package de.luhmer.owncloudnewsreader.ssl;

import android.annotation.SuppressLint;
import android.content.SharedPreferences;
import android.os.Build;
import com.google.gson.JsonParseException;
import de.luhmer.owncloudnewsreader.SettingsActivity;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.ConnectionSpec;
import okhttp3.Credentials;
import okhttp3.HttpUrl;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.logging.HttpLoggingInterceptor;

/* loaded from: classes.dex */
public class OkHttpSSLClient {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class AuthorizationInterceptor implements Interceptor {
        private final String mCredentials;
        private final HttpUrl mHostUrl;

        AuthorizationInterceptor(HttpUrl httpUrl, String str) {
            this.mHostUrl = httpUrl;
            this.mCredentials = str;
        }

        @Override // okhttp3.Interceptor
        public Response intercept(Interceptor.Chain chain) throws IOException {
            Request request = chain.request();
            if (this.mHostUrl.url().getHost().equals(request.url().host())) {
                request = request.newBuilder().addHeader("Authorization", this.mCredentials).build();
            }
            return chain.proceed(request);
        }
    }

    public static OkHttpClient GetSslClient(HttpUrl httpUrl, String str, String str2, SharedPreferences sharedPreferences, MemorizingTrustManager memorizingTrustManager) {
        MemorizingTrustManager.setKeyStoreFile("private", "sslkeys.bks");
        OkHttpClient.Builder addInterceptor = new OkHttpClient.Builder().connectTimeout(30L, TimeUnit.SECONDS).readTimeout(30L, TimeUnit.MINUTES).addInterceptor(new AuthorizationInterceptor(httpUrl, Credentials.basic(str, str2))).addInterceptor(new HttpLoggingInterceptor());
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new X509TrustManager[]{memorizingTrustManager}, new SecureRandom());
            TLSSocketFactory tLSSocketFactory = new TLSSocketFactory(sSLContext);
            addInterceptor.sslSocketFactory(tLSSocketFactory, systemDefaultTrustManager());
            if (Build.VERSION.SDK_INT == 24) {
                addInterceptor.connectionSpecs(Arrays.asList(new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).cipherSuites(tLSSocketFactory.getDefaultCipherSuites()).build(), ConnectionSpec.CLEARTEXT));
            }
        } catch (KeyManagementException | NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        }
        TimeUnit timeUnit = TimeUnit.SECONDS;
        addInterceptor.connectTimeout(10L, timeUnit);
        addInterceptor.readTimeout(120L, timeUnit);
        if (sharedPreferences.getBoolean(SettingsActivity.CB_DISABLE_HOSTNAME_VERIFICATION_STRING, false)) {
            addInterceptor.hostnameVerifier(new HostnameVerifier() { // from class: de.luhmer.owncloudnewsreader.ssl.OkHttpSSLClient.1
                @Override // javax.net.ssl.HostnameVerifier
                @SuppressLint({"BadHostnameVerifier"})
                public boolean verify(String str3, SSLSession sSLSession) {
                    return true;
                }
            });
        }
        return addInterceptor.build();
    }

    public static <T extends Throwable> T HandleExceptions(T t2) {
        return (t2.getMessage() == null || !t2.getMessage().startsWith("Not a JSON Object: \"<!DOCTYPE\"")) ? t2 : new JsonParseException("Invalid response from server. Please make sure, that the News App is installed and activated in your ownCloud/Nextcloud Webinterface. More information can be found here: https://github.com/nextcloud/news/blob/master/README.md#installationupdate");
    }

    private static X509TrustManager systemDefaultTrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1) {
                TrustManager trustManager = trustManagers[0];
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (GeneralSecurityException unused) {
            throw new AssertionError();
        }
    }
}
