package com.xiaomi.account.provider;

import android.accounts.Account;
import android.content.ContentProvider;
import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.net.Uri;
import android.os.Binder;
import android.os.Bundle;
import android.os.Looper;
import android.text.TextUtils;
import android.util.Base64;
import b6.c0;
import b6.m;
import com.xiaomi.account.service.b;
import com.xiaomi.accountsdk.account.data.AccountInfo;
import com.xiaomi.accountsdk.account.f;
import com.xiaomi.passport.accountmanager.i;
import f6.n;
import g6.k;
import g6.q;
import h4.d;
import i7.c;
import java.io.IOException;
import o6.h;
import p6.e;
import r6.g;
import r6.n;

/* loaded from: classes.dex */
public class AccountDataProvider extends ContentProvider {
    private static final int ERROR_CODE_INVALID_PARAMS = 2000;
    private static final int ERROR_CODE_NONE = 0;
    private static final int ERROR_CODE_NO_ACCOUNT = 1000;
    private static final int ERROR_CODE_NO_PASSTOKEN = 1001;
    private static final int ERROR_CODE_NO_PASSTOKEN_DCS = 1002;
    private static final int ERROR_CODE_NO_SERVICETOKEN_DCS = 1003;
    private static final int ERROR_CODE_SERVICETOKEN_DCS_ENCRYPT_FAILURE = 1005;
    private static final int ERROR_CODE_SERVICETOKEN_NOT_MATCH = 1004;
    private static final String KEY_BOOL_RESULT = "result";
    private static final String KEY_INT_CODE = "code";
    private static final String KEY_STRING_MESSAGE = "message";
    public static final String METHOD_DECRYPT_WITH_CHECKED_DEVICE_SECURITY = "decryptWithCheckedDeviceSecurity";
    public static final String METHOD_ENCRYPT_WITH_CHECKED_DEVICE_SECURITY = "encryptWithCheckedDeviceSecurity";
    public static final String METHOD_GET_SERVICE_TOKEN_BY_UNSTORED_PASS_TOKEN = "getServiceTokenByUnstoredPassToken";
    private static final String TAG = "AccountDataProvider";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class a implements b<Bundle> {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ String f8645a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ String f8646b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ Bundle f8647c;

        a(String str, String str2, Bundle bundle) {
            this.f8645a = str;
            this.f8646b = str2;
            this.f8647c = bundle;
        }

        @Override // com.xiaomi.account.service.b
        /* renamed from: c, reason: merged with bridge method [inline-methods] */
        public Bundle a(c.e eVar) {
            Bundle bundle;
            if (AccountDataProvider.METHOD_GET_SERVICE_TOKEN_BY_UNSTORED_PASS_TOKEN.equals(this.f8645a)) {
                bundle = AccountDataProvider.this.callGetServiceTokenByUnstoredPassToken(this.f8646b, this.f8647c);
            } else if (AccountDataProvider.METHOD_ENCRYPT_WITH_CHECKED_DEVICE_SECURITY.equals(this.f8645a)) {
                bundle = AccountDataProvider.callEncryptWithCheckedDeviceSecurity(AccountDataProvider.this.getContext(), this.f8646b, this.f8647c);
            } else if (AccountDataProvider.METHOD_DECRYPT_WITH_CHECKED_DEVICE_SECURITY.equals(this.f8645a)) {
                bundle = AccountDataProvider.callDecryptWithCheckedDeviceSecurity(AccountDataProvider.this.getContext(), this.f8646b, this.f8647c);
            } else {
                bundle = new Bundle();
                bundle.putBoolean("result", false);
                bundle.putString("message", "no method: " + this.f8645a);
            }
            r6.b.f(AccountDataProvider.TAG, "result=" + bundle);
            return bundle;
        }

