package org.gluu.oxtrust.ldap.service;

import java.io.File;
import java.lang.annotation.Annotation;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.TreeSet;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Event;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.collections.CollectionUtils;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.model.GluuStatus;
import org.gluu.oxtrust.model.GluuSAMLTrustRelationship;
import org.gluu.oxtrust.model.GluuValidationStatus;
import org.gluu.oxtrust.service.cdi.event.EntityIdMonitoringEvent;
import org.gluu.oxtrust.util.ServiceUtil;
import org.gluu.saml.metadata.SAMLMetadataParser;
import org.gluu.service.cdi.async.Asynchronous;
import org.gluu.service.cdi.event.Scheduled;
import org.gluu.service.timer.event.TimerEvent;
import org.gluu.service.timer.schedule.TimerSchedule;
import org.gluu.util.StringHelper;
import org.slf4j.Logger;

@ApplicationScoped
@Named("entityIDMonitoringService")
/* loaded from: input_file:org/gluu/oxtrust/ldap/service/EntityIDMonitoringService.class */
public class EntityIDMonitoringService {
    private static final String ENTITY_ID_VANISHED_MESSAGE = "Invalidated because parent federation does not contain this entityId any more.";
    private static final int DEFAULT_INTERVAL = 120;

    @Inject
    private Logger log;

    @Inject
    private Event<TimerEvent> timerEvent;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private ServiceUtil serviceUtil;

    @Inject
    private TrustService trustService;
    private AtomicBoolean isActive;

    public void initTimer() {
        this.log.debug("Initializing EntityId Monitoring Timer");
        this.isActive = new AtomicBoolean(false);
        this.timerEvent.fire(new TimerEvent(new TimerSchedule(30, DEFAULT_INTERVAL), new EntityIdMonitoringEvent(), new Annotation[]{Scheduled.Literal.INSTANCE}));
    }

    @Asynchronous
    public void processMetadataValidationTimerEvent(@Observes @Scheduled EntityIdMonitoringEvent entityIdMonitoringEvent) {
        if (!this.isActive.get() && this.isActive.compareAndSet(false, true)) {
            try {
                process();
            } catch (Throwable th) {
                this.log.error("Exception happened while monitoring EntityId", th);
            } finally {
                this.isActive.set(false);
            }
        }
    }

    public void process() {
        this.log.trace("Starting entityId monitoring process.");
        this.log.trace("EVENT_METADATA_ENTITY_ID_UPDATE Starting");
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : this.trustService.getAllTrustRelationships()) {
            this.log.trace("Evaluating TR " + gluuSAMLTrustRelationship.getDn());
            boolean z = gluuSAMLTrustRelationship.getSpMetaDataFN() != null && StringHelper.isNotEmpty(gluuSAMLTrustRelationship.getSpMetaDataFN());
            this.log.trace("meatadataAvailable:" + z);
            boolean z2 = this.trustService.getTrustContainerFederation(gluuSAMLTrustRelationship) == null;
            this.log.trace("correctType:" + z2);
            boolean equals = GluuValidationStatus.VALIDATION_SUCCESS.equals(gluuSAMLTrustRelationship.getValidationStatus());
            this.log.trace("isValidated:" + equals);
            if (z && z2 && equals) {
                List<String> entityIdFromMetadataFile = SAMLMetadataParser.getEntityIdFromMetadataFile(new File((this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + Shibboleth3ConfService.SHIB3_IDP_METADATA_FOLDER + File.separator) + gluuSAMLTrustRelationship.getSpMetaDataFN()));
                this.log.trace("entityIds from metadata: " + this.serviceUtil.iterableToString(entityIdFromMetadataFile));
                TreeSet treeSet = new TreeSet();
                if (entityIdFromMetadataFile != null && !entityIdFromMetadataFile.isEmpty()) {
                    TreeSet treeSet2 = new TreeSet();
                    for (String str : entityIdFromMetadataFile) {
                        if (!treeSet.add(str)) {
                            treeSet2.add(str);
                        }
                    }
                }
                this.log.trace("unique entityIds: " + this.serviceUtil.iterableToString(treeSet));
                Collection disjunction = CollectionUtils.disjunction(treeSet, gluuSAMLTrustRelationship.getGluuEntityId());
                this.log.trace("entityIds disjunction: " + this.serviceUtil.iterableToString(disjunction));
                if (!disjunction.isEmpty()) {
                    this.log.trace("entityIds disjunction is not empty. Somthing has changed. Processing further.");
                    gluuSAMLTrustRelationship.setGluuEntityId(treeSet);
                    if (gluuSAMLTrustRelationship.isFederation()) {
                        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship2 : this.trustService.getDeconstructedTrustRelationships(gluuSAMLTrustRelationship)) {
                            this.log.trace("Processing TR part: " + gluuSAMLTrustRelationship2.getDn());
                            boolean z3 = gluuSAMLTrustRelationship2.getStatus() != null && GluuStatus.ACTIVE.equals(gluuSAMLTrustRelationship2.getStatus());
                            this.log.trace("isActive:" + z3);
                            boolean z4 = treeSet != null && treeSet.contains(gluuSAMLTrustRelationship2.getEntityId());
                            this.log.trace("entityIdPresent:" + z4);
                            boolean z5 = gluuSAMLTrustRelationship2.getValidationLog() != null && gluuSAMLTrustRelationship2.getValidationLog().contains(new StringBuilder().append("Invalidated because parent federation does not contain this entityId any more. : ").append(gluuSAMLTrustRelationship2.getEntityId()).toString());
                            this.log.trace("previouslyDisabled:" + z5);
                            if (z3 && !z4) {
                                this.log.trace("no entityId found for part : " + gluuSAMLTrustRelationship2.getDn());
                                gluuSAMLTrustRelationship2.setStatus(GluuStatus.INACTIVE);
                                ArrayList arrayList = new ArrayList();
                                arrayList.add("Invalidated because parent federation does not contain this entityId any more. : " + gluuSAMLTrustRelationship2.getEntityId());
                                gluuSAMLTrustRelationship2.setValidationLog(arrayList);
                                this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship2);
                            }
                            if (z4 && z5) {
                                this.log.trace("entityId found for part : " + gluuSAMLTrustRelationship2.getDn());
                                gluuSAMLTrustRelationship2.setStatus(GluuStatus.ACTIVE);
                                ArrayList arrayList2 = new ArrayList(gluuSAMLTrustRelationship2.getValidationLog());
                                arrayList2.remove("Invalidated because parent federation does not contain this entityId any more. : " + gluuSAMLTrustRelationship2.getEntityId());
                                if (arrayList2.isEmpty()) {
                                    arrayList2 = null;
                                }
                                gluuSAMLTrustRelationship2.setValidationLog(arrayList2);
                                this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship2);
                            }
                        }
                    }
                    this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship);
                }
            }
        }
    }
}
