package com.surfshark.vpnclient.android.core.feature.vpn.protocols.wireguard;

import com.squareup.moshi.JsonAdapter;
import com.squareup.moshi.Moshi;
import com.surfshark.vpnclient.android.core.data.api.interceptor.HeaderInterceptor;
import com.surfshark.vpnclient.android.core.data.api.interceptor.SurfsharkHttpLoggingInterceptor;
import com.surfshark.vpnclient.android.core.data.api.response.TokenResponse;
import com.surfshark.vpnclient.android.core.data.repository.CurrentVpnServerRepository;
import com.surfshark.vpnclient.android.core.data.repository.key.PublicKey;
import com.surfshark.vpnclient.android.core.data.repository.key.WireguardKeyRepository;
import com.surfshark.vpnclient.android.core.feature.vpn.ConnectingTracker;
import com.surfshark.vpnclient.android.core.feature.vpn.VPNServer;
import com.surfshark.vpnclient.android.core.service.analytics.Analytics;
import com.surfshark.vpnclient.android.core.service.analytics.EventAction;
import com.surfshark.vpnclient.android.core.service.analytics.EventCategory;
import com.surfshark.vpnclient.android.core.service.analytics.InteractionSource;
import com.surfshark.vpnclient.android.core.service.usersession.UserSession;
import com.surfshark.vpnclient.android.core.util.ExtensionsKt;
import com.surfshark.vpnclient.android.core.util.network.DnsUdpResolver;
import com.wireguard.WireguardCore;
import com.wireguard.config.Config;
import com.wireguard.config.InetEndpoint;
import com.wireguard.config.Peer;
import com.wireguard.crypto.Key;
import com.wireguard.model.ObservableTunnel;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java9.util.Optional;
import javax.inject.Provider;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.Dispatcher;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.strongswan.android.logic.CharonVpnService;
import timber.log.Timber;

/* loaded from: classes.dex */
public final class WireguardReconnectOnNoNetUseCase {
    private final Analytics analytics;
    private final SurfsharkHttpLoggingInterceptor bodyLoggingInterceptor;
    private final ConnectingTracker connectingTracker;
    private final CurrentVpnServerRepository currentVpnServerRepository;
    private final DnsUdpResolver dnsUdpResolver;
    private final HeaderInterceptor headerInterceptor;
    private final MediaType jsonMediaType;
    private final SurfsharkHttpLoggingInterceptor loggingInterceptor;
    private NoNetResolution noNetResolution;
    private final JsonAdapter<PublicKey> publicKeyAdapter;
    private final JsonAdapter<TokenResponse> tokenResponseAdapter;
    private final UserSession userSession;
    private final WireguardAccountStorage wireguardAccountStorage;
    private final WireguardKeyRepository wireguardKeyRepository;
    private final Provider<WireguardProtocol> wireguardProtocol;

    /* loaded from: classes.dex */
    public enum NoNetResolution {
        IP_RESOLVE,
        KEY_VALIDATION
    }

    /* loaded from: classes.dex */
    public enum ValidateKeyStatus {
        SUCCESS,
        NOT_FOUND,
        API_ERROR,
        GENERIC_ERROR
    }

    public WireguardReconnectOnNoNetUseCase(CurrentVpnServerRepository currentVpnServerRepository, DnsUdpResolver dnsUdpResolver, WireguardKeyRepository wireguardKeyRepository, WireguardAccountStorage wireguardAccountStorage, Provider<WireguardProtocol> wireguardProtocol, SurfsharkHttpLoggingInterceptor loggingInterceptor, SurfsharkHttpLoggingInterceptor bodyLoggingInterceptor, HeaderInterceptor headerInterceptor, UserSession userSession, Analytics analytics, ConnectingTracker connectingTracker, Moshi moshi) {
        Intrinsics.checkNotNullParameter(currentVpnServerRepository, "currentVpnServerRepository");
        Intrinsics.checkNotNullParameter(dnsUdpResolver, "dnsUdpResolver");
        Intrinsics.checkNotNullParameter(wireguardKeyRepository, "wireguardKeyRepository");
        Intrinsics.checkNotNullParameter(wireguardAccountStorage, "wireguardAccountStorage");
        Intrinsics.checkNotNullParameter(wireguardProtocol, "wireguardProtocol");
        Intrinsics.checkNotNullParameter(loggingInterceptor, "loggingInterceptor");
        Intrinsics.checkNotNullParameter(bodyLoggingInterceptor, "bodyLoggingInterceptor");
        Intrinsics.checkNotNullParameter(headerInterceptor, "headerInterceptor");
        Intrinsics.checkNotNullParameter(userSession, "userSession");
        Intrinsics.checkNotNullParameter(analytics, "analytics");
        Intrinsics.checkNotNullParameter(connectingTracker, "connectingTracker");
        Intrinsics.checkNotNullParameter(moshi, "moshi");
        this.currentVpnServerRepository = currentVpnServerRepository;
        this.dnsUdpResolver = dnsUdpResolver;
        this.wireguardKeyRepository = wireguardKeyRepository;
        this.wireguardAccountStorage = wireguardAccountStorage;
        this.wireguardProtocol = wireguardProtocol;
        this.loggingInterceptor = loggingInterceptor;
        this.bodyLoggingInterceptor = bodyLoggingInterceptor;
        this.headerInterceptor = headerInterceptor;
        this.userSession = userSession;
        this.analytics = analytics;
        this.connectingTracker = connectingTracker;
        this.noNetResolution = NoNetResolution.IP_RESOLVE;
        this.publicKeyAdapter = moshi.adapter(PublicKey.class);
        this.tokenResponseAdapter = moshi.adapter(TokenResponse.class);
        this.jsonMediaType = MediaType.Companion.parse("application/json; charset=utf-8");
    }

