package com.heytap.browser.platform.widget.web;

import android.content.Context;
import android.text.TextUtils;
import com.heytap.browser.base.net.WebAddress;
import com.heytap.browser.base.stat.ModelStat;
import com.heytap.browser.base.text.StringUtils;
import com.heytap.browser.base.thread.ThreadPool;
import com.heytap.browser.common.DebugConfig;
import com.heytap.browser.common.FeatureConfig;
import com.heytap.browser.common.constants.ModuleCommonConstants;
import com.heytap.browser.common.log.Log;
import com.heytap.browser.network.IResultCallback;
import com.heytap.browser.network.ResultMsg;
import com.heytap.browser.platform.R;
import com.heytap.browser.platform.base.BaseApplication;
import com.heytap.browser.platform.net.UrlUtils;
import com.heytap.browser.platform.network.JsApiListBusiness;
import com.heytap.browser.platform.utils.TimeRecordUtils;
import com.heytap.browser.platform.utils.stat.ThreeInterfaceDomainListManagerNew;
import com.heytap.browser.platform.widget.ToastEx;
import com.heytap.browser.tools.util.NetworkUtils;
import com.heytap.browser.webview.IWebViewFunc;
import com.heytap.heytapplayer.Report;
import com.heytap.uccreditlib.helper.NetErrorUtil;
import com.heytap.webview.extension.protocol.Const;
import com.tencent.open.SocialConstants;
import com.zhangyue.iReader.Platform.Collection.behavior.BID;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes10.dex */
public class JsApiAuthManager {
    private static volatile JsApiAuthManager fby;
    private long etG;
    private JsApiResult fbz = new JsApiResult();
    private boolean etE = false;
    private int mStatus = 0;
    private int etF = -1;
    private Context mContext = BaseApplication.bTH();
    private ThreeInterfaceDomainListManagerNew fbA = ThreeInterfaceDomainListManagerNew.cdF();

    private JsApiAuthManager() {
    }

    private void a(Context context, String str, boolean z2, int i2, String str2, int i3) {
        if (z2) {
            Log.d("JsApiAuthManager", "jsapi auth result is true, not need stat", new Object[0]);
        } else {
            ModelStat.dy(context).gN("10008").fh(R.string.stat_js_result).al("url", str).n("result", z2).F(BID.TAG_REASON, i2).al("jsName", str2).F("level", i3).fire();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void a(IWebViewFunc iWebViewFunc, long j2, int i2, String str) {
        if (iWebViewFunc.isDestroyed()) {
            return;
        }
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("expire", (j2 / 1000) + "");
            jSONObject.put("code", String.valueOf(i2));
            jSONObject.put(SocialConstants.PARAM_APP_DESC, "");
        } catch (JSONException e2) {
            Log.e("JsApiAuthManager", e2, "notifyJsApiListResult", new Object[0]);
        }
        Log.i("JsApiAuthManager", "notifyJsApiListResult earliestExpiredTime:%s   callbackStr:%s  code:%s", Long.valueOf(j2), str, Integer.valueOf(i2));
        iWebViewFunc.loadUrl("javascript:" + str + "(" + jSONObject.toString() + ")");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(final String str, final IWebViewFunc iWebViewFunc, final String str2, String str3, String str4) {
        b(1, 0L, NetErrorUtil.OPAY_TRADE_EXTSTS);
        if (!vV(str)) {
            b(iWebViewFunc, 0L, str2, 2006);
            return;
        }
        if (!jsApiAuthEnable()) {
            b(iWebViewFunc, 0L, str2, 2004);
            return;
        }
        JsApiListBusiness.Params params = new JsApiListBusiness.Params();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        params.mTimestamp = currentTimeMillis;
        String substring = str.length() > 256 ? str.substring(0, 256) : str;
        params.mUrl = substring;
        try {
            substring = URLEncoder.encode(substring, "UTF-8");
        } catch (Throwable th) {
            Log.e("JsApiAuthManager", "getJsApiList urlencoder error:%s", th);
        }
        params.erm = d(str3, substring, currentTimeMillis);
        params.ern = d(str4, substring, currentTimeMillis);
        new JsApiListBusiness(this.mContext, params, new IResultCallback() { // from class: com.heytap.browser.platform.widget.web.-$$Lambda$JsApiAuthManager$B6rduAifTSMW0CySY-2A8QcyJlk
            @Override // com.heytap.browser.network.IResultCallback
            public final void onResult(boolean z2, ResultMsg resultMsg, Object obj) {
                JsApiAuthManager.this.a(str, iWebViewFunc, str2, z2, resultMsg, (JsApiResult) obj);
            }
        }).dz(false);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(String str, IWebViewFunc iWebViewFunc, String str2, boolean z2, ResultMsg resultMsg, JsApiResult jsApiResult) {
        this.etE = z2;
        if (!z2) {
            this.fbz = JsApiListTableManager.lq(this.mContext);
            long longValue = JsApiListTableManager.jh(this.mContext).longValue();
            if (domainMatch(str, this.fbz.getDomain())) {
                b(iWebViewFunc, longValue, str2, longValue > System.currentTimeMillis() ? 0 : 2005);
            } else {
                b(iWebViewFunc, longValue, str2, NetErrorUtil.OPAY_TRADE_PASSWORD_SETTED);
            }
            Log.i("JsApiAuthManager", "getJsApiList from db resultMsg:%s", resultMsg);
            TimeRecordUtils.aL("jsApiConfig", 1);
            return;
        }
        this.fbz = jsApiResult;
        List<JsApiInfo> cfi = jsApiResult.cfi();
        if (cfi == null || cfi.size() <= 0) {
            b(iWebViewFunc, 0L, str2, 2005);
            Log.i("JsApiAuthManager", "getJsApiList from server  data is null! resultMsg:%s", resultMsg);
        } else {
            JsApiListTableManager.a(this.mContext, jsApiResult);
            long dU = dU(cfi);
            if (domainMatch(str, this.fbz.getDomain())) {
                b(iWebViewFunc, dU, str2, dU > System.currentTimeMillis() ? 0 : 2005);
            } else {
                b(iWebViewFunc, dU, str2, NetErrorUtil.OPAY_TRADE_PASSWORD_SETTED);
            }
            Log.i("JsApiAuthManager", "getJsApiList from server  resultMsg:%s", resultMsg);
        }
        TimeRecordUtils.aL("jsApiConfig", 0);
    }

