package com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication;

import android.content.Context;
import android.os.AsyncTask;
import android.util.Base64;
import android.util.Log;
import com.google.common.net.HttpHeaders;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.samsung.android.oneconnect.utils.DebugModeUtil;
import com.samsung.android.oneconnect.utils.SecurityUtil;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import okhttp3.Interceptor;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import okhttp3.logging.HttpLoggingInterceptor;
import retrofit2.Call;
import retrofit2.Callback;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;

/* loaded from: classes2.dex */
public class ServerAuthenticator {
    public static final String APPS_STORE_SERVICE_NAME = "apps";
    private static final String AUTH_SERVICE_NAME = "sas";
    private static final String BASE_PROV_SERVICE_URL = "https://gpm-mobile.samsungqbe.com/";
    private static final String BASE_PROV_SERVICE_URL_STG = "https://gpmstg-mobile.samsungqbe.com/";
    public static final String CIEL_STORE_SERVICE_NAME = "ciel";
    public static final String CONNECTED_DEVICE_LOGO_SERVICE_NAME = "connecteddevicelogo";
    public static final String EDEN_STORE_SERVICE_NAME = "eden";
    private static final String JSON_RSP_OK = "ok";
    private static final String LOCAL_TIME_DATE_FORMAT = "yyyy-MM-dd'T'HH:mm:ssZ";
    private static final String SEC_KEY = "7f031324-6b3c-4f76-b8ec-eb45bd47";
    private static final String SEC_KEY_STG = "x5465x73-584u-5s66-s71u-9t16v4wx";
    private static final String TAG = "ServerAuthenticator";
    private static final String TOKEN_EXPIRY_DATE_FORMAT = "yyyyMMdd'T'HH:mm:ssZ";
    private static final String TRUSTED_AUTH_SERVER_DOMAIN_NAME = "samsungqbe.com";
    private boolean bUsingStgServer;
    private CertificateHelper certHelperInst;
    private DeviceInfoHelper devInfoInst;
    private String mCountry;
    private static ServerAuthenticator instance = null;
    private static AuthToken mToken = null;
    private static boolean isAuthPending = false;
    public static final char[] hexArray = "0123456789abcdef".toCharArray();
    private List<ServiceInfo> mAuthServiceDomains = null;
    private List<ServiceInfo> mAppStoreServiceDomains = null;
    private List<ServiceInfo> mCielStoreServiceDomains = null;
    private List<ServiceInfo> mEdenStoreServiceDomains = null;
    private List<ServiceInfo> mConnectedDeviceLogoDomain = null;
    private Object lock = new Object();
    private List<IServerAuthCallback> apps_pending_requests = new ArrayList();
    private List<IServerAuthCallback> ciel_pending_requests = new ArrayList();
    private List<IServerAuthCallback> eden_pending_requests = new ArrayList();
    private List<IServerAuthCallback> device_pending_requests = new ArrayList();
    private boolean doErrorCallback = false;
    Gson mGson = new GsonBuilder().setPrettyPrinting().create();

    /* loaded from: classes2.dex */
    private class AccessToken extends AsyncTask<Context, Context, Void> {
        private AccessToken() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Void doInBackground(Context... contextArr) {
            Log.d(ServerAuthenticator.TAG, " worker_thread:run Entry");
            if (ServerAuthenticator.this.isServiceDomainAvailable(ServerAuthenticator.AUTH_SERVICE_NAME)) {
                Log.d(ServerAuthenticator.TAG, " workerThread before continueGetToken() ");
                ServerAuthenticator.this.continueGetToken(contextArr[0]);
            } else {
                try {
                    Log.d(ServerAuthenticator.TAG, " workerThread try block entry");
                    ServerAuthenticator.this.doGetServiceDomainsRequest(contextArr[0], ServerAuthenticator.AUTH_SERVICE_NAME);
                } catch (Exception e) {
                    Log.e(ServerAuthenticator.TAG, "workerThread getAuthToken:doGetServiceDomainsRequest:auth Exception: " + e.getMessage());
                    ServerAuthenticator.this.doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg(e.getMessage()), "all");
                }
            }
            Log.d(ServerAuthenticator.TAG, "worker_thread:run Exit");
            return null;
        }
    }

    /* loaded from: classes2.dex */
    public static class AuthToken {
        public String expired;
        public String expired_unixtime;
        public String type;
        public String value;

        public AuthToken(String str, String str2, String str3, String str4) {
            this.value = str;
            this.type = str2;
            this.expired = str3;
            this.expired_unixtime = str4;
        }
    }

    /* loaded from: classes2.dex */
    public static class Error {
        public String code;
        public String msg;

        public Error(String str, String str2) {
            this.code = str;
            this.msg = str2;
        }
    }

    /* loaded from: classes2.dex */
    public static class GetServiceDomainsRequestResult {
        public GetServiceDomainsResponse rsp;
    }

    /* loaded from: classes2.dex */
    public static class GetServiceDomainsResponse {
        public String countryCode;
        public List<ServiceInfo> serviceInfoList;
        public String stat;
    }

    /* loaded from: classes2.dex */
    public static class GetTokenErrorMessage {
        public String code;
        public String value;
    }

    /* loaded from: classes2.dex */
    public static class GetTokenResult {
        List<AuthToken> atoken;
        List<GetTokenErrorMessage> message;
        public String rsp;
    }

    /* loaded from: classes2.dex */
    public static class ServerError {
        public ServerResponse rsp;

        public ServerError(String str, String str2) {
            this.rsp = new ServerResponse("fail", new Error(str, str2), "");
        }
    }

