package com.netease.epay.sdk.base.network.security;

import android.app.Application;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.core.util.Pair;
import com.google.gson.JsonObject;
import com.google.gson.reflect.TypeToken;
import com.netease.epay.okhttp3.b0;
import com.netease.epay.okhttp3.d0;
import com.netease.epay.okhttp3.e0;
import com.netease.epay.okhttp3.w;
import com.netease.epay.sdk.base.core.BaseConstants;
import com.netease.epay.sdk.base.core.SdkConfig;
import com.netease.epay.sdk.base.error.MappingErrorCode;
import com.netease.epay.sdk.base.network.EpayNetRequest;
import com.netease.epay.sdk.base.util.ExceptionUtil;
import com.netease.epay.sdk.base.util.SdkGson;
import com.netease.epay.sdk.base.util.SharedPreferencesUtil;
import com.netease.epay.sdk.model.JsonBuilder;
import com.netease.epay.sdk.security.channel.SecurityChannel;
import com.xiaomi.gamecenter.ui.webkit.ScrollWebView;
import com.xiaomi.mipush.sdk.Constants;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.CopyOnWriteArraySet;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import org.json.JSONObject;

/* loaded from: classes8.dex */
public class SecurityInterceptor implements w {
    public static final String HEADER_CONTENT_LENGTH = "Content-Length";
    public static final String PROP_SECURITY_LIST = "security";
    public static final String PROP_USE_SECURITY = "useSecurity";
    public static final String SDK_VERSION;
    public static final String SECURITY_HEADER_KEY = "X-Epay-Security";
    public static final String SECURITY_HEADER_VAL;

    /* renamed from: a, reason: collision with root package name */
    private final Set<String> f28843a;

    /* renamed from: b, reason: collision with root package name */
    private final AtomicInteger f28844b;

    /* renamed from: c, reason: collision with root package name */
    private final Application f28845c;

    /* renamed from: d, reason: collision with root package name */
    private final List<String> f28846d = new CopyOnWriteArrayList();

    /* renamed from: e, reason: collision with root package name */
    private final AtomicBoolean f28847e = new AtomicBoolean(true);

    static {
        String replace = "android7.12.3".replace(ScrollWebView.ANDROID_OBJECT_NAME, "");
        SDK_VERSION = replace;
        SECURITY_HEADER_VAL = "v2/" + replace + "/3";
    }

    public SecurityInterceptor(Application application) {
        this.f28845c = application;
        SecurityChannel.init(SDK_VERSION, !SdkConfig.isTestUrl() ? 1 : 0);
        CopyOnWriteArraySet copyOnWriteArraySet = new CopyOnWriteArraySet();
        this.f28843a = copyOnWriteArraySet;
        copyOnWriteArraySet.add(BaseConstants.diamondsQueryConfig);
        this.f28844b = new AtomicInteger(0);
    }

