package com.noknok.android.uaf.framework.service;

import android.app.Activity;
import android.content.Context;
import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.os.Build;
import android.util.Base64;
import com.fido.android.framework.service.Mfac;
import com.fido.uaf.ver0100.types.TrustedFacets;
import com.fido.uaf.ver0100.types.UafException;
import com.google.common.base.Ascii;
import com.google.gson.JsonElement;
import com.j256.ormlite.android.apptools.OrmLiteConfigUtil;
import com.noknok.android.client.asm.api.uaf.json.Version;
import com.noknok.android.client.utils.AppSDKConfig;
import com.noknok.android.client.utils.Charsets;
import com.noknok.android.client.utils.Logger;
import com.noknok.android.client.utils.Outcome;
import com.tmobile.pr.mytmobile.common.Constants;
import io.fabric.sdk.android.services.common.CommonUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.lang.reflect.Field;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: classes3.dex */
public class FacetIDsValidator {
    public static final String a = "FacetIDsValidator";
    public static Set<String> b;
    public final String c;
    public SharedPreferences d;
    public final Context e;

    /* loaded from: classes3.dex */
    public enum CacheUpdateStrategy {
        CheckDefaultPeriod,
        ForceUpdate
    }

    /* loaded from: classes3.dex */
    public static class TrustedApps {
        public TrustedFacets[] trustedFacets;

        public boolean isValid() {
            TrustedFacets[] trustedFacetsArr = this.trustedFacets;
            if (trustedFacetsArr == null) {
                return false;
            }
            if (trustedFacetsArr.length <= 0) {
                return true;
            }
            for (TrustedFacets trustedFacets : trustedFacetsArr) {
                if (!trustedFacets.isValid()) {
                    return false;
                }
            }
            return true;
        }
    }

    public FacetIDsValidator(String str, Context context) {
        this.e = context;
        this.c = str;
    }

    private Boolean a(String str) {
        JsonElement jsonElement = AppSDKConfig.getInstance(this.e).get(AppSDKConfig.Key.allowedBrowsers);
        if (jsonElement != null) {
            Iterator<JsonElement> it = jsonElement.getAsJsonArray().iterator();
            while (it.hasNext()) {
                if (str.equals(it.next().getAsString())) {
                    return true;
                }
            }
        }
        return false;
    }

    private String a() {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(CommonUtils.SHA1_INSTANCE);
            messageDigest.update(this.c.getBytes(Charsets.utf8Charset), 0, this.c.length());
            byte[] digest = messageDigest.digest();
            StringBuilder sb = new StringBuilder();
            for (byte b2 : digest) {
                int i = (b2 >>> 4) & 15;
                int i2 = 0;
                while (true) {
                    if (i < 0 || i > 9) {
                        sb.append((char) ((i - 10) + 97));
                    } else {
                        sb.append((char) (i + 48));
                    }
                    i = b2 & Ascii.SI;
                    int i3 = i2 + 1;
                    if (i2 > 0) {
                        break;
                    }
                    i2 = i3;
                }
            }
            Logger.i(a, "Preferences file name:" + sb.toString());
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            Logger.w(a, "Failed to generate preference file name", e);
            return null;
        }
    }

    private String a(int i, Activity activity) {
        String str;
        PackageManager packageManager = this.e.getPackageManager();
        if (activity != null) {
            str = activity.getCallingPackage();
        } else {
            String[] packagesForUid = packageManager.getPackagesForUid(i);
            if (packagesForUid == null) {
                return null;
            }
            try {
                str = packageManager.getPackageInfo(packagesForUid[0], 0).packageName;
            } catch (PackageManager.NameNotFoundException e) {
                Logger.e(a, "Failed to get packageName", e);
                return null;
            }
        }
        if (str != null) {
            return c(str);
        }
        return null;
    }

    private String a(Activity activity, boolean z, boolean z2, Version version) {
        String uri;
        if (Build.VERSION.SDK_INT < 23) {
            return null;
        }
        Logger.d(a, "Trying mReferrer for App Links approved browser");
        if (activity != null) {
            try {
                Field declaredField = Activity.class.getDeclaredField("mReferrer");
                declaredField.setAccessible(true);
                String str = (String) declaredField.get(activity);
                if (str != null) {
                    Logger.d(a, "Possible browser caller is: " + str);
                    if (a(c(str)).booleanValue() && (uri = activity.getReferrer().toString()) != null) {
                        Logger.d(a, "facetURL from getReferrer() is: " + uri);
                        try {
                            URL url = new URL(uri);
                            return a((url.getProtocol() + "://" + url.getAuthority()).toLowerCase(), z, z2, version);
                        } catch (MalformedURLException unused) {
                        }
                    }
                }
            } catch (Exception e) {
                Logger.e(a, "There was a problem getting the facetURL", e);
            }
        }
        return null;
    }

