package eu.peppol.outbound.transmission;

import eu.peppol.as2.As2DateUtil;
import eu.peppol.as2.As2DispositionNotificationOptions;
import eu.peppol.as2.As2Header;
import eu.peppol.as2.InvalidAs2SystemIdentifierException;
import eu.peppol.as2.MdnMimeMessageInspector;
import eu.peppol.as2.Mic;
import eu.peppol.as2.MimeMessageHelper;
import eu.peppol.as2.PeppolAs2SystemIdentifier;
import eu.peppol.as2.SMimeMessageFactory;
import eu.peppol.as2.SignedMimeMessageInspector;
import eu.peppol.identifier.ParticipantId;
import eu.peppol.identifier.PeppolDocumentTypeId;
import eu.peppol.identifier.TransmissionId;
import eu.peppol.security.CommonName;
import eu.peppol.security.KeystoreManager;
import eu.peppol.smp.SmpLookupManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.ProxySelector;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.activation.MimeType;
import javax.activation.MimeTypeParseException;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.conn.HttpHostConnectException;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.SystemDefaultRoutePlanner;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/peppol/outbound/transmission/As2MessageSender.class */
class As2MessageSender implements MessageSender {
    public static final Logger log = LoggerFactory.getLogger(As2MessageSender.class);
    private Mic mic;
    private boolean traceEnabled;

    @Override // eu.peppol.outbound.transmission.MessageSender
    public TransmissionResponse send(TransmissionRequest transmissionRequest) {
        SmpLookupManager.PeppolEndpointData endpointAddress = transmissionRequest.getEndpointAddress();
        if (endpointAddress.getCommonName() == null) {
            throw new IllegalStateException("Must supply the X.509 common name (AS2 System Identifier) for AS2 protocol");
        }
        this.traceEnabled = transmissionRequest.isTraceEnabled();
        return new As2TransmissionResponse(send(new ByteArrayInputStream(transmissionRequest.getPayload()), transmissionRequest.getPeppolStandardBusinessHeader().getRecipientId(), transmissionRequest.getPeppolStandardBusinessHeader().getSenderId(), transmissionRequest.getPeppolStandardBusinessHeader().getDocumentTypeIdentifier(), endpointAddress, getAs2SystemIdentifierForSender(KeystoreManager.INSTANCE.getOurCertificate())), transmissionRequest.getPeppolStandardBusinessHeader(), endpointAddress.getUrl(), endpointAddress.getBusDoxProtocol(), endpointAddress.getCommonName());
    }

