package com.baidubce.services.iothisk;

import com.baidubce.AbstractBceClient;
import com.baidubce.BceClientConfiguration;
import com.baidubce.http.HttpMethodName;
import com.baidubce.http.RetryPolicy;
import com.baidubce.internal.InternalRequest;
import com.baidubce.model.AbstractBceRequest;
import com.baidubce.services.iothisk.model.BatchCreateClientCertRequest;
import com.baidubce.services.iothisk.model.BatchCreateClientCertResponse;
import com.baidubce.services.iothisk.model.CreateCertGroupRequest;
import com.baidubce.services.iothisk.model.CreateCertGroupResponse;
import com.baidubce.services.iothisk.model.CreateRootCACertRequest;
import com.baidubce.services.iothisk.model.CreateRootCACertResponse;
import com.baidubce.services.iothisk.model.CreateSubCertRequest;
import com.baidubce.services.iothisk.model.CreateSubCertResponse;
import com.baidubce.services.iothisk.model.DefaultIotPkiManageRequest;
import com.baidubce.services.iothisk.model.DefaultIotPkiManageResponse;
import com.baidubce.services.iothisk.model.DownloadCrlResponse;
import com.baidubce.services.iothisk.model.GetBatchCreateStatusResponse;
import com.baidubce.services.iothisk.model.GetCertGroupResponse;
import com.baidubce.services.iothisk.model.GetCertStatusRequest;
import com.baidubce.services.iothisk.model.GetCertStatusResponse;
import com.baidubce.services.iothisk.model.GetOcspResponse;
import com.baidubce.services.iothisk.model.GetRootCACertResponse;
import com.baidubce.services.iothisk.model.GetSubCertResponse;
import com.baidubce.services.iothisk.model.IotPkiManageResponse;
import com.baidubce.services.iothisk.model.QueryClientCertResponse;
import com.baidubce.services.iothisk.model.QueryServerCertResponse;
import com.baidubce.services.iothisk.model.RenewSubCertRequest;
import com.baidubce.services.iothisk.model.RenewSubCertResponse;
import com.google.common.base.Preconditions;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/baidubce/services/iothisk/IotPkiManageClient.class */
public class IotPkiManageClient extends AbstractIotHiskBceClient {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.baidubce.services.iothisk.IotPkiManageClient$1, reason: invalid class name */
    /* loaded from: input_file:com/baidubce/services/iothisk/IotPkiManageClient$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$baidubce$services$iothisk$IotPkiManageClient$CertType = new int[CertType.values().length];

        static {
            try {
                $SwitchMap$com$baidubce$services$iothisk$IotPkiManageClient$CertType[CertType.SERVER.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$baidubce$services$iothisk$IotPkiManageClient$CertType[CertType.CLIENT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$baidubce$services$iothisk$IotPkiManageClient$CertType[CertType.ROOT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/baidubce/services/iothisk/IotPkiManageClient$CertType.class */
    public enum CertType {
        SERVER,
        CLIENT,
        ROOT
    }

    public IotPkiManageClient(BceClientConfiguration bceClientConfiguration) {
        super(bceClientConfiguration.getEndpoint() == null ? bceClientConfiguration.withEndpoint(IotPkiManageConstants.ENDPOINT) : bceClientConfiguration, HANDLERS);
    }

    public CreateRootCACertResponse createRootCACert(CreateRootCACertRequest createRootCACertRequest, String str) {
        Preconditions.checkNotNull(createRootCACertRequest, IotPkiManageConstants.NULL_REQUEST);
        checkClientToken(str);
        InternalRequest createIotPkiManageRequest = createIotPkiManageRequest(createRootCACertRequest, HttpMethodName.POST, IotPkiManageConstants.ROOT_CERT, new String[0]);
        createIotPkiManageRequest.addParameter(IotPkiManageConstants.CLIENT_TOKEN, str);
        return (CreateRootCACertResponse) invokeHttpClient(createIotPkiManageRequest, CreateRootCACertResponse.class);
    }

    public void deleteRootCACert(String str) {
        checkCertId(str);
        invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.DELETE, IotPkiManageConstants.ROOT_CERT, str), DefaultIotPkiManageResponse.class);
    }

