package com.alibaba.ariver.permission.service;

import android.net.Uri;
import android.os.Bundle;
import android.support.annotation.Nullable;
import android.text.TextUtils;
import com.alibaba.ariver.app.api.Page;
import com.alibaba.ariver.app.api.service.TinyAppInnerProxy;
import com.alibaba.ariver.engine.api.bridge.BridgeResponseHelper;
import com.alibaba.ariver.engine.api.bridge.model.NativeCallContext;
import com.alibaba.ariver.engine.api.model.WorkerStore;
import com.alibaba.ariver.kernel.RVParams;
import com.alibaba.ariver.kernel.api.extension.ExtensionPoint;
import com.alibaba.ariver.kernel.api.extension.bridge.BridgePermission;
import com.alibaba.ariver.kernel.api.security.DefaultPermission;
import com.alibaba.ariver.kernel.api.security.Permission;
import com.alibaba.ariver.kernel.common.RVProxy;
import com.alibaba.ariver.kernel.common.service.RVConfigService;
import com.alibaba.ariver.kernel.common.utils.BundleUtils;
import com.alibaba.ariver.kernel.common.utils.JSONUtils;
import com.alibaba.ariver.kernel.common.utils.RVLogger;
import com.alibaba.ariver.kernel.common.utils.UrlUtils;
import com.alibaba.ariver.permission.AppPermissionUtils;
import com.alibaba.ariver.permission.PermissionConstant;
import com.alibaba.ariver.permission.api.ApiPermissionCheckResult;
import com.alibaba.ariver.permission.api.extension.IgnorePermissionPoint;
import com.alibaba.ariver.permission.api.proxy.AuthenticationProxy;
import com.alibaba.ariver.permission.api.proxy.DomainConfigProxy;
import com.alibaba.ariver.permission.api.proxy.EmbedWebViewJsApiPermissionProxy;
import com.alibaba.ariver.permission.model.ApiPermissionInfo;
import com.alibaba.ariver.resource.api.models.AppInfoQuery;
import com.alibaba.ariver.resource.api.models.AppInfoScene;
import com.alibaba.ariver.resource.api.models.AppModel;
import com.alibaba.ariver.resource.api.models.PermissionModel;
import com.alibaba.ariver.resource.api.models.PluginModel;
import com.alibaba.ariver.resource.api.proxy.RVAppInfoManager;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.alipay.android.msp.ui.webview.plugin.H5Plugin;
import com.taobao.android.bifrost.util.DataModelOperation;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* compiled from: Taobao */
/* loaded from: classes10.dex */
public class DefaultAuthenticationProxyImpl implements AuthenticationProxy {
    private static final String kg = "checkPermission";
    private static String TAG = "AriverPermission:" + DefaultAuthenticationProxyImpl.class.getSimpleName();
    private static final String[] y = {"navigateTo", "navigateBack", "switchTab", "reLaunch", "redirectTo", LocalAuthPermissionManager.SPM_KEY_LOCATION_ACTION, "getLocation", "webViewShare"};
    private static final List<String> am = new ArrayList();
    private final Map<String, Map<String, PermissionModel>> bz = new ConcurrentHashMap();
    private final Map<String, Map<String, ApiPermissionInfo>> bA = new ConcurrentHashMap();
    private String kh = "";
    private Map<String, ApiPermissionInfo> bx = new ConcurrentHashMap();
    private Map<String, PermissionModel> by = new ConcurrentHashMap();
    private LocalAuthPermissionManager a = new LocalAuthPermissionManager();

    static {
        am.add("tel");
        am.add("mailto");
        am.add("sms");
        am.add("geo");
    }

    private ApiPermissionCheckResult a(String str, String str2, Permission permission) {
        Map<String, PermissionModel> map = this.bz.get(str);
        if (map == null || !map.containsKey(str2)) {
            RVLogger.d(TAG, String.format("plugin %s not have permission field, just ignore", str2));
            return ApiPermissionCheckResult.IGNORE;
        }
        PermissionModel permissionModel = map.get(str2);
        if (permissionModel == null) {
            RVLogger.d(TAG, "permission is enabled by no permission file! " + permission.authority());
            return ApiPermissionCheckResult.ALLOW;
        }
        Set<String> jsapiList = permissionModel.getJsapiList();
        if (jsapiList != null && jsapiList.size() > 0) {
