package ee.bitweb.springframework.security.estonianid.authentication;

import ee.bitweb.springframework.security.estonianid.filter.MobileIdAuthenticationFilter;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.Random;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPConnection;
import javax.xml.soap.SOAPConnectionFactory;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPFault;
import javax.xml.soap.SOAPMessage;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:ee/bitweb/springframework/security/estonianid/authentication/MobileIdAuthenticationService.class */
public class MobileIdAuthenticationService extends EstonianIdAuthenticationService implements InitializingBean {
    public static final String ST_OK = "OK";
    private String appServiceName;
    private String digiDocServiceUrl;
    private static final String DIGIDOCSERVICE_WSDL_URL = "http://www.sk.ee/DigiDocService/DigiDocService_2_3.wsdl";
    private static final Collection<String> SUPPORTED_LANGUAGE_CODES = Arrays.asList(MobileIdAuthenticationFilter.LANG_EST, MobileIdAuthenticationFilter.LANG_ENG, MobileIdAuthenticationFilter.LANG_RUS, MobileIdAuthenticationFilter.LANG_LIT);
    public static final String ST_OUTSTANDING_TRANSACTION = "OUTSTANDING_TRANSACTION";
    public static final String ST_USER_AUTHENTICATED = "USER_AUTHENTICATED";
    public static final String ST_NOT_VALID = "NOT_VALID";
    public static final String ST_EXPIRED_TRANSACTION = "EXPIRED_TRANSACTION";
    public static final String ST_USER_CANCEL = "USER_CANCEL";
    public static final String ST_MID_NOT_READY = "MID_NOT_READY";
    public static final String ST_PHONE_ABSENT = "PHONE_ABSENT";
    public static final String ST_SENDING_ERROR = "SENDING_ERROR";
    public static final String ST_SIM_ERROR = "SIM_ERROR";
    public static final String ST_INTERNAL_ERROR = "INTERNAL_ERROR";
    private static final Collection<String> VALID_STATUSES = Arrays.asList(ST_OUTSTANDING_TRANSACTION, ST_USER_AUTHENTICATED, ST_NOT_VALID, ST_EXPIRED_TRANSACTION, ST_USER_CANCEL, ST_MID_NOT_READY, ST_PHONE_ABSENT, ST_SENDING_ERROR, ST_SIM_ERROR, ST_INTERNAL_ERROR);
    private static final Collection<Integer> ERROR_CODES = Arrays.asList(100, 101, 102, 103, 200, 201, 202, 203, 300, 301, 302, 303, 304, 305, 413, 503);

    public void afterPropertiesSet() {
        Assert.notNull(this.appServiceName, "appServiceName must be specified");
        Assert.notNull(this.digiDocServiceUrl, "digiDocServiceUrl must be specified");
    }

