package com.sonicwall.sra.authentication;

import android.app.Activity;
import android.os.AsyncTask;
import androidx.core.view.accessibility.AccessibilityNodeInfoCompat;
import com.sonicwall.connect.util.CertDetails;
import com.sonicwall.mobileconnect.R;
import com.sonicwall.mobileconnect.exception.NoDomainsFoundException;
import com.sonicwall.mobileconnect.exception.ServerCertException;
import com.sonicwall.mobileconnect.exception.ServerCertHostnameMismatchException;
import com.sonicwall.mobileconnect.exception.UtmAccessDeniedException;
import com.sonicwall.mobileconnect.logging.Logger;
import com.sonicwall.mobileconnect.util.MCSSLSocketFactory;
import com.sonicwall.mobileconnect.util.MCX509TrustManager;
import com.sonicwall.mobileconnect.util.TrustManagerListener;
import com.sonicwall.mobileconnect.util.Util;
import java.io.IOException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.Timer;
import java.util.TimerTask;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;

/* loaded from: classes.dex */
public class DomainListManager {
    private static final String DOMAIN_URL_PATH_SMBSSLVPN = "/cgi-bin/welcome?userLogin=true";
    private static final String DOMAIN_URL_PATH_UTM = "/sslvpnLogin.html";
    private static final String TAG = "DomainListManager";
    private static final Logger logger = Logger.getInstance();
    private Activity mActivity;
    private DomainRequirement mDomainRequirement;
    private ArrayList<DomainWithAuthType> mDomains;
    private DomainListManagerListener mListener;
    private NetworkErrorMode mNetworkErrorMode;
    private Timer mRetryTimer;
    private String mServer;
    private DomainListManagerStatus mStatus = DomainListManagerStatus.STATUS_NO_DOMAINS;
    private DomainFetchTask mWorker;

    /* loaded from: classes.dex */
    public enum DomainEntryMode {
        MODE_DISABLED,
        MODE_PICKER,
        MODE_MANUAL
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public final class DomainFetchTask extends AsyncTask<String, Void, String> implements TrustManagerListener {
        private boolean isSslvpn;
        private Throwable mError;

        private DomainFetchTask() {
            this.mError = null;
            this.isSslvpn = false;
        }

        private String convertHtmlEntities(String str) {
            if (str == null) {
                return null;
            }
            return str.replace("&quot;", "\"").replace("&gt;", ">").replace("&lt;", "<").replace("&amp;", "&");
        }

        private ArrayList<DomainWithAuthType> parseResponseContents(String str) {
            int indexOf;
            DomainListManager.logger.logDebug(DomainListManager.TAG, "parseResponseContents(...)");
            int indexOf2 = str.indexOf("<select name='domain'");
            if (indexOf2 < 0 || (indexOf = str.indexOf("</select>", indexOf2)) < 0) {
                return null;
            }
            ArrayList<DomainWithAuthType> arrayList = new ArrayList<>();
            String substring = str.substring(indexOf2, indexOf);
            Matcher matcher = Pattern.compile("<option value=\"(.*?)\">.*?</option>").matcher(substring);
            Integer num = 0;
            boolean z = false;
            while (matcher.find()) {
                DomainWithAuthType domainWithAuthType = new DomainWithAuthType();
                String convertHtmlEntities = convertHtmlEntities(matcher.group(1));
                domainWithAuthType.setDomainName(convertHtmlEntities);
                domainWithAuthType.setIsCAAuth(Boolean.valueOf(substring.contains("isCAArray[" + num + "] = 1;")));
                domainWithAuthType.setIsSAMLAuth(Boolean.valueOf(substring.contains("isSAMLArray[" + num + "] = 1;")));
                DomainListManager.logger.logDebug(DomainListManager.TAG, "  domainName = " + domainWithAuthType.getDomainName() + "isCAAuth = " + domainWithAuthType.getIsCAAuth() + "isSAMLArray = " + domainWithAuthType.getIsSAMLAuth());
                if (convertHtmlEntities.equals("LocalDomain")) {
                    z = true;
                } else {
                    arrayList.add(domainWithAuthType);
                }
                num = Integer.valueOf(num.intValue() + 1);
            }
            Collections.sort(arrayList, new Comparator<DomainWithAuthType>() { // from class: com.sonicwall.sra.authentication.DomainListManager.DomainFetchTask.2
                @Override // java.util.Comparator
                public int compare(DomainWithAuthType domainWithAuthType2, DomainWithAuthType domainWithAuthType3) {
                    return domainWithAuthType2.getDomainName().compareToIgnoreCase(domainWithAuthType3.getDomainName());
                }
            });
            if (z) {
                arrayList.add(new DomainWithAuthType("LocalDomain", false));
            }
            if (DomainListManager.this.mDomainRequirement != DomainRequirement.DOMAIN_OPTIONAL) {
                return arrayList;
            }
            arrayList.add(new DomainWithAuthType(DomainListManager.this.mActivity.getString(R.string.vpnCnfg_choose_domain), false));
            return arrayList;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public String doInBackground(String... strArr) {
            String str = strArr[0];
            DomainListManager.logger.logDebug(DomainListManager.TAG, "DomainFetchTask.doInBackground  https://" + DomainListManager.this.mServer + str);
            try {
                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL("https://" + DomainListManager.this.mServer + str).openConnection();
                initSsl(httpsURLConnection);
                httpsURLConnection.setConnectTimeout(AccessibilityNodeInfoCompat.EXTRA_DATA_TEXT_CHARACTER_LOCATION_ARG_MAX_LENGTH);
                httpsURLConnection.setRequestProperty("User-Agent", Util.getUserAgentString());
                String headerField = httpsURLConnection.getHeaderField("Server");
                if (headerField == null || !headerField.toLowerCase().contains("sonicwall ssl-vpn web server") || !str.equals(DomainListManager.DOMAIN_URL_PATH_UTM)) {
                    return Util.readResponseContents(httpsURLConnection.getInputStream());
                }
                DomainListManager.this.mStatus = DomainListManagerStatus.STATUS_NO_DOMAINS;
                DomainListManager.this.mDomains = null;
                this.isSslvpn = true;
                return null;
            } catch (IOException e) {
                if (this.mError == null) {
                    this.mError = e;
                }
                return null;
            } catch (Throwable th) {
                DomainListManager.logger.logDebug(DomainListManager.TAG, "Request error", th);
                this.mError = th;
                return null;
            }
        }

