package com.darkhorse.IABUtil;

import android.app.Activity;
import android.content.Context;
import android.content.SharedPreferences;
import android.database.Cursor;
import android.os.Handler;
import android.preference.PreferenceManager;
import android.text.TextUtils;
import android.widget.Toast;
import com.crashlytics.android.Crashlytics;
import com.darkhorse.digital.R;
import com.darkhorse.digital.auth.AuthManager;
import com.darkhorse.digital.net.DungeonHTTPClient;
import com.darkhorse.digital.provider.BookContract;
import com.darkhorse.digital.settings.SettingsUtils;
import com.darkhorse.digital.util.BookListUtils;
import com.darkhorse.digital.util.Log;
import com.google.analytics.tracking.android.EasyTracker;
import com.newrelic.agent.android.instrumentation.JSONObjectInstrumentation;
import java.util.ArrayList;
import org.apache.http.HttpResponse;
import org.apache.http.StatusLine;
import org.apache.http.message.BasicNameValuePair;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class Security {
    public static final String DUNGEON_SERVER_DOMAIN = "digital.darkhorse.com";
    public static final String PURCHASE_VALIDATION_FIELD_VALID = "valid";
    public static final String PURCHASE_VALIDATION_PRODUCT_SUFFIX_MESSAGE = "_message";
    public static final String PURCHASE_VALIDATION_PRODUCT_SUFFIX_PERMISSION = "_permission_granted";
    public static final String PURCHASE_VERIFICATION_URL = "https://digital.darkhorse.com/purchase_verification/verify_google_iabv3/";
    private static final String TAG = "DarkHorse.IABUtil/Security";

    /* loaded from: classes.dex */
    public enum PurchaseState {
        PURCHASED,
        CANCELED,
        REFUNDED;

        public static PurchaseState valueOf(int i) {
            PurchaseState[] values = values();
            return (i < 0 || i >= values.length) ? CANCELED : values[i];
        }
    }

    public static String getDeveloperPayload(final Activity activity) {
        SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(activity);
        String string = defaultSharedPreferences.getString(AuthManager.TRUE_DJANGO_USER_NAME, null);
        if (string == null) {
            AuthManager authManager = AuthManager.getInstance(activity);
            authManager.verifyServerLogin(true);
            string = defaultSharedPreferences.getString(AuthManager.TRUE_DJANGO_USER_NAME, null);
            if (string == null && authManager.isSignedIn()) {
                new Handler().post(new Runnable() { // from class: com.darkhorse.IABUtil.Security.1
                    @Override // java.lang.Runnable
                    public void run() {
                        Toast.makeText(activity, activity.getString(R.string.purchase_auth_error), 1).show();
                    }
                });
                EasyTracker.getTracker().trackEvent("error", "developer payload not found after successful auth", null, 1L);
                return "";
            }
            EasyTracker.getTracker().trackEvent("purchase", "developer payload recovered in the nick of time", null, 1L);
        }
        return string;
    }

    public static HttpResponse postPurchaseVerification(String str, String str2, DungeonHTTPClient dungeonHTTPClient) {
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(new BasicNameValuePair("signed_data", str));
        arrayList.add(new BasicNameValuePair("signature", str2));
        return dungeonHTTPClient.restApiPost(PURCHASE_VERIFICATION_URL, arrayList, true);
    }

    public static boolean verifyDeveloperPayload(Purchase purchase, Activity activity) {
        return purchase.getDeveloperPayload().equals(getDeveloperPayload(activity));
    }

    private static boolean verifyLocalBook(Context context, String str) {
        String bookUuidFromOverrideUuid;
        boolean z;
        try {
            Log.i(TAG, "Attempting to verify ownership locally");
            String string = JSONObjectInstrumentation.init(str).getString("productId");
            bookUuidFromOverrideUuid = BookListUtils.getBookUuidFromOverrideUuid(context.getContentResolver(), string);
            if (bookUuidFromOverrideUuid == null) {
                bookUuidFromOverrideUuid = string;
            }
            Cursor query = context.getContentResolver().query(BookContract.Books.getBookUri(bookUuidFromOverrideUuid), new String[]{BookContract.UserData.IS_OWNED}, null, null, null);
            z = query.moveToFirst() ? query.getInt(query.getColumnIndex(BookContract.UserData.IS_OWNED)) > 0 : false;
            query.close();
        } catch (JSONException e) {
            Log.e(TAG, "Something went wrong trying to verify locally. But we'll still try the server.");
            e.printStackTrace();
        }
        if (z) {
            Log.i(TAG, "Local verification successful for: " + bookUuidFromOverrideUuid);
            return true;
        }
        Log.i(TAG, "Couldn't verify locally. Sending request to server for: " + bookUuidFromOverrideUuid);
        return false;
    }

