package com.alibaba.ariver.permission.service;

import android.net.Uri;
import android.os.Bundle;
import android.text.TextUtils;
import com.alibaba.ariver.app.api.App;
import com.alibaba.ariver.app.api.EmbedType;
import com.alibaba.ariver.app.api.Page;
import com.alibaba.ariver.app.api.PermissionUtil;
import com.alibaba.ariver.app.api.model.AppConfigModel;
import com.alibaba.ariver.app.api.monitor.RVMonitor;
import com.alibaba.ariver.app.api.service.TinyAppInnerProxy;
import com.alibaba.ariver.engine.api.bridge.BridgeResponseHelper;
import com.alibaba.ariver.engine.api.bridge.model.NativeCallContext;
import com.alibaba.ariver.engine.api.model.WorkerStore;
import com.alibaba.ariver.kernel.RVConstants;
import com.alibaba.ariver.kernel.RVParams;
import com.alibaba.ariver.kernel.api.extension.bridge.BridgePermission;
import com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult;
import com.alibaba.ariver.kernel.api.security.DefaultPermission;
import com.alibaba.ariver.kernel.api.security.Permission;
import com.alibaba.ariver.kernel.common.RVProxy;
import com.alibaba.ariver.kernel.common.multiinstance.InstanceType;
import com.alibaba.ariver.kernel.common.service.RVConfigService;
import com.alibaba.ariver.kernel.common.service.RVEnvironmentService;
import com.alibaba.ariver.kernel.common.utils.BundleUtils;
import com.alibaba.ariver.kernel.common.utils.CollectionUtils;
import com.alibaba.ariver.kernel.common.utils.JSONUtils;
import com.alibaba.ariver.kernel.common.utils.PatternUtils;
import com.alibaba.ariver.kernel.common.utils.RVLogger;
import com.alibaba.ariver.kernel.common.utils.UrlUtils;
import com.alibaba.ariver.permission.AppPermissionUtils;
import com.alibaba.ariver.permission.PermissionConstant;
import com.alibaba.ariver.permission.api.proxy.AuthenticationProxy;
import com.alibaba.ariver.permission.api.proxy.DomainConfigProxy;
import com.alibaba.ariver.permission.api.proxy.EmbedWebViewJsApiPermissionProxy;
import com.alibaba.ariver.permission.model.ApiPermissionInfo;
import com.alibaba.ariver.remotedebug.RDConstant;
import com.alibaba.ariver.remotedebug.utils.TinyAppLogUtil;
import com.alibaba.ariver.resource.api.models.AppInfoQuery;
import com.alibaba.ariver.resource.api.models.AppInfoScene;
import com.alibaba.ariver.resource.api.models.AppModel;
import com.alibaba.ariver.resource.api.models.PermissionModel;
import com.alibaba.ariver.resource.api.models.PluginModel;
import com.alibaba.ariver.resource.api.proxy.RVAppInfoManager;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.alipay.mobile.security.bio.api.BioDetector;
import com.iap.ac.android.container.js.plugin.ACContainerJSPlugin;
import id.dana.data.socialshare.ShareAppKey;
import id.dana.sendmoney.summary.SummaryActivity;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: classes5.dex */
public class DefaultAuthenticationProxyImpl implements AuthenticationProxy {
    public static final String SCAN_APP_ID = "10000007";
    private static final List<String> SCHEMA_WHITE_LIST;
    private static String TAG;
    private static final String[] WEBVIEW_NAVI_API_LIST = {"navigateTo", "navigateBack", "switchTab", "reLaunch", "redirectTo", "getCurrentLocation", "getLocation", "webViewShare"};
    private static List<String> WHITE_JSAPI_LIST;
    private JSONArray mTinyUrlWhiteList;
    private final Map<String, Integer> referCount = new ConcurrentHashMap();
    private final Map<String, Map<String, PermissionModel>> pluginPermissionModelMap = new ConcurrentHashMap();
    private final Map<String, Map<String, ApiPermissionInfo>> pluginApiInfoMap = new ConcurrentHashMap();
    private Map<String, ApiPermissionInfo> apiInfoMap = new ConcurrentHashMap();
    private Map<String, PermissionModel> permissionModelMap = new ConcurrentHashMap();
    private LocalAuthPermissionManager bizPermissionManager = new LocalAuthPermissionManager();
    private JSONArray mJsApiWhiteList = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("h5_white_jsapiList");

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.alibaba.ariver.permission.service.DefaultAuthenticationProxyImpl$2, reason: invalid class name */
    /* loaded from: classes5.dex */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$com$alibaba$ariver$resource$api$models$AppInfoScene;

        static {
            int[] iArr = new int[AppInfoScene.values().length];
            $SwitchMap$com$alibaba$ariver$resource$api$models$AppInfoScene = iArr;
            try {
                iArr[AppInfoScene.DEBUG.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$alibaba$ariver$resource$api$models$AppInfoScene[AppInfoScene.INSPECT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    static {
        ArrayList arrayList = new ArrayList();
        SCHEMA_WHITE_LIST = arrayList;
        TAG = "AriverPermission:DefaultAuthenticationProxyImpl";
        ArrayList arrayList2 = new ArrayList();
        WHITE_JSAPI_LIST = arrayList2;
        arrayList2.add(ACContainerJSPlugin.SHOW_NETWORK_CHECK_ACTIVITY);
        WHITE_JSAPI_LIST.add("showUCFailDialog");
        WHITE_JSAPI_LIST.add("setKeyboardType");
        WHITE_JSAPI_LIST.add("monitorH5Performance");
        WHITE_JSAPI_LIST.add("getStartupParams");
        WHITE_JSAPI_LIST.add("inputBlurEvent");
        WHITE_JSAPI_LIST.add("hideCustomKeyBoard");
        WHITE_JSAPI_LIST.add("hideCustomInputMethod4NativeInput");
        WHITE_JSAPI_LIST.add("updateNativeKeyBoardInput");
        WHITE_JSAPI_LIST.add("setInputTextChanged");
        WHITE_JSAPI_LIST.add(TinyAppLogUtil.TINY_APP_STANDARD_LOG);
        WHITE_JSAPI_LIST.add(RDConstant.TINY_DEBUG_CONSOLE);
        WHITE_JSAPI_LIST.add("needShowAuthSettingEntry");
        WHITE_JSAPI_LIST.add("getDebugPerformance");
        arrayList.add("tel");
        arrayList.add("mailto");
        arrayList.add(ShareAppKey.SMS);
        arrayList.add(BioDetector.EXT_KEY_GEO);
    }