    private String aU(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b2 : bArr) {
            String hexString = Integer.toHexString(b2 & Report.FAILED);
            if (hexString.length() == 1) {
                sb.append("0");
            }
            sb.append(hexString);
        }
        return sb.toString();
    }

    private void b(int i2, long j2, int i3) {
        this.mStatus = i2;
        this.etG = j2;
        this.etF = i3;
    }

    private void b(final IWebViewFunc iWebViewFunc, final long j2, final String str, final int i2) {
        b(1, j2, i2);
        ThreadPool.getMainHandler().postDelayed(new Runnable() { // from class: com.heytap.browser.platform.widget.web.-$$Lambda$JsApiAuthManager$YHu0W-YIIEvjWaN7kKThX-5NB3w
            @Override // java.lang.Runnable
            public final void run() {
                JsApiAuthManager.a(IWebViewFunc.this, j2, i2, str);
            }
        }, 300L);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void b(final IWebViewFunc iWebViewFunc, final String str, final String str2, final String str3) {
        final String url = iWebViewFunc.getUrl();
        if (StringUtils.isEmpty(url)) {
            return;
        }
        ThreadPool.runOnWorkThread(new Runnable() { // from class: com.heytap.browser.platform.widget.web.-$$Lambda$JsApiAuthManager$av7CRmhVkbX-q2FcPtXK5RwnSzA
            @Override // java.lang.Runnable
            public final void run() {
                JsApiAuthManager.this.a(url, iWebViewFunc, str, str2, str3);
            }
        });
    }

    private void cb(Context context, String str) {
        if (ModuleCommonConstants.isDebug() && DebugConfig.apE().apI()) {
            ToastEx.bZ(context, str).show();
        }
    }

    private void cc(Context context, String str) {
        if (ModuleCommonConstants.isDebug() && DebugConfig.apE().apI()) {
            ToastEx.bZ(context, str).show(true);
        }
    }

    public static JsApiAuthManager cfh() {
        if (fby == null) {
            synchronized (JsApiAuthManager.class) {
                if (fby == null) {
                    fby = new JsApiAuthManager();
                }
            }
        }
        return fby;
    }

    private String d(String str, String str2, long j2) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        return vU(str2 + j2 + str);
    }

    private boolean dT(String str, String str2) {
        return TextUtils.equals("about:blank", str) && (TextUtils.equals(str2, getFullApiName("BrowserPriv", "getSession")) || TextUtils.equals(str2, getFullApiName("BrowserPriv", "getKKUAV3")));
    }

