package com.huaweicloud.sdk.iot.module;

import com.huawei.m2m.edge.daemon.client.DaemonHttpException;
import com.huawei.m2m.edge.daemon.dto.DecryptRequestBody;
import com.huawei.m2m.edge.daemon.service.Cipher;
import com.huawei.m2m.edge.daemon.service.impl.InitSDK;
import com.huawei.m2m.edge.daemon.util.StringUtil;
import com.huawei.m2m.edge.daemon.util.TokenHolder;
import com.huaweicloud.sdk.iot.module.ClientConfig;
import com.huaweicloud.sdk.iot.module.crypt.Crypt;
import com.huaweicloud.sdk.iot.module.dto.BindRsp;
import com.huaweicloud.sdk.iot.module.dto.CloudAuthInfo;
import com.huaweicloud.sdk.iot.module.exception.CryptException;
import com.huaweicloud.sdk.iot.module.exception.GeneraException;
import com.huaweicloud.sdk.iot.module.exception.HttpException;
import com.huaweicloud.sdk.iot.module.exception.JsonException;
import com.huaweicloud.sdk.iot.module.exception.TransportException;
import com.huaweicloud.sdk.iot.module.transport.HubAgent;
import com.huaweicloud.sdk.iot.module.transport.http.HttpConnection;
import com.huaweicloud.sdk.iot.module.transport.http.JsonClient;
import com.huaweicloud.sdk.iot.utils.ExceptionUtil;
import java.security.KeyStore;
import java.time.ZonedDateTime;
import org.apache.http.ssl.SSLContextBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/huaweicloud/sdk/iot/module/BaseClient.class */
public class BaseClient {
    protected static final int RETRY_PERIOD = 10000;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) BaseClient.class);
    private static final String ENV_PROJECT_ID = "project_id";
    private static final String ENV_CLOUD_HTTP_SERVER_IP = "cloud_http_server_ip";
    private static final String ENV_CLOUD_HTTP_SERVER_PORT = "cloud_http_server_port";
    private static final String ENV_DEVICE_ID = "device_id";
    private static final String ENV_MODULE_ID = "module_id";
    private static final String ENV_VERIFY_CODE = "verify_code";
    private static final String ENV_EDGE_MQTT_SERVER_IP = "edge_mqtt_server_ip";
    private static final String ENV_EDGE_MQTT_SERVER_PORT = "edge_mqtt_server_port";
    private static final String ENV_EDGE_HTTP_SERVER_IP = "edge_http_server_ip";
    private static final String ENV_EDGE_HTTP_SERVER_PORT = "edge_http_server_port";
    private static final String ENV_EDGE_DAEMON_VERIFY_CODE = "daemon_verify_code";
    public static final String DAEMON_DEFAULT_ALGORITHM = "AES-GCM";
    protected ClientConfig config;
    protected HttpConnection httpConnection;
    protected JsonClient jsonClient;
    protected HubAgent hubAgent;
    private CloudAuthInfo cloudAuthInfo;

    /* JADX INFO: Access modifiers changed from: package-private */
    public BaseClient(ClientConfig clientConfig) throws GeneraException {
        validateConfig(clientConfig);
        this.config = clientConfig;
        this.httpConnection = new HttpConnection(clientConfig);
        this.jsonClient = new JsonClient(this.httpConnection.getClient());
        this.hubAgent = new HubAgent(clientConfig, this.jsonClient);
        if (StringUtil.isNotEmpty(clientConfig.getDaemonVerifyCode())) {
            new InitSDK();
            LOG.info("init daemon sdk success.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static ClientConfig createConfigFromEnv() {
        ClientConfig clientConfig = new ClientConfig();
        clientConfig.setProjectId(System.getenv(ENV_PROJECT_ID));
        String str = System.getenv(ENV_CLOUD_HTTP_SERVER_IP);
        String str2 = System.getenv(ENV_CLOUD_HTTP_SERVER_PORT);
        if (str != null && str2 != null) {
            clientConfig.setCloudEndpoint("https://" + str + ":" + str2);
        }
        clientConfig.setDeviceId(System.getenv(ENV_DEVICE_ID));
        clientConfig.setModuleId(System.getenv("module_id"));
        clientConfig.setVerifyCode(System.getenv(ENV_VERIFY_CODE));
        String str3 = System.getenv(ENV_EDGE_MQTT_SERVER_IP);
        String str4 = System.getenv(ENV_EDGE_MQTT_SERVER_PORT);
        if (str3 != null && str4 != null) {
            clientConfig.setMqttServerURI("ssl://" + str3 + ":" + str4);
        }
        String str5 = System.getenv(ENV_EDGE_HTTP_SERVER_IP);
        String str6 = System.getenv(ENV_EDGE_HTTP_SERVER_PORT);
        if (str5 != null && str6 != null) {
            clientConfig.setHttpServerURI("https://" + str5 + ":" + str6 + "/edgehub/api/v1");
        }
        clientConfig.setDaemonVerifyCode(System.getenv("daemon_verify_code"));
        return clientConfig;
    }