        void initSsl(HttpsURLConnection httpsURLConnection) throws NoSuchAlgorithmException, KeyManagementException {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            MCX509TrustManager mCX509TrustManager = new MCX509TrustManager();
            mCX509TrustManager.setListener(this);
            sSLContext.init(null, new TrustManager[]{mCX509TrustManager}, new SecureRandom());
            httpsURLConnection.setSSLSocketFactory(new MCSSLSocketFactory(sSLContext));
            httpsURLConnection.setHostnameVerifier(mCX509TrustManager);
        }

        @Override // com.sonicwall.mobileconnect.util.TrustManagerListener
        public void onFailVerifyHostname(String str, CertDetails certDetails) {
            this.mError = new ServerCertHostnameMismatchException(str, certDetails);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(String str) {
            DomainListManager.logger.logDebug(DomainListManager.TAG, "DomainFetchTask.onPostExecute");
            if (str == null || str.trim().length() == 0) {
                if (this.isSslvpn) {
                    DomainListManager.logger.logDebug(DomainListManager.TAG, "Server is an SRA/SSLVPN - sending domain list request");
                    DomainListManager.this.mWorker = new DomainFetchTask();
                    DomainListManager.this.mWorker.execute(DomainListManager.DOMAIN_URL_PATH_SMBSSLVPN);
                    return;
                }
                Throwable th = this.mError;
                if (th != null) {
                    Throwable retrieveFromSSLHandShakeException = ServerCertException.retrieveFromSSLHandShakeException(th);
                    if (DomainListManager.this.mNetworkErrorMode == NetworkErrorMode.RETRY_ON_NETWORK_ERROR && retrieveFromSSLHandShakeException == null && !(this.mError instanceof ServerCertException)) {
                        DomainListManager.logger.logDebug(DomainListManager.TAG, "Domain fetch failed; will retry in 5 seconds");
                        if (DomainListManager.this.mRetryTimer == null) {
                            DomainListManager.this.mRetryTimer = new Timer("retryFetchDomains");
                        }
                        DomainListManager.this.mRetryTimer.schedule(new TimerTask() { // from class: com.sonicwall.sra.authentication.DomainListManager.DomainFetchTask.1
                            @Override // java.util.TimerTask, java.lang.Runnable
                            public void run() {
                                DomainListManager.this.startFetch();
                            }
                        }, 5000L);
                        return;
                    }
                    DomainListManager.this.mStatus = DomainListManagerStatus.STATUS_NO_DOMAINS;
                    if (retrieveFromSSLHandShakeException == null) {
                        retrieveFromSSLHandShakeException = this.mError;
                    }
                    if (DomainListManager.this.mListener != null) {
                        DomainListManager.this.mListener.onFetchDomainsFailure(DomainListManager.this, retrieveFromSSLHandShakeException);
                        return;
                    }
                    return;
                }
                return;
            }
            ArrayList<DomainWithAuthType> parseResponseContents = parseResponseContents(str);
            DomainListManager.logger.logInfo(DomainListManager.TAG, "parseResponseContents returned " + parseResponseContents);
            if (parseResponseContents != null && !parseResponseContents.isEmpty()) {
                DomainListManager.this.mDomains = parseResponseContents;
                DomainListManager.this.mStatus = DomainListManagerStatus.STATUS_DOMAINS_FETCHED;
                if (DomainListManager.this.mListener != null) {
                    DomainListManager.this.mListener.onFetchDomains(DomainListManager.this, parseResponseContents);
                    return;
                }
                return;
            }
            if (str.contains("Access Denied")) {
                DomainListManager.this.mStatus = DomainListManagerStatus.STATUS_NO_DOMAINS;
                if (DomainListManager.this.mListener != null) {
                    DomainListManager.this.mListener.onFetchDomainsFailure(DomainListManager.this, new UtmAccessDeniedException());
                    return;
                }
                return;
            }
            DomainListManager.this.mStatus = DomainListManagerStatus.STATUS_NO_DOMAINS;
            if (DomainListManager.this.mListener != null) {
                DomainListManager.this.mListener.onFetchDomainsFailure(DomainListManager.this, new NoDomainsFoundException());
            }
        }

