package net.eightlives.friendlyssl.service;

import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.Reader;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.NoSuchFileException;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyPair;
import net.eightlives.friendlyssl.config.FriendlySSLConfig;
import net.eightlives.friendlyssl.exception.FriendlySSLException;
import net.eightlives.friendlyssl.factory.AccountBuilderFactory;
import org.shredzone.acme4j.Login;
import org.shredzone.acme4j.Session;
import org.shredzone.acme4j.exception.AcmeException;
import org.shredzone.acme4j.exception.AcmeServerException;
import org.shredzone.acme4j.exception.AcmeUserActionRequiredException;
import org.shredzone.acme4j.util.KeyPairUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:net/eightlives/friendlyssl/service/AcmeAccountService.class */
public class AcmeAccountService {
    private static final Logger LOG = LoggerFactory.getLogger(AcmeAccountService.class);
    private static final URI ACCOUNT_NOT_EXISTS = URI.create("urn:ietf:params:acme:error:accountDoesNotExist");
    private final FriendlySSLConfig config;
    private final TermsOfServiceService termsOfServiceService;
    private final AccountBuilderFactory accountBuilderFactory;

    public AcmeAccountService(FriendlySSLConfig friendlySSLConfig, TermsOfServiceService termsOfServiceService, AccountBuilderFactory accountBuilderFactory) {
        this.config = friendlySSLConfig;
        this.termsOfServiceService = termsOfServiceService;
        this.accountBuilderFactory = accountBuilderFactory;
    }

    public Login getOrCreateAccountLogin(Session session) {
        URI termsOfServiceLink = this.termsOfServiceService.getTermsOfServiceLink(session);
        try {
            try {
                Reader keyReader = getKeyReader(this.config.getAccountPrivateKeyFile());
                try {
                    KeyPair readKeyPair = KeyPairUtils.readKeyPair(keyReader);
                    try {
                        Login createLogin = this.accountBuilderFactory.accountBuilder().useKeyPair(readKeyPair).onlyExisting().createLogin(session);
                        LOG.info("Using existing account login");
                        if (keyReader != null) {
                            keyReader.close();
                        }
                        return createLogin;
                    } catch (AcmeServerException e) {
                        if (!e.getProblem().getType().equals(ACCOUNT_NOT_EXISTS)) {
                            throw e;
                        }
                        if (!this.termsOfServiceService.termsAccepted(termsOfServiceLink)) {
                            this.termsOfServiceService.writeTermsLink(termsOfServiceLink, false);
                            throw new FriendlySSLException("Account does not exist. Terms of service must be accepted in file " + this.config.getTermsOfServiceFile() + " before account can be created");
                        }
                        LOG.info("Account does not exist. Creating account.");
                        Login createLogin2 = this.accountBuilderFactory.accountBuilder().useKeyPair(readKeyPair).addEmail(this.config.getAccountEmail()).agreeToTermsOfService().createLogin(session);
                        if (keyReader != null) {
                            keyReader.close();
                        }
                        return createLogin2;
                    }
                } catch (Throwable th) {
                    if (keyReader != null) {
                        try {
                            keyReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (AcmeUserActionRequiredException e2) {
                LOG.error("Account retrieval failed due to user action required (terms of service probably changed). See " + e2.getInstance() + " and if the terms of service did change, accept the terms in file " + this.config.getTermsOfServiceFile(), e2);
                this.termsOfServiceService.writeTermsLink(termsOfServiceLink, false);
                throw new FriendlySSLException((Throwable) e2);
            }
        } catch (IOException | AcmeException e3) {
            LOG.error("Error while retrieving or creating ACME Login");
            throw new FriendlySSLException(e3);
        }
    }

    private Reader getKeyReader(String str) throws IOException {
        try {
            return Files.newBufferedReader(Path.of(str, new String[0]));
        } catch (NoSuchFileException e) {
            KeyPair createKeyPair = KeyPairUtils.createKeyPair(2048);
            BufferedWriter newBufferedWriter = Files.newBufferedWriter(Path.of(str, new String[0]), new OpenOption[0]);
            try {
                KeyPairUtils.writeKeyPair(createKeyPair, newBufferedWriter);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                KeyPairUtils.writeKeyPair(createKeyPair, new OutputStreamWriter(byteArrayOutputStream));
                byteArrayOutputStream.flush();
                InputStreamReader inputStreamReader = new InputStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
                if (newBufferedWriter != null) {
                    newBufferedWriter.close();
                }
                return inputStreamReader;
            } catch (Throwable th) {
                if (newBufferedWriter != null) {
                    try {
                        newBufferedWriter.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }
}
