package com.yodlee.android.bridgeapis;

import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
import android.os.StrictMode;
import com.yodlee.MFAErrorCode;
import com.yodlee.f;
import com.yodlee.service.UpgradeService;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URLEncoder;
import java.security.KeyStore;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import oauth.signpost.OAuthConsumer;
import oauth.signpost.http.HttpParameters;
import oauth.signpost.http.HttpRequest;
import oauth.signpost.signature.QueryStringSigningStrategy;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.appcelerator.titanium.TiC;
import org.json.JSONObject;
import org.springframework.http.MediaType;

/* loaded from: classes.dex */
public final class c extends a {
    public c() {
        StrictMode.setThreadPolicy(new StrictMode.ThreadPolicy.Builder().permitAll().build());
    }

    private static HttpResponse a(OAuthConsumer oAuthConsumer, String str, Map<String, String> map, String str2, String str3) {
        e eVar = new e(str, str2);
        oAuthConsumer.setSigningStrategy(new QueryStringSigningStrategy());
        if (HttpPost.METHOD_NAME.equalsIgnoreCase(str2)) {
            HttpParameters httpParameters = new HttpParameters();
            for (Map.Entry<String, String> entry : map.entrySet()) {
                httpParameters.put(entry.getKey(), URLEncoder.encode(entry.getValue(), "UTF-8"));
            }
            oAuthConsumer.setAdditionalParameters(httpParameters);
        }
        oAuthConsumer.sign((HttpRequest) eVar);
        String requestUrl = eVar.getRequestUrl();
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
        try {
            if (!str2.equalsIgnoreCase(HttpPost.METHOD_NAME)) {
                return defaultHttpClient.execute(new HttpGet(requestUrl));
            }
            HttpPost httpPost = new HttpPost(requestUrl);
            ArrayList arrayList = new ArrayList();
            for (Map.Entry<String, String> entry2 : map.entrySet()) {
                arrayList.add(new BasicNameValuePair(entry2.getKey(), entry2.getValue()));
            }
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            httpPost.setHeader("Accept", str3);
            return defaultHttpClient.execute(httpPost);
        } catch (ClientProtocolException e) {
            return null;
        } catch (IOException e2) {
            return null;
        }
    }

