package com.assaabloy.stg.cliq.go.android.backend.enrollment;

import android.content.res.AssetManager;
import com.assaabloy.stg.cliq.android.common.util.ContextProvider;
import com.assaabloy.stg.cliq.android.common.util.log.Logger;
import com.assaabloy.stg.cliq.go.android.backend.BackendException;
import com.assaabloy.stg.cliq.go.android.backend.HttpResponseCode;
import com.assaabloy.stg.cliq.go.android.backend.urllookup.UrlLookupException;
import com.assaabloy.stg.cliq.go.android.backend.urllookup.UrlLookupService;
import com.assaabloy.stg.cliq.go.android.backend.urllookup.UrlRetriever;
import com.assaabloy.stg.cliq.go.android.domain.MksId;
import com.assaabloy.stg.cliq.go.android.domain.enrollment.ActivationCodeDto;
import com.assaabloy.stg.cliq.go.android.domain.enrollment.ActivationResponseDto;
import com.assaabloy.stg.cliq.go.android.domain.enrollment.CsrAndPasswordDto;
import com.assaabloy.stg.cliq.go.android.domain.enrollment.IsPasswordSetDto;
import com.assaabloy.stg.cliq.go.android.domain.enrollment.OtpDto;
import com.assaabloy.stg.cliq.go.android.domain.enrollment.SignedCertificateDto;
import com.google.gson.GsonBuilder;
import java.io.IOException;
import java.net.CookieManager;
import java.net.CookiePolicy;
import java.security.Security;
import java.util.Collections;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import okhttp3.ConnectionSpec;
import okhttp3.JavaNetCookieJar;
import okhttp3.OkHttpClient;
import okhttp3.logging.HttpLoggingInterceptor;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import retrofit2.Response;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;

/* loaded from: classes.dex */
public class EnrollmentConnection {
    private static final int DEFAULT_CONNECTION_TIMEOUT_IN_SECONDS = 50;
    private static final int DEFAULT_SOCKET_TIMEOUT_IN_SECONDS = 40;
    public static final String TAG = "EnrollmentConnection";
    private final AssetManager assetManager;
    private final Logger logger;
    private final Map<String, EnrollmentRestInterface> restInterfaces;
    private final UrlLookupService urlLookupService;

    /* loaded from: classes.dex */
    static final class CallFromTestsOnly {
        private CallFromTestsOnly() {
        }

        static EnrollmentConnection newInstance(UrlLookupService urlLookupService, AssetManager assetManager) {
            return new EnrollmentConnection(urlLookupService, assetManager);
        }

        static void setRestInterface(EnrollmentConnection enrollmentConnection, String str, EnrollmentRestInterface enrollmentRestInterface) {
            enrollmentConnection.restInterfaces.put(str, enrollmentRestInterface);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EnrollmentConnection() {
        this(UrlLookupService.getInstance(), ContextProvider.getAssets());
    }

    private EnrollmentConnection(UrlLookupService urlLookupService, AssetManager assetManager) {
        this.logger = new Logger(this, TAG);
        this.restInterfaces = new ConcurrentHashMap();
        this.urlLookupService = urlLookupService;
        this.assetManager = assetManager;
    }

    private EnrollmentRestInterface createNewRestInterface(String str) {
        Security.addProvider(new BouncyCastleProvider());
        CookieManager cookieManager = new CookieManager();
        cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ORIGINAL_SERVER);
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BASIC);
        OkHttpClient.Builder addInterceptor = new OkHttpClient.Builder().connectionSpecs(Collections.singletonList(ConnectionSpec.MODERN_TLS)).connectTimeout(50L, TimeUnit.SECONDS).readTimeout(40L, TimeUnit.SECONDS).writeTimeout(40L, TimeUnit.SECONDS).cookieJar(new JavaNetCookieJar(cookieManager)).addInterceptor(httpLoggingInterceptor);
        EnrollmentSslCertificateHandler.getInstance().addTrustedCas(addInterceptor, this.assetManager);
        return (EnrollmentRestInterface) new Retrofit.Builder().client(addInterceptor.build()).baseUrl(str + '/').addConverterFactory(GsonConverterFactory.create(new GsonBuilder().create())).build().create(EnrollmentRestInterface.class);
    }

    private static BackendException getBackendExceptionFromEnrollmentException(EnrollmentRestException enrollmentRestException) {
        return new BackendException("Enrollment operation failed", enrollmentRestException);
    }

    private static BackendException getBackendExceptionFromIOException(IOException iOException) {
        return getBackendExceptionFromEnrollmentException(new EnrollmentRestException(iOException, HttpResponseCode.parseFromThrowable(iOException)));
    }

