package com.alibaba.ariver.permission.service;

import android.net.Uri;
import android.os.Bundle;
import android.text.TextUtils;
import androidx.annotation.Nullable;
import com.alibaba.ariver.app.api.Page;
import com.alibaba.ariver.app.api.service.TinyAppInnerProxy;
import com.alibaba.ariver.engine.api.bridge.BridgeResponseHelper;
import com.alibaba.ariver.engine.api.bridge.model.NativeCallContext;
import com.alibaba.ariver.engine.api.model.WorkerStore;
import com.alibaba.ariver.kernel.RVParams;
import com.alibaba.ariver.kernel.RVStartParams;
import com.alibaba.ariver.kernel.api.extension.bridge.BridgePermission;
import com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult;
import com.alibaba.ariver.kernel.api.security.DefaultPermission;
import com.alibaba.ariver.kernel.api.security.Permission;
import com.alibaba.ariver.kernel.common.RVProxy;
import com.alibaba.ariver.kernel.common.service.RVConfigService;
import com.alibaba.ariver.kernel.common.utils.BundleUtils;
import com.alibaba.ariver.kernel.common.utils.JSONUtils;
import com.alibaba.ariver.kernel.common.utils.RVLogger;
import com.alibaba.ariver.kernel.common.utils.UrlUtils;
import com.alibaba.ariver.permission.AppPermissionUtils;
import com.alibaba.ariver.permission.api.proxy.AuthenticationProxy;
import com.alibaba.ariver.permission.api.proxy.DomainConfigProxy;
import com.alibaba.ariver.permission.api.proxy.EmbedWebViewJsApiPermissionProxy;
import com.alibaba.ariver.permission.model.ApiPermissionInfo;
import com.alibaba.ariver.resource.api.models.AppInfoQuery;
import com.alibaba.ariver.resource.api.models.AppInfoScene;
import com.alibaba.ariver.resource.api.models.AppModel;
import com.alibaba.ariver.resource.api.models.PermissionModel;
import com.alibaba.ariver.resource.api.models.PluginModel;
import com.alibaba.ariver.resource.api.proxy.RVAppInfoManager;
import com.alibaba.fastjson.JSONArray;
import com.alipay.mobile.security.bio.api.BioDetector;
import com.iap.ac.android.container.js.plugin.ACContainerJSPlugin;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: classes.dex */
public class DefaultAuthenticationProxyImpl implements AuthenticationProxy {

    /* renamed from: a, reason: collision with root package name */
    public static final List<String> f40745a;

    /* renamed from: a, reason: collision with other field name */
    public static final String[] f6689a = {"navigateTo", "navigateBack", "switchTab", "reLaunch", "redirectTo", "getCurrentLocation", "getLocation", "webViewShare"};
    public static String b;

    /* renamed from: b, reason: collision with other field name */
    public static List<String> f6690b;

    /* renamed from: a, reason: collision with other field name */
    public final Map<String, Integer> f6693a = new ConcurrentHashMap();

    /* renamed from: b, reason: collision with other field name */
    public final Map<String, Map<String, PermissionModel>> f6694b = new ConcurrentHashMap();
    public final Map<String, Map<String, ApiPermissionInfo>> c = new ConcurrentHashMap();

    /* renamed from: a, reason: collision with other field name */
    public String f6692a = "";

    /* renamed from: d, reason: collision with root package name */
    public Map<String, ApiPermissionInfo> f40746d = new ConcurrentHashMap();

    /* renamed from: e, reason: collision with root package name */
    public Map<String, PermissionModel> f40747e = new ConcurrentHashMap();

    /* renamed from: a, reason: collision with other field name */
    public LocalAuthPermissionManager f6691a = new LocalAuthPermissionManager();