    public MobileIdAuthenticationSession beginAuthentication(String str, String str2) {
        MobileIdAuthenticationSession mobileIdAuthenticationSession = new MobileIdAuthenticationSession();
        if (ObjectUtils.isEmpty(str)) {
            this.logger.warn("Missing phone number");
            mobileIdAuthenticationSession.setErrorCode(-1);
            return mobileIdAuthenticationSession;
        }
        if (!SUPPORTED_LANGUAGE_CODES.contains(str2)) {
            str2 = MobileIdAuthenticationFilter.LANG_EST;
        }
        String generateChallenge = generateChallenge();
        if (this.trustAllCertificates) {
            doTrustAllCertificates();
        }
        try {
            SOAPMessage call = getSoapConnection().call(getAuthenticationMessage(str, str2, generateChallenge), this.digiDocServiceUrl);
            logResponse(call);
            if (this.trustAllCertificates) {
                resetHttpsUrlConnection();
            }
            SOAPBody sOAPBody = call.getSOAPBody();
            if (sOAPBody.hasFault()) {
                mobileIdAuthenticationSession.setErrorCode(Integer.valueOf(getSoapErrorCode(sOAPBody.getFault())));
            } else {
                NodeList childNodes = sOAPBody.getFirstChild().getChildNodes();
                String str3 = null;
                String str4 = null;
                String str5 = null;
                String str6 = null;
                String str7 = null;
                String str8 = null;
                for (int i = 0; i < childNodes.getLength(); i++) {
                    Node item = childNodes.item(i);
                    if (item.getNodeName().equalsIgnoreCase("Status")) {
                        str3 = item.getTextContent();
                    } else if (item.getNodeName().equalsIgnoreCase("Sesscode")) {
                        str4 = item.getTextContent();
                    } else if (item.getNodeName().equalsIgnoreCase("ChallengeID")) {
                        str5 = item.getTextContent();
                    } else if (item.getNodeName().equalsIgnoreCase("UserIDCode")) {
                        str6 = item.getTextContent();
                    } else if (item.getNodeName().equalsIgnoreCase("UserGivenname")) {
                        str7 = item.getTextContent();
                    } else if (item.getNodeName().equalsIgnoreCase("UserSurname")) {
                        str8 = item.getTextContent();
                    }
                }
                if (str3 == null || !str3.equalsIgnoreCase(ST_OK)) {
                    this.logger.warn("MobileAuthenticate returned an invalid status. Returned status: " + str3);
                    mobileIdAuthenticationSession.setErrorCode(-1);
                } else {
                    Date date = new Date();
                    mobileIdAuthenticationSession.setSessionCode(str4);
                    mobileIdAuthenticationSession.setChallengeId(str5);
                    mobileIdAuthenticationSession.setUserIdCode(str6);
                    mobileIdAuthenticationSession.setUserGivenName(str7);
                    mobileIdAuthenticationSession.setUserSurname(str8);
                    mobileIdAuthenticationSession.setTimeStarted(date);
                    mobileIdAuthenticationSession.setTimePolled(date);
                    mobileIdAuthenticationSession.setStatus(str3);
                }
            }
        } catch (SOAPException e) {
            if (this.trustAllCertificates) {
                resetHttpsUrlConnection();
            }
            mobileIdAuthenticationSession.setErrorCode(-1);
            this.logger.warn("Unknown SOAPException: ", e);
        }
        return mobileIdAuthenticationSession;
    }

    public MobileIdAuthenticationSession poll(MobileIdAuthenticationSession mobileIdAuthenticationSession) {
        if (mobileIdAuthenticationSession.isValidForPolling()) {
            Date date = new Date();
            if ((date.getTime() - mobileIdAuthenticationSession.getTimeStarted().getTime()) / 1000 > 240) {
                this.logger.warn("Trying to use an expired or invalid MobileIdAuthenticationSession");
            }
            if ((date.getTime() - mobileIdAuthenticationSession.getTimePolled().getTime()) / 1000 < (mobileIdAuthenticationSession.getStatus().equals(ST_OK) ? 20L : 5L).longValue()) {
                this.logger.warn("Trying to poll too soon");
            }
            if (this.trustAllCertificates) {
                doTrustAllCertificates();
            }
            try {
                SOAPMessage call = getSoapConnection().call(getPollMessage(mobileIdAuthenticationSession.getSessionCode()), this.digiDocServiceUrl);
                logResponse(call);
                if (this.trustAllCertificates) {
                    resetHttpsUrlConnection();
                }
                mobileIdAuthenticationSession.setTimePolled(date);
                SOAPBody sOAPBody = call.getSOAPBody();
                if (sOAPBody.hasFault()) {
                    mobileIdAuthenticationSession.setErrorCode(Integer.valueOf(getSoapErrorCode(sOAPBody.getFault())));
                } else {
                    NodeList childNodes = sOAPBody.getFirstChild().getChildNodes();
                    String str = null;
                    for (int i = 0; i < childNodes.getLength(); i++) {
                        Node item = childNodes.item(i);
                        if (item.getNodeName().equalsIgnoreCase("Status")) {
                            str = item.getTextContent();
                        }
                    }
                    mobileIdAuthenticationSession.setStatus(str);
                    if (!VALID_STATUSES.contains(str)) {
                        this.logger.warn("Unknown status returned from GetMobileAuthenticateStatus. Returned status: " + str);
                    }
                }
            } catch (SOAPException e) {
                if (this.trustAllCertificates) {
                    resetHttpsUrlConnection();
                }
                this.logger.warn("Unknown SOAPException: ", e);
                mobileIdAuthenticationSession.setErrorCode(-1);
            }
        } else {
            this.logger.warn("Trying to poll an invalid MobileIdAuthenticationSession");
        }
        return mobileIdAuthenticationSession;
    }