    public static void a(Context context, String str, String str2, Handler handler) {
        String str3;
        String str4;
        String str5;
        String str6 = null;
        JSONObject jSONObject = new JSONObject(str);
        String string = jSONObject.getString("url");
        String str7 = "";
        HashMap hashMap = new HashMap();
        if (jSONObject.has("signature")) {
            str7 = jSONObject.getString("signature");
            new StringBuilder("Signature: ").append(str7);
        }
        String string2 = jSONObject.has("access_token") ? jSONObject.getString("access_token") : null;
        String string3 = jSONObject.has("token_secret") ? jSONObject.getString("token_secret") : null;
        if (jSONObject.has("appVersion")) {
            jSONObject.getString("appVersion");
        }
        if (jSONObject.has("appID")) {
            jSONObject.getString("appID");
        }
        if (jSONObject.has("deviceID")) {
            jSONObject.getString("deviceID");
        }
        if (jSONObject.has("cobrandID")) {
            jSONObject.getString("cobrandID");
        }
        if (jSONObject.has("buildType")) {
            jSONObject.getString("buildType");
        }
        String string4 = jSONObject.has("deviceType") ? jSONObject.getString("deviceType") : null;
        if (jSONObject.has("resetPackage")) {
            str3 = jSONObject.getString("resetPackage");
            new StringBuilder("resetPackage : ").append(str3);
            if (str3.equals("true")) {
                f.m21b(context);
                f.m19a(context);
                com.yodlee.b.a = "upgrade.zip";
            } else {
                f.m21b(context);
                com.yodlee.b.a = "delta.zip";
            }
        } else {
            str3 = null;
        }
        if (jSONObject.has("ignoreToken") && jSONObject.getString("ignoreToken") != null && jSONObject.getString("ignoreToken").equals("true")) {
            str5 = a.getToken();
            str4 = a.getTokenSecret();
            a.setTokenWithSecret(null, null);
        } else {
            a.setTokenWithSecret(string2, string3);
            str4 = null;
            str5 = null;
        }
        if (jSONObject.has("certificate") && jSONObject.getString("certificate") != null && jSONObject.getString("certificate").trim().length() > 0) {
            str6 = jSONObject.getString("certificate");
        }
        hashMap.put("deviceType", string4);
        hashMap.put("resetPackage", str3);
        com.yodlee.b.f47a = false;
        if (str6 == null) {
            throw new com.yodlee.exception.a(MFAErrorCode.MFA_CERTIFICATE_VERIFICATION_FAILED.getErrorCode(), "No Certificate received as part of config.");
        }
        try {
            if (!a(new String(com.yodlee.a.a(str6.toCharArray())))) {
                throw new com.yodlee.exception.a(MFAErrorCode.MFA_CERTIFICATE_VERIFICATION_FAILED.getErrorCode(), "No Certificate received as part of config.");
            }
            HttpResponse a = a(a, string, hashMap, HttpPost.METHOD_NAME, MediaType.APPLICATION_JSON_VALUE);
            if (a != null) {
                Header firstHeader = a.getFirstHeader("Content-Type");
                if (firstHeader != null && firstHeader.getValue().equals(MediaType.APPLICATION_JSON_VALUE)) {
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(a.getEntity().getContent()));
                    StringBuilder sb = new StringBuilder();
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        } else {
                            sb.append(readLine);
                        }
                    }
                    JSONObject jSONObject2 = new JSONObject(sb.toString());
                    Bundle bundle = new Bundle();
                    bundle.putString(TiC.PROPERTY_DATA, jSONObject2.toString());
                    bundle.putString("callbackid", str2);
                    bundle.putString("methodType", TiC.PROPERTY_SUCCESS);
                    Message obtain = Message.obtain();
                    obtain.setData(bundle);
                    handler.sendMessage(obtain);
                } else if (firstHeader != null && firstHeader.getValue().equals("application/zip")) {
                    f.a(context, a.getEntity().getContent());
                    try {
                        if (!f.a(context.getFilesDir().getPath().toString() + "/" + com.yodlee.b.a, str7)) {
                            Bundle bundle2 = new Bundle();
                            bundle2.putString(TiC.PROPERTY_DATA, "error:123");
                            bundle2.putString("callbackid", str2);
                            bundle2.putString("methodType", "failure");
                            Message obtain2 = Message.obtain();
                            obtain2.setData(bundle2);
                            handler.sendMessage(obtain2);
                            throw new com.yodlee.exception.a(MFAErrorCode.MFA_UPGRADE_ZIP_SIGNATURE_VERIFICATION_FAILED.getErrorCode(), "signature Verification failed");
                        }
                        Intent intent = new Intent(context, (Class<?>) UpgradeService.class);
                        Bundle bundle3 = new Bundle();
                        bundle3.putString("root_folder_name", "webpkg");
                        bundle3.putString("temp_zip_file_name", com.yodlee.b.a);
                        bundle3.putString("secureTransactionId", com.yodlee.b.c);
                        intent.putExtras(bundle3);
                        context.getApplicationContext().startService(intent);
                        com.yodlee.e.m18a();
                    } catch (com.yodlee.exception.a e) {
                        Bundle bundle4 = new Bundle();
                        bundle4.putString(TiC.PROPERTY_DATA, "error:123");
                        bundle4.putString("callbackid", str2);
                        bundle4.putString("methodType", "failure");
                        Message obtain3 = Message.obtain();
                        obtain3.setData(bundle4);
                        handler.sendMessage(obtain3);
                        throw new com.yodlee.exception.a(MFAErrorCode.MFA_UPGRADE_ZIP_SIGNATURE_VERIFICATION_FAILED.getErrorCode(), e.getMessage());
                    }
                }
                if (str5 == null || str4 == null) {
                    return;
                }
                a.setTokenWithSecret(str5, str4);
            }
        } catch (Exception e2) {
            throw new com.yodlee.exception.a(MFAErrorCode.MFA_CERTIFICATE_VERIFICATION_FAILED.getErrorCode(), e2.getMessage());
        }
    }

    private static boolean a(String str) {
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(str.replaceAll("\t", "").replaceAll(" ", "").replaceAll("BEGINCERTIFICATE", "BEGIN CERTIFICATE").replaceAll("ENDCERTIFICATE", "END CERTIFICATE").getBytes()));
        ArrayList arrayList = new ArrayList();
        Iterator<? extends Certificate> it = generateCertificates.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next());
        }
        return a((ArrayList<Certificate>) arrayList);
    }

    private static boolean a(ArrayList<Certificate> arrayList) {
        Iterator<Certificate> it = arrayList.iterator();
        boolean z = false;
        while (it.hasNext()) {
            z = ((X509Certificate) it.next()).getSubjectX500Principal().getName().equals(com.yodlee.b.b) ? true : z;
        }
        Iterator<Certificate> it2 = arrayList.iterator();
        X509Certificate x509Certificate = null;
        while (it2.hasNext()) {
            X509Certificate x509Certificate2 = (X509Certificate) it2.next();
            x509Certificate2.checkValidity();
            if (!x509Certificate2.getIssuerDN().equals(x509Certificate2.getSubjectDN())) {
                x509Certificate2 = x509Certificate;
            }
            x509Certificate = x509Certificate2;
        }
        KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
        keyStore.load(null, null);
        if (x509Certificate == null || keyStore.getCertificateAlias(x509Certificate) == null) {
            throw new CertPathValidatorException("Root CA passed is not present in Android truststore, and hence is not trusted");
        }
        HashSet hashSet = new HashSet();
        hashSet.add(new TrustAnchor(x509Certificate, null));
        CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList));
        PKIXParameters pKIXParameters = new PKIXParameters(hashSet);
        pKIXParameters.addCertStore(certStore);
        pKIXParameters.setRevocationEnabled(false);
        boolean z2 = CertPathValidator.getInstance(CertPathValidator.getDefaultType()).validate(CertificateFactory.getInstance("X.509").generateCertPath(arrayList), pKIXParameters) != null;
        if (!z || !z2) {
            return false;
        }
        com.yodlee.b.d = new String(com.yodlee.a.a(arrayList.get(0).getEncoded()));
        return true;
    }
}
