package com.amazon.kindle.download.okhttp;

import android.content.Context;
import com.amazon.kindle.download.okhttp.OkHttpClientProvider;
import com.amazon.kindle.krx.metrics.IMetricsManager;
import com.amazon.kindle.krx.metrics.MetricsData;
import com.amazon.kindle.log.Log;
import com.amazon.kindle.services.download.DownloadUtils;
import com.amazon.kindle.util.TimeUtils;
import com.amazon.kindle.webservices.X509CertificateUtilsKt;
import com.amazon.kindle.webservices.X509CustomTrust;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import javax.security.auth.x500.X500Principal;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.Pair;
import kotlin.TuplesKt;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import okhttp3.OkHttpClient;

/* compiled from: OkHttpClientProvider.kt */
/* loaded from: classes3.dex */
public final class OkHttpClientProvider implements Function0<OkHttpClient> {
    private static final long MAX_FUTURE_WAIT_TIME_SECONDS = 5;
    private final Lazy cachedClient$delegate;
    private final Context context;
    private final IMetricsManager metricsManager;
    public static final Companion Companion = new Companion(null);
    private static final String TAG = DownloadUtils.getDownloadModuleTag(OkHttpClientProvider.class);

    /* compiled from: OkHttpClientProvider.kt */
    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final void handleExpiredCertificate(X509Certificate x509Certificate, IMetricsManager iMetricsManager) {
            String str = OkHttpClientProvider.TAG;
            X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
            Intrinsics.checkExpressionValueIsNotNull(subjectX500Principal, "cert.subjectX500Principal");
            iMetricsManager.reportMetric(str, "EXPIRED_CERTIFICATE_AUTHORITY", MapsKt.mapOf(TuplesKt.to("SUBJECT_PRINCIPLE_NAME", subjectX500Principal.getName()), TuplesKt.to("CA_SERIAL_NUMBER_HEX", x509Certificate.getSerialNumber().toString(16)), TuplesKt.to("CA_EXPIRATION", x509Certificate.getNotAfter().toString())));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final X509CustomTrust processCustomTrustStore(final Context context, final IMetricsManager iMetricsManager) {
            Object withTimingEvent;
            MetricsData metricPayload = iMetricsManager.newMetrics(OkHttpClientProvider.TAG);
            Intrinsics.checkExpressionValueIsNotNull(metricPayload, "metricPayload");
            withTimingEvent = OkHttpClientProviderKt.withTimingEvent(metricPayload, "CERTIFICATES_PROCESSING_TIME", new Function0<X509CustomTrust>() { // from class: com.amazon.kindle.download.okhttp.OkHttpClientProvider$Companion$processCustomTrustStore$1
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // kotlin.jvm.functions.Function0
                public final X509CustomTrust invoke() {
                    Calendar utcCalendarForCurrentTime = TimeUtils.getUtcCalendarForCurrentTime();
                    Intrinsics.checkExpressionValueIsNotNull(utcCalendarForCurrentTime, "TimeUtils.getUtcCalendarForCurrentTime()");
                    Date time = utcCalendarForCurrentTime.getTime();
                    Set union = CollectionsKt.union(X509CertificateUtilsKt.getATS_TRUST_ROOT_CERTS(), X509CertificateUtilsKt.getDIGICERT_TRUST_ROOT_CERTS());
                    ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(union, 10));
                    Iterator it = union.iterator();
                    while (it.hasNext()) {
                        arrayList.add(X509CertificateUtilsKt.readX509CertificateFromRawResource(((Number) it.next()).intValue(), context));
                    }
                    ArrayList arrayList2 = new ArrayList();
                    ArrayList arrayList3 = new ArrayList();
                    for (Object obj : arrayList) {
                        if (time.after(((X509Certificate) obj).getNotAfter())) {
                            arrayList2.add(obj);
                        } else {
                            arrayList3.add(obj);
                        }
                    }
                    Pair pair = new Pair(arrayList2, arrayList3);
                    List list = (List) pair.component1();
                    List<? extends X509Certificate> list2 = (List) pair.component2();
                    Iterator it2 = list.iterator();
                    while (it2.hasNext()) {
                        OkHttpClientProvider.Companion.handleExpiredCertificate((X509Certificate) it2.next(), iMetricsManager);
                    }
                    return new X509CustomTrust.Builder().addTrustedCertificates(list2).addPlatformTrustedCertificates().build();
                }
            });
            X509CustomTrust x509CustomTrust = (X509CustomTrust) withTimingEvent;
            iMetricsManager.reportMetrics(metricPayload);
            return x509CustomTrust;
        }
    }

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public OkHttpClientProvider(final android.content.Context r3, final com.amazon.kindle.krx.metrics.IMetricsManager r4, com.amazon.foundation.internal.IThreadPoolManager r5) {
        /*
            r2 = this;
            java.lang.String r0 = "context"
            kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r3, r0)
            java.lang.String r0 = "metricsManager"
            kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r4, r0)
            java.lang.String r0 = "threadPoolManager"
            kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r5, r0)
            com.amazon.kindle.download.okhttp.OkHttpClientProvider$1 r0 = new com.amazon.kindle.download.okhttp.OkHttpClientProvider$1
            r0.<init>()
            java.util.concurrent.Callable r0 = (java.util.concurrent.Callable) r0
            r1 = 0
            java.util.concurrent.Future r5 = r5.submit(r0, r1)
            java.lang.String r0 = "threadPoolManager.submit…anager)\n        }, false)"
            kotlin.jvm.internal.Intrinsics.checkExpressionValueIsNotNull(r5, r0)
            r2.<init>(r3, r4, r5)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.kindle.download.okhttp.OkHttpClientProvider.<init>(android.content.Context, com.amazon.kindle.krx.metrics.IMetricsManager, com.amazon.foundation.internal.IThreadPoolManager):void");
    }

