package org.openecard.transport.paos;

import iso.std.iso_iec._24727.tech.schema.ResponseType;
import iso.std.iso_iec._24727.tech.schema.StartPAOS;
import iso.std.iso_iec._24727.tech.schema.StartPAOSResponse;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.net.Socket;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.Iterator;
import javax.xml.namespace.QName;
import javax.xml.transform.TransformerException;
import org.openecard.apache.http.HttpException;
import org.openecard.apache.http.HttpHeaders;
import org.openecard.apache.http.HttpResponse;
import org.openecard.apache.http.entity.ContentType;
import org.openecard.apache.http.entity.StringEntity;
import org.openecard.apache.http.impl.DefaultConnectionReuseStrategy;
import org.openecard.apache.http.message.BasicHttpEntityEnclosingRequest;
import org.openecard.apache.http.protocol.BasicHttpContext;
import org.openecard.apache.http.protocol.HTTP;
import org.openecard.apache.http.protocol.HttpRequestExecutor;
import org.openecard.bouncycastle.crypto.tls.ProtocolVersion;
import org.openecard.bouncycastle.crypto.tls.TlsAuthentication;
import org.openecard.bouncycastle.crypto.tls.TlsClient;
import org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler;
import org.openecard.common.DynamicContext;
import org.openecard.common.ECardConstants;
import org.openecard.common.TR03112Keys;
import org.openecard.common.WSHelper;
import org.openecard.common.interfaces.Dispatcher;
import org.openecard.common.interfaces.DispatcherException;
import org.openecard.common.io.ProxySettings;
import org.openecard.common.util.FileUtils;
import org.openecard.crypto.tls.TlsNoAuthentication;
import org.openecard.transport.httpcore.HttpRequestHelper;
import org.openecard.transport.httpcore.HttpUtils;
import org.openecard.transport.httpcore.StreamHttpClientConnection;
import org.openecard.ws.marshal.MarshallingTypeException;
import org.openecard.ws.marshal.WSMarshaller;
import org.openecard.ws.marshal.WSMarshallerException;
import org.openecard.ws.marshal.WSMarshallerFactory;
import org.openecard.ws.soap.SOAPException;
import org.openecard.ws.soap.SOAPHeader;
import org.openecard.ws.soap.SOAPMessage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/openecard/transport/paos/PAOS.class */
public class PAOS {
    public static final String HEADER_VALUE_PAOS = "ver=\"urn:liberty:paos:2006-08\"";
    private final MessageIdGenerator idGenerator;
    private final WSMarshaller m;
    private final URL endpoint;
    private final Dispatcher dispatcher;
    private final TlsClient tlsClient;
    private static final Logger logger = LoggerFactory.getLogger(PAOS.class);
    public static final QName RELATES_TO = new QName(ECardConstants.WS_ADDRESSING, "RelatesTo");
    public static final QName REPLY_TO = new QName(ECardConstants.WS_ADDRESSING, "ReplyTo");
    public static final QName MESSAGE_ID = new QName(ECardConstants.WS_ADDRESSING, "MessageID");
    public static final QName ADDRESS = new QName(ECardConstants.WS_ADDRESSING, "Address");
    public static final String HEADER_KEY_PAOS = "PAOS";
    public static final QName PAOS_PAOS = new QName(ECardConstants.PAOS_VERSION_20, HEADER_KEY_PAOS);
    public static final QName PAOS_VERSION = new QName(ECardConstants.PAOS_VERSION_20, "Version");
    public static final QName PAOS_ENDPOINTREF = new QName(ECardConstants.PAOS_VERSION_20, "EndpointReference");
    public static final QName PAOS_ADDRESS = new QName(ECardConstants.PAOS_VERSION_20, "Address");
    public static final QName PAOS_METADATA = new QName(ECardConstants.PAOS_VERSION_20, "MetaData");
    public static final QName PAOS_SERVICETYPE = new QName(ECardConstants.PAOS_VERSION_20, "ServiceType");

    public PAOS(URL url, Dispatcher dispatcher) throws PAOSException {
        this(url, dispatcher, null);
    }

