package com.noknok.android.uaf.framework.service;

import android.app.Activity;
import android.content.Context;
import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.fido.android.framework.service.Fido;
import com.fido.android.framework.tm.Logger;
import com.fido.android.utils.Charsets;
import com.fido.uaf.ver0100.types.TrustedFacets;
import com.fido.uaf.ver0100.types.UafError;
import com.fido.uaf.ver0100.types.UafException;
import com.fido.uaf.ver0100.types.Version;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Set;

/* loaded from: classes.dex */
public class FacetIDsValidator {
    private static final String ACT_AS_WEB_BROWSER_PERMISSION = "org.fidoalliance.uaf.permissions.ACT_AS_WEB_BROWSER";
    private static final String EXPIRE_TIME = "expireTime";
    private static final String FIDO_APPID_REDIRECT_AUTHORIZED = "FIDO-AppID-Redirect-Authorized";
    private static final String IDS_LIST = "ids";
    private static final String LIST_SPLITER = ",";
    private static final int MAX_REDIRECTS = 5;
    private static final String MIME_Content_Type = "application/fido.trusted-apps+json";
    public static String TAG = "FacetIDsValidator";
    private static Set<String> mPublicSuffixes;
    private String mAppID;
    private Context mContext;
    private SharedPreferences mPreferences;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public enum CacheUpdateStrategy {
        CheckDefaultPeriod,
        ForceUpdate
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class TrustedApps {
        TrustedFacets[] trustedFacets;

        TrustedApps() {
        }
    }

    public FacetIDsValidator(String str, Context context) {
        this.mContext = context;
        this.mAppID = str;
    }

    private static boolean checkCallingActivityPermission(Context context, Activity activity, String str) {
        PackageManager packageManager = context.getPackageManager();
        if (activity == null) {
            return false;
        }
        String callingPackage = activity.getCallingPackage();
        try {
            String[] strArr = packageManager.getPackageInfo(callingPackage, 4096).requestedPermissions;
            if (strArr != null) {
                for (String str2 : strArr) {
                    if (str2.matches(str)) {
                        return true;
                    }
                }
            }
        } catch (PackageManager.NameNotFoundException unused) {
            Logger.e(TAG, "Failed to get requestedPermissions for " + callingPackage);
        }
        return false;
    }

    private static long getExpires(String str) {
        try {
            return new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz").parse(str).getTime();
        } catch (ParseException e) {
            Logger.e(TAG, e.getMessage(), e);
            return new Date().getTime() + 60000;
        }
    }

    private String getPreferenceFileName() {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(this.mAppID.getBytes(Charsets.utf8Charset), 0, this.mAppID.length());
            byte[] digest = messageDigest.digest();
            StringBuilder sb = new StringBuilder();
            for (byte b : digest) {
                int i = (b >>> 4) & 15;
                int i2 = 0;
                while (true) {
                    if (i < 0 || i > 9) {
                        sb.append((char) ((i - 10) + 97));
                    } else {
                        sb.append((char) (i + 48));
                    }
                    i = b & 15;
                    int i3 = i2 + 1;
                    if (i2 > 0) {
                        break;
                    }
                    i2 = i3;
                }
            }
            Logger.i(TAG, "Preferences file name for " + this.mAppID + " is :" + sb.toString());
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            Logger.e(TAG, "", e);
            return null;
        }
    }

    private boolean isFacetIdInList(String str) {
        String string = this.mPreferences.getString(IDS_LIST, null);
        if (string == null || string.length() == 0) {
            Logger.i(TAG, "IDS list is empty");
            return false;
        }
        for (String str2 : string.split(LIST_SPLITER)) {
            if (str.equalsIgnoreCase(str2)) {
                return true;
            }
        }
        return false;
    }

    private static boolean isHTTPS(String str) {
        try {
            return "https".equals(new URL(str).getProtocol());
        } catch (Exception unused) {
            return false;
        }
    }

