package com.alfaariss.oa.util.saml2;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.requestor.IRequestor;
import com.alfaariss.oa.engine.core.Engine;
import com.alfaariss.oa.engine.core.requestor.factory.IRequestorPoolFactory;
import java.util.Hashtable;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.asimba.util.saml2.metadata.provider.management.MdMgrManager;
import org.asimba.util.saml2.metadata.provider.management.MetadataProviderManagerUtil;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alfaariss/oa/util/saml2/SAML2Requestors.class */
public class SAML2Requestors implements ISAML2Requestors {
    public static final String EL_MPMANAGER = "mp_manager";
    public static final String EL_REQUESTOR = "requestor";
    public static final String ATTR_SIGNING = "signing";
    public static final String ATTR_MPMANAGER_ID = "mpmanager_id";
    private static final Log _logger = LogFactory.getLog(ISAML2Requestors.class);
    private Map<String, SAML2Requestor> _mapRequestors;
    private boolean _bDefaultSigning;
    private String _sProfileID;
    private String _sMPMId;
    protected boolean _bOwnMPM;

    public SAML2Requestors(IConfigurationManager iConfigurationManager, Element element, String str) throws OAException {
        this._bDefaultSigning = false;
        this._sProfileID = str;
        this._mapRequestors = new Hashtable();
        if (element == null) {
            _logger.info("Using profile@id as MetadataProviderManager Id: '" + this._sProfileID + "'");
            this._sMPMId = this._sProfileID;
            if (MetadataProviderManagerUtil.establishMPM(this._sMPMId, iConfigurationManager, null)) {
                this._bOwnMPM = true;
                return;
            } else {
                this._bOwnMPM = false;
                return;
            }
        }
        try {
            String param = iConfigurationManager.getParam(element, ATTR_SIGNING);
            if (param == null) {
                _logger.warn("No default 'signing' item in 'requestors' section found in configuration");
            } else if (param.equalsIgnoreCase("TRUE")) {
                this._bDefaultSigning = true;
            } else if (!param.equalsIgnoreCase("FALSE")) {
                _logger.error("Invalid default 'signing' in 'requestors' section found in configuration (must be true or false): " + param);
                throw new OAException(17);
            }
            _logger.info("Using default signing enabled: " + this._bDefaultSigning);
            Element section = iConfigurationManager.getSection(element, "mp_manager");
            if (section == null) {
                _logger.info("Using MetadataProviderManager Id from profile@id: '" + this._sProfileID + "'");
                this._sMPMId = this._sProfileID;
            } else {
                this._sMPMId = iConfigurationManager.getParam(section, "id");
                if (this._sMPMId == null) {
                    _logger.error("Missing @id attribute for 'mp_manager' configuration");
                    throw new OAException(17);
                }
                _logger.info("Using MetadataProviderManager Id from configuration: '" + this._sMPMId + "'");
            }
            boolean establishMPM = MetadataProviderManagerUtil.establishMPM(this._sMPMId, iConfigurationManager, section);
            if (section == null) {
                this._bOwnMPM = establishMPM;
            } else {
                String param2 = iConfigurationManager.getParam(section, "primary");
                if (param2 == null) {
                    this._bOwnMPM = establishMPM;
                } else if ("false".equalsIgnoreCase(param2)) {
                    this._bOwnMPM = false;
                } else {
                    if (!"true".equalsIgnoreCase(param2)) {
                        _logger.error("Invalid value for '@primary': '" + param2 + "'");
                        throw new OAException(17);
                    }
                    this._bOwnMPM = true;
                }
            }
            this._mapRequestors = readRequestors(iConfigurationManager, element);
        } catch (Exception e) {
            _logger.fatal("Internal error while reading requestors configuration", e);
            throw new OAException(1);
        } catch (OAException e2) {
            throw e2;
        }
    }

    @Override // com.alfaariss.oa.util.saml2.ISAML2Requestors
    public void destroy() {
        if (this._mapRequestors != null) {
            this._mapRequestors.clear();
        }
        if (this._bOwnMPM) {
            _logger.info("Cleaning up MetadataProviderManager '" + getsMPMId() + "'");
            MdMgrManager.getInstance().deleteMetadataProviderManager(getsMPMId());
        }
    }

    @Override // com.alfaariss.oa.util.saml2.ISAML2Requestors
    public boolean isDefaultSigningEnabled() {
        return isbDefaultSigning();
    }

    @Override // com.alfaariss.oa.util.saml2.ISAML2Requestors
    public SAML2Requestor getRequestor(IRequestor iRequestor) throws OAException {
        if (iRequestor == null) {
            return null;
        }
        try {
            SAML2Requestor sAML2Requestor = this._mapRequestors.get(iRequestor.getID());
            if (sAML2Requestor == null) {
                sAML2Requestor = new SAML2Requestor(iRequestor, isbDefaultSigning(), getsProfileID(), getsMPMId());
            }
            return sAML2Requestor;
        } catch (Exception e) {
            _logger.fatal("Internal error resolving a SAML requestor for OA requestor: " + iRequestor.getID(), e);
            throw new OAException(1);
        } catch (OAException e2) {
            throw e2;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, SAML2Requestor> readRequestors(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        Hashtable hashtable = new Hashtable();
        try {
            IRequestorPoolFactory requestorPoolFactory = Engine.getInstance().getRequestorPoolFactory();
            Element section = iConfigurationManager.getSection(element, EL_REQUESTOR);
            while (section != null) {
                SAML2Requestor sAML2Requestor = new SAML2Requestor(iConfigurationManager, section, isbDefaultSigning(), getsMPMId());
                if (requestorPoolFactory.getRequestor(sAML2Requestor.getID()) == null) {
                    _logger.error("Configured requestor id is not available in a requestorpool: " + sAML2Requestor.getID());
                    throw new OAException(17);
                }
                if (hashtable.containsKey(sAML2Requestor.getID())) {
                    _logger.error("Configured requestor id is not unique in configuration: " + sAML2Requestor.getID());
                    throw new OAException(17);
                }
                hashtable.put(sAML2Requestor.getID(), sAML2Requestor);
                _logger.info("Added requestor: " + sAML2Requestor.toString());
                section = iConfigurationManager.getNextSection(section);
            }
            return hashtable;
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            _logger.fatal("Internal error while reading requestors configuration", e2);
            throw new OAException(1);
        }
    }

    public boolean isbDefaultSigning() {
        return this._bDefaultSigning;
    }

    public String getsProfileID() {
        return this._sProfileID;
    }

    public String getsMPMId() {
        return this._sMPMId;
    }
}
