package de.gematik.epa.konnektor.cxf;

import de.gematik.epa.config.KonnektorConnectionConfiguration;
import de.gematik.epa.config.TlsConfig;
import de.gematik.epa.konnektor.KonnektorInterfaceAssembly;
import de.gematik.epa.konnektor.cxf.interceptors.HomeCommunityBlockOutInterceptor;
import de.gematik.epa.konnektor.cxf.interceptors.MtomConfigOutInterceptor;
import de.gematik.epa.utils.ThrowingFunction;
import de.gematik.epa.utils.XmlUtils;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Consumer;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import lombok.Generated;
import lombok.NonNull;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.ext.logging.LoggingFeature;
import org.apache.cxf.ext.logging.event.EventType;
import org.apache.cxf.ext.logging.event.LogEvent;
import org.apache.cxf.ext.logging.event.LogEventSender;
import org.apache.cxf.ext.logging.slf4j.Slf4jEventSender;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.ws.addressing.WSAddressingFeature;
import org.slf4j.event.Level;
import telematik.ws.conn.SdsApi;
import telematik.ws.conn.cardservice.wsdl.v8_1.CardService;
import telematik.ws.conn.cardservice.wsdl.v8_1.CardServicePortType;
import telematik.ws.conn.certificateservice.wsdl.v6_0.CertificateService;
import telematik.ws.conn.certificateservice.wsdl.v6_0.CertificateServicePortType;
import telematik.ws.conn.eventservice.wsdl.v6_1.EventService;
import telematik.ws.conn.eventservice.wsdl.v6_1.EventServicePortType;
import telematik.ws.conn.phrs.phrmanagementservice.wsdl.v2_5.PHRManagementService;
import telematik.ws.conn.phrs.phrmanagementservice.wsdl.v2_5.PHRManagementServicePortType;
import telematik.ws.conn.phrs.phrservice.wsdl.v2_0.PHRService;
import telematik.ws.conn.phrs.phrservice.wsdl.v2_0.PHRServicePortType;
import telematik.ws.conn.plus.ObjectFactory;
import telematik.ws.conn.servicedirectory.xsd.v3_1.ConnectorServices;
import telematik.ws.conn.serviceinformation.xsd.v2_0.EndpointType;
import telematik.ws.conn.signatureservice.wsdl.v7_5.SignatureService;
import telematik.ws.conn.signatureservice.wsdl.v7_5.SignatureServicePortType;
import telematik.ws.conn.vsds.vsdservice.wsdl.v5_2.VSDService;
import telematik.ws.conn.vsds.vsdservice.wsdl.v5_2.VSDServicePortType;

/* loaded from: input_file:de/gematik/epa/konnektor/cxf/KonnektorInterfacesCxfImpl.class */
public class KonnektorInterfacesCxfImpl implements KonnektorInterfaceAssembly {
    public static final String HTTPS_PROTOCOL = "https";
    protected KonnektorConnectionConfiguration configuration;
    private final FileLoader fileLoader;
    private final AtomicReference<Object> loggingFeature = new AtomicReference<>();
    Boolean isTlsPreferred = Boolean.TRUE;
    protected ConnectorServices connectorServices;
    protected PHRServicePortType phrService;
    protected PHRManagementServicePortType phrManagementService;
    protected EventServicePortType eventService;
    protected CardServicePortType cardService;
    protected CertificateServicePortType certificateService;
    protected SignatureServicePortType signatureService;
    protected VSDServicePortType vsdService;

    /* loaded from: input_file:de/gematik/epa/konnektor/cxf/KonnektorInterfacesCxfImpl$FileLoader.class */
    public interface FileLoader extends ThrowingFunction<String, InputStream> {
    }

    public KonnektorInterfacesCxfImpl(FileLoader fileLoader) {
        this.fileLoader = fileLoader;
    }

    public KonnektorInterfacesCxfImpl update(KonnektorConnectionConfiguration konnektorConnectionConfiguration) {
        this.configuration = konnektorConnectionConfiguration;
        this.isTlsPreferred = determineIfTlsPreferred();
        this.connectorServices = sdsApi().getConnectorSds();
        this.phrService = createPhrService();
        this.phrManagementService = createPHRManagementService();
        this.eventService = createEventService();
        this.cardService = createCardService();
        this.certificateService = createCertificateService();
        this.signatureService = createSignatureService();
        this.vsdService = createVSDService();
        return this;
    }