    private d0 a(b0 b0Var, EpayNetRequest epayNetRequest, w.a aVar) {
        b0 b0Var2;
        String str = epayNetRequest.url;
        JSONObject jSONObject = epayNetRequest.reqParams;
        String optString = jSONObject != null ? jSONObject.optString(JsonBuilder.SESSION_ID) : null;
        try {
            long t10 = SecurityChannel.getT();
            String n10 = SecurityChannel.getN();
            byte[] genSymmetricEncryptKey = SecurityChannel.genSymmetricEncryptKey();
            Pair<b0, String> securityRequest = SecurityRequestInfo.securityRequest(b0Var, optString, n10, t10, genSymmetricEncryptKey);
            if (securityRequest != null && (b0Var2 = securityRequest.first) != null) {
                d0 a10 = aVar.a(b0Var2);
                e0 a11 = a10.a();
                if (a11 == null) {
                    this.f28843a.add(str);
                    return a10;
                }
                String s10 = a11.s();
                if (!SECURITY_HEADER_VAL.equals(a10.i(SECURITY_HEADER_KEY))) {
                    if (b(s10)) {
                        this.f28843a.add(str);
                    }
                    return a(a10, a11, s10);
                }
                SecurityResponseInfo securityResponseInfo = (SecurityResponseInfo) SdkGson.toObject(s10, SecurityResponseInfo.class);
                if (securityResponseInfo == null) {
                    ExceptionUtil.uploadSentry("EP0137_P");
                    this.f28843a.add(str);
                    throw new SecurityChannelException(MappingErrorCode.Common.FAIL_NETWORK_ERROR_SEC_CHANNEL, "sce empty response");
                }
                if (securityResponseInfo.isOk(optString, n10)) {
                    return a(a10, a11, securityResponseInfo.toOriginString(optString, n10, genSymmetricEncryptKey));
                }
                ExceptionUtil.uploadSentry("EP0138_P");
                this.f28843a.add(str);
                throw new SecurityChannelException(MappingErrorCode.Common.FAIL_NETWORK_ERROR_SEC_CHANNEL, String.format("sce verify failed(%s)", securityResponseInfo.getCode()));
            }
            this.f28843a.add(str);
            return aVar.a(b0Var);
        } catch (SecurityException e10) {
            ExceptionUtil.handleException(e10, "EP0139");
            this.f28843a.add(str);
            this.f28844b.incrementAndGet();
            throw new SecurityChannelException(MappingErrorCode.Common.FAIL_NETWORK_ERROR_SEC_CHANNEL, e10.getMessage());
        }
    }

    private d0 a(d0 d0Var, e0 e0Var, String str) {
        return d0Var.A().b(e0.n(e0Var.h(), str)).c();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String a(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        return Base64.encodeToString(bArr, 2);
    }

    private void a() {
        this.f28846d.clear();
        this.f28847e.set(false);
        SharedPreferencesUtil.writeString(this.f28845c, BaseConstants.SHARED_SECURITY_CHANNEL, SDK_VERSION + Constants.COLON_SEPARATOR + System.currentTimeMillis());
    }

    private void a(@NonNull JsonObject jsonObject) {
        try {
            setSecurityList((ArrayList) SdkGson.getGson().fromJson(jsonObject.get("security"), new TypeToken<ArrayList<String>>() { // from class: com.netease.epay.sdk.base.network.security.SecurityInterceptor.1
            }.getType()));
            this.f28847e.set(jsonObject.getAsJsonPrimitive(PROP_USE_SECURITY).getAsBoolean());
        } catch (Exception unused) {
            a();
        }
    }

    private boolean a(EpayNetRequest epayNetRequest) {
        if (!this.f28847e.get()) {
            return false;
        }
        if (this.f28844b.intValue() >= 1) {
            a();
            return false;
        }
        String str = epayNetRequest.url;
        if (this.f28846d.isEmpty() || this.f28843a.contains(str)) {
            return false;
        }
        if (this.f28843a.size() > 1) {
            a();
            return false;
        }
        if (this.f28846d.contains("*")) {
            return true;
        }
        return this.f28846d.contains(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] a(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        return Base64.decode(str, 2);
    }

    private boolean b(String str) {
        JsonObject parse = SdkGson.parse(str);
        return parse != null && parse.has("c") && parse.has("t");
    }

    @Override // com.netease.epay.okhttp3.w
    public d0 intercept(w.a aVar) {
        b0 request = aVar.request();
        return ((request.i() instanceof EpayNetRequest) && a((EpayNetRequest) request.i())) ? a(request, (EpayNetRequest) request.i(), aVar) : aVar.a(request);
    }

    public void setEnabled(boolean z10) {
        this.f28847e.set(z10);
    }

    public void setSecurityList(List<String> list) {
        if (list == null) {
            return;
        }
        this.f28846d.clear();
        this.f28846d.addAll(list);
    }

    public void updateByConfig(@Nullable JsonObject jsonObject) {
        if (jsonObject == null) {
            a();
        } else {
            a(jsonObject);
        }
    }
}
