package org.fenixedu.treasury.services.payments.sibspay;

import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Base64;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.Callable;
import java.util.stream.Collectors;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.fenixedu.onlinepaymentsgateway.exceptions.OnlinePaymentsGatewayCommunicationException;
import org.fenixedu.treasury.domain.document.InvoiceEntry;
import org.fenixedu.treasury.domain.forwardpayments.ForwardPaymentRequest;
import org.fenixedu.treasury.domain.paymentcodes.SibsPaymentRequest;
import org.fenixedu.treasury.domain.payments.PaymentRequest;
import org.fenixedu.treasury.domain.payments.PaymentRequestLog;
import org.fenixedu.treasury.domain.payments.PaymentTransaction;
import org.fenixedu.treasury.domain.sibspay.SibsPayPlatform;
import org.fenixedu.treasury.domain.sibspaymentsgateway.MbwayRequest;
import org.fenixedu.treasury.services.integration.ITreasuryPlatformDependentServices;
import org.fenixedu.treasury.services.integration.TreasuryPlataformDependentServicesFactory;
import org.fenixedu.treasury.services.integration.erp.sap.SAPExporter;
import org.fenixedu.treasury.services.payments.sibspay.model.SibsPayWebhookNotification;
import org.fenixedu.treasury.services.payments.sibspay.model.SibsPayWebhookNotificationResponse;
import org.fenixedu.treasury.services.payments.sibspay.model.SibsPayWebhookNotificationWrapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pt.ist.esw.advice.Advice;
import pt.ist.esw.advice.pt.ist.fenixframework.AtomicInstance;
import pt.ist.fenixframework.Atomic;
import pt.ist.fenixframework.FenixFramework;
import pt.ist.fenixframework.atomic.AtomicContextFactory;

@Path("/sibspaywebhook")
/* loaded from: input_file:org/fenixedu/treasury/services/payments/sibspay/SibsPayWebhookController.class */
public class SibsPayWebhookController {
    private static final String PROVIDER_NAME = "BC";
    private static final String NOTIFICATION_URI = "/";
    public static final Advice advice$createLog = AtomicContextFactory.getInstance().newAdvice(new AtomicInstance(Atomic.TxMode.WRITE, true));
    private static final Logger logger = LoggerFactory.getLogger(SibsPayWebhookController.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/fenixedu/treasury/services/payments/sibspay/SibsPayWebhookController$UnableToDecryptException.class */
    public class UnableToDecryptException extends Exception {
        public UnableToDecryptException(Throwable th) {
            super(th);
        }
    }