    private final void execute() {
        Config config;
        VPNServer currentVpnServer;
        Optional<InetEndpoint> endpoint;
        InetEndpoint inetEndpoint;
        String host;
        ObservableTunnel loadTunnel = WireguardCore.INSTANCE.getTunnelManager().loadTunnel();
        if (loadTunnel == null || (config = loadTunnel.getConfig()) == null) {
            return;
        }
        List<Peer> peers = config.getPeers();
        Intrinsics.checkNotNullExpressionValue(peers, "config.peers");
        if (((Peer) CollectionsKt.getOrNull(peers, 1)) == null || (currentVpnServer = this.currentVpnServerRepository.getCurrentVpnServer()) == null) {
            return;
        }
        List<Peer> peers2 = config.getPeers();
        Intrinsics.checkNotNullExpressionValue(peers2, "config.peers");
        Peer peer = (Peer) CollectionsKt.getOrNull(peers2, 0);
        if (peer == null || (endpoint = peer.getEndpoint()) == null || (inetEndpoint = endpoint.get()) == null || (host = inetEndpoint.getHost()) == null) {
            return;
        }
        String rTransitHost = currentVpnServer.getIsMultiHop() ? currentVpnServer.getRTransitHost() : currentVpnServer.getRHost();
        if (rTransitHost != null) {
            Timber.i("Current no net resolution " + this.noNetResolution.name() + ", old ip is " + host + ", old address is " + rTransitHost, new Object[0]);
            if (this.noNetResolution == NoNetResolution.IP_RESOLVE) {
                tryIpResolveResolution(config, currentVpnServer, host, rTransitHost);
            } else {
                tryKeyValidationResolution(config, currentVpnServer, host);
            }
        }
    }

    private final OkHttpClient getOkHttpClient() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        TimeUnit timeUnit = TimeUnit.MILLISECONDS;
        builder.connectTimeout(CharonVpnService.CHARON_RECONNECT_INTERVAL, timeUnit);
        builder.readTimeout(CharonVpnService.CHARON_RECONNECT_INTERVAL, TimeUnit.SECONDS);
        builder.writeTimeout(CharonVpnService.CHARON_RECONNECT_INTERVAL, timeUnit);
        builder.addInterceptor(this.headerInterceptor);
        builder.addInterceptor(this.loggingInterceptor);
        builder.addInterceptor(this.bodyLoggingInterceptor);
        Dispatcher dispatcher = new Dispatcher();
        dispatcher.setMaxRequests(1);
        Unit unit = Unit.INSTANCE;
        builder.dispatcher(dispatcher);
        builder.hostnameVerifier(new HostnameVerifier() { // from class: com.surfshark.vpnclient.android.core.feature.vpn.protocols.wireguard.WireguardReconnectOnNoNetUseCase$okHttpClient$2
            @Override // javax.net.ssl.HostnameVerifier
            public final boolean verify(String str, SSLSession sSLSession) {
                return HttpsURLConnection.getDefaultHostnameVerifier().verify("wgs.prod.surfshark.com", sSLSession);
            }
        });
        return builder.build();
    }

    private final boolean getStillConnected() {
        return this.wireguardProtocol.get().isConnectedOrConnecting();
    }

