package ee.sk.mid;

import ee.sk.mid.exception.CertificateNotPresentException;
import ee.sk.mid.exception.ExpiredException;
import ee.sk.mid.exception.MobileIdException;
import ee.sk.mid.exception.TechnicalErrorException;
import ee.sk.mid.rest.MobileIdConnector;
import ee.sk.mid.rest.MobileIdRestConnector;
import ee.sk.mid.rest.SessionStatusPoller;
import ee.sk.mid.rest.dao.SessionSignature;
import ee.sk.mid.rest.dao.SessionStatus;
import ee.sk.mid.rest.dao.response.CertificateChoiceResponse;
import java.security.cert.X509Certificate;
import org.apache.commons.lang3.StringUtils;
import org.glassfish.jersey.client.ClientConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ee/sk/mid/MobileIdClient.class */
public class MobileIdClient {
    private static final Logger logger = LoggerFactory.getLogger(MobileIdClient.class);
    private String relyingPartyUUID;
    private String relyingPartyName;
    private String hostUrl;
    private ClientConfig networkConnectionConfig;
    private int pollingSleepTimeoutSeconds;
    private MobileIdConnector connector;
    private SessionStatusPoller sessionStatusPoller;

    /* loaded from: input_file:ee/sk/mid/MobileIdClient$MobileIdClientBuilder.class */
    public static class MobileIdClientBuilder {
        private String relyingPartyUUID;
        private String relyingPartyName;
        private String hostUrl;
        private ClientConfig networkConnectionConfig;
        private int pollingSleepTimeoutSeconds;
        private MobileIdConnector connector;

        private MobileIdClientBuilder() {
            this.pollingSleepTimeoutSeconds = 1;
        }

        public MobileIdClientBuilder withRelyingPartyUUID(String str) {
            this.relyingPartyUUID = str;
            return this;
        }

        public MobileIdClientBuilder withRelyingPartyName(String str) {
            this.relyingPartyName = str;
            return this;
        }

        public MobileIdClientBuilder withHostUrl(String str) {
            this.hostUrl = str;
            return this;
        }

        public MobileIdClientBuilder withNetworkConnectionConfig(ClientConfig clientConfig) {
            this.networkConnectionConfig = clientConfig;
            return this;
        }

        public MobileIdClientBuilder withPollingSleepTimeoutSeconds(int i) {
            this.pollingSleepTimeoutSeconds = i;
            return this;
        }

        public MobileIdClientBuilder withMobileIdConnector(MobileIdConnector mobileIdConnector) {
            this.connector = mobileIdConnector;
            return this;
        }

        public MobileIdClient build() {
            return new MobileIdClient(this);
        }
    }

    private MobileIdClient(MobileIdClientBuilder mobileIdClientBuilder) {
        this.relyingPartyUUID = mobileIdClientBuilder.relyingPartyUUID;
        this.relyingPartyName = mobileIdClientBuilder.relyingPartyName;
        this.hostUrl = mobileIdClientBuilder.hostUrl;
        this.networkConnectionConfig = mobileIdClientBuilder.networkConnectionConfig;
        this.pollingSleepTimeoutSeconds = mobileIdClientBuilder.pollingSleepTimeoutSeconds;
        this.connector = mobileIdClientBuilder.connector;
        createSessionStatusPoller();
    }

    public MobileIdConnector getMobileIdConnector() {
        if (null == this.connector) {
            this.connector = new MobileIdRestConnector(this.hostUrl, this.networkConnectionConfig);
        }
        return this.connector;
    }

    public SessionStatusPoller getSessionStatusPoller() {
        return this.sessionStatusPoller;
    }

    public String getRelyingPartyUUID() {
        return this.relyingPartyUUID;
    }

    public String getRelyingPartyName() {
        return this.relyingPartyName;
    }

    private SessionStatusPoller createSessionStatusPoller() {
        SessionStatusPoller sessionStatusPoller = new SessionStatusPoller(getMobileIdConnector());
        sessionStatusPoller.setPollingSleepTimeSeconds(this.pollingSleepTimeoutSeconds);
        this.sessionStatusPoller = sessionStatusPoller;
        return sessionStatusPoller;
    }

    public X509Certificate createMobileIdCertificate(CertificateChoiceResponse certificateChoiceResponse) {
        validateCertificateResult(certificateChoiceResponse.getResult());
        validateCertificateResponse(certificateChoiceResponse);
        return CertificateParser.parseX509Certificate(certificateChoiceResponse.getCert());
    }

    public MobileIdSignature createMobileIdSignature(SessionStatus sessionStatus) {
        validateResponse(sessionStatus);
        SessionSignature signature = sessionStatus.getSignature();
        return MobileIdSignature.newBuilder().withValueInBase64(signature.getValue()).withAlgorithmName(signature.getAlgorithm()).build();
    }

    public MobileIdAuthentication createMobileIdAuthentication(SessionStatus sessionStatus, String str, HashType hashType) {
        validateResponse(sessionStatus);
        SessionSignature signature = sessionStatus.getSignature();
        return MobileIdAuthentication.newBuilder().withResult(sessionStatus.getResult()).withSignatureValueInBase64(signature.getValue()).withAlgorithmName(signature.getAlgorithm()).withCertificate(CertificateParser.parseX509Certificate(sessionStatus.getCert())).withSignedHashInBase64(str).withHashType(hashType).build();
    }

    private void validateCertificateResult(String str) throws MobileIdException {
        if (StringUtils.equalsIgnoreCase(str, "NOT_FOUND")) {
            logger.error("No certificate for the user was found");
            throw new CertificateNotPresentException("No certificate for the user was found");
        }
        if (StringUtils.equalsIgnoreCase(str, "NOT_ACTIVE")) {
            logger.error("Inactive certificate found");
            throw new ExpiredException("Inactive certificate found");
        }
        if (StringUtils.equalsIgnoreCase(str, "OK")) {
            return;
        }
        logger.error("Session status end result is '" + str + "'");
        throw new TechnicalErrorException("Session status end result is '" + str + "'");
    }

    private void validateCertificateResponse(CertificateChoiceResponse certificateChoiceResponse) throws TechnicalErrorException {
        if (certificateChoiceResponse.getCert() == null || StringUtils.isBlank(certificateChoiceResponse.getCert())) {
            logger.error("Certificate was not present in the session status response");
            throw new TechnicalErrorException("Certificate was not present in the session status response");
        }
    }

    private void validateResponse(SessionStatus sessionStatus) throws TechnicalErrorException {
        if (sessionStatus.getSignature() == null || StringUtils.isBlank(sessionStatus.getSignature().getValue())) {
            logger.error("Signature was not present in the response");
            throw new TechnicalErrorException("Signature was not present in the response");
        }
    }

    public static MobileIdClientBuilder newBuilder() {
        return new MobileIdClientBuilder();
    }
}
