package com.helger.phase4.profile.cef;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.debug.GlobalDebug;
import com.helger.commons.error.IError;
import com.helger.commons.error.SingleError;
import com.helger.commons.error.list.ErrorList;
import com.helger.commons.string.StringHelper;
import com.helger.network.port.SchemeDefaultPortMapper;
import com.helger.phase4.attachment.EAS4CompressionMode;
import com.helger.phase4.crypto.ECryptoAlgorithmCrypt;
import com.helger.phase4.crypto.ECryptoAlgorithmSign;
import com.helger.phase4.crypto.ECryptoAlgorithmSignDigest;
import com.helger.phase4.ebms3header.Ebms3SignalMessage;
import com.helger.phase4.ebms3header.Ebms3UserMessage;
import com.helger.phase4.mgr.MetaAS4Manager;
import com.helger.phase4.model.EMEP;
import com.helger.phase4.model.EMEPBinding;
import com.helger.phase4.model.pmode.IPMode;
import com.helger.phase4.model.pmode.PModePayloadService;
import com.helger.phase4.model.pmode.PModeValidationException;
import com.helger.phase4.model.pmode.leg.EPModeSendReceiptReplyPattern;
import com.helger.phase4.model.pmode.leg.PModeLeg;
import com.helger.phase4.model.pmode.leg.PModeLegErrorHandling;
import com.helger.phase4.model.pmode.leg.PModeLegProtocol;
import com.helger.phase4.model.pmode.leg.PModeLegSecurity;
import com.helger.phase4.profile.IAS4ProfileValidator;
import com.helger.phase4.soap.ESoapVersion;
import com.helger.phase4.wss.EWSSVersion;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/phase4-profile-cef-0.9.9.jar:com/helger/phase4/profile/cef/CEFCompatibilityValidator.class */
public class CEFCompatibilityValidator implements IAS4ProfileValidator {
    private static final Logger LOGGER;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Nonnull
    private static IError _createError(@Nonnull String str) {
        return SingleError.builderError().setErrorText(str).build();
    }

    @Override // com.helger.phase4.profile.IAS4ProfileValidator
    public void validatePMode(@Nonnull IPMode iPMode, @Nonnull ErrorList errorList) {
        if (!$assertionsDisabled && !errorList.isEmpty()) {
            throw new AssertionError("Errors in global PMode validation: " + errorList.toString());
        }
        try {
            MetaAS4Manager.getPModeMgr().validatePMode(iPMode);
        } catch (PModeValidationException e) {
            errorList.add(_createError(e.getMessage()));
        }
        EMEP mep = iPMode.getMEP();
        EMEPBinding mEPBinding = iPMode.getMEPBinding();
        if ((mep != EMEP.ONE_WAY || mEPBinding != EMEPBinding.PUSH) && (mep != EMEP.TWO_WAY || mEPBinding != EMEPBinding.PUSH_PUSH)) {
            errorList.add(_createError("An invalid combination of PMode MEP (" + mep + ") and MEP binding (" + mEPBinding + ") was specified, valid are only one-way/push and two-way/push-push."));
        }
        PModeLeg leg1 = iPMode.getLeg1();
        if (leg1 == null) {
            errorList.add(_createError("PMode is missing Leg 1"));
            return;
        }
        _checkIfLegIsValid(iPMode, errorList, leg1);
        if (mep.isTwoWay()) {
            PModeLeg leg2 = iPMode.getLeg2();
            if (leg2 == null) {
                errorList.add(_createError("PMode is missing Leg 2 and is specified as TWO-WAY"));
            } else {
                _checkIfLegIsValid(iPMode, errorList, leg2);
            }
        }
    }

