package com.owncloud.android.ui;

import android.content.Context;
import android.net.Uri;
import android.net.http.SslCertificate;
import android.net.http.SslError;
import android.webkit.ClientCertRequest;
import android.webkit.SslErrorHandler;
import android.webkit.WebResourceRequest;
import android.webkit.WebResourceResponse;
import android.webkit.WebView;
import android.webkit.WebViewClient;
import androidx.fragment.app.FragmentManager;
import androidx.fragment.app.FragmentTransaction;
import com.nextcloud.client.jobs.transfer.FileTransferService;
import com.owncloud.android.authentication.AuthenticatorActivity;
import com.owncloud.android.lib.common.network.AdvancedX509KeyManager;
import com.owncloud.android.lib.common.network.NetworkUtils;
import com.owncloud.android.lib.common.utils.Log_OC;
import com.owncloud.android.ui.dialog.SslUntrustedCertDialog;
import java.io.ByteArrayInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;

/* compiled from: NextcloudWebViewClient.kt */
@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\b\u0017\u0018\u00002\u00020\u0001B\u000f\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0004\b\u0004\u0010\u0005J$\u0010\n\u001a\u00020\u000b2\b\u0010\f\u001a\u0004\u0018\u00010\r2\u0006\u0010\u000e\u001a\u00020\u000f2\b\u0010\u0010\u001a\u0004\u0018\u00010\u0011H\u0017J\u0012\u0010\u0012\u001a\u0004\u0018\u00010\u00132\u0006\u0010\u0010\u001a\u00020\u0011H\u0016J&\u0010\u0014\u001a\u00020\u000b2\b\u0010\u0015\u001a\u0004\u0018\u00010\u00132\b\u0010\u0010\u001a\u0004\u0018\u00010\u00112\b\u0010\u000e\u001a\u0004\u0018\u00010\u000fH\u0002J\u001c\u0010\u0016\u001a\u00020\u000b2\b\u0010\f\u001a\u0004\u0018\u00010\r2\b\u0010\u0017\u001a\u0004\u0018\u00010\u0018H\u0016J&\u0010\u0019\u001a\u00020\u000b2\b\u0010\f\u001a\u0004\u0018\u00010\r2\b\u0010\u0017\u001a\u0004\u0018\u00010\u001a2\b\u0010\u001b\u001a\u0004\u0018\u00010\u001cH\u0016R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\u0006\u0010\u0007R\u0010\u0010\b\u001a\u0004\u0018\u00010\tX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u001d"}, d2 = {"Lcom/owncloud/android/ui/NextcloudWebViewClient;", "Landroid/webkit/WebViewClient;", "supportFragmentManager", "Landroidx/fragment/app/FragmentManager;", "<init>", "(Landroidx/fragment/app/FragmentManager;)V", "getSupportFragmentManager", "()Landroidx/fragment/app/FragmentManager;", "tag", "", "onReceivedSslError", "", "view", "Landroid/webkit/WebView;", "handler", "Landroid/webkit/SslErrorHandler;", "error", "Landroid/net/http/SslError;", "getX509CertificateFromError", "Ljava/security/cert/X509Certificate;", "showUntrustedCertDialog", "x509Certificate", "onReceivedClientCertRequest", FileTransferService.EXTRA_REQUEST, "Landroid/webkit/ClientCertRequest;", "onReceivedHttpError", "Landroid/webkit/WebResourceRequest;", "errorResponse", "Landroid/webkit/WebResourceResponse;", "app_gplayRelease"}, k = 1, mv = {2, 1, 0}, xi = 48)
/* loaded from: classes5.dex */
public class NextcloudWebViewClient extends WebViewClient {
    public static final int $stable = 8;
    private final FragmentManager supportFragmentManager;
    private final String tag;

    public NextcloudWebViewClient(FragmentManager supportFragmentManager) {
        Intrinsics.checkNotNullParameter(supportFragmentManager, "supportFragmentManager");
        this.supportFragmentManager = supportFragmentManager;
        this.tag = Reflection.getOrCreateKotlinClass(NextcloudWebViewClient.class).getSimpleName();
    }

    private final void showUntrustedCertDialog(X509Certificate x509Certificate, SslError error, SslErrorHandler handler) {
        SslUntrustedCertDialog newInstanceForEmptySslError = x509Certificate == null ? SslUntrustedCertDialog.INSTANCE.newInstanceForEmptySslError(error, handler) : SslUntrustedCertDialog.INSTANCE.newInstanceForFullSslError(x509Certificate, error, handler);
        FragmentTransaction beginTransaction = this.supportFragmentManager.beginTransaction();
        Intrinsics.checkNotNullExpressionValue(beginTransaction, "beginTransaction(...)");
        beginTransaction.addToBackStack(null);
        newInstanceForEmptySslError.show(beginTransaction, AuthenticatorActivity.UNTRUSTED_CERT_DIALOG_TAG);
    }

    public final FragmentManager getSupportFragmentManager() {
        return this.supportFragmentManager;
    }

    public X509Certificate getX509CertificateFromError(SslError error) {
        Intrinsics.checkNotNullParameter(error, "error");
        byte[] byteArray = SslCertificate.saveState(error.getCertificate()).getByteArray("x509-certificate");
        if (byteArray == null) {
            return null;
        }
        try {
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
            Intrinsics.checkNotNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
            return (X509Certificate) generateCertificate;
        } catch (CertificateException unused) {
            return null;
        }
    }

    @Override // android.webkit.WebViewClient
    public void onReceivedClientCertRequest(WebView view, ClientCertRequest request) {
        if (view == null || request == null) {
            return;
        }
        new AdvancedX509KeyManager(view.getContext()).handleWebViewClientCertRequest(request);
    }

    @Override // android.webkit.WebViewClient
    public void onReceivedHttpError(WebView view, WebResourceRequest request, WebResourceResponse errorResponse) {
        int statusCode;
        if (errorResponse == null || (statusCode = errorResponse.getStatusCode()) != 400) {
            return;
        }
        Uri url = request != null ? request.getUrl() : null;
        Context context = view != null ? view.getContext() : null;
        if (url == null || context == null) {
            return;
        }
        Log_OC.w(this.tag, "WebView failed with error code " + statusCode + "; remove key chain aliases");
        new AdvancedX509KeyManager(context).removeKeys(url);
    }

    @Override // android.webkit.WebViewClient
    public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
        Context context;
        Intrinsics.checkNotNullParameter(handler, "handler");
        Context context2 = null;
        X509Certificate x509CertificateFromError = error != null ? getX509CertificateFromError(error) : null;
        try {
            X509Certificate x509Certificate = x509CertificateFromError;
            if (view != null && (context = view.getContext()) != null) {
                context2 = context.getApplicationContext();
            }
            if (NetworkUtils.isCertInKnownServersStore(x509Certificate, context2)) {
                handler.proceed();
            } else {
                showUntrustedCertDialog(x509CertificateFromError, error, handler);
            }
        } catch (Exception unused) {
            Log_OC.e(this.tag, "Cert could not be verified");
        }
    }
}