            Iterator<String> it = jsapiList.iterator();
            while (it.hasNext()) {
                if (it.next().equalsIgnoreCase(permission.authority())) {
                    RVLogger.d(TAG, "permission is allowed by plugin \t " + permission.authority());
                    return ApiPermissionCheckResult.ALLOW;
                }
            }
        }
        RVLogger.d(TAG, "permission is disabled by plugin \t " + permission.authority());
        return ApiPermissionCheckResult.DENY;
    }

    private boolean a(Bundle bundle, String str) {
        return ("tyroRequest".equals(str) || "showRemoteDebugPanel".equals(str) || "showRemoteDebugMask".equals(str)) && !AppInfoScene.isDevSource(bundle);
    }

    private boolean a(Page page) {
        if (page == null) {
            return false;
        }
        return page.getEmbedType().isEmbedPage();
    }

    private boolean a(Page page, String str) {
        if (page == null || TextUtils.isEmpty(str)) {
            return false;
        }
        List<String> stringArray = JSONUtils.toStringArray(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_http_domain_blacklist"));
        if (stringArray == null || stringArray.isEmpty()) {
            return false;
        }
        Iterator<String> it = stringArray.iterator();
        while (it.hasNext()) {
            Matcher matcher = Pattern.compile(it.next()).matcher(str);
            if (matcher != null && matcher.matches()) {
                return true;
            }
        }
        return false;
    }

    private boolean a(ApiPermissionInfo apiPermissionInfo, String str, String str2) {
        if (!TextUtils.equals(str2, PermissionConstant.VALID_SUB_RES_MIME_LIST) && !str2.startsWith(PermissionConstant.JS_API_SP_CONFIG) && !TextUtils.equals(str2, PermissionConstant.EVENT_LIST) && !TextUtils.equals(str2, PermissionConstant.HTTP_LINK_SUB_RES_MIME_LIST) && !str2.startsWith(PermissionConstant.WEB_VIEW_CONFIG) && !TextUtils.equals(str2, PermissionConstant.VALID_DOMAIN)) {
            return apiPermissionInfo.getApiLevelList(str2).contains(str);
        }
        List<String> apiLevelList = apiPermissionInfo.getApiLevelList(str2);
        if (apiLevelList != null && !apiLevelList.isEmpty()) {
            Iterator<String> it = apiLevelList.iterator();
            while (it.hasNext()) {
                try {
                } catch (Exception e) {
                    RVLogger.e(TAG, "hasPermission Regex Exception", e);
                }
                if (Pattern.compile(it.next()).matcher(str).find()) {
                    return true;
                }
            }
        }
        return false;
    }

    private boolean a(String str, Page page) {
        if (page == null || page.getStartParams() == null || TextUtils.isEmpty(str)) {
            return false;
        }
        String string = BundleUtils.getString(page.getStartParams(), "MINI-PROGRAM-WEB-VIEW-TAG");
        if (!Boolean.valueOf(BundleUtils.getBoolean(page.getStartParams(), RVParams.isTinyApp, false)).booleanValue() || TextUtils.isEmpty(string)) {
            return false;
        }
        String configWithProcessCache = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("ta_webview_alipays_whitelist", "");
        if (TextUtils.isEmpty(configWithProcessCache)) {
            configWithProcessCache = "none";
        }
        if (DataModelOperation.ALL_SCOPE.equalsIgnoreCase(configWithProcessCache) || page == null) {
            return false;
        }
        try {
            for (String str2 : configWithProcessCache.split(",")) {
                if (string.equalsIgnoreCase(str2)) {
                    RVLogger.d(TAG, "interceptH5EmbedWebViewWithScheme appid in whiteList " + string);
                    return false;
                }
            }
            String decode = UrlUtils.decode(str);
            if (!TextUtils.isEmpty(decode) && decode.contains("scheme=alipays://platformapi/startapp")) {
                return true;
            }
        } catch (Throwable th) {
            RVLogger.e(TAG, "interceptH5EmbedWebViewWithScheme: ", th);