    TransmissionId send(InputStream inputStream, ParticipantId participantId, ParticipantId participantId2, PeppolDocumentTypeId peppolDocumentTypeId, SmpLookupManager.PeppolEndpointData peppolEndpointData, PeppolAs2SystemIdentifier peppolAs2SystemIdentifier) {
        if (peppolEndpointData.getCommonName() == null) {
            throw new IllegalArgumentException("No common name in EndPoint object. " + peppolEndpointData);
        }
        SMimeMessageFactory sMimeMessageFactory = new SMimeMessageFactory(KeystoreManager.INSTANCE.getOurPrivateKey(), KeystoreManager.INSTANCE.getOurCertificate());
        try {
            MimeBodyPart createMimeBodyPart = MimeMessageHelper.createMimeBodyPart(inputStream, new MimeType("application/xml"));
            Mic calculateMic = MimeMessageHelper.calculateMic(createMimeBodyPart);
            log.debug("Outbound MIC is : " + calculateMic.toString());
            MimeMessage createSignedMimeMessage = sMimeMessageFactory.createSignedMimeMessage(createMimeBodyPart);
            CloseableHttpClient createCloseableHttpClient = createCloseableHttpClient();
            String externalForm = peppolEndpointData.getUrl().toExternalForm();
            HttpPost httpPost = new HttpPost(externalForm);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                createSignedMimeMessage.writeTo(byteArrayOutputStream);
                httpPost.addHeader(As2Header.AS2_FROM.getHttpHeaderName(), peppolAs2SystemIdentifier.toString());
                try {
                    httpPost.setHeader(As2Header.AS2_TO.getHttpHeaderName(), PeppolAs2SystemIdentifier.valueOf(peppolEndpointData.getCommonName()).toString());
                    httpPost.addHeader(As2Header.DISPOSITION_NOTIFICATION_TO.getHttpHeaderName(), "not.in.use@unit4.com");
                    httpPost.addHeader(As2Header.DISPOSITION_NOTIFICATION_OPTIONS.getHttpHeaderName(), As2DispositionNotificationOptions.getDefault().toString());
                    httpPost.addHeader(As2Header.AS2_VERSION.getHttpHeaderName(), "1.0");
                    httpPost.addHeader(As2Header.SUBJECT.getHttpHeaderName(), "AS2 message from OXALIS");
                    TransmissionId transmissionId = new TransmissionId();
                    httpPost.addHeader(As2Header.MESSAGE_ID.getHttpHeaderName(), transmissionId.toString());
                    httpPost.addHeader(As2Header.DATE.getHttpHeaderName(), As2DateUtil.format(new Date()));
                    try {
                        httpPost.setEntity(new ByteArrayEntity(byteArrayOutputStream.toByteArray(), ContentType.create(createSignedMimeMessage.getContentType())));
                        try {
                            log.debug("Sending AS2 from " + participantId2 + " to " + participantId + " at " + externalForm + " type " + peppolDocumentTypeId);
                            CloseableHttpResponse execute = createCloseableHttpClient.execute((HttpUriRequest) httpPost);
                            if (execute.getStatusLine().getStatusCode() != 200) {
                                log.error("AS2 HTTP POST expected HTTP OK, but got : " + execute.getStatusLine().getStatusCode() + " from " + externalForm);
                                return handleFailedRequest(execute);
                            }
                            log.debug("AS2 transmission " + transmissionId + " to " + externalForm + " returned HTTP OK, verify MDN response");
                            return handleTheHttpResponse(transmissionId, calculateMic, execute, peppolEndpointData);
                        } catch (HttpHostConnectException e) {
                            throw new IllegalStateException("The Oxalis server does not seem to be running at " + externalForm);
                        } catch (Exception e2) {
                            throw new IllegalStateException("Unexpected error during execution of http POST to " + externalForm + ": " + e2.getMessage(), e2);
                        }
                    } catch (Exception e3) {
                        throw new IllegalStateException("Unable to set request header content type : " + e3.getMessage());
                    }
                } catch (InvalidAs2SystemIdentifierException e4) {
                    throw new IllegalArgumentException("Unable to create valid AS2 System Identifier for receiving end point: " + peppolEndpointData);
                }
            } catch (Exception e5) {
                throw new IllegalStateException("Unable to stream S/MIME message into byte array output stream");
            }
        } catch (MimeTypeParseException e6) {
            throw new IllegalStateException("Problems with MIME types: " + e6.getMessage(), e6);
        }
    }

