package com.cloudera.keytrustee.impl;

import com.cloudera.keytrustee.ClientInfo;
import com.cloudera.keytrustee.Connector;
import com.cloudera.keytrustee.KeyTrusteeConstants;
import com.cloudera.keytrustee.KeyTrusteeException;
import com.cloudera.keytrustee.ServerInfo;
import com.cloudera.keytrustee.TokenStore;
import com.cloudera.keytrustee.URLConnector;
import com.cloudera.keytrustee.crypto.Crypto;
import com.cloudera.keytrustee.crypto.Fingerprint;
import com.cloudera.keytrustee.crypto.HkpKeyServer;
import com.cloudera.keytrustee.crypto.KeyManager;
import java.io.UnsupportedEncodingException;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.util.HashMap;
import java.util.Map;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.json.JSONObject;

/* loaded from: input_file:com/cloudera/keytrustee/impl/PayloadConnection.class */
public abstract class PayloadConnection {
    private boolean updateFingerprintFromServer;
    protected ClientInfo client;
    protected ServerInfo server;
    protected URLConnector urlConn;
    protected TokenStore tokenStore;

    /* loaded from: input_file:com/cloudera/keytrustee/impl/PayloadConnection$PayloadResponse.class */
    public static class PayloadResponse {
        private final Connector.Response httpResponse;
        private final JSONObject params;
        private final JSONObject data;

        /* JADX INFO: Access modifiers changed from: package-private */
        public PayloadResponse(Connector.Response response, JSONObject jSONObject) throws Exception {
            this.httpResponse = response;
            this.params = jSONObject;
            if (jSONObject.has("payload")) {
                this.data = new JSONObject(jSONObject.getString("payload"));
            } else {
                this.data = new JSONObject();
            }
        }

        public Connector.Response getHttpResponse() {
            return this.httpResponse;
        }

        public JSONObject getParams() {
            return this.params;
        }

        public JSONObject getData() {
            return this.data;
        }
    }

    public PayloadConnection(ClientInfo clientInfo, ServerInfo serverInfo, TokenStore tokenStore) throws KeyTrusteeException {
        this.client = clientInfo;
        this.server = serverInfo;
        this.tokenStore = tokenStore;
        try {
            if (serverInfo.hasCertificate()) {
                this.urlConn = new URLConnector(KeyTrusteeConstants.SECURE_PROTOCOL, serverInfo.getHostname(), serverInfo.getKtsPort(), serverInfo.isSslInsecure(), serverInfo.getCertificate());
            } else {
                this.urlConn = new URLConnector(KeyTrusteeConstants.SECURE_PROTOCOL, serverInfo.getHostname(), serverInfo.getKtsPort(), serverInfo.isSslInsecure());
            }
            this.urlConn.setServerInfo(serverInfo);
            this.updateFingerprintFromServer = !FailoverClientInfoImpl.isDisableUpdateFingerprintFromServerClient(clientInfo);
        } catch (URISyntaxException e) {
            throw new KeyTrusteeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PGPPublicKeyRing recvPublicKey(Fingerprint fingerprint) throws KeyTrusteeException {
        return recvPublicKey(fingerprint, this.updateFingerprintFromServer);
    }

    protected PGPPublicKeyRing recvPublicKey(Fingerprint fingerprint, boolean z) throws KeyTrusteeException {
        try {
            PGPPublicKeyRing lookupValidPublicKey = this.client.lookupValidPublicKey(fingerprint);
            if (lookupValidPublicKey != null && !z) {
                return lookupValidPublicKey;
            }
            String str = new HkpKeyServer(this.server).get(fingerprint);
            if (str == null) {
                throw new KeyTrusteeException("Failed to retrieve key [" + fingerprint + "]: empty response from keyserver [" + this.server.getHostname());
            }
            this.client.importPublicKeyRings(KeyManager.readPublicKeyRingCollection(str));
            return this.client.lookupValidPublicKey(fingerprint);
        } catch (Exception e) {
            throw new KeyTrusteeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PayloadResponse fetchData(String str) throws Exception {
        return fetchData(str, new HashMap());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract PayloadResponse fetchData(String str, Map<String, ?> map) throws Exception;

    public static PayloadConnection create(ClientInfo clientInfo, ServerInfo serverInfo, TokenStore tokenStore) throws KeyTrusteeException {
        if (serverInfo.getProtocol().equals("json-encrypt")) {
            return new EncryptedPayloadConnection(clientInfo, serverInfo, tokenStore);
        }
        if (serverInfo.getProtocol().equals(ServerInfo.PROTOCOL_JSON_SIGN)) {
            return new SignedPayloadConnection(clientInfo, serverInfo, tokenStore);
        }
        throw new KeyTrusteeException("Unsupported protocol: " + serverInfo.getProtocol());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, Object> encryptRequest(Map<String, Object> map) throws Exception {
        Fingerprint of = Fingerprint.of(KeyManager.getFirstSigningKey(this.client.getKeyRings().getPublicKeyRing()));
        if (map == null) {
            map = new HashMap();
        }
        map.put("version", KeyTrusteeConstants.getVersionedName());
        map.put("sig_fingerprint", of);
        map.put("client_fingerprint", this.client.getFingerprint());
        if (this.server.isTokenSync() && this.tokenStore != null) {
            map.put("auth_token", this.tokenStore.getLastToken());
        }
        return Crypto.getInstance().encryptPayload(map, this.client.getPublicKeyRings(), this.client.getKeyRings().getSecretKeyRing(), this.server.getFingerprint());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static JSONObject decodeContents(String str) throws Exception {
        HashMap hashMap = new HashMap();
        for (String str2 : str.split("&")) {
            String[] split = str2.split("=", 2);
            if (split.length >= 2) {
                hashMap.put(split[0], urldecode(split[1]));
            }
        }
        return new JSONObject(hashMap);
    }

    protected static String urldecode(String str) throws UnsupportedEncodingException {
        return URLDecoder.decode(str, KeyTrusteeConstants.ENCODING);
    }
}