    private long dU(List<JsApiInfo> list) {
        if (list == null || list.size() <= 0) {
            return 0L;
        }
        ArrayList arrayList = new ArrayList();
        int size = list.size();
        for (int i2 = 0; i2 < size; i2++) {
            long bIp = list.get(i2).bIp();
            if (bIp > 0) {
                arrayList.add(Long.valueOf(bIp));
            }
        }
        if (arrayList.size() <= 0) {
            return 0L;
        }
        return ((Long) Collections.min(arrayList)).longValue();
    }

    private boolean domainMatch(String str, String str2) {
        String wc = UrlUtils.wc(str);
        return StringUtils.isNonEmpty(wc) && wc.equals(str2);
    }

    private String getFullApiName(String str, String str2) {
        return str + "." + str2;
    }

    private boolean jsApiAuthEnable() {
        if (!ModuleCommonConstants.isDev()) {
            return FeatureConfig.ff(this.mContext).y("JsAuthEnableNew", true);
        }
        DebugConfig.apE();
        return DebugConfig.apE().apG();
    }

    private String vU(String str) {
        byte[] bytes = str.getBytes();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bytes);
            return aU(messageDigest.digest());
        } catch (NoSuchAlgorithmException unused) {
            return null;
        }
    }

    private boolean vV(String str) {
        if ((ModuleCommonConstants.isDebug() && DebugConfig.apE().apH()) || !FeatureConfig.ff(this.mContext).y("JsHttpsAuthEnable", false)) {
            return true;
        }
        String str2 = null;
        try {
            str2 = new WebAddress(str).getScheme();
        } catch (Throwable th) {
            Log.e("JsApiAuthManager", "isUrlHttps error:%s", th);
        }
        return StringUtils.isNonEmpty(str2) && Const.Scheme.SCHEME_HTTPS.equalsIgnoreCase(str2);
    }

    public void a(final IWebViewFunc iWebViewFunc, final String str, final String str2, final String str3) {
        if (iWebViewFunc == null) {
            return;
        }
        ThreadPool.runOnUiThread(new Runnable() { // from class: com.heytap.browser.platform.widget.web.-$$Lambda$JsApiAuthManager$fJnExsh-zZfEa5w3VBbNZVBkfSI
            @Override // java.lang.Runnable
            public final void run() {
                JsApiAuthManager.this.b(iWebViewFunc, str, str2, str3);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getAuthResult() {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("expire", String.valueOf(this.etG));
            jSONObject.put("code", String.valueOf(this.etF));
            jSONObject.put("status", this.mStatus);
        } catch (JSONException e2) {
            Log.e("JsApiAuthManager", e2, "getAuthResult", new Object[0]);
        }
        return jSONObject.toString();
    }