    private String a(String str, boolean z, boolean z2, Version version) {
        Logger.d(a, String.format("Checking facet ID: facetID=%s AppID=%s", str, this.c));
        String str2 = this.c;
        if (str2 == null || str2.length() == 0) {
            Logger.d(a, "Facet ID trusted because App ID is blank");
            return str;
        }
        if (!e(this.c)) {
            if (!str.equals(this.c)) {
                throw new UafException(Outcome.PROTOCOL_ERROR, "App ID is not HTTPS");
            }
            Logger.d(a, "Facet ID trusted because it matches the App ID");
            return str;
        }
        if (z2) {
            Logger.d(a, "Facet ID trusted because this is a local request");
            return str;
        }
        if (z) {
            try {
                if (new URL(this.c).getHost().compareToIgnoreCase(new URL(str).getHost()) == 0) {
                    Logger.d(a, "Facet ID trusted because the host matches the App ID");
                    return str;
                }
            } catch (MalformedURLException unused) {
                throw new UafException(Outcome.APP_NOT_FOUND, "App ID is an invalid URL");
            }
        }
        if (Mfac.Instance().getContext() != null) {
            this.d = Mfac.Instance().getContext().getSharedPreferences(a(), 0);
        } else {
            this.d = this.e.getSharedPreferences(a(), 0);
        }
        for (CacheUpdateStrategy cacheUpdateStrategy : CacheUpdateStrategy.values()) {
            a(cacheUpdateStrategy, this.c, version, 0);
            if (b(str)) {
                Logger.d(a, "Facet ID trusted because it is in the list");
                return str;
            }
        }
        throw new UafException(Outcome.APP_NOT_FOUND, "Facet ID is not trusted");
    }

    /* JADX WARN: Removed duplicated region for block: B:106:0x02eb  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void a(com.noknok.android.uaf.framework.service.FacetIDsValidator.CacheUpdateStrategy r18, java.lang.String r19, com.noknok.android.client.asm.api.uaf.json.Version r20, int r21) {
        /*
            Method dump skipped, instructions count: 790
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.noknok.android.uaf.framework.service.FacetIDsValidator.a(com.noknok.android.uaf.framework.service.FacetIDsValidator$CacheUpdateStrategy, java.lang.String, com.noknok.android.client.asm.api.uaf.json.Version, int):void");
    }

    public static boolean a(Context context, Activity activity, String str) {
        PackageManager packageManager = context.getPackageManager();
        if (activity == null) {
            return false;
        }
        String callingPackage = activity.getCallingPackage();
        try {
            String[] strArr = packageManager.getPackageInfo(callingPackage, 4096).requestedPermissions;
            if (strArr != null) {
                for (String str2 : strArr) {
                    if (str2.matches(str)) {
                        return true;
                    }
                }
            }
        } catch (PackageManager.NameNotFoundException e) {
            Logger.e(a, "Failed to get requestedPermissions for " + callingPackage, e);
        }
        return false;
    }

    public static boolean a(String str, String str2) {
        if (str.startsWith("android:apk-key-hash:")) {
            return true;
        }
        if (!e(str) || str2 == null) {
            return false;
        }
        try {
        } catch (MalformedURLException e) {
            Logger.e(a, "Failed to parse URL", e);
        }
        return new URL(str).getHost().endsWith(str2);
    }