    public DefaultAuthenticationProxyImpl() {
        JSONArray configJSONArray = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("h5_tinyapp_url_whitelist");
        this.mTinyUrlWhiteList = configJSONArray;
        if (configJSONArray == null) {
            this.mTinyUrlWhiteList = new JSONArray();
        }
        this.mTinyUrlWhiteList.add("https://render.alipay.com/p/c/");
    }

    private void attachInner(String str) {
        if (!this.referCount.containsKey(str)) {
            this.referCount.put(str, 1);
        } else {
            Map<String, Integer> map = this.referCount;
            map.put(str, Integer.valueOf(map.get(str).intValue() + 1));
        }
    }

    private boolean callFromWebView(Page page) {
        if (page == null) {
            return false;
        }
        EmbedWebViewJsApiPermissionProxy embedWebViewJsApiPermissionProxy = (EmbedWebViewJsApiPermissionProxy) RVProxy.get(EmbedWebViewJsApiPermissionProxy.class);
        return embedWebViewJsApiPermissionProxy != null ? embedWebViewJsApiPermissionProxy.callFromWebView(page) : page.getEmbedType().isEmbedPage();
    }

    private boolean callFromWebViewWithContext(NativeCallContext nativeCallContext, Page page) {
        if (NativeCallContext.FROM_WORKER.equals(nativeCallContext.getSource())) {
            return false;
        }
        return callFromWebView(page);
    }

    private ApiPermissionCheckResult checkForPlugin(String str, String str2, Permission permission) {
        Map<String, PermissionModel> map = this.pluginPermissionModelMap.get(str);
        if (map == null || !map.containsKey(str2)) {
            RVLogger.d(TAG, String.format("plugin %s not have permission field, just ignore", str2));
            return ApiPermissionCheckResult.IGNORE;
        }
        PermissionModel permissionModel = map.get(str2);
        if (permissionModel == null) {
            String str3 = TAG;
            StringBuilder sb = new StringBuilder();
            sb.append("permission is enabled by no permission file! ");
            sb.append(permission.authority());
            RVLogger.d(str3, sb.toString());
            return ApiPermissionCheckResult.ALLOW;
        }
        Set<String> jsapiList = permissionModel.getJsapiList();
        if (jsapiList != null && jsapiList.size() > 0) {
            Iterator<String> it = jsapiList.iterator();
            while (it.hasNext()) {
                if (it.next().equalsIgnoreCase(permission.authority())) {
                    String str4 = TAG;
                    StringBuilder sb2 = new StringBuilder();
                    sb2.append("permission is allowed by plugin \t ");
                    sb2.append(permission.authority());
                    RVLogger.d(str4, sb2.toString());
                    return ApiPermissionCheckResult.ALLOW;
                }
            }
        }
        String str5 = TAG;
        StringBuilder sb3 = new StringBuilder();
        sb3.append("plugin_forbidden:permission is disabled by plugin \t ");
        sb3.append(permission.authority());
        RVLogger.d(str5, sb3.toString());
        return ApiPermissionCheckResult.DENY_N22103;
    }

    private boolean denyTyroJSAPIWhenNotDebug(Bundle bundle, String str) {
        if (!"tyroRequest".equals(str) && !"showRemoteDebugPanel".equals(str) && !"showRemoteDebugMask".equals(str)) {
            return false;
        }
        int i = AnonymousClass2.$SwitchMap$com$alibaba$ariver$resource$api$models$AppInfoScene[AppInfoScene.extractScene(bundle).ordinal()];
        return (i == 1 || i == 2) ? false : true;
    }

    private boolean detachInner(String str) {
        if (this.referCount.containsKey(str)) {
            int intValue = this.referCount.get(str).intValue() - 1;
            this.referCount.put(str, Integer.valueOf(intValue));
            boolean z = intValue == 0;
            if (z) {
                this.referCount.remove(str);
            }
            return z;
        }
        String str2 = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("cannot detach ");
        sb.append(str);
        sb.append(" because it not attached!");
        RVLogger.w(str2, sb.toString());
        return true;
    }

    private boolean domainWildcardsCheck(String str, List<String> list) {
        String replaceWildcardChar;
        if (list == null || list.isEmpty()) {
            return false;
        }
        for (String str2 : list) {
            if (str2 != null) {
                try {
                    if (!str2.trim().isEmpty() && (replaceWildcardChar = replaceWildcardChar(str2.trim())) != null) {
                        if (replaceWildcardChar.length() == 0 || TextUtils.equals(replaceWildcardChar, str)) {
                            return true;
                        }
                        StringBuilder sb = new StringBuilder();
                        sb.append(".");
                        sb.append(replaceWildcardChar);
                        if (str.endsWith(sb.toString())) {
                            return true;
                        }
                    }
                } catch (Exception e) {
                    RVLogger.e(TAG, "hasPermission Regex Exception", e);
                }
            }
        }
        return false;
    }

    private boolean hasJsApiPermissionCallFromRender(NativeCallContext nativeCallContext, Page page) {
        if (((WorkerStore) page.getData(WorkerStore.class)) == null || NativeCallContext.FROM_WORKER.equals(nativeCallContext.getSource())) {
            return false;
        }
        String originalURI = page.getEmbedType() == EmbedType.SHARE ? page.getOriginalURI() : page.getPageURI();
        String string = BundleUtils.getString(page.getStartParams(), "onlineHost");
        if (!TextUtils.isEmpty(originalURI) && !TextUtils.isEmpty(string) && originalURI.startsWith(string)) {
            JSONArray configJSONArray = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_renderJsapiBList");
            return configJSONArray == null || !configJSONArray.contains(nativeCallContext.getName());
        }
        String str = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("checkJsApiFormRender, pageEmbedType:");
        sb.append(page.getEmbedType());
        sb.append(" url: ");
        if (TextUtils.isEmpty(originalURI)) {
            originalURI = "";
        }
        sb.append(originalURI);
        sb.append(" onlineHost: ");
        if (TextUtils.isEmpty(string)) {
            string = "";
        }
        sb.append(string);
        RVLogger.d(str, sb.toString());
        return false;
    }