    private final boolean renewToken() {
        Request.Builder builder = new Request.Builder();
        builder.url("https://172.16.0.36:443/v1/auth/renew");
        builder.header("no_auth_header", "true");
        builder.header("Authorization", "Bearer " + this.userSession.getRefreshToken());
        builder.post(RequestBody.Companion.create("", this.jsonMediaType));
        try {
            Response execute = getOkHttpClient().newCall(builder.build()).execute();
            if (!execute.isSuccessful()) {
                return false;
            }
            JsonAdapter<TokenResponse> jsonAdapter = this.tokenResponseAdapter;
            ResponseBody body = execute.body();
            TokenResponse fromJson = jsonAdapter.fromJson(body != null ? body.string() : null);
            Intrinsics.checkNotNull(fromJson);
            Intrinsics.checkNotNullExpressionValue(fromJson, "tokenResponseAdapter.fro…esponse.body?.string())!!");
            TokenResponse tokenResponse = fromJson;
            this.userSession.connect(tokenResponse.getToken(), tokenResponse.getRenewToken());
            return true;
        } catch (Exception e) {
            ExtensionsKt.logError$default(e, null, 1, null);
            return false;
        }
    }

    public final boolean generateKey() {
        Key generatePrivateKey = Key.generatePrivateKey();
        Key generatePublicKey = Key.generatePublicKey(generatePrivateKey);
        RequestBody.Companion companion = RequestBody.Companion;
        JsonAdapter<PublicKey> jsonAdapter = this.publicKeyAdapter;
        String base64 = generatePublicKey.toBase64();
        Intrinsics.checkNotNullExpressionValue(base64, "publicKey.toBase64()");
        String json = jsonAdapter.toJson(new PublicKey(base64));
        Intrinsics.checkNotNullExpressionValue(json, "publicKeyAdapter.toJson(…ey(publicKey.toBase64()))");
        RequestBody create = companion.create(json, this.jsonMediaType);
        Request.Builder builder = new Request.Builder();
        builder.url("https://172.16.0.36:443/v1/account/users/public-keys");
        builder.post(create);
        try {
            Response execute = getOkHttpClient().newCall(builder.build()).execute();
            if (!execute.isSuccessful()) {
                if (execute.code() == 401 && renewToken()) {
                    return generateKey();
                }
                return false;
            }
            WireguardKeyRepository wireguardKeyRepository = this.wireguardKeyRepository;
            String base642 = generatePrivateKey.toBase64();
            Intrinsics.checkNotNullExpressionValue(base642, "privateKey.toBase64()");
            wireguardKeyRepository.setPrivateKey(base642);
            return true;
        } catch (Exception e) {
            ExtensionsKt.logError$default(e, null, 1, null);
            return false;
        }
    }

    public final void noNetUpdate(boolean z) {
        if (z) {
            execute();
        } else {
            resetNoNetResolution();
        }
    }

    public final void reconnect(Config config, VPNServer vpnServer, String serverAddress) {
        Optional<InetEndpoint> endpoint;
        InetEndpoint inetEndpoint;
        Intrinsics.checkNotNullParameter(config, "config");
        Intrinsics.checkNotNullParameter(vpnServer, "vpnServer");
        Intrinsics.checkNotNullParameter(serverAddress, "serverAddress");
        List<Peer> peers = config.getPeers();
        Intrinsics.checkNotNullExpressionValue(peers, "config.peers");
        Peer peer = (Peer) CollectionsKt.getOrNull(peers, 1);
        String host = (peer == null || (endpoint = peer.getEndpoint()) == null || (inetEndpoint = endpoint.get()) == null) ? null : inetEndpoint.getHost();
        String cachedPrivateKey = this.wireguardKeyRepository.getCachedPrivateKey();
        if (cachedPrivateKey != null) {
            if (this.wireguardAccountStorage.activateAccount(vpnServer, serverAddress, host, cachedPrivateKey, this.wireguardKeyRepository.getSecondPeerKey())) {
                this.connectingTracker.connectIntent(InteractionSource.RECONNECT);
                WireguardCore.INSTANCE.getTunnelManager().reconnect();
            }
        }
    }

    public final void resetNoNetResolution() {
        this.noNetResolution = NoNetResolution.IP_RESOLVE;
    }

    /* JADX WARN: Code restructure failed: missing block: B:3:0x001e, code lost:
    