    /* loaded from: classes2.dex */
    public static class ServerResponse {
        public String desc;
        public Error err;
        public String stat;

        public ServerResponse(String str, Error error, String str2) {
            this.stat = str;
            this.err = error;
            this.desc = str2;
        }
    }

    /* loaded from: classes2.dex */
    public static class ServiceInfo {
        public String serviceDomain;
        public String serviceName;
    }

    private ServerAuthenticator(Context context) {
        Log.d(TAG, "ServerAuthenticator Entry");
        init(context);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AuthToken DecryptToken(List<AuthToken> list) {
        AuthToken authToken = list.get(0);
        if (authToken == null) {
            Log.e(TAG, "DecryptToken : No tokens in the list");
            return null;
        }
        String AES_Decrypt = AES_Decrypt(authToken.value);
        if (AES_Decrypt != null) {
            return new AuthToken(AES_Decrypt, authToken.type, authToken.expired, authToken.expired_unixtime);
        }
        Log.e(TAG, "DecryptToken : AES_Decrypt failed");
        return null;
    }

    private synchronized void addToPendingRequests(IServerAuthCallback iServerAuthCallback, String str) {
        Log.d(TAG, "addToPendingRequests : serviceName  " + str);
        if ("apps".equalsIgnoreCase(str)) {
            this.apps_pending_requests.add(iServerAuthCallback);
        } else if ("ciel".equalsIgnoreCase(str)) {
            this.ciel_pending_requests.add(iServerAuthCallback);
        } else if ("eden".equalsIgnoreCase(str)) {
            this.eden_pending_requests.add(iServerAuthCallback);
        } else if (CONNECTED_DEVICE_LOGO_SERVICE_NAME.equalsIgnoreCase(str)) {
            this.device_pending_requests.add(iServerAuthCallback);
        } else {
            Log.d(TAG, "addToPendingRequests : Not support " + str);
        }
    }

    public static String bytesToHex(byte[] bArr) {
        char[] cArr = new char[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = bArr[i] & 255;
            cArr[i * 2] = hexArray[i2 >>> 4];
            cArr[(i * 2) + 1] = hexArray[i2 & 15];
        }
        return new String(cArr);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void continueGetToken(Context context) {
        Log.d(TAG, " continueGetToken:Entry");
        CertificateHelper certificateHelper = this.certHelperInst;
        if (CertificateHelper.isClientAuthCertValid()) {
            try {
                Log.d(TAG, " continueGetToken2");
                doGetTokenRequest();
            } catch (Exception e) {
                Log.e(TAG, " continueGetToken:doGetTokenRequest:Exception " + e.getMessage());
                doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg(e.getMessage()), "all");
            }
        } else {
            try {
                Log.d(TAG, " continueGetToken1");
                doCsrRequest(context);
            } catch (Exception e2) {
                Log.e(TAG, " continueGetToken:doCsrRequest:Exception " + e2.getMessage());
                doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg(e2.getMessage()), "all");
            }
        }
        Log.d(TAG, "continueGetToken:Exit");
    }

    private void doCsrRequest(final Context context) {
        Log.d(TAG, " doCsrRequest:Entry ");
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.a(HttpLoggingInterceptor.Level.BODY);
        final String localTime = getLocalTime();
        IServerAuthRest iServerAuthRest = (IServerAuthRest) new Retrofit.Builder().baseUrl(getServiceDomainName(AUTH_SERVICE_NAME)).addConverterFactory(GsonConverterFactory.create()).client(new OkHttpClient.Builder().a(new Interceptor() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.6
            @Override // okhttp3.Interceptor
            public Response intercept(Interceptor.Chain chain) throws IOException {
                return chain.a(chain.a().f().b(HttpHeaders.u, ServerAuthenticator.this.getHost(ServerAuthenticator.AUTH_SERVICE_NAME)).b("AppKey", ServerAuthenticator.this.devInfoInst.getFirmware_code()).b("Req", ServerAuthenticator.this.getRequestHash(context, localTime)).b("LocalTime", localTime).b("FirmCode", ServerAuthenticator.this.devInfoInst.getFirmware_code()).b("DeviceType", ServerAuthenticator.this.devInfoInst.getDeviceType()).d());
            }
        }).a(httpLoggingInterceptor).c()).build().create(IServerAuthRest.class);
        byte[] csrBody = this.certHelperInst.getCsrBody(context);
        if (csrBody != null) {
            iServerAuthRest.sendCertSignRequest(RequestBody.create(MediaType.a("application/x-www-form-urlencoded"), csrBody)).enqueue(new Callback<ResponseBody>() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.7
                @Override // retrofit2.Callback
                public void onFailure(Call<ResponseBody> call, Throwable th) {
                    Log.e(ServerAuthenticator.TAG, " doCsrRequest:onFailure: " + th.getMessage());
                    ServerAuthenticator.this.doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg(th.getMessage()), "all");
                }

