package org.xipki.ocsp.mgmt.client;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.parser.Feature;
import com.alibaba.fastjson.serializer.SerializerFeature;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import org.xipki.ocsp.api.mgmt.MgmtMessage;
import org.xipki.ocsp.api.mgmt.MgmtRequest;
import org.xipki.ocsp.api.mgmt.MgmtResponse;
import org.xipki.ocsp.api.mgmt.OcspManager;
import org.xipki.ocsp.api.mgmt.OcspMgmtException;
import org.xipki.util.Args;
import org.xipki.util.IoUtil;
import org.xipki.util.ObjectCreationException;
import org.xipki.util.StringUtil;
import org.xipki.util.http.SslContextConf;

/* loaded from: input_file:org/xipki/ocsp/mgmt/client/OcspMgmtClient.class */
public class OcspMgmtClient implements OcspManager {
    private static final String REQUEST_CT = "application/json";
    private static final String RESPONSE_CT = "application/json";
    private final Map<MgmtMessage.MgmtAction, URL> actionUrlMap = new HashMap(50);
    private String serverUrl;
    private SslContextConf sslContextConf;
    private SSLSocketFactory sslSocketFactory;
    private HostnameVerifier hostnameVerifier;
    private boolean initialized;
    private OcspMgmtException initException;

    public void setServerUrl(String str) throws MalformedURLException {
        Args.notBlank(str, "serverUrl");
        this.serverUrl = str.endsWith("/") ? str : str + "/";
        for (MgmtMessage.MgmtAction mgmtAction : MgmtMessage.MgmtAction.values()) {
            this.actionUrlMap.put(mgmtAction, new URL(this.serverUrl + mgmtAction));
        }
    }

    public void setSslContextConf(SslContextConf sslContextConf) {
        this.sslContextConf = sslContextConf;
    }

    public synchronized void initIfNotDone() throws OcspMgmtException {
        if (this.initException != null) {
            throw this.initException;
        }
        if (this.initialized) {
            return;
        }
        if (this.sslContextConf != null && this.sslContextConf.isUseSslConf()) {
            try {
                this.sslSocketFactory = this.sslContextConf.getSslSocketFactory();
                this.hostnameVerifier = this.sslContextConf.buildHostnameVerifier();
            } catch (ObjectCreationException e) {
                this.initException = new OcspMgmtException("could not initialize CaMgmtClient: " + e.getMessage(), e);
                throw this.initException;
            }
        }
        this.initialized = true;
    }

    public void restartOcspServer() throws OcspMgmtException {
        voidTransmit(MgmtMessage.MgmtAction.restartServer, null);
    }

    public void refreshTokenForSignerType(String str) throws OcspMgmtException {
        voidTransmit(MgmtMessage.MgmtAction.refreshTokenForSignerType, new MgmtRequest.Name(str));
    }

    private void voidTransmit(MgmtMessage.MgmtAction mgmtAction, MgmtRequest mgmtRequest) throws OcspMgmtException {
        transmit(mgmtAction, mgmtRequest, true);
    }

    private byte[] transmit(MgmtMessage.MgmtAction mgmtAction, MgmtRequest mgmtRequest) throws OcspMgmtException {
        return transmit(mgmtAction, mgmtRequest, false);
    }

    private byte[] transmit(MgmtMessage.MgmtAction mgmtAction, MgmtRequest mgmtRequest, boolean z) throws OcspMgmtException {
        initIfNotDone();
        byte[] jSONBytes = mgmtRequest == null ? null : JSON.toJSONBytes(mgmtRequest, new SerializerFeature[0]);
        int length = jSONBytes == null ? 0 : jSONBytes.length;
        try {
            HttpURLConnection openHttpConn = IoUtil.openHttpConn(this.actionUrlMap.get(mgmtAction));
            if (openHttpConn instanceof HttpsURLConnection) {
                if (this.sslSocketFactory != null) {
                    ((HttpsURLConnection) openHttpConn).setSSLSocketFactory(this.sslSocketFactory);
                }
                if (this.hostnameVerifier != null) {
                    ((HttpsURLConnection) openHttpConn).setHostnameVerifier(this.hostnameVerifier);
                }
            }
            openHttpConn.setDoOutput(true);
            openHttpConn.setUseCaches(false);
            openHttpConn.setRequestMethod("POST");
            openHttpConn.setRequestProperty("Content-Type", "application/json");
            openHttpConn.setRequestProperty("Content-Length", Integer.toString(length));
            OutputStream outputStream = openHttpConn.getOutputStream();
            if (length != 0) {
                outputStream.write(jSONBytes);
            }
            outputStream.flush();
            if (openHttpConn.getResponseCode() != 200) {
                String headerField = openHttpConn.getHeaderField("x-xipki-error");
                if (headerField != null) {
                    throw new OcspMgmtException(headerField);
                }
                StringBuilder sb = new StringBuilder(100);
                sb.append("server returns ").append(openHttpConn.getResponseCode());
                String responseMessage = openHttpConn.getResponseMessage();
                if (StringUtil.isNotBlank(responseMessage)) {
                    sb.append(" ").append(responseMessage);
                }
                throw new OcspMgmtException(sb.toString());
            }
            InputStream inputStream = openHttpConn.getInputStream();
            try {
                String contentType = openHttpConn.getContentType();
                if (!"application/json".equals(contentType)) {
                    throw new OcspMgmtException("bad response: mime type " + contentType + " not supported!");
                }
                if (z) {
                    return null;
                }
                byte[] read = IoUtil.read(openHttpConn.getInputStream());
                if ((inputStream != null) & (1 == 0)) {
                    inputStream.close();
                }
                return read;
            } finally {
                if ((inputStream != null) & (0 == 0)) {
                    inputStream.close();
                }
            }
        } catch (IOException e) {
            throw new OcspMgmtException("IOException while sending message to the server: " + e.getMessage(), e);
        }
    }

    private static <T extends MgmtResponse> T parse(byte[] bArr, Class<?> cls) throws OcspMgmtException {
        try {
            return (T) JSON.parseObject(bArr, cls, new Feature[0]);
        } catch (RuntimeException e) {
            throw new OcspMgmtException("cannot parse response " + cls + " from byte[]", e);
        }
    }
}
