package org.ar4k.agent.opcua.client;

import java.io.ByteArrayInputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import org.ar4k.agent.core.Homunculus;
import org.ar4k.agent.core.data.DataAddress;
import org.ar4k.agent.core.interfaces.EdgeComponent;
import org.ar4k.agent.core.interfaces.ServiceConfig;
import org.ar4k.agent.exception.ServiceInitException;
import org.ar4k.agent.exception.ServiceWatchDogException;
import org.ar4k.agent.industrial.Enumerator;
import org.ar4k.agent.logger.EdgeLogger;
import org.ar4k.agent.logger.EdgeStaticLoggerBinder;
import org.eclipse.milo.opcua.sdk.client.OpcUaClient;
import org.eclipse.milo.opcua.sdk.client.api.config.OpcUaClientConfigBuilder;
import org.eclipse.milo.opcua.sdk.client.api.identity.AnonymousProvider;
import org.eclipse.milo.opcua.sdk.client.api.identity.IdentityProvider;
import org.eclipse.milo.opcua.sdk.client.api.identity.UsernameProvider;
import org.eclipse.milo.opcua.sdk.client.api.identity.X509IdentityProvider;
import org.eclipse.milo.opcua.sdk.client.api.subscriptions.UaSubscription;
import org.eclipse.milo.opcua.stack.client.DiscoveryClient;
import org.eclipse.milo.opcua.stack.core.UaException;
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy;
import org.eclipse.milo.opcua.stack.core.types.builtin.LocalizedText;
import org.eclipse.milo.opcua.stack.core.types.builtin.unsigned.UInteger;
import org.eclipse.milo.opcua.stack.core.types.enumerated.MessageSecurityMode;
import org.eclipse.milo.opcua.stack.core.types.structured.EndpointDescription;

/* loaded from: input_file:org/ar4k/agent/opcua/client/OpcUaClientService.class */
public class OpcUaClientService implements EdgeComponent {
    private static final String CERTIFICATE_CHAIN_SEPARATOR = ",";
    private static final EdgeLogger logger = EdgeStaticLoggerBinder.getClassLogger(OpcUaClientService.class);
    private OpcUaClient clientOpc = null;
    private OpcUaClientConfig configuration = null;
    private DataAddress dataAddress = null;
    private Homunculus homunculus = null;
    private EdgeComponent.ServiceStatus serviceStatus = EdgeComponent.ServiceStatus.INIT;
    private Map<String, OpcUaGroupManager> groups = new HashMap();

    public void close() throws Exception {
        kill();
    }

    public ServiceConfig getConfiguration() {
        return this.configuration;
    }

    public DataAddress getDataAddress() {
        return this.dataAddress;
    }

    public Homunculus getHomunculus() {
        return this.homunculus;
    }

    public String getServiceName() {
        return getConfiguration().getName();
    }

    public void init() throws ServiceInitException {
        if (this.clientOpc == null) {
            try {
                this.clientOpc = createConnection();
                connectGroups();
            } catch (Exception e) {
                logger.error("running opcua connector", e);
            }
        }
    }

    public void kill() {
        if (this.clientOpc != null) {
            this.clientOpc.disconnect();
        }
        this.serviceStatus = EdgeComponent.ServiceStatus.KILLED;
    }

    public void setConfiguration(ServiceConfig serviceConfig) {
        this.configuration = (OpcUaClientConfig) serviceConfig;
    }

    public void setDataAddress(DataAddress dataAddress) {
        this.dataAddress = dataAddress;
    }

    public void setHomunculus(Homunculus homunculus) {
        this.homunculus = homunculus;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("OpcUaClientService [");
        if (this.configuration != null) {
            sb.append("configuration=");
            sb.append(this.configuration);
            sb.append(", ");
        }
        if (this.homunculus != null) {
            sb.append("homunculus=");
            sb.append(this.homunculus);
            sb.append(", ");
        }
        if (this.dataAddress != null) {
            sb.append("dataAddress=");
            sb.append(this.dataAddress);
            sb.append(", ");
        }
        if (this.serviceStatus != null) {
            sb.append("serviceStatus=");
            sb.append(this.serviceStatus);
            sb.append(", ");
        }
        if (this.clientOpc != null) {
            sb.append("clientOpc=");
            sb.append(this.clientOpc);
        }
        sb.append("]");
        return sb.toString();
    }

    public EdgeComponent.ServiceStatus updateAndGetStatus() throws ServiceWatchDogException {
        return this.serviceStatus;
    }

