package com.foilen.infra.resource.letsencrypt.plugin;

import com.foilen.infra.plugin.v1.core.context.ChangesContext;
import com.foilen.infra.plugin.v1.core.context.CommonServicesContext;
import com.foilen.infra.plugin.v1.core.context.TimerEventContext;
import com.foilen.infra.plugin.v1.core.eventhandler.TimerEventHandler;
import com.foilen.infra.resource.letsencrypt.acme.AcmeService;
import com.foilen.infra.resource.letsencrypt.acme.LetsencryptException;
import com.foilen.infra.resource.webcertificate.WebsiteCertificate;
import com.foilen.infra.resource.webcertificate.helper.CertificateHelper;
import com.foilen.smalltools.crypt.spongycastle.asymmetric.AsymmetricKeys;
import com.foilen.smalltools.crypt.spongycastle.asymmetric.RSACrypt;
import com.foilen.smalltools.crypt.spongycastle.cert.RSACertificate;
import com.foilen.smalltools.crypt.spongycastle.cert.RSATools;
import com.foilen.smalltools.tools.DateTools;
import com.foilen.smalltools.tools.JsonTools;
import com.foilen.smalltools.tuple.Tuple2;
import com.google.common.base.Joiner;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.Optional;
import org.bouncycastle.asn1.cmp.PKIFailureInfo;
import org.shredzone.acme4j.Order;
import org.shredzone.acme4j.challenge.Http01Challenge;
import org.shredzone.acme4j.util.CSRBuilder;

/* loaded from: input_file:com/foilen/infra/resource/letsencrypt/plugin/LetsEncryptRefreshOldCertsWaitHttpTimer.class */
public class LetsEncryptRefreshOldCertsWaitHttpTimer extends AbstractLetsEncryptRefreshOldCertsWaitTimer implements TimerEventHandler {
    private String domain;
    private Order order;
    private Http01Challenge challenge;
    private String url;
    private WebsiteCertificate websiteCertificate;
    private Date expiration;

    public LetsEncryptRefreshOldCertsWaitHttpTimer(AcmeService acmeService, LetsencryptHelper letsencryptHelper, String str, Order order, Http01Challenge http01Challenge, String str2, WebsiteCertificate websiteCertificate) {
        super(acmeService, letsencryptHelper);
        this.domain = str;
        this.order = order;
        this.challenge = http01Challenge;
        this.url = str2;
        this.websiteCertificate = websiteCertificate;
        this.expiration = DateTools.addDate(12, 10);
    }

