package com.day.cq.analytics.sitecatalyst.impl;

import com.adobe.granite.crypto.CryptoException;
import com.adobe.granite.crypto.CryptoSupport;
import com.day.cq.analytics.sitecatalyst.SitecatalystException;
import com.day.cq.analytics.sitecatalyst.SitecatalystHttpClient;
import com.day.cq.analytics.sitecatalyst.SitecatalystWebservice;
import java.io.Closeable;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Dictionary;
import java.util.Iterator;
import java.util.List;
import java.util.TimeZone;
import javax.jcr.RepositoryException;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.EntityBuilder;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.osgi.services.HttpClientBuilderFactory;
import org.apache.http.util.EntityUtils;
import org.apache.sling.commons.osgi.PropertiesUtil;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.AttributeType;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Designate(ocd = Configuration.class)
@Component(service = {SitecatalystHttpClient.class}, property = {"applicationkey=", "tokenbypasssecret=", "proxyuser=", "proxyusersecret="})
/* loaded from: input_file:com/day/cq/analytics/sitecatalyst/impl/SitecatalystHttpClientImpl.class */
public class SitecatalystHttpClientImpl implements SitecatalystHttpClient {
    private static final int DEFAULT_CONNECTION_TIMEOUT = 30000;
    private static final int DEFAULT_SOCKET_TIMEOUT = 30000;
    static final String CFG_APPKEY = "applicationkey";
    static final String CFG_TOKENBYPASSSECRET = "tokenbypasssecret";
    static final String CFG_PROXYUSER = "proxyuser";
    static final String CFG_PROXYUSERSECRET = "proxyusersecret";

    @Reference
    private CryptoSupport cryptoSupport;

    @Reference
    private HttpClientBuilderFactory httpClientBuilderFactory;
    private String appKey;
    private String tokenBypassSecret;
    private String proxyUser;
    private String proxyUserSecret;
    private int connectionTimeout;
    private int socketTimeout;
    private final Logger log = LoggerFactory.getLogger(getClass());
    private List<String> dataCenterURLs = new ArrayList();
    private List<String> devHostnames = new ArrayList();

    @ObjectClassDefinition(name = "Adobe AEM Analytics HTTP Client", description = "HTTP Client for Analytics API")
    /* loaded from: input_file:com/day/cq/analytics/sitecatalyst/impl/SitecatalystHttpClientImpl$Configuration.class */
    public @interface Configuration {
        @AttributeDefinition(name = "Data center URL", description = "Default data center URL", defaultValue = {"https://api3.omniture.com/admin/1.4/rest/", "https://api4.omniture.com/admin/1.4/rest/", "https://api5.omniture.com/admin/1.4/rest/", "https://api-sbx1.omniture.com/admin/1.4/rest/"}, cardinality = Integer.MAX_VALUE, type = AttributeType.STRING)
        String[] cq_analytics_sitecatalyst_service_datacenter_url() default {"https://api3.omniture.com/admin/1.4/rest/", "https://api4.omniture.com/admin/1.4/rest/", "https://api5.omniture.com/admin/1.4/rest/", "https://api-sbx1.omniture.com/admin/1.4/rest/"};

        @AttributeDefinition(name = "Hostname patterns", description = "Development machines hostname regular expression patterns", defaultValue = {".*(\\.dev|\\.ut1)+\\.omniture\\.com$"}, cardinality = 1024, type = AttributeType.STRING)
        String[] devhostnamepatterns() default {".*(\\.dev|\\.ut1)+\\.omniture\\.com$"};

        @AttributeDefinition(name = "Connection timeout", description = "Timeout in milliseconds until a connection is established. A timeout value of zero is interpreted as an infinite timeout. Default is 30000ms", defaultValue = {"30000"})
        int connection_timeout() default 30000;

        @AttributeDefinition(name = "Socket timeout", description = "Timeout in milliseconds for waiting for data or a maximum period of inactivity between two consecutive data packets. Default is 30000ms", defaultValue = {"30000"})
        int socket_timeout() default 30000;
    }

    @Override // com.day.cq.analytics.sitecatalyst.SitecatalystHttpClient
    public String executeProxyUser(String str, String str2) throws SitecatalystException {
        return execute(null, str, str2, true, null, null, null);
    }

