package com.aote.webmeter.tools.iot;

import com.af.plugins.HttpConnectionPoolUtil;
import com.aote.redis.RedisUtil;
import com.aote.webmeter.enums.IOTBusinessTypeEnum;
import com.aote.webmeter.enums.WebmeterPropertiesIOTEnum;
import com.aote.webmeter.enums.platform.ExceptionEnum;
import com.aote.webmeter.exception.NorthApiException;
import com.aote.webmeter.tools.WebMeterInfo;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.log4j.Logger;
import org.json.JSONObject;

/* loaded from: input_file:com/aote/webmeter/tools/iot/AuthenticationTools.class */
public class AuthenticationTools {
    public static final String SELFCERTPWD = "IoM@1234";
    public static final String TRUSTCAPWD = "Huawei@123";
    private static final Logger LOGGER = Logger.getLogger(AuthenticationTools.class);
    private static volatile CloseableHttpClient httpClient;

    public static CloseableHttpClient getHttpClient() {
        if (httpClient == null) {
            synchronized (AuthenticationTools.class) {
                if (httpClient == null) {
                    try {
                        httpClient = HttpConnectionPoolUtil.getHttpClient(initSslConfig());
                    } catch (NorthApiException e) {
                        e.printStackTrace();
                    }
                }
            }
        }
        return httpClient;
    }

    private static JSONObject getAuthInfo() {
        String string;
        String string2;
        int intValue = IotCommonTools.getIsAep().intValue();
        if (intValue == 1) {
            string = WebMeterInfo.getString(WebmeterPropertiesIOTEnum.AEP_APIKEY);
            string2 = WebMeterInfo.getString(WebmeterPropertiesIOTEnum.AEP_SECRET);
        } else if (intValue == 0) {
            string = WebMeterInfo.getString(WebmeterPropertiesIOTEnum.OC_APIKEY);
            string2 = WebMeterInfo.getString(WebmeterPropertiesIOTEnum.OC_SECRET);
        } else {
            string = WebMeterInfo.getString(WebmeterPropertiesIOTEnum.OC2_APIKEY);
            string2 = WebMeterInfo.getString(WebmeterPropertiesIOTEnum.OC2_SECRET);
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("appId", string);
        jSONObject.put("secret", string2);
        return jSONObject;
    }

    public static String getAuthToken(boolean z) {
        JSONObject authInfo = getAuthInfo();
        String string = authInfo.getString("appId");
        String string2 = authInfo.getString("secret");
        String token = getToken(string, z);
        return token != null ? token : getWebAuthToken(string, string2, z);
    }

    public static String getAuthToken() {
        return getAuthToken(false);
    }

    private static String requestGetToken(String str, String str2) throws IOException {
        RedisUtil redisUtil = RedisUtil.getInstance();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("appId", str);
        jSONObject.put("secret", str2);
        String refreshToken = getRefreshToken(str);
        if (refreshToken == null) {
            LOGGER.info(str + ":进行鉴权操作");
            JSONObject post = IotCommonTools.post(IOTBusinessTypeEnum.AUTH, new HttpPost(), jSONObject, null);
            if (post.has("errorEntity")) {
                throw new RuntimeException(post.toString());
            }
            redisUtil.set(str + "_refreshToken", post.getString("refreshToken"), 86340L);
            return requestGetToken(str, str2);
        }
        LOGGER.info(str + ":进行刷新鉴权操作");
        jSONObject.put("refreshToken", refreshToken);
        JSONObject post2 = IotCommonTools.post(IOTBusinessTypeEnum.REFRESH_AUTH, new HttpPost(), jSONObject, null);
        if (post2.has("errorEntity")) {
            redisUtil.delete(str + "_refreshToken");
            return requestGetToken(str, str2);
        }
        String string = post2.getString("accessToken");
        String string2 = post2.getString("refreshToken");
        redisUtil.set(str + "_token", string, post2.getInt("expiresIn") - 60);
        if (!refreshToken.equals(string2)) {
            redisUtil.set(str + "_refreshToken", string2, 86340L);
        }
        return string;
    }

    private static String getToken(String str, boolean z) {
        Object obj;
        if (z || (obj = RedisUtil.getInstance().get(str + "_token")) == null) {
            return null;
        }
        LOGGER.info(str + ":获取现有token");
        return String.valueOf(obj);
    }

    public static synchronized String getWebAuthToken(String str, String str2, boolean z) {
        String[] strArr = new String[1];
        RedisUtil.getInstance().syncLock(str, 60, () -> {
            String token = getToken(str, z);
            if (z) {
                LOGGER.info(str + ":进行强制刷新鉴权操作");
            }
            if (token != null) {
                strArr[0] = token;
                return;
            }
            try {
                strArr[0] = requestGetToken(str, str2);
            } catch (IOException e) {
                e.printStackTrace();
            }
        });
        return strArr[0];
    }

    private static String getRefreshToken(String str) {
        Object obj = RedisUtil.getInstance().get(str + "_refreshToken");
        if (obj != null) {
            return String.valueOf(obj);
        }
        return null;
    }

    protected static SSLConnectionSocketFactory initSslConfig() throws NorthApiException {
        try {
            InputStream resourceAsStream = SignalDeliveryTools.class.getResourceAsStream("/ca.jks");
            Throwable th = null;
            try {
                InputStream resourceAsStream2 = SignalDeliveryTools.class.getResourceAsStream("/outgoing.CertwithKey.pkcs12");
                Throwable th2 = null;
                try {
                    try {
                        KeyStore keyStore = KeyStore.getInstance("pkcs12");
                        keyStore.load(resourceAsStream2, SELFCERTPWD.toCharArray());
                        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("sunx509");
                        keyManagerFactory.init(keyStore, SELFCERTPWD.toCharArray());
                        KeyStore keyStore2 = KeyStore.getInstance("jks");
                        keyStore2.load(resourceAsStream, TRUSTCAPWD.toCharArray());
                        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("sunx509");
                        trustManagerFactory.init(keyStore2);
                        SSLContext sSLContext = SSLContext.getInstance("TLS");
                        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                        SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(sSLContext, NoopHostnameVerifier.INSTANCE);
                        if (resourceAsStream2 != null) {
                            if (0 != 0) {
                                try {
                                    resourceAsStream2.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                resourceAsStream2.close();
                            }
                        }
                        return sSLConnectionSocketFactory;
                    } finally {
                    }
                } catch (Throwable th4) {
                    if (resourceAsStream2 != null) {
                        if (th2 != null) {
                            try {
                                resourceAsStream2.close();
                            } catch (Throwable th5) {
                                th2.addSuppressed(th5);
                            }
                        } else {
                            resourceAsStream2.close();
                        }
                    }
                    throw th4;
                }
            } finally {
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th6) {
                            th.addSuppressed(th6);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
            }
        } catch (Exception e) {
            throw new NorthApiException(ExceptionEnum.CLIENT_SSL_CONFIG_ERROR, e.getMessage());
        }
    }
}