    @POST
    @Path(NOTIFICATION_URI)
    @Consumes({"text/plain"})
    public Response notification(String str, @Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) {
        SibsPayWebhookNotification deserializeWebhookNotification;
        PaymentRequestLog createLog = createLog();
        String header = httpServletRequest.getHeader("X-Initialization-Vector");
        String header2 = httpServletRequest.getHeader("X-Authentication-Tag");
        FenixFramework.atomic(() -> {
            createLog.saveWebhookNotificationData(header, header2, str);
        });
        Optional empty = Optional.empty();
        Optional empty2 = Optional.empty();
        boolean z = false;
        try {
            try {
                for (SibsPayPlatform sibsPayPlatform : (List) SibsPayPlatform.findAllActive().collect(Collectors.toList())) {
                    try {
                        String decrypt = decrypt(sibsPayPlatform.getSecretKey(), header, header2, str);
                        FenixFramework.atomic(() -> {
                            createLog.saveRequest(decrypt);
                        });
                        deserializeWebhookNotification = SibsPayAPIService.deserializeWebhookNotification(decrypt);
                    } catch (UnableToDecryptException e) {
                    }
                    if (StringUtils.isNotEmpty(deserializeWebhookNotification.getNotificationID())) {
                        empty2 = Optional.of(new SibsPayWebhookNotificationWrapper(deserializeWebhookNotification));
                        empty = Optional.of(sibsPayPlatform);
                        break;
                    }
                }
                if (empty.isEmpty() || empty2.isEmpty()) {
                    throw new RuntimeException("the system was not able to decrypt or integration is down");
                }
                SibsPayPlatform sibsPayPlatform2 = (SibsPayPlatform) empty.get();
                logger.debug("Using SibsPayPlatform: " + sibsPayPlatform2.getName());
                SibsPayWebhookNotificationWrapper sibsPayWebhookNotificationWrapper = (SibsPayWebhookNotificationWrapper) empty2.get();
                ITreasuryPlatformDependentServices implementation = TreasuryPlataformDependentServicesFactory.implementation();
                if (StringUtils.isEmpty(TreasuryPlataformDependentServicesFactory.implementation().getLoggedUsername()) && StringUtils.isNotEmpty(sibsPayPlatform2.getApplicationUsernameForAutomaticOperations())) {
                    implementation.setCurrentApplicationUser(sibsPayPlatform2.getApplicationUsernameForAutomaticOperations());
                    z = true;
                    logger.debug("Mocked user with " + sibsPayPlatform2.getApplicationUsernameForAutomaticOperations());
                }
                FenixFramework.atomic(() -> {
                    createLog.setExternalTransactionId(sibsPayWebhookNotificationWrapper.getTransactionId());
                    createLog.setStatusCode(sibsPayWebhookNotificationWrapper.getOperationStatusCode());
                    createLog.setStatusMessage(sibsPayWebhookNotificationWrapper.getOperationStatusMessage());
                    createLog.setTransactionWithPayment(sibsPayWebhookNotificationWrapper.isPaid());
                    createLog.setOperationSuccess(sibsPayWebhookNotificationWrapper.isOperationSuccess());
                    createLog.savePaymentTypeAndBrand(sibsPayWebhookNotificationWrapper.getPaymentType(), sibsPayWebhookNotificationWrapper.getPaymentBrand());
                });
                Optional findFirst = sibsPayPlatform2.getPaymentRequestsSet().stream().filter(paymentRequest -> {
                    return sibsPayWebhookNotificationWrapper.getTransactionId().equals(paymentRequest.getTransactionId());
                }).findFirst();
                if (!findFirst.isPresent()) {
                    logger.info("Transaction not found, maybe was generated in other system: '%s' - '%s'. Return ok...".formatted(sibsPayWebhookNotificationWrapper.getMerchantTransactionId(), sibsPayWebhookNotificationWrapper.getTransactionId()));
                    Response build = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                    if (z) {
                        TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                        logger.debug("Unmocked user");
                    }
                    return build;
                }
                PaymentRequest paymentRequest2 = (PaymentRequest) findFirst.get();
                FenixFramework.atomic(() -> {
                    createLog.setInternalMerchantTransactionId(paymentRequest2.getMerchantTransactionId());
                    createLog.setPaymentRequest(paymentRequest2);
                    createLog.setStateCode(paymentRequest2.getCurrentState().getCode());
                    createLog.setStateDescription(paymentRequest2.getCurrentState().getLocalizedName());
                });
                if (sibsPayWebhookNotificationWrapper.isPaid()) {
                    if (PaymentTransaction.isTransactionDuplicate(sibsPayWebhookNotificationWrapper.getTransactionId())) {
                        FenixFramework.atomic(() -> {
                            createLog.markAsDuplicatedTransaction();
                        });
                        logger.debug("The transaction is duplicate. Nothing to do, return: " + sibsPayWebhookNotificationWrapper.getTransactionId());
                        Response build2 = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                        if (z) {
                            TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                            logger.debug("Unmocked user");
                        }
                        return build2;
                    }
                    if (!(paymentRequest2 instanceof SibsPaymentRequest) && !paymentRequest2.isInCreatedState() && !paymentRequest2.isInRequestedState()) {
                        throw new RuntimeException("The notification is a successful payment but the paymentRequest is already processed or annuled. Please check");
                    }
                    sibsPayWebhookNotificationWrapper.checkIfNotificationIsPaidAndPaymentReferenceIsAlsoInPaidStatus();
                }
                if (sibsPayWebhookNotificationWrapper.isPending()) {
                    logger.debug("The notification is pending status. Nothing to do, return...: " + sibsPayWebhookNotificationWrapper.getTransactionId());
                    Response build3 = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                    if (z) {
                        TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                        logger.debug("Unmocked user");
                    }
                    return build3;
                }
                if (!sibsPayWebhookNotificationWrapper.isPaid()) {
                    if (!sibsPayWebhookNotificationWrapper.isExpired() && !sibsPayWebhookNotificationWrapper.isDeclined()) {
                        logger.info("Unknown state, nothing to do, return with successful response: " + sibsPayWebhookNotificationWrapper.getTransactionId());
                        Response build4 = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                        if (z) {
                            TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                            logger.debug("Unmocked user");
                        }
                        return build4;
                    }
                    logger.debug("The notification is expired or declined. Reject payment request...: " + sibsPayWebhookNotificationWrapper.getTransactionId());
                    FenixFramework.atomic(() -> {
                        sibsPayPlatform2.rejectRequest(paymentRequest2, createLog, sibsPayWebhookNotificationWrapper);
                    });
                    Response build5 = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                    if (z) {
                        TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                        logger.debug("Unmocked user");
                    }
                    return build5;
                }
                logger.debug("The notification paid. Registering payment: " + sibsPayWebhookNotificationWrapper.getTransactionId());
                if (paymentRequest2 instanceof ForwardPaymentRequest) {
                    sibsPayPlatform2.processForwardPaymentFromWebhook(createLog, sibsPayWebhookNotificationWrapper);
                    Response build6 = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                    if (z) {
                        TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                        logger.debug("Unmocked user");
                    }
                    return build6;
                }
                if (paymentRequest2 instanceof SibsPaymentRequest) {
                    sibsPayPlatform2.processPaymentReferenceCodeTransaction(createLog, sibsPayWebhookNotificationWrapper);
                    Response build7 = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                    if (z) {
                        TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                        logger.debug("Unmocked user");
                    }
                    return build7;
                }
                if (!(paymentRequest2 instanceof MbwayRequest)) {
                    throw new RuntimeException("unknown payment request type");
                }
                sibsPayPlatform2.processMbwayTransaction(createLog, sibsPayWebhookNotificationWrapper);
                Response build8 = Response.ok(response(sibsPayWebhookNotificationWrapper), "application/json").build();
                if (z) {
                    TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                    logger.debug("Unmocked user");
                }
                return build8;
            } catch (Exception e2) {
                logger.error(e2.getLocalizedMessage(), e2);
                FenixFramework.atomic(() -> {
                    createLog.logException(e2);
                });
                if (e2 instanceof OnlinePaymentsGatewayCommunicationException) {
                    OnlinePaymentsGatewayCommunicationException onlinePaymentsGatewayCommunicationException = e2;
                    FenixFramework.atomic(() -> {
                        createLog.saveRequest(onlinePaymentsGatewayCommunicationException.getRequestLog());
                        createLog.saveResponse(onlinePaymentsGatewayCommunicationException.getResponseLog());
                    });
                }
                Response build9 = Response.serverError().build();
                if (0 != 0) {
                    TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                    logger.debug("Unmocked user");
                }
                return build9;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                TreasuryPlataformDependentServicesFactory.implementation().removeCurrentApplicationUser();
                logger.debug("Unmocked user");
            }
            throw th;
        }
    }