    private ApiPermissionCheckResult hasPermission(String str, ApiPermissionInfo apiPermissionInfo, String str2, String str3) {
        if (TextUtils.equals(str3, PermissionConstant.VALID_SUB_RES_MIME_LIST) || str3.startsWith(PermissionConstant.JS_API_SP_CONFIG) || TextUtils.equals(str3, PermissionConstant.EVENT_LIST) || TextUtils.equals(str3, PermissionConstant.HTTP_LINK_SUB_RES_MIME_LIST) || TextUtils.equals(str3, PermissionConstant.VALID_DOMAIN)) {
            if (regexpCheck(str2, apiPermissionInfo.getApiLevelList(str3))) {
                return ApiPermissionCheckResult.IGNORE;
            }
            String str4 = TAG;
            StringBuilder sb = new StringBuilder();
            sb.append("jsapi_sp_forbidden:");
            sb.append(str3);
            sb.append(" not have permssion ,not match regex");
            RVLogger.d(str4, sb.toString());
            return TextUtils.equals(str3, PermissionConstant.VALID_SUB_RES_MIME_LIST) ? ApiPermissionCheckResult.DENY_N22105 : str3.startsWith(PermissionConstant.JS_API_SP_CONFIG) ? ApiPermissionCheckResult.DENY_N22106 : TextUtils.equals(str3, PermissionConstant.EVENT_LIST) ? ApiPermissionCheckResult.DENY_N22107 : TextUtils.equals(str3, PermissionConstant.HTTP_LINK_SUB_RES_MIME_LIST) ? ApiPermissionCheckResult.DENY_N22108 : TextUtils.equals(str3, PermissionConstant.VALID_DOMAIN) ? ApiPermissionCheckResult.DENY_N22110 : ApiPermissionCheckResult.DENY;
        }
        if (str3.startsWith(PermissionConstant.WEB_VIEW_CONFIG)) {
            List<String> apiLevelList = apiPermissionInfo.getApiLevelList(str3);
            if (isDomainWildcardOpen()) {
                if (domainWildcardsCheck(str2, apiLevelList)) {
                    return ApiPermissionCheckResult.IGNORE;
                }
            } else if (regexpCheck(str2, apiLevelList)) {
                return ApiPermissionCheckResult.IGNORE;
            }
            return ApiPermissionCheckResult.DENY_N22109;
        }
        boolean contains = apiPermissionInfo.getApiLevelList(str3).contains(str2);
        if (!contains) {
            String str5 = TAG;
            StringBuilder sb2 = new StringBuilder();
            sb2.append("jsapi_sp_forbidden:");
            sb2.append(str3);
            sb2.append(" not have permssion");
            RVLogger.d(str5, sb2.toString());
        }
        return contains ? ApiPermissionCheckResult.IGNORE : ApiPermissionCheckResult.DENY_N22104;
    }

    private ApiPermissionCheckResult hasPermissionOnIframe(String str, String str2, String str3, Page page) {
        String str4 = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("hasPermissionOnIframe...url=");
        sb.append(str2);
        RVLogger.d(str4, sb.toString());
        return hasPermission(str, str2, str3, page);
    }

    private ApiPermissionCheckResult interceptH5EmbedWebViewWithScheme(String str, Page page) {
        if (page == null || page.getStartParams() == null || TextUtils.isEmpty(str)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        String string = BundleUtils.getString(page.getStartParams(), "MINI-PROGRAM-WEB-VIEW-TAG");
        if (!BundleUtils.getBoolean(page.getStartParams(), RVParams.isTinyApp, false) || TextUtils.isEmpty(string)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        String configWithProcessCache = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("ta_webview_alipays_whitelist", "");
        if (TextUtils.isEmpty(configWithProcessCache)) {
            configWithProcessCache = "none";
        }
        if ("all".equalsIgnoreCase(configWithProcessCache) || page == null) {
            return ApiPermissionCheckResult.IGNORE;
        }
        try {
            for (String str2 : configWithProcessCache.split(",")) {
                if (string.equalsIgnoreCase(str2)) {
                    String str3 = TAG;
                    StringBuilder sb = new StringBuilder();
                    sb.append("interceptH5EmbedWebViewWithScheme appid in whiteList ");
                    sb.append(string);
                    RVLogger.d(str3, sb.toString());
                    return ApiPermissionCheckResult.IGNORE;
                }
            }
            String decode = UrlUtils.decode(str);
            if (!TextUtils.isEmpty(decode) && decode.contains("scheme=alipays://platformapi/startapp")) {
                RVLogger.d(TAG, "start_app_forbidden:url contain alipay schema");
                return ApiPermissionCheckResult.DENY_N22206;
            }
        } catch (Throwable th) {
            RVLogger.e(TAG, "interceptH5EmbedWebViewWithScheme: ", th);
        }
        return ApiPermissionCheckResult.IGNORE;
    }

    private boolean isDomainInBackList(Page page, String str) {
        List<String> stringArray;
        if (page == null || TextUtils.isEmpty(str) || (stringArray = JSONUtils.toStringArray(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_http_domain_blacklist"))) == null || stringArray.isEmpty()) {
            return false;
        }
        Iterator<String> it = stringArray.iterator();
        while (it.hasNext()) {
            Matcher matcher = Pattern.compile(it.next()).matcher(str);
            if (matcher != null && matcher.matches()) {
                return true;
            }
        }
        return false;
    }

    private boolean isDomainWildcardOpen() {
        return "yes".equals(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfig("ss_webview_allow_domain_by_wildcard", "no"));
    }

    private void logScanJump(String str, String str2, Uri uri) {
        HashMap hashMap = new HashMap();
        hashMap.put("appId", str);
        hashMap.put("targetAppId", str2);
        hashMap.put("uri", uri);
        ((RVMonitor) RVProxy.get(RVMonitor.class)).logNebulaTech("H5_SCAN_OUTER_JUMP_ILLEGAL", null, null, null, hashMap);
    }

    private boolean regexpCheck(String str, List<String> list) {
        if (list == null || list.isEmpty()) {
            return false;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
            } catch (Exception e) {
                RVLogger.e(TAG, "hasPermission Regex Exception", e);
            }
            if (PatternUtils.compile(it.next().trim()).matcher(str).find()) {
                return true;
            }
        }
        return false;
    }

    private String replaceWildcardChar(String str) {
        if (str == null || str.isEmpty()) {
            return str;
        }
        int length = str.length();
        int i = 0;
        while (i < length && (str.charAt(i) == '.' || str.charAt(i) == '*')) {
            i++;
        }
        return i > 0 ? str.substring(i) : str;
    }