        r12 = kotlin.collections.CollectionsKt___CollectionsKt.toMutableList((java.util.Collection) r12);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final void tryIpResolveResolution(com.wireguard.config.Config r9, com.surfshark.vpnclient.android.core.feature.vpn.VPNServer r10, java.lang.String r11, java.lang.String r12) {
        /*
            r8 = this;
            java.lang.String r0 = "config"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r9, r0)
            java.lang.String r0 = "vpnServer"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r10, r0)
            java.lang.String r0 = "oldIp"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r11, r0)
            java.lang.String r0 = "oldAddress"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r12, r0)
            com.surfshark.vpnclient.android.core.util.network.DnsUdpResolver r0 = r8.dnsUdpResolver
            java.lang.String r1 = "172.16.0.36"
            java.util.List r12 = r0.resolveServerAddress(r12, r1)
            if (r12 == 0) goto L5d
            java.util.List r12 = kotlin.collections.CollectionsKt.toMutableList(r12)
            if (r12 == 0) goto L5d
            boolean r0 = r8.getStillConnected()
            if (r0 != 0) goto L2b
            return
        L2b:
            r12.remove(r11)
            boolean r0 = r12.isEmpty()
            if (r0 == 0) goto L3c
            com.surfshark.vpnclient.android.core.feature.vpn.protocols.wireguard.WireguardReconnectOnNoNetUseCase$NoNetResolution r12 = com.surfshark.vpnclient.android.core.feature.vpn.protocols.wireguard.WireguardReconnectOnNoNetUseCase.NoNetResolution.KEY_VALIDATION
            r8.noNetResolution = r12
            r8.tryKeyValidationResolution(r9, r10, r11)
            goto L5d
        L3c:
            java.util.Collections.shuffle(r12)
            java.lang.Object r11 = kotlin.collections.CollectionsKt.firstOrNull(r12)
            java.lang.String r11 = (java.lang.String) r11
            if (r11 == 0) goto L5d
            com.surfshark.vpnclient.android.core.service.analytics.Analytics r0 = r8.analytics
            com.surfshark.vpnclient.android.core.service.analytics.EventCategory r1 = com.surfshark.vpnclient.android.core.service.analytics.EventCategory.WIREGUARD_SELF_HEAL
            com.surfshark.vpnclient.android.core.service.analytics.EventAction r2 = com.surfshark.vpnclient.android.core.service.analytics.EventAction.WG_NEW_SERVER_RECONFIGURE
            r3 = 0
            r4 = 0
            r6 = 12
            r7 = 0
            com.surfshark.vpnclient.android.core.service.analytics.Analytics.trackEvent$default(r0, r1, r2, r3, r4, r6, r7)
            r8.reconnect(r9, r10, r11)
            com.surfshark.vpnclient.android.core.feature.vpn.protocols.wireguard.WireguardReconnectOnNoNetUseCase$NoNetResolution r9 = com.surfshark.vpnclient.android.core.feature.vpn.protocols.wireguard.WireguardReconnectOnNoNetUseCase.NoNetResolution.KEY_VALIDATION
            r8.noNetResolution = r9
        L5d:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.surfshark.vpnclient.android.core.feature.vpn.protocols.wireguard.WireguardReconnectOnNoNetUseCase.tryIpResolveResolution(com.wireguard.config.Config, com.surfshark.vpnclient.android.core.feature.vpn.VPNServer, java.lang.String, java.lang.String):void");
    }

    public final void tryKeyValidationResolution(Config config, VPNServer vpnServer, String oldIp) {
        Intrinsics.checkNotNullParameter(config, "config");
        Intrinsics.checkNotNullParameter(vpnServer, "vpnServer");
        Intrinsics.checkNotNullParameter(oldIp, "oldIp");
        if (validateKey() == ValidateKeyStatus.NOT_FOUND && getStillConnected() && generateKey() && getStillConnected()) {
            Analytics.trackEvent$default(this.analytics, EventCategory.WIREGUARD_SELF_HEAL, EventAction.WG_NEW_KEY_RECONFIGURE, null, 0L, 12, null);
            reconnect(config, vpnServer, oldIp);
        }
        this.noNetResolution = NoNetResolution.IP_RESOLVE;
    }

    public final ValidateKeyStatus validateKey() {
        Key generatePublicKey = Key.generatePublicKey(Key.fromBase64(this.wireguardKeyRepository.getCachedPrivateKey()));
        RequestBody.Companion companion = RequestBody.Companion;
        JsonAdapter<PublicKey> jsonAdapter = this.publicKeyAdapter;
        String base64 = generatePublicKey.toBase64();
        Intrinsics.checkNotNullExpressionValue(base64, "publicKey.toBase64()");
        String json = jsonAdapter.toJson(new PublicKey(base64));
        Intrinsics.checkNotNullExpressionValue(json, "publicKeyAdapter.toJson(…ey(publicKey.toBase64()))");
        RequestBody create = companion.create(json, this.jsonMediaType);
        Request.Builder builder = new Request.Builder();
        builder.url("https://172.16.0.36:443/v1/account/users/public-keys/validate");
        builder.post(create);
        try {
            int code = getOkHttpClient().newCall(builder.build()).execute().code();
            return code != 200 ? code != 401 ? code != 404 ? ValidateKeyStatus.API_ERROR : ValidateKeyStatus.NOT_FOUND : renewToken() ? validateKey() : ValidateKeyStatus.API_ERROR : ValidateKeyStatus.SUCCESS;
        } catch (Exception e) {
            ExtensionsKt.logError$default(e, null, 1, null);
            return ValidateKeyStatus.GENERIC_ERROR;
        }
    }
}
