package ch.swisscom.mid.client.rest;

import ch.swisscom.mid.client.MIDFlowException;
import ch.swisscom.mid.client.config.ClientConfiguration;
import ch.swisscom.mid.client.config.ComProtocol;
import ch.swisscom.mid.client.config.ConfigurationException;
import ch.swisscom.mid.client.config.ProxyConfiguration;
import ch.swisscom.mid.client.config.RequestTrace;
import ch.swisscom.mid.client.config.ResponseTrace;
import ch.swisscom.mid.client.config.TlsConfiguration;
import ch.swisscom.mid.client.config.TrafficObserver;
import ch.swisscom.mid.client.impl.ComProtocolHandler;
import ch.swisscom.mid.client.model.FailureReason;
import ch.swisscom.mid.client.model.ProfileRequest;
import ch.swisscom.mid.client.model.ProfileResponse;
import ch.swisscom.mid.client.model.ReceiptMessagingMode;
import ch.swisscom.mid.client.model.ReceiptRequest;
import ch.swisscom.mid.client.model.ReceiptResponse;
import ch.swisscom.mid.client.model.SignatureRequest;
import ch.swisscom.mid.client.model.SignatureResponse;
import ch.swisscom.mid.client.model.SignatureTracking;
import ch.swisscom.mid.client.rest.model.fault.MSSFault;
import ch.swisscom.mid.client.rest.model.profqreq.MSSProfileQueryRequest;
import ch.swisscom.mid.client.rest.model.profqresp.MSSProfileQueryResponse;
import ch.swisscom.mid.client.rest.model.receiptreq.MSSReceiptRequest;
import ch.swisscom.mid.client.rest.model.receiptresp.MSSReceiptResponse;
import ch.swisscom.mid.client.rest.model.signreq.MSSSignatureRequest;
import ch.swisscom.mid.client.rest.model.signresp.MSSSignatureResponse;
import ch.swisscom.mid.client.rest.model.statusresp.MSSStatusResponse;
import ch.swisscom.mid.client.utils.Utils;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLException;
import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.core5.http.ContentType;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.HttpResponse;
import org.apache.hc.core5.http.ParseException;
import org.apache.hc.core5.http.io.entity.EntityUtils;
import org.apache.hc.core5.http.io.entity.StringEntity;
import org.apache.hc.core5.ssl.PrivateKeyStrategy;
import org.apache.hc.core5.ssl.SSLContextBuilder;
import org.apache.hc.core5.ssl.SSLContexts;
import org.apache.hc.core5.ssl.TrustStrategy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ch/swisscom/mid/client/rest/ComProtocolHandlerRestImpl.class */
public class ComProtocolHandlerRestImpl implements ComProtocolHandler {
    private static final Logger logConfig = LoggerFactory.getLogger("ch.swisscom.mid.client.config");
    private static final Logger logProtocol = LoggerFactory.getLogger("ch.swisscom.mid.client.protocol");
    private static final Logger logReqResp = LoggerFactory.getLogger("ch.swisscom.mid.client.requestResponse");
    private static final Logger logFullReqResp = LoggerFactory.getLogger("ch.swisscom.mid.client.fullRequestResponse");
    private ClientConfiguration config;
    private ObjectMapper jacksonMapper;
    private CloseableHttpClient httpClient;
    private RequestConfig httpRequestConfig;

    public ComProtocol getImplementedComProtocol() {
        return ComProtocol.REST;
    }