    private Set<String> b() throws IOException {
        HashSet hashSet = new HashSet();
        BufferedReader bufferedReader = null;
        try {
            BufferedReader bufferedReader2 = new BufferedReader(new InputStreamReader(this.e.getResources().openRawResource(this.e.getResources().getIdentifier("psl", OrmLiteConfigUtil.RAW_DIR_NAME, this.e.getPackageName())), Charsets.utf8Charset));
            while (true) {
                try {
                    String readLine = bufferedReader2.readLine();
                    if (readLine == null) {
                        bufferedReader2.close();
                        return hashSet;
                    }
                    hashSet.add(readLine);
                } catch (Throwable th) {
                    th = th;
                    bufferedReader = bufferedReader2;
                    if (bufferedReader != null) {
                        bufferedReader.close();
                    }
                    throw th;
                }
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    private boolean b(String str) {
        String str2 = null;
        String string = this.d.getString("ids", null);
        try {
            URL url = new URL(str);
            str2 = url.getProtocol() + "://" + url.getAuthority();
            Logger.d(a, "facetURL scheme+host+port: " + str2);
        } catch (MalformedURLException unused) {
        }
        if (string == null || string.length() == 0) {
            Logger.i(a, "IDS list is empty");
        } else {
            for (String str3 : string.split(",")) {
                if (str2 != null) {
                    try {
                        URL url2 = new URL(str3);
                        if (str2.equalsIgnoreCase(url2.getProtocol() + "://" + url2.getAuthority())) {
                            return true;
                        }
                    } catch (MalformedURLException unused2) {
                    }
                }
                if (str.equals(str3)) {
                    return true;
                }
            }
        }
        return false;
    }

    private String c(String str) {
        try {
            Signature[] signatureArr = this.e.getPackageManager().getPackageInfo(str, 64).signatures;
            if (signatureArr.length <= 0) {
                return null;
            }
            Signature signature = signatureArr[0];
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            messageDigest.update(signature.toByteArray());
            return "android:apk-key-hash:" + Base64.encodeToString(messageDigest.digest(), 3);
        } catch (PackageManager.NameNotFoundException | NoSuchAlgorithmException e) {
            Logger.e(a, "Failed to generate FacetID for " + str, e);
            return null;
        }
    }

    public static String d(String str) {
        try {
            URI uri = new URI(str);
            String path = uri.getPath();
            if (path.length() > 0) {
                str = str.split(path)[0];
            }
            String str2 = str;
            int port = uri.getPort();
            if (port != -1 && uri.getScheme().equalsIgnoreCase(Constants.HTTPS) && port == 443) {
                str2 = str2.split(":443")[0];
            }
            if (str2.endsWith("/")) {
                return str2;
            }
            return str2 + "/";
        } catch (URISyntaxException e) {
            Logger.e(a, "Error while resolving FacetID", e);
            return null;
        }
    }

    public static boolean e(String str) {
        try {
            return Constants.HTTPS.equals(new URL(str).getProtocol());
        } catch (MalformedURLException unused) {
            Logger.w(a, str + " Invalid URL.");
            return false;
        } catch (Exception e) {
            Logger.e(a, "Error while checking URL protocol is https or not", e);
            return false;
        }
    }

    public static long f(String str) {
        try {
            return new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz").parse(str).getTime();
        } catch (ParseException e) {
            Logger.e(a, "Error while getting expires", e);
            return new Date().getTime() + 60000;
        }
    }

    private String g(String str) throws IOException {
        if (b == null) {
            b = b();
        }
        String host = new URL(str).getHost();
        int i = -1;
        do {
            host = host.substring(i + 1);
            if (b.contains(host)) {
                return host;
            }
            i = host.indexOf(46);
        } while (i != -1);
        return null;
    }

    public String validateCaller(int i, int i2, Activity activity, String str, boolean z, Version version) {
        String a2;
        boolean z2 = false;
        if (str == null) {
            a2 = z ? a(i2, (Activity) null) : a(i2, activity);
        } else {
            if (!e(str)) {
                throw new UafException(Outcome.APP_NOT_FOUND, "Origin is not HTTPS.");
            }
            z2 = true;
            if (!z) {
                String callingPackage = activity.getCallingPackage();
                if (!a(c(callingPackage)).booleanValue()) {
                    throw new UafException(Outcome.FAILURE, "Access denied: " + callingPackage + " is not allowed.");
                }
                if (!a(this.e, activity, "org.fidoalliance.uaf.permissions.ACT_AS_WEB_BROWSER")) {
                    throw new UafException(Outcome.FAILURE, "ACT_AS_WEB_BROWSER permission denied");
                }
            } else if (this.e.checkPermission("org.fidoalliance.uaf.permissions.ACT_AS_WEB_BROWSER", i, i2) != 0) {
                throw new UafException(Outcome.FAILURE, "ACT_AS_WEB_BROWSER permission denied");
            }
            a2 = d(str);
        }
        if (a2 != null) {
            return a(a2, z2, z, version);
        }
        String a3 = a(activity, z2, z, version);
        if (a3 != null) {
            return a3;
        }
        throw new UafException(Outcome.APP_NOT_FOUND, "Failed to retrieve facetID");
    }
}
