package com.yeepay.yop.sdk.base.auth.credentials.provider;

import com.yeepay.shade.com.google.common.collect.Maps;
import com.yeepay.shade.org.apache.commons.collections4.CollectionUtils;
import com.yeepay.shade.org.apache.commons.lang3.StringUtils;
import com.yeepay.yop.sdk.YopConstants;
import com.yeepay.yop.sdk.auth.credentials.PKICredentialsItem;
import com.yeepay.yop.sdk.auth.credentials.YopPlatformCredentials;
import com.yeepay.yop.sdk.auth.credentials.YopPlatformCredentialsHolder;
import com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider;
import com.yeepay.yop.sdk.base.cache.YopCertificateCache;
import com.yeepay.yop.sdk.exception.YopClientException;
import com.yeepay.yop.sdk.security.CertTypeEnum;
import com.yeepay.yop.sdk.utils.X509CertUtils;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/yeepay/yop/sdk/base/auth/credentials/provider/YopBasePlatformCredentialsProvider.class */
public abstract class YopBasePlatformCredentialsProvider implements YopPlatformCredentialsProvider {
    protected static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) YopBasePlatformCredentialsProvider.class);
    protected Map<String, YopPlatformCredentials> credentialsMap = Maps.newConcurrentMap();

    @Override // com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider
    public YopPlatformCredentials getCredentials(String str, String str2) {
        return getCredentials(str, str2, null);
    }

    @Override // com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider
    public YopPlatformCredentials getCredentials(String str, String str2, String str3) {
        return getCredentials("", "", str, str2, str3);
    }

    private String cacheKey(String str, String str2, String str3, String str4) {
        return StringUtils.defaultString(str, "") + ":" + StringUtils.defaultString(str2, "") + ":" + str3 + ":" + str4;
    }

    @Override // com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider
    public YopPlatformCredentials getCredentials(String str, String str2, String str3, String str4, String str5) {
        if (StringUtils.isBlank(str4)) {
            throw new YopClientException("ReqParam Illegal, PlatformCert SerialNo NotSpecified");
        }
        YopPlatformCredentials computeIfAbsent = this.credentialsMap.computeIfAbsent(cacheKey(str, str2, str3, str4), str6 -> {
            if (str4.equals(YopConstants.YOP_RSA_PLATFORM_CERT_DEFAULT_SERIAL_NO)) {
                PublicKey loadLocalRsaKey = loadLocalRsaKey(str, str2, str3, str4);
                if (null == loadLocalRsaKey) {
                    throw new YopClientException("ConfigProblem, LocalRsaCert NotFound, provider:" + str + ",env:" + str2 + ",serialNo:" + str4);
                }
                return convertCredentials(str3, CertTypeEnum.RSA2048.getValue(), loadLocalRsaKey, YopConstants.YOP_RSA_PLATFORM_CERT_DEFAULT_SERIAL_NO);
            }
            YopPlatformCredentials loadCredentialsFromStore = loadCredentialsFromStore(str, str2, str3, str4);
            if (null != loadCredentialsFromStore) {
                return loadCredentialsFromStore;
            }
            X509Certificate loadRemoteSm2Cert = loadRemoteSm2Cert(str, str2, str3, str4, str5);
            if (null == loadRemoteSm2Cert) {
                throw new YopClientException("ConfigProblem, LocalRsaCert NotFound, provider:" + str + ",env:" + str2 + ",serialNo:" + str4);
            }
            return storeCredentials(str, str2, str3, CertTypeEnum.SM2.name(), loadRemoteSm2Cert);
        });
        if (null != computeIfAbsent) {
            String serialNo = computeIfAbsent.getSerialNo();
            if (!StringUtils.equals(serialNo, str4)) {
                this.credentialsMap.put(cacheKey(str, str2, str3, serialNo), computeIfAbsent);
            }
        }
        return computeIfAbsent;
    }

    protected abstract YopPlatformCredentials loadCredentialsFromStore(String str, String str2);

    protected YopPlatformCredentials loadCredentialsFromStore(String str, String str2, String str3, String str4) {
        return loadCredentialsFromStore(str3, str4);
    }

    protected X509Certificate loadRemoteSm2Cert(String str, String str2) {
        return loadRemoteSm2Cert(str, str2, null);
    }

    protected X509Certificate loadRemoteSm2Cert(String str, String str2, String str3) {
        return loadRemoteSm2Cert("", "", str, str2, str3);
    }

