package com.adyen.httpclient;

import com.adyen.Client;
import com.adyen.Config;
import com.adyen.constants.ApiConstants;
import com.adyen.enums.Environment;
import com.adyen.model.RequestOptions;
import com.adyen.terminal.security.TerminalCommonNameValidator;
import com.adyen.util.HMACValidator;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.codec.binary.Base64;
import org.apache.hc.client5.http.classic.methods.HttpDelete;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.classic.methods.HttpPatch;
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.client5.http.classic.methods.HttpUriRequest;
import org.apache.hc.client5.http.classic.methods.HttpUriRequestBase;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.io.entity.StringEntity;
import org.apache.hc.core5.net.URIBuilder;

/* loaded from: input_file:com/adyen/httpclient/AdyenHttpClient.class */
public class AdyenHttpClient implements ClientInterface {
    private static final String CHARSET = "UTF-8";
    private static final String TERMINAL_CERTIFICATE_ALIAS = "TerminalCertificate";
    private static final String SSL = "SSL";
    private static final String TLSV1_2 = "TLSv1.2";
    private Proxy proxy;

    public Proxy getProxy() {
        return this.proxy;
    }

    public void setProxy(Proxy proxy) {
        this.proxy = proxy;
    }

    @Override // com.adyen.httpclient.ClientInterface
    public String request(String str, String str2, Config config) throws IOException, HTTPClientException {
        return request(str, str2, config, false);
    }

    @Override // com.adyen.httpclient.ClientInterface
    public String request(String str, String str2, Config config, boolean z) throws IOException, HTTPClientException {
        return request(str, str2, config, z, null);
    }

    @Override // com.adyen.httpclient.ClientInterface
    public String request(String str, String str2, Config config, boolean z, RequestOptions requestOptions) throws IOException, HTTPClientException {
        return request(str, str2, config, z, requestOptions, ApiConstants.HttpMethod.POST);
    }

    @Override // com.adyen.httpclient.ClientInterface
    public String request(String str, String str2, Config config, boolean z, RequestOptions requestOptions, ApiConstants.HttpMethod httpMethod) throws IOException, HTTPClientException {
        return request(str, str2, config, z, requestOptions, httpMethod, null);
    }

    @Override // com.adyen.httpclient.ClientInterface
    public String request(String str, String str2, Config config, boolean z, RequestOptions requestOptions, ApiConstants.HttpMethod httpMethod, Map<String, String> map) throws IOException, HTTPClientException {
        CloseableHttpClient createCloseableHttpClient = createCloseableHttpClient(config);
        Throwable th = null;
        try {
            AdyenResponse adyenResponse = (AdyenResponse) createCloseableHttpClient.execute(createRequest(str, str2, config, z, requestOptions, httpMethod, map), new AdyenResponseHandler());
            if (adyenResponse.getStatus() < 200 || adyenResponse.getStatus() >= 300) {
                throw new HTTPClientException(adyenResponse.getStatus(), "HTTP Exception", adyenResponse.getHeaders(), adyenResponse.getBody());
            }
            String body = adyenResponse.getBody();
            if (createCloseableHttpClient != null) {
                if (0 != 0) {
                    try {
                        createCloseableHttpClient.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    createCloseableHttpClient.close();
                }
            }
            return body;
        } catch (Throwable th3) {
            if (createCloseableHttpClient != null) {
                if (0 != 0) {
                    try {
                        createCloseableHttpClient.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createCloseableHttpClient.close();
                }
            }
            throw th3;
        }
    }

    private HttpUriRequestBase createRequest(String str, String str2, Config config, boolean z, RequestOptions requestOptions, ApiConstants.HttpMethod httpMethod, Map<String, String> map) throws HTTPClientException {
        HttpUriRequestBase createHttpRequestBase = createHttpRequestBase(createUri(str, map), str2, httpMethod);
        RequestConfig.Builder custom = RequestConfig.custom();
        if (config.getReadTimeoutMillis() > 0) {
            custom.setResponseTimeout(config.getReadTimeoutMillis(), TimeUnit.MILLISECONDS);
        }
        if (config.getConnectionTimeoutMillis() > 0) {
            custom.setConnectTimeout(config.getConnectionTimeoutMillis(), TimeUnit.MILLISECONDS);
        }
        if (this.proxy != null && (this.proxy.address() instanceof InetSocketAddress)) {
            InetSocketAddress inetSocketAddress = (InetSocketAddress) this.proxy.address();
            custom.setProxy(new HttpHost(inetSocketAddress.getHostName(), inetSocketAddress.getPort()));
        }
        createHttpRequestBase.setConfig(custom.build());
        setAuthentication(createHttpRequestBase, z, config);
        setHeaders(config, requestOptions, createHttpRequestBase);
        return createHttpRequestBase;
    }

