package com.bytedance.topgo.utils.http;

import android.text.TextUtils;
import com.bytedance.topgo.TopGoApplication;
import com.bytedance.topgo.base.vpn.ProtectedSSLSocketFactory;
import com.bytedance.topgo.base.vpn.ProtectedSocketFactory;
import com.bytedance.topgo.utils.http.HttpsClientUtil;
import com.huawei.hms.framework.common.ContainerUtils;
import defpackage.gu0;
import defpackage.kx0;
import defpackage.qy;
import defpackage.rd;
import defpackage.x72;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.URLEncoder;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Map;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.ConnectionPool;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class HttpsClientUtil {
    public static final String MEDIATYPE_APPLICATION_JSON = "application/json; charset=utf-8";
    public static final String MEDIATYPE_TEXT_PLAIN = "text/plain; charset=utf-8";
    private static AtomicBoolean atomicSetKeepalive = new AtomicBoolean(false);
    public static final int interval_timeout = 30;
    private static String logTag = "HttpsClientUtil";
    public static ProtectedSSLSocketFactory protectedSSLSocketFactory = null;
    public static ProtectedSocketFactory protectedSocketFactory = null;
    public static final int vpn_timeout = 12;

    /* loaded from: classes2.dex */
    public interface DonwloadListener {
        void onComplete(String str);

        void onFailure(Exception exc);

        void onPorcessing(long j, long j2);
    }

    public static /* synthetic */ boolean a(String str, SSLSession sSLSession) {
        try {
            boolean verify = HttpsURLConnection.getDefaultHostnameVerifier().verify(qy.K0(), sSLSession);
            kx0.W0(logTag, "hostnameVerifier try verify result = " + verify + ", hostname = " + str);
            return verify;
        } catch (Exception e) {
            kx0.V0(logTag, "hostnameVerifier verify error", e);
            return true;
        }
    }

    public static void close(OkHttpClient okHttpClient) {
        if (okHttpClient != null) {
            try {
                okHttpClient.cache().close();
            } catch (Exception unused) {
            }
            try {
                okHttpClient.dispatcher().executorService().shutdown();
            } catch (Exception unused2) {
            }
            try {
                okHttpClient.connectionPool().evictAll();
            } catch (Exception unused3) {
            }
            try {
                ConnectionPool connectionPool = okHttpClient.connectionPool();
                synchronized (connectionPool) {
                    connectionPool.notifyAll();
                }
            } catch (Exception unused4) {
            }
        }
    }

    public static void close(Response response) {
        if (response != null) {
            try {
                response.body().close();
            } catch (Exception unused) {
            }
            try {
                response.close();
            } catch (Exception unused2) {
            }
        }
    }

    public static X509TrustManager createCustomTrustManager(Certificate certificate) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            if (!(certificate instanceof X509Certificate)) {
                throw new CertificateException("createCustomTrustManager: input cert is not x509Certificate");
            }
            keyStore.setCertificateEntry(((X509Certificate) certificate).getIssuerDN().getName(), certificate);
            X509TrustManager createStandardTrustManager = createStandardTrustManager();
            if (createStandardTrustManager != null) {
                for (X509Certificate x509Certificate : createStandardTrustManager.getAcceptedIssuers()) {
                    keyStore.setCertificateEntry(x509Certificate.getIssuerDN().getName() + x509Certificate.getSerialNumber(), x509Certificate);
                }
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (Exception e) {
            e.printStackTrace();
            String str = logTag;
            StringBuilder v = rd.v("createCustomTrustManager: ");
            v.append(e.getMessage());
            kx0.V0(str, v.toString(), e);
            return null;
        }
    }

    public static SSLSocketFactory createSSLSocketFactory(TrustManager trustManager) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{trustManager}, null);
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static X509TrustManager createStandardTrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (Exception e) {
            e.printStackTrace();
            String str = logTag;
            StringBuilder v = rd.v("createStandardTrustManager:");
            v.append(e.getMessage());
            kx0.V0(str, v.toString(), e);
            return null;
        }
    }

