package com.mastercard.mcbp.utils.http;

import androidx.webkit.ProxyConfig;
import com.google.firebase.perf.network.FirebasePerfUrlConnection;
import com.mastercard.mcbp.utils.exceptions.McbpErrorCode;
import com.mastercard.mcbp.utils.logs.McbpLogger;
import com.mastercard.mcbp.utils.logs.McbpLoggerFactory;
import com.mastercard.mobile_api.bytes.ByteArray;
import com.mastercard.mobile_api.utils.exceptions.http.HttpException;
import com.yandex.money.api.util.HttpHeaders;
import com.yandex.money.api.util.MimeTypes;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.net.URLConnection;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import s4.a;

/* loaded from: classes3.dex */
class HttpsPostConnection {
    public static final String HTTP_METHOD_POST = "POST";
    private static final String RETRY_AFTER_HEADER = "Retry-After";
    public static final int TIMEOUT = 30000;
    private byte[] mCertificateBytes;
    private String mData;
    private String mHostname;
    private final McbpLogger mLogger = McbpLoggerFactory.getInstance().getLogger(this);
    private String mUrl;

    HttpsPostConnection() {
    }

    private String getErrorStream(HttpURLConnection httpURLConnection) throws IOException {
        InputStream errorStream = httpURLConnection.getErrorStream();
        if (errorStream != null) {
            return new String(readAll(errorStream));
        }
        return null;
    }

    private int getRetryAfterValueHeader(HttpURLConnection httpURLConnection) throws IOException, HttpException {
        if (httpURLConnection.getHeaderFields() == null || !httpURLConnection.getHeaderFields().containsKey(RETRY_AFTER_HEADER)) {
            return 0;
        }
        List<String> list = httpURLConnection.getHeaderFields().get(RETRY_AFTER_HEADER);
        try {
            try {
                return Integer.parseInt(list.get(0));
            } catch (Exception unused) {
                throw new HttpException(httpURLConnection.getResponseCode(), "Error in parsing retry after value");
            }
        } catch (NumberFormatException unused2) {
            return Long.valueOf((new SimpleDateFormat("EEE, dd MM yyyy HH:mm:ss zzz").parse(list.get(0)).getTime() - System.currentTimeMillis()) / 1000).intValue();
        }
    }

    private URL getServerUrl() throws MalformedURLException {
        return new URL(this.mUrl);
    }

    private TrustManager[] getTrustAllCertificates() {
        return new TrustManager[]{new X509TrustManager() { // from class: com.mastercard.mcbp.utils.http.HttpsPostConnection.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }};
    }

    private SSLContext initializePermissiveSslContext() throws NoSuchAlgorithmException, KeyManagementException, IOException, HttpException {
        TrustManager[] trustManagerArr;
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        try {
            byte[] bArr = this.mCertificateBytes;
            KeyManager[] keyManagerArr = null;
            if (bArr == null || bArr.length <= 0) {
                trustManagerArr = null;
            } else {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(this.mCertificateBytes));
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                keyStore.setCertificateEntry("ca", generateCertificate);
                trustManagerArr = new TrustManager[]{new CustomTrustManager(keyStore)};
                keyManagerFactory.init(keyStore, null);
                keyManagerArr = keyManagerFactory.getKeyManagers();
            }
            sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
            return sSLContext;
        } catch (CertificateException e11) {
            e11.printStackTrace();
            throw new HttpException("Error in Certificate");
        } catch (Exception e12) {
            if (e12.getCause() != null) {
                e12.getCause().printStackTrace();
            } else {
                e12.printStackTrace();
            }
            throw new HttpException("Error in ssl context preparation");
        }
    }

    private HttpURLConnection setupHttpUrlConnection(URL url) throws IOException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) ((URLConnection) FirebasePerfUrlConnection.instrument(url.openConnection()));
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setDoInput(true);
        httpURLConnection.setDoOutput(true);
        httpURLConnection.setConnectTimeout(30000);
        httpURLConnection.setReadTimeout(30000);
        httpURLConnection.setRequestProperty(HttpHeaders.CONTENT_TYPE, MimeTypes.Application.JSON);
        httpURLConnection.setRequestProperty("Accept", MimeTypes.Application.JSON);
        return httpURLConnection;
    }

