package org.shredzone.acme4j;

import java.net.URI;
import java.net.URL;
import java.security.KeyPair;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import javax.annotation.ParametersAreNonnullByDefault;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.jose4j.keys.HmacKey;
import org.shredzone.acme4j.connector.Connection;
import org.shredzone.acme4j.connector.Resource;
import org.shredzone.acme4j.exception.AcmeException;
import org.shredzone.acme4j.exception.AcmeProtocolException;
import org.shredzone.acme4j.toolbox.AcmeUtils;
import org.shredzone.acme4j.toolbox.JSON;
import org.shredzone.acme4j.toolbox.JSONBuilder;
import org.shredzone.acme4j.toolbox.JoseUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ParametersAreNonnullByDefault
/* loaded from: input_file:org/shredzone/acme4j/AccountBuilder.class */
public class AccountBuilder {
    private static final Logger LOG = LoggerFactory.getLogger(AccountBuilder.class);
    private List<URI> contacts = new ArrayList();
    private Boolean termsOfServiceAgreed;
    private Boolean onlyExisting;
    private String keyIdentifier;
    private KeyPair keyPair;
    private SecretKey macKey;

    public AccountBuilder addContact(URI uri) {
        AcmeUtils.validateContact(uri);
        this.contacts.add(uri);
        return this;
    }

    public AccountBuilder addContact(String str) {
        addContact(URI.create(str));
        return this;
    }

    public AccountBuilder addEmail(String str) {
        addContact("mailto:" + str);
        return this;
    }

    public AccountBuilder agreeToTermsOfService() {
        this.termsOfServiceAgreed = true;
        return this;
    }

    public AccountBuilder onlyExisting() {
        this.onlyExisting = true;
        return this;
    }

    public AccountBuilder useKeyPair(KeyPair keyPair) {
        this.keyPair = (KeyPair) Objects.requireNonNull(keyPair, "keyPair");
        return this;
    }

    public AccountBuilder withKeyIdentifier(String str, SecretKey secretKey) {
        if (str != null && str.isEmpty()) {
            throw new IllegalArgumentException("kid must not be empty");
        }
        this.macKey = (SecretKey) Objects.requireNonNull(secretKey, "macKey");
        this.keyIdentifier = str;
        return this;
    }

    public AccountBuilder withKeyIdentifier(String str, String str2) {
        return withKeyIdentifier(str, new SecretKeySpec(AcmeUtils.base64UrlDecode((String) Objects.requireNonNull(str2, "encodedMacKey")), HmacKey.ALGORITHM));
    }

    public Account create(Session session) throws AcmeException {
        return createLogin(session).getAccount();
    }

    public Login createLogin(Session session) throws AcmeException {
        Objects.requireNonNull(session, "session");
        if (this.keyPair == null) {
            throw new IllegalStateException("Use AccountBuilder.useKeyPair() to set the account's key pair.");
        }
        LOG.debug("create");
        Connection connect = session.connect();
        Throwable th = null;
        try {
            URL resourceUrl = session.resourceUrl(Resource.NEW_ACCOUNT);
            JSONBuilder jSONBuilder = new JSONBuilder();
            if (!this.contacts.isEmpty()) {
                jSONBuilder.put("contact", this.contacts);
            }
            if (this.termsOfServiceAgreed != null) {
                jSONBuilder.put("termsOfServiceAgreed", this.termsOfServiceAgreed);
            }
            if (this.keyIdentifier != null) {
                jSONBuilder.put("externalAccountBinding", JoseUtils.createExternalAccountBinding(this.keyIdentifier, this.keyPair.getPublic(), this.macKey, resourceUrl));
            }
            if (this.onlyExisting != null) {
                jSONBuilder.put("onlyReturnExisting", this.onlyExisting);
            }
            connect.sendSignedRequest(resourceUrl, jSONBuilder, session, this.keyPair);
            URL location = connect.getLocation();
            if (location == null) {
                throw new AcmeProtocolException("Server did not provide an account location");
            }
            Login login = new Login(location, this.keyPair, session);
            JSON readJsonResponse = connect.readJsonResponse();
            if (readJsonResponse != null) {
                login.getAccount().setJSON(readJsonResponse);
            }
            return login;
        } finally {
            if (connect != null) {
                if (0 != 0) {
                    try {
                        connect.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    connect.close();
                }
            }
        }
    }
}
