package io.mosip.authentication.common.service.helper;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants;
import io.mosip.authentication.core.dto.RestRequestDTO;
import io.mosip.authentication.core.exception.IdAuthRetryException;
import io.mosip.authentication.core.exception.IdAuthUncheckedException;
import io.mosip.authentication.core.exception.RestServiceException;
import io.mosip.authentication.core.logger.IdaLogger;
import io.mosip.kernel.core.exception.ExceptionUtils;
import io.mosip.kernel.core.exception.ServiceError;
import io.mosip.kernel.core.http.RequestWrapper;
import io.mosip.kernel.core.logger.spi.Logger;
import io.mosip.kernel.core.retry.WithRetry;
import io.mosip.kernel.core.util.DateUtils;
import io.mosip.kernel.core.util.EmptyCheckUtils;
import io.mosip.kernel.core.util.TokenHandlerUtil;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
import java.io.IOException;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.TimeoutException;
import java.util.function.Supplier;
import javax.annotation.PostConstruct;
import javax.net.ssl.SSLException;
import javax.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseCookie;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.stereotype.Component;
import org.springframework.web.reactive.function.client.ClientResponse;
import org.springframework.web.reactive.function.client.WebClient;
import org.springframework.web.reactive.function.client.WebClientResponseException;
import org.springframework.web.util.UriComponentsBuilder;
import reactor.core.publisher.Mono;

@Component
@Qualifier("external")
/* loaded from: input_file:io/mosip/authentication/common/service/helper/RestHelperImpl.class */
public class RestHelperImpl implements RestHelper {
    private static final String KER_ATH_TOKEN_EXPIRY_ERROR_CODE = "KER-ATH-401";
    private static final String GENERATE_AUTH_TOKEN = "generateAuthToken";

    @Autowired
    private ObjectMapper mapper;
    private LocalDateTime requestTime;
    private static Logger mosipLogger = IdaLogger.getLogger(RestHelper.class);
    private String authToken;

    @Autowired
    private Environment env;
    private WebClient webClient;

    @PostConstruct
    public void initialize() {
        this.webClient = WebClient.builder().clientConnector(new ReactorClientHttpConnector(builder -> {
            try {
                builder.sslContext(getSslContext());
            } catch (RestServiceException e) {
                mosipLogger.error("sessionId", "RestHelper", "requestSync-RuntimeException", "Throwing RestServiceException - UNKNOWN_ERROR - " + e);
                throw new IdAuthUncheckedException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
            }
        })).build();
    }

    @Override // io.mosip.authentication.common.service.helper.RestHelper
    @WithRetry
    public <T> T requestSync(@Valid RestRequestDTO restRequestDTO) throws RestServiceException {
        try {
            try {
                this.requestTime = DateUtils.getUTCCurrentDateTime();
                mosipLogger.debug("sessionId", "RestHelper", "requestSync", "Request received at : " + this.requestTime);
                Object block = restRequestDTO.getTimeout() != null ? request(restRequestDTO).timeout(Duration.ofSeconds(restRequestDTO.getTimeout().intValue())).block() : request(restRequestDTO).block();
                if (!String.class.equals(restRequestDTO.getResponseType())) {
                    checkErrorResponse(block, restRequestDTO.getResponseType());
                    if (block != null && containsError(block.toString())) {
                        mosipLogger.debug("sessionId", "RestHelper", "requestSync", "Response : " + block);
                    }
                }
                T t = (T) block;
                LocalDateTime uTCCurrentDateTime = DateUtils.getUTCCurrentDateTime();
                mosipLogger.debug("sessionId", "RestHelper", "requestSync", "Response sent at : " + uTCCurrentDateTime);
                long millis = Duration.between(this.requestTime, uTCCurrentDateTime).toMillis();
                Logger logger = mosipLogger;
                double d = millis / 1000.0d;
                logger.debug("sessionId", "RestHelper", "requestSync", "Time difference between request and response in millis:" + millis + ".  Time difference between request and response in Seconds: " + logger);
                return t;
            } catch (RuntimeException e) {
                if (e.getCause() == null || !e.getCause().getClass().equals(TimeoutException.class)) {
                    mosipLogger.error("sessionId", "RestHelper", "requestSync-RuntimeException", "Throwing RestServiceException- UNKNOWN_ERROR - " + e);
                    throw new RestServiceException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
                }
                mosipLogger.error("sessionId", "RestHelper", "requestSync", "Throwing RestServiceException- CONNECTION_TIMED_OUT - \n " + ExceptionUtils.getStackTrace(e));
                throw new RestServiceException(IdAuthenticationErrorConstants.CONNECTION_TIMED_OUT, e);
            } catch (WebClientResponseException e2) {
                mosipLogger.error("sessionId", "RestHelper", "requestSync", "Throwing RestServiceException- Http Status error - \n " + ExceptionUtils.getStackTrace(e2));
                mosipLogger.debug("sessionId", "RestHelper", "requestSync", "Throwing RestServiceException- Http Status error - \n  \n Response Body : \n" + e2.getResponseBodyAsString());
                throw handleStatusError(e2, restRequestDTO.getResponseType());
            }
        } catch (Throwable th) {
            LocalDateTime uTCCurrentDateTime2 = DateUtils.getUTCCurrentDateTime();
            mosipLogger.debug("sessionId", "RestHelper", "requestSync", "Response sent at : " + uTCCurrentDateTime2);
            long millis2 = Duration.between(this.requestTime, uTCCurrentDateTime2).toMillis();
            Logger logger2 = mosipLogger;
            double d2 = millis2 / 1000.0d;
            logger2.debug("sessionId", "RestHelper", "requestSync", "Time difference between request and response in millis:" + millis2 + ".  Time difference between request and response in Seconds: " + logger2);
            throw th;
        }
    }

