package ee.sk.smartid;

import ee.sk.smartid.exception.permanent.SmartIdClientException;
import ee.sk.smartid.rest.SessionStatusPoller;
import ee.sk.smartid.rest.SmartIdConnector;
import ee.sk.smartid.rest.SmartIdRestConnector;
import jakarta.ws.rs.client.Client;
import jakarta.ws.rs.core.Configuration;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:ee/sk/smartid/SmartIdClient.class */
public class SmartIdClient {
    private String relyingPartyUUID;
    private String relyingPartyName;
    private String hostUrl;
    private Configuration networkConnectionConfig;
    private Client configuredClient;
    private TimeUnit pollingSleepTimeUnit = TimeUnit.SECONDS;
    private long pollingSleepTimeout = 1;
    private TimeUnit sessionStatusResponseSocketOpenTimeUnit;
    private long sessionStatusResponseSocketOpenTimeValue;
    private SmartIdConnector connector;
    private SSLContext trustSslContext;

    public CertificateRequestBuilder getCertificate() {
        CertificateRequestBuilder certificateRequestBuilder = new CertificateRequestBuilder(getSmartIdConnector(), createSessionStatusPoller(getSmartIdConnector()));
        certificateRequestBuilder.withRelyingPartyUUID(getRelyingPartyUUID());
        certificateRequestBuilder.withRelyingPartyName(getRelyingPartyName());
        return certificateRequestBuilder;
    }

    public SignatureRequestBuilder createSignature() {
        SignatureRequestBuilder signatureRequestBuilder = new SignatureRequestBuilder(getSmartIdConnector(), createSessionStatusPoller(getSmartIdConnector()));
        signatureRequestBuilder.withRelyingPartyUUID(getRelyingPartyUUID());
        signatureRequestBuilder.withRelyingPartyName(getRelyingPartyName());
        return signatureRequestBuilder;
    }

    public AuthenticationRequestBuilder createAuthentication() {
        AuthenticationRequestBuilder authenticationRequestBuilder = new AuthenticationRequestBuilder(getSmartIdConnector(), createSessionStatusPoller(getSmartIdConnector()));
        authenticationRequestBuilder.withRelyingPartyUUID(getRelyingPartyUUID());
        authenticationRequestBuilder.withRelyingPartyName(getRelyingPartyName());
        return authenticationRequestBuilder;
    }

    public void setRelyingPartyUUID(String str) {
        this.relyingPartyUUID = str;
    }

    public String getRelyingPartyUUID() {
        return this.relyingPartyUUID;
    }

    public void setRelyingPartyName(String str) {
        this.relyingPartyName = str;
    }

    public String getRelyingPartyName() {
        return this.relyingPartyName;
    }

    public void setHostUrl(String str) {
        this.hostUrl = str;
    }

    public void setNetworkConnectionConfig(Configuration configuration) {
        this.networkConnectionConfig = configuration;
    }

    public void setConfiguredClient(Client client) {
        this.configuredClient = client;
    }

    public void setSessionStatusResponseSocketOpenTime(TimeUnit timeUnit, long j) {
        this.sessionStatusResponseSocketOpenTimeUnit = timeUnit;
        this.sessionStatusResponseSocketOpenTimeValue = j;
    }

    public void setPollingSleepTimeout(TimeUnit timeUnit, long j) {
        this.pollingSleepTimeUnit = timeUnit;
        this.pollingSleepTimeout = j;
    }

    private SessionStatusPoller createSessionStatusPoller(SmartIdConnector smartIdConnector) {
        smartIdConnector.setSessionStatusResponseSocketOpenTime(this.sessionStatusResponseSocketOpenTimeUnit, this.sessionStatusResponseSocketOpenTimeValue);
        SessionStatusPoller sessionStatusPoller = new SessionStatusPoller(smartIdConnector);
        sessionStatusPoller.setPollingSleepTime(this.pollingSleepTimeUnit, this.pollingSleepTimeout);
        return sessionStatusPoller;
    }

    public SmartIdConnector getSmartIdConnector() {
        if (null == this.connector) {
            SmartIdRestConnector smartIdRestConnector = this.configuredClient != null ? new SmartIdRestConnector(this.hostUrl, this.configuredClient) : new SmartIdRestConnector(this.hostUrl, this.networkConnectionConfig);
            smartIdRestConnector.setSessionStatusResponseSocketOpenTime(this.sessionStatusResponseSocketOpenTimeUnit, this.sessionStatusResponseSocketOpenTimeValue);
            if (this.trustSslContext == null && this.configuredClient == null) {
                throw new SmartIdClientException("You must provide trusted API server certificates either by calling setTrustStore(), setTrustedCertificates() or setTrustSslContext() or setConfiguredClient()");
            }
            smartIdRestConnector.setSslContext(this.trustSslContext);
            setSmartIdConnector(smartIdRestConnector);
        }
        return this.connector;
    }

    public static SSLContext createSslContext(List<String> list) throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
        int i = 0;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            i++;
            keyStore.setCertificateEntry("sid_api_ssl_cert_" + i, certificateFactory.generateCertificate(new ByteArrayInputStream(it.next().getBytes(StandardCharsets.UTF_8))));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        trustManagerFactory.init(keyStore);
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
        return sSLContext;
    }

    public void setTrustSslContext(SSLContext sSLContext) {
        this.trustSslContext = sSLContext;
    }

    public void setTrustStore(KeyStore keyStore) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            this.trustSslContext = sSLContext;
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            throw new SmartIdClientException("Problem with supplied trust store file: " + e.getMessage());
        }
    }

    public void setTrustedCertificates(String... strArr) {
        try {
            this.trustSslContext = createSslContext(Arrays.asList(strArr));
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new SmartIdClientException("Failed to createSslContext", e);
        }
    }

    public void setSmartIdConnector(SmartIdConnector smartIdConnector) {
        this.connector = smartIdConnector;
    }

    @Deprecated
    public void loadSslCertificatesFromKeystore(KeyStore keyStore) {
        setTrustStore(keyStore);
    }
}