    protected SdsApi sdsApi() {
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setServiceClass(SdsApi.class);
        jAXRSClientFactoryBean.getFeatures().add(loggingFeature());
        jAXRSClientFactoryBean.setAddress(this.configuration.address().createUrl().toString());
        SdsApi sdsApi = (SdsApi) jAXRSClientFactoryBean.create(SdsApi.class, new Object[0]);
        WebClient.client(sdsApi).accept(new String[]{"text/xml", "application/xml"});
        HTTPConduit httpConduit = WebClient.getConfig(sdsApi).getHttpConduit();
        if (this.isTlsPreferred.booleanValue()) {
            configureTls(httpConduit);
        }
        configureBasicAuthenticationIfEnabled(httpConduit);
        configureProxyIfEnabled(httpConduit);
        return sdsApi;
    }

    protected <T> T getClientProxyImpl(@NonNull Class<T> cls, @NonNull String str, @NonNull String str2, Consumer<JaxWsProxyFactoryBean> consumer) {
        Objects.requireNonNull(cls, "portType is marked non-null but is null");
        Objects.requireNonNull(str, "soapBinding is marked non-null but is null");
        Objects.requireNonNull(str2, "endpointAddress is marked non-null but is null");
        JaxWsProxyFactoryBean jaxWsProxyFactoryBean = new JaxWsProxyFactoryBean();
        jaxWsProxyFactoryBean.setBindingId(str);
        jaxWsProxyFactoryBean.setServiceClass(cls);
        jaxWsProxyFactoryBean.setAddress(str2);
        jaxWsProxyFactoryBean.getFeatures().add(loggingFeature());
        if (Objects.nonNull(consumer)) {
            consumer.accept(jaxWsProxyFactoryBean);
        }
        T t = (T) jaxWsProxyFactoryBean.create(cls);
        HTTPConduit hTTPConduit = (HTTPConduit) ClientProxy.getClient(t).getConduit();
        if (this.isTlsPreferred.booleanValue()) {
            configureTls(hTTPConduit);
        }
        configureBasicAuthenticationIfEnabled(hTTPConduit);
        configureProxyIfEnabled(hTTPConduit);
        return t;
    }

    protected TLSClientParameters tlsClientParameters() {
        TLSClientParameters tLSClientParameters = new TLSClientParameters();
        tLSClientParameters.setDisableCNCheck(true);
        tLSClientParameters.setTrustManagers(new TrustManager[]{new X509TrustManager() { // from class: de.gematik.epa.konnektor.cxf.KonnektorInterfacesCxfImpl.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }});
        return tLSClientParameters;
    }

    private <T> T getClientProxyImpl(Class<T> cls, String str) {
        return (T) getClientProxyImpl(cls, "http://schemas.xmlsoap.org/wsdl/soap/http", str, null);
    }

    private PHRServicePortType createPhrService() {
        return (PHRServicePortType) getClientProxyImpl(PHRServicePortType.class, "http://www.w3.org/2003/05/soap/bindings/HTTP/?mtom=true", readServiceEndpoint(PHRService.SERVICE.getLocalPart(), "2.0.2", "2"), jaxWsProxyFactoryBean -> {
            jaxWsProxyFactoryBean.getFeatures().add(new WSAddressingFeature());
            jaxWsProxyFactoryBean.getOutInterceptors().add(new HomeCommunityBlockOutInterceptor());
            jaxWsProxyFactoryBean.getOutInterceptors().add(new MtomConfigOutInterceptor());
        });
    }

    private PHRManagementServicePortType createPHRManagementService() {
        return (PHRManagementServicePortType) getClientProxyImpl(PHRManagementServicePortType.class, "http://www.w3.org/2003/05/soap/bindings/HTTP/", readServiceEndpoint(PHRManagementService.SERVICE.getLocalPart(), "2.5.2", "2.5.3", "2.5"), jaxWsProxyFactoryBean -> {
            jaxWsProxyFactoryBean.getFeatures().add(new WSAddressingFeature());
        });
    }

    private SignatureServicePortType createSignatureService() {
        return (SignatureServicePortType) getClientProxyImpl(SignatureServicePortType.class, "http://schemas.xmlsoap.org/wsdl/soap/http", readServiceEndpoint(SignatureService.SERVICE.getLocalPart(), "7.5", "7"), jaxWsProxyFactoryBean -> {
            XmlUtils.registerObjectFactory(jaxWsProxyFactoryBean, ObjectFactory.class);
        });
    }

    private EventServicePortType createEventService() {
        return (EventServicePortType) getClientProxyImpl(EventServicePortType.class, readServiceEndpoint(EventService.SERVICE.getLocalPart(), ""));
    }