                @Override // retrofit2.Callback
                public void onResponse(Call<ResponseBody> call, retrofit2.Response<ResponseBody> response) {
                    ServerAuthError serverAuthError;
                    Exception e;
                    Log.d(ServerAuthenticator.TAG, " doCsrRequest:onResponse: Entry ");
                    ServerAuthError serverAuthError2 = ServerAuthError.AUTH_ERR_INTERNAL_ERROR;
                    if (response.code() == 200) {
                        try {
                            serverAuthError = ServerAuthenticator.this.certHelperInst.saveCertificate(response.body().string());
                            try {
                                if (serverAuthError == ServerAuthError.AUTH_ERR_NONE) {
                                    Log.d(ServerAuthenticator.TAG, " doCsrRequest:onResponse: Before  doGetTokenRequest");
                                    ServerAuthenticator.this.doGetTokenRequest();
                                    return;
                                }
                                Log.e(ServerAuthenticator.TAG, " doCsrRequest:onResponse: saveCertificate failed. err = " + serverAuthError.getMsg());
                            } catch (Exception e2) {
                                e = e2;
                                e.printStackTrace();
                                serverAuthError.setMsg(" doCsrRequest:onResponse:Exception:" + e.getMessage());
                                Log.d(ServerAuthenticator.TAG, " doCsrRequest:onResponse: Before error cb");
                                ServerAuthenticator.this.doErrorCallbacks(serverAuthError, "all");
                            }
                        } catch (Exception e3) {
                            serverAuthError = serverAuthError2;
                            e = e3;
                        }
                    } else {
                        serverAuthError2.setMsg(" doCsrRequest:onResponse failed, ret = " + response.code());
                        serverAuthError = serverAuthError2;
                    }
                    Log.d(ServerAuthenticator.TAG, " doCsrRequest:onResponse: Before error cb");
                    ServerAuthenticator.this.doErrorCallbacks(serverAuthError, "all");
                }
            });
        } else {
            Log.e(TAG, " doCsrRequest:getCsrBody failed");
            doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg("doCsrRequest:getCsrBody failed"), "all");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void doErrorCallbacks(ServerAuthError serverAuthError, String str) {
        Log.e(TAG, "doErrorCallbacks:Entry err : " + serverAuthError.getMsg() + " serviceName : " + str);
        if ("all".equals(str) || "all".equalsIgnoreCase(str)) {
            if (this.apps_pending_requests != null && this.apps_pending_requests.size() != 0) {
                Iterator<IServerAuthCallback> it = this.apps_pending_requests.iterator();
                while (it.hasNext()) {
                    it.next().onGetToken(serverAuthError, null);
                }
                this.apps_pending_requests.clear();
            }
            if (this.ciel_pending_requests != null && this.ciel_pending_requests.size() != 0) {
                Iterator<IServerAuthCallback> it2 = this.ciel_pending_requests.iterator();
                while (it2.hasNext()) {
                    it2.next().onGetToken(serverAuthError, null);
                }
                this.ciel_pending_requests.clear();
            }
            if (this.eden_pending_requests != null && this.eden_pending_requests.size() != 0) {
                Iterator<IServerAuthCallback> it3 = this.eden_pending_requests.iterator();
                while (it3.hasNext()) {
                    it3.next().onGetToken(serverAuthError, null);
                }
                this.eden_pending_requests.clear();
            }
            if (this.device_pending_requests != null && this.device_pending_requests.size() != 0) {
                Iterator<IServerAuthCallback> it4 = this.device_pending_requests.iterator();
                while (it4.hasNext()) {
                    it4.next().onGetToken(serverAuthError, null);
                }
                this.device_pending_requests.clear();
            }
        } else if ("apps".equalsIgnoreCase(str)) {
            if (this.apps_pending_requests != null && this.apps_pending_requests.size() != 0) {
                Iterator<IServerAuthCallback> it5 = this.apps_pending_requests.iterator();
                while (it5.hasNext()) {
                    it5.next().onGetToken(serverAuthError, null);
                }
                this.apps_pending_requests.clear();
            }
        } else if ("ciel".equalsIgnoreCase(str)) {
            if (this.ciel_pending_requests != null && this.ciel_pending_requests.size() != 0) {
                Iterator<IServerAuthCallback> it6 = this.ciel_pending_requests.iterator();
                while (it6.hasNext()) {
                    it6.next().onGetToken(serverAuthError, null);
                }
                this.ciel_pending_requests.clear();
            }
        } else if ("eden".equalsIgnoreCase(str)) {
            if (this.eden_pending_requests != null && this.eden_pending_requests.size() != 0) {
                Iterator<IServerAuthCallback> it7 = this.eden_pending_requests.iterator();
                while (it7.hasNext()) {
                    it7.next().onGetToken(serverAuthError, null);
                }
                this.eden_pending_requests.clear();
            }
        } else if (CONNECTED_DEVICE_LOGO_SERVICE_NAME.equalsIgnoreCase(str) && this.device_pending_requests != null && this.device_pending_requests.size() != 0) {
            Iterator<IServerAuthCallback> it8 = this.device_pending_requests.iterator();
            while (it8.hasNext()) {
                it8.next().onGetToken(serverAuthError, null);
            }
            this.device_pending_requests.clear();
        }
        synchronized (this.lock) {
            resetAuthInProgress();
        }
        Log.d(TAG, "doErrorCallbacks:Exit");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doGetTokenRequest() {
        Log.d(TAG, " doGetTokenRequest Entry");
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.a(HttpLoggingInterceptor.Level.BODY);
        Interceptor interceptor = new Interceptor() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.4
            @Override // okhttp3.Interceptor
            public Response intercept(Interceptor.Chain chain) throws IOException {
                return chain.a(chain.a().f().b(HttpHeaders.u, ServerAuthenticator.this.getHost(ServerAuthenticator.AUTH_SERVICE_NAME)).b("FirmCode", ServerAuthenticator.this.devInfoInst.getFirmware_code()).b("DeviceType", ServerAuthenticator.this.devInfoInst.getDeviceType()).d());
            }
        };
        SSLContext sSLContext = CertificateHelper.getSSLContext(null, null);
        if (sSLContext == null) {
            Log.e(TAG, "doGetTokenRequest: getSSLContext failed");
            doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg("getSSLContext failed"), "all");
        } else {
            final Retrofit build = new Retrofit.Builder().baseUrl(getServiceDomainName(AUTH_SERVICE_NAME)).addConverterFactory(GsonConverterFactory.create()).client(new OkHttpClient.Builder().a(interceptor).a(sSLContext.getSocketFactory()).a(getHostnameVerifier()).a(httpLoggingInterceptor).c()).build();
            ((IServerAuthRest) build.create(IServerAuthRest.class)).getToken(RequestBody.create(MediaType.a("application/x-www-form-urlencoded"), getTokenRequestBody())).enqueue(new Callback<GetTokenResult>() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.5
                @Override // retrofit2.Callback
                public void onFailure(Call<GetTokenResult> call, Throwable th) {
                    Log.e(ServerAuthenticator.TAG, "doGetTokenRequest:onFailure: " + th.getMessage());
                    ServerAuthenticator.this.doErrorCallbacks(ServerAuthError.AUTH_ERR_NETWORK_UNAVAILABLE.setMsg(th.getMessage()), "all");
                }