    public boolean s(String str, String str2, boolean z2) {
        JsApiResult lq;
        Log.d("JsApiAuthManager", "isAuthPass url: %s", str2);
        if (StringUtils.isEmpty(str2)) {
            Log.i("JsApiAuthManager", "isAuthPass fullApiName:%s  url is null", str);
            cb(this.mContext, "JSAPI二级校验失败: URL为空");
            return false;
        }
        if (TextUtils.equals(str2, "heytap_browser_local_error_page") || TextUtils.equals(str2, "readermode.browser.heytapmobi.com") || dT(str2, str)) {
            Log.i("JsApiAuthManager", "isAuthPss fullApiName:%s  local error page or read mode, trust", str);
            return true;
        }
        if (!vV(str2)) {
            Log.i("JsApiAuthManager", "isAuthPass fullApiName:%s  authResult:%s url is not https", str, false);
            cb(this.mContext, "JSAPI二级校验失败: HTTPS校验未通过");
            a(this.mContext, str2, false, 23, str, 2);
            return false;
        }
        boolean jsApiAuthEnable = jsApiAuthEnable();
        if (!z2 && !jsApiAuthEnable) {
            Log.i("JsApiAuthManager", "isAuthPass  authResult:true   needWhiteHostCheck:%s   jsApiAuthEnable:%s  fullApiName:%s", false, false, str);
            return true;
        }
        if (z2 && !jsApiAuthEnable && AbstractJsObject.isWhiteHost(str2)) {
            Log.i("JsApiAuthManager", "isAuthPass  authResult:true   needWhiteHostCheck:%s   jsApiAuthEnable:%s  isWhiteHost:%s  fullApiName:%s", true, false, Boolean.valueOf(AbstractJsObject.isWhiteHost(str2)), str);
            return true;
        }
        if (!NetworkUtils.isNetworkAvailable(this.mContext)) {
            cb(this.mContext, "JSAPI二级校验失败: 无网络");
            return false;
        }
        JsApiResult jsApiResult = this.fbz;
        if (jsApiResult == null) {
            Log.i("JsApiAuthManager", "mJsApiResult is null", new Object[0]);
            return false;
        }
        List<JsApiInfo> cfi = jsApiResult.cfi();
        if (this.etE && cfi.size() <= 0) {
            Log.i("JsApiAuthManager", "isAuthPass fullApiName:%s  authResult:%s  server apiList is null", str, false);
            a(this.mContext, str2, false, 22, str, 2);
            cb(this.mContext, "JSAPI二级校验失败: 已请求授权，服务端返回的授权列表为空");
            return false;
        }
        if (cfi.size() <= 0 && ((lq = JsApiListTableManager.lq(this.mContext)) == null || lq.cfi().size() <= 0)) {
            Log.i("JsApiAuthManager", "isAuthPass fullApiName:%s  authResult:%s db apiList is null", str, false);
            cb(this.mContext, "JSAPI二级校验失败: 授权列表为空，前端未调用jsApiConfig授权接口");
            a(this.mContext, str2, false, 21, str, 2);
            return false;
        }
        String wc = UrlUtils.wc(str2);
        String domain = this.fbz.getDomain();
        if (StringUtils.isEmpty(wc) || !wc.equals(domain)) {
            Log.i("JsApiAuthManager", "isAuthPass domain %s not match", domain);
            cb(this.mContext, String.format("JSAPI二级校验失败: 当前网址[%s]与授权域名[%s]未匹配", wc, domain));
            a(this.mContext, str2, false, 24, str, 2);
            return false;
        }
        long currentTimeMillis = System.currentTimeMillis();
        int size = cfi.size();
        int i2 = 0;
        while (true) {
            if (i2 >= size) {
                break;
            }
            JsApiInfo jsApiInfo = cfi.get(i2);
            boolean equalsIgnoreCase = jsApiInfo.getApi().equalsIgnoreCase(str);
            boolean z3 = currentTimeMillis > jsApiInfo.bIp();
            if (equalsIgnoreCase && !z3) {
                Log.i("JsApiAuthManager", "isAuthPass fullApiName:%s, authResult:%s", str, true);
                a(this.mContext, str2, true, 0, str, 2);
                return true;
            }
            if (equalsIgnoreCase) {
                cc(this.mContext, "JSAPI二级校验失败: jsApiConfig授权已过期");
                break;
            }
            i2++;
        }
        Log.i("JsApiAuthManager", "isAuthPass   fullApiName:%s  authResult:default", str);
        cb(this.mContext, "JSAPI二级校验失败: jsApiConfig授权列表不匹配");
        a(this.mContext, str2, true, 20, str, 2);
        return false;
    }

    public boolean t(String str, String str2, boolean z2) {
        Log.d("JsApiAuthManager", "isLevel1AuthPass url: %s", str2);
        if (StringUtils.isEmpty(str2)) {
            Log.i("JsApiAuthManager", "isLevel1AuthPass url is null! authResult:false  apiCategory:%s", str);
            cb(this.mContext, "JSAPI一级校验失败: URL为空");
            return false;
        }
        if ("about:blank".equals(str2) || TextUtils.equals(str2, "readermode.browser.heytapmobi.com") || TextUtils.equals(str2, "heytap_browser_local_error_page")) {
            return true;
        }
        if (!vV(str2)) {
            Log.i("JsApiAuthManager", "isLevel1AuthPass apiCategory:%s  authResult:%s url is not https", str, false);
            cb(this.mContext, "JSAPI一级校验失败: URL非HTTPS");
            a(this.mContext, str2, false, 13, str, 1);
            return false;
        }
        boolean jsApiAuthEnable = jsApiAuthEnable();
        if (!z2 && !jsApiAuthEnable) {
            Log.i("JsApiAuthManager", "isLevel1AuthPass  authResult:true   needWhiteHostCheck:%s   jsApiAuthEnable:%s, apiCategory:%s", false, false, str);
            return true;
        }
        if (z2 && !jsApiAuthEnable && AbstractJsObject.isWhiteHost(str2)) {
            Log.i("JsApiAuthManager", "isLevel1AuthPass  authResult:true   needWhiteHostCheck:%s   jsApiAuthEnable:%s  isWhiteHost:%s  apiCategory:%s", true, false, Boolean.valueOf(AbstractJsObject.isWhiteHost(str2)), str);
            return true;
        }
        boolean dM = this.fbA.dM(str, str2);
        Log.i("JsApiAuthManager", "isLevel1AuthPass  check by serviceconfig  apiCategory:%s  url:%s  authResult:%s", str, str2, Boolean.valueOf(dM));
        a(this.mContext, str2, dM, dM ? 0 : 14, str, 1);
        return dM;
    }
}
