package com.suncode.plugin.plusautenti.clientapi.service;

import com.google.common.io.ByteStreams;
import com.google.gson.Gson;
import com.suncode.plugin.plusautenti.clientapi.dto.DraftDocument;
import com.suncode.plugin.plusautenti.clientapi.dto.DraftDocumentSignerDto;
import com.suncode.plugin.plusautenti.clientapi.enums.AuthGrantType;
import com.suncode.plugin.plusautenti.clientapi.enums.AuthorizationType;
import com.suncode.plugin.plusautenti.clientapi.enums.DocumentProcessPartyRole;
import com.suncode.plugin.plusautenti.clientapi.enums.SignType;
import com.suncode.plugin.plusautenti.clientapi.enums.SupportedExtensions;
import com.suncode.plugin.plusautenti.clientapi.exception.AutentiClientApiException;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiAuthorizationRequestResponse;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiClientCredentialsAuthorizationRequest;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocument;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentFileEntityResponse;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentParties;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentPartiesConstraint;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentPartiesConstraintAttributes;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentPartiesParty;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentPartiesPartyContact;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentPartiesPartyContactAttributes;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiDocumentProcessResponse;
import com.suncode.plugin.plusautenti.clientapi.model.AutentiPasswordAuthorizationRequest;
import com.suncode.plugin.plusautenti.clientapi.model.ExceptionResponse;
import com.suncode.plugin.plusautenti.configuration.dto.AutentiConnectionConfig;
import com.suncode.plugin.plusautenti.exception.AutentiException;
import com.suncode.plugin.plusautenti.exception.message.ErrorMessage;
import com.suncode.pwfl.archive.WfFile;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URLEncoder;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import okhttp3.HttpUrl;
import okhttp3.MediaType;
import okhttp3.MultipartBody;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.springframework.util.Assert;

@Service
/* loaded from: input_file:com/suncode/plugin/plusautenti/clientapi/service/AutentiApiServiceImpl.class */
public class AutentiApiServiceImpl implements AutentiApiService {
    public static final String UNSUCCESSFUL_RESPONSE_MSG = "Unsuccessful response from Autenti";
    public static final String APPLICATION_JSON = "application/json";
    public static final String CONTENT_TYPE = "Content-Type";
    public static final String ACCEPT = "accept";
    public static final String AUTHORIZATION = "Authorization";
    public static final String CONSTRAINT_UNIQUE_TYPE_SIGNATURE_TYPE = "CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE";
    public static final String ACTION_SIGNATURE_APPLICATION = "ACTION:SIGNATURE_APPLICATION";
    public static final String SIGNATURE_PROVIDER_SIGNATURE_TYPE_BASIC = "SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC";
    public static final String SIGNATURE_PROVIDER_SIGNATURE_TYPE_QUALIFIED = "SIGNATURE_PROVIDER-SIGNATURE_TYPE:QUALIFIED";
    public static final String CONTACT_TYPE_EMAIL = "CONTACT-TYPE:EMAIL";
    public static final String CONSTRAINT_UNIQUE_TYPE_PHONE_NUMBER_VERIFICATION_REQUIRED = "CONSTRAINT-UNIQUE_TYPE:PHONE_NUMBER_VERIFICATION_REQUIRED";
    public static final String CONSTRAINT_UNIQUE_TYPE_PARTICIPATION_PRIORITY = "CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY";
    public static final String MULTIPART_FORM_DATA = "multipart/form-data";
    public static final String X_ASSERTION = "X-ASSERTION";
    public static final String SIGNED_CONTENT_FILE = "SIGNED_CONTENT_FILE";
    private final Gson gson = new Gson();
    private static final Logger log = LoggerFactory.getLogger(AutentiApiServiceImpl.class);
    private static final OkHttpClient client = new OkHttpClient.Builder().connectTimeout(40, TimeUnit.SECONDS).readTimeout(40, TimeUnit.SECONDS).build();

