package com.pydio.cells.transport;

import com.amazonaws.services.s3.internal.Constants;
import com.pydio.android.client.backend.nodes.OfflineWorkspaceNode;
import com.pydio.cells.api.SDKException;
import com.pydio.cells.api.SdkNames;
import com.pydio.cells.api.ServerURL;
import com.pydio.cells.client.security.CertificateTrust;
import com.pydio.cells.client.security.CertificateTrustManager;
import com.pydio.cells.utils.Str;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.ProtocolException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Locale;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes.dex */
public class ServerURLImpl implements ServerURL {
    private byte[][] certificateChain;
    private final boolean skipVerify;
    private SSLContext sslContext;
    private SSLSocketFactory sslSocketFactory = null;
    private CertificateTrust.Helper trustHelper;
    private final URL url;
    private static final TrustManager[] SKIP_VERIFY_TRUST_MANAGER = {new X509TrustManager() { // from class: com.pydio.cells.transport.ServerURLImpl.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }};
    private static final HostnameVerifier SKIP_HOSTNAME_VERIFIER = new HostnameVerifier() { // from class: com.pydio.cells.transport.ServerURLImpl.2
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    };

    private ServerURLImpl(URL url, boolean z) {
        this.url = url;
        this.skipVerify = z;
    }

    public static ServerURL fromAddress(String str) throws MalformedURLException {
        return fromAddress(str, false);
    }

    public static ServerURL fromAddress(String str, boolean z) throws MalformedURLException {
        URL url;
        String lowerCase = str.trim().toLowerCase(Locale.ENGLISH);
        URL url2 = new URL(lowerCase);
        String path = url2.getPath();
        path.hashCode();
        String str2 = SdkNames.DEFAULT_CLIENT_SECRET;
        if (path.equals(SdkNames.DEFAULT_CLIENT_SECRET) || path.equals(OfflineWorkspaceNode.rootPath)) {
            url = new URL(url2.getProtocol().concat("://").concat(url2.getAuthority()));
        } else {
            String path2 = url2.getPath();
            if (path2 != null) {
                str2 = path2;
            }
            String trim = str2.trim();
            if (trim.endsWith(OfflineWorkspaceNode.rootPath)) {
                trim = trim.substring(0, trim.length() - 1);
            }
            if (url2.getProtocol() != null) {
                url2.getProtocol();
            }
            if (url2.getAuthority() == null) {
                throw new MalformedURLException("Cannot create a server URL without authority for " + lowerCase);
            }
            url = new URL(url2.getProtocol().concat("://").concat(url2.getAuthority()).concat(trim));
        }
        return new ServerURLImpl(url, z);
    }

    private CertificateTrust.Helper getTrustHelper() {
        CertificateTrust.Helper helper = this.trustHelper;
        if (helper != null) {
            return helper;
        }
        CertificateTrust.Helper helper2 = new CertificateTrust.Helper() { // from class: com.pydio.cells.transport.ServerURLImpl.3
            @Override // com.pydio.cells.client.security.CertificateTrust.Helper
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // com.pydio.cells.client.security.CertificateTrust.Helper
            public boolean isServerTrusted(X509Certificate[] x509CertificateArr) {
                MessageDigest messageDigest;
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    for (byte[] bArr : ServerURLImpl.this.certificateChain) {
                        try {
                            x509Certificate.checkValidity();
                            messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.MD5);
                        } catch (Exception e) {
                            e.printStackTrace();
                        }
                        if (Arrays.equals(messageDigest.digest(bArr), messageDigest.digest(x509Certificate.getEncoded()))) {
                            return true;
                        }
                    }
                }
                return false;
            }
        };
        this.trustHelper = helper2;
        return helper2;
    }

    private void setAcceptAllVerifier(HttpsURLConnection httpsURLConnection) {
        try {
            if (this.sslSocketFactory == null) {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(null, SKIP_VERIFY_TRUST_MANAGER, new SecureRandom());
                this.sslSocketFactory = sSLContext.getSocketFactory();
            }
            httpsURLConnection.setSSLSocketFactory(this.sslSocketFactory);
            httpsURLConnection.setHostnameVerifier(SKIP_HOSTNAME_VERIFIER);
        } catch (KeyManagementException e) {
            throw new RuntimeException("Unexpected error while initializing SSL context", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Unexpected error while initializing SSL context", e2);
        }
    }

    private TrustManager trustManager() {
        return new CertificateTrustManager(getTrustHelper());
    }

    public static ServerURL withSkipVerify(ServerURL serverURL) {
        try {
            return new ServerURLImpl(new URL(serverURL.getId()), true);
        } catch (MalformedURLException unused) {
            return null;
        }
    }