    TransmissionId handleTheHttpResponse(TransmissionId transmissionId, Mic mic, CloseableHttpResponse closeableHttpResponse, SmpLookupManager.PeppolEndpointData peppolEndpointData) {
        X509Certificate signersX509Certificate;
        try {
            try {
                HttpEntity entity = closeableHttpResponse.getEntity();
                if (entity == null) {
                    throw new IllegalStateException("No contents in HTTP response with rc=" + closeableHttpResponse.getStatusLine().getStatusCode());
                }
                String entityUtils = EntityUtils.toString(entity);
                if (this.traceEnabled) {
                    log.debug("HTTP-headers:");
                    for (Header header : closeableHttpResponse.getAllHeaders()) {
                        log.debug("" + header.getName() + ": " + header.getValue());
                    }
                    log.debug("Contents:\n" + entityUtils);
                    log.debug("---------------------------");
                }
                Header firstHeader = closeableHttpResponse.getFirstHeader("Content-Type");
                if (firstHeader == null) {
                    throw new IllegalStateException("No Content-Type header in response, probably a server error");
                }
                try {
                    MimeMessage parseMultipart = MimeMessageHelper.parseMultipart(entityUtils, new MimeType(firstHeader.getValue()));
                    try {
                        signersX509Certificate = new SignedMimeMessageInspector(parseMultipart).getSignersX509Certificate();
                        signersX509Certificate.checkValidity();
                    } catch (Exception e) {
                        log.warn("Exception when verifying MDN signature : " + e.getMessage());
                    }
                    if (peppolEndpointData.getCommonName() == null || !CommonName.valueOf(signersX509Certificate.getSubjectX500Principal()).equals(peppolEndpointData.getCommonName())) {
                        throw new CertificateException("Common name in certificate from SMP does not match common name in AP certificate");
                    }
                    log.debug("MDN signature was verfied for : " + signersX509Certificate.getSubjectDN().toString());
                    MdnMimeMessageInspector mdnMimeMessageInspector = new MdnMimeMessageInspector(parseMultipart);
                    String plainTextPartAsText = mdnMimeMessageInspector.getPlainTextPartAsText();
                    if (!mdnMimeMessageInspector.isOkOrWarning(mic)) {
                        log.error("AS2 transmission failed with some error message, msg :" + plainTextPartAsText);
                        log.error(entityUtils);
                        throw new IllegalStateException("AS2 transmission failed : " + plainTextPartAsText);
                    }
                    try {
                        closeableHttpResponse.close();
                        return transmissionId;
                    } catch (IOException e2) {
                        throw new IllegalStateException("Unable to close http connection: " + e2.getMessage(), e2);
                    }
                } catch (MimeTypeParseException e3) {
                    throw new IllegalStateException("Invalid Content-Type header");
                }
            } catch (IOException e4) {
                throw new IllegalStateException("Unable to obtain the contents of the response: " + e4.getMessage(), e4);
            }
        } catch (Throwable th) {
            try {
                closeableHttpResponse.close();
                throw th;
            } catch (IOException e5) {
                throw new IllegalStateException("Unable to close http connection: " + e5.getMessage(), e5);
            }
        }
    }

    TransmissionId handleFailedRequest(CloseableHttpResponse closeableHttpResponse) {
        HttpEntity entity = closeableHttpResponse.getEntity();
        try {
            if (entity == null) {
                throw new IllegalStateException("Request failed with rc=" + closeableHttpResponse.getStatusLine().getStatusCode() + ", no content returned in HTTP response");
            }
            String entityUtils = EntityUtils.toString(entity);
            throw new IllegalStateException("Request failed with rc=" + closeableHttpResponse.getStatusLine().getStatusCode() + ", contents received (" + entityUtils.trim().length() + " characters):" + entityUtils);
        } catch (IOException e) {
            throw new IllegalStateException("Request failed with rc=" + closeableHttpResponse.getStatusLine().getStatusCode() + ", ERROR while retrieving the contents of the response:" + e.getMessage(), e);
        }
    }

    private PeppolAs2SystemIdentifier getAs2SystemIdentifierForSender(X509Certificate x509Certificate) {
        try {
            return PeppolAs2SystemIdentifier.valueOf(CommonName.valueOf(x509Certificate.getSubjectX500Principal()));
        } catch (InvalidAs2SystemIdentifierException e) {
            throw new IllegalStateException("AS2 System Identifier could not be obtained from " + x509Certificate.getSubjectX500Principal(), e);
        }
    }

    private CloseableHttpClient createCloseableHttpClient() {
        try {
            SSLContext build = SSLContexts.custom().useTLS().build();
            if (0 != 0) {
                log.warn("SSL verification for outbound AS2 is disabled");
                try {
                    build.init(null, new TrustManager[]{new X509TrustManager() { // from class: eu.peppol.outbound.transmission.As2MessageSender.1
                        @Override // javax.net.ssl.X509TrustManager
                        public X509Certificate[] getAcceptedIssuers() {
                            return null;
                        }

                        @Override // javax.net.ssl.X509TrustManager
                        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                        }

                        @Override // javax.net.ssl.X509TrustManager
                        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                        }
                    }}, new SecureRandom());
                } catch (Exception e) {
                    log.error("Failed to disable SSL verification for outbound AS2, defaulting to system defaults : " + e.getMessage());
                }
            }
            return HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(build, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)).setRoutePlanner(new SystemDefaultRoutePlanner(ProxySelector.getDefault())).build();
        } catch (Exception e2) {
            throw new IllegalStateException("Unable to create TLS based SSLContext", e2);
        }
    }

    public Mic getMic() {
        return this.mic;
    }

    public void setMic(Mic mic) {
        this.mic = mic;
    }
}
