package ee.bitweb.springframework.security.estonianid.authentication;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import javax.xml.bind.DatatypeConverter;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPConnectionFactory;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:ee/bitweb/springframework/security/estonianid/authentication/IdCardAuthenticationService.class */
public class IdCardAuthenticationService extends EstonianIdAuthenticationService implements InitializingBean {
    public static final String ST_GOOD = "GOOD";
    public static final String ST_BAD_CERTIFICATE = "BAD_CERTIFICATE";
    public static final String ST_AUTHENTICATED = "AUTHENTICATED";
    private String digiDocServiceUrl;
    private static final String DIGIDOCSERVICE_WSDL_URL = "http://www.sk.ee/DigiDocService/DigiDocService_2_3.wsdl";

    public void afterPropertiesSet() {
        Assert.notNull(this.digiDocServiceUrl, "digiDocServiceUrl must be specified");
    }

    public String checkCertificate(X509Certificate x509Certificate) {
        if (this.trustAllCertificates) {
            doTrustAllCertificates();
        }
        try {
            SOAPMessage call = SOAPConnectionFactory.newInstance().createConnection().call(getRequestMessage(x509Certificate), this.digiDocServiceUrl);
            if (this.trustAllCertificates) {
                resetHttpsUrlConnection();
            }
            SOAPBody sOAPBody = call.getSOAPBody();
            if (sOAPBody.hasFault()) {
                this.logger.error("CheckCertificate fault: " + sOAPBody.getFault().getFaultString());
                return null;
            }
            NodeList childNodes = sOAPBody.getFirstChild().getChildNodes();
            String str = null;
            String str2 = null;
            for (int i = 0; i < childNodes.getLength(); i++) {
                Node item = childNodes.item(i);
                if (item.getNodeName().equalsIgnoreCase("Status")) {
                    str = item.getTextContent();
                } else if (item.getNodeName().equalsIgnoreCase("UserIDCode")) {
                    str2 = item.getTextContent();
                }
            }
            if (str == null || !str.equalsIgnoreCase(ST_GOOD)) {
                return null;
            }
            return str2;
        } catch (CertificateEncodingException e) {
            if (this.trustAllCertificates) {
                resetHttpsUrlConnection();
            }
            this.logger.error(e);
            return null;
        } catch (SOAPException e2) {
            if (this.trustAllCertificates) {
                resetHttpsUrlConnection();
            }
            this.logger.error(e2);
            return null;
        }
    }

    private SOAPMessage getRequestMessage(X509Certificate x509Certificate) throws SOAPException, CertificateEncodingException {
        SOAPMessage createMessage = MessageFactory.newInstance().createMessage();
        SOAPEnvelope envelope = createMessage.getSOAPPart().getEnvelope();
        SOAPBody body = envelope.getBody();
        envelope.addNamespaceDeclaration("ddoc", DIGIDOCSERVICE_WSDL_URL);
        body.addChildElement("CheckCertificate", "ddoc").addChildElement("Certificate").addTextNode(DatatypeConverter.printBase64Binary(x509Certificate.getEncoded()));
        createMessage.getMimeHeaders().addHeader("SOAPAction", getSoapAction("CheckCertificate"));
        createMessage.saveChanges();
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            createMessage.writeTo(byteArrayOutputStream);
            this.logger.debug("CheckCertificate request: " + System.lineSeparator() + byteArrayOutputStream.toString());
        } catch (IOException e) {
        }
        return createMessage;
    }

    private String getSoapAction(String str) {
        StringBuilder sb = new StringBuilder(this.digiDocServiceUrl);
        if (!this.digiDocServiceUrl.endsWith("/")) {
            sb.append("/");
        }
        sb.append(str);
        return sb.toString();
    }

    public String getDigiDocServiceUrl() {
        return this.digiDocServiceUrl;
    }

    public void setDigiDocServiceUrl(String str) {
        this.digiDocServiceUrl = str;
    }
}