    private static Call generateGetSyncCall(OkHttpClient okHttpClient, String str, Map<String, String> map, Map<String, String> map2, boolean z, String str2) {
        String str3 = "";
        if (map != null) {
            int i = 0;
            for (Map.Entry<String, String> entry : map.entrySet()) {
                if (i == 0) {
                    StringBuilder v = rd.v(str3);
                    v.append(entry.getKey());
                    v.append(ContainerUtils.KEY_VALUE_DELIMITER);
                    v.append(URLEncoder.encode(entry.getValue()));
                    str3 = v.toString();
                } else {
                    StringBuilder A = rd.A(str3, "&");
                    A.append(entry.getKey());
                    A.append(ContainerUtils.KEY_VALUE_DELIMITER);
                    A.append(URLEncoder.encode(entry.getValue()));
                    str3 = A.toString();
                }
                i++;
            }
        }
        if (str3 != null && str3.length() > 0) {
            str = str.indexOf("?") > 0 ? rd.i(str, "&", str3) : rd.i(str, "?", str3);
        }
        if (z) {
            String w0 = kx0.w0(gu0.k().h());
            str = str.indexOf("?") > 0 ? rd.i(str, "&", w0) : rd.i(str, "?", w0);
        }
        kx0.W0(logTag, "[+] url = " + str);
        Request.Builder builder = new Request.Builder();
        if (map2 != null) {
            for (Map.Entry<String, String> entry2 : map2.entrySet()) {
                builder.addHeader(entry2.getKey(), entry2.getValue());
                String str4 = logTag;
                entry2.getKey();
                entry2.getValue();
                kx0.b0(str4);
            }
        }
        return okHttpClient.newCall(builder.url(str).removeHeader("User-Agent").addHeader("User-Agent", getUserAgent()).build());
    }

    public static Certificate getCertFromString(String str) {
        try {
            try {
                if (!str.contains("BEGIN CERTIFICATE") || !str.contains("END CERTIFICATE")) {
                    throw new CertificateException("getCertFromString: unexpected input format");
                }
                x72 x72Var = new x72();
                x72Var.Z(str);
                try {
                    try {
                        try {
                            return CertificateFactory.getInstance("X.509").generateCertificate(new x72.a());
                        } catch (CertificateException e) {
                            e = e;
                            kx0.V0(logTag, "[-] failed to getCertFromString", e);
                            return null;
                        }
                    } catch (Throwable th) {
                        throw th;
                    }
                } catch (CertificateException e2) {
                    e = e2;
                    kx0.V0(logTag, "[-] failed to getCertFromString", e);
                    return null;
                }
            } catch (CertificateException e3) {
                e = e3;
            }
        } catch (Throwable th2) {
            throw th2;
        }
    }

    public static OkHttpClient getHttpsClient(SocketFactory socketFactory, SSLSocketFactory sSLSocketFactory, boolean z) {
        return getHttpsClient(socketFactory, sSLSocketFactory, z, 30);
    }

    public static OkHttpClient getHttpsClient(SocketFactory socketFactory, SSLSocketFactory sSLSocketFactory, boolean z, int i) {
        setKeepAliveTime();
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        if (socketFactory != null) {
            try {
                builder.socketFactory(socketFactory);
            } catch (Exception e) {
                kx0.V0(logTag, "[-] failed to setSSL", e);
            }
        }
        if (sSLSocketFactory != null) {
            builder.sslSocketFactory(sSLSocketFactory);
        }
        if (z) {
            builder.cookieJar(new CookieJarImpl(true, true));
        }
        long j = i;
        TimeUnit timeUnit = TimeUnit.SECONDS;
        return builder.connectTimeout(j, timeUnit).readTimeout(j, timeUnit).writeTimeout(j, timeUnit).addInterceptor(new HttpHeaderInterceptor()).build();
    }

    public static OkHttpClient getHttpsClient(boolean z) {
        return getHttpsClient(z, 30);
    }

    public static OkHttpClient getHttpsClient(boolean z, int i) {
        String j = gu0.k().j("self_signed_cert", "");
        return !TextUtils.isEmpty(j) ? getHttpsClient(null, createSSLSocketFactory(createCustomTrustManager(getCertFromString(j))), z) : getHttpsClient(null, null, z, i);
    }

    public static String getUserAgent() {
        return TopGoApplication.e;
    }

    public static OkHttpClient getVpnHttpClient() {
        return getVpnHttpClient(12L, 12L, 12L);
    }

    public static OkHttpClient getVpnHttpClient(long j, long j2, long j3) {
        setKeepAliveTime();
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.cookieJar(new CookieJarImpl(true, true));
        builder.hostnameVerifier(new HostnameVerifier() { // from class: hy0
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                return HttpsClientUtil.a(str, sSLSession);
            }
        });
        try {
            if (protectedSSLSocketFactory == null) {
                protectedSSLSocketFactory = new ProtectedSSLSocketFactory();
            }
            setSSL(builder, protectedSocketFactory, protectedSSLSocketFactory);
        } catch (Exception e) {
            kx0.V0(logTag, "[-] failed to setSSL", e);
        }
        TimeUnit timeUnit = TimeUnit.SECONDS;
        return builder.connectTimeout(j, timeUnit).readTimeout(j2, timeUnit).writeTimeout(j3, timeUnit).addInterceptor(new HttpHeaderInterceptor()).build();
    }