    private void connectGroups() {
        for (OpcUaClientNodeConfig opcUaClientNodeConfig : this.configuration.subscriptions) {
            String str = opcUaClientNodeConfig.group + "-" + opcUaClientNodeConfig.publishInterval;
            if (!this.groups.containsKey(str)) {
                try {
                    this.groups.put(str, new OpcUaGroupManager(str, this, (UaSubscription) this.clientOpc.getSubscriptionManager().createSubscription(1000.0d).get()));
                } catch (Exception e) {
                    logger.logException("during group subscription", e);
                }
            }
            try {
                this.groups.get(str).addSingleNode(opcUaClientNodeConfig);
            } catch (InterruptedException | ExecutionException e2) {
                logger.logException(e2);
            }
        }
    }

    private OpcUaClient createConnection() throws UaException, InterruptedException, ExecutionException {
        X509Certificate certificate;
        EndpointDescription endpoint = getEndpoint();
        logger.info("OPCUA connection to " + endpoint);
        OpcUaClientConfigBuilder applicationName = org.eclipse.milo.opcua.sdk.client.api.config.OpcUaClientConfig.builder().setEndpoint(endpoint).setApplicationUri(this.configuration.clientName).setApplicationName(LocalizedText.english(this.configuration.clientName));
        if (this.configuration.sessionTimeout != null) {
            applicationName.setSessionTimeout(UInteger.valueOf(this.configuration.sessionTimeout));
        }
        if (this.configuration.aliasCryptoCertificateInKeystore != null) {
            applicationName.setKeyPair(this.homunculus.getMyIdentityKeystore().getKeyPair(this.configuration.aliasCryptoCertificateInKeystore));
        } else if (this.configuration.securityMode.equals(Enumerator.SecurityMode.sign) || this.configuration.securityMode.equals(Enumerator.SecurityMode.signAndEncrypt)) {
            String myAliasCertInKeystore = this.homunculus.getMyAliasCertInKeystore();
            logger.warn("crypto policy is active but certificate alias is null, using " + myAliasCertInKeystore);
            this.homunculus.getMyIdentityKeystore().getKeyPair(myAliasCertInKeystore);
        }
        if (this.configuration.connectTimeout != null) {
            applicationName.setConnectTimeout(UInteger.valueOf(this.configuration.connectTimeout));
        }
        if (this.configuration.keepAliveTimeout != null) {
            applicationName.setKeepAliveTimeout(UInteger.valueOf(this.configuration.keepAliveTimeout));
        }
        if (this.configuration.requestTimeout != null) {
            applicationName.setRequestTimeout(UInteger.valueOf(this.configuration.requestTimeout));
        }
        if (this.configuration.channelLifetime != null) {
            applicationName.setChannelLifetime(UInteger.valueOf(this.configuration.channelLifetime));
        }
        applicationName.setIdentityProvider(getIdentityProvider());
        if (this.configuration.acknowledgeTimeout != null) {
            applicationName.setAcknowledgeTimeout(UInteger.valueOf(this.configuration.acknowledgeTimeout));
        }
        if (this.configuration.cryptoServerChain != null) {
            applicationName.setCertificateChain(getCertificateChain());
        }
        if (this.configuration.cryptoServerCertificate != null && (certificate = getCertificate()) != null) {
            applicationName.setCertificate(certificate);
        }
        OpcUaClient create = OpcUaClient.create(applicationName.build());
        create.connect().get();
        return create;
    }

    private X509Certificate getCertificate() {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(this.configuration.cryptoServerCertificate)));
        } catch (CertificateException e) {
            logger.logException(e);
            return null;
        }
    }

