package me.legrange.services.letsencrypt;

import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.security.KeyPair;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import me.legrange.service.Component;
import me.legrange.service.ComponentException;
import me.legrange.service.Service;
import me.legrange.services.jetty.WithJetty;
import me.legrange.services.logging.WithLogging;
import org.shredzone.acme4j.Account;
import org.shredzone.acme4j.AccountBuilder;
import org.shredzone.acme4j.Authorization;
import org.shredzone.acme4j.Certificate;
import org.shredzone.acme4j.Order;
import org.shredzone.acme4j.Session;
import org.shredzone.acme4j.Status;
import org.shredzone.acme4j.challenge.Http01Challenge;
import org.shredzone.acme4j.exception.AcmeException;
import org.shredzone.acme4j.util.CSRBuilder;
import org.shredzone.acme4j.util.KeyPairUtils;

/* loaded from: input_file:me/legrange/services/letsencrypt/LetsEncryptComponent.class */
public final class LetsEncryptComponent extends Component<Service, LetsEncryptConfig> implements WithJetty, WithLogging {
    private static LetsEncryptComponent instance;
    private LetsEncryptConfig config;
    private Map<String, String> challengeResponses;

    public LetsEncryptComponent(Service service) {
        super(service);
        this.challengeResponses = new ConcurrentHashMap();
    }

    public void start(LetsEncryptConfig letsEncryptConfig) throws ComponentException {
        this.config = letsEncryptConfig;
        instance = this;
        jetty().addEndpoint("/.well-known/acme-challenge", ChallengeEndpoint.class);
        if (!hasCertificate()) {
            service().submit(this::obtainCertificate);
            return;
        }
        try {
            activateCertificate();
            service().submit(this::scheduleRenewalCheck);
        } catch (LetsEcryptException e) {
            throw new ComponentException(e.getMessage(), e);
        }
    }

    public String getName() {
        return "letsEncrypt";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Optional<String> getChallengeResponse(String str) {
        return Optional.ofNullable(this.challengeResponses.get(str));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static LetsEncryptComponent getInstance() {
        return instance;
    }

    private void activateCertificate() throws LetsEcryptException {
        throw new LetsEcryptException("Not yet implemented");
    }

    private void obtainCertificate() {
        debug("obtainCertificate()", new Object[0]);
        try {
            try {
                TimeUnit.SECONDS.sleep(10L);
            } catch (InterruptedException e) {
            }
            createCsr(createOrder(createAccount(!hasKeys() ? obtainKeys() : loadKeys(), hasAcmeUrl())));
        } catch (LetsEcryptException e2) {
            error(e2);
        }
    }

    private void downloadCertificate(Order order) throws LetsEcryptException {
        debug("downloadCertificate()", new Object[0]);
        while (order.getStatus() != Status.VALID) {
            try {
                try {
                    TimeUnit.SECONDS.sleep(3L);
                } catch (InterruptedException e) {
                }
                order.update();
            } catch (AcmeException | IOException e2) {
                throw new LetsEcryptException(String.format("Error downloading certificate for '%s' (%s)", this.config.getDomain(), e2.getMessage()));
            }
        }
        Certificate certificate = order.getCertificate();
        FileWriter fileWriter = new FileWriter(getCertificateFileName());
        try {
            certificate.writeCertificate(fileWriter);
            fileWriter.close();
        } finally {
        }
    }

    private void createCsr(Order order) throws LetsEcryptException {
        debug("createCsr()", new Object[0]);
        KeyPair createKeyPair = KeyPairUtils.createKeyPair(2048);
        CSRBuilder cSRBuilder = new CSRBuilder();
        cSRBuilder.addDomain(this.config.getDomain());
        cSRBuilder.setOrganization(this.config.getOrganization());
        try {
            cSRBuilder.sign(createKeyPair);
            byte[] encoded = cSRBuilder.getEncoded();
            cSRBuilder.write(new FileWriter(getCertificateFileName()));
            order.execute(encoded);
        } catch (IOException | AcmeException e) {
            throw new LetsEcryptException(String.format("Error creating certificate for '%s' (%s)", this.config.getDomain(), e.getMessage()), e);
        }
    }