    @Override // com.day.cq.analytics.sitecatalyst.SitecatalystHttpClient
    public String execute(String str, String str2, String str3, String str4, String str5) throws SitecatalystException {
        return execute(null, str, str2, false, str3, str4, str5);
    }

    @Override // com.day.cq.analytics.sitecatalyst.SitecatalystHttpClient
    public String execute(String str, String str2, String str3, String str4, String str5, String str6) throws SitecatalystException {
        return execute(str, str2, str3, false, str4, str5, str6);
    }

    @Override // com.day.cq.analytics.sitecatalyst.SitecatalystHttpClient
    public String execute(String str, String str2, com.day.cq.wcm.webservicesupport.Configuration configuration) throws SitecatalystException {
        try {
            try {
                String str3 = (String) configuration.getInherited(SitecatalystWebservice.PN_COMPANY, (Object) null);
                String str4 = (String) configuration.getInherited(SitecatalystWebservice.PN_USERNAME, (Object) null);
                String str5 = (String) configuration.getInherited(SitecatalystWebservice.PN_SECRET, (Object) null);
                String str6 = (String) configuration.getInherited(SitecatalystWebservice.PN_SERVER, (Object) null);
                if (str6 == null) {
                    this.log.warn("Server property is missing in configuration {}", configuration.getPath());
                    if (!this.dataCenterURLs.isEmpty()) {
                        str6 = this.dataCenterURLs.get(0);
                        this.log.debug("Using default datacenter URL {}", str6);
                    }
                } else if (!this.dataCenterURLs.contains(str6)) {
                    this.log.error("Invalid Data Center Server URL: ", str6);
                    throw new SitecatalystException("Invalid Data Center specified");
                }
                HttpEntity build = EntityBuilder.create().setContentType(ContentType.APPLICATION_JSON).setContentEncoding("UTF-8").setText(str2).build();
                HttpPost httpPost = new HttpPost(upgradeServerToAPI14(str6) + "?method=" + str);
                httpPost.setEntity(build);
                HttpUriRequest buildRequest = buildRequest(httpPost, false, str3, str4, str5);
                CloseableHttpClient httpClientForRequest = getHttpClientForRequest(buildRequest);
                CloseableHttpResponse execute = httpClientForRequest.execute(buildRequest);
                String entityUtils = EntityUtils.toString(execute.getEntity());
                IOUtils.closeQuietly(execute);
                IOUtils.closeQuietly(httpClientForRequest);
                return entityUtils;
            } catch (IOException e) {
                this.log.warn("I/O Error while connecting: {}", e.getMessage());
                throw new SitecatalystException("not online", e);
            } catch (Exception e2) {
                this.log.warn("Internal error while connecting: {}", e2.getMessage());
                throw new SitecatalystException("Internal Error", e2);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly((Closeable) null);
            IOUtils.closeQuietly((Closeable) null);
            throw th;
        }
    }

    @Override // com.day.cq.analytics.sitecatalyst.SitecatalystHttpClient
    @Deprecated
    public String execute(URI uri, String str, com.day.cq.wcm.webservicesupport.Configuration configuration) throws SitecatalystException {
        CloseableHttpClient closeableHttpClient = null;
        CloseableHttpResponse closeableHttpResponse = null;
        try {
            try {
                HttpEntity build = EntityBuilder.create().setContentType(ContentType.APPLICATION_XML).setContentEncoding("UTF-8").setText(str).build();
                HttpPost httpPost = new HttpPost(upgradeServerToAPI14(uri.toString()));
                httpPost.setEntity(build);
                HttpUriRequest buildRequest = buildRequest(httpPost, false, (String) configuration.getInherited(SitecatalystWebservice.PN_COMPANY, ""), (String) configuration.getInherited(SitecatalystWebservice.PN_USERNAME, ""), (String) configuration.getInherited(SitecatalystWebservice.PN_SECRET, ""));
                closeableHttpClient = getHttpClientForRequest(buildRequest);
                closeableHttpResponse = closeableHttpClient.execute(buildRequest);
                String entityUtils = EntityUtils.toString(closeableHttpResponse.getEntity());
                IOUtils.closeQuietly(closeableHttpResponse);
                IOUtils.closeQuietly(closeableHttpClient);
                return entityUtils;
            } catch (Exception e) {
                throw new SitecatalystException(e.getMessage(), e);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(closeableHttpResponse);
            IOUtils.closeQuietly(closeableHttpClient);
            throw th;
        }
    }