    private static String resolveFacetID(String str) {
        try {
            URI uri = new URI(str);
            if (uri.getPath().length() > 0) {
                str = str.split(uri.getPath())[0];
            }
            String str2 = str;
            if (uri.getPort() != -1 && uri.getScheme().equalsIgnoreCase("https") && uri.getPort() == 443) {
                str2 = str2.split(":443")[0];
            }
            if (str2.endsWith("/")) {
                return str2;
            }
            return str2 + "/";
        } catch (URISyntaxException e) {
            Logger.e(TAG, e.getMessage(), e);
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x017a  */
    /* JADX WARN: Removed duplicated region for block: B:33:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:99:0x01d2  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void updateFacetIDsList(com.noknok.android.uaf.framework.service.FacetIDsValidator.CacheUpdateStrategy r11, java.lang.String r12, com.fido.uaf.ver0100.types.Version r13, int r14) {
        /*
            Method dump skipped, instructions count: 486
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.noknok.android.uaf.framework.service.FacetIDsValidator.updateFacetIDsList(com.noknok.android.uaf.framework.service.FacetIDsValidator$CacheUpdateStrategy, java.lang.String, com.fido.uaf.ver0100.types.Version, int):void");
    }

    public String resolveFacetID(int i, Activity activity) {
        String str;
        PackageManager packageManager = this.mContext.getPackageManager();
        if (activity != null) {
            str = activity.getCallingPackage();
        } else {
            String[] packagesForUid = packageManager.getPackagesForUid(i);
            if (packagesForUid == null) {
                return null;
            }
            try {
                str = packageManager.getPackageInfo(packagesForUid[0], 0).packageName;
            } catch (PackageManager.NameNotFoundException unused) {
                Logger.e(TAG, "Failed to get packageName");
                return null;
            }
        }
        try {
            Signature[] signatureArr = packageManager.getPackageInfo(str, 64).signatures;
            if (signatureArr.length > 0) {
                Signature signature = signatureArr[0];
                MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                messageDigest.update(signature.toByteArray());
                return "android:apk-key-hash:" + Base64.encodeToString(messageDigest.digest(), 3);
            }
        } catch (PackageManager.NameNotFoundException | NoSuchAlgorithmException unused2) {
        }
        return null;
    }

    public String validateCaller(int i, int i2, Activity activity, String str, Version version) throws UafException {
        String str2;
        boolean isHTTPS;
        Log.d("orgin :   ", str + "");
        if (TextUtils.isEmpty(str)) {
            Log.d("resolveFacetID  ", "true");
            String resolveFacetID = resolveFacetID(i2, activity);
            Log.d("resolveFacetID  ", "true" + resolveFacetID);
            str2 = resolveFacetID;
        } else {
            if (!isHTTPS(str)) {
                throw new UafException(UafError.Error.UNTRUSTED_FACET_ID, "Origin is not HTTPS.");
            }
            if (!checkCallingActivityPermission(this.mContext, activity, ACT_AS_WEB_BROWSER_PERMISSION)) {
                throw new UafException(UafError.Error.UNKNOWN, "ACT_AS_WEB_BROWSER permission denied");
            }
            str2 = resolveFacetID(str);
            Log.d("resolveFacetID  ", str2);
        }
        if (str2 == null) {
            throw new UafException(UafError.Error.UNTRUSTED_FACET_ID, "Failed to retrieve facetID");
        }
        String str3 = this.mAppID;
        if (str3 == null || str3.length() == 0 || (!(isHTTPS = isHTTPS(this.mAppID)) && str2.equals(this.mAppID))) {
            return str2;
        }
        if (!isHTTPS) {
            throw new UafException(UafError.Error.UNTRUSTED_FACET_ID, "AppID is not HTTPS.");
        }
        if (!TextUtils.isEmpty(str)) {
            try {
                if (new URL(this.mAppID).getHost().compareToIgnoreCase(new URL(str2).getHost()) == 0) {
                    return str2;
                }
            } catch (MalformedURLException unused) {
                throw new UafException(UafError.Error.UNTRUSTED_FACET_ID, "AppID is not valid URL");
            }
        }
        if (Fido.Instance() != null) {
            this.mPreferences = Fido.Instance().getSharedPreferences(getPreferenceFileName(), 0);
        } else {
            this.mPreferences = this.mContext.getSharedPreferences(getPreferenceFileName(), 0);
        }
        for (CacheUpdateStrategy cacheUpdateStrategy : CacheUpdateStrategy.values()) {
            updateFacetIDsList(cacheUpdateStrategy, this.mAppID, version, 0);
            if (isFacetIdInList(str2)) {
                Logger.i(TAG, "Accepted.");
                return str2;
            }
        }
        throw new UafException(UafError.Error.UNTRUSTED_FACET_ID, "Failed to retrieve facetID");
    }

    public boolean validateFacets(String str) {
        return str.startsWith("android:apk-key");
    }
}
