package com.alfaariss.oa.util.saml2;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.requestor.IRequestor;
import java.io.Serializable;
import java.util.Date;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.asimba.util.saml2.metadata.provider.IMetadataProviderManager;
import org.asimba.util.saml2.metadata.provider.MetadataProviderConfiguration;
import org.asimba.util.saml2.metadata.provider.MetadataProviderUtil;
import org.asimba.util.saml2.metadata.provider.management.MdMgrManager;
import org.asimba.utility.filesystem.PathTranslator;
import org.joda.time.format.ISODateTimeFormat;
import org.opensaml.saml2.metadata.provider.AbstractReloadingMetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alfaariss/oa/util/saml2/SAML2Requestor.class */
public class SAML2Requestor implements Serializable {
    private static final long serialVersionUID = 2093412253512956568L;
    private static Log _logger = LogFactory.getLog(SAML2Requestor.class);
    public static final int HTTP_METADATA_REQUEST_TIMEOUT = 5000;
    protected String _sID;
    protected MetadataProviderConfiguration _oMetadataProviderConfig;
    protected boolean _bSigning;
    protected Date _dLastModified;
    protected String _sMPMId;
    protected transient MetadataProvider _oMetadataProvider;
    private static final String PROPERTY_SIGNING = ".signing";
    private static final String PROPERTY_METADATA_HTTP_TIMEOUT = ".metadata.http.timeout";
    private static final String PROPERTY_METADATA_HTTP_URL = ".metadata.http.url";
    private static final String METADATA_FILE = ".metadata.file";
    private static final String METADATA = ".metadata";
    public static final int DEFAULT_HTTP_CONNECT_TIMEOUT = 3000;
    public static final int DEFAULT_HTTP_READ_TIMEOUT = 3000;

    public SAML2Requestor(IConfigurationManager iConfigurationManager, Element element, boolean z, String str) throws OAException {
        this._sMPMId = null;
        try {
            this._sID = iConfigurationManager.getParam(element, "id");
            if (this._sID == null) {
                _logger.error("No 'id' item found in 'requestor' section in configuration");
                throw new OAException(17);
            }
            this._bSigning = false;
            String param = iConfigurationManager.getParam(element, SAML2Requestors.ATTR_SIGNING);
            if (param == null) {
                _logger.warn("No optional 'signing' item found in configuration for requestor with id: " + this._sID);
                this._bSigning = z;
            } else if (param.equalsIgnoreCase("TRUE")) {
                this._bSigning = true;
            } else if (!param.equalsIgnoreCase("FALSE")) {
                _logger.error("Invalid 'signing' item found in configuration (must be true or false) for requestor with id: " + this._sID);
                throw new OAException(17);
            }
            _logger.info("Using signing enabled: " + this._bSigning);
            String param2 = iConfigurationManager.getParam(element, "lastmodified");
            this._dLastModified = null;
            if (param2 != null) {
                try {
                    this._dLastModified = ISODateTimeFormat.dateTimeNoMillis().parseDateTime(param2).toDate();
                } catch (IllegalArgumentException e) {
                    _logger.warn("Invalid 'lastmodified' timestamp provided: " + param2 + "; ignoring.");
                    this._dLastModified = null;
                }
            }
            this._sMPMId = str;
            if (MdMgrManager.getInstance().getMetadataProviderManager(this._sMPMId) == null) {
                _logger.warn("The MetadataProviderManager '" + this._sMPMId + "' does not (yet?) exist!");
            }
            this._oMetadataProviderConfig = getMetadataConfigFromConfig(iConfigurationManager, element);
            initMetadataProvider();
        } catch (OAException e2) {
            throw e2;
        } catch (Exception e3) {
            _logger.fatal("Internal error while reading requestors configuration", e3);
            throw new OAException(1);
        }
    }

    public SAML2Requestor(IRequestor iRequestor, boolean z, String str, String str2) throws OAException {
        this._sMPMId = null;
        try {
            this._sID = iRequestor.getID();
            Map<?, ?> properties = iRequestor.getProperties();
            initFromProperties(properties, z, str);
            this._sMPMId = str2;
            if (MdMgrManager.getInstance().getMetadataProviderManager(this._sMPMId) == null) {
                _logger.warn("The MetadataProviderManager '" + this._sMPMId + "' does not (yet?) exist!");
            }
            this._oMetadataProviderConfig = getMetadataConfigFromProperties(properties, str);
        } catch (Exception e) {
            _logger.fatal("Internal error while reading SAML2 attributes for requestor: " + iRequestor.getID(), e);
            throw new OAException(1);
        } catch (OAException e2) {
            _logger.error("Exception when initializing MetadataProvider: " + e2.getMessage());
            throw e2;
        }
    }

    private void initFromProperties(Map<?, ?> map, boolean z, String str) throws OAException {
        this._bSigning = false;
        String str2 = (String) map.get(str + PROPERTY_SIGNING);
        if (str2 == null) {
            this._bSigning = z;
            if (_logger.isDebugEnabled()) {
                _logger.debug("No optional '" + str + PROPERTY_SIGNING + "' property found for requestor '" + this._sID + "'; Using default value: " + this._bSigning);
                return;
            }
            return;
        }
        if (str2.equalsIgnoreCase("TRUE")) {
            this._bSigning = true;
        } else {
            if (str2.equalsIgnoreCase("FALSE")) {
                return;
            }
            _logger.error("Invalid '" + str + PROPERTY_SIGNING + "' property found for requestor '" + this._sID + "'; Invalid value: " + str2);
            throw new OAException(1);
        }
    }