                @Override // retrofit2.Callback
                public void onResponse(Call<GetTokenResult> call, retrofit2.Response<GetTokenResult> response) {
                    ServerAuthError authError;
                    Log.d(ServerAuthenticator.TAG, " doGetTokenRequest:onResponse Entry");
                    ServerAuthError serverAuthError = ServerAuthError.AUTH_ERR_INTERNAL_ERROR;
                    if (response.code() == 200) {
                        GetTokenResult body = response.body();
                        if ("ok".equals(body.rsp)) {
                            AuthToken unused = ServerAuthenticator.mToken = ServerAuthenticator.this.DecryptToken(body.atoken);
                            if (ServerAuthenticator.mToken != null) {
                                Log.d(ServerAuthenticator.TAG, " doGetTokenRequest:onResponse: Before success cb");
                                ServerAuthenticator.this.doSuccessCallbacks();
                                return;
                            } else {
                                serverAuthError.setMsg(" doGetTokenRequest:onResponse: DecryptToken failed");
                                authError = serverAuthError;
                            }
                        } else if (body.message != null) {
                            Log.e(ServerAuthenticator.TAG, " doGetTokenRequest:onResponse Not Okay : Code - " + body.message.get(0).code + " Value - " + body.message.get(0).value);
                            authError = ServerAuthError.mapAuthError(new ServerError(body.message.get(0).code, body.message.get(0).value));
                        } else {
                            serverAuthError.setMsg(" doGetTokenRequest:onResponse Not Okay. Null message");
                            authError = serverAuthError;
                        }
                    } else {
                        Log.e(ServerAuthenticator.TAG, " doGetTokenRequest:onResponse failed, ret = " + response.code());
                        authError = ServerAuthenticator.this.getAuthError(build, response);
                    }
                    Log.d(ServerAuthenticator.TAG, " doGetTokenRequest:onResponse: Before error cb");
                    ServerAuthenticator.this.doErrorCallbacks(authError, "all");
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void doSuccessCallbacks() {
        Log.d(TAG, " doSuccessCallbacks:Entry");
        if (isServiceDomainAvailable("apps")) {
            Iterator<IServerAuthCallback> it = this.apps_pending_requests.iterator();
            while (it.hasNext()) {
                it.next().onGetToken(ServerAuthError.AUTH_ERR_NONE, mToken.value);
            }
        }
        if (isServiceDomainAvailable("ciel")) {
            Iterator<IServerAuthCallback> it2 = this.ciel_pending_requests.iterator();
            while (it2.hasNext()) {
                it2.next().onGetToken(ServerAuthError.AUTH_ERR_NONE, mToken.value);
            }
        }
        if (isServiceDomainAvailable("eden")) {
            Iterator<IServerAuthCallback> it3 = this.eden_pending_requests.iterator();
            while (it3.hasNext()) {
                it3.next().onGetToken(ServerAuthError.AUTH_ERR_NONE, mToken.value);
            }
        }
        if (isServiceDomainAvailable(CONNECTED_DEVICE_LOGO_SERVICE_NAME)) {
            Iterator<IServerAuthCallback> it4 = this.device_pending_requests.iterator();
            while (it4.hasNext()) {
                it4.next().onGetToken(ServerAuthError.AUTH_ERR_NONE, mToken.value);
            }
        }
        synchronized (this.lock) {
            resetAuthInProgress();
        }
        Log.d(TAG, "doSuccessCallbacks:Exit");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ServerAuthError getAuthError(Retrofit retrofit, retrofit2.Response response) {
        ServerAuthError serverAuthError;
        Log.d(TAG, "getAuthError:Entry:");
        try {
            ServerError serverError = (ServerError) retrofit.responseBodyConverter(ServerError.class, new Annotation[0]).convert(response.errorBody());
            Log.d(TAG, "Server Error : " + this.mGson.toJson(serverError));
            serverAuthError = ServerAuthError.mapAuthError(serverError);
        } catch (Exception e) {
            e.printStackTrace();
            serverAuthError = ServerAuthError.AUTH_ERR_INTERNAL_ERROR;
        }
        Log.d(TAG, "getAuthError:Exit");
        return serverAuthError;
    }

    public static synchronized ServerAuthenticator getInstance(Context context) {
        ServerAuthenticator serverAuthenticator;
        synchronized (ServerAuthenticator.class) {
            if (instance == null) {
                instance = new ServerAuthenticator(context);
            }
            serverAuthenticator = instance;
        }
        return serverAuthenticator;
    }

    private String getProvisioningUrl() {
        return isbUsingStgServer() ? BASE_PROV_SERVICE_URL_STG : BASE_PROV_SERVICE_URL;
    }