    /* renamed from: com.alibaba.ariver.permission.service.DefaultAuthenticationProxyImpl$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass1 {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f40748a;

        static {
            int[] iArr = new int[AppInfoScene.values().length];
            f40748a = iArr;
            try {
                iArr[AppInfoScene.DEBUG.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f40748a[AppInfoScene.INSPECT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    static {
        ArrayList arrayList = new ArrayList();
        f40745a = arrayList;
        b = "AriverPermission:" + DefaultAuthenticationProxyImpl.class.getSimpleName();
        ArrayList arrayList2 = new ArrayList();
        f6690b = arrayList2;
        arrayList2.add(ACContainerJSPlugin.SHOW_NETWORK_CHECK_ACTIVITY);
        f6690b.add("showUCFailDialog");
        f6690b.add("setKeyboardType");
        f6690b.add("monitorH5Performance");
        f6690b.add("getStartupParams");
        f6690b.add("inputBlurEvent");
        f6690b.add("hideCustomKeyBoard");
        f6690b.add("hideCustomInputMethod4NativeInput");
        f6690b.add("updateNativeKeyBoardInput");
        f6690b.add("setInputTextChanged");
        f6690b.add("tinyAppStandardLog");
        f6690b.add("tinyDebugConsole");
        arrayList.add("tel");
        arrayList.add("mailto");
        arrayList.add("sms");
        arrayList.add(BioDetector.EXT_KEY_GEO);
    }

    public final void a(String str) {
        if (!this.f6693a.containsKey(str)) {
            this.f6693a.put(str, 1);
        } else {
            Map<String, Integer> map = this.f6693a;
            map.put(str, Integer.valueOf(map.get(str).intValue() + 1));
        }
    }

    public final boolean b(Page page) {
        if (page == null) {
            return false;
        }
        return page.getEmbedType().isEmbedPage();
    }