        }
        return false;
    }

    private boolean a(String str, NativeCallContext nativeCallContext, Page page) {
        if (((WorkerStore) page.getData(WorkerStore.class)) == null || NativeCallContext.FROM_WORKER.equals(nativeCallContext.getSource())) {
            return false;
        }
        String pageURI = page.getPageURI();
        String string = BundleUtils.getString(page.getStartParams(), "onlineHost");
        if (TextUtils.isEmpty(pageURI) || TextUtils.isEmpty(string) || !pageURI.startsWith(string)) {
            RVLogger.w(TAG, "hasJsApiPermissionCallFromRender...url is not match.");
            return false;
        }
        JSONArray configJSONArray = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_renderJsapiBList");
        return configJSONArray == null || !configJSONArray.contains(str);
    }

    private boolean a(String str, String str2, String str3, Page page) {
        RVLogger.d(TAG, "hasPermissionOnIframe...url=" + str2);
        return hasPermission(str, str2, str3, page);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean checkEventPermission(String str, String str2, Page page) {
        if (this.bx.containsKey(str)) {
            return hasPermission(str, str2, PermissionConstant.EVENT_LIST, page);
        }
        return true;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult checkJSApi(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, Page page) {
        RVLogger.d(TAG, "checkJSApi,page i新日志##########" + nativeCallContext.getSource());
        if (page == null || page.getApp() == null) {
            RVLogger.d(TAG, "checkJSApi,page is null");
            return ApiPermissionCheckResult.DENY;
        }
        if (a(page.getStartParams(), nativeCallContext.getName())) {
            RVLogger.d(TAG, "deny tyro jsapi when not debug.");
            return ApiPermissionCheckResult.DENY;
        }
        if (page.getApp() != null) {
            if (((IgnorePermissionPoint) ExtensionPoint.as(IgnorePermissionPoint.class).node(page.getApp()).create()).ignoreAppPermission(page.getApp().getAppId())) {
                RVLogger.d(TAG, "checkJSApi,IgnorePermissionPoint ignoreAppPermission");
                return ApiPermissionCheckResult.IGNORE;
            }
            AppModel appModel = (AppModel) page.getApp().getData(AppModel.class);
            if (appModel != null) {
                boolean isDevSource = AppInfoScene.isDevSource(page.getApp().getStartParams());
                String string = JSONUtils.getString(appModel.getExtendInfos(), kg, RVParams.DEFAULT_LONG_PRESSO_LOGIN);
                if (isDevSource && "NO".equalsIgnoreCase(string)) {
                    RVLogger.d(TAG, "checkJSApi, KEY_CHECK_PERMISSION ignoreAppPermission");
                    return ApiPermissionCheckResult.IGNORE;
                }
            }
        }
        String appId = page.getApp().getAppId();
        if (!TextUtils.isEmpty(nativeCallContext.getPluginId())) {
            return a(appId, nativeCallContext.getPluginId(), permission);
        }
        PermissionModel permissionModel = this.by.get(appId);
        if (permission == null || permission == DefaultPermission.ALL || permissionModel == null) {
            RVLogger.d(TAG, String.format("%s not have permission file", appId));
            return ApiPermissionCheckResult.IGNORE;
        }
        TinyAppInnerProxy tinyAppInnerProxy = (TinyAppInnerProxy) RVProxy.get(TinyAppInnerProxy.class);
        if (!TextUtils.isEmpty(nativeCallContext.getPluginId()) && tinyAppInnerProxy != null && page.getApp() != null && tinyAppInnerProxy.isInner(page.getApp())) {
            RVLogger.d(TAG, String.format("%s is innerapp,ignore permission check", appId));
            return ApiPermissionCheckResult.IGNORE;
        }
        if (a(permission.authority(), nativeCallContext, page)) {
            RVLogger.d(TAG, "checkPermission ignored hasJsApiPermissionCallFromRender:\t " + nativeCallContext.getSource());
            return ApiPermissionCheckResult.IGNORE;
        }
        if (a(page)) {