    @Override // com.suncode.plugin.plusautenti.clientapi.service.AutentiApiService
    public void connect(AutentiConnectionConfig autentiConnectionConfig) throws IOException, AutentiClientApiException {
        if (autentiConnectionConfig.getConnectionType() == AuthGrantType.PASSWORD) {
            autentiConnectionConfig.setToken(generateBasicAuthToken(autentiConnectionConfig));
        } else if (autentiConnectionConfig.getConnectionType() == AuthGrantType.CLIENT_CREDENTIALS) {
            autentiConnectionConfig.setToken(generateClientCredentialsToken(autentiConnectionConfig));
        }
    }

    private String generateBasicAuthToken(AutentiConnectionConfig autentiConnectionConfig) throws IOException, AutentiClientApiException {
        return ((AutentiAuthorizationRequestResponse) executeRequest(new Request.Builder().url(autentiConnectionConfig.getApiUrl() + "/auth/token").method("POST", jsonRequestBody(buildPasswordAutentiAuthRequest(autentiConnectionConfig))).build(), AutentiAuthorizationRequestResponse.class)).getAccess_token();
    }

    private String generateClientCredentialsToken(AutentiConnectionConfig autentiConnectionConfig) throws IOException, AutentiClientApiException {
        return ((AutentiAuthorizationRequestResponse) executeRequest(new Request.Builder().url(autentiConnectionConfig.getApiUrl() + "/auth/token").method("POST", jsonRequestBody(buildClientCredentialsAutentiAuthRequest(autentiConnectionConfig))).build(), AutentiAuthorizationRequestResponse.class)).getAccess_token();
    }

    private AutentiPasswordAuthorizationRequest buildPasswordAutentiAuthRequest(AutentiConnectionConfig autentiConnectionConfig) {
        return AutentiPasswordAuthorizationRequest.builder().client_id(autentiConnectionConfig.getClientId()).client_secret(autentiConnectionConfig.getClientSecret()).grant_type(autentiConnectionConfig.getConnectionType().toString()).username(autentiConnectionConfig.getUserName()).password(autentiConnectionConfig.getPass()).build();
    }

    private AutentiClientCredentialsAuthorizationRequest buildClientCredentialsAutentiAuthRequest(AutentiConnectionConfig autentiConnectionConfig) {
        return AutentiClientCredentialsAuthorizationRequest.builder().client_id(autentiConnectionConfig.getClientId()).client_secret(autentiConnectionConfig.getClientSecret()).grant_type(autentiConnectionConfig.getConnectionType().toString()).build();
    }

    @Override // com.suncode.plugin.plusautenti.clientapi.service.AutentiApiService
    public String sendDraftDocument(AutentiConnectionConfig autentiConnectionConfig, DraftDocument draftDocument) throws IOException, AutentiClientApiException {
        log.debug("Send draft document to Autenti");
        String id = createDocument(autentiConnectionConfig, new AutentiDocument(draftDocument.getDocumentTitle(), draftDocument.getDocumentDescription(), draftDocument.getDocumentLang().toLowerCase(), getDocumentsParties(draftDocument))).getId();
        Iterator<WfFile> it = draftDocument.getFiles().iterator();
        while (it.hasNext()) {
            sendFileToSign(autentiConnectionConfig, id, it.next());
        }
        sendDocumentToSign(autentiConnectionConfig, id);
        log.debug("The document was sent correctly. Document ID: " + id);
        return id;
    }

    private List<AutentiDocumentParties> getDocumentsParties(DraftDocument draftDocument) {
        return (List) draftDocument.getSigners().stream().map(draftDocumentSignerDto -> {
            AutentiDocumentPartiesParty documentDraftPartiesParty = getDocumentDraftPartiesParty(draftDocumentSignerDto.getFirstName(), draftDocumentSignerDto.getLastName(), draftDocumentSignerDto.getEmail());
            List<AutentiDocumentPartiesConstraint> list = null;
            if (draftDocumentSignerDto.getRole() == DocumentProcessPartyRole.SIGNER) {
                list = getSignerDocumentsPartiesConstraint(draftDocumentSignerDto);
            } else if (draftDocumentSignerDto.getRole() == DocumentProcessPartyRole.APPROVER) {
                list = getApproverDocumentsPartiesConstraint();
            }
            return AutentiDocumentParties.builder().role(draftDocumentSignerDto.getRole().name()).party(documentDraftPartiesParty).constraints(list).build();
        }).collect(Collectors.toList());
    }

    private AutentiDocumentPartiesParty getDocumentDraftPartiesParty(String str, String str2, String str3) {
        AutentiDocumentPartiesParty autentiDocumentPartiesParty = new AutentiDocumentPartiesParty();
        autentiDocumentPartiesParty.setFirstName(str);
        autentiDocumentPartiesParty.setLastName(str2);
        AutentiDocumentPartiesPartyContact autentiDocumentPartiesPartyContact = new AutentiDocumentPartiesPartyContact(CONTACT_TYPE_EMAIL, new AutentiDocumentPartiesPartyContactAttributes(str3));
        autentiDocumentPartiesParty.setContacts(new LinkedList());
        autentiDocumentPartiesParty.getContacts().add(autentiDocumentPartiesPartyContact);
        return autentiDocumentPartiesParty;
    }

