package com.ideil.redmine.api;

import android.text.TextUtils;
import android.util.Log;
import com.franmontiel.persistentcookiejar.PersistentCookieJar;
import com.franmontiel.persistentcookiejar.cache.SetCookieCache;
import com.franmontiel.persistentcookiejar.persistence.SharedPrefsCookiePersistor;
import com.google.gson.GsonBuilder;
import com.ideil.redmine.app.Config;
import com.ideil.redmine.app.RedmineApp;
import com.ideil.redmine.other.AppPreference;
import info.guardianproject.netcipher.client.StrongSSLSocketFactory;
import java.io.FileInputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.CipherSuite;
import okhttp3.ConnectionSpec;
import okhttp3.Credentials;
import okhttp3.OkHttpClient;
import okhttp3.TlsVersion;
import retrofit2.Retrofit;
import retrofit2.adapter.rxjava.RxJavaCallAdapterFactory;
import retrofit2.converter.gson.GsonConverterFactory;

/* loaded from: classes.dex */
public class ApiModule {
    private static final boolean ENABLE_LOG = true;
    private static final String LOG = "ApiModule";
    private static Retrofit.Builder builder = new Retrofit.Builder().baseUrl(Config.BASE_URL).addConverterFactory(GsonConverterFactory.create(new GsonBuilder().setLenient().create())).addConverterFactory(new NullOnEmptyConverterFactory()).addCallAdapterFactory(RxJavaCallAdapterFactory.create());
    private static OkHttpClient.Builder httpClient = new OkHttpClient.Builder();

    private static void addTempCertificate() {
        String string = RedmineApp.getPreference().getString(AppPreference.PREF_CERT_FILE_PATH);
        String string2 = RedmineApp.getPreference().getString(AppPreference.PREF_CERT_TYPE);
        String string3 = RedmineApp.getPreference().getString(AppPreference.PREF_CERT_PASSWORD);
        if (string != null) {
            if (string2 == null) {
                try {
                    string2 = KeyStore.getDefaultType();
                } catch (Exception unused) {
                    return;
                }
            }
            KeyStore keyStore = KeyStore.getInstance(string2);
            keyStore.load(new FileInputStream(string), string3.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            X509TrustManager x509TrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
            TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(trustManagerFactory.getTrustManagers());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, string3.toCharArray());
            SSLContext sSLContext = SSLContext.getInstance(StrongSSLSocketFactory.TLS);
            sSLContext.init(keyManagerFactory.getKeyManagers(), wrappedTrustManagers, null);
            httpClient.sslSocketFactory(sSLContext.getSocketFactory(), x509TrustManager);
            httpClient.hostnameVerifier(new HostnameVerifier() { // from class: com.ideil.redmine.api.-$$Lambda$ApiModule$691EuIeUkJE2UpiUlxnF5oDk7ZM
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    return ApiModule.lambda$addTempCertificate$2(str, sSLSession);
                }
            });
        }
    }

    private static RedmineApi createServiceBasic(String str, String str2, String str3, boolean z) {
        httpClient = new OkHttpClient.Builder();
        httpClient.interceptors().clear();
        if (z) {
            Log.i(LOG, "Use url encode");
            httpClient.addInterceptor(new EncodeInterceptor());
        }
        httpClient.connectTimeout(20L, TimeUnit.SECONDS);
        httpClient.readTimeout(20L, TimeUnit.SECONDS);
        httpClient.writeTimeout(20L, TimeUnit.SECONDS);
        httpClient.followRedirects(true);
        httpClient.followSslRedirects(true);
        httpClient.retryOnConnectionFailure(true);
        AuthenticationInterceptor authenticationInterceptor = new AuthenticationInterceptor();
        if (str != null && !TextUtils.isEmpty(str)) {
            authenticationInterceptor.setAuthToken(str);
        }
        if (str2 != null && !TextUtils.isEmpty(str2)) {
            authenticationInterceptor.setApiKey(str2);
        }
        if (!httpClient.interceptors().contains(authenticationInterceptor)) {
            httpClient.addInterceptor(authenticationInterceptor);
        }
        initDefaultSSLCertificate();
        if (RedmineApp.getPreference().getBoolean(AppPreference.PREF_IS_USED_CUSTOM_CERT).booleanValue()) {
            SSLContext sslContext = RedmineApp.getSslContext();
            if (sslContext != null) {
                httpClient.hostnameVerifier(new HostnameVerifier() { // from class: com.ideil.redmine.api.-$$Lambda$ApiModule$2g4GeYYSkha9q3ktnTtwyXRd2VM
                    @Override // javax.net.ssl.HostnameVerifier
                    public final boolean verify(String str4, SSLSession sSLSession) {
                        return ApiModule.lambda$createServiceBasic$0(str4, sSLSession);
                    }
                });
                httpClient.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) RedmineApp.getTrustManager());
            }
            addTempCertificate();
        }
        httpClient.cookieJar(new PersistentCookieJar(new SetCookieCache(), new SharedPrefsCookiePersistor(RedmineApp.getInstance())));
        builder.client(httpClient.build());
        if (str3 == null) {
            str3 = "http://www.redmine.org";
        }
        try {
            builder.baseUrl(str3);
        } catch (Exception unused) {
            builder.baseUrl(getBaseUrlFromLink(str3));
        }
        return (RedmineApi) builder.build().create(RedmineApi.class);
    }