    private boolean scanOuterJumpIntercept(String str, String str2, Uri uri, Page page) {
        if (!TextUtils.equals(str2, "10000007")) {
            return false;
        }
        String config = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfig("ta_scan_outer_jump_intercept", "0");
        if (!TextUtils.equals("1", config) && !TextUtils.equals("2", config)) {
            return false;
        }
        String str3 = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("open scan app , now start check qrcode params,uri=");
        sb.append(uri);
        RVLogger.d(str3, sb.toString());
        String queryParameter = uri != null ? uri.getQueryParameter("qrcode") : null;
        if (TextUtils.isEmpty(queryParameter) || UrlUtils.parseUrl(queryParameter) == null) {
            return false;
        }
        if (TextUtils.equals("1", config)) {
            String str4 = TAG;
            StringBuilder sb2 = new StringBuilder();
            sb2.append(" this scan outer jump is illegal , but just record. target uri=");
            sb2.append(uri);
            RVLogger.d(str4, sb2.toString());
            logScanJump(str, str2, uri);
        } else if (TextUtils.equals("2", config)) {
            String str5 = TAG;
            StringBuilder sb3 = new StringBuilder();
            sb3.append("start_app_forbidden: not have startApp: qrcode ");
            sb3.append(queryParameter);
            RVLogger.d(str5, sb3.toString());
            logScanJump(str, str2, uri);
            return true;
        }
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult checkEventPermission(String str, String str2, Page page) {
        return !this.apiInfoMap.containsKey(str) ? ApiPermissionCheckResult.IGNORE : hasPermission(str, str2, PermissionConstant.EVENT_LIST, page);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult checkJSApi(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, App app, Page page) {
        String str = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("checkJSApi ");
        sb.append(nativeCallContext.getName());
        sb.append(" source: ");
        sb.append(nativeCallContext.getSource());
        RVLogger.d(str, sb.toString());
        if (page == null && app == null) {
            RVLogger.d(TAG, "checkJSApi,page is null");
            return ApiPermissionCheckResult.DENY_N22101;
        }
        if (denyTyroJSAPIWhenNotDebug(app.getStartParams(), nativeCallContext.getName())) {
            return ApiPermissionCheckResult.DENY_N22102;
        }
        String appId = app.getAppId();
        JSONArray jSONArray = this.mJsApiWhiteList;
        if (jSONArray != null && jSONArray.contains(permission.authority())) {
            return ApiPermissionCheckResult.IGNORE;
        }
        if (!TextUtils.isEmpty(nativeCallContext.getPluginId())) {
            if (!"yes".equalsIgnoreCase(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("h5_checkAppxDomain", "yes"))) {
                return checkForPlugin(appId, nativeCallContext.getPluginId(), permission);
            }
            AppConfigModel appConfigModel = (AppConfigModel) app.getData(AppConfigModel.class);
            AppModel appModel = (AppModel) app.getData(AppModel.class);
            if (!(appModel == null || appModel.getAppInfoModel() == null || appModel.getAppInfoModel().getPlugins() == null || appModel.getAppInfoModel().getPlugins().size() <= 0) || (appConfigModel != null && SummaryActivity.CHECKED.equalsIgnoreCase(appConfigModel.getUseDynamicPlugins()))) {
                RVLogger.d(TAG, "checkForPlugin because use plugins");
                return checkForPlugin(appId, nativeCallContext.getPluginId(), permission);
            }
        }
        boolean callFromWebViewWithContext = callFromWebViewWithContext(nativeCallContext, page);
        boolean callFromPageNotVhostAndNoWorker = AppPermissionUtils.callFromPageNotVhostAndNoWorker(page);
        if (callFromWebViewWithContext || (callFromPageNotVhostAndNoWorker && AppPermissionUtils.forceInnerWebViewPushWindowPageCheck())) {
            String str2 = TAG;
            StringBuilder sb2 = new StringBuilder();
            sb2.append(permission.authority());
            sb2.append(" call from webview ?");
            sb2.append(callFromWebViewWithContext);
            sb2.append(", callFromPageNotVhostAndNoWorker?");
            sb2.append(callFromPageNotVhostAndNoWorker);
            RVLogger.d(str2, sb2.toString());
            String appId2 = page.getApp().getAppId();
            String string = BundleUtils.getString(page.getStartParams(), "appId");
            EmbedWebViewJsApiPermissionProxy embedWebViewJsApiPermissionProxy = (EmbedWebViewJsApiPermissionProxy) RVProxy.get(EmbedWebViewJsApiPermissionProxy.class);
            if (embedWebViewJsApiPermissionProxy != null) {
                if (embedWebViewJsApiPermissionProxy.shouldInterceptJSApiCall(permission.authority(), page, appId2, string, nativeCallContext.getParams())) {
                    String str3 = TAG;
                    StringBuilder sb3 = new StringBuilder();
                    sb3.append("embedwebviewjsapi_forbidden:EmbedWebViewJsApi interceptJSApiCall\t");
                    sb3.append(permission.authority());
                    RVLogger.d(str3, sb3.toString());
                    return ApiPermissionCheckResult.DENY_N22201;
                }
                String str4 = TAG;
                StringBuilder sb4 = new StringBuilder();
                sb4.append(" EmbedWebViewJsApi ignore\t");
                sb4.append(permission.authority());
                RVLogger.d(str4, sb4.toString());
                return ApiPermissionCheckResult.IGNORE;
            }
            appId = appId2;
        }
        if (page != null && hasJsApiPermissionCallFromRender(nativeCallContext, page)) {
            HashMap hashMap = new HashMap();
            hashMap.put("appId", page.getApp().getAppId());
            hashMap.put("action", nativeCallContext.getName());
            hashMap.put("url", page.getPageURI());
            ((RVMonitor) RVProxy.get(RVMonitor.class)).logNebulaTech("H5_JSAPI_CALL_FROM_RENDER", null, null, null, hashMap);
            if (interceptForRender(nativeCallContext.getName())) {
                String str5 = TAG;
                StringBuilder sb5 = new StringBuilder();
                sb5.append("setPermission...api from render,safety not has permission ");
                sb5.append(nativeCallContext.getName());
                RVLogger.d(str5, sb5.toString());
                return ApiPermissionCheckResult.DENY_N22209;
            }
            String str6 = TAG;
            StringBuilder sb6 = new StringBuilder();
            sb6.append("commonCheckIgnorePermission IGNORE by hasJsApiPermissionCallFromRender ");
            sb6.append(nativeCallContext.getName());
            RVLogger.d(str6, sb6.toString());
            return ApiPermissionCheckResult.IGNORE;
        }
        PermissionModel permissionModel = this.permissionModelMap.get(appId);
        if (permission == null || permission == DefaultPermission.ALL || permissionModel == null) {
            RVLogger.d(TAG, String.format("%s not have permission file", appId));
            return ApiPermissionCheckResult.IGNORE;
        }
        if (WHITE_JSAPI_LIST.contains(permission.authority()) || ("sendMtop".equalsIgnoreCase(nativeCallContext.getName()) && page.getInstanceType() == InstanceType.TAOBAO)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        Set<String> jsapiList = permissionModel.getJsapiList();
        if (jsapiList != null && jsapiList.size() > 0) {
            Iterator<String> it = jsapiList.iterator();
            while (it.hasNext()) {
                if (it.next().equalsIgnoreCase(permission.authority())) {
                    String str7 = TAG;
                    StringBuilder sb7 = new StringBuilder();
                    sb7.append("permison is allowed \t ");
                    sb7.append(permission.authority());
                    RVLogger.d(str7, sb7.toString());
                    return ApiPermissionCheckResult.ALLOW;
                }
            }
        }
        String str8 = TAG;
        StringBuilder sb8 = new StringBuilder();
        sb8.append("jsapi_forbidden:checkJSAPI deny \t");
        sb8.append(permission.authority());