    public void initialize(ClientConfiguration clientConfiguration) {
        this.config = clientConfiguration;
        this.jacksonMapper = new ObjectMapper();
        this.jacksonMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        TlsConfiguration tls = clientConfiguration.getTls();
        logTlsConfiguration(tls);
        try {
            SSLContextBuilder loadKeyMaterial = SSLContexts.custom().loadKeyMaterial(produceAKeyStore(tls), tls.getKeyStoreKeyPassword() == null ? null : tls.getKeyStoreKeyPassword().toCharArray(), produceAPrivateKeyStrategy(tls));
            if (trustStoreIsConfigured(tls)) {
                loadKeyMaterial.loadTrustMaterial(produceATrustStore(tls), (TrustStrategy) null);
            }
            SSLConnectionSocketFactory sSLConnectionSocketFactory = tls.isHostnameVerification() ? new SSLConnectionSocketFactory(loadKeyMaterial.build()) : new SSLConnectionSocketFactory(loadKeyMaterial.build(), NoopHostnameVerifier.INSTANCE);
            BasicCredentialsProvider basicCredentialsProvider = null;
            if (clientConfiguration.getProxy().isEnabled()) {
                ProxyConfiguration proxy = clientConfiguration.getProxy();
                logProxyConfiguration(proxy);
                String host = proxy.getHost();
                int port = proxy.getPort();
                if (proxy.getUsername() != null) {
                    basicCredentialsProvider = new BasicCredentialsProvider();
                    basicCredentialsProvider.setCredentials(new AuthScope(host, port), new UsernamePasswordCredentials(proxy.getUsername().trim(), proxy.getPassword().trim().toCharArray()));
                }
                this.httpRequestConfig = RequestConfig.custom().setProxy(new HttpHost(host, port)).build();
            }
            logHttpConnectionConfiguration(clientConfiguration);
            this.httpClient = HttpClients.custom().setDefaultCredentialsProvider(basicCredentialsProvider).setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create().setMaxConnTotal(clientConfiguration.getHttp().getMaxTotalConnections()).setMaxConnPerRoute(clientConfiguration.getHttp().getMaxConnectionsPerRoute()).setSSLSocketFactory(sSLConnectionSocketFactory).build()).setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(clientConfiguration.getHttp().getConnectionTimeoutInMs(), TimeUnit.MILLISECONDS).setResponseTimeout(clientConfiguration.getHttp().getResponseTimeoutInMs(), TimeUnit.MILLISECONDS).build()).build();
        } catch (Exception e) {
            throw new ConfigurationException("Failed to configure the TLS/SSL connection factory for the MID client", e);
        }
    }

    public void close() throws IOException {
        if (this.httpClient != null) {
            this.httpClient.close();
        }
    }

    public SignatureResponse requestSyncSignature(SignatureRequest signatureRequest) {
        MSSSignatureRequest createSignatureRequest = SignatureRequestModelUtils.createSignatureRequest(this.config, signatureRequest, true);
        notifyTrafficObserverForApTransId(signatureRequest.getTrafficObserver(), createSignatureRequest.getMSSSignatureReq().getAPInfo().getAPTransID());
        MSSSignatureResponse mSSSignatureResponse = (MSSSignatureResponse) sendAndReceive("MSS Signature (sync)", this.config.getUrls().getSignatureServiceUrl(), createSignatureRequest, MSSSignatureResponse.class, signatureRequest.getTrafficObserver());
        SignatureResponse processSignatureResponse = SignatureRequestModelUtils.processSignatureResponse(mSSSignatureResponse);
        processSignatureResponse.setTracking(SignatureRequestModelUtils.createSignatureTracking(mSSSignatureResponse, signatureRequest.getTrafficObserver(), signatureRequest.getOverrideApId(), signatureRequest.getOverrideApPassword()));
        return processSignatureResponse;
    }

    public SignatureResponse requestAsyncSignature(SignatureRequest signatureRequest) {
        MSSSignatureRequest createSignatureRequest = SignatureRequestModelUtils.createSignatureRequest(this.config, signatureRequest, false);
        notifyTrafficObserverForApTransId(signatureRequest.getTrafficObserver(), createSignatureRequest.getMSSSignatureReq().getAPInfo().getAPTransID());
        MSSSignatureResponse mSSSignatureResponse = (MSSSignatureResponse) sendAndReceive("MSS Signature (async)", this.config.getUrls().getSignatureServiceUrl(), createSignatureRequest, MSSSignatureResponse.class, signatureRequest.getTrafficObserver());
        SignatureResponse processSignatureResponse = SignatureRequestModelUtils.processSignatureResponse(mSSSignatureResponse);
        processSignatureResponse.setTracking(SignatureRequestModelUtils.createSignatureTracking(mSSSignatureResponse, signatureRequest.getTrafficObserver(), signatureRequest.getOverrideApId(), signatureRequest.getOverrideApPassword()));
        return processSignatureResponse;
    }

