package org.echocat.marquardt.client.okhttp;

import com.google.common.collect.Lists;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonObject;
import com.squareup.okhttp.Interceptor;
import com.squareup.okhttp.MediaType;
import com.squareup.okhttp.OkHttpClient;
import com.squareup.okhttp.Request;
import com.squareup.okhttp.RequestBody;
import com.squareup.okhttp.Response;
import java.io.IOException;
import java.security.PublicKey;
import java.util.Collection;
import java.util.Iterator;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import okio.Buffer;
import org.apache.commons.codec.binary.Base64;
import org.echocat.marquardt.client.Client;
import org.echocat.marquardt.client.util.Md5Creator;
import org.echocat.marquardt.client.util.ResponseStatusTranslation;
import org.echocat.marquardt.common.CertificateValidator;
import org.echocat.marquardt.common.domain.Credentials;
import org.echocat.marquardt.common.domain.DeserializingFactory;
import org.echocat.marquardt.common.domain.SignUpAccountData;
import org.echocat.marquardt.common.domain.Signable;
import org.echocat.marquardt.common.domain.certificate.Certificate;
import org.echocat.marquardt.common.domain.certificate.Role;
import org.echocat.marquardt.common.exceptions.InvalidCertificateException;
import org.echocat.marquardt.common.keyprovisioning.KeyPairProvider;
import org.echocat.marquardt.common.serialization.RolesDeserializer;
import org.echocat.marquardt.common.util.DateProvider;
import org.echocat.marquardt.common.web.SignatureHeaders;

/* loaded from: input_file:org/echocat/marquardt/client/okhttp/MarquardtClient.class */
public class MarquardtClient<SIGNABLE extends Signable, ROLE extends Role> implements Client<SIGNABLE> {
    private static final int OK_STATUS = 200;
    private static final int CREATED_STATUS = 201;
    private static final int NO_CONTENT_STATUS = 204;
    private static final String POST_METHOD = "POST";
    private static final String GET_METHOD = "GET";
    private static final String PUT_METHOD = "PUT";
    private static final String DELETE_METHOD = "DELETE";
    private static final String ACCEPT_LANGUAGE_HEADER = "Accept-Language";
    private final String _baseUri;
    private final DeserializingFactory<SIGNABLE> _deserializingFactory;
    private final CertificateValidator<SIGNABLE, ROLE> _certificateValidator;
    private final KeyPairProvider _clientKeyProvider;
    private static final MediaType JSON = MediaType.parse("application/json; charset=utf-8");
    private static final Gson GSON = new GsonBuilder().registerTypeAdapter(PublicKey.class, new PublicKeyAdapter()).create();
    private final OkHttpClient _httpClient = new OkHttpClient();
    private final OkHttpClient _headerSignedHttpClient = new OkHttpClient();
    private final RequestSigner _requestSigner = new RequestSigner();
    private DateProvider _dateProvider = new DateProvider();
    private Locale _locale = Locale.getDefault();

    public MarquardtClient(String str, DeserializingFactory<SIGNABLE> deserializingFactory, final RolesDeserializer<ROLE> rolesDeserializer, KeyPairProvider keyPairProvider, Collection<PublicKey> collection) {
        this._baseUri = str;
        this._deserializingFactory = deserializingFactory;
        this._clientKeyProvider = keyPairProvider;
        this._headerSignedHttpClient.networkInterceptors().add(new Interceptor() { // from class: org.echocat.marquardt.client.okhttp.MarquardtClient.1
            public Response intercept(Interceptor.Chain chain) throws IOException {
                Request request = chain.request();
                Buffer buffer = new Buffer();
                if (request.body() != null) {
                    request.body().writeTo(buffer);
                }
                Request build = request.newBuilder().addHeader(SignatureHeaders.CONTENT.getHeaderName(), Base64.encodeBase64URLSafeString(Md5Creator.create(buffer.readByteArray()))).build();
                return chain.proceed(build.newBuilder().addHeader("X-Signature", new String(MarquardtClient.this._requestSigner.getSignature(build, MarquardtClient.this._clientKeyProvider.getPrivateKey()))).build());
            }
        });
        this._certificateValidator = (CertificateValidator<SIGNABLE, ROLE>) new CertificateValidator<SIGNABLE, ROLE>(collection) { // from class: org.echocat.marquardt.client.okhttp.MarquardtClient.2
            protected DeserializingFactory<SIGNABLE> deserializingFactory() {
                return MarquardtClient.this._deserializingFactory;
            }

            protected RolesDeserializer<ROLE> roleCodeDeserializer() {
                return rolesDeserializer;
            }
        };
        this._certificateValidator.setDateProvider(this._dateProvider);
    }

    public void setTimeouts(int i, int i2, int i3, TimeUnit timeUnit) {
        Iterator it = Lists.newArrayList(new OkHttpClient[]{this._httpClient, this._headerSignedHttpClient}).iterator();
        while (it.hasNext()) {
            OkHttpClient okHttpClient = (OkHttpClient) it.next();
            okHttpClient.setConnectTimeout(i, timeUnit);
            okHttpClient.setReadTimeout(i2, timeUnit);
            okHttpClient.setWriteTimeout(i3, timeUnit);
        }
    }

    public void setDateProvider(DateProvider dateProvider) {
        this._dateProvider = dateProvider;
        this._certificateValidator.setDateProvider(this._dateProvider);
    }

