package com.teamdev.jxbrowser.mozilla.ssl;

import com.teamdev.jxbrowser.mozilla.MozillaHttpSecurity;
import com.teamdev.jxbrowser.mozilla.ssl.SSLCertificateManager;
import com.teamdev.jxbrowser.security.HttpSecurityAction;
import com.teamdev.jxbrowser.security.HttpSecurityHandler;
import com.teamdev.jxbrowser.security.SecurityProblem;
import com.teamdev.jxbrowser1.event.impl.nsIWebProgressAdapter;
import com.teamdev.xpcom.Xpcom;
import com.teamdev.xpcom.util.FlagUtil;
import com.teamdev.xpcom.util.XPCOMManager;
import java.awt.Component;
import java.net.URI;
import java.util.EnumSet;
import java.util.Set;
import javax.swing.Icon;
import javax.swing.JOptionPane;
import org.mozilla.interfaces.nsIRecentBadCertsService;
import org.mozilla.interfaces.nsIRequest;
import org.mozilla.interfaces.nsISSLStatus;
import org.mozilla.interfaces.nsIWebProgress;
import org.mozilla.interfaces.nsIX509Cert;
import org.mozilla.xpcom.XPCOMException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/teamdev/jxbrowser/mozilla/ssl/BadCertificateListener.class */
public class BadCertificateListener extends nsIWebProgressAdapter {
    private static final Logger a = LoggerFactory.getLogger(BadCertificateListener.class);
    private final nsIRecentBadCertsService b = XPCOMManager.getInstance().getService("@mozilla.org/security/recentbadcerts;1", nsIRecentBadCertsService.class);
    private final MozillaHttpSecurity c;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/teamdev/jxbrowser/mozilla/ssl/BadCertificateListener$HostPortHolder.class */
    public static class HostPortHolder {
        public final String host;
        public final int port;

        private HostPortHolder(String str, int i) {
            this.host = str;
            this.port = i;
        }

        public String getAddress() {
            return this.host + ':' + this.port;
        }
    }

    public BadCertificateListener(MozillaHttpSecurity mozillaHttpSecurity) {
        this.c = mozillaHttpSecurity;
    }

    public void onSecurityChange(nsIWebProgress nsiwebprogress, nsIRequest nsirequest, long j) {
        if (FlagUtil.checkFlag(j, 2L)) {
            a.debug("The data corresponding to the request was received over a secure channel.");
        } else if (FlagUtil.checkFlag(j, 1L)) {
            a.debug("Unknown security state. The request is being loaded as part of a page in which some content was received over an insecure channel.");
        } else if (FlagUtil.checkFlag(j, 4L)) {
            a.debug("The data corresponding to the request was received over an insecure channel.");
            try {
                if (nsirequest.queryInterface("{9277fe09-f0cc-4cd9-bbce-581dd94b0260}").getRequestSucceeded()) {
                    return;
                }
            } catch (XPCOMException unused) {
                a.debug("Called before the response has been received.");
            }
        }
        String name = nsirequest.getName();
        a.debug("Changing certificate approve process.");
        URI create = URI.create(name);
        if (this.c.isInApproveCertificateProcessForURL(create)) {
            return;
        }
        a.debug("Approving certificate.");
        int i = 443;
        if (-1 != create.getPort()) {
            i = create.getPort();
        }
        HostPortHolder hostPortHolder = new HostPortHolder(create.getHost(), i);
        final EnumSet noneOf = EnumSet.noneOf(SecurityProblem.class);
        nsISSLStatus recentBadCert = this.b.getRecentBadCert(hostPortHolder.getAddress());
        if (recentBadCert != null) {
            if (recentBadCert.getIsUntrusted()) {
                noneOf.add(SecurityProblem.NOT_TRUSTED_CERTIFICATE);
            }
            if (recentBadCert.getIsDomainMismatch()) {
                noneOf.add(SecurityProblem.INVALID_CERTIFICATE_NAME);
            }
            if (recentBadCert.getIsNotValidAtThisTime()) {
                noneOf.add(SecurityProblem.INVALID_CERTIFICATE_DATE);
            }
        }
        if (noneOf.isEmpty()) {
            a.debug("No certificate problems for the given " + hostPortHolder);
            return;
        }
        final HttpSecurityAction[] httpSecurityActionArr = new HttpSecurityAction[1];
        Xpcom.invokeAtAWTAndWait(new Runnable() { // from class: com.teamdev.jxbrowser.mozilla.ssl.BadCertificateListener.1
            @Override // java.lang.Runnable
            public void run() {
                HttpSecurityHandler handler = BadCertificateListener.this.c.getHandler();
                if (handler != null) {
                    httpSecurityActionArr[0] = handler.onSecurityProblem(noneOf);
                }
            }
        });
        if (HttpSecurityAction.ABORT != httpSecurityActionArr[0]) {
            if (HttpSecurityAction.CONTINUE == httpSecurityActionArr[0] && !noneOf.isEmpty()) {
                a(create, hostPortHolder, noneOf);
                return;
            }
            if (HttpSecurityAction.DEFAULT != httpSecurityActionArr[0] || noneOf.isEmpty()) {
                return;
            }
            a.debug("Approving certificate by default.");
            final int[] iArr = new int[1];
            Xpcom.invokeAtAWTAndWait(new Runnable(this) { // from class: com.teamdev.jxbrowser.mozilla.ssl.BadCertificateListener.2
                @Override // java.lang.Runnable
                public void run() {
                    StringBuilder sb = new StringBuilder();
                    sb.append("<html><body>");
                    sb.append("<strong>");
                    sb.append("This page may not be secure!<br/><br/>");
                    sb.append("</strong>");
                    sb.append("Certificate errors:");
                    sb.append("<ol>");
                    for (SecurityProblem securityProblem : noneOf) {
                        sb.append("<li>");
                        sb.append(securityProblem.getDefaultDescription());
                        sb.append("</li>");
                    }
                    sb.append("</ol>");
                    sb.append("<strong>You need to approve or reject loading of this page?</strong>");
                    sb.append("</body></html>");
                    Object[] objArr = {"Approve", "Reject"};
                    iArr[0] = JOptionPane.showOptionDialog((Component) null, sb.toString(), "Security Issue", 0, 2, (Icon) null, objArr, objArr[1]);
                }
            });
            if (iArr[0] == 0) {
                a(create, hostPortHolder, noneOf);
                return;
            }
        }
        this.c.reject();
    }

    private void a(URI uri, HostPortHolder hostPortHolder, Set<SecurityProblem> set) {
        nsIX509Cert serverCert;
        nsISSLStatus recentBadCert = this.b.getRecentBadCert(hostPortHolder.getAddress());
        if (recentBadCert == null) {
            a.debug("No SSL cert was recently seen OR good cert was seen for the given " + hostPortHolder.getAddress());
            serverCert = null;
        } else {
            serverCert = recentBadCert.getServerCert();
        }
        nsIX509Cert nsix509cert = serverCert;
        if (serverCert != null) {
            new SSLCertificateManager().validityOverride(SSLCertificateManager.Trust.TRUSTED, hostPortHolder.host, hostPortHolder.port, nsix509cert, set);
            this.c.approveCertificateForURL(uri);
        }
    }
}