    private VSDServicePortType createVSDService() {
        return (VSDServicePortType) getClientProxyImpl(VSDServicePortType.class, readServiceEndpoint(VSDService.SERVICE.getLocalPart(), ""));
    }

    private CertificateServicePortType createCertificateService() {
        return (CertificateServicePortType) getClientProxyImpl(CertificateServicePortType.class, readServiceEndpoint(CertificateService.SERVICE.getLocalPart(), "6.0.1", "6"));
    }

    private CardServicePortType createCardService() {
        return (CardServicePortType) getClientProxyImpl(CardServicePortType.class, readServiceEndpoint(CardService.SERVICE.getLocalPart(), "8.1.2", "8.1", "8"));
    }

    private String readServiceEndpoint(String str, String... strArr) {
        for (String str2 : strArr) {
            String readSingleServiceEndpoint = readSingleServiceEndpoint(str, str2);
            if (Objects.nonNull(readSingleServiceEndpoint)) {
                return readSingleServiceEndpoint;
            }
        }
        throw new IllegalArgumentException(String.format("No usable service endpoint configuration found for service %s in version %s", str, Arrays.toString(strArr)));
    }

    private String readSingleServiceEndpoint(String str, String str2) {
        return (String) connectorServices().getServiceInformation().getService().stream().filter(serviceType -> {
            return str.equals(serviceType.getName());
        }).flatMap(serviceType2 -> {
            return serviceType2.getVersions().getVersion().stream();
        }).filter(versionType -> {
            return versionType.getVersion().startsWith(str2);
        }).map(versionType2 -> {
            return (EndpointType) Optional.ofNullable(versionType2.getEndpointTLS()).filter(endpointType -> {
                return connectorServices().isTLSMandatory() || this.isTlsPreferred.booleanValue();
            }).orElse(versionType2.getEndpoint());
        }).map((v0) -> {
            return v0.getLocation();
        }).findFirst().orElse(null);
    }

    private Boolean determineIfTlsPreferred() {
        return (Boolean) Optional.ofNullable(this.configuration).map((v0) -> {
            return v0.address();
        }).map((v0) -> {
            return v0.protocol();
        }).map(str -> {
            return Boolean.valueOf(str.equalsIgnoreCase(HTTPS_PROTOCOL));
        }).orElse(Boolean.TRUE);
    }

    private void configureTls(HTTPConduit hTTPConduit) {
        TlsConfig tlsConfig = (TlsConfig) Objects.requireNonNull(this.configuration.tlsConfig(), "No configuration data present for TLS connection to the Konnektor");
        KeyStore keyStore = KeyStore.getInstance((String) Objects.requireNonNull(tlsConfig.keystoretype()));
        char[] charArray = ((String) Objects.requireNonNull(tlsConfig.keystorepassword(), "No password is set in the TLS configuration for the Konnektor connection")).toCharArray();
        keyStore.load(tlsConfig.keystorefile().isFilePath() ? this.fileLoader.apply(tlsConfig.keystorefile().getFilePath()) : new ByteArrayInputStream(tlsConfig.keystorefile().getFileContent().value()), charArray);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, charArray);
        TLSClientParameters tlsClientParameters = tlsClientParameters();
        tlsClientParameters.setKeyManagers(keyManagerFactory.getKeyManagers());
        tlsClientParameters.setCipherSuites(tlsConfig.ciphersuites());
        hTTPConduit.setTlsClientParameters(tlsClientParameters);
    }

    private void configureBasicAuthenticationIfEnabled(HTTPConduit hTTPConduit) {
        Optional.ofNullable(this.configuration.basicAuthentication()).filter((v0) -> {
            return v0.enabled();
        }).ifPresent(basicAuthenticationConfig -> {
            AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
            authorizationPolicy.setUserName((String) Objects.requireNonNull(basicAuthenticationConfig.username()));
            authorizationPolicy.setPassword((String) Objects.requireNonNull(basicAuthenticationConfig.password()));
            authorizationPolicy.setAuthorizationType("Basic");
            hTTPConduit.setAuthorization(authorizationPolicy);
        });
    }

    private void configureProxyIfEnabled(HTTPConduit hTTPConduit) {
        Optional.ofNullable(this.configuration.proxyAddress()).filter((v0) -> {
            return v0.enabled();
        }).ifPresent(proxyAddressConfig -> {
            hTTPConduit.getClient().setProxyServer((String) Objects.requireNonNull(proxyAddressConfig.address()));
            hTTPConduit.getClient().setProxyServerPort(proxyAddressConfig.port());
        });
    }

