package ee.sk.smartid.rest;

import ee.sk.smartid.exception.CertificateNotFoundException;
import ee.sk.smartid.exception.ClientNotSupportedException;
import ee.sk.smartid.exception.InvalidParametersException;
import ee.sk.smartid.exception.RequestForbiddenException;
import ee.sk.smartid.exception.ServerMaintenanceException;
import ee.sk.smartid.exception.SessionNotFoundException;
import ee.sk.smartid.exception.UnauthorizedException;
import ee.sk.smartid.exception.UserAccountNotFoundException;
import ee.sk.smartid.rest.dao.AuthenticationSessionRequest;
import ee.sk.smartid.rest.dao.AuthenticationSessionResponse;
import ee.sk.smartid.rest.dao.CertificateChoiceResponse;
import ee.sk.smartid.rest.dao.CertificateRequest;
import ee.sk.smartid.rest.dao.NationalIdentity;
import ee.sk.smartid.rest.dao.SessionStatus;
import ee.sk.smartid.rest.dao.SessionStatusRequest;
import ee.sk.smartid.rest.dao.SignatureSessionRequest;
import ee.sk.smartid.rest.dao.SignatureSessionResponse;
import java.net.URI;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.ForbiddenException;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.ServerErrorException;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;
import org.glassfish.jersey.client.ClientConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ee/sk/smartid/rest/SmartIdRestConnector.class */
public class SmartIdRestConnector implements SmartIdConnector {
    private static final Logger logger = LoggerFactory.getLogger(SmartIdRestConnector.class);
    private static final String SESSION_STATUS_URI = "/session/{sessionId}";
    private static final String CERTIFICATE_CHOICE_BY_NATIONAL_IDENTITY_PATH = "/certificatechoice/pno/{country}/{nationalIdentityNumber}";
    private static final String CERTIFICATE_CHOICE_BY_DOCUMENT_NUMBER_PATH = "/certificatechoice/document/{documentNumber}";
    private static final String SIGNATURE_BY_DOCUMENT_NUMBER_PATH = "/signature/document/{documentNumber}";
    private static final String AUTHENTICATE_BY_DOCUMENT_NUMBER_PATH = "/authentication/document/{documentNumber}";
    private static final String AUTHENTICATE_BY_NATIONAL_IDENTITY_PATH = "/authentication/pno/{country}/{nationalIdentityNumber}";
    private String endpointUrl;
    private ClientConfig clientConfig;

    public SmartIdRestConnector(String str) {
        this.endpointUrl = str;
    }

    public SmartIdRestConnector(String str, ClientConfig clientConfig) {
        this(str);
        this.clientConfig = clientConfig;
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public SessionStatus getSessionStatus(SessionStatusRequest sessionStatusRequest) throws SessionNotFoundException {
        logger.debug("Getting session status for " + sessionStatusRequest.getSessionId());
        UriBuilder path = UriBuilder.fromUri(this.endpointUrl).path(SESSION_STATUS_URI);
        addResponseSocketOpenTimeUrlParameter(sessionStatusRequest, path);
        try {
            return (SessionStatus) prepareClient(path.build(new Object[]{sessionStatusRequest.getSessionId()})).get(SessionStatus.class);
        } catch (NotFoundException e) {
            logger.warn("Session " + sessionStatusRequest + " not found: " + e.getMessage());
            throw new SessionNotFoundException();
        }
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public CertificateChoiceResponse getCertificate(NationalIdentity nationalIdentity, CertificateRequest certificateRequest) {
        logger.debug("Getting certificate for " + nationalIdentity);
        return postCertificateRequest(UriBuilder.fromUri(this.endpointUrl).path(CERTIFICATE_CHOICE_BY_NATIONAL_IDENTITY_PATH).build(new Object[]{nationalIdentity.getCountryCode(), nationalIdentity.getNationalIdentityNumber()}), certificateRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public CertificateChoiceResponse getCertificate(String str, CertificateRequest certificateRequest) {
        logger.debug("Getting certificate for document " + str);
        return postCertificateRequest(UriBuilder.fromUri(this.endpointUrl).path(CERTIFICATE_CHOICE_BY_DOCUMENT_NUMBER_PATH).build(new Object[]{str}), certificateRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public SignatureSessionResponse sign(String str, SignatureSessionRequest signatureSessionRequest) {
        logger.debug("Signing for document " + str);
        try {
            return (SignatureSessionResponse) postRequest(UriBuilder.fromUri(this.endpointUrl).path(SIGNATURE_BY_DOCUMENT_NUMBER_PATH).build(new Object[]{str}), signatureSessionRequest, SignatureSessionResponse.class);
        } catch (NotFoundException e) {
            logger.warn("User account not found for signing with document " + str);
            throw new UserAccountNotFoundException();
        } catch (ForbiddenException e2) {
            logger.warn("No permission to issue the request");
            throw new RequestForbiddenException();
        }
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public AuthenticationSessionResponse authenticate(String str, AuthenticationSessionRequest authenticationSessionRequest) {
        logger.debug("Authenticating for document " + str);
        return postAuthenticationRequest(UriBuilder.fromUri(this.endpointUrl).path(AUTHENTICATE_BY_DOCUMENT_NUMBER_PATH).build(new Object[]{str}), authenticationSessionRequest);
    }