    private void setHeaders(Config config, RequestOptions requestOptions, HttpUriRequestBase httpUriRequestBase) {
        setContentType(httpUriRequestBase, ApiConstants.RequestProperty.APPLICATION_JSON_TYPE);
        httpUriRequestBase.addHeader(ApiConstants.RequestProperty.ACCEPT_CHARSET, CHARSET);
        httpUriRequestBase.addHeader(ApiConstants.RequestProperty.USER_AGENT, String.format("%s %s/%s", config.getApplicationName(), Client.LIB_NAME, Client.LIB_VERSION));
        if (requestOptions == null || requestOptions.getIdempotencyKey() == null) {
            return;
        }
        httpUriRequestBase.addHeader(ApiConstants.RequestProperty.IDEMPOTENCY_KEY, requestOptions.getIdempotencyKey());
    }

    private HttpUriRequestBase createHttpRequestBase(URI uri, String str, ApiConstants.HttpMethod httpMethod) {
        StringEntity stringEntity = null;
        if (str != null && !str.isEmpty()) {
            stringEntity = new StringEntity(str, Charset.forName(CHARSET));
        }
        switch (httpMethod) {
            case GET:
                return new HttpGet(uri);
            case PATCH:
                HttpPatch httpPatch = new HttpPatch(uri);
                httpPatch.setEntity(stringEntity);
                return httpPatch;
            case DELETE:
                return new HttpDelete(uri);
            default:
                HttpPost httpPost = new HttpPost(uri);
                httpPost.setEntity(stringEntity);
                return httpPost;
        }
    }

    private URI createUri(String str, Map<String, String> map) throws HTTPClientException {
        try {
            URIBuilder uRIBuilder = new URIBuilder(str);
            if (map != null && !map.isEmpty()) {
                for (String str2 : map.keySet()) {
                    uRIBuilder.addParameter(str2, map.get(str2));
                }
            }
            return uRIBuilder.build();
        } catch (URISyntaxException e) {
            throw new HTTPClientException("Invalid URI", e);
        }
    }

    private CloseableHttpClient createCloseableHttpClient(Config config) throws HTTPClientException {
        return (config.getClientKeyStore() == null || config.getTrustKeyStore() == null) ? config.getTerminalCertificate() != null ? createHttpClientWithSocketFactory(getTerminalCertificateSocketFactory(config)) : HttpClients.createDefault() : createHttpClientWithSocketFactory(getClientCertificateAuthSSLContext(config));
    }

    private CloseableHttpClient createHttpClientWithSocketFactory(SSLConnectionSocketFactory sSLConnectionSocketFactory) {
        return HttpClients.custom().setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(sSLConnectionSocketFactory).build()).build();
    }

    private SSLConnectionSocketFactory getTerminalCertificateSocketFactory(Config config) throws HTTPClientException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry(TERMINAL_CERTIFICATE_ALIAS, config.getTerminalCertificate());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            SSLContext sSLContext = SSLContext.getInstance(SSL);
            sSLContext.init(null, trustManagers, new SecureRandom());
            return new SSLConnectionSocketFactory(sSLContext, createHostnameVerifier(config.getEnvironment()));
        } catch (IOException | GeneralSecurityException e) {
            throw new HTTPClientException("Error loading certificate from path", e);
        }
    }

    private SSLConnectionSocketFactory getClientCertificateAuthSSLContext(Config config) throws HTTPClientException {
        try {
            char[] cArr = null;
            if (config.getClientKeyStorePassword() != null && !config.getClientKeyStorePassword().isEmpty()) {
                cArr = config.getClientKeyStorePassword().toCharArray();
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(config.getTrustKeyStore());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(config.getClientKeyStore(), cArr);
            SSLContext sSLContext = SSLContext.getInstance(TLSV1_2);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return new SSLConnectionSocketFactory(sSLContext);
        } catch (Exception e) {
            throw new HTTPClientException("Error creating SSL Context", e);
        }
    }

    private HostnameVerifier createHostnameVerifier(Environment environment) {
        return (str, sSLSession) -> {
            try {
                if (sSLSession.getPeerCertificates() == null || sSLSession.getPeerCertificates().length <= 0) {
                    return false;
                }
                return TerminalCommonNameValidator.validateCertificate((X509Certificate) sSLSession.getPeerCertificates()[0], environment);
            } catch (SSLPeerUnverifiedException e) {
                e.printStackTrace();
                return false;
            }
        };
    }

    private void setAuthentication(HttpUriRequest httpUriRequest, boolean z, Config config) {
        String apiKey = config.getApiKey();
        if (z || !(apiKey == null || apiKey.isEmpty())) {
            setApiKey(httpUriRequest, apiKey);
        } else {
            setBasicAuthentication(httpUriRequest, config.getUsername(), config.getPassword());
        }
    }

    private void setContentType(HttpUriRequest httpUriRequest, String str) {
        httpUriRequest.addHeader(ApiConstants.RequestProperty.CONTENT_TYPE, str);
    }

    private void setApiKey(HttpUriRequest httpUriRequest, String str) {
        if (str == null || str.isEmpty()) {
            return;
        }
        httpUriRequest.addHeader(ApiConstants.RequestProperty.API_KEY, str);
    }

    private void setBasicAuthentication(HttpUriRequest httpUriRequest, String str, String str2) {
        httpUriRequest.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64((str + HMACValidator.DATA_SEPARATOR + str2).getBytes())));
    }
}