    private void initMetadataProvider() throws OAException {
        String fingerprint = this._oMetadataProviderConfig.getFingerprint();
        if (fingerprint.equals(MetadataProviderConfiguration.FINGERPRINT_PROVIDER_UNKNOWN)) {
            _logger.warn("No optional available metadata for requestor with id: " + this._sID);
            return;
        }
        MetadataProvider metadataProvider = null;
        IMetadataProviderManager metadataProviderManager = MdMgrManager.getInstance().getMetadataProviderManager(this._sMPMId);
        if (metadataProviderManager == null) {
            _logger.warn("MetadataProviderManager '" + this._sMPMId + "'is not available for Requestor '" + this._sID + "'; possible thread leak?");
        }
        if (metadataProviderManager != null) {
            metadataProvider = metadataProviderManager.getProviderFor(this._sID, this._dLastModified);
        }
        if (metadataProvider != null) {
            if (!MetadataProviderUtil.getMetadataProviderFingerprint(metadataProvider).equals(fingerprint)) {
                _logger.info("Metadata configuration changed; re-initializing metadata for " + this._sID);
                metadataProviderManager.removeProviderFor(this._sID);
                metadataProvider = null;
            } else if (_logger.isDebugEnabled()) {
                String str = null;
                if (metadataProvider instanceof AbstractReloadingMetadataProvider) {
                    str = ((AbstractReloadingMetadataProvider) metadataProvider).getNextRefresh().toString();
                }
                _logger.debug("Using cached MetadataProvider for " + this._sID + (str == null ? "" : " (next refresh: " + str + ")"));
            }
        }
        if (metadataProvider == null) {
            metadataProvider = MetadataProviderUtil.createMetadataProvider(this._sID, this._oMetadataProviderConfig, metadataProviderManager);
            if (metadataProvider != null) {
                _logger.debug("New MetadataProvider was established for " + this._sID);
            } else {
                _logger.debug("No MetadataProvider could be established for " + this._sID);
            }
        }
        this._oMetadataProvider = metadataProvider;
    }

    public String getID() {
        return this._sID;
    }

    public MetadataProvider getMetadataProvider() {
        if (this._oMetadataProvider != null) {
            return this._oMetadataProvider;
        }
        try {
            initMetadataProvider();
            return this._oMetadataProvider;
        } catch (OAException e) {
            _logger.warn("Exception occurred when establishing MetadataProvider for requestor '" + this._sID + "': " + e.getMessage());
            return null;
        }
    }

    public boolean isSigningEnabled() {
        return this._bSigning;
    }

    public String toString() {
        return "Requestor '" + this._sID + "': " + this._oMetadataProviderConfig.getFingerprint();
    }

    private MetadataProviderConfiguration getMetadataConfigFromConfig(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        MetadataProviderConfiguration metadataProviderConfiguration = new MetadataProviderConfiguration();
        Element section = iConfigurationManager.getSection(element, "metadata");
        String param = iConfigurationManager.getParam(section, "file");
        if (param != null) {
            param = PathTranslator.getInstance().map(param);
        }
        metadataProviderConfiguration._sFilename = param;
        Element section2 = iConfigurationManager.getSection(section, "http");
        if (section2 != null) {
            metadataProviderConfiguration._sURL = iConfigurationManager.getParam(section2, "url");
            String param2 = iConfigurationManager.getParam(section2, "timeout");
            if (param2 != null) {
                try {
                    metadataProviderConfiguration._iTimeout = Integer.parseInt(param2);
                } catch (NumberFormatException e) {
                    _logger.error("Invalid value for http@timeout-attribute in configuration: " + param2, e);
                    throw new OAException(17);
                }
            }
        }
        metadataProviderConfiguration._sMetadata = iConfigurationManager.getParam(section, "raw");
        return metadataProviderConfiguration;
    }

    protected MetadataProviderConfiguration getMetadataConfigFromProperties(Map<?, ?> map, String str) throws OAException {
        MetadataProviderConfiguration metadataProviderConfiguration = new MetadataProviderConfiguration();
        String str2 = (String) map.get(str + METADATA_FILE);
        if (str2 != null) {
            str2 = PathTranslator.getInstance().map(str2);
        }
        metadataProviderConfiguration._sFilename = str2;
        metadataProviderConfiguration._sMetadata = (String) map.get(str + METADATA);
        metadataProviderConfiguration._sURL = (String) map.get(str + PROPERTY_METADATA_HTTP_URL);
        String str3 = (String) map.get(str + PROPERTY_METADATA_HTTP_TIMEOUT);
        if (str3 != null) {
            try {
                metadataProviderConfiguration._iTimeout = Integer.parseInt(str3);
            } catch (NumberFormatException e) {
                _logger.error("Invalid value for " + str + PROPERTY_METADATA_HTTP_TIMEOUT + " property: " + str3, e);
                throw new OAException(17);
            }
        }
        return metadataProviderConfiguration;
    }
}