    private List<AutentiDocumentPartiesConstraint> getSignerDocumentsPartiesConstraint(DraftDocumentSignerDto draftDocumentSignerDto) {
        LinkedList linkedList = new LinkedList();
        linkedList.add(getSignatureTypeConstraint(draftDocumentSignerDto.getSignType()));
        if (draftDocumentSignerDto.getAuthorizationType() == AuthorizationType.EMAIL_AND_SMS) {
            linkedList.add(getPhoneNumberConstraint(draftDocumentSignerDto.getPhoneNo()));
        }
        linkedList.add(getPriorityConstraint(1));
        return linkedList;
    }

    private AutentiDocumentPartiesConstraint getSignatureTypeConstraint(SignType signType) {
        AutentiDocumentPartiesConstraint autentiDocumentPartiesConstraint = new AutentiDocumentPartiesConstraint();
        autentiDocumentPartiesConstraint.setClassifiers(Arrays.asList(CONSTRAINT_UNIQUE_TYPE_SIGNATURE_TYPE));
        autentiDocumentPartiesConstraint.setConstrainedActions(Arrays.asList(ACTION_SIGNATURE_APPLICATION));
        if (signType == SignType.AUTENTI_QUALIFIED_SIGNATURE) {
            autentiDocumentPartiesConstraint.setAttributes(AutentiDocumentPartiesConstraintAttributes.builder().requiredClassifiers(Arrays.asList(SIGNATURE_PROVIDER_SIGNATURE_TYPE_BASIC)).build());
        } else {
            autentiDocumentPartiesConstraint.setAttributes(AutentiDocumentPartiesConstraintAttributes.builder().requiredClassifiers(Arrays.asList(SIGNATURE_PROVIDER_SIGNATURE_TYPE_QUALIFIED)).build());
        }
        return autentiDocumentPartiesConstraint;
    }

    private AutentiDocumentPartiesConstraint getPhoneNumberConstraint(String str) {
        AutentiDocumentPartiesConstraint autentiDocumentPartiesConstraint = new AutentiDocumentPartiesConstraint();
        autentiDocumentPartiesConstraint.setClassifiers(Arrays.asList(CONSTRAINT_UNIQUE_TYPE_PHONE_NUMBER_VERIFICATION_REQUIRED));
        autentiDocumentPartiesConstraint.setConstrainedActions(Arrays.asList(ACTION_SIGNATURE_APPLICATION));
        autentiDocumentPartiesConstraint.setAttributes(AutentiDocumentPartiesConstraintAttributes.builder().phoneNumber(str).build());
        return autentiDocumentPartiesConstraint;
    }

    private AutentiDocumentPartiesConstraint getPriorityConstraint(int i) {
        AutentiDocumentPartiesConstraint autentiDocumentPartiesConstraint = new AutentiDocumentPartiesConstraint();
        autentiDocumentPartiesConstraint.setClassifiers(Arrays.asList(CONSTRAINT_UNIQUE_TYPE_PARTICIPATION_PRIORITY));
        autentiDocumentPartiesConstraint.setAttributes(AutentiDocumentPartiesConstraintAttributes.builder().priority(Integer.valueOf(i)).build());
        return autentiDocumentPartiesConstraint;
    }

    private List<AutentiDocumentPartiesConstraint> getApproverDocumentsPartiesConstraint() {
        ArrayList arrayList = new ArrayList();
        AutentiDocumentPartiesConstraint autentiDocumentPartiesConstraint = new AutentiDocumentPartiesConstraint();
        autentiDocumentPartiesConstraint.setClassifiers(Arrays.asList(CONSTRAINT_UNIQUE_TYPE_PARTICIPATION_PRIORITY));
        autentiDocumentPartiesConstraint.setAttributes(AutentiDocumentPartiesConstraintAttributes.builder().priority(1).build());
        arrayList.add(autentiDocumentPartiesConstraint);
        return arrayList;
    }

    private AutentiDocumentProcessResponse createDocument(AutentiConnectionConfig autentiConnectionConfig, AutentiDocument autentiDocument) throws IOException, AutentiClientApiException {
        log.debug("Create document in Autenti");
        return (AutentiDocumentProcessResponse) executeRequest(createPOSTJSONRequest(autentiConnectionConfig, "/document-processes", jsonRequestBody(autentiDocument)), AutentiDocumentProcessResponse.class);
    }