    private HttpsURLConnection setupHttpsUrlConnection(URL url) throws KeyManagementException, NoSuchAlgorithmException, IllegalArgumentException, IOException, HttpException {
        SSLContext initializePermissiveSslContext = initializePermissiveSslContext();
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) ((URLConnection) FirebasePerfUrlConnection.instrument(url.openConnection()));
        String[] strArr = a.f71865a;
        if (strArr == null || strArr.length == 0) {
            this.mLogger.d("No protocol found in Build config");
            httpsURLConnection.setSSLSocketFactory(initializePermissiveSslContext.getSocketFactory());
        } else {
            httpsURLConnection.setSSLSocketFactory(new CustomSSLSocketFactory(initializePermissiveSslContext.getSocketFactory()));
        }
        String str = this.mHostname;
        if (str == null || str.isEmpty()) {
            throw new HttpException("No host name found");
        }
        httpsURLConnection.setRequestMethod("POST");
        httpsURLConnection.setHostnameVerifier(new HostnameVerifier() { // from class: com.mastercard.mcbp.utils.http.HttpsPostConnection.2
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str2, SSLSession sSLSession) {
                return HttpsPostConnection.this.verifyHost(sSLSession);
            }
        });
        httpsURLConnection.setDoInput(true);
        httpsURLConnection.setDoOutput(true);
        httpsURLConnection.setConnectTimeout(30000);
        httpsURLConnection.setReadTimeout(30000);
        httpsURLConnection.setRequestProperty(HttpHeaders.CONTENT_TYPE, MimeTypes.Application.JSON);
        httpsURLConnection.setRequestProperty("Accept", MimeTypes.Application.JSON);
        return httpsURLConnection;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean verifyHost(SSLSession sSLSession) {
        try {
            X509Certificate[] x509CertificateArr = (X509Certificate[]) sSLSession.getPeerCertificates();
            if (x509CertificateArr != null) {
                for (int i11 = 0; i11 <= x509CertificateArr.length; i11++) {
                    try {
                        x509CertificateArr[0].checkValidity();
                    } catch (CertificateExpiredException e11) {
                        e11.printStackTrace();
                        return false;
                    } catch (CertificateNotYetValidException e12) {
                        e12.printStackTrace();
                        return false;
                    }
                }
                String name = x509CertificateArr[0].getSubjectDN().getName();
                int indexOf = name.indexOf("CN");
                int indexOf2 = name.indexOf(44, indexOf);
                if ((indexOf2 == -1 ? name.substring(indexOf) : name.substring(indexOf, indexOf2)).substring(3).equalsIgnoreCase(this.mHostname)) {
                    return true;
                }
                try {
                    for (List<?> list : x509CertificateArr[0].getSubjectAlternativeNames()) {
                        if (2 == list.size()) {
                            int intValue = ((Integer) list.get(0)).intValue();
                            String str = (String) list.get(1);
                            if (intValue == 2) {
                                if (this.mHostname.equalsIgnoreCase(str)) {
                                    return true;
                                }
                            } else if (intValue == 7 && this.mHostname.equals(str)) {
                                return true;
                            }
                        }
                    }
                } catch (CertificateParsingException e13) {
                    e13.printStackTrace();
                }
            }
            return false;
        } catch (SSLPeerUnverifiedException e14) {
            e14.printStackTrace();
            return false;
        }
    }

    public HttpResponse execute() throws HttpException {
        this.mLogger.d("----------HTTP POST------------");
        HttpURLConnection httpURLConnection = null;
        try {
            try {
                try {
                    URL serverUrl = getServerUrl();
                    HttpURLConnection httpURLConnection2 = serverUrl.getProtocol().equalsIgnoreCase(ProxyConfig.MATCH_HTTPS) ? setupHttpsUrlConnection(serverUrl) : setupHttpUrlConnection(serverUrl);
                    if (this.mData != null) {
                        httpURLConnection2.getOutputStream().write(this.mData.getBytes());
                    }
                    httpURLConnection2.connect();
                    int responseCode = httpURLConnection2.getResponseCode();
                    int retryAfterValueHeader = getRetryAfterValueHeader(httpURLConnection2);
                    String errorStream = getErrorStream(httpURLConnection2);
                    if (responseCode != 200 && responseCode != 204) {
                        throw new HttpException(responseCode, errorStream, retryAfterValueHeader);
                    }
                    InputStream inputStream = httpURLConnection2.getInputStream();
                    HttpResponse httpResponse = new HttpResponse(responseCode);
                    if (responseCode == 200) {
                        httpResponse.setContent(ByteArray.q(readAll(inputStream)));
                    }
                    httpURLConnection2.disconnect();
                    return httpResponse;
                } catch (SocketTimeoutException e11) {
                    throw new HttpException(McbpErrorCode.HTTP_TIMEOUT_OCCURRED, e11.getMessage());
                } catch (SSLException e12) {
                    throw new HttpException(McbpErrorCode.SSL_ERROR_CODE, e12.getMessage());
                }
            } catch (IOException e13) {
                throw new HttpException(e13.getMessage(), e13);
            } catch (KeyManagementException e14) {
                e = e14;
                throw new HttpException(e.getMessage(), e);
            } catch (NoSuchAlgorithmException e15) {
                e = e15;
                throw new HttpException(e.getMessage(), e);
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                httpURLConnection.disconnect();
            }
            throw th2;
        }
    }

    protected byte[] readAll(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[2048];
        while (true) {
            int read = inputStream.read(bArr);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            if (read == 2048) {
                byteArrayOutputStream.write(bArr);
            } else {
                byte[] bArr2 = new byte[read];
                System.arraycopy(bArr, 0, bArr2, 0, read);
                byteArrayOutputStream.write(bArr2);
            }
        }
    }

    public HttpsPostConnection withCertificate(byte[] bArr) {
        this.mCertificateBytes = bArr;
        return this;
    }

    public HttpsPostConnection withHostName(String str) {
        this.mHostname = str;
        return this;
    }

    public HttpsPostConnection withRequestData(String str) {
        this.mData = str;
        return this;
    }

    public HttpsPostConnection withUrl(String str) {
        this.mUrl = str;
        return this;
    }
}
