package com.sina.wbsupergroup.jsbridge.security;

import android.content.Context;
import android.net.Uri;
import android.text.TextUtils;
import com.huawei.hms.framework.common.ContainerUtils;
import com.sina.wbsupergroup.browser.utils.WeiboBrowserUtils;
import com.sina.wbsupergroup.jsbridge.models.JSBridgeInvokeMessage;
import com.sina.wbsupergroup.jsbridge.models.SecurityCheckResult;
import com.sina.wbsupergroup.jsbridge.models.SecurityConfig;
import com.sina.weibo.wcff.security.CryptoTools;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* loaded from: classes2.dex */
public class SecurityManager {
    public static final int CHECK_RESULT_FAIL = 0;
    public static final int CHECK_RESULT_OK = 1;
    private static SecurityManager mInstance;
    private Context mContext;
    private Map<String, SecurityConfig> securityConfigs = new HashMap();
    private Map<String, SecurityCheckResult> securityCheckResults = new HashMap();
    private List<String> bypassApis = new ArrayList();

    private SecurityManager(Context context) {
        this.mContext = context.getApplicationContext();
        initBypassApis();
    }

    public static String generateSignature(String str, String str2, SecurityConfig securityConfig) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("jsapi_ticket=");
        stringBuffer.append(str);
        stringBuffer.append(ContainerUtils.FIELD_DELIMITER);
        stringBuffer.append("noncestr=");
        stringBuffer.append(securityConfig.getNoncestr());
        stringBuffer.append(ContainerUtils.FIELD_DELIMITER);
        stringBuffer.append("timestamp=");
        stringBuffer.append(securityConfig.getTimestamp());
        stringBuffer.append(ContainerUtils.FIELD_DELIMITER);
        stringBuffer.append("url=");
        stringBuffer.append(str2);
        return CryptoTools.sha1Encode(stringBuffer.toString());
    }

    public static SecurityManager getInstance(Context context) {
        if (mInstance == null) {
            mInstance = new SecurityManager(context);
        }
        return mInstance;
    }

    private void initBypassApis() {
    }

    private static boolean isContainsDomain(List<String> list, String str) {
        if (TextUtils.isEmpty(str)) {
            return false;
        }
        for (int i = 0; i < list.size(); i++) {
            if (str.endsWith(list.get(i))) {
                return true;
            }
        }
        return false;
    }

    public static boolean isJSbridgeDebuggable() {
        return WeiboBrowserUtils.getBrowserSharePrefManager();
    }

    public static boolean isSafeDomain(String str, List<String> list) {
        Uri parse;
        if (TextUtils.isEmpty(str) || (parse = Uri.parse(str)) == null) {
            return false;
        }
        return isContainsDomain(list, parse.getHost());
    }

    public void addSecurityCheckResult(String str, SecurityCheckResult securityCheckResult) {
        if (TextUtils.isEmpty(str) || securityCheckResult == null) {
            return;
        }
        this.securityCheckResults.put(str, securityCheckResult);
    }

    public void addSecurityConfig(String str, SecurityConfig securityConfig) {
        if (TextUtils.isEmpty(str) || securityConfig == null) {
            return;
        }
        this.securityConfigs.put(str, securityConfig);
    }

    public int check(JSBridgeInvokeMessage jSBridgeInvokeMessage) {
        return check(jSBridgeInvokeMessage.getRemovedFragmentCurWebUrl(), jSBridgeInvokeMessage.getAction());
    }

    public int check(String str, String str2) {
        SecurityCheckResult securityCheckResult;
        if (!isJSbridgeDebuggable() || this.bypassApis.contains(str2)) {
            return 1;
        }
        if (TextUtils.isEmpty(str)) {
            return 0;
        }
        if ((JSBridgeSecurity.isLegalDomain(str) && JSBridgeSecurity.isInternalBypassApi(str2)) || JSBridgeSecurity.isLegalDomainAndAction(str, str2)) {
            return 1;
        }
        SecurityConfig securityConfig = this.securityConfigs.get(str);
        if (securityConfig == null) {
            return 0;
        }
        String appKey = securityConfig.getAppKey();
        return (TextUtils.isEmpty(appKey) || (securityCheckResult = this.securityCheckResults.get(appKey)) == null || !securityCheckResult.getAccessApiList().contains(str2)) ? 0 : 1;
    }

    public SecurityCheckResult getCheckResult(String str) {
        return this.securityCheckResults.get(str);
    }

    public boolean isCheckResultValide(String str, SecurityConfig securityConfig) {
        String appKey = securityConfig.getAppKey();
        SecurityCheckResult securityCheckResult = this.securityCheckResults.get(appKey);
        if (securityCheckResult == null) {
            return false;
        }
        if (System.currentTimeMillis() - securityCheckResult.getExpireTime() > 0) {
            this.securityCheckResults.remove(appKey);
            return false;
        }
        String ticket = securityCheckResult.getTicket();
        if (TextUtils.isEmpty(ticket) || !isSafeDomain(str, securityCheckResult.getSafeDomainList())) {
            return false;
        }
        if (securityCheckResult.getAccessApiList().containsAll(securityConfig.getAuthScope())) {
            return securityConfig.getSignature().equals(generateSignature(ticket, str, securityConfig));
        }
        return false;
    }
}