    protected X509Certificate loadRemoteSm2Cert(String str, String str2, String str3, String str4, String str5) {
        List<X509Certificate> loadPlatformSm2Certs = YopCertificateCache.loadPlatformSm2Certs(str, str2, str3, str4, str5);
        if (CollectionUtils.isNotEmpty(loadPlatformSm2Certs)) {
            return loadPlatformSm2Certs.get(0);
        }
        return null;
    }

    protected X509Certificate loadLocalRsaCert(String str, String str2) {
        return loadLocalRsaCert("", "", str, str2);
    }

    protected X509Certificate loadLocalRsaCert(String str, String str2, String str3, String str4) {
        return YopCertificateCache.getYopPlatformRsaCertFromLocal(str, str2, str3, str4);
    }

    protected PublicKey loadLocalRsaKey(String str, String str2, String str3, String str4) {
        return YopCertificateCache.getYopPlatformRsaKeyFromLocal(str, str2, str3, str4);
    }

    @Override // com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider
    public YopPlatformCredentials getLatestCredentials(String str, String str2) {
        return getLatestCredentials(str, str2, null);
    }

    @Override // com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider
    public YopPlatformCredentials getLatestCredentials(String str, String str2, String str3) {
        return getLatestCredentials("", "", str, str2, str3);
    }

    @Override // com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider
    public YopPlatformCredentials getLatestCredentials(String str, String str2, String str3, String str4, String str5) {
        try {
            CertTypeEnum parse = CertTypeEnum.parse(str4);
            return CertTypeEnum.RSA2048.equals(parse) ? getCredentials(str, str2, str3, YopConstants.YOP_RSA_PLATFORM_CERT_DEFAULT_SERIAL_NO, str5) : getSm2Credentials(str, str2, str3, parse, str5);
        } catch (Exception e) {
            LOGGER.warn("getLatestCredentials error, ex:", (Throwable) e);
            LOGGER.warn("No YopPlatformCredentials Found For provider:{}, env:{}, appKey:{}, credentialType:{}", str, str2, str3, str4);
            return null;
        }
    }

    private YopPlatformCredentials getSm2Credentials(String str, String str2, String str3, CertTypeEnum certTypeEnum, String str4) {
        List<X509Certificate> reloadPlatformSm2Certs;
        try {
            reloadPlatformSm2Certs = YopCertificateCache.loadPlatformSm2Certs(str, str2, str3, "", str4);
            if (CollectionUtils.isNotEmpty(reloadPlatformSm2Certs) && X509CertUtils.checkCertDate(str, str2, reloadPlatformSm2Certs.get(0))) {
                YopCertificateCache.refreshPlatformSm2Certs(str, str2, str3, "", str4);
            }
        } catch (CertificateException e) {
            LOGGER.warn("YopPlatformCredentials expired and need reload, appKey:" + str3 + ", credentialType:" + certTypeEnum + ", ex", (Throwable) e);
            reloadPlatformSm2Certs = YopCertificateCache.reloadPlatformSm2Certs(str, str2, str3, "", str4);
        }
        if (CollectionUtils.isEmpty(reloadPlatformSm2Certs)) {
            LOGGER.warn("No YopPlatformCredentials Found For appKey:{}, credentialType:{}", str3, certTypeEnum);
            return null;
        }
        YopPlatformCredentials storeCredentials = storeCredentials(str, str2, str3, CertTypeEnum.SM2.name(), reloadPlatformSm2Certs.get(0));
        this.credentialsMap.put(cacheKey(str, str2, str3, storeCredentials.getSerialNo()), storeCredentials);
        return storeCredentials;
    }

    @Override // com.yeepay.yop.sdk.auth.credentials.provider.YopPlatformCredentialsProvider
    public YopPlatformCredentials storeCredentials(String str, String str2, String str3, String str4, X509Certificate x509Certificate) {
        return storeCredentials(str3, str4, x509Certificate);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public YopPlatformCredentials convertCredentials(String str, String str2, X509Certificate x509Certificate) {
        if (null == x509Certificate) {
            return null;
        }
        return new YopPlatformCredentialsHolder().withCredentials(new PKICredentialsItem(x509Certificate.getPublicKey(), CertTypeEnum.parse(str2))).withSerialNo(X509CertUtils.parseToHex(x509Certificate.getSerialNumber().toString())).withAppKey(str);
    }

    protected YopPlatformCredentials convertCredentials(String str, String str2, PublicKey publicKey, String str3) {
        if (null == publicKey) {
            return null;
        }
        return new YopPlatformCredentialsHolder().withCredentials(new PKICredentialsItem(publicKey, CertTypeEnum.parse(str2))).withSerialNo(str3).withAppKey(str);
    }
}