    private Order createOrder(Account account) throws LetsEcryptException {
        debug("createOrder()", new Object[0]);
        try {
            Order create = account.newOrder().domains(new String[]{this.config.getDomain()}).create();
            for (Authorization authorization : create.getAuthorizations()) {
                if (authorization.getStatus() != Status.VALID) {
                    Http01Challenge findChallenge = authorization.findChallenge("http-01");
                    this.challengeResponses.put(findChallenge.getToken(), findChallenge.getAuthorization());
                    findChallenge.trigger();
                }
                while (authorization.getStatus() != Status.VALID) {
                    try {
                        TimeUnit.SECONDS.sleep(3L);
                    } catch (InterruptedException e) {
                    }
                    authorization.update();
                }
            }
            return create;
        } catch (AcmeException e2) {
            throw new LetsEcryptException(String.format("Error creating certificate order for '%s' (%s)", this.config.getDomain(), e2.getMessage()), e2);
        }
    }

    private Account createAccount(KeyPair keyPair, boolean z) throws LetsEcryptException {
        debug("createAccount()", new Object[0]);
        Session session = new Session(this.config.getLetsEncryptUrl());
        try {
            AccountBuilder accountBuilder = new AccountBuilder();
            Account create = (z ? accountBuilder.onlyExisting() : accountBuilder).useKeyPair(keyPair).agreeToTermsOfService().create(session);
            if (z) {
                try {
                    FileWriter fileWriter = new FileWriter(getUrlFileName());
                    try {
                        fileWriter.write(create.getLocation().toString());
                        fileWriter.close();
                    } catch (Throwable th) {
                        try {
                            fileWriter.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } catch (IOException e) {
                    throw new LetsEcryptException(String.format("Error storing account in %s (%s)", getUrlFileName(), e.getMessage()), e);
                }
            }
            return create;
        } catch (AcmeException e2) {
            throw new LetsEcryptException(String.format("Error creating account on %s (%s)", this.config.getLetsEncryptUrl(), e2.getMessage()), e2);
        }
    }

    private KeyPair obtainKeys() throws LetsEcryptException {
        debug("obtainKeys()", new Object[0]);
        KeyPair createKeyPair = KeyPairUtils.createKeyPair(2048);
        try {
            FileWriter fileWriter = new FileWriter(getKeyFileName());
            try {
                KeyPairUtils.writeKeyPair(createKeyPair, fileWriter);
                fileWriter.close();
                return createKeyPair;
            } finally {
            }
        } catch (IOException e) {
            throw new LetsEcryptException(String.format("Error writing key pair to file '%s' (%s)", getKeyFileName(), e.getMessage()), e);
        }
    }

    private KeyPair loadKeys() throws LetsEcryptException {
        debug("loadKeys()", new Object[0]);
        try {
            return KeyPairUtils.readKeyPair(new FileReader(getKeyFileName()));
        } catch (IOException e) {
            throw new LetsEcryptException(String.format("Error loading key pair from file '%s' (%s)", getKeyFileName(), e.getMessage()), e);
        }
    }

    private void scheduleRenewalCheck() {
    }

    private boolean hasKeys() {
        return hasFile(getKeyFileName());
    }

    private boolean hasAcmeUrl() {
        return hasFile(getUrlFileName());
    }

    private boolean hasCertificate() {
        return hasFile(getCertificateFileName());
    }

    private String getUrlFileName() {
        return String.format("%s/acme.url", this.config.getDataDirectory());
    }

    private String getCsrFileName() {
        return String.format("%s/%s.csr", this.config.getDataDirectory(), this.config.getDomain());
    }

    private String getCertificateFileName() {
        return String.format("%s/%s.crt", this.config.getDataDirectory(), this.config.getDomain());
    }

    private String getKeyFileName() {
        return String.format("%s/letsencrypt.pem", this.config.getDataDirectory());
    }

    private boolean hasFile(String str) {
        return new File(str).exists();
    }
}