    public PAOS(URL url, Dispatcher dispatcher, TlsClient tlsClient) throws PAOSException {
        this.endpoint = url;
        this.dispatcher = dispatcher;
        this.tlsClient = tlsClient;
        try {
            this.idGenerator = new MessageIdGenerator();
            this.m = WSMarshallerFactory.createInstance();
        } catch (WSMarshallerException e) {
            logger.error(e.getMessage(), (Throwable) e);
            throw new PAOSException(e);
        }
    }

    private String getRelatesTo(SOAPMessage sOAPMessage) throws SOAPException {
        return getHeaderElement(sOAPMessage, RELATES_TO);
    }

    private void setRelatesTo(SOAPMessage sOAPMessage, String str) throws SOAPException {
        getHeaderElement(sOAPMessage, RELATES_TO, true).setTextContent(str);
    }

    private String getHeaderElement(SOAPMessage sOAPMessage, QName qName) throws SOAPException {
        Element headerElement = getHeaderElement(sOAPMessage, qName, false);
        if (headerElement == null) {
            return null;
        }
        return headerElement.getTextContent().trim();
    }

    private Element getHeaderElement(SOAPMessage sOAPMessage, QName qName, boolean z) throws SOAPException {
        Element element = null;
        SOAPHeader sOAPHeader = sOAPMessage.getSOAPHeader();
        Iterator<Element> it = sOAPHeader.getChildElements().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Element next = it.next();
            if (next.getLocalName().equals(qName.getLocalPart()) && next.getNamespaceURI().equals(qName.getNamespaceURI())) {
                element = next;
                break;
            }
        }
        if (element == null && z) {
            element = sOAPHeader.addHeaderElement(qName);
        }
        return element;
    }

    private void addMessageIDs(SOAPMessage sOAPMessage) throws SOAPException {
        String remoteID = this.idGenerator.getRemoteID();
        String createNewID = this.idGenerator.createNewID();
        if (remoteID != null) {
            setRelatesTo(sOAPMessage, remoteID);
        }
        setMessageID(sOAPMessage, createNewID);
    }

    private void updateMessageID(SOAPMessage sOAPMessage) throws PAOSException {
        try {
            String messageID = getMessageID(sOAPMessage);
            if (messageID == null) {
                throw new PAOSException("No MessageID in PAOS header.");
            }
            if (!this.idGenerator.setRemoteID(messageID)) {
                throw new PAOSException("MessageID from result doesn't match.");
            }
        } catch (SOAPException e) {
            logger.error(e.getMessage(), (Throwable) e);
            throw new PAOSException(e.getMessage(), e);
        }
    }

    private String getMessageID(SOAPMessage sOAPMessage) throws SOAPException {
        return getHeaderElement(sOAPMessage, MESSAGE_ID);
    }

    private void setMessageID(SOAPMessage sOAPMessage, String str) throws SOAPException {
        getHeaderElement(sOAPMessage, MESSAGE_ID, true).setTextContent(str);
    }

    private Object processPAOSRequest(InputStream inputStream) throws PAOSException {
        try {
            Document str2doc = this.m.str2doc(inputStream);
            SOAPMessage doc2soap = this.m.doc2soap(str2doc);
            updateMessageID(doc2soap);
            if (logger.isDebugEnabled()) {
                try {
                    logger.debug("Message received:\n{}", this.m.doc2str(str2doc));
                } catch (TransformerException e) {
                    logger.warn("Failed to log PAOS request message.", (Throwable) e);
                }
            }
            return this.m.unmarshal(doc2soap.getSOAPBody().getChildElements().get(0));
        } catch (IOException e2) {
            logger.error(e2.getMessage(), (Throwable) e2);
            throw new PAOSException(e2.getMessage(), e2);
        } catch (MarshallingTypeException e3) {
            logger.error(e3.getMessage(), (Throwable) e3);
            throw new PAOSException(e3.getMessage(), e3);
        } catch (WSMarshallerException e4) {
            logger.error(e4.getMessage(), (Throwable) e4);
            throw new PAOSException(e4.getMessage(), e4);
        } catch (SAXException e5) {
            logger.error(e5.getMessage(), (Throwable) e5);
            throw new PAOSException(e5.getMessage(), e5);
        }
    }

