package org.appng.core.model;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.appng.api.BusinessException;
import org.appng.api.SoapClient;
import org.appng.core.domain.PackageArchiveImpl;
import org.appng.core.security.signing.BaseConfig;
import org.appng.core.security.signing.SignatureWrapper;
import org.appng.core.security.signing.Signer;
import org.appng.core.security.signing.SigningException;
import org.appng.core.security.signing.ValidatorConfig;
import org.appng.core.xml.repository.Certification;
import org.appng.core.xml.repository.GetCertificationRequest;
import org.appng.core.xml.repository.GetCertificationResponse;
import org.appng.core.xml.repository.GetPackageRequest;
import org.appng.core.xml.repository.GetPackageResponse;
import org.appng.core.xml.repository.GetPackageVersionsRequest;
import org.appng.core.xml.repository.GetPackageVersionsResponse;
import org.appng.core.xml.repository.GetPackagesRequest;
import org.appng.core.xml.repository.GetPackagesResponse;
import org.appng.core.xml.repository.Package;
import org.appng.core.xml.repository.Packages;
import org.appng.xml.application.PackageInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.ws.client.WebServiceClientException;

/* loaded from: input_file:org/appng/core/model/RepositoryCacheSoap.class */
public class RepositoryCacheSoap extends RepositoryCacheBase {
    private static final Logger LOGGER = LoggerFactory.getLogger(RepositoryCacheSoap.class);
    private String url;
    private byte[] trustStore;
    private char[] storePass;
    private boolean validateCertChain;
    private int connectTimeout;
    private int readTimeout;

    /* JADX INFO: Access modifiers changed from: package-private */
    public RepositoryCacheSoap(Repository repository, int i, int i2, byte[] bArr, char[] cArr, boolean z) throws BusinessException {
        super(repository, null, true);
        this.connectTimeout = 0;
        this.readTimeout = 0;
        this.connectTimeout = i;
        this.readTimeout = i2;
        this.trustStore = bArr;
        this.storePass = cArr;
        this.validateCertChain = z;
    }

    @Override // org.appng.core.model.RepositoryCacheBase
    void init() throws BusinessException {
        if (StringUtils.isBlank(this.repository.getRemoteRepositoryName())) {
            throw new BusinessException("The name of the remote repository must not be empty!");
        }
        try {
            this.url = this.repository.getUri().toURL().toExternalForm();
            update();
        } catch (MalformedURLException e) {
            throw new BusinessException("invalid repository URL", e);
        }
    }

    @Override // org.appng.core.model.RepositoryCacheBase
    void update() throws BusinessException {
        for (Package r0 : getPublishedApplications()) {
            String name = r0.getName();
            LOGGER.debug("Retrieving archive from remote repository \"{}\": {}", this.repository.getRemoteRepositoryName(), name);
            this.applicationWrapperMap.put(name, new PackageWrapper(r0));
        }
    }

    @Override // org.appng.core.model.RepositoryCacheBase
    void update(String str) throws BusinessException {
        Iterator<PackageInfo> it = getPublishedApplicationVersions(str).iterator();
        while (it.hasNext()) {
            this.applicationWrapperMap.get(str).put(it.next());
        }
    }

    private List<Package> getPublishedApplications() throws BusinessException {
        GetPackagesRequest getPackagesRequest = new GetPackagesRequest();
        getPackagesRequest.setRepositoryName(this.repository.getRemoteRepositoryName());
        getPackagesRequest.setDigest(this.repository.getDigest());
        Packages packages = ((GetPackagesResponse) sendRequest(getPackagesRequest)).getPackages();
        Certification certification = packages.getCertification();
        if (null != certification) {
            Base64.Decoder decoder = Base64.getDecoder();
            this.signatureWrapper = new SignatureWrapper();
            this.signatureWrapper.setCert(decoder.decode(certification.getCert()));
            this.signatureWrapper.setIndex(decoder.decode(certification.getIndex()));
            this.signatureWrapper.setSignature(decoder.decode(certification.getSignature()));
            try {
                ValidatorConfig validatorConfig = getValidatorConfig();
                validatorConfig.setSigningCert(this.signatureWrapper.getCert(), BaseConfig.SigningAlgorithm.SHA512withRSA);
                Signer.getRepoValidator(validatorConfig, this.signatureWrapper.getIndex(), this.signatureWrapper.getSignature(), this.repository.getTrustedCertChain());
            } catch (SigningException e) {
                BusinessException businessException = new BusinessException(String.format("error while validating repository %s", this.repository.getName()), e, "repository.error." + e.getType().name(), new Object[]{this.repository.getName()});
                LOGGER.error("validating repository failed", businessException);
                throw businessException;
            }
        }
        return packages.getPackage();
    }

    private List<PackageInfo> getPublishedApplicationVersions(String str) throws BusinessException {
        GetPackageVersionsRequest getPackageVersionsRequest = new GetPackageVersionsRequest();
        getPackageVersionsRequest.setRepositoryName(this.repository.getRemoteRepositoryName());
        getPackageVersionsRequest.setDigest(this.repository.getDigest());
        getPackageVersionsRequest.setPackageName(str);
        return ((GetPackageVersionsResponse) sendRequest(getPackageVersionsRequest)).getPackageVersions().getPackage();
    }

    private <T> T sendRequest(Object obj) throws BusinessException {
        try {
            SoapClient soapClient = new SoapClient(RepositoryUtils.getContextPath(), this.url);
            soapClient.setConnectTimeout(this.connectTimeout);
            soapClient.setReadTimeout(this.readTimeout);
            return (T) soapClient.send(obj);
        } catch (WebServiceClientException e) {
            throw new BusinessException(e);
        }
    }