    public GetRootCACertResponse getRootCACert(String str) {
        checkCertId(str);
        return (GetRootCACertResponse) invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.GET, IotPkiManageConstants.ROOT_CERT, str), GetRootCACertResponse.class);
    }

    public CreateCertGroupResponse createCertGroup(CreateCertGroupRequest createCertGroupRequest, String str) {
        Preconditions.checkNotNull(createCertGroupRequest, IotPkiManageConstants.NULL_REQUEST);
        checkClientToken(str);
        InternalRequest createIotPkiManageRequest = createIotPkiManageRequest(createCertGroupRequest, HttpMethodName.POST, IotPkiManageConstants.CERT_GROUP, new String[0]);
        createIotPkiManageRequest.addParameter(IotPkiManageConstants.CLIENT_TOKEN, str);
        return (CreateCertGroupResponse) invokeHttpClient(createIotPkiManageRequest, CreateCertGroupResponse.class);
    }

    public void deleteCertGroup(String str) {
        checkCertId(str);
        invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.DELETE, IotPkiManageConstants.CERT_GROUP, str), DefaultIotPkiManageResponse.class);
    }

    public GetCertGroupResponse getCertGroup(String str) {
        checkCertId(str);
        return (GetCertGroupResponse) invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.GET, IotPkiManageConstants.CERT_GROUP, str), GetCertGroupResponse.class);
    }

    public CreateSubCertResponse createServerCert(CreateSubCertRequest createSubCertRequest, String str) {
        return createSubCert(createSubCertRequest, str, CertType.SERVER);
    }

    public void deleteServerCert(String str) {
        deleteSubCert(str, CertType.SERVER);
    }

    public GetSubCertResponse getServerCert(String str) {
        return getSubCert(str, CertType.SERVER);
    }

    public QueryServerCertResponse queryServerCerts(String str, String str2) {
        return (QueryServerCertResponse) querySubCerts(str, str2, CertType.SERVER, QueryServerCertResponse.class);
    }

    public RenewSubCertResponse renewServerCert(RenewSubCertRequest renewSubCertRequest, String str, String str2) {
        return renewSubCert(renewSubCertRequest, str, str2, CertType.SERVER);
    }

    public CreateSubCertResponse createClientCert(CreateSubCertRequest createSubCertRequest, String str) {
        return createSubCert(createSubCertRequest, str, CertType.CLIENT);
    }

    public void deleteClientCert(String str) {
        deleteSubCert(str, CertType.CLIENT);
    }

    public GetSubCertResponse getClientCert(String str) {
        return getSubCert(str, CertType.CLIENT);
    }

    public QueryClientCertResponse queryClientCerts(String str, String str2) {
        return (QueryClientCertResponse) querySubCerts(str, str2, CertType.CLIENT, QueryClientCertResponse.class);
    }

    public RenewSubCertResponse renewClientCert(RenewSubCertRequest renewSubCertRequest, String str, String str2) {
        return renewSubCert(renewSubCertRequest, str, str2, CertType.CLIENT);
    }

    public BatchCreateClientCertResponse batchCreateClientCert(BatchCreateClientCertRequest batchCreateClientCertRequest, String str) {
        Preconditions.checkNotNull(batchCreateClientCertRequest, IotPkiManageConstants.NULL_REQUEST);
        checkClientToken(str);
        InternalRequest createIotPkiManageRequest = createIotPkiManageRequest(batchCreateClientCertRequest, HttpMethodName.POST, IotPkiManageConstants.CLIENT_CERT, IotPkiManageConstants.JOB);
        createIotPkiManageRequest.addParameter(IotPkiManageConstants.CLIENT_TOKEN, str);
        return (BatchCreateClientCertResponse) invokeHttpClient(createIotPkiManageRequest, BatchCreateClientCertResponse.class);
    }

    public GetBatchCreateStatusResponse getBatchCreateStatus(String str) {
        checkJobId(str);
        return (GetBatchCreateStatusResponse) invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.GET, IotPkiManageConstants.CLIENT_CERT, IotPkiManageConstants.JOB, str), GetBatchCreateStatusResponse.class);
    }

    public String downloadClientCert(String str) {
        return downloadCert(str, CertType.CLIENT);
    }

    public String downloadServerCert(String str) {
        return downloadCert(str, CertType.SERVER);
    }