        @Override // com.xiaomi.account.service.b
        /* renamed from: d, reason: merged with bridge method [inline-methods] */
        public Bundle b(c.e eVar) {
            r6.b.f(AccountDataProvider.TAG, "error: " + eVar);
            Bundle bundle = new Bundle();
            bundle.putBoolean("result", false);
            bundle.putString("message", "permission denied");
            return bundle;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static synchronized Bundle callDecryptWithCheckedDeviceSecurity(Context context, String str, Bundle bundle) {
        synchronized (AccountDataProvider.class) {
            String string = bundle.getString("serviceId");
            String string2 = bundle.getString("serviceToken");
            Bundle bundle2 = new Bundle();
            bundle2.putBoolean("result", false);
            bundle2.putInt("code", 0);
            i x10 = i.x(context);
            Account q10 = x10.q();
            if (q10 == null) {
                bundle2.putString("message", "no account");
                bundle2.putInt("code", 1000);
                return bundle2;
            }
            String e10 = x10.e(q10);
            if (TextUtils.isEmpty(e10)) {
                bundle2.putString("message", "no passToken");
                bundle2.putInt("code", ERROR_CODE_NO_PASSTOKEN);
                return bundle2;
            }
            d b10 = d.b(context, q10);
            if (b10 != null && !TextUtils.equals(e10, b10.f14327c)) {
                d.e(context, q10, null, null, null);
                b10 = null;
            }
            if (b10 == null) {
                try {
                    f6.c f02 = f.f0(q10.name, e10, "tz_flag");
                    x10.n(q10, new AccountInfo.b().J(q10.name).D(g.e(e10)).A(f02.f13256a.f13278a).C(f02.f13256a.f13279b).v(f02.f13257b).t());
                    f6.g gVar = f02.f13256a;
                    d.e(context, q10, gVar.f13278a, gVar.f13279b, f02.f13257b);
                } catch (IOException | p6.a | p6.b | e e11) {
                    bundle2.putString("message", e11.getMessage());
                    bundle2.putInt("code", ERROR_CODE_NO_PASSTOKEN_DCS);
                    return bundle2;
                }
            }
            if (d.b(context, q10) == null) {
                bundle2.putString("message", "invalid deviceCheckedTokenSecurity");
                bundle2.putInt("code", ERROR_CODE_NO_PASSTOKEN_DCS);
                return bundle2;
            }
            d c10 = d.c(context, q10, string);
            if (c10 == null) {
                bundle2.putString("message", "invalid security for " + string + ", try refresh serviceToken with requestDeviceCheckedSecurity=true");
                bundle2.putInt("code", ERROR_CODE_NO_SERVICETOKEN_DCS);
                return bundle2;
            }
            if (!string2.equals(c10.f14327c)) {
                bundle2.putString("message", "serviceToken not match, use returned serviceToken instead");
                bundle2.putString("serviceToken", c10.f14327c);
                bundle2.putInt("code", ERROR_CODE_SERVICETOKEN_NOT_MATCH);
                return bundle2;
            }
            String string3 = bundle.getString("toDecryptDataBase64NoWrap");
            if (TextUtils.isEmpty(string3)) {
                bundle2.putString("message", "invalid decrypt data");
                bundle2.putInt("code", ERROR_CODE_INVALID_PARAMS);
                return bundle2;
            }
            byte[] byteArray = bundle.getByteArray("aesDecryptIV");
            if (m.a(context)) {
                r6.b.f(TAG, "aesKey=" + c10.f14328d);
            }
            r6.a aVar = new r6.a("AES/GCM/NoPadding", "BC", c10.f14328d);
            try {
                bundle2.putString("decryptedDataBase64NoWrap", byteArray != null ? Base64.encodeToString(aVar.e(Base64.decode(string3, 2), byteArray), 2) : Base64.encodeToString(aVar.c(Base64.decode(string3, 2)), 2));
                bundle2.putBoolean("result", true);
                bundle2.putString("message", "ok");
                return bundle2;
            } catch (p6.c e12) {
                bundle2.putString("message", e12.getMessage());
                bundle2.putInt("code", ERROR_CODE_SERVICETOKEN_DCS_ENCRYPT_FAILURE);
                return bundle2;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static synchronized Bundle callEncryptWithCheckedDeviceSecurity(Context context, String str, Bundle bundle) {
        synchronized (AccountDataProvider.class) {
            String string = bundle.getString("serviceId");
            String string2 = bundle.getString("serviceToken");
            Bundle bundle2 = new Bundle();
            bundle2.putBoolean("result", false);
            bundle2.putInt("code", 0);
            i x10 = i.x(context);
            Account q10 = x10.q();
            if (q10 == null) {
                bundle2.putString("message", "no account");
                bundle2.putInt("code", 1000);
                return bundle2;
            }
            String e10 = x10.e(q10);
            if (TextUtils.isEmpty(e10)) {
                bundle2.putString("message", "no passToken");
                bundle2.putInt("code", ERROR_CODE_NO_PASSTOKEN);
                return bundle2;
            }
            d b10 = d.b(context, q10);
            if (b10 != null && !TextUtils.equals(e10, b10.f14327c)) {
                d.e(context, q10, null, null, null);