            RVLogger.d(TAG, permission.authority() + " call from webview");
            String appId2 = page.getApp().getAppId();
            String string2 = BundleUtils.getString(page.getStartParams(), "appId");
            EmbedWebViewJsApiPermissionProxy embedWebViewJsApiPermissionProxy = (EmbedWebViewJsApiPermissionProxy) RVProxy.get(EmbedWebViewJsApiPermissionProxy.class);
            if (embedWebViewJsApiPermissionProxy != null) {
                if (embedWebViewJsApiPermissionProxy.shouldInterceptJSApiCall(permission.authority(), page, appId2, string2, nativeCallContext.getParams())) {
                    RVLogger.d(TAG, " EmbedWebViewJsApi interceptJSApiCall\t" + permission.authority());
                    return ApiPermissionCheckResult.DENY;
                }
                RVLogger.d(TAG, " EmbedWebViewJsApi ignore\t" + permission.authority());
                return ApiPermissionCheckResult.IGNORE;
            }
        } else {
            Set<String> jsapiList = permissionModel.getJsapiList();
            if (jsapiList != null && jsapiList.size() > 0) {
                Iterator<String> it = jsapiList.iterator();
                while (it.hasNext()) {
                    if (it.next().equalsIgnoreCase(permission.authority())) {
                        RVLogger.d(TAG, "permison is allowed \t " + permission.authority());
                        return ApiPermissionCheckResult.ALLOW;
                    }
                }
            }
        }
        RVLogger.d(TAG, " checkJSAPI deny \t" + permission.authority());
        return ApiPermissionCheckResult.DENY;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean checkSPJSApi(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, Page page) {
        ApiPermissionInfo apiPermissionInfo;
        Uri parseUrl;
        String appId = page.getApp().getAppId();
        String authority = permission.authority();
        boolean z = false;
        if (TextUtils.isEmpty(nativeCallContext.getPluginId())) {
            apiPermissionInfo = this.bx.get(appId);
        } else {
            z = true;
            apiPermissionInfo = this.bA.get(appId) == null ? null : this.bA.get(appId).get(nativeCallContext.getPluginId());
            RVLogger.debug(TAG, "get ApiPermissionInfo from pluginId" + nativeCallContext.getPluginId());
        }
        if (apiPermissionInfo == null) {
            return true;
        }
        String str = "JSAPI_SP_Config_" + authority;
        List<String> apiLevelList = apiPermissionInfo.getApiLevelList(str);
        if (TextUtils.equals(authority, PermissionConstant.HTTPREQUET) || TextUtils.equals(authority, "uploadFile") || TextUtils.equals(authority, "request")) {
            String string = JSONUtils.getString(nativeCallContext.getParams(), "url");
            Uri parseUrl2 = UrlUtils.parseUrl(string);
            if (parseUrl2 != null) {
                String host = parseUrl2.getHost();
                boolean a = z ? a(apiPermissionInfo, host, "JSAPI_SP_Config_httpRequest_allowedDomain") : hasPermission(appId, host, "JSAPI_SP_Config_httpRequest_allowedDomain", page);
                if (TextUtils.equals(authority, PermissionConstant.HTTPREQUET) || TextUtils.equals(authority, "uploadFile") || TextUtils.equals(authority, "request")) {
                    if (a) {
                        if (!a(page, host)) {
                            return a;
                        }
                        RVLogger.d(TAG, authority + "\t is not allowed, in domain blacklist: " + host + " is not allowed");
                        return false;
                    }
                    boolean isDevSource = AppInfoScene.isDevSource(page.getStartParams());
                    boolean z2 = BundleUtils.getBoolean(page.getStartParams(), PermissionConstant.STARTPARAMS_IGNORE_HTTP_REQUEST_PERMISSION, false);
                    if (!isDevSource || !z2) {
                        return a;
                    }
                    DomainConfigProxy domainConfigProxy = (DomainConfigProxy) RVProxy.get(DomainConfigProxy.class);