        RVLogger.d(str8, sb8.toString());
        return ApiPermissionCheckResult.DENY_N22104;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult checkSPJSApi(Permission permission, NativeCallContext nativeCallContext, BridgeResponseHelper bridgeResponseHelper, App app, Page page) {
        ApiPermissionInfo apiPermissionInfo;
        boolean z;
        Uri parseUrl;
        ApiPermissionCheckResult hasPermission;
        ApiPermissionCheckResult hasPermission2;
        if (app == null) {
            return ApiPermissionCheckResult.DENY_N22207;
        }
        String appId = app.getAppId();
        String authority = permission.authority();
        if (TextUtils.isEmpty(nativeCallContext.getPluginId())) {
            apiPermissionInfo = this.apiInfoMap.get(appId);
            z = false;
        } else {
            apiPermissionInfo = this.pluginApiInfoMap.get(appId) == null ? null : this.pluginApiInfoMap.get(appId).get(nativeCallContext.getPluginId());
            String str = TAG;
            StringBuilder sb = new StringBuilder();
            sb.append("get ApiPermissionInfo from pluginId");
            sb.append(nativeCallContext.getPluginId());
            RVLogger.debug(str, sb.toString());
            z = true;
        }
        if (apiPermissionInfo == null) {
            return ApiPermissionCheckResult.IGNORE;
        }
        StringBuilder sb2 = new StringBuilder();
        sb2.append("JSAPI_SP_Config_");
        sb2.append(authority);
        String obj = sb2.toString();
        List<String> apiLevelList = apiPermissionInfo.getApiLevelList(obj);
        if (TextUtils.equals(authority, PermissionConstant.HTTPREQUET) || TextUtils.equals(authority, PermissionConstant.UPLOAD_FILE) || TextUtils.equals(authority, "request")) {
            String string = JSONUtils.getString(nativeCallContext.getParams(), "url");
            Uri parseUrl2 = UrlUtils.parseUrl(string);
            if (parseUrl2 != null) {
                String host = parseUrl2.getHost();
                ApiPermissionCheckResult hasPermission3 = z ? hasPermission(appId, apiPermissionInfo, host, "JSAPI_SP_Config_httpRequest_allowedDomain") : hasPermission(appId, host, "JSAPI_SP_Config_httpRequest_allowedDomain", page);
                if (hasPermission3 != ApiPermissionCheckResult.IGNORE) {
                    String str2 = TAG;
                    StringBuilder sb3 = new StringBuilder();
                    sb3.append("jsapi_sp_forbidden:");
                    sb3.append(authority);
                    sb3.append("\t is not allowed, in _allowedDomain: ");
                    sb3.append(host);
                    RVLogger.d(str2, sb3.toString());
                }
                if (TextUtils.equals(authority, PermissionConstant.HTTPREQUET) || TextUtils.equals(authority, PermissionConstant.UPLOAD_FILE) || TextUtils.equals(authority, "request")) {
                    if (hasPermission3 == ApiPermissionCheckResult.IGNORE) {
                        if (!isDomainInBackList(page, host)) {
                            return hasPermission3;
                        }
                        String str3 = TAG;
                        StringBuilder sb4 = new StringBuilder();
                        sb4.append("jsapi_sp_forbidden:");
                        sb4.append(authority);
                        sb4.append("\t is not allowed, in domain blacklist: ");
                        sb4.append(host);
                        sb4.append(" is not allowed");
                        RVLogger.d(str3, sb4.toString());
                        return ApiPermissionCheckResult.DENY_N22111;
                    }
                    boolean isDevSource = AppInfoScene.isDevSource(app.getStartParams());
                    boolean z2 = BundleUtils.getBoolean(app.getStartParams(), PermissionConstant.STARTPARAMS_IGNORE_HTTP_REQUEST_PERMISSION, false);
                    if (!isDevSource || !z2) {
                        return hasPermission3;
                    }
                    DomainConfigProxy domainConfigProxy = (DomainConfigProxy) RVProxy.get(DomainConfigProxy.class);
                    String str4 = TAG;
                    StringBuilder sb5 = new StringBuilder();
                    sb5.append(authority);
                    sb5.append("\t ignoreHttpReqPermission: ");
                    RVLogger.d(str4, sb5.toString());
                    return (domainConfigProxy == null || domainConfigProxy.isAlipayDomains(string) || domainConfigProxy.isSeriousAliDomains(string) || domainConfigProxy.isAliDomains(string)) ? hasPermission3 : ApiPermissionCheckResult.IGNORE;
                }
            }
        } else if (apiLevelList != null) {
            for (String str5 : apiLevelList) {
                String string2 = JSONUtils.getString(nativeCallContext.getParams(), str5, null);
                if (!TextUtils.isEmpty(string2)) {
                    if (z) {
                        StringBuilder sb6 = new StringBuilder();
                        sb6.append(obj);
                        sb6.append("_");
                        sb6.append(str5);
                        hasPermission2 = hasPermission(appId, apiPermissionInfo, string2, sb6.toString());
                    } else {
                        StringBuilder sb7 = new StringBuilder();
                        sb7.append(obj);
                        sb7.append("_");
                        sb7.append(str5);
                        hasPermission2 = hasPermission(appId, string2, sb7.toString(), page);
                    }
                    if (hasPermission2 != ApiPermissionCheckResult.IGNORE) {
                        String str6 = TAG;
                        StringBuilder sb8 = new StringBuilder();
                        sb8.append("jsapi_sp_forbidden:");
                        sb8.append(authority);
                        sb8.append(" paramKey: ");
                        sb8.append(str5);
                        sb8.append(" content: ");
                        sb8.append(string2);
                        sb8.append(" is not allowed");
                        RVLogger.d(str6, sb8.toString());
                        return hasPermission2;
                    }
                }
            }
            if (TextUtils.equals(authority, "startApp") && (parseUrl = UrlUtils.parseUrl(JSONUtils.getString(JSONUtils.getJSONObject(nativeCallContext.getParams(), "param", null), "url"))) != null) {
                String host2 = parseUrl.getHost();
                StringBuilder sb9 = new StringBuilder();
                sb9.append(obj);
                sb9.append("_url");
                String obj2 = sb9.toString();
                if (!z) {
                    hasPermission = hasPermission(appId, host2, obj2, page);
                } else {
                    if (apiPermissionInfo.getApiLevelList(obj2) == null) {
                        return ApiPermissionCheckResult.IGNORE;
                    }
                    hasPermission = hasPermission(appId, apiPermissionInfo, host2, obj2);
                }
                if (hasPermission != ApiPermissionCheckResult.IGNORE) {
                    String str7 = TAG;
                    StringBuilder sb10 = new StringBuilder();
                    sb10.append("jsapi_sp_forbidden:");
                    sb10.append(authority);
                    sb10.append(" host: ");
                    sb10.append(host2);
                    sb10.append(" is not allowed");
                    RVLogger.d(str7, sb10.toString());
                }
                return hasPermission;
            }
        }
        return ApiPermissionCheckResult.IGNORE;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean checkShowPermissionDialog(Permission permission, final NativeCallContext nativeCallContext, final BridgeResponseHelper bridgeResponseHelper, final Page page) {
        return checkShowPermissionDialog(permission, nativeCallContext, new AuthenticationProxy.LocalPermissionCallback() { // from class: com.alibaba.ariver.permission.service.DefaultAuthenticationProxyImpl.1
            @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy.LocalPermissionCallback
            public void onError(int i, String str) {
                bridgeResponseHelper.sendError(i, str);
            }