    public static boolean verifyPurchase(Context context, String str, String str2) {
        if (!TextUtils.isEmpty(str) && !TextUtils.isEmpty(str2)) {
            return verifyLocalBook(context, str) || verifyRemoteBook(context, str, str2);
        }
        Log.e(TAG, "Purchase verification failed: missing data.");
        return false;
    }

    private static boolean verifyRemoteBook(Context context, String str, String str2) {
        boolean z = false;
        JSONObject jSONObject = null;
        Log.i(TAG, "Attempting to verify ownership remotely");
        if (!TextUtils.isEmpty(str2)) {
            DungeonHTTPClient dungeonHTTPClient = new DungeonHTTPClient(SettingsUtils.getUserAgent(context), AuthManager.getInstance(context), context);
            HttpResponse postPurchaseVerification = postPurchaseVerification(str, str2, dungeonHTTPClient);
            if (postPurchaseVerification != null) {
                StatusLine statusLine = postPurchaseVerification.getStatusLine();
                if (statusLine.getStatusCode() == 200) {
                    String responseAsString = dungeonHTTPClient.getResponseAsString(postPurchaseVerification);
                    try {
                        jSONObject = JSONObjectInstrumentation.init(responseAsString);
                        z = jSONObject.getBoolean(PURCHASE_VALIDATION_FIELD_VALID);
                    } catch (Exception e) {
                        Crashlytics.log("status code is: " + statusLine.toString());
                        Crashlytics.log("response string is: " + responseAsString);
                        Crashlytics.log(6, TAG, "Purchase verification failed: error parsing json response. " + e.getMessage());
                        Log.e(TAG, "Purchase verification failed: error parsing json response", e, context);
                    }
                } else {
                    Log.e(TAG, "Purchase verification Error, server status code: " + Integer.toString(statusLine.getStatusCode()), context);
                }
            } else {
                Log.e(TAG, "Purchase verification failed: Dungeon response was null.", context);
            }
            dungeonHTTPClient.destroy();
            if (!z) {
                Log.e(TAG, "Purchase verification failed: signature does not match data.", context);
                return z;
            }
        }
        try {
            JSONObject init = JSONObjectInstrumentation.init(str);
            PurchaseState valueOf = PurchaseState.valueOf(init.getInt("purchaseState"));
            String string = init.getString("productId");
            boolean z2 = jSONObject.has(new StringBuilder().append(string).append(PURCHASE_VALIDATION_PRODUCT_SUFFIX_PERMISSION).toString()) ? jSONObject.getBoolean(string + PURCHASE_VALIDATION_PRODUCT_SUFFIX_PERMISSION) : false;
            String string2 = jSONObject.has(new StringBuilder().append(string).append(PURCHASE_VALIDATION_PRODUCT_SUFFIX_MESSAGE).toString()) ? jSONObject.getString(string + PURCHASE_VALIDATION_PRODUCT_SUFFIX_MESSAGE) : "";
            boolean z3 = z && z2 && valueOf == PurchaseState.PURCHASED;
            if (!z) {
                Log.i(TAG, "Purchase failed. maybe there's a message: \"" + string2 + "\"");
            }
            if (z3) {
                Log.i(TAG, "Remote verification successful for: " + string);
                return z3;
            }
            Log.i(TAG, "Remote verification failed for: " + string);
            return z3;
        } catch (JSONException e2) {
            Crashlytics.log(6, TAG, "Purchase verification failed: JSONException: " + e2.getMessage());
            Log.e(TAG, "Purchase verification failed: JSONException: " + e2.getMessage(), context);
            return false;
        }
    }
}