    private String getCachedEnrollmentUrl(MksId mksId) throws BackendException {
        try {
            return this.urlLookupService.getDirectoryServiceCache(mksId).getEnrollmentUrl();
        } catch (UrlLookupException e) {
            throw new BackendException("URL was not found in cache.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public EnrollmentRestInterface getRestInterface(String str) {
        EnrollmentRestInterface enrollmentRestInterface = this.restInterfaces.get(str);
        if (enrollmentRestInterface != null) {
            return enrollmentRestInterface;
        }
        EnrollmentRestInterface createNewRestInterface = createNewRestInterface(str);
        this.restInterfaces.put(str, createNewRestInterface);
        return createNewRestInterface;
    }

    public ActivationResponseDto activate(MksId mksId, final ActivationCodeDto activationCodeDto) throws BackendException {
        this.logger.info(String.format("activate(mksId=[%s], activationCode=[%s])", mksId, activationCodeDto));
        return (ActivationResponseDto) this.urlLookupService.retrieveUrlsAndExecute(mksId, new UrlLookupService.UrlExecution<ActivationResponseDto, EnrollmentRestException>() { // from class: com.assaabloy.stg.cliq.go.android.backend.enrollment.EnrollmentConnection.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.assaabloy.stg.cliq.go.android.backend.urllookup.UrlLookupService.UrlExecution
            public ActivationResponseDto executeWithUrls(UrlRetriever urlRetriever) throws EnrollmentRestException {
                try {
                    Response<ActivationResponseDto> execute = EnrollmentConnection.this.getRestInterface(urlRetriever.getEnrollmentUrl()).activate(activationCodeDto.toString()).execute();
                    if (execute.isSuccessful()) {
                        return execute.body();
                    }
                    int code = execute.code();
                    EnrollmentConnection.this.logger.warning(String.format("Server error: %s", Integer.valueOf(code)));
                    throw new EnrollmentRestException("Cannot activate", HttpResponseCode.parseCode(Integer.valueOf(code)));
                } catch (IOException e) {
                    EnrollmentConnection.this.logger.warning(e.getMessage(), e);
                    throw new EnrollmentRestException(e, HttpResponseCode.parseFromThrowable(e));
                }
            }
        });
    }

    public boolean authenticateWithOtp(MksId mksId, String str, String str2) throws BackendException {
        this.logger.info(String.format("authenticateWithOtp(mksId=[%s], accountId=[%s], otp=[%s])", mksId, str, str2));
        try {
            Response<IsPasswordSetDto> execute = getRestInterface(getCachedEnrollmentUrl(mksId)).authenticateWithOtp(str, new OtpDto(str2)).execute();
            if (execute.isSuccessful()) {
                return execute.body().isPasswordSet();
            }
            throw new BackendException("Could not authenticate with OTP", new EnrollmentRestException("Server error", HttpResponseCode.parseCode(Integer.valueOf(execute.code()))));
        } catch (IOException e) {
            throw getBackendExceptionFromIOException(e);
        }
    }

    public String registerCsrAndPassword(MksId mksId, String str, CsrAndPasswordDto csrAndPasswordDto) throws BackendException {
        this.logger.info(String.format("registerCsrAndPassword(mksId=[%s], accountId=[%s], csrAndPassword=[%s])", mksId, str, csrAndPasswordDto));
        try {
            Response<SignedCertificateDto> execute = getRestInterface(getCachedEnrollmentUrl(mksId)).registerCsrAndPassword(str, csrAndPasswordDto).execute();
            if (execute.isSuccessful()) {
                return execute.body().getSignedCertificate();
            }
            throw new BackendException("Could not retrieve signed certificate", new EnrollmentRestException("Server error", HttpResponseCode.parseCode(Integer.valueOf(execute.code()))));
        } catch (IOException e) {
            throw getBackendExceptionFromIOException(e);
        }
    }

    public void selectAuthenticationMethod(MksId mksId, String str, String str2) throws BackendException {
        this.logger.info(String.format("selectAuthenticationMethod(mksId=[%s], accountId=[%s], authenticationMethod=[%s])", mksId, str, str2));
        try {
            int code = getRestInterface(getCachedEnrollmentUrl(mksId)).selectAuthenticationMethod(str, str2).execute().code();
            if (code != HttpResponseCode.OK.getCode()) {
                throw getBackendExceptionFromEnrollmentException(new EnrollmentRestException("Response was not OK.", HttpResponseCode.parseCode(Integer.valueOf(code))));
            }
        } catch (IOException e) {
            throw getBackendExceptionFromIOException(e);
        }
    }
}
