package com.worklight.wlclient;

import android.content.Context;
import android.os.Build;
import com.squareup.okhttp.CertificatePinner;
import com.squareup.okhttp.Interceptor;
import com.squareup.okhttp.OkHttpClient;
import com.squareup.okhttp.Response;
import com.squareup.okhttp.internal.Util;
import com.worklight.common.Logger;
import com.worklight.common.WLConfig;
import java.io.IOException;
import java.net.CookieManager;
import java.net.CookiePolicy;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import okio.ByteString;

/* loaded from: classes2.dex */
public class HttpClientManager {
    public static final String DUMMY_PINNING_HOST_NAME = "NONE";
    private static final String LOCATION_HEADER = "Location";
    private static final String OAUTH_PREVENT_REDIRECT = "wl-oauth-prevent-redirect";
    private static final int OAUTH_REDIRECT_STATUS = 222;
    public static final String PARAM_MFPREDIRECTURI = "://mfpredirecturi";
    private static final int SOCKET_OPERATION_TIMEOUT = 60;
    private static HttpClientManager instance;
    private static Logger logger = Logger.getInstance(HttpClientManager.class.getName());
    private CertificatePinner certificatePinningManager;
    private OkHttpClient httpClient = new OkHttpClient();
    private String webViewUserAgent;

    private HttpClientManager(Context context) {
        if (Build.VERSION.SDK_INT <= 19) {
            try {
                this.httpClient.setSslSocketFactory(new TLSEnabledSSLSocketFactory());
            } catch (KeyManagementException e) {
                logger.error("Unable to create socket", e);
                e.printStackTrace();
            } catch (NoSuchAlgorithmException e2) {
                logger.error("Unable to create socket", e2);
                e2.printStackTrace();
            }
        }
        this.httpClient.setConnectTimeout(60L, TimeUnit.SECONDS);
        this.httpClient.setReadTimeout(60L, TimeUnit.SECONDS);
        String protocol = WLConfig.getInstance().getProtocol();
        if (!protocol.equalsIgnoreCase("http") && !protocol.equalsIgnoreCase("https")) {
            throw new RuntimeException("HttpClientFactory: Can't create HttpClient with protocol " + protocol);
        }
        CookieManager cookieManager = new CookieManager();
        cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
        this.httpClient.setCookieHandler(cookieManager);
        this.httpClient.networkInterceptors().add(new Interceptor() { // from class: com.worklight.wlclient.HttpClientManager.1
            @Override // com.squareup.okhttp.Interceptor
            public Response intercept(Interceptor.Chain chain) throws IOException {
                String header;
                Response proceed = chain.proceed(chain.request());
                return (proceed.isRedirect() && (header = proceed.header("Location")) != null && header.contains(HttpClientManager.PARAM_MFPREDIRECTURI)) ? proceed.newBuilder().code(HttpClientManager.OAUTH_REDIRECT_STATUS).message(HttpClientManager.OAUTH_PREVENT_REDIRECT).build() : proceed;
            }
        });
        this.webViewUserAgent = System.getProperty("http.agent");
        if (!this.webViewUserAgent.contains("Worklight")) {
            this.webViewUserAgent += "/Worklight/" + WLConfig.getInstance().getPlatformVersion();
        }
        OkHttpInterceptor okHttpInterceptor = new OkHttpInterceptor(WLConfig.getInstance(), context);
        CertificatePinningInterceptor certificatePinningInterceptor = new CertificatePinningInterceptor();
        this.httpClient.interceptors().add(okHttpInterceptor);
        this.httpClient.interceptors().add(certificatePinningInterceptor);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void a(Context context) {
        synchronized (HttpClientManager.class) {
            instance = new HttpClientManager(context);
        }
    }

    public static synchronized void createInstance(Context context) {
        synchronized (HttpClientManager.class) {
            if (instance == null) {
                instance = new HttpClientManager(context);
            }
        }
    }

    private static KeyStore getAndroidCATrustStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).init(keyStore);
            return keyStore;
        } catch (Throwable th) {
            logger.error("Failed to access AndroidCAStore", th);
            return null;
        }
    }

    public static HttpClientManager getInstance() {
        if (instance == null) {
            throw new IllegalStateException("HttpClientManager should be created first (before calling getInstance");
        }
        return instance;
    }

    public static boolean setSSLSocketFactory(KeyStore keyStore, char[] cArr) {
        try {
            if (getAndroidCATrustStore() == null) {
                return false;
            }
            if (instance != null && instance.httpClient != null) {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, cArr);
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                instance.httpClient.setSslSocketFactory(sSLContext.getSocketFactory());
            }
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public OkHttpClient getOkHttpClient() {
        return this.httpClient;
    }

    public String getWebViewUserAgent() {
        return this.webViewUserAgent;
    }

    public void pinTrustedCertificatePublicKey(Certificate certificate) {
        if (certificate instanceof X509Certificate) {
            this.certificatePinningManager = new CertificatePinner.Builder().add(DUMMY_PINNING_HOST_NAME, "sha1/" + Util.sha1(ByteString.of(certificate.getPublicKey().getEncoded())).base64()).build();
            this.httpClient.setCertificatePinner(this.certificatePinningManager);
        }
    }

    public void pinTrustedCertificatePublicKey(Certificate certificate, String str) {
        if (certificate instanceof X509Certificate) {
            this.certificatePinningManager = new CertificatePinner.Builder().add(str, "sha1/" + Util.sha1(ByteString.of(certificate.getPublicKey().getEncoded())).base64()).build();
            this.httpClient.setCertificatePinner(this.certificatePinningManager);
        }
    }
}