            @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy.LocalPermissionCallback
            public void onNegative(boolean z) {
                if (z) {
                    bridgeResponseHelper.sendUserNotGrantPermission();
                } else {
                    bridgeResponseHelper.sendSilentDenyPermission();
                }
            }

            @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy.LocalPermissionCallback
            public void onPositive() {
                page.getApp().getEngineProxy().getBridge().sendToNative(nativeCallContext, bridgeResponseHelper.getInnerBridgeResponse(), false);
            }
        }, page);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean checkShowPermissionDialog(Permission permission, NativeCallContext nativeCallContext, AuthenticationProxy.LocalPermissionCallback localPermissionCallback, Page page) {
        JSONObject extendInfos;
        JSONObject jSONObject;
        TinyAppInnerProxy tinyAppInnerProxy = (TinyAppInnerProxy) RVProxy.get(TinyAppInnerProxy.class);
        if (tinyAppInnerProxy == null || page.getApp() == null || !tinyAppInnerProxy.isInner(page.getApp()) || page.getEmbedType().isEmbedPage()) {
            return this.bizPermissionManager.checkShowPermissionDialog(permission, nativeCallContext, localPermissionCallback, page);
        }
        RVLogger.d(TAG, "checkShowPermissionDialog isInner ");
        AppModel appModel = (AppModel) page.getApp().getData(AppModel.class);
        if (appModel == null || (extendInfos = appModel.getExtendInfos()) == null || (jSONObject = JSONUtils.getJSONObject(extendInfos, RVConstants.EXTRA_RES_PARAM_MAP, null)) == null || !PermissionUtil.forceInnerPermissionCheck(jSONObject)) {
            return false;
        }
        RVLogger.d(TAG, "force check permission paramMap checkShowPermissionDialog");
        return this.bizPermissionManager.checkShowPermissionDialog(permission, nativeCallContext, localPermissionCallback, page);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void clearPermissionModel(String str, boolean z) {
        if (detachInner(str)) {
            if (this.permissionModelMap.containsKey(str)) {
                this.permissionModelMap.remove(str);
            }
            if (this.apiInfoMap.get(str) != null) {
                this.apiInfoMap.get(str).clear();
                this.apiInfoMap.remove(str);
            }
            if (z) {
                this.pluginPermissionModelMap.remove(str);
            }
        }
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public Map<String, Boolean> getAllPermissions(String str, String str2, AppModel appModel, Page page) {
        if (this.bizPermissionManager == null) {
            this.bizPermissionManager = new LocalAuthPermissionManager();
        }
        return this.bizPermissionManager.getAllPermissions(str2, appModel, page, this.pluginPermissionModelMap);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public Map<String, Boolean> getAllPermissions(String str, String str2, AppModel appModel, String str3) {
        if (this.bizPermissionManager == null) {
            this.bizPermissionManager = new LocalAuthPermissionManager();
        }
        return this.bizPermissionManager.getAllPermissions(str2, appModel, this.pluginPermissionModelMap, str3);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public String getPermissionByScope(String str, String str2, String str3) {
        if (this.bizPermissionManager == null) {
            this.bizPermissionManager = new LocalAuthPermissionManager();
        }
        String str4 = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("getPermissionByScope appId = ");
        sb.append(str);
        sb.append(", url = ");
        sb.append(str2);
        sb.append(", scope = ");
        sb.append(str3);
        RVLogger.d(str4, sb.toString());
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        return this.bizPermissionManager.getPermissionByScope(str, "20000067".equals(str) ? AppPermissionUtils.getAggregationMainAppIdForH5Page("20000067", str2) : AppPermissionUtils.getAggregationMainAppId(((RVAppInfoManager) RVProxy.get(RVAppInfoManager.class)).getAppModel(AppInfoQuery.make(str))), str3);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public PermissionModel getPermissionModel(String str) {
        return this.permissionModelMap.get(str);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public List<Permission> getPermissions(String str) {
        Set<String> jsapiList;
        PermissionModel permissionModel = this.permissionModelMap.get(str);
        if (permissionModel == null || (jsapiList = permissionModel.getJsapiList()) == null || jsapiList.size() <= 0) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(jsapiList.size());
        for (String str2 : jsapiList) {
            arrayList.add(new BridgePermission(str2, str2));
        }
        return arrayList;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public PermissionModel getPluginPermissionModel(String str, String str2) {
        Map<String, PermissionModel> map = this.pluginPermissionModelMap.get(str);
        if (map != null) {
            return map.get(str2);
        }
        return null;
    }