    public SignatureResponse pollForSignatureStatus(SignatureTracking signatureTracking) {
        return StatusQueryModelUtils.processStatusQueryResponse((MSSStatusResponse) sendAndReceive("MSS Status Query", this.config.getUrls().getStatusQueryServiceUrl(), StatusQueryModelUtils.createStatusQueryRequest(this.config, signatureTracking), MSSStatusResponse.class, signatureTracking.getTrafficObserver()), signatureTracking);
    }

    public ReceiptResponse requestSyncReceipt(SignatureTracking signatureTracking, ReceiptRequest receiptRequest) {
        MSSReceiptRequest createReceiptRequest = ReceiptRequestModelUtils.createReceiptRequest(this.config, signatureTracking, receiptRequest);
        if (receiptRequest.getRequestExtension() == null || receiptRequest.getRequestExtension().getMessagingMode() == ReceiptMessagingMode.SYNC) {
            return ReceiptRequestModelUtils.processReceiptResponse((MSSReceiptResponse) sendAndReceive("MSS Receipt (sync)", this.config.getUrls().getReceiptServiceUrl(), createReceiptRequest, MSSReceiptResponse.class, signatureTracking.getTrafficObserver()));
        }
        throw new UnsupportedOperationException("There is no support for non-sync MSS Receipt Request");
    }

    public ProfileResponse requestProfile(ProfileRequest profileRequest) {
        MSSProfileQueryRequest createProfileQueryRequest = ProfileRequestModelUtils.createProfileQueryRequest(profileRequest, this.config);
        notifyTrafficObserverForApTransId(profileRequest.getTrafficObserver(), createProfileQueryRequest.getMSSProfileReq().getAPInfo().getAPTransID());
        return ProfileRequestModelUtils.processProfileQueryResponse((MSSProfileQueryResponse) sendAndReceive("MSS Profile Query", this.config.getUrls().getProfileQueryServiceUrl(), createProfileQueryRequest, MSSProfileQueryResponse.class, profileRequest.getTrafficObserver()));
    }

    private void logHttpConnectionConfiguration(ClientConfiguration clientConfiguration) {
        logConfig.info("Configuring HTTP client: connection timeout [{}], response timeout [{}], max HTTP connections (total) [{}], HTTP connections per route [{}]", new Object[]{Integer.valueOf(clientConfiguration.getHttp().getConnectionTimeoutInMs()), Integer.valueOf(clientConfiguration.getHttp().getResponseTimeoutInMs()), Integer.valueOf(clientConfiguration.getHttp().getMaxTotalConnections()), Integer.valueOf(clientConfiguration.getHttp().getMaxConnectionsPerRoute())});
    }

    private void logProxyConfiguration(ProxyConfiguration proxyConfiguration) {
        Logger logger = logConfig;
        Object[] objArr = new Object[5];
        objArr[0] = Boolean.valueOf(proxyConfiguration.isEnabled());
        objArr[1] = proxyConfiguration.getHost();
        objArr[2] = Integer.valueOf(proxyConfiguration.getPort());
        objArr[3] = proxyConfiguration.getUsername();
        objArr[4] = proxyConfiguration.getPassword() != null ? "(not-null)" : "null";
        logger.info("Configuring PROXY parameters: enabled [{}], host [{}], port [{}], username [{}], password [{}]", objArr);
    }

    private PrivateKeyStrategy produceAPrivateKeyStrategy(TlsConfiguration tlsConfiguration) {
        return (map, sSLParameters) -> {
            return tlsConfiguration.getKeyStoreCertificateAlias();
        };
    }

    private void logTlsConfiguration(TlsConfiguration tlsConfiguration) {
        logConfig.info("Configuring TLS connection factory for MID client: key store source: [{}], key store type: [{}], key store alias: [{}], trust store source: [{}], trust store type: [{}]", new Object[]{tlsConfiguration.getKeyStoreFile() != null ? "file: [" + tlsConfiguration.getKeyStoreFile() + "]" : tlsConfiguration.getKeyStoreClasspathFile() != null ? "classpath: [" + tlsConfiguration.getKeyStoreClasspathFile() + "]" : "input stream (byte content)", tlsConfiguration.getKeyStoreType(), tlsConfiguration.getKeyStoreCertificateAlias(), tlsConfiguration.getTrustStoreFile() != null ? "file: [" + tlsConfiguration.getTrustStoreFile() + "]" : tlsConfiguration.getTrustStoreClasspathFile() != null ? "classpath: [" + tlsConfiguration.getTrustStoreClasspathFile() + "]" : "input stream (byte content)", tlsConfiguration.getTrustStoreType()});
    }