    private X509Certificate[] getCertificateChain() {
        ArrayList arrayList = new ArrayList();
        String str = this.configuration.cryptoServerChain;
        if (str != null) {
            if (str.contains(CERTIFICATE_CHAIN_SEPARATOR)) {
                for (String str2 : str.split(CERTIFICATE_CHAIN_SEPARATOR)) {
                    try {
                        arrayList.add((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(str2.getBytes())));
                    } catch (CertificateException e) {
                        logger.error("encoding one of crypto chains cert", e);
                    }
                }
            } else {
                try {
                    arrayList.add((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(str.getBytes())));
                } catch (CertificateException e2) {
                    logger.error("encoding unique crypto chain cert", e2);
                }
            }
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    private EndpointDescription getEndpoint() {
        MessageSecurityMode messageSecurityMode;
        EndpointDescription endpointDescription = null;
        List list = null;
        try {
            logger.error("connect to opcua endpoint " + this.configuration.serverUrl);
            list = (List) DiscoveryClient.getEndpoints(this.configuration.serverUrl).get();
        } catch (InterruptedException | ExecutionException e) {
            logger.error("error endpoint opcua ", e);
        }
        MessageSecurityMode messageSecurityMode2 = MessageSecurityMode.None;
        switch (this.configuration.securityMode) {
            case none:
                messageSecurityMode = MessageSecurityMode.None;
                break;
            case sign:
                messageSecurityMode = MessageSecurityMode.Sign;
                break;
            case signAndEncrypt:
                messageSecurityMode = MessageSecurityMode.SignAndEncrypt;
                break;
            default:
                messageSecurityMode = MessageSecurityMode.None;
                break;
        }
        String uri = SecurityPolicy.None.getUri();
        if (this.configuration.cryptoMode != null) {
            switch (this.configuration.cryptoMode) {
                case Basic128Rsa15:
                    uri = SecurityPolicy.Basic128Rsa15.getUri();
                    break;
                case Basic256:
                    uri = SecurityPolicy.Basic256.getUri();
                    break;
                case Basic256Sha256:
                    uri = SecurityPolicy.Basic256Sha256.getUri();
                    break;
                case Aes128_Sha256_RsaOaep:
                    uri = SecurityPolicy.Aes128_Sha256_RsaOaep.getUri();
                    break;
                case Aes256_Sha256_RsaPss:
                    uri = SecurityPolicy.Aes256_Sha256_RsaPss.getUri();
                    break;
                default:
                    uri = SecurityPolicy.None.getUri();
                    break;
            }
        }
        if (list != null) {
            Iterator it = list.iterator();
            while (true) {
                if (it.hasNext()) {
                    EndpointDescription endpointDescription2 = (EndpointDescription) it.next();
                    if (endpointDescription2.getSecurityPolicyUri().equals(uri) && endpointDescription2.getSecurityMode().equals(messageSecurityMode)) {
                        logger.info("found OPCUA endpoint with the selected functions -> " + endpointDescription2);
                        endpointDescription = endpointDescription2;
                    }
                }
            }
        }
        if (endpointDescription == null) {
            logger.error("NO ENDPOINT OPCUA FOUND IN " + list);
        }
        if (!this.configuration.forceHostName.booleanValue()) {
            return endpointDescription;
        }
        try {
            return updateEndpointUrl(endpointDescription, new URI(this.configuration.serverUrl).getHost());
        } catch (Exception e2) {
            logger.logException(e2);
            return endpointDescription;
        }
    }

    private IdentityProvider getIdentityProvider() {
        UsernameProvider anonymousProvider;
        switch (this.configuration.authMode) {
            case password:
                anonymousProvider = new UsernameProvider(this.configuration.username, this.configuration.password);
                break;
            case none:
                anonymousProvider = new AnonymousProvider();
                break;
            case certificate:
                if (this.configuration.aliasAuthCertificateInKeystore == null) {
                    logger.error("required authetication by certificate but aliasAuthCertificateInKeystore is null, try anonymous way");
                    anonymousProvider = new AnonymousProvider();
                    break;
                } else {
                    anonymousProvider = new X509IdentityProvider(this.homunculus.getMyIdentityKeystore().getClientCertificate(this.configuration.aliasAuthCertificateInKeystore), this.homunculus.getMyIdentityKeystore().getPrivateKey(this.configuration.aliasAuthCertificateInKeystore));
                    break;
                }
            default:
                anonymousProvider = new AnonymousProvider();
                break;
        }
        return anonymousProvider;
    }

    public static EndpointDescription updateEndpointUrl(EndpointDescription endpointDescription, String str) {
        URI uri = null;
        try {
            uri = new URI(endpointDescription.getEndpointUrl()).parseServerAuthority();
        } catch (URISyntaxException e) {
            logger.logException(e);
        }
        Object[] objArr = new Object[4];
        objArr[0] = uri != null ? uri.getScheme() : null;
        objArr[1] = str;
        objArr[2] = uri != null ? Integer.valueOf(uri.getPort()) : null;
        objArr[3] = uri != null ? uri.getPath() : null;
        return new EndpointDescription(String.format("%s://%s:%s%s", objArr), endpointDescription.getServer(), endpointDescription.getServerCertificate(), endpointDescription.getSecurityMode(), endpointDescription.getSecurityPolicyUri(), endpointDescription.getUserIdentityTokens(), endpointDescription.getTransportProfileUri(), endpointDescription.getSecurityLevel());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpcUaClient getOpcUaClient() {
        return this.clientOpc;
    }
}
