package com.huaweicloud.sdk.iot.module;

import com.huawei.m2m.edge.daemon.client.DaemonHttpException;
import com.huawei.m2m.edge.daemon.dto.VerifyRequestBody;
import com.huawei.m2m.edge.daemon.dto.VerifyResponseBody;
import com.huawei.m2m.edge.daemon.service.Identity;
import com.huawei.m2m.edge.daemon.util.StringUtil;
import com.huawei.m2m.edge.daemon.util.TokenHolder;
import com.huaweicloud.sdk.iot.module.dto.Config;
import com.huaweicloud.sdk.iot.module.dto.ConfirmConfigReq;
import com.huaweicloud.sdk.iot.module.dto.SyncConfigRsp;
import com.huaweicloud.sdk.iot.module.exception.AuthException;
import com.huaweicloud.sdk.iot.module.exception.CryptException;
import com.huaweicloud.sdk.iot.module.exception.GeneraException;
import com.huaweicloud.sdk.iot.module.exception.HttpException;
import com.huaweicloud.sdk.iot.utils.JsonUtil;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.util.HashMap;
import java.util.List;
import org.apache.commons.lang3.time.DateUtils;
import org.apache.http.Header;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPatch;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.entity.StringEntity;

/* loaded from: input_file:com/huaweicloud/sdk/iot/module/ItClient.class */
public class ItClient extends BaseClient {
    public static final String SERVER = "http://sys-edge-apigw:8900";
    public static final String AUTHORIZATION = "Authorization";
    public static final String X_AUTHORIZATION = "X-Authorization";
    public static final String UTF_8 = "UTF-8";
    public static final int ONE_MINUTE = 60000;
    public static final String SERVER_MODULE_ID = "sys_edge_apigw";

    public static ItClient createFromEnv() throws GeneraException {
        return new ItClient(createConfigFromEnv());
    }

    ItClient(ClientConfig clientConfig) throws GeneraException {
        super(clientConfig);
    }

    public String getJson(String str) throws HttpException, CryptException, AuthException {
        return getJson(str, null);
    }

    public String getJson(String str, Header[] headerArr) throws HttpException, CryptException, AuthException {
        return sendJson(headerArr, new HttpGet(SERVER + str));
    }

    public String postJson(String str, String str2) throws HttpException, CryptException, AuthException {
        return postJson(str, str2, null);
    }

    public String postJson(String str, String str2, Header[] headerArr) throws HttpException, CryptException, AuthException {
        HttpPost httpPost = new HttpPost(SERVER + str);
        httpPost.setEntity(new StringEntity(str2, "UTF-8"));
        return sendJson(headerArr, httpPost);
    }

    public String deleteJson(String str) throws HttpException, CryptException, AuthException {
        return deleteJson(str, null);
    }

    public String deleteJson(String str, Header[] headerArr) throws HttpException, CryptException, AuthException {
        return sendJson(headerArr, new HttpDelete(SERVER + str));
    }

    public String putJson(String str, String str2) throws HttpException, CryptException, AuthException {
        return putJson(str, str2, null);
    }

    public String putJson(String str, String str2, Header[] headerArr) throws HttpException, CryptException, AuthException {
        HttpPut httpPut = new HttpPut(SERVER + str);
        httpPut.setEntity(new StringEntity(str2, "UTF-8"));
        return sendJson(headerArr, httpPut);
    }

    public String patchJson(String str, String str2) throws HttpException, CryptException, AuthException {
        return patchJson(str, str2, null);
    }

    public String patchJson(String str, String str2, Header[] headerArr) throws HttpException, CryptException, AuthException {
        HttpPatch httpPatch = new HttpPatch(SERVER + str);
        httpPatch.setEntity(new StringEntity(str2, "UTF-8"));
        return sendJson(headerArr, httpPatch);
    }

    private String sendJson(Header[] headerArr, HttpRequestBase httpRequestBase) throws HttpException, CryptException, AuthException {
        if (headerArr != null) {
            httpRequestBase.setHeaders(headerArr);
        }
        this.jsonClient.setJsonHeader(httpRequestBase);
        sign(httpRequestBase);
        return this.jsonClient.send(httpRequestBase);
    }