    private LoggingFeature newLoggingFeature() {
        LoggingFeature loggingFeature = new LoggingFeature();
        LogEventSender logEventSender = new Slf4jEventSender() { // from class: de.gematik.epa.konnektor.cxf.KonnektorInterfacesCxfImpl.2
            protected String getLogMessage(LogEvent logEvent) {
                StringBuilder append = new StringBuilder().append("\n");
                if (List.of(EventType.REQ_IN, EventType.REQ_OUT).contains(logEvent.getType())) {
                    append.append(logEvent.getHttpMethod()).append(" ").append(logEvent.getAddress()).append("\n");
                } else {
                    append.append(logEvent.getResponseCode()).append(" ").append(logEvent.getAddress()).append("\n");
                }
                logEvent.getHeaders().forEach((str, str2) -> {
                    append.append(str).append(": ").append(str2).append("\n");
                });
                return append.append("\n").append(logEvent.getPayload()).toString();
            }
        };
        logEventSender.setLoggingLevel(Level.DEBUG);
        loggingFeature.setSender(logEventSender);
        loggingFeature.setPrettyLogging(true);
        loggingFeature.setLogBinary(true);
        loggingFeature.setLogMultipart(true);
        return loggingFeature;
    }

    @Generated
    public KonnektorConnectionConfiguration configuration() {
        return this.configuration;
    }

    @Generated
    public FileLoader fileLoader() {
        return this.fileLoader;
    }

    @Generated
    public Boolean isTlsPreferred() {
        return this.isTlsPreferred;
    }

    @Generated
    public ConnectorServices connectorServices() {
        return this.connectorServices;
    }

    @Override // de.gematik.epa.konnektor.KonnektorInterfaceAssembly
    @Generated
    public PHRServicePortType phrService() {
        return this.phrService;
    }

    @Override // de.gematik.epa.konnektor.KonnektorInterfaceAssembly
    @Generated
    public PHRManagementServicePortType phrManagementService() {
        return this.phrManagementService;
    }

    @Override // de.gematik.epa.konnektor.KonnektorInterfaceAssembly
    @Generated
    public EventServicePortType eventService() {
        return this.eventService;
    }

    @Override // de.gematik.epa.konnektor.KonnektorInterfaceAssembly
    @Generated
    public CardServicePortType cardService() {
        return this.cardService;
    }

    @Override // de.gematik.epa.konnektor.KonnektorInterfaceAssembly
    @Generated
    public CertificateServicePortType certificateService() {
        return this.certificateService;
    }

    @Override // de.gematik.epa.konnektor.KonnektorInterfaceAssembly
    @Generated
    public SignatureServicePortType signatureService() {
        return this.signatureService;
    }

    @Override // de.gematik.epa.konnektor.KonnektorInterfaceAssembly
    @Generated
    public VSDServicePortType vsdService() {
        return this.vsdService;
    }

    @Generated
    public KonnektorInterfacesCxfImpl configuration(KonnektorConnectionConfiguration konnektorConnectionConfiguration) {
        this.configuration = konnektorConnectionConfiguration;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl isTlsPreferred(Boolean bool) {
        this.isTlsPreferred = bool;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl connectorServices(ConnectorServices connectorServices) {
        this.connectorServices = connectorServices;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl phrService(PHRServicePortType pHRServicePortType) {
        this.phrService = pHRServicePortType;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl phrManagementService(PHRManagementServicePortType pHRManagementServicePortType) {
        this.phrManagementService = pHRManagementServicePortType;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl eventService(EventServicePortType eventServicePortType) {
        this.eventService = eventServicePortType;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl cardService(CardServicePortType cardServicePortType) {
        this.cardService = cardServicePortType;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl certificateService(CertificateServicePortType certificateServicePortType) {
        this.certificateService = certificateServicePortType;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl signatureService(SignatureServicePortType signatureServicePortType) {
        this.signatureService = signatureServicePortType;
        return this;
    }

    @Generated
    public KonnektorInterfacesCxfImpl vsdService(VSDServicePortType vSDServicePortType) {
        this.vsdService = vSDServicePortType;
        return this;
    }

    @Generated
    public LoggingFeature loggingFeature() {
        Object obj = this.loggingFeature.get();
        if (obj == null) {
            synchronized (this.loggingFeature) {
                obj = this.loggingFeature.get();
                if (obj == null) {
                    Object newLoggingFeature = newLoggingFeature();
                    obj = newLoggingFeature == null ? this.loggingFeature : newLoggingFeature;
                    this.loggingFeature.set(obj);
                }
            }
        }
        return (LoggingFeature) (obj == this.loggingFeature ? null : obj);
    }
}