    public final ApiPermissionCheckResult c(String str, String str2, Permission permission) {
        Map<String, PermissionModel> map = this.f6694b.get(str);
        if (map == null || !map.containsKey(str2)) {
            RVLogger.d(b, String.format("plugin %s not have permission field, just ignore", str2));
            return ApiPermissionCheckResult.IGNORE;
        }
        PermissionModel permissionModel = map.get(str2);
        if (permissionModel == null) {
            RVLogger.d(b, "permission is enabled by no permission file! " + permission.authority());
            return ApiPermissionCheckResult.ALLOW;
        }
        Set<String> jsapiList = permissionModel.getJsapiList();
        if (jsapiList != null && jsapiList.size() > 0) {
            Iterator<String> it = jsapiList.iterator();
            while (it.hasNext()) {
                if (it.next().equalsIgnoreCase(permission.authority())) {
                    RVLogger.d(b, "permission is allowed by plugin \t " + permission.authority());
                    return ApiPermissionCheckResult.ALLOW;
                }
            }
        }
        RVLogger.d(b, "plugin_forbidden:permission is disabled by plugin \t " + permission.authority());
        return ApiPermissionCheckResult.DENY_N22103;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult checkEventPermission(String str, String str2, Page page) {
        return !this.f40746d.containsKey(str) ? ApiPermissionCheckResult.IGNORE : hasPermission(str, str2, "EVENT_List", page);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult checkJSApi(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, Page page) {
        RVLogger.d(b, "checkJSApi " + nativeCallContext.getName() + " source: " + nativeCallContext.getSource());
        if (page == null || page.getApp() == null) {
            RVLogger.d(b, "checkJSApi,page is null");
            return ApiPermissionCheckResult.DENY_N22101;
        }
        if (d(page.getStartParams(), nativeCallContext.getName())) {
            return ApiPermissionCheckResult.DENY_N22102;
        }
        String appId = page.getApp().getAppId();
        if (!TextUtils.isEmpty(nativeCallContext.getPluginId())) {
            return c(appId, nativeCallContext.getPluginId(), permission);
        }
        if (f(nativeCallContext, page)) {
            RVLogger.d(b, "commonCheckIgnorePermission IGNORE by hasJsApiPermissionCallFromRender");
            return ApiPermissionCheckResult.IGNORE;
        }
        PermissionModel permissionModel = this.f40747e.get(appId);
        if (permission == null || permission == DefaultPermission.ALL || permissionModel == null) {
            RVLogger.d(b, String.format("%s not have permission file", appId));
            return ApiPermissionCheckResult.IGNORE;
        }
        if (f6690b.contains(permission.authority())) {
            return ApiPermissionCheckResult.IGNORE;
        }
        JSONArray configJSONArray = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("h5_white_jsapiList");
        if (configJSONArray != null && configJSONArray.contains(permission.authority())) {
            return ApiPermissionCheckResult.IGNORE;
        }
        if (b(page)) {
            RVLogger.d(b, permission.authority() + " call from webview");
            String appId2 = page.getApp().getAppId();
            String string = BundleUtils.getString(page.getStartParams(), "appId");
            EmbedWebViewJsApiPermissionProxy embedWebViewJsApiPermissionProxy = (EmbedWebViewJsApiPermissionProxy) RVProxy.get(EmbedWebViewJsApiPermissionProxy.class);
            if (embedWebViewJsApiPermissionProxy != null) {
                if (embedWebViewJsApiPermissionProxy.shouldInterceptJSApiCall(permission.authority(), page, appId2, string, nativeCallContext.getParams())) {
                    RVLogger.d(b, "embedwebviewjsapi_forbidden:EmbedWebViewJsApi interceptJSApiCall\t" + permission.authority());
                    return ApiPermissionCheckResult.DENY_N22201;
                }
                RVLogger.d(b, " EmbedWebViewJsApi ignore\t" + permission.authority());
                return ApiPermissionCheckResult.IGNORE;
            }
        } else {
            Set<String> jsapiList = permissionModel.getJsapiList();
            if (jsapiList != null && jsapiList.size() > 0) {
                Iterator<String> it = jsapiList.iterator();
                while (it.hasNext()) {
                    if (it.next().equalsIgnoreCase(permission.authority())) {
                        RVLogger.d(b, "permison is allowed \t " + permission.authority());
                        return ApiPermissionCheckResult.ALLOW;
                    }
                }
            }
        }
        RVLogger.d(b, "jsapi_forbidden:checkJSAPI deny \t" + permission.authority());
        return ApiPermissionCheckResult.DENY_N22104;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult checkSPJSApi(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, Page page) {
        ApiPermissionInfo apiPermissionInfo;
        boolean z;
        Uri parseUrl;
        if (page.getApp() == null) {
            return ApiPermissionCheckResult.DENY_N22207;
        }
        String appId = page.getApp().getAppId();
        String authority = permission.authority();
        if (TextUtils.isEmpty(nativeCallContext.getPluginId())) {
            apiPermissionInfo = this.f40746d.get(appId);
            z = false;
        } else {
            ApiPermissionInfo apiPermissionInfo2 = this.c.get(appId) == null ? null : this.c.get(appId).get(nativeCallContext.getPluginId());