    public static RedmineApi getApi(String str, String str2, String str3, boolean z) {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            return createServiceBasic(null, null, str3, z);
        }
        String basic = Credentials.basic(str, str2);
        if (RedmineApp.getPreference().getBasicAuth() != null && RedmineApp.getPreference().getBasicAuth().isEmpty()) {
            RedmineApp.getPreference().setBasicAuth(basic);
        }
        return createServiceBasic(basic, null, str3, z);
    }

    public static RedmineApi getApi(String str, String str2, boolean z) {
        return !TextUtils.isEmpty(str2) ? createServiceBasic(null, str2, str, z) : createServiceBasic(null, null, str, z);
    }

    public static RedmineApi getApi(boolean z) {
        String apiKey = RedmineApp.getPreference().getApiKey();
        String url = RedmineApp.getPreference().getURL();
        return apiKey != null ? createServiceBasic(null, apiKey, url, z) : createServiceBasic(null, null, url, z);
    }

    public static String getBaseUrlFromLink(String str) {
        try {
            URL url = new URL(str);
            return url.getProtocol() + "://" + url.getHost();
        } catch (MalformedURLException unused) {
            return "http://www.redmine.org";
        }
    }

    public static OkHttpClient getClient() {
        return httpClient.build();
    }

    private static TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagerArr) {
        final X509TrustManager x509TrustManager = (X509TrustManager) trustManagerArr[0];
        return new TrustManager[]{new X509TrustManager() { // from class: com.ideil.redmine.api.ApiModule.2
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length > 0) {
                            x509CertificateArr[0].checkValidity();
                        }
                    } catch (CertificateException e) {
                        Log.w("checkClientTrusted", e.toString());
                        return;
                    }
                }
                x509TrustManager.checkClientTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length > 0) {
                            x509CertificateArr[0].checkValidity();
                        }
                    } catch (CertificateException e) {
                        Log.w("checkServerTrusted", e.toString());
                        return;
                    }
                }
                x509TrustManager.checkServerTrusted(x509CertificateArr, str);
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return x509TrustManager.getAcceptedIssuers();
            }
        }};
    }

    private static void initDefaultSSLCertificate() {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.ideil.redmine.api.ApiModule.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance(StrongSSLSocketFactory.SSL);
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            httpClient.sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagerArr[0]);
            httpClient.hostnameVerifier(new HostnameVerifier() { // from class: com.ideil.redmine.api.-$$Lambda$ApiModule$oeTQChUpY7DSPfwP50XU_TNLWpA
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    return ApiModule.lambda$initDefaultSSLCertificate$1(str, sSLSession);
                }
            });
            if (RedmineApp.getPreference().getUsingSSL()) {
                httpClient.connectionSpecs(Collections.singletonList(new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.TLS_1_2).cipherSuites(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256).build()));
            }
        } catch (Exception unused) {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$addTempCertificate$2(String str, SSLSession sSLSession) {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$createServiceBasic$0(String str, SSLSession sSLSession) {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$initDefaultSSLCertificate$1(String str, SSLSession sSLSession) {
        return true;
    }
}