    @Override // com.pydio.cells.api.ServerURL
    public byte[][] getCertificateChain() {
        return this.certificateChain;
    }

    @Override // com.pydio.cells.api.ServerURL
    public SSLContext getSSLContext() {
        if (this.sslContext == null) {
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                this.sslContext = sSLContext;
                sSLContext.init(null, new TrustManager[]{trustManager()}, null);
                this.sslContext.getSocketFactory();
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }
        return this.sslContext;
    }

    @Override // com.pydio.cells.api.ServerURL
    public SSLSocketFactory getSslSocketFactory() {
        try {
            if (this.sslSocketFactory == null) {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(null, SKIP_VERIFY_TRUST_MANAGER, new SecureRandom());
                this.sslSocketFactory = sSLContext.getSocketFactory();
            }
            return this.sslSocketFactory;
        } catch (KeyManagementException e) {
            throw new RuntimeException("Unexpected error while initializing SSL context", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Unexpected error while initializing SSL context", e2);
        }
    }

    @Override // com.pydio.cells.api.ServerURL
    public URL getURL() {
        return this.url;
    }

    @Override // com.pydio.cells.api.ServerURL
    public HttpURLConnection openConnection() throws IOException {
        if ("http".equals(this.url.getProtocol())) {
            return (HttpURLConnection) this.url.openConnection();
        }
        if (!"https".equals(this.url.getProtocol())) {
            return null;
        }
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) this.url.openConnection();
        if (!this.skipVerify) {
            return httpsURLConnection;
        }
        setAcceptAllVerifier(httpsURLConnection);
        return httpsURLConnection;
    }

    @Override // com.pydio.cells.api.ServerURL
    public void ping() throws SDKException, IOException {
        HttpURLConnection openConnection = openConnection();
        openConnection.setConnectTimeout(Constants.MAXIMUM_UPLOAD_PARTS);
        try {
            openConnection.setRequestMethod("GET");
            int responseCode = openConnection.getResponseCode();
            if (responseCode == 200) {
            } else {
                throw new SDKException(responseCode, "Could not reach " + this.url.toString() + ": " + openConnection.getResponseMessage());
            }
        } catch (ProtocolException e) {
            throw new RuntimeException("Unvalid protocol GET...", e);
        }
    }

    @Override // com.pydio.cells.api.ServerURL
    public boolean skipVerify() {
        return this.skipVerify;
    }

    @Override // com.pydio.cells.api.ServerURL
    public ServerURL withPath(String str) throws MalformedURLException {
        StringBuilder sb = new StringBuilder();
        if (Str.notEmpty(this.url.getPath())) {
            sb.append(this.url.getPath());
        }
        sb.append(new URL(this.url, str).getPath());
        if (Str.notEmpty(this.url.getQuery())) {
            sb.append("?").append(this.url.getQuery());
        }
        return new ServerURLImpl(new URL(this.url, sb.toString()), this.skipVerify);
    }

    @Override // com.pydio.cells.api.ServerURL
    public ServerURL withQuery(String str) throws MalformedURLException {
        if (Str.empty(str)) {
            return this;
        }
        return new ServerURLImpl(new URL(this.url, (Str.notEmpty(this.url.getPath()) ? this.url.getPath() : OfflineWorkspaceNode.rootPath).concat("?").concat(str)), this.skipVerify);
    }

    @Override // com.pydio.cells.api.ServerURL
    public ServerURL withSpec(String str) throws MalformedURLException {
        StringBuilder sb = new StringBuilder();
        if (Str.notEmpty(this.url.getPath())) {
            sb.append(this.url.getPath());
        }
        URL url = new URL(this.url, str);
        if (Str.notEmpty(url.getPath())) {
            sb.append(url.getPath());
        }
        if (Str.notEmpty(url.getQuery())) {
            sb.append("?").append(url.getQuery());
        }
        return new ServerURLImpl(new URL(this.url, sb.toString()), this.skipVerify);
    }
}
