package se.leap.bitmaskclient.providersetup;

import android.content.res.Resources;
import android.os.Bundle;
import android.text.TextUtils;
import de.blinkt.openvpn.core.VpnStatus;
import java.util.concurrent.TimeoutException;
import okhttp3.OkHttpClient;
import org.json.JSONException;
import org.json.JSONObject;
import se.leap.bitmaskclient.BuildConfig;
import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.base.models.Constants;
import se.leap.bitmaskclient.base.models.Provider;
import se.leap.bitmaskclient.base.utils.ConfigHelper;
import se.leap.bitmaskclient.base.utils.PreferenceHelper;
import se.leap.bitmaskclient.providersetup.ProviderApiManagerBase;
import se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog;
import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator;
import se.leap.bitmaskclient.tor.TorStatusObservable;

/* loaded from: classes2.dex */
public class ProviderApiManager extends ProviderApiManagerBase {
    private static final String TAG = "ProviderApiManager";

    public ProviderApiManager(Resources resources, OkHttpClientGenerator okHttpClientGenerator, ProviderApiManagerBase.ProviderApiServiceCallback providerApiServiceCallback) {
        super(resources, okHttpClientGenerator, providerApiServiceCallback);
    }

    private Bundle downloadCACert(Provider provider) {
        Bundle bundle = new Bundle();
        try {
            String string = provider.getDefinition().getString(Provider.CA_CERT_URI);
            String domain = provider.getDomain();
            String downloadWithCommercialCA = downloadWithCommercialCA(string, provider);
            if (validCertificate(provider, downloadWithCommercialCA)) {
                provider.setCaCert(downloadWithCommercialCA);
                if (BuildConfig.DEBUG_MODE.booleanValue()) {
                    VpnStatus.logDebug("[API] CA CERT: " + downloadWithCommercialCA);
                }
                PreferenceHelper.putProviderString(domain, Provider.CA_CERT, downloadWithCommercialCA);
                bundle.putBoolean(Constants.BROADCAST_RESULT_KEY, true);
            } else {
                setErrorResult(bundle, R.string.warning_corrupted_provider_cert, ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING.toString());
            }
        } catch (JSONException e) {
            e.printStackTrace();
        }
        return bundle;
    }

    private String downloadFromApiUrlWithProviderCA(String str, Provider provider) {
        return downloadFromUrlWithProviderCA(provider.getApiUrlString() + str, provider);
    }

    private String downloadFromUrlWithProviderCA(String str, Provider provider) {
        return downloadFromUrlWithProviderCA(str, provider, true);
    }

    private String downloadFromUrlWithProviderCA(String str, Provider provider, boolean z) {
        JSONObject jSONObject = new JSONObject();
        OkHttpClient initSelfSignedCAHttpClient = this.clientGenerator.initSelfSignedCAHttpClient(provider.getCaCert(), TorStatusObservable.getProxyPort(), jSONObject);
        if (initSelfSignedCAHttpClient == null) {
            return jSONObject.toString();
        }
        String sendGetStringToServer = sendGetStringToServer(str, getAuthorizationHeader(), initSelfSignedCAHttpClient);
        if (z && sendGetStringToServer != null) {
            try {
                if (sendGetStringToServer.contains("errors") && TorStatusObservable.getStatus() == TorStatusObservable.TorStatus.OFF && startTorProxy()) {
                    return downloadFromUrlWithProviderCA(str, provider, false);
                }
            } catch (IllegalStateException | InterruptedException | TimeoutException e) {
                e.printStackTrace();
            }
        }
        return sendGetStringToServer;
    }

    private String downloadFromVersionedApiUrlWithProviderCA(String str, Provider provider) {
        return downloadFromUrlWithProviderCA(provider.getApiUrlWithVersion() + str, provider);
    }

    private String downloadWithCommercialCA(String str, Provider provider) {
        return downloadWithCommercialCA(str, provider, true);
    }