    private String getSecKey() {
        return isbUsingStgServer() ? SEC_KEY_STG : SEC_KEY;
    }

    private String getTokenRequestBody() {
        String devInfoForTokenRequest = this.devInfoInst.getDevInfoForTokenRequest();
        if (devInfoForTokenRequest == null) {
            Log.e(TAG, "getTokenRequestBody: getDevInfoForTokenRequest failed");
            return null;
        }
        String AES_Encrypt = AES_Encrypt(devInfoForTokenRequest);
        if (AES_Encrypt != null) {
            return AES_Encrypt;
        }
        Log.e(TAG, "getTokenRequestBody : AES_Encrypt failed");
        return null;
    }

    private void init(Context context) {
        this.devInfoInst = DeviceInfoHelper.getInstance(context);
        this.certHelperInst = CertificateHelper.getInstance(context);
        this.mCountry = this.devInfoInst.getCountry();
        this.bUsingStgServer = false;
        if (DebugModeUtil.Q(context)) {
            Log.d(TAG, "Using STG server");
            this.bUsingStgServer = true;
        } else {
            Log.d(TAG, "Using PROD server");
            this.bUsingStgServer = false;
        }
        this.devInfoInst.setUsingStgServer(this.bUsingStgServer);
        Log.d(TAG, "ServerAuthenticator Exit");
    }

    private synchronized boolean isAuthInProgress() {
        boolean z;
        synchronized (this) {
            Log.d(TAG, "isAuthInProgress : " + (isAuthPending ? "true" : "false"));
            z = isAuthPending;
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isServiceDomainAvailable(String str) {
        if (AUTH_SERVICE_NAME.equals(str)) {
            Log.d(TAG, " isServiceDomainAvailable sas");
            if (this.mAuthServiceDomains != null && this.mAuthServiceDomains.size() != 0) {
                return true;
            }
        } else if ("apps".equals(str)) {
            Log.d(TAG, " isServiceDomainAvailable apps mStoreServiceDomains " + this.mAppStoreServiceDomains);
            if (this.mAppStoreServiceDomains != null && this.mAppStoreServiceDomains.size() != 0) {
                Log.d(TAG, " isServiceDomainAvailable appslist not empty");
                return true;
            }
        } else if ("ciel".equals(str)) {
            Log.d(TAG, " isServiceDomainAvailable ciel mStoreServiceDomains " + this.mCielStoreServiceDomains);
            if (this.mCielStoreServiceDomains != null && this.mCielStoreServiceDomains.size() != 0) {
                Log.d(TAG, " isServiceDomainAvailable ciellist not empty");
                return true;
            }
        } else if ("eden".equals(str)) {
            Log.d(TAG, " isServiceDomainAvailable eden mStoreServiceDomains " + this.mEdenStoreServiceDomains);
            if (this.mEdenStoreServiceDomains != null && this.mEdenStoreServiceDomains.size() != 0) {
                Log.d(TAG, " isServiceDomainAvailable edenlist not empty");
                return true;
            }
        } else if (CONNECTED_DEVICE_LOGO_SERVICE_NAME.equals(str)) {
            Log.d(TAG, " isServiceDomainAvailable connecteddevicelogo mStoreServiceDomains " + this.mConnectedDeviceLogoDomain);
            if (this.mConnectedDeviceLogoDomain != null && this.mConnectedDeviceLogoDomain.size() != 0) {
                Log.d(TAG, " isServiceDomainAvailable connecteddevicelogolist not empty");
                return true;
            }
        } else {
            Log.e(TAG, "isServiceDomainAvailable: Unknown serviceName " + str);
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isTokenValid() {
        Log.d(TAG, "isTokenValid : entry");
        if (mToken == null) {
            Log.e(TAG, " isTokenValid: token null");
            return false;
        }
        Date date = new Date(1000 * Long.parseLong(mToken.expired_unixtime));
        try {
            Date parse = new SimpleDateFormat(TOKEN_EXPIRY_DATE_FORMAT, Locale.US).parse(mToken.expired);
            Date date2 = new Date();
            if (!date.before(date2) && !parse.before(date2)) {
                return true;
            }
            Log.d(TAG, " Token Expired : cur_time : " + date2 + " exp_date_unix : " + date + " exp_date_str : " + parse);
            return false;
        } catch (ParseException e) {
            e.printStackTrace();
            Log.e(TAG, " isTokenValid:Exception " + e.getMessage());
            return false;
        }
    }

    public static byte[] removeTrailingNulls(byte[] bArr) {
        int length = bArr.length;
        while (bArr[length - 1] == 0) {
            length--;
        }
        byte[] bArr2 = new byte[length];
        System.arraycopy(bArr, 0, bArr2, 0, length);
        return bArr2;
    }

    private synchronized void resetAuthInProgress() {
        Log.d(TAG, "resetAuthInProgress");
        isAuthPending = false;
    }

    private synchronized void setAuthInProgress() {
        Log.d(TAG, "setAuthInProgress");
        isAuthPending = true;
    }

    public String AES_Decrypt(String str) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, new SecretKeySpec(getSecKey().getBytes(), SecurityUtil.b), new IvParameterSpec(new byte[16]));
            return new String(removeTrailingNulls(cipher.doFinal(Base64.decode(str.getBytes("UTF-8"), 0))));
        } catch (Exception e) {
            e.printStackTrace();
            System.out.println("Error while Decrypting: " + e.toString());
            return null;
        }
    }