    private KeyStore produceAKeyStore(TlsConfiguration tlsConfiguration) {
        try {
            KeyStore keyStore = KeyStore.getInstance(tlsConfiguration.getKeyStoreType());
            if (tlsConfiguration.getKeyStoreFile() != null) {
                FileInputStream fileInputStream = new FileInputStream(tlsConfiguration.getKeyStoreFile());
                try {
                    keyStore.load(fileInputStream, tlsConfiguration.getKeyStorePassword() == null ? null : tlsConfiguration.getKeyStorePassword().toCharArray());
                    fileInputStream.close();
                } finally {
                }
            } else if (tlsConfiguration.getKeyStoreClasspathFile() != null) {
                InputStream resourceAsStream = getClass().getResourceAsStream(tlsConfiguration.getKeyStoreClasspathFile());
                try {
                    keyStore.load(resourceAsStream, tlsConfiguration.getKeyStorePassword() == null ? null : tlsConfiguration.getKeyStorePassword().toCharArray());
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                } finally {
                }
            } else {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(tlsConfiguration.getKeyStoreBytes());
                try {
                    keyStore.load(byteArrayInputStream, tlsConfiguration.getKeyStorePassword() == null ? null : tlsConfiguration.getKeyStorePassword().toCharArray());
                    byteArrayInputStream.close();
                } finally {
                }
            }
            return keyStore;
        } catch (Exception e) {
            throw new ConfigurationException("Failed to initialize the TLS keystore", e);
        }
    }

    private boolean trustStoreIsConfigured(TlsConfiguration tlsConfiguration) {
        return (tlsConfiguration.getTrustStoreFile() == null && tlsConfiguration.getTrustStoreClasspathFile() == null && tlsConfiguration.getTrustStoreBytes() == null) ? false : true;
    }

