package net.eightlives.friendlyssl.controller;

import net.eightlives.friendlyssl.config.FriendlySSLConfig;
import net.eightlives.friendlyssl.model.CertificateRenewal;
import net.eightlives.friendlyssl.service.CertificateCreateRenewService;
import net.eightlives.friendlyssl.service.PKCS12KeyStoreService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/friendly-ssl/certificate"})
@ConditionalOnExpression("'${friendly-ssl.endpoints-include}'.contains('certificate')")
@RestController
/* loaded from: input_file:net/eightlives/friendlyssl/controller/CertificateController.class */
public class CertificateController {
    private static final Logger LOG = LoggerFactory.getLogger(CertificateController.class);
    private final FriendlySSLConfig config;
    private final CertificateCreateRenewService createRenewService;
    private final PKCS12KeyStoreService keyStoreService;

    public CertificateController(FriendlySSLConfig friendlySSLConfig, CertificateCreateRenewService certificateCreateRenewService, PKCS12KeyStoreService pKCS12KeyStoreService) {
        this.config = friendlySSLConfig;
        this.createRenewService = certificateCreateRenewService;
        this.keyStoreService = pKCS12KeyStoreService;
    }

    @GetMapping(path = {"/order"}, produces = {"application/json"})
    public ResponseEntity<CertificateRenewal> order() {
        CertificateRenewal renewCertificate = this.keyStoreService.getCertificate(this.config.getCertificateKeyAlias()).isPresent() ? this.createRenewService.renewCertificate() : this.createRenewService.createCertificate();
        switch (renewCertificate.getStatus()) {
            case ALREADY_VALID:
            case SUCCESS:
                return ResponseEntity.ok(renewCertificate);
            case ERROR:
                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
            default:
                LOG.error("Unknown CertificateRenewal " + renewCertificate.getStatus().name() + ". This is most likely a build problem.");
                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
        }
    }
}