            RVLogger.debug(b, "get ApiPermissionInfo from pluginId" + nativeCallContext.getPluginId());
            apiPermissionInfo = apiPermissionInfo2;
            z = true;
        }
        if (apiPermissionInfo == null) {
            return ApiPermissionCheckResult.IGNORE;
        }
        String str = "JSAPI_SP_Config_" + authority;
        List<String> apiLevelList = apiPermissionInfo.getApiLevelList(str);
        if (TextUtils.equals(authority, "httpRequest") || TextUtils.equals(authority, "uploadFile") || TextUtils.equals(authority, "request")) {
            String string = JSONUtils.getString(nativeCallContext.getParams(), "url");
            Uri parseUrl2 = UrlUtils.parseUrl(string);
            if (parseUrl2 != null) {
                String host = parseUrl2.getHost();
                ApiPermissionCheckResult g2 = z ? g(apiPermissionInfo, host, "JSAPI_SP_Config_httpRequest_allowedDomain") : hasPermission(appId, host, "JSAPI_SP_Config_httpRequest_allowedDomain", page);
                ApiPermissionCheckResult apiPermissionCheckResult = ApiPermissionCheckResult.IGNORE;
                if (g2 != apiPermissionCheckResult) {
                    RVLogger.d(b, "jsapi_sp_forbidden:" + authority + "\t is not allowed, in _allowedDomain: " + host);
                }
                if (TextUtils.equals(authority, "httpRequest") || TextUtils.equals(authority, "uploadFile") || TextUtils.equals(authority, "request")) {
                    if (g2 == apiPermissionCheckResult) {
                        if (!j(page, host)) {
                            return g2;
                        }
                        RVLogger.d(b, "jsapi_sp_forbidden:" + authority + "\t is not allowed, in domain blacklist: " + host + " is not allowed");
                        return ApiPermissionCheckResult.DENY_N22111;
                    }
                    boolean isDevSource = AppInfoScene.isDevSource(page.getStartParams());
                    boolean z2 = BundleUtils.getBoolean(page.getStartParams(), "ignoreHttpReqPermission", false);
                    if (!isDevSource || !z2) {
                        return g2;
                    }
                    DomainConfigProxy domainConfigProxy = (DomainConfigProxy) RVProxy.get(DomainConfigProxy.class);
                    RVLogger.d(b, authority + "\t ignoreHttpReqPermission: ");
                    return (domainConfigProxy == null || domainConfigProxy.isAlipayDomains(string) || domainConfigProxy.isSeriousAliDomains(string) || domainConfigProxy.isAliDomains(string)) ? g2 : apiPermissionCheckResult;
                }
            }
        } else if (apiLevelList != null) {
            for (String str2 : apiLevelList) {
                String string2 = JSONUtils.getString(nativeCallContext.getParams(), str2, null);
                if (!TextUtils.isEmpty(string2)) {
                    ApiPermissionCheckResult g3 = z ? g(apiPermissionInfo, string2, str + "_" + str2) : hasPermission(appId, string2, str + "_" + str2, page);
                    if (g3 != ApiPermissionCheckResult.IGNORE) {
                        RVLogger.d(b, "jsapi_sp_forbidden:" + authority + " paramKey: " + str2 + " content: " + string2 + " is not allowed");
                        return g3;
                    }
                }
            }
            if (TextUtils.equals(authority, RVStartParams.START_SCENE_START_APP) && (parseUrl = UrlUtils.parseUrl(JSONUtils.getString(JSONUtils.getJSONObject(nativeCallContext.getParams(), "param", null), "url"))) != null) {
                String host2 = parseUrl.getHost();
                ApiPermissionCheckResult g4 = z ? g(apiPermissionInfo, host2, str + "_url") : hasPermission(appId, host2, str + "_url", page);
                if (g4 != ApiPermissionCheckResult.IGNORE) {
                    RVLogger.d(b, "jsapi_sp_forbidden:" + authority + " host: " + host2 + " is not allowed");
                }
                return g4;
            }
        }
        return ApiPermissionCheckResult.IGNORE;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean checkShowPermissionDialog(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, Page page) {
        String appId = page.getApp().getAppId();
        PermissionModel permissionModel = this.f40747e.get(appId);
        if (permissionModel == null && nativeCallContext != null && nativeCallContext.getPluginId() != null && this.f6694b.get(appId) != null) {
            permissionModel = this.f6694b.get(appId).get(nativeCallContext.getPluginId());
        }
        if (permission == null || permission == DefaultPermission.ALL || permissionModel == null) {
            RVLogger.d(b, "checkShowPermissionDialog permsionModel is null");
            return false;
        }
        TinyAppInnerProxy tinyAppInnerProxy = (TinyAppInnerProxy) RVProxy.get(TinyAppInnerProxy.class);
        if (tinyAppInnerProxy == null || page == null || page.getApp() == null || !tinyAppInnerProxy.isInner(page.getApp())) {
            return this.f6691a.j(permission, nativeCallContext, bridgeResponseHelper, page);
        }
        RVLogger.d(b, "checkShowPermissionDialog isInner ");
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void clearPermissionModel(String str, boolean z) {
        if (e(str)) {
            if (this.f40747e.containsKey(str)) {
                this.f40747e.remove(str);
            }
            if (this.f40746d.get(str) != null) {
                this.f40746d.get(str).clear();
                this.f40746d.remove(str);
            }
            if (z) {
                this.f6694b.remove(str);
            }
        }
    }

