package es.orange.econtratokyc.rest;

import android.content.Context;
import android.util.Log;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import es.orange.econtratokyc.AppSession;
import es.orange.econtratokyc.BuildConfig;
import es.orange.econtratokyc.Constantes;
import es.orange.econtratokyc.R;
import es.orange.econtratokyc.ScandocActivity;
import es.orange.econtratokyc.bean.Brand;
import es.orange.econtratokyc.bean.NivelTraza;
import es.orange.econtratokyc.exceptions.KyCWSException;
import es.orange.econtratokyc.rest.beans.ErrorsRequestBean;
import es.orange.econtratokyc.rest.beans.EventRequestBean;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Response;
import okhttp3.logging.HttpLoggingInterceptor;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes5.dex */
public class ControllerRest {
    public static final String CONTENT_TYPE_JPEG = "image/jpeg";
    private ScandocActivity appActivity;

    private ControllerRest() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ControllerRest(ScandocActivity scandocActivity) {
        this.appActivity = scandocActivity;
    }

    private SSLContext addCertificates(Context context, OkHttpClient.Builder builder) throws CertificateException, IOException, KeyStoreException, KeyManagementException, NoSuchAlgorithmException, InvalidKeySpecException, UnrecoverableKeyException {
        InputStream openRawResource = context.getResources().openRawResource(R.raw.apigeeproori);
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(openRawResource, BuildConfig.C.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
            keyManagerFactory.init(keyStore, BuildConfig.C.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), getWrappedTrustManagers(trustManagerFactory.getTrustManagers()), new SecureRandom());
            if (sSLContext != null) {
                builder.sslSocketFactory(new NoSSLv3SocketFactory(sSLContext.getSocketFactory()), systemDefaultTrustManager());
                builder.hostnameVerifier(new X509HostnameVerifier() { // from class: es.orange.econtratokyc.rest.ControllerRest.2
                    @Override // org.apache.http.conn.ssl.X509HostnameVerifier
                    public void verify(String str, X509Certificate x509Certificate) throws SSLException {
                    }

                    @Override // org.apache.http.conn.ssl.X509HostnameVerifier
                    public void verify(String str, SSLSocket sSLSocket) throws IOException {
                    }

                    @Override // org.apache.http.conn.ssl.X509HostnameVerifier
                    public void verify(String str, String[] strArr, String[] strArr2) throws SSLException {
                    }

                    @Override // org.apache.http.conn.ssl.X509HostnameVerifier, javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        return AppSession.getInstance().url_servicios.contains(str);
                    }
                });
            }
            return sSLContext;
        } catch (Throwable th) {
            Log.e(Constantes.LOG_TAG, "Ha ocurrido un error en addCertificates " + th.getMessage(), th);
            return null;
        }
    }

    private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagerArr) {
        final X509TrustManager x509TrustManager = (X509TrustManager) trustManagerArr[0];
        return new TrustManager[]{new X509TrustManager() { // from class: es.orange.econtratokyc.rest.ControllerRest.3
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length > 0) {
                            x509CertificateArr[0].checkValidity();
                        }
                    } catch (CertificateException e) {
                        Log.e(Constantes.LOG_TAG, "Ha ocurrido un error en checkClientTrusted " + e.getMessage(), e);
                        return;
                    }
                }
                x509TrustManager.checkClientTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length > 0) {
                            x509CertificateArr[0].checkValidity();
                        }
                    } catch (CertificateException e) {
                        Log.e(Constantes.LOG_TAG, "Ha ocurrido un error en checkServerTrusted " + e.getMessage(), e);
                        return;
                    }
                }
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return x509TrustManager.getAcceptedIssuers();
            }
        }};
    }

    public static X509TrustManager systemDefaultTrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (GeneralSecurityException e) {
            Log.e(Constantes.LOG_TAG, "Ha ocurrido un error en systemDefaultTrustManager " + e.getMessage(), e);
            throw new AssertionError();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ScandocActivity getAppActivity() {
        return this.appActivity;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KyCWSClient getClientRest(final boolean z) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException, InvalidKeySpecException, IOException {
        Gson create = new GsonBuilder().setLenient().create();
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        verificaCertificado(getAppActivity().getBaseContext(), builder);
        builder.addInterceptor(new Interceptor() { // from class: es.orange.econtratokyc.rest.ControllerRest.1
            @Override // okhttp3.Interceptor
            public Response intercept(Interceptor.Chain chain) throws IOException {
                return chain.proceed(StringUtils.isBlank(AppSession.getInstance().referer_apigee) ? chain.request().newBuilder().build() : (z && StringUtils.isNotBlank(AppSession.getInstance().doiToken)) ? chain.request().newBuilder().addHeader("doiToken", AppSession.getInstance().doiToken).addHeader(KyCWSClient.X_FORWARDED_SERVER, AppSession.getInstance().referer_apigee).build() : chain.request().newBuilder().addHeader(KyCWSClient.X_FORWARDED_SERVER, AppSession.getInstance().referer_apigee).build());
            }
        });
        builder.writeTimeout(70L, TimeUnit.SECONDS);
        builder.readTimeout(70L, TimeUnit.SECONDS);
        builder.connectTimeout(10L, TimeUnit.SECONDS);
        if (AppSession.getInstance().datos != null && AppSession.getInstance().datos.getTest() > 0) {
            builder.addInterceptor(httpLoggingInterceptor);
        }
        return (KyCWSClient) new Retrofit.Builder().baseUrl(AppSession.getInstance().url_servicios).client(builder.build()).addConverterFactory(GsonConverterFactory.create(create)).build().create(KyCWSClient.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ErrorsRequestBean getRequestErrors(String str, NivelTraza nivelTraza, String str2) throws KyCWSException {
        ErrorsRequestBean errorsRequestBean = new ErrorsRequestBean();
        if (AppSession.getInstance().datos != null) {
            errorsRequestBean.setBrand(AppSession.getInstance().datos.getBrand());
            errorsRequestBean.setPetitionId(AppSession.getInstance().datos.getPetitionId());
            errorsRequestBean.setSystemId(AppSession.getInstance().datos.getSystemId());
            errorsRequestBean.setProcessId(AppSession.getInstance().datos.getIdop());
            errorsRequestBean.setSfid(AppSession.getInstance().datos.getSfid());
        }
        if (nivelTraza == NivelTraza.WARNING) {
            errorsRequestBean.setLevel(2);
        } else {
            errorsRequestBean.setLevel(1);
        }
        errorsRequestBean.setMessage(str2);
        errorsRequestBean.setClientData(str);
        return errorsRequestBean;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public EventRequestBean getRequestEventos(String str, Integer num, String str2) throws KyCWSException {
        EventRequestBean eventRequestBean = new EventRequestBean();
        if (Brand.JAZZTEL == AppSession.getInstance().datos.getBrand()) {
            eventRequestBean.setBrand("5");
        } else {
            eventRequestBean.setBrand("1");
        }
        eventRequestBean.setPetitionId(AppSession.getInstance().datos.getPetitionId());
        eventRequestBean.setSystemId(AppSession.getInstance().datos.getSystemId());
        eventRequestBean.setProcessId(AppSession.getInstance().datos.getIdop());
        eventRequestBean.setSfid(AppSession.getInstance().datos.getSfid());
        eventRequestBean.setEventDescription(str);
        eventRequestBean.setEventId(num);
        eventRequestBean.setEventValue(str2);
        return eventRequestBean;
    }

    protected void verificaCertificado(Context context, OkHttpClient.Builder builder) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, CertificateException, InvalidKeySpecException, IOException {
        addCertificates(context, builder);
    }
}