    private SibsPayWebhookNotificationResponse response(SibsPayWebhookNotificationWrapper sibsPayWebhookNotificationWrapper) {
        return new SibsPayWebhookNotificationResponse(Integer.valueOf(InvoiceEntry.MAX_DESCRIPTION_LENGTH), "Success", sibsPayWebhookNotificationWrapper.getNotificationID());
    }

    private String decrypt(String str, String str2, String str3, String str4) throws UnableToDecryptException {
        byte[] decode = Base64.getDecoder().decode(str);
        byte[] decode2 = Base64.getDecoder().decode(str2);
        byte[] addAll = ArrayUtils.addAll(Base64.getDecoder().decode(str4), Base64.getDecoder().decode(str3));
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(decode, 0, 32, "AES");
            Cipher cipherInstance = getCipherInstance();
            cipherInstance.init(2, secretKeySpec, new IvParameterSpec(decode2));
            return new String(cipherInstance.doFinal(addAll), SAPExporter.SAFT_PT_ENCODING);
        } catch (UnsupportedEncodingException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            logger.error(e.getMessage());
            throw new UnableToDecryptException(e);
        }
    }

    protected static Cipher getCipherInstance() throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException {
        return Cipher.getInstance("AES/GCM/NoPadding", PROVIDER_NAME);
    }

    private PaymentRequestLog createLog() {
        return (PaymentRequestLog) advice$createLog.perform(new Callable<PaymentRequestLog>(this) { // from class: org.fenixedu.treasury.services.payments.sibspay.SibsPayWebhookController$callable$createLog
            private final SibsPayWebhookController arg0;

            {
                this.arg0 = this;
            }

            @Override // java.util.concurrent.Callable
            public PaymentRequestLog call() {
                return SibsPayWebhookController.advised$createLog(this.arg0);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ PaymentRequestLog advised$createLog(SibsPayWebhookController sibsPayWebhookController) {
        return new PaymentRequestLog("webhookNotification");
    }
}