    @Override // org.echocat.marquardt.client.Client
    public Certificate<SIGNABLE> signup(SignUpAccountData<? extends Credentials> signUpAccountData) throws IOException {
        Response execute = this._httpClient.newCall(postRequestWithJsonObjectParameter(this._baseUri + "/auth/signup", signUpAccountData)).execute();
        if (execute.code() != CREATED_STATUS) {
            throw ResponseStatusTranslation.from(Integer.valueOf(execute.code())).translateToException(execute.message());
        }
        return extractCertificateFrom(execute);
    }

    @Override // org.echocat.marquardt.client.Client
    public Certificate<SIGNABLE> signin(Credentials credentials) throws IOException {
        Response execute = this._httpClient.newCall(postRequestWithJsonObjectParameter(this._baseUri + "/auth/signin", credentials)).execute();
        if (execute.code() != OK_STATUS) {
            throw ResponseStatusTranslation.from(Integer.valueOf(execute.code())).translateToException(execute.message());
        }
        return extractCertificateFrom(execute);
    }

    @Override // org.echocat.marquardt.client.Client
    public Certificate<SIGNABLE> refresh(Certificate<SIGNABLE> certificate) throws IOException {
        Response execute = this._headerSignedHttpClient.newCall(sendRequestWithCertificateHeader(this._baseUri + "/auth/refresh", POST_METHOD, certificate)).execute();
        if (execute.code() != OK_STATUS) {
            throw ResponseStatusTranslation.from(Integer.valueOf(execute.code())).translateToException(execute.message());
        }
        return extractCertificateFrom(execute);
    }

    @Override // org.echocat.marquardt.client.Client
    public boolean signout(Certificate<SIGNABLE> certificate) throws IOException {
        Response execute = this._headerSignedHttpClient.newCall(sendRequestWithCertificateHeader(this._baseUri + "/auth/signout", POST_METHOD, certificate)).execute();
        if (execute.code() != NO_CONTENT_STATUS) {
            throw ResponseStatusTranslation.from(Integer.valueOf(execute.code())).translateToException(execute.message());
        }
        return true;
    }

    @Override // org.echocat.marquardt.client.Client
    public <REQUEST, RESPONSE> RESPONSE sendSignedPayloadTo(String str, String str2, REQUEST request, Class<RESPONSE> cls, Certificate<SIGNABLE> certificate) throws IOException {
        Response execute = this._headerSignedHttpClient.newCall(sendRequestWithCertificateHeader(str, str2, certificate, request)).execute();
        if (execute.isSuccessful()) {
            return (RESPONSE) GSON.fromJson(execute.body().string(), cls);
        }
        throw ResponseStatusTranslation.from(Integer.valueOf(execute.code())).translateToException(execute.message());
    }

    @Override // org.echocat.marquardt.client.Client
    public void setLocale(Locale locale) {
        this._locale = locale;
    }

    private Certificate<SIGNABLE> extractCertificateFrom(Response response) throws IOException {
        Certificate<SIGNABLE> deserializeAndValidateCertificate = this._certificateValidator.deserializeAndValidateCertificate(Base64.decodeBase64(((JsonObject) GSON.fromJson(response.body().string(), JsonObject.class)).get("certificate").getAsString()));
        if (deserializeAndValidateCertificate.getClientPublicKey().equals(this._clientKeyProvider.getPublicKey())) {
            return deserializeAndValidateCertificate;
        }
        throw new InvalidCertificateException("certificate key does not match my public key");
    }

    private Request postRequestWithJsonObjectParameter(String str, Object obj) {
        return new Request.Builder().url(str).post(RequestBody.create(JSON, GSON.toJson(obj))).addHeader(ACCEPT_LANGUAGE_HEADER, this._locale.toLanguageTag()).build();
    }

    private Request sendRequestWithCertificateHeader(String str, String str2, Certificate<SIGNABLE> certificate) throws IOException {
        return sendRequestWithCertificateHeader(str, str2, certificate, "");
    }

    private Request sendRequestWithCertificateHeader(String str, String str2, Certificate<SIGNABLE> certificate, Object obj) throws IOException {
        RequestBody create = RequestBody.create(JSON, GSON.toJson(obj));
        Request.Builder url = new Request.Builder().url(str);
        setRequestHttpMethod(str2, create, url);
        return url.addHeader(SignatureHeaders.X_CERTIFICATE.getHeaderName(), Base64.encodeBase64URLSafeString(certificate.getContent())).addHeader(ACCEPT_LANGUAGE_HEADER, this._locale.toLanguageTag()).build();
    }

    private void setRequestHttpMethod(String str, RequestBody requestBody, Request.Builder builder) {
        if (str.equalsIgnoreCase(GET_METHOD)) {
            builder.get();
            return;
        }
        if (str.equalsIgnoreCase(POST_METHOD)) {
            builder.post(requestBody);
        } else if (str.equalsIgnoreCase(PUT_METHOD)) {
            builder.put(requestBody);
        } else {
            if (!str.equalsIgnoreCase(DELETE_METHOD)) {
                throw new IllegalArgumentException("HttpMethod " + str + " is not supported by this client.");
            }
            builder.delete(requestBody);
        }
    }
}