                    RVLogger.d(TAG, authority + "\t ignoreHttpReqPermission: ");
                    if (domainConfigProxy == null || domainConfigProxy.isAlipayDomains(string) || domainConfigProxy.isSeriousAliDomains(string) || domainConfigProxy.isAliDomains(string)) {
                        return a;
                    }
                    return true;
                }
            }
        } else if (apiLevelList != null) {
            for (String str2 : apiLevelList) {
                String string2 = JSONUtils.getString(nativeCallContext.getParams(), str2, null);
                if (!TextUtils.isEmpty(string2)) {
                    boolean hasPermission = hasPermission(appId, string2, str + "_" + str2, page);
                    RVLogger.d(TAG, "paramKey: " + str2 + " check content:" + string2 + " allowed:" + hasPermission);
                    if (!hasPermission) {
                        RVLogger.d(TAG, authority + " paramKey: " + str2 + " content: " + string2 + " is not allowed");
                        return false;
                    }
                }
            }
            if (TextUtils.equals(authority, H5Plugin.CommonEvents.H5_START_APP) && (parseUrl = UrlUtils.parseUrl(JSONUtils.getString(JSONUtils.getJSONObject(nativeCallContext.getParams(), "param", null), "url"))) != null) {
                String host2 = parseUrl.getHost();
                boolean hasPermission2 = hasPermission(appId, host2, str + "_url", page);
                if (hasPermission2) {
                    return hasPermission2;
                }
                RVLogger.d(TAG, authority + " host: " + host2 + " is not allowed");
                return hasPermission2;
            }
        }
        return true;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean checkShowPermissionDialog(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, Page page) {
        PermissionModel permissionModel = this.by.get(page.getApp().getAppId());
        if (permission == null || permission == DefaultPermission.ALL || permissionModel == null) {
            RVLogger.d(TAG, "checkShowPermissionDialog permsionModel is null");
            return false;
        }
        TinyAppInnerProxy tinyAppInnerProxy = (TinyAppInnerProxy) RVProxy.get(TinyAppInnerProxy.class);
        if (tinyAppInnerProxy == null || page == null || page.getApp() == null || !tinyAppInnerProxy.isInner(page.getApp())) {
            return this.a.checkShowPermissionDialog(permission, nativeCallContext, bridgeResponseHelper, page);
        }
        RVLogger.d(TAG, "checkShowPermissionDialog isInner ");
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void clearPermissionModel(String str, boolean z) {
        if (this.bx.get(str) != null) {
            this.bx.get(str).clear();
            this.bx.remove(str);
        }
        if (z) {
            this.bz.remove(str);
        }
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public Map<String, Boolean> getAllPermissions(String str, String str2, @Nullable AppModel appModel) {
        if (this.a == null) {
            this.a = new LocalAuthPermissionManager();
        }
        return this.a.a(str2, appModel);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public PermissionModel getPermissionModel(String str) {
        return this.by.get(str);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public List<Permission> getPermissions(String str) {
        Set<String> jsapiList;
        PermissionModel permissionModel = this.by.get(str);
        if (permissionModel == null || (jsapiList = permissionModel.getJsapiList()) == null || jsapiList.size() <= 0) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(jsapiList.size());
        for (String str2 : jsapiList) {
            arrayList.add(new BridgePermission(str2, str2));
        }
        return arrayList;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean hasPermission(String str, String str2, String str3, Page page) {
        RVLogger.d(TAG, "hasPermission " + str + " " + str2 + " " + str3);
        boolean a = a(page);
        if (a) {
