package br.com.efi.efisdk;

import br.com.efi.efisdk.exceptions.AuthorizationException;
import br.com.efi.efisdk.exceptions.EfiPayException;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.Date;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.xml.bind.DatatypeConverter;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.core5.ssl.SSLContextBuilder;
import org.apache.hc.core5.ssl.SSLContexts;
import org.json.JSONObject;

/* loaded from: input_file:br/com/efi/efisdk/Auth.class */
public class Auth {
    private String accessToken;
    private String tokenType;
    private Date expires;
    private Request request;
    private final JSONObject authBody;
    private final String authCredentials;

    public Auth(JSONObject jSONObject, String str, String str2) throws Exception {
        if (!jSONObject.has("clientId") || !jSONObject.has("clientSecret")) {
            throw new Exception("Client_Id or Client_Secret not found");
        }
        if (jSONObject.has("certificate")) {
            String string = jSONObject.getString("certificate");
            if (string.endsWith(".p12")) {
                setupP12SslContext(string, jSONObject.optString("password", ""));
            } else {
                if (!string.endsWith(".pem")) {
                    throw new Exception("Unsupported certificate format");
                }
                setupPemSslContext(string);
            }
        }
        this.request = new Request(str, (HttpURLConnection) new URL(jSONObject.getString("baseUri") + str2).openConnection());
        if (jSONObject.has("partnerToken")) {
            this.request.addHeader("partner-token", jSONObject.getString("partnerToken"));
        }
        this.authBody = new JSONObject();
        this.authBody.put("grant_type", "client_credentials");
        this.authCredentials = DatatypeConverter.printBase64Binary((jSONObject.getString("clientId") + ":" + jSONObject.getString("clientSecret")).getBytes("UTF-8"));
    }

    private void setupP12SslContext(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            keyStore.load(fileInputStream, str2.toCharArray());
            fileInputStream.close();
            SSLContext build = SSLContextBuilder.create().loadKeyMaterial(keyStore, str2.toCharArray()).build();
            PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(new SSLConnectionSocketFactory(build)).build();
            HttpsURLConnection.setDefaultSSLSocketFactory(build.getSocketFactory());
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private void setupPemSslContext(String str) throws Exception {
        SSLContext build = SSLContexts.custom().build();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        FileInputStream fileInputStream = new FileInputStream(str + "/cert.pem");
        try {
            FileInputStream fileInputStream2 = new FileInputStream(str + "/key.pem");
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
                keyStore.setCertificateEntry("cert-alias", x509Certificate);
                keyStore.setKeyEntry("key-alias", KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(new String(fileInputStream2.readAllBytes()).replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\s", "")))), null, new Certificate[]{x509Certificate});
                fileInputStream2.close();
                fileInputStream.close();
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, null);
                build.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
                PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(new SSLConnectionSocketFactory(build)).build();
                HttpsURLConnection.setDefaultSSLSocketFactory(build.getSocketFactory());
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public void setRequest(Request request) {
        this.request = request;
    }

    public void authorize() throws IOException, AuthorizationException, EfiPayException {
        this.request.addHeader("Authorization", "Basic " + this.authCredentials);
        JSONObject send = this.request.send(this.authBody);
        this.accessToken = send.getString("access_token");
        this.expires = new Date(new Date().getTime() + send.getLong("expires_in"));
        this.tokenType = send.getString("token_type");
    }

    public Date getExpires() {
        return this.expires;
    }

    public String getAccessToken() {
        return this.accessToken;
    }

    public String getTokenType() {
        return this.tokenType;
    }

    public JSONObject getAuthBody() {
        return this.authBody;
    }

    public String getAuthCredentials() {
        return this.authCredentials;
    }
}
