package com.femiglobal.telemed.core.connection;

import android.content.res.AssetManager;
import com.femiglobal.telemed.core.BuildConfig;
import com.femiglobal.telemed.core.IJwtSessionManager;
import com.femiglobal.telemed.core.base.domain.executor.okhttp.OkHttpThreadExecutor;
import com.femiglobal.telemed.core.utils.FemiLogger;
import java.io.BufferedInputStream;
import java.io.InputStream;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.CertificatePinner;
import okhttp3.ConnectionSpec;
import okhttp3.Dispatcher;
import okhttp3.OkHttpClient;
import okhttp3.logging.HttpLoggingInterceptor;
import org.apache.log4j.Logger;

/* compiled from: FemiApolloClient.kt */
@Metadata(d1 = {"\u0000F\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\b\n\u0000\n\u0002\u0010\u000b\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0010\u0010\n\u001a\u00020\u000b2\u0006\u0010\f\u001a\u00020\rH\u0002J\u0010\u0010\u000e\u001a\u00020\u000b2\u0006\u0010\u000f\u001a\u00020\rH\u0002J\u001e\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u0017R\u0016\u0010\u0003\u001a\n \u0005*\u0004\u0018\u00010\u00040\u0004X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0082D¢\u0006\u0002\n\u0000¨\u0006\u0018"}, d2 = {"Lcom/femiglobal/telemed/core/connection/FemiApolloClient;", "", "()V", "LOG", "Lorg/apache/log4j/Logger;", "kotlin.jvm.PlatformType", "TIMEOUT_SECONDS", "", "unsafe", "", "addSSLPinner", "", "builder", "Lokhttp3/OkHttpClient$Builder;", "createUnsafeClient", "okHttpBuilder", "getOkHttpClient", "Lokhttp3/OkHttpClient;", "sessionManager", "Lcom/femiglobal/telemed/core/IJwtSessionManager;", "okHttpThreadExecutor", "Lcom/femiglobal/telemed/core/base/domain/executor/okhttp/OkHttpThreadExecutor;", "assets", "Landroid/content/res/AssetManager;", "core_release"}, k = 1, mv = {1, 5, 1}, xi = 48)
/* loaded from: classes3.dex */
public final class FemiApolloClient {
    public static final FemiApolloClient INSTANCE = new FemiApolloClient();
    private static final Logger LOG = FemiLogger.getLogger(FemiApolloClient.class);
    private static final int TIMEOUT_SECONDS = 8;
    private static final boolean unsafe = false;

    private FemiApolloClient() {
    }

    private final void addSSLPinner(OkHttpClient.Builder builder) {
        builder.certificatePinner(new CertificatePinner.Builder().add("dev-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("develop1-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("develop2-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("develop3-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("develop4-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("qa1-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("qa2-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("qa3-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("qa4-api.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("aws-api.staging.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("aws-api.femiglobal.com", "sha256/2yuBTb3a44Edwgc3gC6mD8p8NSE6TeoJy47QDPGtWts=").add("femi-api.staging.femiglobal.com", "sha256/yNCoMe+lXvSwzDN+HkUegLZ6o3WI8mTScxzZvjY7LF0=").add("femi-api.femiglobal.com", "sha256/nnI/juB7UQWyENhrejGHKZz/wC4uhp5frDUKCHy1Qm8=").add("tlm-api-test.health.gov.il", "sha256/MKBkXMHKVjtB+bT9LL4DedB/7hTxUUYzwg2OMwLo/ZY=").add("tlm-api-stg.health.gov.il", "sha256/MKBkXMHKVjtB+bT9LL4DedB/7hTxUUYzwg2OMwLo/ZY=").add("tlm-api-prd.health.gov.il", "sha256/MKBkXMHKVjtB+bT9LL4DedB/7hTxUUYzwg2OMwLo/ZY=").add("qa-api-proxy.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").add("qa-api-ext.dev.femiglobal.com", "sha256/Z5veEVlSZwx4GNbVYVLt/WJBzOM05HGFN2GRVHw9MFE=").build());
    }

