package com.platform.usercenter.network.interceptor;

import android.text.TextUtils;
import com.platform.usercenter.BaseApp;
import com.platform.usercenter.network.NetworkModule;
import com.platform.usercenter.network.header.DeviceSecurityHeader;
import com.platform.usercenter.network.header.HeaderConstant;
import com.platform.usercenter.network.header.UCHeaderHelperV1;
import com.platform.usercenter.network.header.UCHeaderHelperV2;
import com.platform.usercenter.network.provider.INetConfigProvider;
import com.platform.usercenter.network.safe.SecurityProtocolManager;
import com.platform.usercenter.tools.algorithm.MD5Util;
import com.platform.usercenter.tools.device.OpenIDHelper;
import com.platform.usercenter.tools.device.UCDeviceInfoUtil;
import com.platform.usercenter.tools.log.UCLogUtil;
import com.platform.usercenter.tools.security.RsaCoder;
import java.io.IOException;
import java.lang.ref.WeakReference;
import java.net.URLEncoder;
import java.util.LinkedList;
import okhttp3.c0;
import okhttp3.d0;
import okhttp3.e0;
import okhttp3.f0;
import okhttp3.w;
import okhttp3.x;
import okhttp3.y;
import okio.Buffer;

/* loaded from: classes2.dex */
public class UCSecurityRequestInterceptor implements x {
    private static final int DECRYPT_FAIL_CODE = 5222;
    private static final String FORMAT_CONTENT_TYPE = "%s; charset=%s";
    public static final String HEADER_PROTOCOL_VERSION = "3.0";
    private static final String HEADER_SECURITY_CONTENT_TYPE = "application/encrypted-json";
    public static final String HEADER_X_PROTOCOL_VERSION = "X-Protocol-Version";
    private static final String HEADER_X_SESSION_TICKET = "X-Session-Ticket";
    public static final String HEADER_X_SIGNTRUE = "X-Signature";
    private static final String KEY_SECURITY_ACCEPT = "application/encrypted-json";
    public static final String LOG_DOWNGRADE_REQUEST_END = "=================downgrade request end";
    public static final String LOG_END_REQUEST = "=================end request";
    public static final String LOG_FIRST_REQUEST_SUCCESS = "=================first request success";
    public static final String LOG_HAS_A_AVAILABLE_SECURITYKEYS = "has a Available securitykeys";
    public static final String LOG_REQUEST_DOWNGRADE_TIME = "=================request downgrade time";
    public static final String LOG_REQUEST_FIRST_TIME = "=================request first time";
    public static final String LOG_REQUEST_SECOND_TIME = "=================request second time";
    public static final String LOG_SECOND_REQUEST_SUCCESS = "=================second request success";
    public static final String LOG_SECURITY_KEYS_UN_AVAILABLE_AND_RESET_SECURITYKEYS = "mSecurityKeys unAvailable and reset securitykeys";
    private static final int STATUS_CODE_DECRYPT_FAIL = 222;
    private static final String TAG = "SecurityRequest";
    private static String TAG_SUFFIX = "SecurityRequest";
    private String mHeaderSigntrueV1;
    private String mHeaderSigntrueV2;
    private final LogQueue mLogs = new LogQueue();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class LogQueue extends LinkedList<String> {
        private LogQueue() {
        }

        @Override // java.util.LinkedList, java.util.Deque, java.util.Queue
        public boolean offer(String str) {
            return super.offer((LogQueue) str);
        }
    }

    private static String bodyToString(d0 d0Var) {
        try {
            Buffer buffer = new Buffer();
            d0Var.writeTo(buffer);
            return buffer.readUtf8();
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    private void checkAndSetProtocolV1(w.a aVar, String str, SecurityProtocolManager.SecurityKeys securityKeys) {
        if (checkNameAndValue("X-Security", str)) {
            aVar.g("X-Security", str);
        }
        if (checkNameAndValue(UCHeaderHelperV1.HEADER_X_KEY, securityKeys.mRSA)) {
            aVar.g(UCHeaderHelperV1.HEADER_X_KEY, securityKeys.mRSA);
            aVar.g(UCHeaderHelperV1.HEADER_X_I_V, securityKeys.mIVStr);
        }
        if (checkNameAndValue(HEADER_X_SESSION_TICKET, securityKeys.mSecurityTicket)) {
            aVar.g(HEADER_X_SESSION_TICKET, securityKeys.mSecurityTicket);
        }
        aVar.g(HEADER_X_PROTOCOL_VERSION, HEADER_PROTOCOL_VERSION);
    }