    public String downloadRootCert(String str) {
        return downloadCert(str, CertType.ROOT);
    }

    public Map<String, String> downloadBatchCreateCerts(String str) {
        checkJobId(str);
        GetBatchCreateStatusResponse batchCreateStatus = getBatchCreateStatus(str);
        if (!batchCreateStatus.isSucceed() && !batchCreateStatus.isPartialSucceed()) {
            return null;
        }
        try {
            return unzipCert(IOUtils.toByteArray(new URL(batchCreateStatus.getDownloadUrl())));
        } catch (IOException e) {
            throw new RuntimeException(IotPkiManageConstants.DOWNLOAD_CERT_FAILED);
        }
    }

    public GetCertStatusResponse getCertStatus(GetCertStatusRequest getCertStatusRequest) {
        Preconditions.checkNotNull(getCertStatusRequest, IotPkiManageConstants.NULL_REQUEST);
        return (GetCertStatusResponse) invokeHttpClient(createIotPkiManageRequest(getCertStatusRequest, HttpMethodName.PUT, IotPkiManageConstants.CERT, IotPkiManageConstants.GET_STATUS), GetCertStatusResponse.class);
    }

    public DownloadCrlResponse downloadCrl(String str) {
        checkIssuerDN(str);
        InternalRequest createIotPkiManageRequest = createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.GET, IotPkiManageConstants.CRL, new String[0]);
        createIotPkiManageRequest.setParameters(IotPkiManageConstants.CRL_PARAMS);
        createIotPkiManageRequest.addParameter(IotPkiManageConstants.ISSUER, str);
        return (DownloadCrlResponse) invokeHttpClient(createIotPkiManageRequest, DownloadCrlResponse.class);
    }

    public GetOcspResponse getOcspResponse(byte[] bArr) {
        Preconditions.checkNotNull(bArr, IotPkiManageConstants.NULL_REQUEST);
        return (GetOcspResponse) invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.GET, IotPkiManageConstants.OCSP, encodeOcspReqeust(bArr)), GetOcspResponse.class);
    }

    private InternalRequest createIotPkiManageRequest(AbstractBceRequest abstractBceRequest, HttpMethodName httpMethodName, String str, String... strArr) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList("v1", IotPkiManageConstants.PKI, str));
        return createRequest(abstractBceRequest, httpMethodName, null, arrayList, strArr);
    }

    private void checkClientToken(String str) {
        Preconditions.checkArgument(StringUtils.isNotEmpty(str), IotPkiManageConstants.EMPTY_CLIENT_TOKEN);
        Preconditions.checkArgument(StringUtils.length(str) <= 64, IotPkiManageConstants.TOO_LONG_CLIENT_TOKEN);
    }

    private void checkCertId(String str) {
        Preconditions.checkArgument(StringUtils.length(str) == 32, IotPkiManageConstants.INVALID_CERT_ID);
    }

    private void checkIssuerDN(String str) {
        Preconditions.checkArgument(StringUtils.isNotEmpty(str), IotPkiManageConstants.INVALID_ISSUER_DN);
    }

    private void checkJobId(String str) {
        Preconditions.checkArgument(StringUtils.length(str) == 32, IotPkiManageConstants.INVALID_JOB_ID);
    }

    private void checkAddressNotEmpty(List<String> list) {
        Preconditions.checkArgument((list == null || list.isEmpty()) ? false : true, IotPkiManageConstants.EMPTY_ADDRESS);
    }

    private CreateSubCertResponse createSubCert(CreateSubCertRequest createSubCertRequest, String str, CertType certType) {
        Preconditions.checkNotNull(createSubCertRequest, IotPkiManageConstants.NULL_REQUEST);
        checkClientToken(str);
        if (certType == CertType.SERVER) {
            checkAddressNotEmpty(createSubCertRequest.getAddress());
        }
        InternalRequest createIotPkiManageRequest = createIotPkiManageRequest(createSubCertRequest, HttpMethodName.POST, getSubCertPathByCertType(certType), new String[0]);
        createIotPkiManageRequest.addParameter(IotPkiManageConstants.CLIENT_TOKEN, str);
        return (CreateSubCertResponse) invokeHttpClient(createIotPkiManageRequest, CreateSubCertResponse.class);
    }

