package com.alipay.mobile.nebulax.integration.base.e;

import android.text.TextUtils;
import com.alibaba.ariver.app.api.Page;
import com.alibaba.ariver.engine.api.bridge.BridgeResponseHelper;
import com.alibaba.ariver.engine.api.bridge.model.NativeCallContext;
import com.alibaba.ariver.kernel.api.extension.bridge.BridgePermission;
import com.alibaba.ariver.kernel.api.node.Node;
import com.alibaba.ariver.kernel.api.security.Accessor;
import com.alibaba.ariver.kernel.api.security.Group;
import com.alibaba.ariver.kernel.api.security.Permission;
import com.alibaba.ariver.kernel.common.utils.RVLogger;
import com.alibaba.ariver.permission.api.PermissionManager;
import com.alibaba.ariver.permission.api.RVGroup;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.alipay.mobile.nebula.provider.H5ConfigProvider;
import com.alipay.mobile.nebula.provider.H5NewJSApiPermissionProvider;
import com.alipay.mobile.nebula.util.H5DomainUtil;
import com.alipay.mobile.nebula.util.H5Utils;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* compiled from: DomainPermissionManager.java */
/* loaded from: classes9.dex */
public class b implements PermissionManager {
    private static final String a = "AriverPermission:" + b.class.getSimpleName();
    private boolean b = false;
    private boolean c = false;
    private Map<String, List<Permission>> d = new HashMap();

    private List<Permission> a(Accessor accessor) {
        String b = b(accessor);
        if (TextUtils.isEmpty(b)) {
            return null;
        }
        if (this.d.containsKey(b)) {
            return this.d.get(b);
        }
        H5NewJSApiPermissionProvider h5NewJSApiPermissionProvider = (H5NewJSApiPermissionProvider) H5Utils.getProvider(H5NewJSApiPermissionProvider.class.getName());
        if (h5NewJSApiPermissionProvider == null) {
            return null;
        }
        String permissionJsonStr = h5NewJSApiPermissionProvider.getPermissionJsonStr(b);
        if (TextUtils.isEmpty(permissionJsonStr)) {
            return null;
        }
        JSONArray parseArray = H5Utils.parseArray(permissionJsonStr);
        ArrayList arrayList = new ArrayList();
        if (parseArray != null && !parseArray.isEmpty()) {
            for (int i = 0; i < parseArray.size(); i++) {
                String string = H5Utils.getString(parseArray.getJSONObject(i), "name");
                if (!TextUtils.isEmpty(string)) {
                    arrayList.add(new BridgePermission(string, string));
                }
            }
        }
        this.d.put(b, arrayList);
        return arrayList;
    }

    private boolean a() {
        if (this.c) {
            return this.b;
        }
        H5ConfigProvider h5ConfigProvider = (H5ConfigProvider) H5Utils.getProvider(H5ConfigProvider.class.getName());
        JSONObject parseObject = H5Utils.parseObject(h5ConfigProvider != null ? h5ConfigProvider.getConfigWithProcessCache("h5_newJsapiPermissionConfig") : null);
        this.b = (parseObject == null || parseObject.isEmpty()) ? false : parseObject.getBooleanValue("canIntercept");
        this.c = true;
        return this.b;
    }

    private static String b(Accessor accessor) {
        if ((accessor instanceof Node) && (accessor instanceof Page)) {
            return ((Page) accessor).getPageURI();
        }
        return null;
    }

    @Override // com.alibaba.ariver.permission.api.PermissionManager
    public boolean asyncCheckPermission(Permission permission, Accessor accessor, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper) {
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.PermissionManager
    public boolean bizCheckPermission(Permission permission, Accessor accessor, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper) {
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.PermissionManager
    public boolean checkPermission(Permission permission, Accessor accessor, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper) {
        boolean z;
        List<String> list;
        List<Permission> a2;
        if (a() && (a2 = a(accessor)) != null && a2.size() > 0) {
            Iterator<Permission> it = a2.iterator();
            while (it.hasNext()) {
                if (it.next().authority().equalsIgnoreCase(permission.authority())) {
                    RVLogger.d(a, "permison is allowed \t " + permission.authority());
                    return true;
                }
            }
        }
        if (!a() || a(accessor) == null) {
            RVLogger.d(a, "accessor" + accessor.hashCode() + "  level domain permission start outer check.");
            if (!(com.alipay.mobile.nebulax.integration.base.e.a.a.a().b.contains(permission.authority()) || "rpc".equalsIgnoreCase(permission.authority()))) {
                RVLogger.d(a, "accessor" + accessor.hashCode() + " level domain permission. " + permission.authority() + " is not in access controller list. allow.");
                return true;
            }
            String b = b(accessor);
            com.alipay.mobile.nebulax.integration.base.e.a.a a3 = com.alipay.mobile.nebulax.integration.base.e.a.a.a();
            if (permission == null || TextUtils.isEmpty(permission.authority()) || TextUtils.isEmpty(b)) {
                z = false;
            } else {
                z = "rpc".equals(permission) ? ((H5ConfigProvider) H5Utils.getProvider(H5ConfigProvider.class.getName())).isRpcDomains(b) : (a3.a == null || a3.a.get(permission) == null || (list = a3.a.get(permission)) == null || list.isEmpty()) ? false : H5DomainUtil.isInDomain(H5DomainUtil.getNewDomainSuffix(b), list);
            }
            if (z) {
                RVLogger.d(a, "accessor" + accessor.hashCode() + " level domain permission. [" + b + "]  in [" + permission.authority() + "]'s white list. allow");
                return true;
            }
        } else {
            RVLogger.d(a, "accessor" + accessor.hashCode() + " single domain permission. need not outer check");
        }
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.PermissionManager
    public void init(Accessor accessor) {
    }

    @Override // com.alibaba.ariver.permission.api.PermissionManager
    public Group manageAccessorGroup(Accessor accessor) {
        if (a() && a(accessor) != null) {
            return RVGroup.LEVEL_EMPTY;
        }
        String b = b(accessor);
        RVLogger.d(a, "accessor" + accessor.hashCode() + " url=" + b);
        H5ConfigProvider h5ConfigProvider = (H5ConfigProvider) H5Utils.getProvider(H5ConfigProvider.class.getName());
        return h5ConfigProvider.isAlipayDomains(b) ? RVGroup.LEVEL_HIGH : h5ConfigProvider.isSeriousAliDomains(b) ? RVGroup.LEVEL_ABOVE_MEDIUM : h5ConfigProvider.isAliDomains(b) ? RVGroup.LEVEL_MEDIUM : h5ConfigProvider.isPartnerDomains(b) ? RVGroup.LEVEL_LOW : RVGroup.LEVEL_NONE;
    }

    @Override // com.alibaba.ariver.permission.api.PermissionManager
    public List<Permission> manageAccessorPermissions(Accessor accessor) {
        if (a()) {
            return a(accessor);
        }
        return null;
    }
}