                b10 = null;
            }
            if (b10 == null) {
                try {
                    f6.c f02 = f.f0(q10.name, e10, "tz_flag");
                    x10.n(q10, new AccountInfo.b().J(q10.name).D(g.e(e10)).A(f02.f13256a.f13278a).C(f02.f13256a.f13279b).v(f02.f13257b).t());
                    f6.g gVar = f02.f13256a;
                    d.e(context, q10, gVar.f13278a, gVar.f13279b, f02.f13257b);
                } catch (IOException | p6.a | p6.b | e e11) {
                    bundle2.putString("message", e11.getMessage());
                    bundle2.putInt("code", ERROR_CODE_NO_PASSTOKEN_DCS);
                    return bundle2;
                }
            }
            if (d.b(context, q10) == null) {
                bundle2.putString("message", "invalid deviceCheckedTokenSecurity");
                bundle2.putInt("code", ERROR_CODE_NO_PASSTOKEN_DCS);
                return bundle2;
            }
            d c10 = d.c(context, q10, string);
            if (c10 == null) {
                bundle2.putString("message", "invalid security for " + string + ", try refresh serviceToken with requestDeviceCheckedSecurity=true");
                bundle2.putInt("code", ERROR_CODE_NO_SERVICETOKEN_DCS);
                return bundle2;
            }
            if (!string2.equals(c10.f14327c)) {
                bundle2.putString("message", "serviceToken not match, use returned serviceToken instead");
                bundle2.putString("serviceToken", c10.f14327c);
                bundle2.putInt("code", ERROR_CODE_SERVICETOKEN_NOT_MATCH);
                return bundle2;
            }
            String string3 = bundle.getString("toEncryptDataBase64NoWrap");
            if (TextUtils.isEmpty(string3)) {
                bundle2.putString("message", "invalid encrypt data");
                bundle2.putInt("code", ERROR_CODE_INVALID_PARAMS);
                return bundle2;
            }
            byte[] decode = Base64.decode(string3, 2);
            byte[] byteArray = bundle.getByteArray("aesEncryptIV");
            if (m.a(context)) {
                r6.b.f(TAG, "aesKey=" + c10.f14328d);
            }
            r6.a aVar = new r6.a("AES/GCM/NoPadding", "BC", c10.f14328d);
            try {
                bundle2.putString("encryptedDataBase64NoWrap", byteArray != null ? Base64.encodeToString(aVar.h(decode, byteArray), 2) : aVar.a(string3));
                bundle2.putBoolean("result", true);
                bundle2.putString("message", "ok");
                return bundle2;
            } catch (p6.c e12) {
                bundle2.putString("message", e12.getMessage());
                bundle2.putInt("code", ERROR_CODE_SERVICETOKEN_DCS_ENCRYPT_FAILURE);
                return bundle2;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Bundle callGetServiceTokenByUnstoredPassToken(String str, Bundle bundle) {
        Account q10;
        Account q11;
        Bundle bundle2 = new Bundle();
        bundle2.putBoolean("result", false);
        String string = bundle.getString("userId");
        if (TextUtils.isEmpty(string)) {
            string = c0.a("loginingUserId");
        }
        if (TextUtils.isEmpty(string) && (q11 = i.x(getContext()).q()) != null) {
            string = q11.name;
        }
        if (TextUtils.isEmpty(string)) {
            bundle2.putString("message", "userId is empty");
            return bundle2;
        }
        String string2 = bundle.getString("passToken");
        if (TextUtils.isEmpty(string2)) {
            string2 = c0.a("loginingPassToken");
        }
        if (TextUtils.isEmpty(string2) && (q10 = i.x(getContext()).q()) != null) {
            string2 = i.x(getContext()).e(q10);
        }
        if (TextUtils.isEmpty(string2)) {
            bundle2.putString("message", "passToken is empty");
            return bundle2;
        }
        String string3 = bundle.getString("serviceId");
        if (TextUtils.isEmpty(string3)) {
            bundle2.putString("message", "serviceId is empty");
            return bundle2;
        }
        String callingPackageName = getCallingPackageName(bundle);
        f6.g b10 = f6.g.b(string2);
        n.b u10 = new n.b().u(string);
        if (b10 != null) {
            string2 = b10.f13278a;
        }
        try {
            AccountInfo e10 = com.xiaomi.passport.utils.a.e(getContext(), u10.q(string2).p(callingPackageName).s(string3).o(null).k());
            if (e10 != null) {
                bundle2.putBoolean("result", true);
                bundle2.putString("userId", e10.f9482a);
                bundle2.putString("serviceId", e10.f9483b);
                bundle2.putString("serviceToken", e10.f9486q);
                bundle2.putString("security", e10.f9488s);
                bundle2.putString("stsCookies", e10.f9487r);
                bundle2.putString("encryptedUserId", e10.f9485p);
                try {
                    bundle2.putString("uDevId", h.a(getContext(), e10.f9482a));
                } catch (n.a e11) {
                    r6.b.g(TAG, "getUDevId failed", e11);
                }
            } else {
                bundle2.putString("message", "accountInfo is null");
            }
        } catch (g6.d | g6.e | k | g6.n | q | IOException | p6.a | p6.b | e e12) {
            r6.b.g(TAG, "callGetServiceTokenByUnstoredPassToken", e12);
            bundle2.putString("message", e12.getMessage());
        }
        return bundle2;
    }