    public final boolean d(Bundle bundle, String str) {
        if (!"tyroRequest".equals(str) && !"showRemoteDebugPanel".equals(str) && !"showRemoteDebugMask".equals(str)) {
            return false;
        }
        int i2 = AnonymousClass1.f40748a[AppInfoScene.extractScene(bundle).ordinal()];
        return (i2 == 1 || i2 == 2) ? false : true;
    }

    public final boolean e(String str) {
        if (this.f6693a.containsKey(str)) {
            int intValue = this.f6693a.get(str).intValue() - 1;
            this.f6693a.put(str, Integer.valueOf(intValue));
            boolean z = intValue == 0;
            if (z) {
                this.f6693a.remove(str);
            }
            return z;
        }
        RVLogger.w(b, "cannot detach " + str + " because it not attached!");
        return true;
    }

    public final boolean f(NativeCallContext nativeCallContext, Page page) {
        if (((WorkerStore) page.getData(WorkerStore.class)) == null || NativeCallContext.FROM_WORKER.equals(nativeCallContext.getSource())) {
            return false;
        }
        String pageURI = page.getPageURI();
        String string = BundleUtils.getString(page.getStartParams(), "onlineHost");
        if (TextUtils.isEmpty(pageURI) || TextUtils.isEmpty(string) || !pageURI.startsWith(string)) {
            return false;
        }
        JSONArray configJSONArray = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_renderJsapiBList");
        return configJSONArray == null || !configJSONArray.contains(nativeCallContext.getName());
    }

    public final ApiPermissionCheckResult g(ApiPermissionInfo apiPermissionInfo, String str, String str2) {
        if (!TextUtils.equals(str2, "Valid_SubResMimeList") && !str2.startsWith("JSAPI_SP_Config") && !TextUtils.equals(str2, "EVENT_List") && !TextUtils.equals(str2, "HttpLink_SubResMimeList") && !str2.startsWith("Webview_Config") && !TextUtils.equals(str2, "validDomain")) {
            boolean contains = apiPermissionInfo.getApiLevelList(str2).contains(str);
            if (!contains) {
                RVLogger.d(b, "jsapi_sp_forbidden:" + str2 + " not have permssion");
            }
            return contains ? ApiPermissionCheckResult.IGNORE : ApiPermissionCheckResult.DENY_N22104;
        }
        List<String> apiLevelList = apiPermissionInfo.getApiLevelList(str2);
        if (apiLevelList != null && !apiLevelList.isEmpty()) {
            Iterator<String> it = apiLevelList.iterator();
            while (it.hasNext()) {
                try {
                } catch (Exception e2) {
                    RVLogger.e(b, "hasPermission Regex Exception", e2);
                }
                if (Pattern.compile(it.next()).matcher(str).find()) {
                    return ApiPermissionCheckResult.IGNORE;
                }
                continue;
            }
        }
        RVLogger.d(b, "jsapi_sp_forbidden:" + str2 + " not have permssion ,not match regex");
        return TextUtils.equals(str2, "Valid_SubResMimeList") ? ApiPermissionCheckResult.DENY_N22105 : str2.startsWith("JSAPI_SP_Config") ? ApiPermissionCheckResult.DENY_N22106 : TextUtils.equals(str2, "EVENT_List") ? ApiPermissionCheckResult.DENY_N22107 : TextUtils.equals(str2, "HttpLink_SubResMimeList") ? ApiPermissionCheckResult.DENY_N22108 : str2.startsWith("Webview_Config") ? ApiPermissionCheckResult.DENY_N22109 : TextUtils.equals(str2, "validDomain") ? ApiPermissionCheckResult.DENY_N22110 : ApiPermissionCheckResult.DENY;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public Map<String, Boolean> getAllPermissions(String str, String str2, @Nullable AppModel appModel) {
        if (this.f6691a == null) {
            this.f6691a = new LocalAuthPermissionManager();
        }
        return this.f6691a.l(str2, appModel, this.f6694b);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public PermissionModel getPermissionModel(String str) {
        return this.f40747e.get(str);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public List<Permission> getPermissions(String str) {
        Set<String> jsapiList;
        PermissionModel permissionModel = this.f40747e.get(str);
        if (permissionModel == null || (jsapiList = permissionModel.getJsapiList()) == null || jsapiList.size() <= 0) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(jsapiList.size());
        for (String str2 : jsapiList) {
            arrayList.add(new BridgePermission(str2, str2));
        }
        return arrayList;
    }