    private void checkAndSetProtocolV2(w.a aVar, String str, SecurityProtocolManager.SecurityKeys securityKeys) {
        if (checkNameAndValue(UCHeaderHelperV2.X_SAFETY, str)) {
            aVar.g(UCHeaderHelperV2.X_SAFETY, str);
        }
        String buildHeader = UCHeaderHelperV2.HeaderXProtocol.buildHeader(BaseApp.mContext, securityKeys.mRSA, securityKeys.mSecurityTicket, securityKeys.mIVStr);
        if (checkNameAndValue(UCHeaderHelperV2.HeaderXProtocol.X_PROTOCOL, buildHeader)) {
            aVar.g(UCHeaderHelperV2.HeaderXProtocol.X_PROTOCOL, buildHeader);
        }
        aVar.g(UCHeaderHelperV2.X_PROTOCOL_VERSION, HEADER_PROTOCOL_VERSION);
    }

    private e0 decryptResponse(e0 e0Var, SecurityProtocolManager.SecurityKeys securityKeys, String str, String str2) {
        e0.a aVar;
        w m = e0Var.m();
        f0 d = e0Var.d();
        if (success(e0Var)) {
            String str3 = null;
            try {
                str3 = e0Var.d().string();
            } catch (IOException e) {
                this.mLogs.offer("decryptResponse srcResponse.body().string() IOException = ");
                e.printStackTrace();
            }
            if (m != null && !TextUtils.isEmpty(m.a(HEADER_X_SESSION_TICKET))) {
                this.mLogs.offer("decryptResponse parserSecurityTicketHeader = " + m.a(HEADER_X_SESSION_TICKET));
                securityKeys.mSecurityTicket = m.a(HEADER_X_SESSION_TICKET);
            }
            String decrypt = securityKeys.decrypt(str3);
            if (!TextUtils.isEmpty(decrypt)) {
                SecurityProtocolManager.getInstance().setSecurityKeys(securityKeys);
                aVar = e0Var.q();
                aVar.d(f0.create(d.contentType(), decrypt));
                return aVar.e();
            }
            this.mLogs.offer("decryptResponse decrypt fail and throw SecurityDecryptError ; the aeskey = " + securityKeys.mAES);
        } else {
            if (e0Var.f() != STATUS_CODE_DECRYPT_FAIL || m == null || TextUtils.isEmpty(m.a(HEADER_X_SIGNTRUE))) {
                return e0Var;
            }
            String a = m.a(HEADER_X_SIGNTRUE);
            String md5Hex = MD5Util.md5Hex(this.mHeaderSigntrueV1);
            if (!(RsaCoder.doCheck(md5Hex, a, RsaCoder.Key) || RsaCoder.doCheck(MD5Util.md5Hex(this.mHeaderSigntrueV2), a, RsaCoder.Key))) {
                this.mLogs.offer("decryptResponse receive statuscode 222 signture = " + a);
                this.mLogs.offer("decryptResponse receive statuscode 222 mEncryptHeader  = " + str);
                this.mLogs.offer("decryptResponse receive statuscode 222 mEncryptHeader md5  = " + md5Hex);
                this.mLogs.offer("decryptResponse receive statuscode 222 and verify signture fail");
                return e0Var;
            }
            this.mLogs.offer("parseNetworkResponse receive statuscode 222 and verify signture success , throw SecurityDecryptError");
        }
        aVar = e0Var.q();
        aVar.i(DECRYPT_FAIL_CODE);
        return aVar.e();
    }

    private c0 encryptRequest(c0 c0Var, d0 d0Var, w wVar, String str, String str2, SecurityProtocolManager.SecurityKeys securityKeys) throws IOException {
        w.a e = wVar.e();
        if (!TextUtils.isEmpty(str)) {
            String encrypt = securityKeys.encrypt(str);
            this.mHeaderSigntrueV1 = encrypt;
            String encode = URLEncoder.encode(securityKeys.encrypt(str2), HeaderConstant.FORMAT_UTF_8);
            this.mHeaderSigntrueV2 = encode;
            e.g(HeaderConstant.HEAD_K_ACCEPT, "application/encrypted-json");
            checkAndSetProtocolV1(e, encrypt, securityKeys);
            checkAndSetProtocolV2(e, encode, securityKeys);
            c0.a A = c0Var.A();
            A.r(e.d());
            c0Var = A.l();
        }
        String encrypt2 = securityKeys.encrypt(bodyToString(d0Var));
        c0.a A2 = c0Var.A();
        A2.t(d0.create(y.c(formatContentType(true)), encrypt2));
        return A2.l();
    }

    private boolean success(e0 e0Var) {
        return (e0Var == null || !e0Var.o() || e0Var.f() == STATUS_CODE_DECRYPT_FAIL) ? false : true;
    }

    public boolean checkNameAndValue(String str, String str2) {
        return HeaderConstant.checkNameAndValue(str, str2);
    }

    public String formatContentType(boolean z) {
        Object[] objArr = new Object[2];
        objArr[0] = z ? "application/encrypted-json" : HeaderConstant.HEAD_V_APPLICATION_JSON;
        objArr[1] = HeaderConstant.FORMAT_UTF_8;
        return String.format(FORMAT_CONTENT_TYPE, objArr);
    }