    private KeyStore produceATrustStore(TlsConfiguration tlsConfiguration) {
        try {
            KeyStore keyStore = KeyStore.getInstance(tlsConfiguration.getTrustStoreType());
            if (tlsConfiguration.getTrustStoreFile() != null) {
                FileInputStream fileInputStream = new FileInputStream(tlsConfiguration.getTrustStoreFile());
                try {
                    keyStore.load(fileInputStream, tlsConfiguration.getTrustStorePassword() == null ? null : tlsConfiguration.getTrustStorePassword().toCharArray());
                    fileInputStream.close();
                } finally {
                }
            } else if (tlsConfiguration.getTrustStoreClasspathFile() != null) {
                InputStream resourceAsStream = getClass().getResourceAsStream(tlsConfiguration.getTrustStoreClasspathFile());
                try {
                    keyStore.load(resourceAsStream, tlsConfiguration.getTrustStorePassword() == null ? null : tlsConfiguration.getTrustStorePassword().toCharArray());
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                } finally {
                }
            } else {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(tlsConfiguration.getTrustStoreBytes());
                try {
                    keyStore.load(byteArrayInputStream, tlsConfiguration.getTrustStorePassword() == null ? null : tlsConfiguration.getTrustStorePassword().toCharArray());
                    byteArrayInputStream.close();
                } finally {
                }
            }
            return keyStore;
        } catch (Exception e) {
            throw new ConfigurationException("Failed to initialize the TLS truststore", e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private <TReq, TResp> TResp sendAndReceive(String str, String str2, TReq treq, Class<TResp> cls, TrafficObserver trafficObserver) {
        logProtocol.debug("{}: Serializing object of type {} to JSON", str, treq.getClass().getSimpleName());
        FaultProcessor faultProcessor = new FaultProcessor();
        try {
            String writeValueAsString = this.jacksonMapper.writeValueAsString(treq);
            notifyTrafficObserverForRequest(trafficObserver, writeValueAsString);
            HttpPost httpPost = new HttpPost(str2);
            httpPost.setEntity(new StringEntity(writeValueAsString, ContentType.APPLICATION_JSON, "UTF-8", false));
            httpPost.setConfig(this.httpRequestConfig);
            logProtocol.info("{}: Sending request to: [{}]", str, str2);
            logReqResp.info("{}: Sending JSON to: [{}], content: [{}]", new Object[]{str, str2, writeValueAsString});
            logFullReqResp.info("{}: Sending JSON to: [{}], content: [{}]", new Object[]{str, str2, writeValueAsString});
            TResp tresp = null;
            MSSFault mSSFault = null;
            try {
                CloseableHttpResponse execute = this.httpClient.execute(httpPost);
                try {
                    logProtocol.info("{}: Received HTTP status code: {}", str, Integer.valueOf(execute.getCode()));
                    try {
                        String entityUtils = EntityUtils.toString(execute.getEntity());
                        notifyTrafficObserverForResponse(trafficObserver, execute, entityUtils);
                        if (execute.getCode() == 200) {
                            if (logReqResp.isInfoEnabled()) {
                                logReqResp.info("{}: Received JSON content: {}", str, Utils.stripInnerLargeBase64Content(entityUtils, '\"', '\"'));
                            }
                            if (logFullReqResp.isInfoEnabled()) {
                                logFullReqResp.info("{}: Received JSON content: {}", str, entityUtils);
                            }
                            logProtocol.debug("{}: Deserializing JSON to object of type {}", str, cls.getSimpleName());
                            try {
                                tresp = this.jacksonMapper.readValue(entityUtils, cls);
                            } catch (JsonProcessingException e) {
                                throw new MIDFlowException("Failed to deserialize JSON content to object of type " + cls.getSimpleName() + " for operation " + str, e, faultProcessor.processException(e, FailureReason.RESPONSE_PARSING_FAILURE));
                            }
                        } else {
                            logProtocol.debug("{}: Deserializing JSON to object of type {}", str, MSSFault.class.getSimpleName());
                            try {
                                mSSFault = (MSSFault) this.jacksonMapper.readValue(entityUtils, MSSFault.class);
                            } catch (JsonProcessingException e2) {
                                throw new MIDFlowException("Failed to deserialize JSON content to object of type " + MSSFault.class.getSimpleName() + " for operation " + str, e2, faultProcessor.processException(e2, FailureReason.RESPONSE_PARSING_FAILURE));
                            }
                        }
                        if (execute != null) {
                            execute.close();
                        }
                        if (tresp != null) {
                            return tresp;
                        }
                        throw new MIDFlowException("Fault response received from Mobile ID server. See embedded MIDFault", new FaultProcessor().processFaultResponse(mSSFault));
                    } catch (ParseException e3) {
                        throw new MIDFlowException("Failed to interpret the HTTP response content as a string, for operation " + str, e3, faultProcessor.processException(e3, FailureReason.HTTP_DATA_TRANSFER_FAILURE));
                    }
                } catch (Throwable th) {
                    if (execute != null) {
                        try {
                            execute.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (SSLException e4) {
                throw new MIDFlowException("TLS/SSL connection failure for " + str, e4, faultProcessor.processException(e4, null));
            } catch (Exception e5) {
                throw new MIDFlowException("Communication failure for " + str, e5, faultProcessor.processException(e5, null));
            }
        } catch (JsonProcessingException e6) {
            throw new MIDFlowException("Failed to serialize request object to JSON, for operation " + str, e6, faultProcessor.processException(e6, FailureReason.REQUEST_PREPARATION_FAILURE));
        }
    }

    private void notifyTrafficObserverForRequest(TrafficObserver trafficObserver, String str) {
        if (trafficObserver == null) {
            return;
        }
        trafficObserver.notifyOfOutgoingRequest(new RequestTrace(str), ComProtocol.REST);
    }

    private void notifyTrafficObserverForResponse(TrafficObserver trafficObserver, HttpResponse httpResponse, String str) {
        if (trafficObserver == null) {
            return;
        }
        trafficObserver.notifyOfIncomingResponse(new ResponseTrace(httpResponse.getCode(), httpResponse.getReasonPhrase(), str), ComProtocol.REST);
    }

    private void notifyTrafficObserverForApTransId(TrafficObserver trafficObserver, String str) {
        if (trafficObserver == null) {
            return;
        }
        trafficObserver.notifyOfGeneratedApTransId(str, ComProtocol.REST);
    }
}