    private boolean containsError(String str) {
        return super.containsError(str, this.mapper);
    }

    @Override // io.mosip.authentication.common.service.helper.RestHelper
    public Supplier<Object> requestAsync(@Valid RestRequestDTO restRequestDTO) {
        Mono<?> request = request(restRequestDTO);
        request.subscribe();
        mosipLogger.debug("sessionId", "RestHelper", "requestAsync", "Request subscribed");
        return () -> {
            return request.block();
        };
    }

    private SslContext getSslContext() throws RestServiceException {
        try {
            return SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).build();
        } catch (SSLException e) {
            mosipLogger.error("sessionId", "RestHelper", "requestSync-RuntimeException", "Throwing RestServiceException - UNKNOWN_ERROR - " + e);
            throw new RestServiceException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        }
    }

    private Mono<?> request(RestRequestDTO restRequestDTO) {
        if (restRequestDTO.getParams() != null && restRequestDTO.getPathVariables() == null) {
            restRequestDTO.setUri(UriComponentsBuilder.fromUriString(restRequestDTO.getUri()).queryParams(restRequestDTO.getParams()).toUriString());
        } else if (restRequestDTO.getParams() == null && restRequestDTO.getPathVariables() != null) {
            restRequestDTO.setUri(UriComponentsBuilder.fromUriString(restRequestDTO.getUri()).buildAndExpand(restRequestDTO.getPathVariables()).toUriString());
        } else if (restRequestDTO.getParams() != null && restRequestDTO.getPathVariables() != null) {
            restRequestDTO.setUri(UriComponentsBuilder.fromUriString(restRequestDTO.getUri()).queryParams(restRequestDTO.getParams()).buildAndExpand(restRequestDTO.getPathVariables()).toUriString());
        }
        WebClient.RequestBodySpec uri = this.webClient.method(restRequestDTO.getHttpMethod()).uri(restRequestDTO.getUri(), new Object[0]);
        if (restRequestDTO.getHeaders() != null) {
            uri = (WebClient.RequestBodySpec) uri.headers(httpHeaders -> {
                restRequestDTO.getHeaders().entrySet().forEach(entry -> {
                    ((List) entry.getValue()).forEach(str -> {
                        httpHeaders.add((String) entry.getKey(), str);
                    });
                });
            });
        }
        uri.cookie("Authorization", getAuthToken());
        return (restRequestDTO.getRequestBody() != null ? uri.syncBody(restRequestDTO.getRequestBody()).retrieve() : uri.retrieve()).bodyToMono(restRequestDTO.getResponseType());
    }

    private String getAuthToken() {
        if (!EmptyCheckUtils.isNullEmpty(this.authToken) && TokenHandlerUtil.isValidBearerToken(this.authToken, this.env.getProperty("auth-token-generator.rest.issuerUrl"), this.env.getProperty("auth-token-generator.rest.clientId"))) {
            return this.authToken;
        }
        generateAuthToken();
        return this.authToken;
    }

    private void generateAuthToken() {
        ObjectNode createObjectNode = this.mapper.createObjectNode();
        createObjectNode.put("clientId", this.env.getProperty("auth-token-generator.rest.clientId"));
        createObjectNode.put("secretKey", this.env.getProperty("auth-token-generator.rest.secretKey"));
        createObjectNode.put("appId", this.env.getProperty("auth-token-generator.rest.appId"));
        RequestWrapper requestWrapper = new RequestWrapper();
        requestWrapper.setRequesttime(DateUtils.getUTCCurrentDateTime());
        requestWrapper.setRequest(createObjectNode);
        ClientResponse clientResponse = (ClientResponse) WebClient.create(this.env.getProperty("auth-token-generator.rest.uri")).post().syncBody(requestWrapper).exchange().block();
        if (clientResponse.statusCode() != HttpStatus.OK) {
            mosipLogger.error("sessionId", "RestHelper", GENERATE_AUTH_TOKEN, "AuthResponse : status-" + clientResponse.statusCode() + " :\n" + ((String) ((ResponseEntity) clientResponse.toEntity(String.class).block()).getBody()));
            return;
        }
        ObjectNode objectNode = (ObjectNode) clientResponse.bodyToMono(ObjectNode.class).block();
        if (objectNode == null || !objectNode.get("response").get("status").asText().equalsIgnoreCase("success")) {
            mosipLogger.debug("sessionId", "RestHelper", GENERATE_AUTH_TOKEN, "Auth token generation failed: " + clientResponse);
        } else {
            this.authToken = ((ResponseCookie) ((List) clientResponse.cookies().get("Authorization")).get(0)).getValue();
            mosipLogger.debug("sessionId", "RestHelper", GENERATE_AUTH_TOKEN, "Auth token generated successfully and set");
        }
    }