    public final ApiPermissionCheckResult h(String str, String str2, String str3, Page page) {
        RVLogger.d(b, "hasPermissionOnIframe...url=" + str2);
        return hasPermission(str, str2, str3, page);
    }

    /* JADX WARN: Code restructure failed: missing block: B:54:0x0160, code lost:
    
        if (r7.startsWith("JSAPI_SP_Config") == false) goto L68;
     */
    /* JADX WARN: Code restructure failed: missing block: B:56:?, code lost:
    
        return com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult.IGNORE;
     */
    /* JADX WARN: Code restructure failed: missing block: B:58:0x0167, code lost:
    
        return com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult.DENY;
     */
    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult hasPermission(java.lang.String r5, java.lang.String r6, java.lang.String r7, com.alibaba.ariver.app.api.Page r8) {
        /*
            Method dump skipped, instructions count: 376
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.alibaba.ariver.permission.service.DefaultAuthenticationProxyImpl.hasPermission(java.lang.String, java.lang.String, java.lang.String, com.alibaba.ariver.app.api.Page):com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult");
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean hasPermissionModel(String str, Page page) {
        if (TextUtils.isEmpty(str)) {
            if (!b(page)) {
                return false;
            }
            str = page.getApp().getAppId();
        }
        return this.f40747e.containsKey(str);
    }

