package ee.sk.smartid.rest;

import ee.sk.smartid.exception.SessionNotFoundException;
import ee.sk.smartid.exception.permanent.RelyingPartyAccountConfigurationException;
import ee.sk.smartid.exception.permanent.ServerMaintenanceException;
import ee.sk.smartid.exception.permanent.SmartIdClientException;
import ee.sk.smartid.exception.useraccount.NoSuitableAccountOfRequestedTypeFoundException;
import ee.sk.smartid.exception.useraccount.PersonShouldViewSmartIdPortalException;
import ee.sk.smartid.exception.useraccount.UserAccountNotFoundException;
import ee.sk.smartid.rest.dao.AuthenticationSessionRequest;
import ee.sk.smartid.rest.dao.AuthenticationSessionResponse;
import ee.sk.smartid.rest.dao.CertificateChoiceResponse;
import ee.sk.smartid.rest.dao.CertificateRequest;
import ee.sk.smartid.rest.dao.SemanticsIdentifier;
import ee.sk.smartid.rest.dao.SessionStatus;
import ee.sk.smartid.rest.dao.SessionStatusRequest;
import ee.sk.smartid.rest.dao.SignatureSessionRequest;
import ee.sk.smartid.rest.dao.SignatureSessionResponse;
import jakarta.ws.rs.BadRequestException;
import jakarta.ws.rs.ClientErrorException;
import jakarta.ws.rs.ForbiddenException;
import jakarta.ws.rs.NotAuthorizedException;
import jakarta.ws.rs.NotFoundException;
import jakarta.ws.rs.ServerErrorException;
import jakarta.ws.rs.client.Client;
import jakarta.ws.rs.client.ClientBuilder;
import jakarta.ws.rs.client.Entity;
import jakarta.ws.rs.client.Invocation;
import jakarta.ws.rs.core.Configuration;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.UriBuilder;
import java.net.URI;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ee/sk/smartid/rest/SmartIdRestConnector.class */
public class SmartIdRestConnector implements SmartIdConnector {
    private static final Logger logger = LoggerFactory.getLogger(SmartIdRestConnector.class);
    private static final String SESSION_STATUS_URI = "/session/{sessionId}";
    private static final String CERTIFICATE_CHOICE_BY_DOCUMENT_NUMBER_PATH = "/certificatechoice/document/{documentNumber}";
    private static final String CERTIFICATE_CHOICE_BY_NATURAL_PERSON_SEMANTICS_IDENTIFIER = "/certificatechoice/etsi/{semanticsIdentifier}";
    private static final String SIGNATURE_BY_DOCUMENT_NUMBER_PATH = "/signature/document/{documentNumber}";
    private static final String SIGNATURE_BY_NATURAL_PERSON_SEMANTICS_IDENTIFIER = "/signature/etsi/{semanticsIdentifier}";
    private static final String AUTHENTICATE_BY_DOCUMENT_NUMBER_PATH = "/authentication/document/{documentNumber}";
    private static final String AUTHENTICATE_BY_NATURAL_PERSON_SEMANTICS_IDENTIFIER = "/authentication/etsi/{semanticsIdentifier}";
    private String endpointUrl;
    private transient Configuration clientConfig;
    private transient Client configuredClient;
    private TimeUnit sessionStatusResponseSocketOpenTimeUnit;
    private long sessionStatusResponseSocketOpenTimeValue;
    private static final long serialVersionUID = 42;
    private transient SSLContext sslContext;

    public SmartIdRestConnector(String str) {
        this.endpointUrl = str;
    }

    public SmartIdRestConnector(String str, Configuration configuration) {
        this(str);
        this.clientConfig = configuration;
    }

