package com.bosch.sh.connector.http.client.provider;

import com.bosch.sh.connector.certificate.KeyManagerProvider;
import com.bosch.sh.connector.endpoint.api.Endpoint;
import com.bosch.sh.connector.shc.persistence.ShcIdChangeListener;
import com.bosch.sh.connector.shc.persistence.api.ShcPreferences;
import com.bosch.sh.connector.sslutil.SslUtil;
import com.bosch.sh.connector.thirdparty.api.http.HttpClientProvider;
import com.bosch.sh.connector.thirdparty.api.http.HttpClientWithEndpoint;
import com.bosch.sh.connector.tunnel.TunnelHttpClientProvider;
import com.bosch.sh.ui.android.network.rest.ConnectorLibraryRequest;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.Dispatcher;
import okhttp3.OkHttpClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class HttpClientProviderImpl implements TunnelHttpClientProvider, HttpClientProvider {
    public static final long DEFAULT_REQUEST_TIMEOUT_IN_MILLIS = 60000;
    public static final long DEFAULT_REQUEST_TIMEOUT_NO_NETWORK_IN_MILLIS = 5000;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) HttpClientProviderImpl.class);
    public static final long LONG_POLLER_READ_TIMEOUT_IN_SECONDS = 30000;
    private OkHttpClient defaultHttpClient;
    private HttpClientWithEndpointImpl defaultHttpClientWithEndpoint;
    private String host;
    private final KeyManagerProvider keyManagerProvider;
    private HttpClientWithEndpointImpl longPollerHttpClientWithEndpoint;
    private int port;
    private String shcId;
    private final ShcPreferences shcPreferences;
    private final TrustManager[] shcTrustManagers;
    private OkHttpClient tunnelHttpClient;
    private final TrustManager[] tunnelTrustManagers;
    private final Object tunnelLock = new Object();
    private final Object defaultLock = new Object();
    private final Object longPollerLock = new Object();
    private final ShcIdChangeListener shcIdChangeListener = new ShcIdChangeListenerImpl();

    /* loaded from: classes.dex */
    public class ShcIdChangeListenerImpl implements ShcIdChangeListener {
        private ShcIdChangeListenerImpl() {
        }

        @Override // com.bosch.sh.connector.shc.persistence.ShcIdChangeListener
        public void onShcIdChanged(String str) {
            HttpClientProviderImpl.this.shcId = str;
        }
    }

    /* loaded from: classes.dex */
    public class ShcIdVerifier implements HostnameVerifier {
        private ShcIdVerifier() {
        }

        private boolean isValidPrincipal(String str, String str2) {
            if (HttpClientProviderImpl.isNullOrEmpty(str)) {
                HttpClientProviderImpl.LOG.warn("No principal name.");
                return false;
            }
            if (HttpClientProviderImpl.isNullOrEmpty(str2)) {
                HttpClientProviderImpl.LOG.warn("No SHC-ID.");
                return false;
            }
            if (str.trim().startsWith("CN=" + str2 + ",")) {
                return true;
            }
            HttpClientProviderImpl.LOG.error("Server certificate does NOT match expected SHC-ID ({})", str2);
            HttpClientProviderImpl.LOG.error("--> principal found: {}", str);
            return false;
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            try {
                return isValidPrincipal(sSLSession.getPeerPrincipal().getName(), HttpClientProviderImpl.this.shcId);
            } catch (RuntimeException | SSLPeerUnverifiedException e) {
                HttpClientProviderImpl.LOG.error("Exception during certificate validation.", e);
                return false;
            }
        }
    }

    public HttpClientProviderImpl(KeyManagerProvider keyManagerProvider, ShcPreferences shcPreferences, TrustManager[] trustManagerArr, TrustManager[] trustManagerArr2) {
        this.keyManagerProvider = keyManagerProvider;
        this.shcPreferences = shcPreferences;
        this.shcTrustManagers = (TrustManager[]) Arrays.copyOf(trustManagerArr, trustManagerArr.length);
        this.tunnelTrustManagers = (TrustManager[]) Arrays.copyOf(trustManagerArr2, trustManagerArr2.length);
    }

    private OkHttpClient.Builder builder() {
        SSLSocketFactory createSslSocketFactory = SslUtil.createSslSocketFactory(this.keyManagerProvider.getKeyManagers(), this.shcTrustManagers);
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.connectionSpecs(Collections.singletonList(SslUtil.SECURE_CONNECTION_SPEC));
        builder.sslSocketFactory(createSslSocketFactory, (X509TrustManager) this.shcTrustManagers[0]);
        builder.hostnameVerifier(new ShcIdVerifier());
        return builder;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isNullOrEmpty(String str) {
        return str == null || str.isEmpty();
    }

    public OkHttpClient clientForEndpoint(Endpoint endpoint) {
        if (endpoint == null) {
            LOG.warn("No matching HTTP client found for endpoint {}", endpoint);
            return null;
        }
        LOG.debug("Offering default HTTP client for endpoint {}", endpoint);
        return getDefaultOkHttpClient();
    }

