbols(this.mComponentName, 0);
            this.mPolicyManager.setMaximumTimeToLock(this.mComponentName, 0L);
            this.mPolicyManager.setPasswordHistoryLength(this.mComponentName, 0);
            this.mPolicyManager.setMaximumFailedPasswordsForWipe(this.mComponentName, 0);
        } catch (Exception e) {
            Log.a(TAG, "clear password fail", e.getCause());
            e.printStackTrace();
        }
    }

    @Override // com.sangfor.vpn.client.service.mdm.operation.IMdmPolicy
    public void onStart(Context context, MdmPolicyManager mdmPolicyManager) {
        this.mContext = context;
        this.mParent = mdmPolicyManager;
        this.mPolicyManager = (DevicePolicyManager) this.mContext.getSystemService("device_policy");
        this.mComponentName = new ComponentName(this.mContext, (Class<?>) AdminReceiver.class);
        this.mTimer = Executors.newSingleThreadScheduledExecutor();
        this.mPasswordFormat = PASSWORD_FORMAT.ANY;
        this.mMinLength = 0;
        this.mMaxInactivity = 0L;
        this.mMaxGracePeriod = 0L;
        this.mPinHistory = 0;
        this.mMaxPinAgeInDays = 0L;
        this.mMaxFailedAttempts = 0;
        IntentFilter intentFilter = new IntentFilter();
        intentFilter.addAction(NewPasswordActivity.ACTION_NEWPASSWORD_STOPPED);
        this.mContext.registerReceiver(this.mNewPasswordStopped, intentFilter);
        IntentFilter intentFilter2 = new IntentFilter();
        intentFilter2.addAction(AdminReceiver.ACTION_PASSWORD_EXPIRATION);
        this.mContext.registerReceiver(this.mPasswordExpirationReceiver, intentFilter2);
        IntentFilter intentFilter3 = new IntentFilter();
        intentFilter3.addAction(AdminReceiver.ACTION_PASSWORD_CHANGED);
        this.mContext.registerReceiver(this.mPasswordChangedReceiver, intentFilter3);
    }

    @Override // com.sangfor.vpn.client.service.mdm.operation.IMdmPolicy
    public void onStop() {
        this.mContext.unregisterReceiver(this.mNewPasswordStopped);
        this.mContext.unregisterReceiver(this.mPasswordExpirationReceiver);
        this.mContext.unregisterReceiver(this.mPasswordChangedReceiver);
        this.mTimer.shutdown();
    }

    @Override // com.sangfor.vpn.client.service.mdm.operation.IMdmPolicy
    public boolean onUpdatePolicy(NSDictionary nSDictionary, boolean z) {
        if (!MdmPolicyManager.isAdminActive()) {
            Log.a(TAG, "MDM Admin required");
            return false;
        }
        if (((NSString) nSDictionary.objectForKey(MdmProto.REQUEST_TYPE, NSString.EMPTY)).getContent().equals("ClearPasscode")) {
            try {
                this.mPolicyManager.setPasswordQuality(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumLength(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumNumeric(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumLetters(this.mComponentName, 0);
                this.mPolicyManager.setPasswordMinimumSymbols(this.mComponentName, 0);
                if (this.mPolicyManager.resetPassword("", 0)) {
                    return true;
                }
                Log.a(TAG, "clear password fail");
                return false;
            } catch (Exception e) {
                Log.a(TAG, "clear password exception");
                e.printStackTrace();
                return false;
            }
        }
        try {
            String obj = nSDictionary.objectForKey(KEY_ALLOW_SIMPLE, NSString.EMPTY).toString();
            this.mPasswordFormat = obj.equals(VALUE_TRUE) ? PASSWORD_FORMAT.SIMPLE : obj.equals(VALUE_FALSE) ? PASSWORD_FORMAT.COMPLEX : PASSWORD_FORMAT.ANY;
            this.mMinLength = ((NSNumber) nSDictionary.objectForKey(KEY_MIN_LENGTH, VALUE_CLEAR)).intValue();
            this.mMaxInactivity = ((NSNumber) nSDictionary.objectForKey(KEY_MAX_INACTIVITY, VALUE_CLEAR)).intValue();
            this.mMaxGracePeriod = ((NSNumber) nSDictionary.objectForKey(KEY_MAX_GRACE_PERIODS, VALUE_CLEAR)).intValue();
            this.mPinHistory = ((NSNumber) nSDictionary.objectForKey(KEY_PIN_HISTORY, VALUE_CLEAR)).intValue();
            if (z) {
                this.mMaxPinAgeInDays = ((NSNumber) nSDictionary.objectForKey(KEY_MAX_PINAGE_INDAYS, VALUE_CLEAR)).intValue();
            } else {
                long intValue = ((NSNumber) nSDictionary.objectForKey(KEY_MAX_PINAGE_INDAYS, VALUE_CLEAR)).intValue();
                if (intValue != this.mMaxPinAgeInDays) {
                    this.mMaxPinAgeInDays = intValue;
                    setPasswordExpiration();
                } else {
                    this.mMaxPinAgeInDays = intValue;
                }
            }
            this.mMaxFailedAttempts = ((NSNumber) nSDictionary.objectForKey(KEY_MAX_FAILED_ATTEMPTS, VALUE_CLEAR)).intValue();
            if (!setPasswordPolicy()) {
                return false;
            }
            checkPassword();
            return true;
        } catch (Exception e2) {
            Log.a(TAG, "parse plist fail", e2);
            return false;
        }
    }
}
