package de.sep.sesam.server.utils.upload;

import de.sep.sesam.rest.exceptions.OperationNotPossibleException;
import de.sep.sesam.rest.exceptions.ServiceException;
import de.sep.sesam.rest.json.JsonResult;
import de.sep.sesam.restapi.v2.server.dto.UploadFileResultDto;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.fileupload.FileUploadBase;
import org.apache.commons.io.IOUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.mime.MultipartEntityBuilder;
import org.apache.http.entity.mime.content.FileBody;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:de/sep/sesam/server/utils/upload/FileUploader.class */
public class FileUploader {
    public static UploadFileResultDto.Status upload(File file, String str, boolean z) throws ServiceException {
        return uploadInner(MultipartEntityBuilder.create().addPart("file", new FileBody(file)).build(), str, z);
    }

    private static UploadFileResultDto.Status uploadInner(HttpEntity httpEntity, String str, boolean z) throws ServiceException {
        if (z) {
            checkCertificate(str);
        }
        try {
            CloseableHttpClient build = HttpClients.custom().setSSLContext(context()).build();
            try {
                HttpPost httpPost = new HttpPost(str);
                httpPost.setEntity(httpEntity);
                CloseableHttpResponse execute = build.execute((HttpUriRequest) httpPost);
                try {
                    Header firstHeader = execute.getFirstHeader(FileUploadBase.CONTENT_TYPE);
                    JsonResult jsonResult = new JsonResult();
                    HttpEntity entity = execute.getEntity();
                    byte[] byteArray = IOUtils.toByteArray(execute.getEntity().getContent());
                    EntityUtils.consume(entity);
                    UploadFileResultDto build2 = UploadFileResultDto.builder().withUrl(str).withStatus("ERR").build();
                    if (firstHeader != null) {
                        String str2 = new String(byteArray, StandardCharsets.UTF_8);
                        jsonResult.contentType = ContentType.APPLICATION_JSON;
                        jsonResult.result = str2;
                        build2 = (UploadFileResultDto) jsonResult.read(UploadFileResultDto.class);
                    }
                    UploadFileResultDto.Status status = build2.getStatus();
                    if (execute != null) {
                        execute.close();
                    }
                    if (build != null) {
                        build.close();
                    }
                    return status;
                } catch (Throwable th) {
                    if (execute != null) {
                        try {
                            execute.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (IOException | KeyManagementException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private static SSLContext context() throws KeyManagementException, NoSuchAlgorithmException {
        SSLContext sSLContext = SSLContext.getInstance("ssl");
        sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: de.sep.sesam.server.utils.upload.FileUploader.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }}, null);
        return sSLContext;
    }

    private static void checkCertificate(String str) throws ServiceException {
        try {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
            httpsURLConnection.connect();
            try {
                for (Certificate certificate : httpsURLConnection.getServerCertificates()) {
                    checkDate(certificate);
                    checkSelfSigned(certificate, str);
                }
            } catch (CertificateExpiredException | CertificateNotYetValidException e) {
                throw new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.EXCEPTION, "The certificate of \"" + str + "\" is expired. Uploading is not possible.");
            }
        } catch (IOException e2) {
            throw new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.EXCEPTION, e2.getMessage());
        }
    }

    private static void checkDate(Certificate certificate) throws CertificateNotYetValidException, CertificateExpiredException {
        ((X509Certificate) certificate).checkValidity(new Date());
    }

    private static void checkSelfSigned(Certificate certificate, String str) throws ServiceException {
        if (((X509Certificate) certificate).getIssuerX500Principal().equals(((X509Certificate) certificate).getSubjectX500Principal())) {
            throw new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.EXCEPTION, "The certificate of \"" + str + "\" is self-signed. Uploading is not possible.");
        }
    }
}