    @Override // org.appng.core.model.RepositoryCache
    public Certification getCertification() throws BusinessException {
        GetCertificationRequest getCertificationRequest = new GetCertificationRequest();
        getCertificationRequest.setRepositoryName(this.repository.getRemoteRepositoryName());
        getCertificationRequest.setDigest(this.repository.getDigest());
        return ((GetCertificationResponse) sendRequest(getCertificationRequest)).getCertification();
    }

    @Override // org.appng.core.model.RepositoryCache
    public PackageArchive getApplicationArchive(String str, String str2, String str3) throws BusinessException {
        GetPackageRequest getPackageRequest = new GetPackageRequest();
        getPackageRequest.setRepositoryName(this.repository.getRemoteRepositoryName());
        getPackageRequest.setDigest(this.repository.getDigest());
        getPackageRequest.setPackageName(str);
        getPackageRequest.setPackageVersion(str2);
        getPackageRequest.setPackageTimestamp(str3);
        GetPackageResponse getPackageResponse = (GetPackageResponse) sendRequest(getPackageRequest);
        byte[] data = getPackageResponse.getData();
        File file = new File(System.getProperty("java.io.tmpdir"), "appNG");
        if (!file.exists()) {
            file.mkdir();
        }
        String fileName = getPackageResponse.getFileName();
        File file2 = new File(file, fileName);
        LOGGER.debug("Writing temporary archive zip file: {}", file2.getAbsolutePath());
        try {
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(file2);
                fileOutputStream.write(data);
                if (null == file2 || !file2.canRead()) {
                    throw new BusinessException("No archive file oder archive file is not readable: " + file2.getAbsolutePath());
                }
                PackageArchiveImpl packageArchiveImpl = new PackageArchiveImpl(file2, this.repository.isStrict());
                String checksum = getPackageResponse.getChecksum();
                if (StringUtils.isNotBlank(checksum) && !packageArchiveImpl.getChecksum().equals(checksum)) {
                    throw new BusinessException(String.format("checksum missmatch for %s, expected %s, got %s!", packageArchiveImpl, checksum, packageArchiveImpl.getChecksum()));
                }
                if (null != this.signatureWrapper) {
                    try {
                        ValidatorConfig validatorConfig = getValidatorConfig();
                        validatorConfig.setSigningCert(this.signatureWrapper.getCert(), BaseConfig.SigningAlgorithm.SHA512withRSA);
                        Signer.getRepoValidator(validatorConfig, this.signatureWrapper.getIndex(), this.signatureWrapper.getSignature(), this.repository.getTrustedCertChain()).validatePackage(data, fileName);
                    } catch (SigningException e) {
                        throw new BusinessException(String.format("error validating repository signature for repository %s", this.repository.getName()), e);
                    }
                }
                if (!packageArchiveImpl.isValid()) {
                    throw new BusinessException("Invalid archive: " + file2.getAbsolutePath());
                }
                IOUtils.closeQuietly(fileOutputStream);
                return packageArchiveImpl;
            } catch (Throwable th) {
                IOUtils.closeQuietly((OutputStream) null);
                throw th;
            }
        } catch (IOException e2) {
            throw new BusinessException("error while processing " + file2.getAbsolutePath(), e2);
        }
    }

    private ValidatorConfig getValidatorConfig() throws SigningException {
        ValidatorConfig validatorConfig = new ValidatorConfig();
        if (this.validateCertChain) {
            if (null == this.trustStore || null == this.storePass) {
                validatorConfig.setupDefaultTruststore();
            } else {
                validatorConfig.setTrustStore(this.trustStore);
                validatorConfig.setTrustStorePassword(this.storePass);
            }
        }
        return validatorConfig;
    }

    @Override // org.appng.core.model.RepositoryCache
    public void deleteApplicationVersion(String str, String str2, String str3) throws BusinessException {
        throw new BusinessException("Deleting application versions is not supported for remote repositories!");
    }

    @Override // org.appng.core.model.RepositoryCacheBase, org.appng.core.model.RepositoryCache
    public /* bridge */ /* synthetic */ PackageWrapper getPublishedApplicationWrapper(String str) {
        return super.getPublishedApplicationWrapper(str);
    }

    @Override // org.appng.core.model.RepositoryCacheBase, org.appng.core.model.RepositoryCache
    public /* bridge */ /* synthetic */ List getVersions(String str) throws BusinessException {
        return super.getVersions(str);
    }

    @Override // org.appng.core.model.RepositoryCacheBase, org.appng.core.model.RepositoryCache
    public /* bridge */ /* synthetic */ List getApplications() throws BusinessException {
        return super.getApplications();
    }

    @Override // org.appng.core.model.RepositoryCacheBase, org.appng.core.model.RepositoryCache
    public /* bridge */ /* synthetic */ void reload() throws BusinessException {
        super.reload();
    }
}