    private String downloadWithCommercialCA(String str, Provider provider, boolean z) {
        JSONObject jSONObject = new JSONObject();
        OkHttpClient initCommercialCAHttpClient = this.clientGenerator.initCommercialCAHttpClient(jSONObject, TorStatusObservable.getProxyPort());
        if (initCommercialCAHttpClient == null) {
            return jSONObject.toString();
        }
        String sendGetStringToServer = sendGetStringToServer(str, getAuthorizationHeader(), initCommercialCAHttpClient);
        if (sendGetStringToServer != null && sendGetStringToServer.contains("errors")) {
            try {
                if (new JSONObject(sendGetStringToServer).getString("errors").equals(ConfigHelper.getProviderFormattedString(this.resources, R.string.certificate_error))) {
                    sendGetStringToServer = downloadWithProviderCA(provider.getCaCert(), str);
                }
            } catch (JSONException e) {
                e.printStackTrace();
            }
        }
        if (z && sendGetStringToServer != null) {
            try {
                if (sendGetStringToServer.contains("errors") && TorStatusObservable.getStatus() == TorStatusObservable.TorStatus.OFF && startTorProxy()) {
                    return downloadWithCommercialCA(str, provider, false);
                }
            } catch (IllegalStateException | InterruptedException | TimeoutException e2) {
                e2.printStackTrace();
            }
        }
        return sendGetStringToServer;
    }

    private String downloadWithProviderCA(String str, String str2) {
        JSONObject jSONObject = new JSONObject();
        OkHttpClient initSelfSignedCAHttpClient = this.clientGenerator.initSelfSignedCAHttpClient(str, TorStatusObservable.getProxyPort(), jSONObject);
        return initSelfSignedCAHttpClient == null ? jSONObject.toString() : sendGetStringToServer(str2, getAuthorizationHeader(), initSelfSignedCAHttpClient);
    }

    private Bundle getAndSetProviderJson(Provider provider) {
        String downloadWithCommercialCA;
        Bundle bundle = new Bundle();
        if (provider.getDefinitionString().length() == 0 || provider.getCaCert().isEmpty()) {
            downloadWithCommercialCA = downloadWithCommercialCA(provider.getMainUrlString() + "/provider.json", provider);
        } else {
            downloadWithCommercialCA = downloadFromApiUrlWithProviderCA("/provider.json", provider);
        }
        if (ConfigHelper.checkErroneousDownload(downloadWithCommercialCA) || !isValidJson(downloadWithCommercialCA)) {
            setErrorResult(bundle, R.string.malformed_url, null);
            return bundle;
        }
        if (BuildConfig.DEBUG_MODE.booleanValue()) {
            VpnStatus.logDebug("[API] PROVIDER JSON: " + downloadWithCommercialCA);
        }
        try {
        } catch (JSONException unused) {
            setErrorResult(bundle, downloadWithCommercialCA);
        }
        if (!provider.define(new JSONObject(downloadWithCommercialCA))) {
            return setErrorResult(bundle, R.string.warning_corrupted_provider_details, ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON.toString());
        }
        bundle.putBoolean(Constants.BROADCAST_RESULT_KEY, true);
        return bundle;
    }

    public static boolean lastDangerOn() {
        return false;
    }

    @Override // se.leap.bitmaskclient.providersetup.ProviderApiManagerBase
    protected Bundle getAndSetEipServiceJson(Provider provider) {
        Bundle bundle = new Bundle();
        try {
            String downloadWithProviderCA = downloadWithProviderCA(provider.getCaCert(), provider.getApiUrlWithVersion() + "/config/eip-service.json");
            if (BuildConfig.DEBUG_MODE.booleanValue()) {
                VpnStatus.logDebug("[API] EIP SERVICE JSON: " + downloadWithProviderCA);
            }
            JSONObject jSONObject = new JSONObject(downloadWithProviderCA);
            if (jSONObject.has("errors")) {
                setErrorResult(bundle, downloadWithProviderCA);
            } else {
                provider.setEipServiceJson(jSONObject);
                provider.setLastEipServiceUpdate(System.currentTimeMillis());
                bundle.putBoolean(Constants.BROADCAST_RESULT_KEY, true);
            }
        } catch (NullPointerException | JSONException unused) {
            setErrorResult(bundle, R.string.error_json_exception_user_message, null);
        }
        return bundle;
    }