    private void deleteSubCert(String str, CertType certType) {
        checkCertId(str);
        invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.DELETE, getSubCertPathByCertType(certType), str), DefaultIotPkiManageResponse.class);
    }

    private GetSubCertResponse getSubCert(String str, CertType certType) {
        checkCertId(str);
        return (GetSubCertResponse) invokeHttpClient(createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.GET, getSubCertPathByCertType(certType), str), GetSubCertResponse.class);
    }

    private <T extends IotPkiManageResponse> T querySubCerts(String str, String str2, CertType certType, Class<T> cls) {
        Preconditions.checkArgument((str == null && str2 == null) ? false : true);
        InternalRequest createIotPkiManageRequest = createIotPkiManageRequest(new DefaultIotPkiManageRequest(), HttpMethodName.GET, getSubCertPathByCertType(certType), "query");
        if (str != null) {
            createIotPkiManageRequest.addParameter(IotPkiManageConstants.ROOT_CERT_ID, str);
        }
        if (str2 != null) {
            createIotPkiManageRequest.addParameter(IotPkiManageConstants.GROUP_ID, str2);
        }
        return (T) invokeHttpClient(createIotPkiManageRequest, cls);
    }

    private RenewSubCertResponse renewSubCert(RenewSubCertRequest renewSubCertRequest, String str, String str2, CertType certType) {
        Preconditions.checkNotNull(renewSubCertRequest, IotPkiManageConstants.NULL_REQUEST);
        checkCertId(str);
        checkClientToken(str2);
        if (certType == CertType.SERVER) {
            checkAddressNotEmpty(renewSubCertRequest.getNewAddress());
        }
        InternalRequest createIotPkiManageRequest = createIotPkiManageRequest(renewSubCertRequest, HttpMethodName.PUT, getSubCertPathByCertType(certType), str, IotPkiManageConstants.RENEW);
        createIotPkiManageRequest.addParameter(IotPkiManageConstants.CLIENT_TOKEN, str2);
        return (RenewSubCertResponse) invokeHttpClient(createIotPkiManageRequest, RenewSubCertResponse.class);
    }

    private String downloadCert(String str, CertType certType) {
        checkCertId(str);
        switch (AnonymousClass1.$SwitchMap$com$baidubce$services$iothisk$IotPkiManageClient$CertType[certType.ordinal()]) {
            case 1:
            case 2:
                return downloadCert(getSubCert(str, certType).getDownloadUrl());
            case RetryPolicy.DEFAULT_MAX_ERROR_RETRY /* 3 */:
                return downloadCert(getRootCACert(str).getDownloadUrl());
            default:
                throw new RuntimeException(IotPkiManageConstants.INVALID_CERT_TYPE);
        }
    }

    private String downloadCert(String str) {
        try {
            return IOUtils.toString(new URL(str));
        } catch (IOException e) {
            throw new RuntimeException(IotPkiManageConstants.DOWNLOAD_CERT_FAILED);
        }
    }

    private String getSubCertPathByCertType(CertType certType) {
        return certType == CertType.SERVER ? IotPkiManageConstants.SEVER_CERT : IotPkiManageConstants.CLIENT_CERT;
    }

    private Map<String, String> unzipCert(byte[] bArr) throws IOException {
        ZipInputStream zipInputStream = new ZipInputStream(new ByteArrayInputStream(bArr));
        HashMap hashMap = new HashMap();
        byte[] bArr2 = new byte[1024];
        for (ZipEntry nextEntry = zipInputStream.getNextEntry(); nextEntry != null; nextEntry = zipInputStream.getNextEntry()) {
            String name = nextEntry.getName();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            while (true) {
                int read = zipInputStream.read(bArr2);
                if (read > 0) {
                    byteArrayOutputStream.write(bArr2, 0, read);
                }
            }
            zipInputStream.closeEntry();
            hashMap.put(name, new String(byteArrayOutputStream.toByteArray()));
            byteArrayOutputStream.close();
        }
        zipInputStream.close();
        return hashMap;
    }

    private String encodeOcspReqeust(byte[] bArr) {
        try {
            return URLEncoder.encode(Base64.encodeBase64String(bArr), AbstractBceClient.DEFAULT_ENCODING);
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(IotPkiManageConstants.INVALID_OCSP_REQUEST);
        }
    }
}