    public void sign(HttpRequestBase httpRequestBase) throws CryptException, AuthException {
        if (StringUtil.strIsNullOrEmpty(this.config.getDaemonVerifyCode())) {
            signAuth(httpRequestBase);
        } else {
            signXAuth(httpRequestBase);
        }
    }

    private void signXAuth(HttpRequestBase httpRequestBase) throws AuthException {
        if (!TokenHolder.getToken().isPresent()) {
            throw new AuthException("IA's X-Token is not exist");
        }
        httpRequestBase.setHeader(X_AUTHORIZATION, TokenHolder.getToken().get());
    }

    private void signAuth(HttpRequestBase httpRequestBase) throws CryptException {
        StringBuilder sb = new StringBuilder("Algorithm=HMAC_SHA_256");
        sb.append(";AK=").append(this.config.getModuleId());
        String l = Long.toString(System.currentTimeMillis());
        sb.append(";SignedTime=").append(l);
        sb.append(";Signature=").append(this.config.hmacHex(l));
        httpRequestBase.setHeader("Authorization", sb.toString());
    }

    @Deprecated
    public void verify(String str) throws AuthException {
        try {
            if (str == null) {
                throw new AuthException("Authorization is null");
            }
            HashMap hashMap = new HashMap();
            for (String str2 : str.split(";")) {
                String[] split = str2.split("=");
                if (split.length != 2) {
                    throw new AuthException("Authorization is invalid");
                }
                hashMap.put(split[0], split[1]);
            }
            String str3 = (String) hashMap.get("SignedTime");
            if (System.currentTimeMillis() - Long.parseLong(str3) >= DateUtils.MILLIS_PER_MINUTE) {
                throw new AuthException("Authorization is expired");
            }
            authEqual((String) hashMap.get("Algorithm"), "HMAC_SHA_256", "Algorithm is invalid");
            authEqual((String) hashMap.get("AK"), this.config.getModuleId(), "AK is invalid");
            authEqual((String) hashMap.get("Signature"), this.config.hmacHex(str3), "Signature is invalid");
        } catch (CryptException | NumberFormatException e) {
            throw new AuthException("Authorization is invalid");
        }
    }

    public void verifyByDaemon(String str) throws AuthException {
        if (str == null) {
            throw new AuthException("X-Token is null");
        }
        if (!TokenHolder.getToken().isPresent()) {
            throw new AuthException("IA's X-Token is not exist");
        }
        try {
            VerifyRequestBody verifyRequestBody = new VerifyRequestBody();
            verifyRequestBody.setToken(str);
            VerifyResponseBody verify = Identity.getInstance().verify(TokenHolder.getToken().get(), verifyRequestBody);
            authEqual(verify.getModuleId(), SERVER_MODULE_ID, "Server module ID is incorrect.");
            if (ZonedDateTime.now(ZoneOffset.UTC).toInstant().toEpochMilli() >= verify.getExpiresAt().longValue()) {
                throw new AuthException("x-token is expired");
            }
        } catch (DaemonHttpException e) {
            throw new AuthException("X-Token verification from Daemon failed");
        }
    }

    private void authEqual(String str, String str2, String str3) throws AuthException {
        if (str == null || !str.equals(str2)) {
            throw new AuthException(str3);
        }
    }

    public List<Config> syncConfigs() throws GeneraException {
        return ((SyncConfigRsp) JsonUtil.fromJson(getJson(String.format("/nas/iotedge/v2/%s/edge-nodes/%s/ias/%s/configs?sync=true", this.config.getProjectId(), this.config.getDeviceId(), this.config.getModuleId())), SyncConfigRsp.class)).getConfigs();
    }

    public void confirmConfigs(List<Config> list) throws GeneraException {
        String format = String.format("/nas/iotedge/v2/%s/edge-nodes/%s/ias/%s/configs/batch-confirm", this.config.getProjectId(), this.config.getDeviceId(), this.config.getModuleId());
        ConfirmConfigReq confirmConfigReq = new ConfirmConfigReq();
        confirmConfigReq.setConfigs(list);
        postJson(format, JsonUtil.toJson(confirmConfigReq));
    }

    public HttpClient getHttpClient() {
        return this.httpConnection.getClient();
    }
}