    @Override // okhttp3.x
    public e0 intercept(x.a aVar) throws IOException {
        e0 e0Var;
        e0 e0Var2;
        LogQueue logQueue;
        String str;
        c0 request = aVar.request();
        TAG_SUFFIX = "SecurityRequest:" + request.H().h();
        SecurityProtocolManager.SecurityKeys securityKeys = SecurityProtocolManager.getInstance().getSecurityKeys();
        if (securityKeys == null || !securityKeys.available()) {
            this.mLogs.offer(LOG_SECURITY_KEYS_UN_AVAILABLE_AND_RESET_SECURITYKEYS);
            securityKeys = new SecurityProtocolManager.SecurityKeys();
        } else {
            this.mLogs.offer(LOG_HAS_A_AVAILABLE_SECURITYKEYS);
        }
        SecurityProtocolManager.SecurityKeys securityKeys2 = securityKeys;
        this.mLogs.offer(" SECURITY Ticket =  " + securityKeys2.mSecurityTicket);
        w v = request.v();
        d0 m = request.m();
        WeakReference<INetConfigProvider> weakReference = NetworkModule.Builder.configProvider;
        if (weakReference != null && weakReference.get() != null) {
            INetConfigProvider iNetConfigProvider = weakReference.get();
            if (iNetConfigProvider.isDebug() && !iNetConfigProvider.isEncryption()) {
                SecurityProtocolManager.getInstance().clearSecurityKeys();
                OpenIDHelper.getOpenIdHeader(BaseApp.mContext);
                c0.a A = request.A();
                A.q(HeaderConstant.HEAD_K_ACCEPT, HeaderConstant.HEAD_V_APPLICATION_JSON);
                A.q(HEADER_X_PROTOCOL_VERSION, HEADER_PROTOCOL_VERSION);
                A.q(OpenIDHelper.HEADER_X_CLIENT_GUID, OpenIDHelper.getGUID() == null ? "" : OpenIDHelper.getGUID());
                A.q("imei", UCDeviceInfoUtil.getOSIMEI(BaseApp.mContext) != null ? UCDeviceInfoUtil.getOSIMEI(BaseApp.mContext) : "");
                A.t(d0.create(y.c(formatContentType(false)), bodyToString(m)));
                return aVar.c(A.l());
            }
        }
        String deviceSecurityHeader = DeviceSecurityHeader.getDeviceSecurityHeader(BaseApp.mContext);
        this.mLogs.offer(LOG_REQUEST_FIRST_TIME);
        e0 c = aVar.c(encryptRequest(request, m, v, deviceSecurityHeader, deviceSecurityHeader, securityKeys2));
        e0 decryptResponse = decryptResponse(c, securityKeys2, deviceSecurityHeader, deviceSecurityHeader);
        if (success(decryptResponse)) {
            this.mLogs.offer(LOG_FIRST_REQUEST_SUCCESS);
            e0Var2 = decryptResponse;
        } else {
            if (decryptResponse.f() == DECRYPT_FAIL_CODE) {
                this.mLogs.offer(LOG_REQUEST_SECOND_TIME);
                SecurityProtocolManager.getInstance().clearSecurityKeys();
                SecurityProtocolManager.SecurityKeys securityKeys3 = new SecurityProtocolManager.SecurityKeys();
                e0Var = c;
                e0Var2 = decryptResponse(aVar.c(encryptRequest(request, m, v, deviceSecurityHeader, deviceSecurityHeader, securityKeys3)), securityKeys3, deviceSecurityHeader, deviceSecurityHeader);
                if (success(e0Var2)) {
                    logQueue = this.mLogs;
                    str = LOG_SECOND_REQUEST_SUCCESS;
                } else if (e0Var2.f() == DECRYPT_FAIL_CODE) {
                    this.mLogs.offer(LOG_REQUEST_DOWNGRADE_TIME);
                    SecurityProtocolManager.getInstance().clearSecurityKeys();
                    c0.a A2 = request.A();
                    A2.q(HeaderConstant.HEAD_K_ACCEPT, HeaderConstant.HEAD_V_APPLICATION_JSON);
                    A2.t(d0.create(y.c(formatContentType(false)), bodyToString(m)));
                    e0Var2 = aVar.c(A2.l());
                    logQueue = this.mLogs;
                    str = LOG_DOWNGRADE_REQUEST_END;
                }
                logQueue.offer(str);
            } else {
                e0Var = c;
            }
            e0Var2 = e0Var;
        }
        try {
            this.mLogs.offer(LOG_END_REQUEST);
            return e0Var2;
        } finally {
            printLog();
        }
    }

    protected void printLog() {
        for (int i2 = 0; i2 < this.mLogs.size() + 1; i2++) {
            try {
                UCLogUtil.i(TAG_SUFFIX, "" + this.mLogs.poll());
            } catch (Exception unused) {
                return;
            }
        }
    }
}