    public void timerHandler(CommonServicesContext commonServicesContext, ChangesContext changesContext, TimerEventContext timerEventContext) {
        try {
            try {
                try {
                    this.letsencryptHelper.checkUrlOrFail(this.url);
                    this.logger.info("Url {} found", this.url);
                    Optional resourceFind = commonServicesContext.getResourceService().resourceFind(this.websiteCertificate.getInternalId());
                    if (resourceFind.isEmpty()) {
                        this.logger.error("The certificate does not exist anymore. Exit");
                        this.logger.info("Timer completed");
                        return;
                    }
                    this.websiteCertificate = (WebsiteCertificate) resourceFind.get();
                    if (this.letsencryptHelper.recentlyFailed(this.websiteCertificate)) {
                        this.logger.warn("The certificate recently failed. Exit");
                        this.logger.info("Timer completed");
                        return;
                    }
                    this.logger.info("Complete challenges");
                    ArrayList arrayList = new ArrayList();
                    try {
                        this.logger.info("Complete the challenge for certificate: {} ; auth: {}", this.domain, this.challenge.getAuthorization());
                        this.acmeService.challengeComplete(this.challenge);
                    } catch (LetsencryptException e) {
                        this.logger.info("Failed the challenge for certificate: {} ; challenge : {}", this.domain, JsonTools.compactPrintWithoutNulls(this.challenge));
                        arrayList.add(this.domain + " : " + this.letsencryptHelper.getAllMessages(e));
                        this.websiteCertificate.getMeta().put(LetsencryptHelper.LAST_FAILURE, String.valueOf(System.currentTimeMillis()));
                        changesContext.resourceUpdate(this.websiteCertificate);
                    }
                    ArrayList arrayList2 = new ArrayList();
                    ArrayList arrayList3 = new ArrayList();
                    if (arrayList.isEmpty()) {
                        this.logger.info("Get the certificate from Lets Encrypt");
                        AsymmetricKeys generateKeyPair = RSACrypt.RSA_CRYPT.generateKeyPair(PKIFailureInfo.certConfirmed);
                        CSRBuilder cSRBuilder = new CSRBuilder();
                        cSRBuilder.addDomain(this.domain);
                        try {
                            this.logger.info("Getting certificate for: {}", this.domain);
                            cSRBuilder.sign(RSATools.createKeyPair(generateKeyPair));
                            RSACertificate requestCertificate = this.acmeService.requestCertificate(this.order, cSRBuilder.getEncoded());
                            requestCertificate.setKeysForSigning(generateKeyPair);
                            arrayList3.add(new Tuple2(generateKeyPair, requestCertificate));
                            this.logger.info("Successfully updated certificate: {}", this.domain);
                            arrayList2.add(this.domain);
                        } catch (Exception e2) {
                            this.logger.info("Failed to retrieve the certificate for: {}", this.domain);
                            arrayList.add(this.domain + " : " + this.letsencryptHelper.getAllMessages(e2));
                        }
                    }
                    if (!arrayList.isEmpty()) {
                        commonServicesContext.getMessagingService().alertingWarn("Let's Encrypt - Domains Couldn't get certificate (HTTP)", Joiner.on('\n').join(arrayList));
                    }
                    if (!arrayList2.isEmpty()) {
                        commonServicesContext.getMessagingService().alertingInfo("Let's Encrypt - Domains that got a new certificate (HTTP)", Joiner.on('\n').join(arrayList2));
                    }
                    this.logger.info("Update {} certificates in the system", Integer.valueOf(arrayList3.size()));
                    Iterator it = arrayList3.iterator();
                    while (it.hasNext()) {
                        WebsiteCertificate websiteCertificate = CertificateHelper.toWebsiteCertificate(CA_CERTIFICATE_TEXT, (RSACertificate) ((Tuple2) it.next()).getB());
                        websiteCertificate.setResourceEditorName(LetsEncryptWebsiteCertificateEditor.EDITOR_NAME);
                        changesContext.resourceUpdate(this.websiteCertificate, websiteCertificate);
                    }
                    this.logger.info("Timer completed");
                } catch (Throwable th) {
                    this.logger.info("Timer completed");
                    throw th;
                }
            } catch (Exception e3) {
                if (!DateTools.isAfter(new Date(), this.expiration)) {
                    this.logger.info("Url {} not present. Waiting 10 seconds . Error: {}", this.url, this.letsencryptHelper.getAllMessages(e3));
                    commonServicesContext.getTimerService().timerAdd(new TimerEventContext(this, "Let Encrypt - Complete - Wait URL", 13, 10, true, false));
                    this.logger.info("Timer completed");
                } else {
                    this.logger.info("Url {} not present. No more waiting because it expired", this.url, e3);
                    commonServicesContext.getMessagingService().alertingWarn("Let's Encrypt - Domains Couldn't get certificate (HTTP)", this.domain + " : Cannot get url: " + this.letsencryptHelper.getAllMessages(e3));
                    this.websiteCertificate.getMeta().put(LetsencryptHelper.LAST_FAILURE, String.valueOf(System.currentTimeMillis()));
                    changesContext.resourceUpdate(this.websiteCertificate);
                    this.logger.info("Timer completed");
                }
            }
        } catch (Exception e4) {
            this.logger.error("Problem while managing Lets Encrypt", (Throwable) e4);
            commonServicesContext.getMessagingService().alertingError("Problem while managing Lets Encrypt", e4.getMessage());
            this.logger.info("Timer completed");
        }
    }
}
