package com.nhe.httpclient.http;

import android.os.Build;
import android.os.Handler;
import android.os.Looper;
import android.text.TextUtils;
import b.b.L;
import com.nhe.httpclient.CLOnFailureCallback;
import com.v2.nhe.common.CLLog;
import g.A.c.a.d;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.CertificatePinner;
import okhttp3.ConnectionPool;
import okhttp3.ConnectionSpec;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.TlsVersion;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class CLHttpClient implements IBaseHttpClient {

    /* renamed from: a, reason: collision with root package name */
    public static final String f25456a = "NHEHttpClient";

    /* renamed from: b, reason: collision with root package name */
    public static final String f25457b = "sha256/WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=";

    /* renamed from: c, reason: collision with root package name */
    public static final String f25458c = "sha256/r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";

    /* renamed from: d, reason: collision with root package name */
    public static final int f25459d = 15;

    /* renamed from: e, reason: collision with root package name */
    public static String f25460e = "msgTraceId";

    /* renamed from: f, reason: collision with root package name */
    public OkHttpClient f25461f;

    /* renamed from: g, reason: collision with root package name */
    public a f25462g;

    /* renamed from: h, reason: collision with root package name */
    public Handler f25463h = new Handler(Looper.getMainLooper());

    /* renamed from: i, reason: collision with root package name */
    public List<CLOnFailureCallback> f25464i = new ArrayList();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public class a implements X509TrustManager {
        public a() {
        }

        public /* synthetic */ a(CLHttpClient cLHttpClient, g.A.c.a.a aVar) {
            this();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public class b implements HostnameVerifier {
        public b() {
        }

        public /* synthetic */ b(CLHttpClient cLHttpClient, g.A.c.a.a aVar) {
            this();
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    }

    public CLHttpClient(List<String> list, boolean z2) {
        try {
            this.f25461f = z2 ? a(list) : a();
        } catch (Exception e2) {
            CLLog.e("NHEHttpClient", "create CLHttpClient error " + e2.getMessage());
        }
    }

    private KeyStore a(char[] cArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, cArr);
            return keyStore;
        } catch (IOException e2) {
            throw new AssertionError(e2);
        }
    }

    private OkHttpClient.Builder a(OkHttpClient.Builder builder) {
        int i2 = Build.VERSION.SDK_INT;
        if (i2 >= 16 && i2 < 22) {
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                X509TrustManager c2 = c();
                sSLContext.init(null, new TrustManager[]{c2}, new SecureRandom());
                builder.sslSocketFactory(new Tls12SocketFactory(sSLContext.getSocketFactory()), c2);
                builder.connectionSpecs(Collections.singletonList(new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).build()));
            } catch (Exception e2) {
                CLLog.e("OkHttpTLSCompat", "Error while setting TLS 1.2", e2);
            }
        }
        return builder;
    }

    private OkHttpClient a() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        ConnectionPool connectionPool = new ConnectionPool();
        connectionPool.evictAll();
        builder.sslSocketFactory(new Tls12SocketFactory(b()), this.f25462g).hostnameVerifier(new b(this, null)).connectTimeout(15L, TimeUnit.SECONDS).readTimeout(15L, TimeUnit.SECONDS).writeTimeout(15L, TimeUnit.SECONDS).connectionPool(connectionPool);
        return builder.build();
    }

    private OkHttpClient a(InputStream inputStream) {
        try {
            X509TrustManager c2 = c(inputStream);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{c2}, null);
            return new OkHttpClient.Builder().sslSocketFactory(sSLContext.getSocketFactory(), c2).build();
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException(e2);
        }
    }

    private OkHttpClient a(List<String> list) {
        StringBuilder sb = new StringBuilder();
        sb.append("create secure client with domain size:");
        sb.append(list == null ? -1 : list.size());
        CLLog.d("NHEHttpClient", sb.toString());
        ConnectionSpec build = (Build.VERSION.SDK_INT < 22 ? new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) : new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.TLS_1_2)).build();
        CertificatePinner.Builder builder = new CertificatePinner.Builder();
        if (list != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                builder.add(it.next(), "sha256/WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=", "sha256/r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=");
            }
        }
        ConnectionPool connectionPool = new ConnectionPool();
        connectionPool.evictAll();
        OkHttpClient.Builder certificatePinner = new OkHttpClient.Builder().connectTimeout(15L, TimeUnit.SECONDS).readTimeout(15L, TimeUnit.SECONDS).writeTimeout(15L, TimeUnit.SECONDS).connectionPool(connectionPool).connectionSpecs(Collections.singletonList(build)).certificatePinner(builder.build());
        a(certificatePinner);
        return certificatePinner.build();
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x00bf  */
    /* JADX WARN: Removed duplicated region for block: B:17:0x00d8  */
    /* JADX WARN: Removed duplicated region for block: B:20:0x00ed  */
    /* JADX WARN: Removed duplicated region for block: B:31:0x01ab  */
    /* JADX WARN: Removed duplicated region for block: B:55:0x0236 A[LOOP:1: B:53:0x0230->B:55:0x0236, LOOP_END] */
    /* JADX WARN: Removed duplicated region for block: B:68:0x00e2  */
    /* JADX WARN: Removed duplicated region for block: B:69:0x00c9  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private okhttp3.Request a(com.nhe.httpclient.http.CLRequest r10) {
        /*
            Method dump skipped, instructions count: 722
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nhe.httpclient.http.CLHttpClient.a(com.nhe.httpclient.http.CLRequest):okhttp3.Request");
    }