    private void _checkIfLegIsValid(@Nonnull IPMode iPMode, @Nonnull ErrorList errorList, @Nonnull PModeLeg pModeLeg) {
        EAS4CompressionMode compressionMode;
        PModeLegProtocol protocol = pModeLeg.getProtocol();
        if (protocol == null) {
            errorList.add(_createError("PMode Leg 1 is missing Protocol"));
        } else {
            String addressProtocol = protocol.getAddressProtocol();
            if (addressProtocol != null && !addressProtocol.equalsIgnoreCase(SchemeDefaultPortMapper.SCHEME_HTTPS) && (!addressProtocol.equalsIgnoreCase("http") || !GlobalDebug.isDebugMode())) {
                errorList.add(_createError("PMode Leg1 uses a non-standard AddressProtocol: " + addressProtocol));
            }
            ESoapVersion soapVersion = protocol.getSoapVersion();
            if (!soapVersion.isAS4Default()) {
                errorList.add(_createError("PMode Leg1 uses a non-standard SOAP version: " + soapVersion.getVersion()));
            }
        }
        PModeLegSecurity security = pModeLeg.getSecurity();
        if (security != null) {
            if (security.getX509SignatureAlgorithm() == null) {
                errorList.add(_createError("No signature algorithm is specified but is required"));
            } else if (!security.getX509SignatureAlgorithm().equals(ECryptoAlgorithmSign.RSA_SHA_256)) {
                errorList.add(_createError("AS4 Profile only allows " + ECryptoAlgorithmSign.RSA_SHA_256.getID() + " as signing algorithm"));
            }
            if (security.getX509SignatureHashFunction() == null) {
                errorList.add(_createError("No hash function (Digest Algorithm) is specified but is required"));
            } else if (!security.getX509SignatureHashFunction().equals(ECryptoAlgorithmSignDigest.DIGEST_SHA_256)) {
                errorList.add(_createError("AS4 Profile only allows " + ECryptoAlgorithmSignDigest.DIGEST_SHA_256.getID() + " as hash function"));
            }
            if (security.getX509EncryptionAlgorithm() == null) {
                errorList.add(_createError("No encryption algorithm is specified but is required"));
            } else if (!security.getX509EncryptionAlgorithm().equals(ECryptoAlgorithmCrypt.AES_128_GCM)) {
                errorList.add(_createError("AS4 Profile only allows " + ECryptoAlgorithmCrypt.AES_128_GCM.getID() + " as encryption algorithm"));
            }
            if (security.getWSSVersion() != null && !security.getWSSVersion().equals(EWSSVersion.WSS_111)) {
                errorList.add(_createError("Wrong WSS Version " + security.getWSSVersion() + " only " + EWSSVersion.WSS_111 + " is allowed."));
            }
            if (!security.isPModeAuthorizeDefined()) {
                errorList.add(_createError("PMode Authorize is a mandatory parameter"));
            } else if (security.isPModeAuthorize()) {
                errorList.add(_createError("PMode Authorize has to be set to false"));
            }
            if (security.isSendReceiptDefined() && security.isSendReceipt() && security.getSendReceiptReplyPattern() != EPModeSendReceiptReplyPattern.RESPONSE) {
                errorList.add(_createError("Only response is allowed as pattern"));
            }
        }
        PModeLegErrorHandling errorHandling = pModeLeg.getErrorHandling();
        if (errorHandling != null) {
            if (!errorHandling.isReportAsResponseDefined()) {
                errorList.add(_createError("ReportAsResponse is a mandatory PMode parameter"));
            } else if (!errorHandling.isReportAsResponse()) {
                errorList.add(_createError("PMode ReportAsResponse has to be True"));
            }
            if (!errorHandling.isReportProcessErrorNotifyConsumerDefined()) {
                errorList.add(_createError("ReportProcessErrorNotifyConsumer is a mandatory PMode parameter"));
            } else if (!errorHandling.isReportProcessErrorNotifyConsumer()) {
                errorList.add(_createError("PMode ReportProcessErrorNotifyConsumer has to be True"));
            }
            if (!errorHandling.isReportDeliveryFailuresNotifyProducerDefined()) {
                errorList.add(_createError("ReportDeliveryFailuresNotifyProducer is a mandatory PMode parameter"));
            } else if (!errorHandling.isReportDeliveryFailuresNotifyProducer()) {
                errorList.add(_createError("PMode ReportDeliveryFailuresNotifyProducer has to be True"));
            }
        } else {
            errorList.add(_createError("No ErrorHandling Parameter present but they are mandatory"));
        }
        PModePayloadService payloadService = iPMode.getPayloadService();
        if (payloadService == null || (compressionMode = payloadService.getCompressionMode()) == null || compressionMode.equals(EAS4CompressionMode.GZIP)) {
            return;
        }
        errorList.add(_createError("Only GZIP Compression is allowed"));
    }

    @Override // com.helger.phase4.profile.IAS4ProfileValidator
    public void validateUserMessage(@Nonnull Ebms3UserMessage ebms3UserMessage, @Nonnull ErrorList errorList) {
        ValueEnforcer.notNull(ebms3UserMessage, "UserMsg");
        if (ebms3UserMessage.getMessageInfo() == null) {
            errorList.add(_createError("MessageInfo is missing but is mandatory!"));
        } else if (StringHelper.hasNoText(ebms3UserMessage.getMessageInfo().getMessageId())) {
            errorList.add(_createError("MessageID is missing but is mandatory!"));
        }
        if (ebms3UserMessage.getPartyInfo() == null) {
            errorList.add(_createError("At least one PartyInfo element has to be present"));
            return;
        }
        if (ebms3UserMessage.getPartyInfo().getTo() != null && ebms3UserMessage.getPartyInfo().getTo().getPartyIdCount() > 1) {
            errorList.add(_createError("Only 1 PartyID is allowed in PartyTo - part"));
        }
        if (ebms3UserMessage.getPartyInfo().getFrom() == null || ebms3UserMessage.getPartyInfo().getFrom().getPartyIdCount() <= 1) {
            return;
        }
        errorList.add(_createError("Only 1 PartyID is allowed in PartyFrom - part"));
    }

    @Override // com.helger.phase4.profile.IAS4ProfileValidator
    public void validateSignalMessage(@Nonnull Ebms3SignalMessage ebms3SignalMessage, @Nonnull ErrorList errorList) {
        ValueEnforcer.notNull(ebms3SignalMessage, "SignalMsg");
        if (StringHelper.hasNoText(ebms3SignalMessage.getMessageInfo().getMessageId())) {
            errorList.add(_createError("MessageID is missing but is mandatory!"));
        }
    }

    static {
        $assertionsDisabled = !CEFCompatibilityValidator.class.desiredAssertionStatus();
        LOGGER = LoggerFactory.getLogger((Class<?>) CEFCompatibilityValidator.class);
    }
}