    private final void createUnsafeClient(OkHttpClient.Builder okHttpBuilder) {
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.femiglobal.telemed.core.connection.FemiApolloClient$createUnsafeClient$trustAllCerts$1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] chain, String authType) {
                Intrinsics.checkNotNullParameter(chain, "chain");
                Intrinsics.checkNotNullParameter(authType, "authType");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] chain, String authType) {
                Intrinsics.checkNotNullParameter(chain, "chain");
                Intrinsics.checkNotNullParameter(authType, "authType");
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            Intrinsics.checkNotNullExpressionValue(socketFactory, "sslContext.socketFactory");
            okHttpBuilder.sslSocketFactory(socketFactory, (X509TrustManager) trustManagerArr[0]);
            okHttpBuilder.hostnameVerifier(new HostnameVerifier() { // from class: com.femiglobal.telemed.core.connection.FemiApolloClient$$ExternalSyntheticLambda0
                @Override // javax.net.ssl.HostnameVerifier
                public final boolean verify(String str, SSLSession sSLSession) {
                    boolean m2156createUnsafeClient$lambda3;
                    m2156createUnsafeClient$lambda3 = FemiApolloClient.m2156createUnsafeClient$lambda3(str, sSLSession);
                    return m2156createUnsafeClient$lambda3;
                }
            });
        } catch (Exception e) {
            LOG.error(Intrinsics.stringPlus("Failed to create unsafe certificate ", e.getMessage()));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: createUnsafeClient$lambda-3, reason: not valid java name */
    public static final boolean m2156createUnsafeClient$lambda3(String str, SSLSession sSLSession) {
        return true;
    }

    public final OkHttpClient getOkHttpClient(IJwtSessionManager sessionManager, OkHttpThreadExecutor okHttpThreadExecutor, AssetManager assets) {
        Intrinsics.checkNotNullParameter(sessionManager, "sessionManager");
        Intrinsics.checkNotNullParameter(okHttpThreadExecutor, "okHttpThreadExecutor");
        Intrinsics.checkNotNullParameter(assets, "assets");
        ConnectionSpec build = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledCipherSuites().allEnabledTlsVersions().build();
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
        OkHttpClient.Builder connectionSpecs = new OkHttpClient.Builder().connectionSpecs(CollectionsKt.listOf(build));
        int i = TIMEOUT_SECONDS;
        OkHttpClient.Builder okHttpBuilder = connectionSpecs.connectTimeout(i, TimeUnit.SECONDS).readTimeout(i, TimeUnit.SECONDS).addInterceptor(httpLoggingInterceptor).addInterceptor(new FemiRequestInterceptor(sessionManager)).dispatcher(new Dispatcher(okHttpThreadExecutor));
        boolean z = unsafe;
        if (z) {
            FemiApolloClient femiApolloClient = INSTANCE;
            Intrinsics.checkNotNullExpressionValue(okHttpBuilder, "this");
            femiApolloClient.createUnsafeClient(okHttpBuilder);
        } else {
            FemiApolloClient femiApolloClient2 = INSTANCE;
            Intrinsics.checkNotNullExpressionValue(okHttpBuilder, "this");
            femiApolloClient2.addSSLPinner(okHttpBuilder);
            InputStream open = assets.open("ca_keystore.bks");
            Throwable th = (Throwable) null;
            try {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(open);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                X509TrustManager createUnifiedTrustManager = SslCertificateAuthority.INSTANCE.createUnifiedTrustManager(bufferedInputStream, BuildConfig.CA_CERTIFICATES_KEYSTORE_PASSWORD);
                sSLContext.init(null, new X509TrustManager[]{createUnifiedTrustManager}, new SecureRandom());
                okHttpBuilder.sslSocketFactory(sSLContext.getSocketFactory(), createUnifiedTrustManager);
                HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
                Unit unit = Unit.INSTANCE;
                CloseableKt.closeFinally(open, th);
            } finally {
            }
        }
        if (z) {
            Intrinsics.checkNotNullExpressionValue(okHttpBuilder, "okHttpBuilder");
            createUnsafeClient(okHttpBuilder);
        } else {
            Intrinsics.checkNotNullExpressionValue(okHttpBuilder, "okHttpBuilder");
            addSSLPinner(okHttpBuilder);
        }
        OkHttpClient build2 = okHttpBuilder.build();
        Intrinsics.checkNotNullExpressionValue(build2, "okHttpBuilder.build()");
        return build2;
    }
}
