package de.impfdoc.impfzert.standalone;

import com.google.common.base.Strings;
import de.impfdoc.impfzert.api.ImpfZertException;
import de.impfsoft.ticonnector.ConnectorException;
import de.impfsoft.ticonnector.TIConnectorConfiguration;
import de.impfsoft.ticonnector.TIConnectorContext;
import java.io.ByteArrayInputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Optional;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/impfdoc/impfzert/standalone/TiConnectorConfigurationStandalone.class */
public class TiConnectorConfigurationStandalone implements TIConnectorConfiguration {

    @NotNull
    private static final Logger logger = LoggerFactory.getLogger(TiConnectorConfigurationStandalone.class);

    @NotNull
    final URL connectorUrl;

    @NotNull
    final String mandantId;

    @NotNull
    final String clientSystemId;

    @NotNull
    final String workplaceId;

    @NotNull
    final String userId;

    @NotNull
    final String clientcert;

    @NotNull
    final String servercert;

    @NotNull
    final String clientpwd;

    @Nullable
    final String clientprivatekeypwd;

    @Nullable
    final String iccsn;

    public TiConnectorConfigurationStandalone(@NotNull URL url, @NotNull String str, @NotNull String str2, @NotNull String str3, @NotNull String str4, @NotNull String str5, @NotNull String str6, @NotNull String str7, @Nullable String str8, @Nullable String str9) {
        this.connectorUrl = url;
        this.mandantId = str;
        this.clientSystemId = str2;
        this.workplaceId = str3;
        this.userId = str4;
        this.servercert = str5.replaceAll("\\r\\n|\\r|\\n| ", "");
        this.clientcert = str6.replaceAll("\\r\\n|\\r|\\n| ", "");
        this.clientpwd = str7;
        this.clientprivatekeypwd = str8;
        if (str9 == null || !str9.trim().isEmpty()) {
            this.iccsn = str9;
        } else {
            this.iccsn = null;
        }
    }

    @NotNull
    public URI getUri() {
        try {
            return this.connectorUrl.toURI();
        } catch (URISyntaxException e) {
            throw new ConnectorException("Die URL des Connectors ist ungültig!", ConnectorException.ExceptionType.CONFIGURATION_ERROR);
        }
    }

    @NotNull
    public Optional<String> getCardIccsn() {
        return Optional.ofNullable(this.iccsn);
    }

    @NotNull
    public TIConnectorContext getContext() {
        return new TIConnectorContext() { // from class: de.impfdoc.impfzert.standalone.TiConnectorConfigurationStandalone.1
            @NotNull
            public String getMandantId() {
                return TiConnectorConfigurationStandalone.this.mandantId;
            }

            @NotNull
            public String getClientSystemId() {
                return TiConnectorConfigurationStandalone.this.clientSystemId;
            }

            @NotNull
            public String getWorkplaceId() {
                return TiConnectorConfigurationStandalone.this.workplaceId;
            }

            @NotNull
            public Optional<String> getUserId() {
                return TiConnectorConfigurationStandalone.this.userId.isEmpty() ? Optional.empty() : Optional.of(TiConnectorConfigurationStandalone.this.userId);
            }
        };
    }

    @NotNull
    public Optional<UsernamePasswordCredentials> getCredentials() {
        return Optional.empty();
    }

    @NotNull
    private Optional<KeyStore> getClientCertificateInternal() {
        if (Strings.isNullOrEmpty(this.clientcert) || Strings.isNullOrEmpty(this.clientpwd)) {
            logger.error("ClientZertikat oder Passwort sind plichtangaben");
            return Optional.empty();
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.getDecoder().decode(this.clientcert));
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(byteArrayInputStream, this.clientpwd.toCharArray());
            return Optional.of(keyStore);
        } catch (Exception e) {
            try {
                ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(Base64.getDecoder().decode(this.clientcert));
                KeyStore keyStore2 = KeyStore.getInstance("pkcs12");
                keyStore2.load(byteArrayInputStream2, this.clientpwd.toCharArray());
                return Optional.of(keyStore2);
            } catch (Exception e2) {
                logger.error("Problem mit ClientZertifikat", e);
                return Optional.empty();
            }
        }
    }

    @NotNull
    private char[] getClientCertificatePrivateKeyPassword() {
        return this.clientprivatekeypwd != null ? this.clientprivatekeypwd.toCharArray() : this.clientpwd.toCharArray();
    }

    @NotNull
    public Optional<TIConnectorConfiguration.ClientCertificate> getClientCertificate() {
        return getClientCertificateInternal().map(keyStore -> {
            return new TIConnectorConfiguration.ClientCertificate(keyStore, getClientCertificatePrivateKeyPassword());
        });
    }

    @NotNull
    public KeyStore getTrustedCertificates() {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, "".toCharArray());
            if (Strings.isNullOrEmpty(this.servercert)) {
                logger.info("Kein KonnektorZertifikat angegeben");
            } else {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.getDecoder().decode(this.servercert));
                keyStore.setCertificateEntry("fiddler" + byteArrayInputStream.available(), (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream));
            }
            return keyStore;
        } catch (Throwable th) {
            logger.error("Problem mit KonnektorZertifikat", th);
            throw new ImpfZertException(ImpfZertException.Type.Unknown, "Problem mit KonnektorZertifikat", th);
        }
    }
}