    /* JADX WARN: Removed duplicated region for block: B:34:0x00e5 A[Catch: Exception -> 0x0111, TryCatch #0 {Exception -> 0x0111, blocks: (B:40:0x0066, B:42:0x006f, B:45:0x0086, B:12:0x0092, B:15:0x009e, B:17:0x00a4, B:19:0x00ae, B:21:0x00b4, B:23:0x00ba, B:25:0x00c0, B:27:0x00c4, B:29:0x00ca, B:32:0x00d9, B:34:0x00e5, B:36:0x00e8), top: B:39:0x0066 }] */
    /* JADX WARN: Removed duplicated region for block: B:36:0x00e8 A[Catch: Exception -> 0x0111, TRY_LEAVE, TryCatch #0 {Exception -> 0x0111, blocks: (B:40:0x0066, B:42:0x006f, B:45:0x0086, B:12:0x0092, B:15:0x009e, B:17:0x00a4, B:19:0x00ae, B:21:0x00b4, B:23:0x00ba, B:25:0x00c0, B:27:0x00c4, B:29:0x00ca, B:32:0x00d9, B:34:0x00e5, B:36:0x00e8), top: B:39:0x0066 }] */
    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult hasPermission(java.lang.String r5, java.lang.String r6, java.lang.String r7, com.alibaba.ariver.app.api.App r8, com.alibaba.ariver.app.api.Page r9) {
        /*
            Method dump skipped, instructions count: 284
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.alibaba.ariver.permission.service.DefaultAuthenticationProxyImpl.hasPermission(java.lang.String, java.lang.String, java.lang.String, com.alibaba.ariver.app.api.App, com.alibaba.ariver.app.api.Page):com.alibaba.ariver.kernel.api.security.ApiPermissionCheckResult");
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult hasPermission(String str, String str2, String str3, Page page) {
        if (page != null && page.getApp() != null) {
            return hasPermission(str, str2, str3, page.getApp(), page);
        }
        RVLogger.d(TAG, "checkJSApi,page is null");
        return ApiPermissionCheckResult.DENY_N22101;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean hasPermissionModel(String str, Page page) {
        if (TextUtils.isEmpty(str)) {
            if (!callFromWebView(page)) {
                return false;
            }
            str = page.getApp().getAppId();
        }
        return this.permissionModelMap.containsKey(str);
    }