    private String createPAOSResponse(Object obj) throws MarshallingTypeException, SOAPException, TransformerException {
        String doc2str = this.m.doc2str(createSOAPMessage(obj).getDocument());
        logger.debug("Message sent:\n{}", doc2str);
        return doc2str;
    }

    private SOAPMessage createSOAPMessage(Object obj) throws MarshallingTypeException, SOAPException {
        SOAPMessage add2soap = this.m.add2soap(this.m.marshal(obj));
        SOAPHeader sOAPHeader = add2soap.getSOAPHeader();
        Element addHeaderElement = sOAPHeader.addHeaderElement(PAOS_PAOS);
        addHeaderElement.setAttributeNS("http://schemas.xmlsoap.org/soap/envelope/", "actor", "http://schemas.xmlsoap.org/soap/actor/next");
        addHeaderElement.setAttributeNS("http://schemas.xmlsoap.org/soap/envelope/", "mustUnderstand", "1");
        sOAPHeader.addChildElement(addHeaderElement, PAOS_VERSION).setTextContent(ECardConstants.PAOS_VERSION_20);
        Element addChildElement = sOAPHeader.addChildElement(addHeaderElement, PAOS_ENDPOINTREF);
        sOAPHeader.addChildElement(addChildElement, PAOS_ADDRESS).setTextContent("http://www.projectliberty.org/2006/01/role/paos");
        sOAPHeader.addChildElement(sOAPHeader.addChildElement(addChildElement, PAOS_METADATA), PAOS_SERVICETYPE).setTextContent(ECardConstants.PAOS_NEXT);
        sOAPHeader.addChildElement(sOAPHeader.addHeaderElement(REPLY_TO), ADDRESS).setTextContent("http://www.projectliberty.org/2006/02/role/paos");
        addMessageIDs(add2soap);
        return add2soap;
    }

    public StartPAOSResponse sendStartPAOS(StartPAOS startPAOS) throws DispatcherException, PAOSException {
        StreamHttpClientConnection createTlsConnection;
        HttpResponse execute;
        Object obj = startPAOS;
        String host = this.endpoint.getHost();
        int port = this.endpoint.getPort();
        if (port == -1) {
            port = this.endpoint.getDefaultPort();
        }
        String file = this.endpoint.getFile();
        while (true) {
            try {
                try {
                    createTlsConnection = createTlsConnection(host, port, ProtocolVersion.TLSv11);
                } catch (IOException e) {
                    logger.error("Connecting to the PAOS endpoint with TLSv1.1 failed. Falling back to TLSv1.0.");
                    createTlsConnection = createTlsConnection(host, port, ProtocolVersion.TLSv10);
                }
                BasicHttpContext basicHttpContext = new BasicHttpContext();
                HttpRequestExecutor httpRequestExecutor = new HttpRequestExecutor();
                DefaultConnectionReuseStrategy defaultConnectionReuseStrategy = new DefaultConnectionReuseStrategy();
                do {
                    BasicHttpEntityEnclosingRequest basicHttpEntityEnclosingRequest = new BasicHttpEntityEnclosingRequest("POST", file);
                    basicHttpEntityEnclosingRequest.setParams(createTlsConnection.getParams());
                    HttpRequestHelper.setDefaultHeader(basicHttpEntityEnclosingRequest, this.endpoint);
                    basicHttpEntityEnclosingRequest.setHeader(HEADER_KEY_PAOS, HEADER_VALUE_PAOS);
                    basicHttpEntityEnclosingRequest.setHeader(HttpHeaders.ACCEPT, "text/html; application/vnd.paos+xml");
                    ContentType create = ContentType.create("application/vnd.paos+xml", HTTP.UTF_8);
                    HttpUtils.dumpHttpRequest(logger, "before adding content", basicHttpEntityEnclosingRequest);
                    StringEntity stringEntity = new StringEntity(createPAOSResponse(obj), create);
                    basicHttpEntityEnclosingRequest.setEntity(stringEntity);
                    basicHttpEntityEnclosingRequest.setHeader(stringEntity.getContentType());
                    basicHttpEntityEnclosingRequest.setHeader("Content-Length", Long.toString(stringEntity.getContentLength()));
                    execute = httpRequestExecutor.execute(basicHttpEntityEnclosingRequest, createTlsConnection, basicHttpContext);
                    int statusCode = execute.getStatusLine().getStatusCode();
                    createTlsConnection.receiveResponseEntity(execute);
                    byte[] byteArray = FileUtils.toByteArray(execute.getEntity().getContent());
                    HttpUtils.dumpHttpResponse(logger, execute, byteArray);
                    checkHTTPStatusCode(obj, statusCode);
                    Object processPAOSRequest = processPAOSRequest(new ByteArrayInputStream(byteArray));
                    if (processPAOSRequest instanceof StartPAOSResponse) {
                        StartPAOSResponse startPAOSResponse = (StartPAOSResponse) processPAOSRequest;
                        WSHelper.checkResult(startPAOSResponse);
                        return startPAOSResponse;
                    }
                    obj = this.dispatcher.deliver(processPAOSRequest);
                } while (defaultConnectionReuseStrategy.keepAlive(execute, basicHttpContext));
            } catch (IOException e2) {
                throw new PAOSException(e2);
            } catch (InvocationTargetException e3) {
                throw new DispatcherException("The dispatched method threw an exception.", e3);
            } catch (URISyntaxException e4) {
                throw new PAOSException("Hostname or port of the remote server are invalid.", e4);
            } catch (TransformerException e5) {
                throw new DispatcherException(e5);
            } catch (HttpException e6) {
                throw new PAOSException("Failed to deliver or receive PAOS HTTP message.", e6);
            } catch (WSHelper.WSException e7) {
                throw new PAOSException(e7);
            } catch (MarshallingTypeException e8) {
                throw new DispatcherException("Failed to marshal JAXB object.", e8);
            } catch (SOAPException e9) {
                throw new PAOSException("Failed to create SOAP message instance from given JAXB message.", e9);
            }
        }
    }