    public String AES_Encrypt(String str) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, new SecretKeySpec(getSecKey().getBytes(), SecurityUtil.b), new IvParameterSpec(new byte[16]));
            return new String(Base64.encode(cipher.doFinal(str.getBytes("UTF-8")), 0));
        } catch (Exception e) {
            e.printStackTrace();
            System.out.println("Error while encrypting: " + e.toString());
            return null;
        }
    }

    public void doGetServiceDomainsRequest(final Context context, final String str) {
        Log.d(TAG, " doGetServiceDomainsRequest:Entry : svc_name : " + str);
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.a(HttpLoggingInterceptor.Level.BODY);
        final Retrofit build = new Retrofit.Builder().baseUrl(getProvisioningUrl()).addConverterFactory(GsonConverterFactory.create()).client(new OkHttpClient.Builder().a(httpLoggingInterceptor).c()).build();
        IServerAuthRest iServerAuthRest = (IServerAuthRest) build.create(IServerAuthRest.class);
        if (this.mCountry != null && !this.mCountry.isEmpty()) {
            iServerAuthRest.getServiceDomains(this.mCountry, str).enqueue(new Callback<GetServiceDomainsRequestResult>() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.9
                @Override // retrofit2.Callback
                public void onFailure(Call<GetServiceDomainsRequestResult> call, Throwable th) {
                    Log.e(ServerAuthenticator.TAG, "GetServiceURLsRequest onFailure : " + th.getMessage());
                    ServerAuthenticator.this.doErrorCallbacks(ServerAuthError.AUTH_ERR_NETWORK_UNAVAILABLE.setMsg(th.getMessage()), str);
                }

                @Override // retrofit2.Callback
                public void onResponse(Call<GetServiceDomainsRequestResult> call, retrofit2.Response<GetServiceDomainsRequestResult> response) {
                    ServerAuthError authError;
                    Log.d(ServerAuthenticator.TAG, " doGetServiceDomainsRequest:onResponse:Entry");
                    ServerAuthError serverAuthError = ServerAuthError.AUTH_ERR_INTERNAL_ERROR;
                    if (response.code() == 200) {
                        GetServiceDomainsRequestResult body = response.body();
                        if (body != null && body.rsp != null && "ok".equals(body.rsp.stat)) {
                            if (ServerAuthenticator.AUTH_SERVICE_NAME.equals(str)) {
                                ServerAuthenticator.this.mAuthServiceDomains = body.rsp.serviceInfoList;
                                if (ServerAuthenticator.this.mAuthServiceDomains == null || ServerAuthenticator.this.mAuthServiceDomains.size() == 0) {
                                    Log.e(ServerAuthenticator.TAG, " GetServiceURLsRequestResponse : Empty Auth Service Domain List ");
                                    ServerAuthenticator.this.doErrorCallbacks(ServerAuthError.AUTH_ERR_UNEXPECTED_SERVER_DATA.setMsg("GetServiceURLsRequestResponse:Empty Auth Service Domain List"), str);
                                    return;
                                }
                            }
                            Log.d(ServerAuthenticator.TAG, " doGetServiceDomainsRequest:onResponse: Before continueGetToken");
                            ServerAuthenticator.this.continueGetToken(context);
                            return;
                        }
                        serverAuthError.setMsg("GetServiceURLsRequest != ok");
                        authError = serverAuthError;
                    } else {
                        Log.e(ServerAuthenticator.TAG, " GetServiceURLsRequestResponse:onResponse failed, ret = " + response.code());
                        authError = ServerAuthenticator.this.getAuthError(build, response);
                    }
                    Log.d(ServerAuthenticator.TAG, " doGetServiceDomainsRequest:onResponse: Before error cb");
                    ServerAuthenticator.this.doErrorCallbacks(authError, str);
                }
            });
        } else {
            Log.e(TAG, " doGetServiceDomainsRequest : getTvCountryCode failed");
            doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg("doGetServiceDomainsRequest : getTvCountryCode failed"), "all");
        }
    }

    public void doGetStoreServiceURL(final String str) {
        Log.d(TAG, " doGetStoreServiceURL:Entry : svc_name : " + str);
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.a(HttpLoggingInterceptor.Level.BODY);
        final Retrofit build = new Retrofit.Builder().baseUrl(getProvisioningUrl()).addConverterFactory(GsonConverterFactory.create()).client(new OkHttpClient.Builder().a(httpLoggingInterceptor).c()).build();
        IServerAuthRest iServerAuthRest = (IServerAuthRest) build.create(IServerAuthRest.class);
        if (this.mCountry != null && !this.mCountry.isEmpty()) {
            iServerAuthRest.getServiceDomains(this.mCountry, str).enqueue(new Callback<GetServiceDomainsRequestResult>() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.8
                @Override // retrofit2.Callback
                public void onFailure(Call<GetServiceDomainsRequestResult> call, Throwable th) {
                    Log.e(ServerAuthenticator.TAG, "GetServiceURLsRequest onFailure : " + th.getMessage());
                    ServerAuthenticator.this.doErrorCallbacks(ServerAuthError.AUTH_ERR_NETWORK_UNAVAILABLE.setMsg(th.getMessage()), str);
                }