    private void checkErrorResponse(Object obj, Class<?> cls) throws RestServiceException {
        try {
            String writeValueAsString = this.mapper.writeValueAsString(obj);
            List<ServiceError> errorList = getErrorList(writeValueAsString, this.mapper);
            if (Objects.nonNull(errorList) && !errorList.isEmpty() && Objects.nonNull(errorList.get(0).getErrorCode()) && !errorList.get(0).getErrorCode().startsWith(KER_ATH_TOKEN_EXPIRY_ERROR_CODE)) {
                mosipLogger.error("sessionId", "RestHelper", "checkErrorResponse", "Throwing RestServiceException- CLIENT_ERROR");
                mosipLogger.debug("sessionId", "RestHelper", "checkErrorResponse", "Throwing RestServiceException- CLIENT_ERROR\n" + writeValueAsString);
                throw new RestServiceException(IdAuthenticationErrorConstants.CLIENT_ERROR, writeValueAsString, this.mapper.readValue(writeValueAsString.getBytes(), cls));
            }
            if (Objects.nonNull(errorList) && !errorList.isEmpty() && Objects.nonNull(errorList.get(0).getErrorCode()) && errorList.get(0).getErrorCode().contentEquals(KER_ATH_TOKEN_EXPIRY_ERROR_CODE)) {
                mosipLogger.error("sessionId", "RestHelper", "checkErrorResponse", "errorCode -> KER-ATH-401 - retry++");
                mosipLogger.debug("sessionId", "RestHelper", "checkErrorResponse", "errorCode -> KER-ATH-401 - retry++" + writeValueAsString);
                throw new IdAuthRetryException(new RestServiceException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, writeValueAsString, this.mapper.readValue(writeValueAsString.getBytes(), cls)));
            }
        } catch (IOException e) {
            mosipLogger.error("sessionId", "RestHelper", "checkErrorResponse", "Throwing RestServiceException- UNKNOWN_ERROR - " + ExceptionUtils.getStackTrace(e));
            throw new RestServiceException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        }
    }

    public static List<ServiceError> getErrorList(String str, ObjectMapper objectMapper) {
        try {
            Object obj = ((Map) objectMapper.readValue(str.getBytes(), Map.class)).get("errors");
            if (!(obj instanceof Map)) {
                return ExceptionUtils.getServiceErrorList(str);
            }
            Map map = (Map) obj;
            return List.of(new ServiceError((String) map.get("errorCode"), (String) map.get("message")));
        } catch (IOException e) {
            mosipLogger.warn("sessionId", "RestHelper", "checkErrorResponse", "Throwing RestServiceException- UNKNOWN_ERROR - " + ExceptionUtils.getStackTrace(e));
            return Collections.emptyList();
        }
    }

    private RestServiceException handleStatusError(WebClientResponseException webClientResponseException, Class<?> cls) {
        try {
            mosipLogger.error("sessionId", "RestHelper", "handleStatusError", "Status error : " + webClientResponseException.getRawStatusCode() + " " + webClientResponseException.getStatusCode() + "  " + webClientResponseException.getStatusText());
            if (!webClientResponseException.getStatusCode().is4xxClientError()) {
                mosipLogger.error("sessionId", "RestHelper", "handleStatusError", "Status error - returning RestServiceException - SERVER_ERROR");
                throw new IdAuthRetryException(new RestServiceException(IdAuthenticationErrorConstants.SERVER_ERROR, webClientResponseException.getResponseBodyAsString(), this.mapper.readValue(webClientResponseException.getResponseBodyAsString().getBytes(), cls)));
            }
            if (!webClientResponseException.getStatusCode().equals(HttpStatus.UNAUTHORIZED)) {
                mosipLogger.error("sessionId", "RestHelper", "handleStatusError", "Status error - returning RestServiceException - CLIENT_ERROR");
                return new RestServiceException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, webClientResponseException.getResponseBodyAsString(), this.mapper.readValue(webClientResponseException.getResponseBodyAsString().getBytes(), cls));
            }
            this.authToken = null;
            mosipLogger.error("sessionId", "RestHelper", "METHOD_HANDLE_STATUS_ERROR", "token expired - retry++");
            throw new IdAuthRetryException(new RestServiceException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, webClientResponseException.getResponseBodyAsString(), this.mapper.readValue(webClientResponseException.getResponseBodyAsString().getBytes(), cls)));
        } catch (IOException e) {
            return new RestServiceException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        }
    }
}