            str = page.getApp().getAppId();
        }
        if (a) {
            try {
                if (!(!"0".equals(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfig("ta_canUseWebview", "1")))) {
                    RVLogger.d(TAG, "hasPermission...webview is not supported!");
                    return false;
                }
                if (str3.startsWith(PermissionConstant.VALID_DOMAIN)) {
                    boolean z = BundleUtils.getBoolean(page.getStartParams(), PermissionConstant.STARTPARAMS_IGNORE_EMBED_WEBVIEW_DOMAIN_VERIFY, false);
                    boolean isDevSource = AppInfoScene.isDevSource(page.getStartParams());
                    if (z && isDevSource) {
                        RVLogger.d(TAG, "ignore embed webview domain veriy.");
                        return true;
                    }
                    str3 = "Webview_Config_allowedDomain";
                }
            } catch (Exception e) {
                RVLogger.e(TAG, "hasPermission Exception!", e);
                return true;
            }
        }
        TinyAppInnerProxy tinyAppInnerProxy = (TinyAppInnerProxy) RVProxy.get(TinyAppInnerProxy.class);
        if (tinyAppInnerProxy != null && page != null && page.getApp() != null && tinyAppInnerProxy.isInner(page.getApp())) {
            return true;
        }
        if (!TextUtils.isEmpty(this.kh)) {
            JSONObject parseObject = JSONUtils.parseObject(this.kh);
            JSONObject jSONObject = JSONUtils.getJSONObject(parseObject, str, null);
            if (jSONObject == null || jSONObject.isEmpty()) {
                if ("yes".equalsIgnoreCase(JSONUtils.getString(parseObject, str3))) {
                    return true;
                }
            } else if ("yes".equalsIgnoreCase(JSONUtils.getString(jSONObject, str3))) {
                return true;
            }
        }
        ApiPermissionInfo apiPermissionInfo = (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || TextUtils.isEmpty(str3) || this.bx == null || this.bx.get(str) == null || this.bx.get(str).getApiLevelList(str3) == null || this.bx.get(str).getApiLevelList(str3).isEmpty()) ? null : this.bx.get(str);
        return apiPermissionInfo == null ? str3.startsWith(PermissionConstant.JS_API_SP_CONFIG) : a(apiPermissionInfo, str2, str3);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean hasPermissionModel(String str, Page page) {
        if (TextUtils.isEmpty(str)) {
            if (!a(page)) {
                return false;
            }
            str = page.getApp().getAppId();
        }
        return this.by.containsKey(str);
    }

    public boolean hasPermissionOnScheme(String str, Page page) {
        boolean hasPermission;
        Uri parseUrl;
        if (!a(page)) {
            return true;
        }
        String appId = page.getApp().getAppId();
        if (TextUtils.isEmpty(str)) {
            return true;
        }
        Iterator<String> it = am.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return true;
            }
        }
        try {
            if (!"1".equals(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfig("ta_close_webviewSchemaWhiteList", "0")) && !TextUtils.isEmpty(str) && (str.startsWith("alipays://platformapi/startapp") || str.startsWith("alipays://platformapi/startApp") || str.startsWith("alipay://platformapi/startapp") || str.startsWith("alipay://platformapi/startApp"))) {
                Uri parse = Uri.parse(str);
                String queryParameter = parse.getQueryParameter("appId");
                if (this.bx != null && hasPermission(appId, H5Plugin.CommonEvents.H5_START_APP, PermissionConstant.JS_API_LIST, page) && (hasPermission = hasPermission(appId, queryParameter, "JSAPI_SP_Config_startApp_appId", page))) {
                    String queryParameter2 = parse.getQueryParameter("url");
                    return (TextUtils.isEmpty(queryParameter2) || (parseUrl = UrlUtils.parseUrl(queryParameter2)) == null) ? hasPermission : hasPermission(appId, parseUrl.getHost(), "JSAPI_SP_Config_startApp_url", page);
                }