                @Override // retrofit2.Callback
                public void onResponse(Call<GetServiceDomainsRequestResult> call, retrofit2.Response<GetServiceDomainsRequestResult> response) {
                    Log.d(ServerAuthenticator.TAG, " doGetStoreServiceURL:onResponse:Entry");
                    ServerAuthError serverAuthError = ServerAuthError.AUTH_ERR_INTERNAL_ERROR;
                    if (response.code() != 200) {
                        Log.e(ServerAuthenticator.TAG, " GetServiceURLsRequestResponse:onResponse failed, ret = " + response.code());
                        ServerAuthenticator.this.doErrorCallbacks(ServerAuthenticator.this.getAuthError(build, response), str);
                        return;
                    }
                    Log.d(ServerAuthenticator.TAG, "Connection doGetStoreServiceURL response code " + response.code());
                    GetServiceDomainsRequestResult body = response.body();
                    if (body == null || body.rsp == null || !"ok".equals(body.rsp.stat)) {
                        serverAuthError.setMsg("GetServiceURLsRequest != ok");
                        return;
                    }
                    Log.d(ServerAuthenticator.TAG, "Connection doGetStoreServiceURL JSON_RSP_OK ");
                    ServerAuthenticator.this.doErrorCallback = false;
                    if ("apps".equalsIgnoreCase(str)) {
                        ServerAuthenticator.this.mAppStoreServiceDomains = body.rsp.serviceInfoList;
                        if (ServerAuthenticator.this.mAppStoreServiceDomains == null || ServerAuthenticator.this.mAppStoreServiceDomains.size() == 0) {
                            ServerAuthenticator.this.doErrorCallback = true;
                        }
                    } else if ("ciel".equalsIgnoreCase(str)) {
                        ServerAuthenticator.this.mCielStoreServiceDomains = body.rsp.serviceInfoList;
                        if (ServerAuthenticator.this.mCielStoreServiceDomains == null || ServerAuthenticator.this.mCielStoreServiceDomains.size() == 0) {
                            ServerAuthenticator.this.doErrorCallback = true;
                        }
                    } else if ("eden".equalsIgnoreCase(str)) {
                        ServerAuthenticator.this.mEdenStoreServiceDomains = body.rsp.serviceInfoList;
                        if (ServerAuthenticator.this.mEdenStoreServiceDomains == null || ServerAuthenticator.this.mEdenStoreServiceDomains.size() == 0) {
                            ServerAuthenticator.this.doErrorCallback = true;
                        }
                    } else if (ServerAuthenticator.CONNECTED_DEVICE_LOGO_SERVICE_NAME.equalsIgnoreCase(str)) {
                        ServerAuthenticator.this.mConnectedDeviceLogoDomain = body.rsp.serviceInfoList;
                        if (ServerAuthenticator.this.mConnectedDeviceLogoDomain == null || ServerAuthenticator.this.mConnectedDeviceLogoDomain.size() == 0) {
                            ServerAuthenticator.this.doErrorCallback = true;
                        } else {
                            Iterator it = ServerAuthenticator.this.device_pending_requests.iterator();
                            while (it.hasNext()) {
                                ((IServerAuthCallback) it.next()).onGetServerDomain(ServerAuthenticator.this.getServiceDomainName(str));
                            }
                        }
                    } else {
                        Log.e(ServerAuthenticator.TAG, " doGetStoreServiceURL : Not matched service response ");
                    }
                    if (ServerAuthenticator.this.doErrorCallback) {
                        Log.e(ServerAuthenticator.TAG, " doGetStoreServiceURL : Empty Store Service Domains List ");
                        ServerAuthenticator.this.doErrorCallbacks(ServerAuthError.AUTH_ERR_UNEXPECTED_SERVER_DATA.setMsg("etServiceURLsRequestResponse : Empty Store Service Domains List"), str);
                        return;
                    }
                    if (ServerAuthenticator.this.isTokenValid()) {
                        if ("apps".equalsIgnoreCase(str)) {
                            Iterator it2 = ServerAuthenticator.this.apps_pending_requests.iterator();
                            while (it2.hasNext()) {
                                ((IServerAuthCallback) it2.next()).onGetToken(ServerAuthError.AUTH_ERR_NONE, ServerAuthenticator.mToken.value);
                            }
                        } else if ("ciel".equalsIgnoreCase(str)) {
                            Iterator it3 = ServerAuthenticator.this.ciel_pending_requests.iterator();
                            while (it3.hasNext()) {
                                ((IServerAuthCallback) it3.next()).onGetToken(ServerAuthError.AUTH_ERR_NONE, ServerAuthenticator.mToken.value);
                            }
                        } else {
                            if (!"eden".equalsIgnoreCase(str)) {
                                serverAuthError.setMsg("GetServiceURLsRequest != service name is not valid");
                                return;
                            }
                            Iterator it4 = ServerAuthenticator.this.eden_pending_requests.iterator();
                            while (it4.hasNext()) {
                                ((IServerAuthCallback) it4.next()).onGetToken(ServerAuthError.AUTH_ERR_NONE, ServerAuthenticator.mToken.value);
                            }
                        }
                    }
                }
            });
        } else {
            Log.e(TAG, " doGetServiceDomainsRequest : getTvCountryCode failed");
            doErrorCallbacks(ServerAuthError.AUTH_ERR_INTERNAL_ERROR.setMsg("doGetServiceDomainsRequest : getTvCountryCode failed"), "all");
        }
    }