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public /* synthetic */ OkHttpClientProvider(android.content.Context r1, com.amazon.kindle.krx.metrics.IMetricsManager r2, com.amazon.foundation.internal.IThreadPoolManager r3, int r4, kotlin.jvm.internal.DefaultConstructorMarker r5) {
        /*
            r0 = this;
            r4 = r4 & 4
            if (r4 == 0) goto Ld
            com.amazon.foundation.internal.IThreadPoolManager r3 = com.amazon.foundation.internal.ThreadPoolManager.getInstance()
            java.lang.String r4 = "ThreadPoolManager.getInstance()"
            kotlin.jvm.internal.Intrinsics.checkExpressionValueIsNotNull(r3, r4)
        Ld:
            r0.<init>(r1, r2, r3)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.kindle.download.okhttp.OkHttpClientProvider.<init>(android.content.Context, com.amazon.kindle.krx.metrics.IMetricsManager, com.amazon.foundation.internal.IThreadPoolManager, int, kotlin.jvm.internal.DefaultConstructorMarker):void");
    }

    public OkHttpClientProvider(Context context, IMetricsManager metricsManager, final Future<X509CustomTrust> certFuture) {
        Intrinsics.checkParameterIsNotNull(context, "context");
        Intrinsics.checkParameterIsNotNull(metricsManager, "metricsManager");
        Intrinsics.checkParameterIsNotNull(certFuture, "certFuture");
        this.context = context;
        this.metricsManager = metricsManager;
        this.cachedClient$delegate = LazyKt.lazy(new Function0<OkHttpClient>() { // from class: com.amazon.kindle.download.okhttp.OkHttpClientProvider$cachedClient$2
            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final OkHttpClient invoke() {
                OkHttpClient buildClient;
                buildClient = OkHttpClientProvider.this.buildClient(certFuture);
                return buildClient;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final OkHttpClient buildClient(Future<X509CustomTrust> future) {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        injectSslConfiguration(builder, future);
        OkHttpClient build = builder.build();
        Intrinsics.checkExpressionValueIsNotNull(build, "clientBuilder.build()");
        return build;
    }

    private final OkHttpClient getCachedClient() {
        return (OkHttpClient) this.cachedClient$delegate.getValue();
    }

    private final void injectSslConfiguration(OkHttpClient.Builder builder, final Future<X509CustomTrust> future) {
        Throwable th;
        Object withTimingEvent;
        final MetricsData metricsPayload = this.metricsManager.newMetrics(TAG);
        try {
            Intrinsics.checkExpressionValueIsNotNull(metricsPayload, "metricsPayload");
            withTimingEvent = OkHttpClientProviderKt.withTimingEvent(metricsPayload, "CERTIFICATE_WAIT_TIME", new Function0<X509CustomTrust>() { // from class: com.amazon.kindle.download.okhttp.OkHttpClientProvider$injectSslConfiguration$customTrust$1
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // kotlin.jvm.functions.Function0
                public final X509CustomTrust invoke() {
                    Context context;
                    IMetricsManager iMetricsManager;
                    try {
                        return (X509CustomTrust) future.get(5L, TimeUnit.SECONDS);
                    } catch (TimeoutException unused) {
                        future.cancel(true);
                        metricsPayload.addCountingMetric("TRUST_MANAGER_FUTURE_TIMEOUT");
                        OkHttpClientProvider.Companion companion = OkHttpClientProvider.Companion;
                        context = OkHttpClientProvider.this.context;
                        iMetricsManager = OkHttpClientProvider.this.metricsManager;
                        return companion.processCustomTrustStore(context, iMetricsManager);
                    }
                }
            });
            X509CustomTrust x509CustomTrust = (X509CustomTrust) withTimingEvent;
            builder.sslSocketFactory(x509CustomTrust.getSslContext().getSocketFactory(), x509CustomTrust.getTrustManager());
            this.metricsManager.reportMetrics(metricsPayload);
        } catch (Exception e) {
            e = e;
            Exception exc = e;
            Log.error(TAG, "Unable to inject Kindle's TrustManager into OkHttp due to error", exc);
            if (!(e instanceof ExecutionException)) {
                e = null;
            }
            ExecutionException executionException = (ExecutionException) e;
            if (executionException == null || (th = executionException.getCause()) == null) {
                th = exc;
            }
            String simpleName = Reflection.getOrCreateKotlinClass(th.getClass()).getSimpleName();
            if (simpleName == null) {
                simpleName = "UNKNOWN";
            }
            this.metricsManager.reportMetric(TAG, "TRUST_MANAGER_EXCEPTION", MapsKt.mapOf(TuplesKt.to("EXCEPTION_CLASS", simpleName)));
        }
    }

    @Override // kotlin.jvm.functions.Function0
    public OkHttpClient invoke() {
        return getCachedClient();
    }
}