    public ApiPermissionCheckResult hasPermissionOnScheme(String str, Page page) {
        Uri parseUrl;
        if (!b(page)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        String appId = page.getApp().getAppId();
        if (TextUtils.isEmpty(str)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        Iterator<String> it = f40745a.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return ApiPermissionCheckResult.IGNORE;
            }
        }
        try {
            if (!"1".equals(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfig("ta_close_webviewSchemaWhiteList", "0")) && !TextUtils.isEmpty(str) && (str.startsWith("alipays://platformapi/startapp") || str.startsWith("alipays://platformapi/startApp") || str.startsWith("alipay://platformapi/startapp") || str.startsWith("alipay://platformapi/startApp"))) {
                ApiPermissionCheckResult apiPermissionCheckResult = ApiPermissionCheckResult.DENY;
                Uri parse = Uri.parse(str);
                String queryParameter = parse.getQueryParameter("appId");
                if (this.f40746d == null) {
                    return apiPermissionCheckResult;
                }
                ApiPermissionCheckResult hasPermission = hasPermission(appId, RVStartParams.START_SCENE_START_APP, "JSAPI_List", page);
                ApiPermissionCheckResult apiPermissionCheckResult2 = ApiPermissionCheckResult.IGNORE;
                if (hasPermission != apiPermissionCheckResult2) {
                    RVLogger.d(b, "start_app_forbidden: not have (startApp) ");
                    return ApiPermissionCheckResult.DENY_N22202;
                }
                ApiPermissionCheckResult hasPermission2 = hasPermission(appId, queryParameter, "JSAPI_SP_Config_startApp_appId", page);
                if (hasPermission2 != apiPermissionCheckResult2) {
                    RVLogger.d(b, "start_app_forbidden: not have startApp: " + queryParameter);
                    return ApiPermissionCheckResult.DENY_N22203;
                }
                String queryParameter2 = parse.getQueryParameter("url");
                if (TextUtils.isEmpty(queryParameter2) || (parseUrl = UrlUtils.parseUrl(queryParameter2)) == null) {
                    return hasPermission2;
                }
                ApiPermissionCheckResult hasPermission3 = hasPermission(appId, parseUrl.getHost(), "JSAPI_SP_Config_startApp_url", page);
                if (hasPermission3 == apiPermissionCheckResult2) {
                    return hasPermission3;
                }
                RVLogger.d(b, "start_app_forbidden: not have startApp: " + queryParameter2);
                return ApiPermissionCheckResult.DENY_N22204;
            }
        } catch (Throwable th) {
            RVLogger.e(b, th);
        }
        if (str.startsWith("http")) {
            return ApiPermissionCheckResult.IGNORE;
        }
        RVLogger.d(b, "schema_forbidden: scheme is not http，https，alipay schema");
        RVLogger.d(b, "hasPermissionOnScheme...non-http url, no permission");
        return ApiPermissionCheckResult.DENY_N22205;
    }

    public final ApiPermissionCheckResult i(String str, Page page) {
        if (page == null || page.getStartParams() == null || TextUtils.isEmpty(str)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        String string = BundleUtils.getString(page.getStartParams(), "MINI-PROGRAM-WEB-VIEW-TAG");
        if (!Boolean.valueOf(BundleUtils.getBoolean(page.getStartParams(), RVParams.isTinyApp, false)).booleanValue() || TextUtils.isEmpty(string)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        String configWithProcessCache = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("ta_webview_alipays_whitelist", "");
        if (TextUtils.isEmpty(configWithProcessCache)) {
            configWithProcessCache = "none";
        }
        if ("all".equalsIgnoreCase(configWithProcessCache) || page == null) {
            return ApiPermissionCheckResult.IGNORE;
        }
        try {
            for (String str2 : configWithProcessCache.split(",")) {
                if (string.equalsIgnoreCase(str2)) {
                    RVLogger.d(b, "interceptH5EmbedWebViewWithScheme appid in whiteList " + string);
                    return ApiPermissionCheckResult.IGNORE;
                }
            }
            String decode = UrlUtils.decode(str);
            if (!TextUtils.isEmpty(decode) && decode.contains("scheme=alipays://platformapi/startapp")) {
                RVLogger.d(b, "start_app_forbidden:url contain alipay schema");
                return ApiPermissionCheckResult.DENY_N22206;
            }
        } catch (Throwable th) {
            RVLogger.e(b, "interceptH5EmbedWebViewWithScheme: ", th);
        }
        return ApiPermissionCheckResult.IGNORE;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult interceptSchemeForTiny(String str, Page page) {
        if (str == null) {
            return ApiPermissionCheckResult.IGNORE;
        }
        ApiPermissionCheckResult i2 = i(str, page);
        ApiPermissionCheckResult apiPermissionCheckResult = ApiPermissionCheckResult.IGNORE;
        return i2 != apiPermissionCheckResult ? i2 : (str.startsWith("http") || str.startsWith("javascript") || "no".equalsIgnoreCase(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("h5_interceptSchemeForTiny", "")) || page == null || !hasPermissionModel(BundleUtils.getString(page.getStartParams(), "appId"), page)) ? apiPermissionCheckResult : hasPermissionOnScheme(str, page);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult interceptUrlForTiny(String str, String str2, Page page, boolean z) {
        String str3;
        Uri parseUrl = UrlUtils.parseUrl(str);
        if (parseUrl != null) {
            String scheme = parseUrl.getScheme();
            if (scheme != null && f40745a.contains(scheme.toLowerCase())) {
                return ApiPermissionCheckResult.IGNORE;
            }
            str3 = parseUrl.getHost();
        } else {
            str3 = "";
        }
        if (TextUtils.isEmpty(str2)) {
            if (!b(page)) {
                return ApiPermissionCheckResult.IGNORE;
            }
            str2 = page.getApp().getAppId();
        }
        return this.f40747e.get(str2) != null ? z ? h(str2, str3, "validDomain", page) : hasPermission(str2, str3, "validDomain", page) : ApiPermissionCheckResult.IGNORE;
    }