    public void getAuthToken(Context context, IServerAuthCallback iServerAuthCallback, final String str) {
        Log.d(TAG, "getAuthToken : serviceName " + str);
        if (iServerAuthCallback == null) {
            Log.e(TAG, "getAuthToken : Invalid Params");
            return;
        }
        synchronized (this.lock) {
            if (!isServiceDomainAvailable(str)) {
                Log.d(TAG, "getAuthToken : Store Service Name Not Available");
                new Thread(new Runnable() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.2
                    @Override // java.lang.Runnable
                    public void run() {
                        ServerAuthenticator.this.doGetStoreServiceURL(str);
                    }
                }).start();
            }
            if (isTokenValid()) {
                if (!isServiceDomainAvailable(str)) {
                    addToPendingRequests(iServerAuthCallback, str);
                    return;
                } else {
                    Log.d(TAG, " getAuthToken:Token Valid. Before cb");
                    iServerAuthCallback.onGetToken(ServerAuthError.AUTH_ERR_NONE, mToken.value);
                    return;
                }
            }
            Log.d(TAG, "getAuthToken:Adding cb to List");
            addToPendingRequests(iServerAuthCallback, str);
            if (!isAuthInProgress()) {
                Log.d(TAG, " getAuthToken:isAuthInProgress() is false. Starting thread");
                setAuthInProgress();
                new AccessToken().execute(context);
            }
        }
    }

    public String getHost(String str) {
        List<ServiceInfo> list;
        Log.d(TAG, "getHost : serviceName " + str);
        if (AUTH_SERVICE_NAME.equals(str)) {
            list = this.mAuthServiceDomains;
        } else if ("apps".equalsIgnoreCase(str)) {
            list = this.mAppStoreServiceDomains;
        } else if ("ciel".equalsIgnoreCase(str)) {
            list = this.mCielStoreServiceDomains;
        } else if ("eden".equalsIgnoreCase(str)) {
            list = this.mEdenStoreServiceDomains;
        } else {
            if (!CONNECTED_DEVICE_LOGO_SERVICE_NAME.equalsIgnoreCase(str)) {
                Log.e(TAG, "getHost : Invalid serviceName : " + str);
                return null;
            }
            list = this.mConnectedDeviceLogoDomain;
        }
        if (list == null || list.size() == 0 || list.get(0).serviceDomain == null) {
            Log.e(TAG, "getHost : svcDomainList not available");
            return null;
        }
        try {
            return new URL(list.get(0).serviceDomain).getHost();
        } catch (MalformedURLException e) {
            e.printStackTrace();
            Log.e(TAG, "getHost : " + e.getMessage());
            return null;
        }
    }

    public HostnameVerifier getHostnameVerifier() {
        return new HostnameVerifier() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.3
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                HostnameVerifier defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
                if (defaultHostnameVerifier == null) {
                    Log.e(ServerAuthenticator.TAG, "getHostnameVerifier: hv null");
                    return false;
                }
                boolean verify = defaultHostnameVerifier.verify(ServerAuthenticator.TRUSTED_AUTH_SERVER_DOMAIN_NAME, sSLSession);
                if (verify) {
                    Log.d(ServerAuthenticator.TAG, "Host Name Verify success : Expected - samsungqbe.com Hostname " + str);
                    return verify;
                }
                Log.e(ServerAuthenticator.TAG, "Host Name Verify failed : Expected - samsungqbe.com Hostname " + str);
                return verify;
            }
        };
    }

    public String getLocalTime() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat(LOCAL_TIME_DATE_FORMAT, Locale.US);
        if (simpleDateFormat == null) {
            Log.e(TAG, "getLocalTime : Unable to get SimpleDateFormat");
            return null;
        }
        String format = simpleDateFormat.format(new Date());
        if (format != null) {
            return format;
        }
        Log.e(TAG, "getLocalTime : Failed to get currentDateandTime");
        return null;
    }

    public String getRequestHash(Context context, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(this.certHelperInst.getCsrBody(context));
            messageDigest.update(getSecKey().getBytes());
            messageDigest.update(str.getBytes());
            return bytesToHex(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }

    public String getServiceDomainName(String str) {
        List<ServiceInfo> list;
        Log.e(TAG, "getServiceDomainName1: serviceName : " + str + " not found in list");
        if (str == null) {
            Log.e(TAG, "getServiceDomainName : Invalid serviceName ");
            return null;
        }
        if (AUTH_SERVICE_NAME.equals(str)) {
            list = this.mAuthServiceDomains;
        } else if ("apps".equalsIgnoreCase(str)) {
            list = this.mAppStoreServiceDomains;
        } else if ("ciel".equalsIgnoreCase(str)) {
            list = this.mCielStoreServiceDomains;
        } else if ("eden".equalsIgnoreCase(str)) {
            list = this.mEdenStoreServiceDomains;
        } else {
            if (!CONNECTED_DEVICE_LOGO_SERVICE_NAME.equalsIgnoreCase(str)) {
                Log.e(TAG, "getServiceDomainName: Unsupported serviceName : " + str);
                return null;
            }
            list = this.mConnectedDeviceLogoDomain;
        }
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= list.size()) {
                Log.e(TAG, "getServiceDomainName: serviceName : " + str + " not found in list");
                return null;
            }
            if (list.get(i2).serviceName != null && list.get(i2).serviceName.equals(str)) {
                return list.get(i2).serviceDomain;
            }
            i = i2 + 1;
        }
    }

    public boolean isbUsingStgServer() {
        return this.bUsingStgServer;
    }

    public void requestServiceURL(final String str, IServerAuthCallback iServerAuthCallback) {
        synchronized (this.lock) {
            if (isServiceDomainAvailable(str)) {
                iServerAuthCallback.onGetServerDomain(getServiceDomainName(str));
            } else {
                Log.d(TAG, "getStoreServiceURL : get store service URL for : " + str);
                new Thread(new Runnable() { // from class: com.samsung.android.oneconnect.easysetup.assisted.tv.protocol.authentication.ServerAuthenticator.1
                    @Override // java.lang.Runnable
                    public void run() {
                        ServerAuthenticator.this.doGetStoreServiceURL(str);
                    }
                }).start();
                addToPendingRequests(iServerAuthCallback, str);
            }
        }
    }
}