    static void validateConfig(ClientConfig clientConfig) throws GeneraException {
        validateStr(clientConfig.getProjectId(), "Project id is not set");
        validateStr(clientConfig.getDeviceId(), "Device id is not set");
        validateStr(clientConfig.getModuleId(), "Module id is not set");
        validateStr(clientConfig.getMqttServerURI(), "Mqtt server uri is not set");
        validateStr(clientConfig.getHttpServerURI(), "Http server uri is not set");
        if (clientConfig.getSendPeriod() <= 0) {
            throw new GeneraException("Send period is invalid");
        }
        if (clientConfig.getMaxReconnectPeriod() <= 0) {
            throw new GeneraException("Reconnect period is invalid");
        }
        if (clientConfig.getAuthType().equals(ClientConfig.AuthType.X509_CERTIFICATE)) {
            throw new GeneraException("Certificate is not supported");
        }
        try {
            clientConfig.setSslContext(new SSLContextBuilder().loadTrustMaterial((KeyStore) null, (x509CertificateArr, str) -> {
                return true;
            }).build());
        } catch (Exception e) {
            LOG.error("Create SSLContext fail, {}", e.getMessage());
            throw new GeneraException("Create SSLContext fail");
        }
    }

    private static void validateStr(String str, String str2) throws GeneraException {
        if (str == null || str.isEmpty()) {
            throw new GeneraException(str2);
        }
    }

    public ClientConfig getConfig() {
        return this.config;
    }

    public void open() throws GeneraException {
        if (!StringUtil.strIsNullOrEmpty(this.config.getDaemonVerifyCode()) || this.config.getVerifyCode() == null || this.config.secretExist()) {
            return;
        }
        BindRsp bindToHubWithRetry = bindToHubWithRetry();
        LOG.info("Save secret begin");
        this.config.saveSecret(bindToHubWithRetry);
        LOG.info("Save secret end");
    }

    private BindRsp bindToHubWithRetry() throws TransportException {
        while (true) {
            try {
                return this.hubAgent.bind();
            } catch (CryptException | HttpException | JsonException e) {
                LOG.error("Bind exception {}", e.getMessage());
                try {
                    Thread.sleep(10000L);
                } catch (InterruptedException e2) {
                }
            }
        }
    }

    public void close() throws TransportException {
        this.httpConnection.close();
    }

    public CloudAuthInfo getCloudAuthInfo() throws HttpException, CryptException, JsonException {
        if (this.cloudAuthInfo == null || ZonedDateTime.now().plusMinutes(1L).isAfter(this.cloudAuthInfo.getExpiresAt())) {
            this.cloudAuthInfo = this.hubAgent.getCloudAuthInfo();
        }
        return this.cloudAuthInfo;
    }

    public String decryptDataFromCloud(String str) throws CryptException {
        return (StringUtil.isNotEmpty(this.config.getDaemonVerifyCode()) && StringUtil.isNotEmpty(str)) ? decryptByDaemon(str) : decryptBySelf(str);
    }

    private String decryptBySelf(String str) throws CryptException {
        String cryptKey = this.config.getCryptKey();
        if (cryptKey == null) {
            throw new CryptException("Crypt key not exist");
        }
        return Crypt.decryptBase64(str, cryptKey);
    }

    private String decryptByDaemon(String str) throws CryptException {
        if (!TokenHolder.getToken().isPresent()) {
            throw new CryptException("token is empty");
        }
        DecryptRequestBody decryptRequestBody = new DecryptRequestBody();
        decryptRequestBody.setCipherText(str);
        decryptRequestBody.setAlgorithm(DAEMON_DEFAULT_ALGORITHM);
        try {
            return Cipher.getInstance().decrypt(TokenHolder.getToken().get(), decryptRequestBody).getPlainText();
        } catch (DaemonHttpException e) {
            LOG.error("DaemonHttpException:{}", ExceptionUtil.getBriefExceptionStackTrace(e));
            throw new CryptException("decrypt data exception from daemon.");
        }
    }
}