    public SmartIdRestConnector(String str, Client client) {
        this(str);
        this.configuredClient = client;
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public SessionStatus getSessionStatus(String str) throws SessionNotFoundException {
        logger.debug("Getting session status for " + str);
        SessionStatusRequest createSessionStatusRequest = createSessionStatusRequest(str);
        UriBuilder path = UriBuilder.fromUri(this.endpointUrl).path(SESSION_STATUS_URI);
        addResponseSocketOpenTimeUrlParameter(createSessionStatusRequest, path);
        try {
            return (SessionStatus) prepareClient(path.build(new Object[]{createSessionStatusRequest.getSessionId()})).get(SessionStatus.class);
        } catch (NotFoundException e) {
            logger.warn("Session " + createSessionStatusRequest + " not found: " + e.getMessage());
            throw new SessionNotFoundException();
        }
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public CertificateChoiceResponse getCertificate(String str, CertificateRequest certificateRequest) {
        logger.debug("Getting certificate for document " + str);
        return postCertificateRequest(UriBuilder.fromUri(this.endpointUrl).path(CERTIFICATE_CHOICE_BY_DOCUMENT_NUMBER_PATH).build(new Object[]{str}), certificateRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public CertificateChoiceResponse getCertificate(SemanticsIdentifier semanticsIdentifier, CertificateRequest certificateRequest) {
        logger.debug("Getting certificate for identifier " + semanticsIdentifier.getIdentifier());
        return postCertificateRequest(UriBuilder.fromUri(this.endpointUrl).path(CERTIFICATE_CHOICE_BY_NATURAL_PERSON_SEMANTICS_IDENTIFIER).build(new Object[]{semanticsIdentifier.getIdentifier()}), certificateRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public SignatureSessionResponse sign(String str, SignatureSessionRequest signatureSessionRequest) {
        logger.debug("Signing for document " + str);
        return postSigningRequest(UriBuilder.fromUri(this.endpointUrl).path(SIGNATURE_BY_DOCUMENT_NUMBER_PATH).build(new Object[]{str}), signatureSessionRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public SignatureSessionResponse sign(SemanticsIdentifier semanticsIdentifier, SignatureSessionRequest signatureSessionRequest) {
        logger.debug("Signing for " + semanticsIdentifier);
        return postSigningRequest(UriBuilder.fromUri(this.endpointUrl).path(SIGNATURE_BY_NATURAL_PERSON_SEMANTICS_IDENTIFIER).build(new Object[]{semanticsIdentifier.getIdentifier()}), signatureSessionRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public AuthenticationSessionResponse authenticate(String str, AuthenticationSessionRequest authenticationSessionRequest) {
        logger.debug("Authenticating for document " + str);
        return postAuthenticationRequest(UriBuilder.fromUri(this.endpointUrl).path(AUTHENTICATE_BY_DOCUMENT_NUMBER_PATH).build(new Object[]{str}), authenticationSessionRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public AuthenticationSessionResponse authenticate(SemanticsIdentifier semanticsIdentifier, AuthenticationSessionRequest authenticationSessionRequest) {
        logger.debug("Authenticating for " + semanticsIdentifier);
        return postAuthenticationRequest(UriBuilder.fromUri(this.endpointUrl).path(AUTHENTICATE_BY_NATURAL_PERSON_SEMANTICS_IDENTIFIER).build(new Object[]{semanticsIdentifier.getIdentifier()}), authenticationSessionRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public void setSessionStatusResponseSocketOpenTime(TimeUnit timeUnit, long j) {
        this.sessionStatusResponseSocketOpenTimeUnit = timeUnit;
        this.sessionStatusResponseSocketOpenTimeValue = j;
    }

    protected Invocation.Builder prepareClient(URI uri) {
        Client client;
        if (this.configuredClient == null) {
            ClientBuilder newBuilder = ClientBuilder.newBuilder();
            if (null != this.clientConfig) {
                newBuilder.withConfig(this.clientConfig);
            }
            if (null != this.sslContext) {
                newBuilder.sslContext(this.sslContext);
            }
            client = newBuilder.build();
        } else {
            client = this.configuredClient;
        }
        return client.register(new LoggingFilter()).target(uri).request().accept(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).header("User-Agent", buildUserAgentString());
    }

    protected String buildUserAgentString() {
        return "smart-id-java-client/" + getClientVersion() + " (Java/" + getJdkMajorVersion() + ")";
    }

    protected String getClientVersion() {
        String implementationVersion = getClass().getPackage().getImplementationVersion();
        return implementationVersion == null ? "-" : implementationVersion;
    }

    protected String getJdkMajorVersion() {
        try {
            return System.getProperty("java.version").split("_")[0];
        } catch (Exception e) {
            return "-";
        }
    }

