package eu.europa.esig.dss.spi.x509.aia;

import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.client.http.DataLoader;
import eu.europa.esig.dss.spi.client.http.NativeHTTPDataLoader;
import eu.europa.esig.dss.spi.client.http.Protocol;
import eu.europa.esig.dss.spi.x509.aia.OnlineAIASource;
import eu.europa.esig.dss.utils.Utils;
import java.io.ByteArrayInputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/spi/x509/aia/DefaultAIASource.class */
public class DefaultAIASource implements OnlineAIASource {
    private static final long serialVersionUID = 3968373722847675203L;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) DefaultAIASource.class);
    private DataLoader dataLoader;
    private Collection<Protocol> acceptedProtocols;

    public DefaultAIASource() {
        this(new NativeHTTPDataLoader());
    }

    public DefaultAIASource(DataLoader dataLoader) {
        this.acceptedProtocols = Arrays.asList(Protocol.values());
        Objects.requireNonNull(dataLoader, "dataLoader cannot be null!");
        this.dataLoader = dataLoader;
    }

    @Override // eu.europa.esig.dss.spi.x509.aia.OnlineAIASource
    public void setDataLoader(DataLoader dataLoader) {
        Objects.requireNonNull(dataLoader, "dataLoader cannot be null!");
        this.dataLoader = dataLoader;
    }

    public void setAcceptedProtocols(Collection<Protocol> collection) {
        this.acceptedProtocols = collection;
    }

    @Override // eu.europa.esig.dss.spi.x509.aia.AIASource
    public Set<CertificateToken> getCertificatesByAIA(CertificateToken certificateToken) {
        List<OnlineAIASource.CertificatesAndAIAUrl> certificatesAndAIAUrls = getCertificatesAndAIAUrls(certificateToken);
        if (!Utils.isCollectionNotEmpty(certificatesAndAIAUrls)) {
            return Collections.emptySet();
        }
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Iterator<OnlineAIASource.CertificatesAndAIAUrl> it = certificatesAndAIAUrls.iterator();
        while (it.hasNext()) {
            List<CertificateToken> certificates = it.next().getCertificates();
            if (Utils.isCollectionNotEmpty(certificates)) {
                linkedHashSet.addAll(certificates);
            }
        }
        return linkedHashSet;
    }

    @Override // eu.europa.esig.dss.spi.x509.aia.OnlineAIASource
    public List<OnlineAIASource.CertificatesAndAIAUrl> getCertificatesAndAIAUrls(CertificateToken certificateToken) {
        List<String> cAAccessLocations = DSSASN1Utils.getCAAccessLocations(certificateToken);
        if (Utils.isCollectionEmpty(cAAccessLocations)) {
            LOG.info("There is no AIA extension for certificate download.");
            return Collections.emptyList();
        }
        if (this.dataLoader == null) {
            LOG.warn("There is no DataLoader defined to load Certificates from AIA extension (urls : {})", cAAccessLocations);
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (String str : cAAccessLocations) {
            if (isUrlAccepted(str)) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Loading certificate(s) from '{}'.", str);
                }
                try {
                    byte[] bArr = this.dataLoader.get(str);
                    List<CertificateToken> emptyList = Collections.emptyList();
                    if (Utils.isArrayNotEmpty(bArr)) {
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Base64 content : {}", Utils.toBase64(bArr));
                        }
                        try {
                            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                            try {
                                emptyList = DSSUtils.loadCertificateFromP7c(byteArrayInputStream);
                                if (LOG.isDebugEnabled()) {
                                    LOG.debug("{} certificate(s) loaded from '{}'", Integer.valueOf(emptyList.size()), str);
                                }
                                byteArrayInputStream.close();
                            } catch (Throwable th) {
                                try {
                                    byteArrayInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                                throw th;
                                break;
                            }
                        } catch (Exception e) {
                            if (LOG.isDebugEnabled()) {
                                LOG.warn("Unable to parse certificate(s) from AIA (url: {}) : {}", str, e.getMessage(), e);
                            } else {
                                LOG.warn("Unable to parse certificate(s) from AIA (url: {}) : {}", str, e.getMessage());
                            }
                        }
                    } else {
                        LOG.warn("Empty content from {}.", str);
                    }
                    arrayList.add(new OnlineAIASource.CertificatesAndAIAUrl(str, emptyList));
                } catch (Exception e2) {
                    if (LOG.isDebugEnabled()) {
                        LOG.warn("Unable to download certificate from '{}': {}", str, e2.getMessage(), e2);
                    } else {
                        LOG.warn("Unable to download certificate from '{}': {}", str, e2.getMessage());
                    }
                }
            } else if (LOG.isDebugEnabled()) {
                LOG.debug("The url '{}' is not accepted by the defined collection of Protocols. The entry is skipped.", str);
            }
        }
        return arrayList;
    }

    private boolean isUrlAccepted(String str) {
        if (!Utils.isCollectionNotEmpty(this.acceptedProtocols)) {
            return false;
        }
        Iterator<Protocol> it = this.acceptedProtocols.iterator();
        while (it.hasNext()) {
            if (it.next().isTheSame(str)) {
                return true;
            }
        }
        return false;
    }
}