    protected static String generateChallenge() {
        Random random = new Random();
        StringBuilder sb = new StringBuilder();
        while (sb.length() < 20) {
            sb.append(Integer.toHexString(random.nextInt()));
        }
        return sb.toString().substring(0, 20);
    }

    private SOAPConnection getSoapConnection() throws SOAPException {
        return SOAPConnectionFactory.newInstance().createConnection();
    }

    private SOAPMessage getAuthenticationMessage(String str, String str2, String str3) throws SOAPException {
        SOAPMessage createMessage = MessageFactory.newInstance().createMessage();
        SOAPEnvelope envelope = createMessage.getSOAPPart().getEnvelope();
        SOAPBody body = envelope.getBody();
        envelope.addNamespaceDeclaration("ddoc", DIGIDOCSERVICE_WSDL_URL);
        SOAPElement addChildElement = body.addChildElement("MobileAuthenticate", "ddoc");
        addChildElement.addChildElement("PhoneNo").addTextNode(str);
        addChildElement.addChildElement("Language").addTextNode(str2);
        addChildElement.addChildElement("ServiceName").addTextNode(this.appServiceName);
        addChildElement.addChildElement("SPChallenge").addTextNode(str3);
        addChildElement.addChildElement("MessagingMode").addTextNode("asynchClientServer");
        createMessage.getMimeHeaders().addHeader("SOAPAction", getSoapAction("MobileAuthenticate"));
        createMessage.saveChanges();
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            createMessage.writeTo(byteArrayOutputStream);
            this.logger.debug("MobileAuthenticate request: " + System.lineSeparator() + byteArrayOutputStream.toString());
        } catch (IOException e) {
        }
        return createMessage;
    }

    private SOAPMessage getPollMessage(String str) throws SOAPException {
        SOAPMessage createMessage = MessageFactory.newInstance().createMessage();
        SOAPEnvelope envelope = createMessage.getSOAPPart().getEnvelope();
        SOAPBody body = envelope.getBody();
        envelope.addNamespaceDeclaration("ddoc", DIGIDOCSERVICE_WSDL_URL);
        SOAPElement addChildElement = body.addChildElement("GetMobileAuthenticateStatus", "ddoc");
        addChildElement.addChildElement("Sesscode").addTextNode(str);
        addChildElement.addChildElement("WaitSignature").addTextNode("0");
        createMessage.getMimeHeaders().addHeader("SOAPAction", getSoapAction("GetMobileAuthenticateStatus"));
        createMessage.saveChanges();
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            createMessage.writeTo(byteArrayOutputStream);
            this.logger.debug("GetMobileAuthenticateStatus request: " + System.lineSeparator() + byteArrayOutputStream.toString());
        } catch (IOException e) {
        }
        return createMessage;
    }

    protected static int getSoapErrorCode(SOAPFault sOAPFault) {
        Integer valueOf = Integer.valueOf(Integer.parseInt(sOAPFault.getFaultString()));
        if (ERROR_CODES.contains(valueOf)) {
            return valueOf.intValue();
        }
        return -1;
    }

    private String getSoapAction(String str) {
        StringBuilder sb = new StringBuilder(this.digiDocServiceUrl);
        if (!this.digiDocServiceUrl.endsWith("/")) {
            sb.append("/");
        }
        sb.append(str);
        return sb.toString();
    }

    public String getAppServiceName() {
        return this.appServiceName;
    }

    public void setAppServiceName(String str) {
        this.appServiceName = str;
    }

    public String getDigiDocServiceUrl() {
        return this.digiDocServiceUrl;
    }

    public void setDigiDocServiceUrl(String str) {
        this.digiDocServiceUrl = str;
    }
}