    public static void initProtectedOkHttpClient(ProtectedSSLSocketFactory protectedSSLSocketFactory2, ProtectedSocketFactory protectedSocketFactory2) {
        protectedSSLSocketFactory = protectedSSLSocketFactory2;
        protectedSocketFactory = protectedSocketFactory2;
    }

    public static void requestGet(OkHttpClient okHttpClient, String str, Callback callback, Map<String, String> map, Map<String, String> map2, boolean z) {
        generateGetSyncCall(okHttpClient, str, map, map2, z, "[+] requestGet addHeader : ").enqueue(callback);
    }

    public static Response requestGetSync(OkHttpClient okHttpClient, String str, Map<String, String> map, Map<String, String> map2, boolean z) {
        try {
            return generateGetSyncCall(okHttpClient, str, map, map2, z, "[+] requestGetSync addHeader : ").execute();
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static Response requestGetSyncWithException(OkHttpClient okHttpClient, String str, Map<String, String> map, Map<String, String> map2, boolean z) throws IOException {
        return generateGetSyncCall(okHttpClient, str, map, map2, z, "[+] requestGetSync addHeader : ").execute();
    }

    public static Response requestPostJsonSync(OkHttpClient okHttpClient, String str, JSONObject jSONObject, Map<String, String> map, boolean z) throws Exception {
        if (z) {
            String w0 = kx0.w0(gu0.k().h());
            str = str.indexOf("?") > 0 ? rd.i(str, "&", w0) : rd.i(str, "?", w0);
        }
        kx0.W0(logTag, "[+] url = " + str);
        String jSONObject2 = jSONObject.toString();
        kx0.b0(logTag);
        RequestBody create = RequestBody.create(MediaType.parse(MEDIATYPE_APPLICATION_JSON), jSONObject2);
        Request.Builder builder = new Request.Builder();
        if (map != null) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                builder.addHeader(entry.getKey(), entry.getValue());
                String str2 = logTag;
                entry.getKey();
                entry.getValue();
                kx0.b0(str2);
            }
        }
        return okHttpClient.newCall(builder.url(str).post(create).removeHeader("User-Agent").addHeader("User-Agent", getUserAgent()).build()).execute();
    }

    private static void setKeepAliveTime() {
        if (atomicSetKeepalive.compareAndSet(false, true)) {
            try {
                Field declaredField = Class.forName("okhttp3.ConnectionPool").getDeclaredField("executor");
                declaredField.setAccessible(true);
                ((ThreadPoolExecutor) declaredField.get(null)).setKeepAliveTime(1L, TimeUnit.NANOSECONDS);
                kx0.b0(logTag);
            } catch (Exception unused) {
            }
            try {
                Field declaredField2 = Class.forName("okhttp3.internal.http2.Http2Connection").getDeclaredField("listenerExecutor");
                declaredField2.setAccessible(true);
                ((ThreadPoolExecutor) declaredField2.get(null)).setKeepAliveTime(1L, TimeUnit.NANOSECONDS);
                kx0.b0(logTag);
            } catch (Exception unused2) {
            }
        }
    }

    public static void setSSL(OkHttpClient.Builder builder, ProtectedSocketFactory protectedSocketFactory2, ProtectedSSLSocketFactory protectedSSLSocketFactory2) throws Exception {
        try {
            X509TrustManager createStandardTrustManager = createStandardTrustManager();
            kx0.W0(logTag, "[-] setssl trustmanager is " + createStandardTrustManager);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{createStandardTrustManager}, null);
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            if (protectedSSLSocketFactory2 != null) {
                if (protectedSSLSocketFactory2.delegate == null) {
                    String j = gu0.k().j("self_signed_cert", "");
                    if (TextUtils.isEmpty(j)) {
                        protectedSSLSocketFactory2.setDelegate(socketFactory);
                    } else {
                        protectedSSLSocketFactory2.setDelegate(createSSLSocketFactory(createCustomTrustManager(getCertFromString(j))));
                    }
                }
                builder.sslSocketFactory(protectedSSLSocketFactory2);
            } else {
                if (createStandardTrustManager == null) {
                    throw new CertificateException("trustManager is null");
                }
                builder.sslSocketFactory(socketFactory, createStandardTrustManager);
            }
        } catch (Exception e) {
            kx0.V0(logTag, "[-] failed to setSSL", e);
        }
        if (protectedSocketFactory2 != null) {
            builder.socketFactory(protectedSocketFactory2);
        }
    }
}