    private void a(int i2, String str) {
        if (this.f25464i.size() > 0) {
            Iterator<CLOnFailureCallback> it = this.f25464i.iterator();
            while (it.hasNext()) {
                it.next().onFailure(i2, str);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(Runnable runnable) {
        this.f25463h.post(runnable);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(Response response, CLResponse cLResponse) {
        if (response != null) {
            cLResponse.setSdkCode(0);
            cLResponse.setCode(response.code());
            if (response.body() != null) {
                String string = response.body().string();
                cLResponse.setMessage(string);
                try {
                    JSONObject jSONObject = new JSONObject(string);
                    int optInt = jSONObject.optInt("code", -1);
                    int optInt2 = jSONObject.optInt("failflag", -1);
                    String optString = jSONObject.optString(com.umeng.analytics.pro.b.N);
                    String optString2 = jSONObject.optString("description");
                    String optString3 = jSONObject.optString("failmsg");
                    String optString4 = jSONObject.optString("msg");
                    if (optInt == -1) {
                        optInt = optInt2 != -1 ? optInt2 : 0;
                    }
                    if (!TextUtils.isEmpty(optString)) {
                        optString4 = optString;
                    } else if (!TextUtils.isEmpty(optString2)) {
                        optString4 = optString2;
                    } else if (!TextUtils.isEmpty(optString3)) {
                        optString4 = optString3;
                    } else if (TextUtils.isEmpty(optString4)) {
                        optString4 = null;
                    }
                    a(optInt, optString4);
                } catch (JSONException e2) {
                    CLLog.e("NHEHttpClient", e2.getMessage());
                }
            }
        }
    }

    @L(api = 19)
    public static InputStream b(InputStream inputStream) {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        StringBuilder sb = new StringBuilder();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            }
            sb.append(readLine + "\n");
        }
        bufferedReader.close();
        Matcher matcher = Pattern.compile("(-----BEGIN CERTIFICATE-----[\\s\\S]*?-----END CERTIFICATE-----)").matcher(sb.toString());
        StringBuilder sb2 = new StringBuilder();
        while (matcher.find()) {
            sb2.append(matcher.group(1) + "\n");
        }
        return new ByteArrayInputStream(sb2.toString().getBytes(StandardCharsets.UTF_8.name()));
    }

    private SSLSocketFactory b() {
        try {
            this.f25462g = new a(this, null);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{this.f25462g}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static X509TrustManager c() {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers != null && trustManagers.length >= 1 && (trustManagers[0] instanceof X509TrustManager)) {
            return (X509TrustManager) trustManagers[0];
        }
        throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
    }

    private X509TrustManager c(InputStream inputStream) {
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(inputStream);
        if (generateCertificates.isEmpty()) {
            throw new IllegalArgumentException("expected non-empty set of trusted certificates");
        }
        char[] charArray = "password".toCharArray();
        KeyStore a2 = a(charArray);
        Iterator<? extends Certificate> it = generateCertificates.iterator();
        int i2 = 0;
        while (it.hasNext()) {
            a2.setCertificateEntry(Integer.toString(i2), it.next());
            i2++;
        }
        KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).init(a2, charArray);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(a2);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
            return (X509TrustManager) trustManagers[0];
        }
        throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
    }

    public void addOnFailureCallback(CLOnFailureCallback cLOnFailureCallback) {
        if (cLOnFailureCallback == null) {
            CLLog.e("NHEHttpClient", "callback is null");
        } else if (this.f25464i.contains(cLOnFailureCallback)) {
            CLLog.w("NHEHttpClient", "callback is already added");
        } else {
            this.f25464i.add(cLOnFailureCallback);
        }
    }

    @Override // com.nhe.httpclient.http.IBaseHttpClient
    public CLResponse perform(CLRequest cLRequest) {
        Request request;
        CLResponse cLResponse = new CLResponse();
        try {
            request = a(cLRequest);
        } catch (RuntimeException e2) {
            CLLog.e("NHEHttpClient", "perform convert to request error " + e2.getMessage());
            request = null;
        }
        if (request == null) {
            CLLog.e("NHEHttpClient", "perform, okRequest is null");
            return cLResponse;
        }
        try {
            Response execute = this.f25461f.newCall(request).execute();
            a(execute, cLResponse);
            CLLog.d("NHEHttpClient", execute != null ? String.format("requestSync: %s\nresponse: %s\nbody: %s", cLRequest.toString(), execute.toString(), cLResponse.getMessage()) : String.format("requestSync， response is null， request：%s", cLRequest.toString()));
        } catch (Exception e3) {
            CLLog.e("NHEHttpClient", String.format("requestSync error， exception: %s， request：%s", e3.getMessage(), cLRequest.toString()));
        }
        return cLResponse;
    }

    @Override // com.nhe.httpclient.http.IBaseHttpClient
    public void performAsync(CLRequest cLRequest, InnerCallback innerCallback) {
        Request request;
        CLResponse cLResponse = new CLResponse();
        try {
            request = a(cLRequest);
        } catch (RuntimeException e2) {
            CLLog.e("NHEHttpClient", "performAsync convert to request error " + e2.getMessage());
            request = null;
        }
        if (request != null) {
            this.f25461f.newCall(request).enqueue(new d(this, cLRequest, innerCallback, cLResponse));
        } else if (innerCallback != null) {
            a(new g.A.c.a.a(this, innerCallback, cLResponse));
        }
    }

    public void removeOnFailureCallback(CLOnFailureCallback cLOnFailureCallback) {
        if (cLOnFailureCallback == null) {
            CLLog.e("NHEHttpClient", "callback is null");
        } else if (this.f25464i.contains(cLOnFailureCallback)) {
            this.f25464i.remove(cLOnFailureCallback);
        } else {
            CLLog.e("NHEHttpClient", "callback is not added");
        }
    }
}