    private AutentiDocumentProcessResponse sendFileToSign(AutentiConnectionConfig autentiConnectionConfig, String str, WfFile wfFile) throws IOException, AutentiClientApiException {
        String fileName = wfFile.getFileName();
        File file = new File(wfFile.getFullPath());
        String probeContentType = Files.probeContentType(file.toPath());
        log.debug("Send document: " + fileName);
        return (AutentiDocumentProcessResponse) executeRequest(new Request.Builder().url(autentiConnectionConfig.getApiUrl() + "/document-processes/" + str + "/files").addHeader(AUTHORIZATION, "Bearer " + autentiConnectionConfig.getToken()).addHeader(ACCEPT, APPLICATION_JSON).addHeader(CONTENT_TYPE, MULTIPART_FORM_DATA).post(new MultipartBody.Builder().setType(MultipartBody.FORM).addFormDataPart("fileMeta", "fileMeta", RequestBody.create("{\"filename\": \"" + fileName + "\", \"filePurpose\": \"SOURCE_FILE\", \"mimeType\": \"" + probeContentType + "\"}", MediaType.parse(APPLICATION_JSON))).addFormDataPart("file", fileName, RequestBody.create(file, MediaType.parse(probeContentType))).build()).build(), AutentiDocumentProcessResponse.class);
    }

    private boolean sendDocumentToSign(AutentiConnectionConfig autentiConnectionConfig, String str) throws IOException, AutentiClientApiException {
        log.debug("Send Document to Sign. Document ID: " + str);
        String str2 = new String(Base64.getEncoder().encode("{\"classifiers\":[\"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION\"],\"attributes\": {\"selectedIds\": [\"EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_SENT\"]}}".getBytes()));
        log.debug("encodedBytes " + str2);
        executeRequest(new Request.Builder().url(autentiConnectionConfig.getApiUrl() + "/document-processes/" + str + "/actions").method("POST", jsonRequestBody(HttpUrl.FRAGMENT_ENCODE_SET)).addHeader(CONTENT_TYPE, APPLICATION_JSON).addHeader(X_ASSERTION, str2).addHeader(AUTHORIZATION, "Bearer " + autentiConnectionConfig.getToken()).build(), Object.class);
        return true;
    }

    @Override // com.suncode.plugin.plusautenti.clientapi.service.AutentiApiService
    public Path downloadSignedDocument(AutentiConnectionConfig autentiConnectionConfig, String str) throws AutentiException, IOException, AutentiClientApiException {
        Optional<AutentiDocumentFileEntityResponse> findFirst = getAllFiles(autentiConnectionConfig, str).stream().filter(autentiDocumentFileEntityResponse -> {
            return autentiDocumentFileEntityResponse.getFilePurpose().equals(SIGNED_CONTENT_FILE);
        }).findFirst();
        Assert.isTrue(findFirst.isPresent(), "No signed file in document");
        return getFileContent(autentiConnectionConfig, str, URLEncoder.encode(findFirst.get().getId(), "UTF-8"), System.getProperty("java.io.tmpdir") + findFirst.get().getFilename());
    }

    private Path getFileContent(AutentiConnectionConfig autentiConnectionConfig, String str, String str2, String str3) throws AutentiException, AutentiClientApiException {
        log.debug(String.format("Get file content from Autenti. DocumentId: %s, FileId: %s", str, str2));
        byte[] documentByteArray = getDocumentByteArray(createGETJSONRequest(autentiConnectionConfig, "/document-processes/" + str + "/files/" + str2 + "/content"));
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(str3);
            Throwable th = null;
            try {
                try {
                    fileOutputStream.write(documentByteArray);
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                    return Paths.get(str3, new String[0]);
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw new AutentiException(ErrorMessage.SAVE_ON_DISK_ERROR, "Failed to save file on disk", e);
        }
    }

    private List<AutentiDocumentFileEntityResponse> getAllFiles(AutentiConnectionConfig autentiConnectionConfig, String str) throws IOException, AutentiClientApiException {
        log.debug("Get files for document " + str);
        return Arrays.asList((Object[]) executeRequest(new Request.Builder().url(autentiConnectionConfig.getApiUrl() + "/document-processes/" + str + "/files").method("GET", null).addHeader(ACCEPT, APPLICATION_JSON).addHeader(AUTHORIZATION, "Bearer " + autentiConnectionConfig.getToken()).build(), AutentiDocumentFileEntityResponse[].class));
    }