    public ApiPermissionCheckResult hasPermissionOnScheme(String str, Page page) {
        Uri parseUrl;
        if (!callFromWebView(page)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        String appId = page.getApp().getAppId();
        if (TextUtils.isEmpty(str)) {
            return ApiPermissionCheckResult.IGNORE;
        }
        Iterator<String> it = SCHEMA_WHITE_LIST.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return ApiPermissionCheckResult.IGNORE;
            }
        }
        try {
            boolean equals = "1".equals(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfig("ta_close_webviewSchemaWhiteList", "0"));
            String extractAppIdFromUrl = ((RVEnvironmentService) RVProxy.get(RVEnvironmentService.class)).extractAppIdFromUrl(str);
            if (!equals && !TextUtils.isEmpty(extractAppIdFromUrl)) {
                ApiPermissionCheckResult apiPermissionCheckResult = ApiPermissionCheckResult.DENY;
                if (this.apiInfoMap == null) {
                    return apiPermissionCheckResult;
                }
                if (hasPermission(appId, "startApp", PermissionConstant.JS_API_LIST, page) != ApiPermissionCheckResult.IGNORE) {
                    RVLogger.d(TAG, "start_app_forbidden: not have (startApp) ");
                    return ApiPermissionCheckResult.DENY_N22202;
                }
                ApiPermissionCheckResult hasPermission = hasPermission(appId, extractAppIdFromUrl, "JSAPI_SP_Config_startApp_appId", page);
                if (hasPermission != ApiPermissionCheckResult.IGNORE) {
                    String str2 = TAG;
                    StringBuilder sb = new StringBuilder();
                    sb.append("start_app_forbidden: not have startApp: ");
                    sb.append(extractAppIdFromUrl);
                    RVLogger.d(str2, sb.toString());
                    return ApiPermissionCheckResult.DENY_N22203;
                }
                Uri parseUrl2 = UrlUtils.parseUrl(str);
                if (TextUtils.equals(extractAppIdFromUrl, "10000007") && scanOuterJumpIntercept(appId, extractAppIdFromUrl, parseUrl2, page)) {
                    return ApiPermissionCheckResult.DENY_N22204;
                }
                String queryParameter = parseUrl2 != null ? parseUrl2.getQueryParameter("url") : null;
                if (TextUtils.isEmpty(queryParameter) || (parseUrl = UrlUtils.parseUrl(queryParameter)) == null) {
                    return hasPermission;
                }
                ApiPermissionCheckResult hasPermission2 = hasPermission(appId, parseUrl.getHost(), "JSAPI_SP_Config_startApp_url", page);
                if (hasPermission2 == ApiPermissionCheckResult.IGNORE) {
                    return hasPermission2;
                }
                String str3 = TAG;
                StringBuilder sb2 = new StringBuilder();
                sb2.append("start_app_forbidden: not have startApp: ");
                sb2.append(queryParameter);
                RVLogger.d(str3, sb2.toString());
                return ApiPermissionCheckResult.DENY_N22204;
            }
        } catch (Throwable th) {
            RVLogger.e(TAG, th);
        }
        if (str.startsWith("http")) {
            return ApiPermissionCheckResult.IGNORE;
        }
        RVLogger.d(TAG, "schema_forbidden: scheme is not http，https，alipay schema");
        RVLogger.d(TAG, "hasPermissionOnScheme...non-http url, no permission");
        return ApiPermissionCheckResult.DENY_N22205;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public boolean interceptForRender(String str) {
        JSONArray jSONArray;
        String configWithProcessCache = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("h5_jsapiCallFromRenderWhiteList", "");
        if (!TextUtils.isEmpty(configWithProcessCache)) {
            JSONObject parseObject = JSONUtils.parseObject(configWithProcessCache);
            return (!JSONUtils.getBoolean(parseObject, "enable", false) || (jSONArray = JSONUtils.getJSONArray(parseObject, "list", null)) == null || jSONArray.contains(str)) ? false : true;
        }
        return false;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult interceptSchemeForTiny(String str, Page page) {
        if (str == null) {
            return ApiPermissionCheckResult.IGNORE;
        }
        ApiPermissionCheckResult interceptH5EmbedWebViewWithScheme = interceptH5EmbedWebViewWithScheme(str, page);
        if (interceptH5EmbedWebViewWithScheme != ApiPermissionCheckResult.IGNORE) {
            return interceptH5EmbedWebViewWithScheme;
        }
        if (str.startsWith("http")) {
            return ApiPermissionCheckResult.IGNORE;
        }
        if ((!"yes".equalsIgnoreCase(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfig("ta_allow_load_javascript", null)) || !str.startsWith("javascript")) && !"no".equalsIgnoreCase(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigWithProcessCache("h5_interceptSchemeForTiny", "")) && page != null && hasPermissionModel(BundleUtils.getString(page.getStartParams(), "appId"), page)) {
            return hasPermissionOnScheme(str, page);
        }
        return ApiPermissionCheckResult.IGNORE;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public ApiPermissionCheckResult interceptUrlForTiny(String str, String str2, Page page, boolean z) {
        String str3;
        JSONArray jSONArray;
        Uri parseUrl = UrlUtils.parseUrl(str);
        if (parseUrl != null) {
            String scheme = parseUrl.getScheme();
            if (scheme != null && SCHEMA_WHITE_LIST.contains(scheme.toLowerCase())) {
                return ApiPermissionCheckResult.IGNORE;
            }
            str3 = parseUrl.getHost();
        } else {
            str3 = "";
        }
        try {
            String purifyUrl = UrlUtils.purifyUrl(str);
            if (!TextUtils.isEmpty(purifyUrl) && (jSONArray = this.mTinyUrlWhiteList) != null) {
                Iterator<Object> it = jSONArray.iterator();
                while (it.hasNext()) {
                    String obj = it.next().toString();
                    if (!TextUtils.isEmpty(obj) && purifyUrl.startsWith(obj)) {
                        RVLogger.d(TAG, " url in tiny app url white list, and ignore");
                        return ApiPermissionCheckResult.IGNORE;
                    }
                }
            }
        } catch (Throwable th) {
            String str4 = TAG;
            StringBuilder sb = new StringBuilder();
            sb.append(" check tiny app white list error: ");
            sb.append(th.getMessage());
            RVLogger.d(str4, sb.toString());
        }
        if (TextUtils.isEmpty(str2)) {
            if (!callFromWebView(page)) {
                return ApiPermissionCheckResult.IGNORE;
            }
            str2 = page.getApp().getAppId();
        }
        return this.permissionModelMap.get(str2) != null ? z ? hasPermissionOnIframe(str2, str3, PermissionConstant.VALID_DOMAIN, page) : hasPermission(str2, str3, PermissionConstant.VALID_DOMAIN, page) : ApiPermissionCheckResult.IGNORE;
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void removeAllPermissionInfo(String str, String str2) {
        if (this.bizPermissionManager == null) {
            this.bizPermissionManager = new LocalAuthPermissionManager();
        }
        this.bizPermissionManager.removeAllPermissionInfo(str, str2);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPermissionModel(String str, PermissionModel permissionModel) {
        JSONArray configJSONArray = ((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_app_permission_rewrite");
        boolean z = !CollectionUtils.isEmpty(configJSONArray) && (configJSONArray.contains(str) || configJSONArray.contains("all"));
        if (!this.permissionModelMap.containsKey(str) || z) {
            this.permissionModelMap.put(str, permissionModel);
            this.apiInfoMap.put(str, AppPermissionUtils.convert2ApiPermissionInfo(permissionModel));
        }
        attachInner(str);
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPermissionState(String str, String str2, App app, String str3, String str4, boolean z) {
        if (this.bizPermissionManager == null) {
            this.bizPermissionManager = new LocalAuthPermissionManager();
        }
        this.bizPermissionManager.changePermissionState(str2, str4, str3, z ? "1" : "0");
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPermissionState(String str, String str2, String str3, String str4, boolean z) {
        if (this.bizPermissionManager == null) {
            this.bizPermissionManager = new LocalAuthPermissionManager();
        }
        this.bizPermissionManager.changePermissionState(str2, str4, str3, z ? "1" : "0");
    }

    @Override // com.alibaba.ariver.permission.api.proxy.AuthenticationProxy
    public void setPluginPermissionModel(String str, PluginModel pluginModel, PermissionModel permissionModel) {
        String str2 = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("setPluginPermissionModel ");
        sb.append(str);
        sb.append(" plugin: ");
        sb.append(pluginModel.getAppId());
        RVLogger.d(str2, sb.toString());
        synchronized (this.pluginPermissionModelMap) {
            Map<String, PermissionModel> map = this.pluginPermissionModelMap.get(str);
            if (map == null) {
                map = new HashMap<>();
                this.pluginPermissionModelMap.put(str, map);
            }
            map.put(pluginModel.getAppId(), permissionModel);
        }
        synchronized (this.pluginApiInfoMap) {
            Map<String, ApiPermissionInfo> map2 = this.pluginApiInfoMap.get(str);
            if (map2 == null) {
                map2 = new HashMap<>();
                this.pluginApiInfoMap.put(str, map2);
            }
            map2.put(pluginModel.getAppId(), AppPermissionUtils.convert2ApiPermissionInfo(permissionModel));
        }
    }

    public boolean shouldInterceptWebViewNaviJsApi(String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            return false;
        }
        for (String str3 : WEBVIEW_NAVI_API_LIST) {
            if (str2.equals(str3)) {
                return false;
            }
        }
        List<String> stringArray = JSONUtils.toStringArray(((RVConfigService) RVProxy.get(RVConfigService.class)).getConfigJSONArray("ta_webviewAppIdWhiteList"));
        if (stringArray != null) {
            Iterator<String> it = stringArray.iterator();
            while (it.hasNext()) {
                if (TextUtils.equals(it.next(), str)) {
                    String str4 = TAG;
                    StringBuilder sb = new StringBuilder();
                    sb.append("shouldInterceptWebViewNaviJsApi...appId in white list:");
                    sb.append(str2);
                    RVLogger.d(str4, sb.toString());
                    return false;
                }
            }
        }
        String str5 = TAG;
        StringBuilder sb2 = new StringBuilder();
        sb2.append("shouldInterceptWebViewNaviJsApi...not allowed: ");
        sb2.append(str2);
        RVLogger.d(str5, sb2.toString());
        return true;
    }
}