    @Override // se.leap.bitmaskclient.providersetup.ProviderApiManagerBase
    protected Bundle getGeoIPJson(Provider provider) {
        Bundle bundle = new Bundle();
        if (!provider.shouldUpdateGeoIpJson() || provider.getGeoipUrl().isDefault() || VpnStatus.isVPNActive() || TorStatusObservable.getStatus() != TorStatusObservable.TorStatus.OFF) {
            bundle.putBoolean(Constants.BROADCAST_RESULT_KEY, false);
            return bundle;
        }
        try {
            String downloadFromUrlWithProviderCA = downloadFromUrlWithProviderCA(provider.getGeoipUrl().getUrl().toString(), provider, false);
            if (BuildConfig.DEBUG_MODE.booleanValue()) {
                VpnStatus.logDebug("[API] MENSHEN JSON: " + downloadFromUrlWithProviderCA);
            }
            JSONObject jSONObject = new JSONObject(downloadFromUrlWithProviderCA);
            if (jSONObject.has("errors")) {
                bundle.putBoolean(Constants.BROADCAST_RESULT_KEY, false);
            } else {
                provider.setGeoIpJson(jSONObject);
                provider.setLastGeoIpUpdate(System.currentTimeMillis());
                bundle.putBoolean(Constants.BROADCAST_RESULT_KEY, true);
            }
        } catch (NullPointerException | JSONException e) {
            bundle.putBoolean(Constants.BROADCAST_RESULT_KEY, false);
            e.printStackTrace();
        }
        return bundle;
    }

    @Override // se.leap.bitmaskclient.providersetup.ProviderApiManagerBase
    protected Bundle setUpProvider(Provider provider, Bundle bundle) {
        Bundle bundle2 = new Bundle();
        if (TextUtils.isEmpty(provider.getMainUrlString()) || provider.getMainUrl().isDefault()) {
            bundle2.putBoolean(Constants.BROADCAST_RESULT_KEY, false);
            setErrorResult(bundle2, R.string.malformed_url, null);
            VpnStatus.logWarning("[API] MainURL String is not set. Cannot setup provider.");
            return bundle2;
        }
        getPersistedProviderUpdates(provider);
        Bundle validateProviderDetails = validateProviderDetails(provider);
        if (validateProviderDetails.containsKey("errors")) {
            validateProviderDetails.putParcelable(Constants.PROVIDER_KEY, provider);
            return validateProviderDetails;
        }
        if (validateProviderDetails.containsKey(Constants.BROADCAST_RESULT_KEY) && !validateProviderDetails.getBoolean(Constants.BROADCAST_RESULT_KEY)) {
            resetProviderDetails(provider);
        }
        Bundle andSetProviderJson = getAndSetProviderJson(provider);
        if (provider.hasDefinition() || (andSetProviderJson.containsKey(Constants.BROADCAST_RESULT_KEY) && andSetProviderJson.getBoolean(Constants.BROADCAST_RESULT_KEY))) {
            ProviderSetupObservable.updateProgress(20);
            if (!provider.hasCaCert()) {
                andSetProviderJson = downloadCACert(provider);
            }
            if (provider.hasCaCert() || (andSetProviderJson.containsKey(Constants.BROADCAST_RESULT_KEY) && andSetProviderJson.getBoolean(Constants.BROADCAST_RESULT_KEY))) {
                ProviderSetupObservable.updateProgress(40);
                andSetProviderJson = getAndSetEipServiceJson(provider);
            }
            if (provider.hasEIP() && !provider.allowsRegistered() && !provider.allowsAnonymous()) {
                setErrorResult(andSetProviderJson, ConfigHelper.isDefaultBitmask() ? R.string.setup_error_text : R.string.setup_error_text_custom, null);
            } else if (provider.hasEIP()) {
                ProviderSetupObservable.updateProgress(60);
            }
        }
        return andSetProviderJson;
    }

    @Override // se.leap.bitmaskclient.providersetup.ProviderApiManagerBase
    protected Bundle updateVpnCertificate(Provider provider) {
        Bundle bundle = new Bundle();
        String downloadFromVersionedApiUrlWithProviderCA = downloadFromVersionedApiUrlWithProviderCA("/cert", provider);
        if (BuildConfig.DEBUG_MODE.booleanValue()) {
            VpnStatus.logDebug("[API] VPN CERT: " + downloadFromVersionedApiUrlWithProviderCA);
        }
        if (!ConfigHelper.checkErroneousDownload(downloadFromVersionedApiUrlWithProviderCA)) {
            return loadCertificate(provider, downloadFromVersionedApiUrlWithProviderCA);
        }
        if (TorStatusObservable.isRunning()) {
            setErrorResult(bundle, R.string.downloading_vpn_certificate_failed, null);
        } else if (downloadFromVersionedApiUrlWithProviderCA == null || downloadFromVersionedApiUrlWithProviderCA.isEmpty()) {
            setErrorResult(bundle, R.string.error_io_exception_user_message, null);
        } else {
            setErrorResult(bundle, downloadFromVersionedApiUrlWithProviderCA);
        }
        return bundle;
    }
}