    @Override // com.suncode.plugin.plusautenti.clientapi.service.AutentiApiService
    public AutentiDocument getAutentiDocument(AutentiConnectionConfig autentiConnectionConfig, String str) throws IOException, AutentiClientApiException {
        return (AutentiDocument) executeRequest(createGETJSONRequest(autentiConnectionConfig, "/document-processes/" + str), AutentiDocument.class);
    }

    @Override // com.suncode.plugin.plusautenti.clientapi.service.AutentiApiService
    public boolean isSupportedExtension(String str) {
        return Arrays.stream(SupportedExtensions.values()).map((v0) -> {
            return v0.name();
        }).anyMatch(str2 -> {
            return str2.equalsIgnoreCase(str);
        });
    }

    private <T> RequestBody jsonRequestBody(T t) {
        return RequestBody.create(this.gson.toJson(t), MediaType.parse(APPLICATION_JSON));
    }

    private Request createGETJSONRequest(AutentiConnectionConfig autentiConnectionConfig, String str) {
        return new Request.Builder().url(autentiConnectionConfig.getApiUrl() + str).method("GET", null).addHeader(CONTENT_TYPE, APPLICATION_JSON).addHeader(AUTHORIZATION, "Bearer " + autentiConnectionConfig.getToken()).build();
    }

    private Request createPOSTJSONRequest(AutentiConnectionConfig autentiConnectionConfig, String str, RequestBody requestBody) {
        Request build = new Request.Builder().url(autentiConnectionConfig.getApiUrl() + str).method("POST", requestBody).addHeader(CONTENT_TYPE, APPLICATION_JSON).addHeader(AUTHORIZATION, "Bearer " + autentiConnectionConfig.getToken()).build();
        log.debug("Request json: " + this.gson.toJson(build));
        return build;
    }

    @NotNull
    private <T> T executeRequest(Request request, Class<T> cls) throws AutentiClientApiException, IOException {
        log.debug("Request json: " + this.gson.toJson(request));
        Response execute = client.newCall(request).execute();
        Throwable th = null;
        try {
            String string = execute.body().string();
            if (!execute.isSuccessful()) {
                log.warn("ResponseBody string: " + string);
                ExceptionResponse exceptionResponse = (ExceptionResponse) this.gson.fromJson(string, (Class) ExceptionResponse.class);
                throw new AutentiClientApiException(UNSUCCESSFUL_RESPONSE_MSG, execute.code(), (String) Optional.ofNullable(execute.code() == 403 ? exceptionResponse.getTitle() : exceptionResponse.getDetail()).orElse(string));
            }
            log.debug("ResponseBody string: " + string);
            T t = (T) this.gson.fromJson(string, (Class) cls);
            if (execute != null) {
                if (0 != 0) {
                    try {
                        execute.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    execute.close();
                }
            }
            return t;
        } catch (Throwable th3) {
            if (execute != null) {
                if (0 != 0) {
                    try {
                        execute.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    execute.close();
                }
            }
            throw th3;
        }
    }

    private byte[] getDocumentByteArray(Request request) throws AutentiClientApiException {
        Response execute;
        Throwable th;
        try {
            execute = client.newCall(request).execute();
            th = null;
            try {
            } finally {
                if (execute != null) {
                    if (0 != 0) {
                        try {
                            execute.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        execute.close();
                    }
                }
            }
        } catch (IOException e) {
            throw new AutentiClientApiException(e);
        }
        if (!execute.isSuccessful()) {
            throw new AutentiClientApiException(UNSUCCESSFUL_RESPONSE_MSG, execute.code(), execute.message());
        }
        if (execute.body() == null) {
            if (execute != null) {
                if (0 != 0) {
                    try {
                        execute.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                } else {
                    execute.close();
                }
            }
            return new byte[0];
        }
        InputStream byteStream = execute.body().byteStream();
        Throwable th4 = null;
        try {
            try {
                byte[] byteArray = ByteStreams.toByteArray(byteStream);
                if (byteStream != null) {
                    if (0 != 0) {
                        try {
                            byteStream.close();
                        } catch (Throwable th5) {
                            th4.addSuppressed(th5);
                        }
                    } else {
                        byteStream.close();
                    }
                }
                return byteArray;
            } finally {
            }
        } catch (Throwable th6) {
            if (byteStream != null) {
                if (th4 != null) {
                    try {
                        byteStream.close();
                    } catch (Throwable th7) {
                        th4.addSuppressed(th7);
                    }
                } else {
                    byteStream.close();
                }
            }
            throw th6;
        }
        throw new AutentiClientApiException(e);
    }
}