    private StreamHttpClientConnection createTlsConnection(String str, int i, ProtocolVersion protocolVersion) throws IOException, URISyntaxException {
        StreamHttpClientConnection streamHttpClientConnection;
        Socket socket = ProxySettings.getDefault().getSocket(str, i);
        if (this.tlsClient != null) {
            this.tlsClient.setClientVersion(protocolVersion);
            TlsProtocolHandler tlsProtocolHandler = new TlsProtocolHandler(socket.getInputStream(), socket.getOutputStream());
            tlsProtocolHandler.connect(this.tlsClient);
            streamHttpClientConnection = new StreamHttpClientConnection(tlsProtocolHandler.getInputStream(), tlsProtocolHandler.getOutputStream());
            saveServiceCertificate();
        } else {
            streamHttpClientConnection = new StreamHttpClientConnection(socket.getInputStream(), socket.getOutputStream());
        }
        return streamHttpClientConnection;
    }

    private void saveServiceCertificate() {
        try {
            DynamicContext dynamicContext = DynamicContext.getInstance(TR03112Keys.INSTANCE_KEY);
            TlsAuthentication authentication = this.tlsClient.getAuthentication();
            if (authentication instanceof TlsNoAuthentication) {
                dynamicContext.put(TR03112Keys.ESERVICE_CERTIFICATE, ((TlsNoAuthentication) authentication).getServerCertificate());
            } else {
                logger.debug("eService Certificate not saved in DynamicContext.");
            }
        } catch (IOException e) {
            logger.error("Certificate couldn't be encoded.", (Throwable) e);
        }
    }

    private void checkHTTPStatusCode(Object obj, int i) throws PAOSException {
        if (i < 200 || i > 299) {
            if (obj instanceof ResponseType) {
                try {
                    WSHelper.checkResult((ResponseType) obj);
                } catch (WSHelper.WSException e) {
                    throw new PAOSException("Received HTML Error Code " + i, e);
                }
            }
            throw new PAOSException("Received HTML Error Code " + i);
        }
    }
}