    private String getCallingPackageName(Bundle bundle) {
        String string = bundle.getString("packageName");
        String[] packagesForUid = getContext().getPackageManager().getPackagesForUid(Binder.getCallingUid());
        if (packagesForUid != null && packagesForUid.length != 0) {
            for (String str : packagesForUid) {
                if (str.equals(string)) {
                    return string;
                }
            }
        }
        return null;
    }

    @Override // android.content.ContentProvider
    public Bundle call(String str, String str2, Bundle bundle) {
        r6.b.f(TAG, "call method: " + str + ", arg=" + str2 + ", extras=" + bundle + ", uid=" + Binder.getCallingUid() + ", pid=" + Binder.getCallingPid());
        if (Looper.myLooper() != Looper.getMainLooper()) {
            return (Bundle) com.xiaomi.account.service.a.a(getContext(), null, new a(str, str2, bundle), true);
        }
        r6.b.f(TAG, "error: not allow called from main thread");
        Bundle bundle2 = new Bundle();
        bundle2.putBoolean("result", false);
        bundle2.putString("message", "not allow called from main thread");
        return bundle2;
    }

    @Override // android.content.ContentProvider
    public Bundle call(String str, String str2, String str3, Bundle bundle) {
        return call(str2, str3, bundle);
    }

    @Override // android.content.ContentProvider
    public int delete(Uri uri, String str, String[] strArr) {
        return 0;
    }

    @Override // android.content.ContentProvider
    public String getType(Uri uri) {
        return null;
    }

    @Override // android.content.ContentProvider
    public Uri insert(Uri uri, ContentValues contentValues) {
        return null;
    }

    @Override // android.content.ContentProvider
    public boolean onCreate() {
        return false;
    }

    @Override // android.content.ContentProvider
    public Cursor query(Uri uri, String[] strArr, String str, String[] strArr2, String str2) {
        return null;
    }

    @Override // android.content.ContentProvider
    public int update(Uri uri, ContentValues contentValues, String str, String[] strArr) {
        return 0;
    }
}