        @Override // android.os.AsyncTask
        protected void onPreExecute() {
            DomainListManager.logger.logDebug(DomainListManager.TAG, "DomainFetchTask.onPreExecute");
            DomainListManager.this.mStatus = DomainListManagerStatus.STATUS_FETCHING;
            if (DomainListManager.this.mListener != null) {
                DomainListManager.this.mListener.onStartFetch(DomainListManager.this);
            }
        }
    }

    /* loaded from: classes.dex */
    public enum DomainListManagerStatus {
        STATUS_NO_DOMAINS,
        STATUS_FETCHING,
        STATUS_DOMAINS_FETCHED
    }

    /* loaded from: classes.dex */
    public enum DomainRequirement {
        DOMAIN_OPTIONAL,
        DOMAIN_REQUIRED
    }

    /* loaded from: classes.dex */
    public enum NetworkErrorMode {
        RETRY_ON_NETWORK_ERROR,
        FAIL_ON_NETWORK_ERROR
    }

    public DomainListManager(DomainListManagerListener domainListManagerListener, DomainRequirement domainRequirement, NetworkErrorMode networkErrorMode, Activity activity) {
        this.mListener = domainListManagerListener;
        this.mDomainRequirement = domainRequirement;
        this.mNetworkErrorMode = networkErrorMode;
        this.mActivity = activity;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void startFetch() {
        DomainFetchTask domainFetchTask = new DomainFetchTask();
        this.mWorker = domainFetchTask;
        domainFetchTask.execute(DOMAIN_URL_PATH_UTM);
    }

    public void cancelFetch() {
        logger.logDebug(TAG, "cancelFetch()");
        DomainFetchTask domainFetchTask = this.mWorker;
        if (domainFetchTask != null) {
            domainFetchTask.cancel(true);
            this.mWorker = null;
        }
        Timer timer = this.mRetryTimer;
        if (timer != null) {
            timer.cancel();
            this.mRetryTimer = null;
        }
    }

    public void fetchDomainsFromServer(String str) {
        logger.logDebug(TAG, "fetchDomainsFromServer(\"" + str + "\")");
        if (this.mStatus == DomainListManagerStatus.STATUS_FETCHING) {
            if (this.mServer.equalsIgnoreCase(str)) {
                return;
            } else {
                cancelFetch();
            }
        }
        this.mServer = str;
        this.mDomains = null;
        startFetch();
    }

    public DomainWithAuthType findDomainByName(String str) {
        ArrayList<DomainWithAuthType> arrayList;
        if (str == null || str.isEmpty() || (arrayList = this.mDomains) == null) {
            return null;
        }
        Iterator<DomainWithAuthType> it = arrayList.iterator();
        while (it.hasNext()) {
            DomainWithAuthType next = it.next();
            if (next.getDomainName().equals(str)) {
                return next;
            }
        }
        return null;
    }

    public DomainWithAuthType getDomain(int i) {
        return this.mDomains.get(i);
    }

    public int getDomainCount() {
        return this.mDomains.size();
    }

    public DomainListManagerListener getListener() {
        return this.mListener;
    }

    public String getServer() {
        return this.mServer;
    }

    public DomainListManagerStatus getStatus() {
        return this.mStatus;
    }
}