    @Override // ee.sk.smartid.rest.SmartIdConnector
    public AuthenticationSessionResponse authenticate(NationalIdentity nationalIdentity, AuthenticationSessionRequest authenticationSessionRequest) {
        logger.debug("Authenticating for " + nationalIdentity);
        return postAuthenticationRequest(UriBuilder.fromUri(this.endpointUrl).path(AUTHENTICATE_BY_NATIONAL_IDENTITY_PATH).build(new Object[]{nationalIdentity.getCountryCode(), nationalIdentity.getNationalIdentityNumber()}), authenticationSessionRequest);
    }

    private Invocation.Builder prepareClient(URI uri) {
        return (this.clientConfig == null ? ClientBuilder.newClient() : ClientBuilder.newClient(this.clientConfig)).register(new LoggingFilter()).target(uri).request().accept(new MediaType[]{MediaType.APPLICATION_JSON_TYPE});
    }

    private CertificateChoiceResponse postCertificateRequest(URI uri, CertificateRequest certificateRequest) {
        try {
            return (CertificateChoiceResponse) postRequest(uri, certificateRequest, CertificateChoiceResponse.class);
        } catch (ForbiddenException e) {
            logger.warn("No permission to issue the request");
            throw new RequestForbiddenException();
        } catch (NotFoundException e2) {
            logger.warn("Certificate not found for URI " + uri + ": " + e2.getMessage());
            throw new CertificateNotFoundException();
        }
    }

    private AuthenticationSessionResponse postAuthenticationRequest(URI uri, AuthenticationSessionRequest authenticationSessionRequest) {
        try {
            return (AuthenticationSessionResponse) postRequest(uri, authenticationSessionRequest, AuthenticationSessionResponse.class);
        } catch (ForbiddenException e) {
            logger.warn("No permission to issue the request");
            throw new RequestForbiddenException();
        } catch (NotFoundException e2) {
            logger.warn("User account not found for URI " + uri + ": " + e2.getMessage());
            throw new UserAccountNotFoundException();
        }
    }

    private <T, V> T postRequest(URI uri, V v, Class<T> cls) {
        try {
            return (T) prepareClient(uri).post(Entity.entity(v, "application/json"), cls);
        } catch (ServerErrorException e) {
            if (e.getResponse().getStatus() != 580) {
                throw e;
            }
            logger.warn("Server is under maintenance, retry later");
            throw new ServerMaintenanceException();
        } catch (BadRequestException e2) {
            logger.warn("Request is invalid for URI " + uri + ": " + e2.getMessage());
            throw new InvalidParametersException();
        } catch (NotAuthorizedException e3) {
            logger.warn("Request is unauthorized for URI " + uri + ": " + e3.getMessage());
            throw new UnauthorizedException();
        } catch (ClientErrorException e4) {
            if (e4.getResponse().getStatus() != 480) {
                throw e4;
            }
            logger.warn("Client-side API is too old and not supported anymore");
            throw new ClientNotSupportedException();
        }
    }

    private void addResponseSocketOpenTimeUrlParameter(SessionStatusRequest sessionStatusRequest, UriBuilder uriBuilder) {
        if (sessionStatusRequest.isResponseSocketOpenTimeSet()) {
            uriBuilder.queryParam("timeoutMs", new Object[]{Long.valueOf(sessionStatusRequest.getResponseSocketOpenTimeUnit().toMillis(sessionStatusRequest.getResponseSocketOpenTimeValue()))});
        }
    }
}
