package org.shredzone.acme4j;

import edu.umd.cs.findbugs.annotations.Nullable;
import java.net.URI;
import java.net.URL;
import java.security.KeyPair;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Collectors;
import org.eclipse.jgit.transport.AmazonS3;
import org.shredzone.acme4j.connector.Connection;
import org.shredzone.acme4j.connector.Resource;
import org.shredzone.acme4j.connector.ResourceIterator;
import org.shredzone.acme4j.exception.AcmeException;
import org.shredzone.acme4j.exception.AcmeProtocolException;
import org.shredzone.acme4j.toolbox.AcmeUtils;
import org.shredzone.acme4j.toolbox.JSONBuilder;
import org.shredzone.acme4j.toolbox.JoseUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/shredzone/acme4j/Account.class */
public class Account extends AcmeJsonResource {
    private static final long serialVersionUID = 7042863483428051319L;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) Account.class);
    private static final String KEY_TOS_AGREED = "termsOfServiceAgreed";
    private static final String KEY_ORDERS = "orders";
    private static final String KEY_CONTACT = "contact";
    private static final String KEY_STATUS = "status";
    private static final String KEY_EXTERNAL_ACCOUNT_BINDING = "externalAccountBinding";

    /* loaded from: input_file:org/shredzone/acme4j/Account$EditableAccount.class */
    public class EditableAccount {
        private final List<URI> editContacts;

        private EditableAccount() {
            this.editContacts = new ArrayList();
            this.editContacts.addAll(Account.this.getContacts());
        }

        public List<URI> getContacts() {
            return this.editContacts;
        }

        public EditableAccount addContact(URI uri) {
            AcmeUtils.validateContact(uri);
            this.editContacts.add(uri);
            return this;
        }

        public EditableAccount addContact(String str) {
            addContact(URI.create(str));
            return this;
        }

        public EditableAccount addEmail(String str) {
            addContact("mailto:" + str);
            return this;
        }

        public void commit() throws AcmeException {
            Account.LOG.debug("modify/commit");
            Connection connect = Account.this.getSession().connect();
            try {
                JSONBuilder jSONBuilder = new JSONBuilder();
                if (!this.editContacts.isEmpty()) {
                    jSONBuilder.put(Account.KEY_CONTACT, this.editContacts);
                }
                connect.sendSignedRequest(Account.this.getLocation(), jSONBuilder, Account.this.getLogin());
                Account.this.setJSON(connect.readJsonResponse());
                if (connect != null) {
                    connect.close();
                }
            } catch (Throwable th) {
                if (connect != null) {
                    try {
                        connect.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Account(Login login) {
        super(login, login.getAccountLocation());
    }

    @Nullable
    public Boolean getTermsOfServiceAgreed() {
        return (Boolean) getJSON().get(KEY_TOS_AGREED).map((v0) -> {
            return v0.asBoolean();
        }).orElse(null);
    }

    public List<URI> getContacts() {
        return Collections.unmodifiableList((List) getJSON().get(KEY_CONTACT).asArray().stream().map((v0) -> {
            return v0.asURI();
        }).collect(Collectors.toList()));
    }

    public Status getStatus() {
        return getJSON().get(KEY_STATUS).asStatus();
    }

    public boolean hasExternalAccountBinding() {
        return getJSON().contains(KEY_EXTERNAL_ACCOUNT_BINDING);
    }

    @Nullable
    public String getKeyIdentifier() {
        return (String) getJSON().get(KEY_EXTERNAL_ACCOUNT_BINDING).optional().map((v0) -> {
            return v0.asObject();
        }).map(json -> {
            return json.get("protected");
        }).map((v0) -> {
            return v0.asEncodedObject();
        }).map(json2 -> {
            return json2.get("kid");
        }).map((v0) -> {
            return v0.asString();
        }).orElse(null);
    }

    public Iterator<Order> getOrders() {
        Optional<U> map = getJSON().get(KEY_ORDERS).optional().map((v0) -> {
            return v0.asURL();
        });
        if (map.isPresent()) {
            return new ResourceIterator(getLogin(), KEY_ORDERS, (URL) map.get(), (v0, v1) -> {
                return v0.bindOrder(v1);
            });
        }
        throw new AcmeProtocolException("This ACME server does not support getOrders()");
    }

    public OrderBuilder newOrder() {
        return new OrderBuilder(getLogin());
    }

    public Authorization preAuthorizeDomain(String str) throws AcmeException {
        Objects.requireNonNull(str, AmazonS3.Keys.DOMAIN);
        if (str.isEmpty()) {
            throw new IllegalArgumentException("domain must not be empty");
        }
        return preAuthorize(Identifier.dns(str));
    }

    public Authorization preAuthorize(Identifier identifier) throws AcmeException {
        Objects.requireNonNull(identifier, "identifier");
        URL resourceUrl = getSession().resourceUrl(Resource.NEW_AUTHZ);
        LOG.debug("preAuthorize {}", identifier);
        Connection connect = getSession().connect();
        try {
            JSONBuilder jSONBuilder = new JSONBuilder();
            jSONBuilder.put("identifier", identifier.toMap());
            connect.sendSignedRequest(resourceUrl, jSONBuilder, getLogin());
            URL location = connect.getLocation();
            if (location == null) {
                throw new AcmeProtocolException("Server did not provide an authorization location");
            }
            Authorization bindAuthorization = getLogin().bindAuthorization(location);
            bindAuthorization.setJSON(connect.readJsonResponse());
            if (connect != null) {
                connect.close();
            }
            return bindAuthorization;
        } catch (Throwable th) {
            if (connect != null) {
                try {
                    connect.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public void changeKey(KeyPair keyPair) throws AcmeException {
        Objects.requireNonNull(keyPair, "newKeyPair");
        if (Arrays.equals(getLogin().getKeyPair().getPrivate().getEncoded(), keyPair.getPrivate().getEncoded())) {
            throw new IllegalArgumentException("newKeyPair must actually be a new key pair");
        }
        LOG.debug("key-change");
        Connection connect = getSession().connect();
        try {
            URL resourceUrl = getSession().resourceUrl(Resource.KEY_CHANGE);
            JSONBuilder jSONBuilder = new JSONBuilder();
            jSONBuilder.put("account", getLocation());
            jSONBuilder.putKey("oldKey", getLogin().getKeyPair().getPublic());
            connect.sendSignedRequest(resourceUrl, JoseUtils.createJoseRequest(resourceUrl, keyPair, jSONBuilder, null, null), getLogin());
            getLogin().setKeyPair(keyPair);
            if (connect != null) {
                connect.close();
            }
        } catch (Throwable th) {
            if (connect != null) {
                try {
                    connect.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public void deactivate() throws AcmeException {
        LOG.debug("deactivate");
        Connection connect = getSession().connect();
        try {
            JSONBuilder jSONBuilder = new JSONBuilder();
            jSONBuilder.put(KEY_STATUS, "deactivated");
            connect.sendSignedRequest(getLocation(), jSONBuilder, getLogin());
            setJSON(connect.readJsonResponse());
            if (connect != null) {
                connect.close();
            }
        } catch (Throwable th) {
            if (connect != null) {
                try {
                    connect.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public EditableAccount modify() {
        return new EditableAccount();
    }
}
