package com.sds.sdk.android.sh.network;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.sds.sdk.android.sh.SHLog;
import com.sds.sdk.android.sh.common.SHHttpServer;
import com.sds.sdk.android.sh.common.util.StringUtils;
import com.sds.sdk.android.sh.model.MqttAuthReq;
import com.sds.sdk.android.sh.model.MqttAuthResp;
import java.io.IOException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Response;
import org.eclipse.paho.client.mqttv3.MqttTopic;
import org.eclipse.paho.client.mqttv3.internal.security.SSLSocketFactoryFactory;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;

/* loaded from: classes3.dex */
public class SHAuthService {
    private static final Gson gson = new GsonBuilder().create();
    private SHAuthApi shAuthApi;
    X509TrustManager x509TrustManager = new X509TrustManager() { // from class: com.sds.sdk.android.sh.network.SHAuthService.4
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    };

    public SHAuthService(boolean z) {
        init(z);
    }

    private static SSLSocketFactory getSSLFatory() {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.sds.sdk.android.sh.network.SHAuthService.3
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance(SSLSocketFactoryFactory.DEFAULT_PROTOCOL);
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            SHLog.logE("ssl " + e.getMessage());
            return null;
        }
    }

    private void init(final boolean z) {
        String str = z ? SHAuthApi.AUTH_LOCAL_URL : SHAuthApi.AUTH_BASE_URL;
        if (SHHttpServer.getEmqAuthApi() != null) {
            str = SHHttpServer.getEmqAuthApi();
        }
        if (!str.endsWith(MqttTopic.TOPIC_LEVEL_SEPARATOR)) {
            str = str + MqttTopic.TOPIC_LEVEL_SEPARATOR;
        }
        SHLog.logE("SHAuthService:" + str);
        this.shAuthApi = (SHAuthApi) new Retrofit.Builder().baseUrl(str).client(new OkHttpClient.Builder().addInterceptor(new Interceptor() { // from class: com.sds.sdk.android.sh.network.SHAuthService.2
            @Override // okhttp3.Interceptor
            public Response intercept(Interceptor.Chain chain) throws IOException {
                try {
                    return chain.proceed(chain.request().newBuilder().addHeader("token", z ? SHAuthApi.AUTH_LOCAL_TOKEN : SHAuthApi.AUTH_BASE_TOKEN).build());
                } catch (IOException e) {
                    SHLog.logE("get http response error:" + e.getMessage());
                    throw e;
                }
            }
        }).connectTimeout(3L, TimeUnit.SECONDS).readTimeout(2L, TimeUnit.SECONDS).sslSocketFactory(getSSLFatory(), this.x509TrustManager).hostnameVerifier(new HostnameVerifier() { // from class: com.sds.sdk.android.sh.network.SHAuthService.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str2, SSLSession sSLSession) {
                return true;
            }
        }).build()).addConverterFactory(GsonConverterFactory.create(gson)).build().create(SHAuthApi.class);
    }

    public MqttAuthResp doMqttAuth(String str, String str2, String str3, String str4) {
        retrofit2.Response<MqttAuthResp> execute;
        MqttAuthResp mqttAuthResp = new MqttAuthResp();
        if (StringUtils.isEmpty(str3) && StringUtils.isEmpty(str4)) {
            return mqttAuthResp;
        }
        try {
            MqttAuthReq mqttAuthReq = new MqttAuthReq(str, str2, str3, str4);
            SHLog.logD("MqttAuthReq /auth-server/1.0/mqtt/auth: " + new Gson().toJson(mqttAuthReq));
            execute = this.shAuthApi.doMqttAuth(mqttAuthReq).execute();
        } catch (IOException e) {
            e.printStackTrace();
        }
        if (execute == null || execute.body() == null || execute.body().getCode() != 200) {
            SHLog.logE("mqttAuthReq is null");
            return mqttAuthResp;
        }
        SHLog.logD("mqttAuthReq:" + new Gson().toJson(execute.body()));
        return execute.body();
    }
}