    public final boolean j(Page page, String str) {
        List<String> stringArray;
        if (page != null && !TextUtils.isEmpty(str) && (stringArray = JSONUtils.toStringArray(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_http_domain_blacklist"))) != null && !stringArray.isEmpty()) {
            Iterator<String> it = stringArray.iterator();
            while (it.hasNext()) {
                Matcher matcher = Pattern.compile(it.next()).matcher(str);
                if (matcher != null && matcher.matches()) {
                    return true;
                }
            }
        }
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void removeAllPermissionInfo(String str, String str2) {
        if (this.f6691a == null) {
            this.f6691a = new LocalAuthPermissionManager();
        }
        this.f6691a.r(str, str2);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPermissionModel(String str, PermissionModel permissionModel) {
        if (!this.f40747e.containsKey(str)) {
            this.f40747e.put(str, permissionModel);
            this.f40746d.put(str, AppPermissionUtils.convert2ApiPermissionInfo(permissionModel));
        }
        a(str);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPermissionState(String str, String str2, String str3, boolean z) {
        if (this.f6691a == null) {
            this.f6691a = new LocalAuthPermissionManager();
        }
        this.f6691a.h(str2, AppPermissionUtils.getAggregationMainAppId(((RVAppInfoManager) RVProxy.get(RVAppInfoManager.class)).getAppModel(AppInfoQuery.make(str2))), str3, z);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPluginPermissionModel(String str, PluginModel pluginModel, PermissionModel permissionModel) {
        RVLogger.d(b, "setPluginPermissionModel " + str + " plugin: " + pluginModel.getAppId());
        synchronized (this.f6694b) {
            Map<String, PermissionModel> map = this.f6694b.get(str);
            if (map == null) {
                map = new HashMap<>();
                this.f6694b.put(str, map);
            }
            map.put(pluginModel.getAppId(), permissionModel);
        }
        synchronized (this.c) {
            Map<String, ApiPermissionInfo> map2 = this.c.get(str);
            if (map2 == null) {
                map2 = new HashMap<>();
                this.c.put(str, map2);
            }
            map2.put(pluginModel.getAppId(), AppPermissionUtils.convert2ApiPermissionInfo(permissionModel));
        }
    }

    public boolean shouldInterceptWebViewNaviJsApi(String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            return false;
        }
        for (String str3 : f6689a) {
            if (str2.equals(str3)) {
                return false;
            }
        }
        List<String> stringArray = JSONUtils.toStringArray(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_webviewAppIdWhiteList"));
        if (stringArray != null) {
            Iterator<String> it = stringArray.iterator();
            while (it.hasNext()) {
                if (TextUtils.equals(it.next(), str)) {
                    RVLogger.d(b, "shouldInterceptWebViewNaviJsApi...appId in white list:" + str2);
                    return false;
                }
            }
        }
        RVLogger.d(b, "shouldInterceptWebViewNaviJsApi...not allowed: " + str2);
        return true;
    }
}