    private CertificateChoiceResponse postCertificateRequest(URI uri, CertificateRequest certificateRequest) {
        try {
            return (CertificateChoiceResponse) postRequest(uri, certificateRequest, CertificateChoiceResponse.class);
        } catch (ForbiddenException e) {
            logger.warn("No permission to issue the request", e);
            throw new RelyingPartyAccountConfigurationException("No permission to issue the request", e);
        } catch (NotFoundException e2) {
            logger.warn("Certificate not found for URI " + uri, e2);
            throw new UserAccountNotFoundException();
        }
    }

    private AuthenticationSessionResponse postAuthenticationRequest(URI uri, AuthenticationSessionRequest authenticationSessionRequest) {
        try {
            return (AuthenticationSessionResponse) postRequest(uri, authenticationSessionRequest, AuthenticationSessionResponse.class);
        } catch (ForbiddenException e) {
            logger.warn("No permission to issue the request", e);
            throw new RelyingPartyAccountConfigurationException("No permission to issue the request", e);
        } catch (NotFoundException e2) {
            logger.warn("User account not found for URI " + uri, e2);
            throw new UserAccountNotFoundException();
        }
    }

    private SignatureSessionResponse postSigningRequest(URI uri, SignatureSessionRequest signatureSessionRequest) {
        try {
            return (SignatureSessionResponse) postRequest(uri, signatureSessionRequest, SignatureSessionResponse.class);
        } catch (ForbiddenException e) {
            logger.warn("No permission to issue the request", e);
            throw new RelyingPartyAccountConfigurationException("No permission to issue the request", e);
        } catch (NotFoundException e2) {
            logger.warn("User account not found for URI " + uri, e2);
            throw new UserAccountNotFoundException();
        }
    }

    private <T, V> T postRequest(URI uri, V v, Class<T> cls) {
        try {
            return (T) prepareClient(uri).post(Entity.entity(v, "application/json"), cls);
        } catch (ServerErrorException e) {
            if (e.getResponse().getStatus() != 580) {
                throw e;
            }
            logger.warn("Server is under maintenance, retry later", e);
            throw new ServerMaintenanceException();
        } catch (ClientErrorException e2) {
            if (e2.getResponse().getStatus() == 471) {
                logger.warn("No suitable account of requested type found, but user has some other accounts.", e2);
                throw new NoSuitableAccountOfRequestedTypeFoundException();
            }
            if (e2.getResponse().getStatus() == 472) {
                logger.warn("Person should view Smart-ID app or Smart-ID self-service portal now.", e2);
                throw new PersonShouldViewSmartIdPortalException();
            }
            if (e2.getResponse().getStatus() != 480) {
                throw e2;
            }
            logger.warn("Client-side API is too old and not supported anymore");
            throw new SmartIdClientException("Client-side API is too old and not supported anymore");
        } catch (BadRequestException e3) {
            logger.warn("Request is invalid for URI " + uri, e3);
            throw new SmartIdClientException("Server refused the request", e3);
        } catch (NotAuthorizedException e4) {
            logger.warn("Request is unauthorized for URI " + uri, e4);
            throw new RelyingPartyAccountConfigurationException("Request is unauthorized for URI " + uri, e4);
        }
    }

    private SessionStatusRequest createSessionStatusRequest(String str) {
        SessionStatusRequest sessionStatusRequest = new SessionStatusRequest(str);
        if (this.sessionStatusResponseSocketOpenTimeUnit != null && this.sessionStatusResponseSocketOpenTimeValue > 0) {
            sessionStatusRequest.setResponseSocketOpenTime(this.sessionStatusResponseSocketOpenTimeUnit, this.sessionStatusResponseSocketOpenTimeValue);
        }
        return sessionStatusRequest;
    }

    private void addResponseSocketOpenTimeUrlParameter(SessionStatusRequest sessionStatusRequest, UriBuilder uriBuilder) {
        if (sessionStatusRequest.isResponseSocketOpenTimeSet()) {
            uriBuilder.queryParam("timeoutMs", new Object[]{Long.valueOf(sessionStatusRequest.getResponseSocketOpenTimeUnit().toMillis(sessionStatusRequest.getResponseSocketOpenTimeValue()))});
        }
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public void setSslContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }
}