    private String execute(String str, String str2, String str3, boolean z, String str4, String str5, String str6) throws SitecatalystException {
        try {
            if (str == null) {
                try {
                    if (this.dataCenterURLs.size() > 0) {
                        this.log.debug("No data center URL provided, using service default.");
                        str = this.dataCenterURLs.get(0);
                    }
                } catch (IOException e) {
                    this.log.error("I/O Error while connecting: {}", e.getMessage());
                    throw new SitecatalystException("not online", e);
                } catch (Exception e2) {
                    this.log.error("Internal error while connecting: {}", e2.getMessage());
                    throw new SitecatalystException(e2.getMessage(), e2);
                }
            }
            if (str == null || !this.dataCenterURLs.contains(str)) {
                throw new SitecatalystException("No valid end point given");
            }
            HttpEntity build = EntityBuilder.create().setContentType(ContentType.APPLICATION_JSON).setContentEncoding("UTF-8").setText(str3).build();
            HttpPost httpPost = new HttpPost(upgradeServerToAPI14(str) + "?method=" + str2);
            httpPost.setEntity(build);
            HttpUriRequest buildRequest = buildRequest(httpPost, z, str4, str5, str6);
            CloseableHttpClient httpClientForRequest = getHttpClientForRequest(buildRequest);
            CloseableHttpResponse execute = httpClientForRequest.execute(buildRequest);
            Header firstHeader = execute.getFirstHeader("Content-Type");
            if (firstHeader != null && !firstHeader.getValue().contains("application/json")) {
                throw new SitecatalystException("Response is of unsupported content-type, please check end point.");
            }
            String entityUtils = EntityUtils.toString(execute.getEntity());
            IOUtils.closeQuietly(execute);
            IOUtils.closeQuietly(httpClientForRequest);
            return entityUtils;
        } catch (Throwable th) {
            IOUtils.closeQuietly((Closeable) null);
            IOUtils.closeQuietly((Closeable) null);
            throw th;
        }
    }

    private CloseableHttpClient getHttpClientForRequest(HttpUriRequest httpUriRequest) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
        RequestConfig build = RequestConfig.custom().setConnectTimeout(this.connectionTimeout).setConnectionRequestTimeout(this.connectionTimeout).setSocketTimeout(this.socketTimeout).build();
        URI uri = httpUriRequest.getURI();
        if (!StringUtils.equals("https", uri.getScheme()) || !isDev(uri.getHost())) {
            return this.httpClientBuilderFactory.newBuilder().setDefaultRequestConfig(build).build();
        }
        return this.httpClientBuilderFactory.newBuilder().setSSLSocketFactory(new SSLConnectionSocketFactory(SSLContexts.custom().loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy()).build())).setDefaultRequestConfig(build).build();
    }

    private HttpUriRequest buildRequest(HttpUriRequest httpUriRequest, boolean z, String str, String str2, String str3) throws IOException, CryptoException, NoSuchAlgorithmException {
        Date date = new Date();
        byte[] generateNonce = generateNonce();
        String generateTimestamp = generateTimestamp(date);
        String str4 = null;
        if (z) {
            if (str == null || str2 == null) {
                String[] split = this.proxyUser.split("/");
                if (split == null || split.length != 2) {
                    this.log.warn("Method call with isProxyUser=true and no proxy user configured.");
                } else {
                    str = split[0];
                    str2 = split[1];
                }
            }
            str4 = getAppKeySecurityHeader(generateNonce, str2, str, generateTimestamp);
        } else if (str != null && str2 != null && str3 != null) {
            String str5 = str2 + ":" + str;
            if (this.cryptoSupport.isProtected(str3)) {
                str3 = this.cryptoSupport.unprotect(str3);
            }
            str4 = getSecurityHeader(generateNonce, str5, str3, generateTimestamp);
        }
        if (str4 != null) {
            httpUriRequest.addHeader("X-WSSE", str4);
        }
        return httpUriRequest;
    }

