package ru.otpbank.api.retrofit;

import android.content.res.Resources;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import retrofit2.Call;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;
import retrofit2.http.Body;
import retrofit2.http.POST;
import ru.otpbank.BuildConfig;
import ru.otpbank.MainUI;
import ru.otpbank.R;
import ru.otpbank.api.request.WrappedRequest;

/* loaded from: classes.dex */
public class API {
    private static final String BASE_URL = "https://informer.otpbank.ru/";
    private static final String CREDENTIALS = "andruser:lOrzfXyPY8";
    private static Interceptor basicAuthorization = new Interceptor() { // from class: ru.otpbank.api.retrofit.API.1
        @Override // okhttp3.Interceptor
        public Response intercept(Interceptor.Chain chain) throws IOException {
            Request request = chain.request();
            return chain.proceed(request.newBuilder().header("Authorization", "Basic " + Base64.encodeToString(API.CREDENTIALS.getBytes(), 2)).header("Accept", "application/json").method(request.method(), request.body()).build());
        }
    };
    public static MainUI mainUI;
    public static Resources resources;

    /* loaded from: classes.dex */
    public interface OTPCreditService {
        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> checkVersion(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> confirmCode(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getAccessToken(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getCreditsData(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getGuid(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getIFreeMessages(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getLocationsInfo(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getNearbyLocations(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getNotifications(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getPin(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> getSmsCommands(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> sendPaperless(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> setPush(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> setPushRead(@Body WrappedRequest wrappedRequest);

        @POST("/otpinformer/json.php")
        Call<ru.otpbank.api.response.Response> updateAgreementName(@Body WrappedRequest wrappedRequest);
    }

    public static OTPCreditService getService() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: ru.otpbank.api.retrofit.API.2
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            builder.sslSocketFactory(sSLContext.getSocketFactory()).hostnameVerifier(new HostnameVerifier() { // from class: ru.otpbank.api.retrofit.API.3
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }
            });
            builder.addInterceptor(basicAuthorization);
            builder.addInterceptor(new Interceptor() { // from class: ru.otpbank.api.retrofit.API.4
                @Override // okhttp3.Interceptor
                public Response intercept(Interceptor.Chain chain) throws IOException {
                    Response proceed = chain.proceed(chain.request());
                    String header = proceed.header("App_version_current", BuildConfig.VERSION_NAME);
                    String header2 = proceed.header("App_version_is_forced", "");
                    Log.d("appVers", "app version: " + header + "\nisForced: " + header2);
                    if (!BuildConfig.VERSION_NAME.equals(header) && header2.equals("1") && API.mainUI != null) {
                        API.mainUI.showUpdateDialog();
                    }
                    return proceed;
                }
            });
            builder.connectTimeout(3L, TimeUnit.MINUTES);
            builder.readTimeout(3L, TimeUnit.MINUTES);
            return (OTPCreditService) new Retrofit.Builder().baseUrl("https://informer.otpbank.ru/").client(builder.build()).addConverterFactory(GsonConverterFactory.create()).build().create(OTPCreditService.class);
        } catch (Exception e) {
            throw new RuntimeException("Connection problem", e);
        }
    }

    private static SSLContext getSslContext() {
        SSLContext sSLContext = null;
        try {
            KeyStore readKeyStore = readKeyStore();
            sSLContext = SSLContext.getInstance("SSL");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(readKeyStore);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(readKeyStore, "my_little_secret".toCharArray());
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
            return sSLContext;
        } catch (Exception e) {
            Log.e("SSL cert pinning fail", e.getMessage(), e);
            return sSLContext;
        }
    }

    private static KeyStore readKeyStore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        InputStream openRawResource = resources.openRawResource(R.raw.ca_keystore);
        try {
            keyStore.load(openRawResource, "my_little_secret".toCharArray());
            return keyStore;
        } finally {
            openRawResource.close();
        }
    }
}