                return false;
            }
        } catch (Throwable th) {
            RVLogger.e(TAG, th);
        }
        if (str.startsWith("http")) {
            return true;
        }
        RVLogger.d(TAG, "hasPermissionOnScheme...non-http url, no permission");
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean interceptSchemeForTiny(String str, Page page) {
        if (str == null) {
            return false;
        }
        if (a(str, page)) {
            return true;
        }
        if (str.startsWith("http") || str.startsWith("javascript") || "no".equalsIgnoreCase(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("h5_interceptSchemeForTiny", "")) || page == null || !hasPermissionModel(BundleUtils.getString(page.getStartParams(), "appId"), page)) {
            return false;
        }
        return hasPermissionOnScheme(str, page) ? false : true;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean interceptUrlForTiny(String str, String str2, Page page, boolean z) {
        Uri parseUrl = UrlUtils.parseUrl(str);
        String str3 = "";
        if (parseUrl != null) {
            String scheme = parseUrl.getScheme();
            if (scheme != null && am.contains(scheme.toLowerCase())) {
                return false;
            }
            str3 = parseUrl.getHost();
        }
        if (TextUtils.isEmpty(str2)) {
            if (!a(page)) {
                return false;
            }
            str2 = page.getApp().getAppId();
        }
        return this.by.get(str2) != null ? z ? !a(str2, str3, PermissionConstant.VALID_DOMAIN, page) : !hasPermission(str2, str3, PermissionConstant.VALID_DOMAIN, page) : false;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPermissionModel(String str, PermissionModel permissionModel) {
        this.by.put(str, permissionModel);
        this.bx.put(str, AppPermissionUtils.convert2ApiPermissionInfo(permissionModel));
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPermissionState(String str, String str2, String str3, boolean z) {
        if (this.a == null) {
            this.a = new LocalAuthPermissionManager();
        }
        this.a.a(str2, AppPermissionUtils.getAggregationMainAppId(((RVAppInfoManager) RVProxy.get(RVAppInfoManager.class)).getAppModel(AppInfoQuery.make(str2))), str3, z);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPluginPermissionModel(String str, PluginModel pluginModel, PermissionModel permissionModel) {
        RVLogger.d(TAG, "setPluginPermissionModel " + str + " plugin: " + pluginModel.getAppId());
        synchronized (this.bz) {
            Map<String, PermissionModel> map = this.bz.get(str);
            if (map == null) {
                map = new HashMap<>();
                this.bz.put(str, map);
            }
            map.put(pluginModel.getAppId(), permissionModel);
        }
        synchronized (this.bA) {
            Map<String, ApiPermissionInfo> map2 = this.bA.get(str);
            if (map2 == null) {
                map2 = new HashMap<>();
                this.bA.put(str, map2);
            }
            map2.put(pluginModel.getAppId(), AppPermissionUtils.convert2ApiPermissionInfo(permissionModel));
        }
    }

    public boolean shouldInterceptWebViewNaviJsApi(String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            return false;
        }
        for (String str3 : y) {
            if (str2.equals(str3)) {
                return false;
            }
        }
        List<String> stringArray = JSONUtils.toStringArray(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_webviewAppIdWhiteList"));
        if (stringArray != null) {
            Iterator<String> it = stringArray.iterator();
            while (it.hasNext()) {
                if (TextUtils.equals(it.next(), str)) {
                    RVLogger.d(TAG, "shouldInterceptWebViewNaviJsApi...appId in white list:" + str2);
                    return false;
                }
            }
        }
        RVLogger.d(TAG, "shouldInterceptWebViewNaviJsApi...not allowed: " + str2);
        return true;
    }
}