    @Override // com.bosch.sh.connector.thirdparty.api.http.HttpClientProvider
    public OkHttpClient getDefaultOkHttpClient() {
        OkHttpClient okHttpClient;
        synchronized (this.defaultLock) {
            if (this.defaultHttpClient == null) {
                OkHttpClient.Builder builder = builder();
                TimeUnit timeUnit = TimeUnit.MILLISECONDS;
                builder.readTimeout(60000L, timeUnit);
                builder.writeTimeout(60000L, timeUnit);
                builder.connectTimeout(60000L, timeUnit);
                this.defaultHttpClient = new OkHttpClient(builder);
            }
            okHttpClient = this.defaultHttpClient;
        }
        return okHttpClient;
    }

    @Override // com.bosch.sh.connector.thirdparty.api.http.HttpClientProvider
    public HttpClientWithEndpoint getDefaultOkHttpClientWithEndpoint() {
        OkHttpClient okHttpClient;
        if (this.defaultHttpClientWithEndpoint == null) {
            synchronized (this.defaultLock) {
                OkHttpClient.Builder builder = builder();
                TimeUnit timeUnit = TimeUnit.MILLISECONDS;
                builder.readTimeout(60000L, timeUnit);
                builder.writeTimeout(60000L, timeUnit);
                builder.connectTimeout(60000L, timeUnit);
                okHttpClient = new OkHttpClient(builder);
            }
            this.defaultHttpClientWithEndpoint = new HttpClientWithEndpointImpl(okHttpClient, this.host, this.port);
        }
        return this.defaultHttpClientWithEndpoint;
    }

    @Override // com.bosch.sh.connector.thirdparty.api.http.HttpClientProvider
    public HttpClientWithEndpoint getLongPollerHttpClientWithEndpoint() {
        OkHttpClient okHttpClient;
        if (this.longPollerHttpClientWithEndpoint == null) {
            synchronized (this.longPollerLock) {
                OkHttpClient.Builder builder = builder();
                TimeUnit timeUnit = TimeUnit.MILLISECONDS;
                builder.readTimeout(LONG_POLLER_READ_TIMEOUT_IN_SECONDS, timeUnit);
                builder.writeTimeout(60000L, timeUnit);
                builder.connectTimeout(60000L, timeUnit);
                okHttpClient = new OkHttpClient(builder);
            }
            this.longPollerHttpClientWithEndpoint = new HttpClientWithEndpointImpl(okHttpClient, this.host, this.port);
        }
        return this.longPollerHttpClientWithEndpoint;
    }

    @Override // com.bosch.sh.connector.tunnel.TunnelHttpClientProvider
    public OkHttpClient getTunnelHttpClient() {
        OkHttpClient okHttpClient;
        synchronized (this.tunnelLock) {
            if (this.tunnelHttpClient == null) {
                Dispatcher dispatcher = new Dispatcher();
                dispatcher.setMaxRequestsPerHost(10);
                SSLSocketFactory createSslSocketFactory = SslUtil.createSslSocketFactory(null, this.tunnelTrustManagers);
                X509TrustManager x509TrustManager = (X509TrustManager) this.tunnelTrustManagers[0];
                X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
                LOG.debug("!!! Accepted issuers: {}", Integer.valueOf(acceptedIssuers.length));
                for (X509Certificate x509Certificate : acceptedIssuers) {
                    LOG.debug("*** Accepted issuer: {}", x509Certificate);
                }
                OkHttpClient.Builder builder = new OkHttpClient.Builder();
                builder.connectionSpecs(Collections.singletonList(SslUtil.SECURE_CONNECTION_SPEC));
                builder.sslSocketFactory(createSslSocketFactory, x509TrustManager);
                builder.readTimeout(300000L, TimeUnit.MILLISECONDS);
                Intrinsics.checkNotNullParameter(dispatcher, "dispatcher");
                builder.dispatcher = dispatcher;
                this.tunnelHttpClient = new OkHttpClient(builder);
            }
            okHttpClient = this.tunnelHttpClient;
        }
        return okHttpClient;
    }

    public void postConstruct() {
        this.shcId = this.shcPreferences.loadShcId();
        this.shcPreferences.register(this.shcIdChangeListener);
        this.host = "localhost";
        this.port = ConnectorLibraryRequest.Builder.DEFAULT_PORT;
    }

    public void preDestroy() {
        this.shcPreferences.unregister(this.shcIdChangeListener);
    }

    public void setData(String str, int i) {
        this.host = str;
        this.port = i;
        HttpClientWithEndpointImpl httpClientWithEndpointImpl = this.defaultHttpClientWithEndpoint;
        if (httpClientWithEndpointImpl != null) {
            httpClientWithEndpointImpl.setHost(str);
            this.defaultHttpClientWithEndpoint.setPort(i);
        }
        HttpClientWithEndpointImpl httpClientWithEndpointImpl2 = this.longPollerHttpClientWithEndpoint;
        if (httpClientWithEndpointImpl2 != null) {
            httpClientWithEndpointImpl2.setHost(str);
            this.longPollerHttpClientWithEndpoint.setPort(i);
        }
    }
}