    String upgradeServerToAPI14(String str) {
        if (str == null) {
            return null;
        }
        String replaceAll = str.replaceAll("\\/1\\.[0-3]\\/", "/1.4/");
        if (!replaceAll.equals(str)) {
            this.log.info("Analytics servers using pre-1.4 API version are not supported anymore. Converted server URL to use 1.4 API Version: " + str + " -> " + replaceAll);
        }
        return replaceAll;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v1, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v4, types: [byte[], byte[][]] */
    private String getSecurityHeader(byte[] bArr, String str, String str2, String str3) throws UnsupportedEncodingException, NoSuchAlgorithmException {
        String base64Digest = getBase64Digest(new byte[]{bArr, str3.getBytes(), str2.getBytes()});
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("UsernameToken Username=\"");
        stringBuffer.append(str);
        stringBuffer.append("\", PasswordDigest=\"");
        stringBuffer.append(base64Digest.trim());
        stringBuffer.append("\", Nonce=\"");
        stringBuffer.append(Base64.encodeBase64String(bArr));
        stringBuffer.append("\", Created=\"");
        stringBuffer.append(str3);
        stringBuffer.append("\", appkey=\"");
        stringBuffer.append(this.appKey);
        stringBuffer.append("\", appdigest=\"");
        stringBuffer.append(getBase64Digest(new byte[]{bArr, this.tokenBypassSecret.getBytes()}));
        stringBuffer.append("\", appnonce=\"");
        stringBuffer.append(Base64.encodeBase64String(bArr));
        stringBuffer.append("\", Algorithm=\"sha256\"");
        return stringBuffer.toString();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v1, types: [byte[], byte[][]] */
    private String getAppKeySecurityHeader(byte[] bArr, String str, String str2, String str3) throws UnsupportedEncodingException, NoSuchAlgorithmException {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("UsernameToken ");
        stringBuffer.append("Created=\"");
        stringBuffer.append(str3);
        stringBuffer.append("\", appkey=\"");
        stringBuffer.append(this.appKey);
        stringBuffer.append("\", appdigest=\"");
        stringBuffer.append(getBase64Digest(new byte[]{bArr, this.proxyUserSecret.getBytes()}));
        stringBuffer.append("\", appnonce=\"");
        stringBuffer.append(Base64.encodeBase64String(bArr));
        stringBuffer.append("\", proxyuser=\"");
        stringBuffer.append(str);
        stringBuffer.append("\", proxycompany=\"");
        stringBuffer.append(str2);
        stringBuffer.append("\", Algorithm=\"sha256\"");
        return stringBuffer.toString();
    }

    private synchronized String getBase64Digest(byte[]... bArr) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.reset();
        for (byte[] bArr2 : bArr) {
            messageDigest.update(bArr2);
        }
        return Base64.encodeBase64String(messageDigest.digest());
    }

    private boolean isDev(String str) {
        Iterator<String> it = this.devHostnames.iterator();
        while (it.hasNext()) {
            if (str.matches(it.next())) {
                return true;
            }
        }
        return false;
    }

    private byte[] generateNonce() {
        byte[] bArr = new byte[20];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private String generateTimestamp(Date date) {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
        return simpleDateFormat.format(date);
    }

    @Activate
    protected void activate(ComponentContext componentContext, Configuration configuration) throws RepositoryException {
        Dictionary properties = componentContext.getProperties();
        this.dataCenterURLs.addAll(Arrays.asList(configuration.cq_analytics_sitecatalyst_service_datacenter_url()));
        this.devHostnames.addAll(Arrays.asList(configuration.devhostnamepatterns()));
        this.appKey = PropertiesUtil.toString(properties.get(CFG_APPKEY), "");
        this.tokenBypassSecret = PropertiesUtil.toString(properties.get(CFG_TOKENBYPASSSECRET), "");
        this.proxyUser = PropertiesUtil.toString(properties.get(CFG_PROXYUSER), "");
        this.proxyUserSecret = PropertiesUtil.toString(properties.get(CFG_PROXYUSERSECRET), "");
        this.connectionTimeout = configuration.connection_timeout();
        if (this.connectionTimeout < 0) {
            throw new IllegalArgumentException("Connection timeout value cannot be less than 0");
        }
        this.socketTimeout = configuration.socket_timeout();
        if (this.socketTimeout < 0) {
            throw new IllegalArgumentException("Socket timeout value cannot be less than 0");
        }
    }
}
