package org.gluu.oxtrust.ldap.service;

import java.io.File;
import java.lang.annotation.Annotation;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.stream.Collectors;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Event;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.collections.CollectionUtils;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.model.GluuStatus;
import org.gluu.oxtrust.model.GluuSAMLTrustRelationship;
import org.gluu.oxtrust.model.GluuValidationStatus;
import org.gluu.oxtrust.service.cdi.event.EntityIdMonitoringEvent;
import org.gluu.oxtrust.util.ServiceUtil;
import org.gluu.saml.metadata.SAMLMetadataParser;
import org.gluu.service.cdi.async.Asynchronous;
import org.gluu.service.cdi.event.Scheduled;
import org.gluu.service.timer.event.TimerEvent;
import org.gluu.service.timer.schedule.TimerSchedule;
import org.slf4j.Logger;

@ApplicationScoped
@Named("entityIDMonitoringService")
/* loaded from: input_file:org/gluu/oxtrust/ldap/service/EntityIDMonitoringService.class */
public class EntityIDMonitoringService {
    private static final String ENTITY_ID_VANISHED_MESSAGE = "Invalidated because parent federation does not contain this entityId any more.";
    private static final String FEDERATION_FILE_INVALID_MESSAGE = "The metadata of this federation is invalid, hence all TRs based on this federation are invalidated.";
    private static final int DEFAULT_INTERVAL = 120;

    @Inject
    private Logger log;

    @Inject
    private Event<TimerEvent> timerEvent;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private ServiceUtil serviceUtil;

    @Inject
    private TrustService trustService;
    private AtomicBoolean isActive;

    public void initTimer() {
        this.log.debug("Initializing EntityId Monitoring Timer");
        this.isActive = new AtomicBoolean(false);
        this.timerEvent.fire(new TimerEvent(new TimerSchedule(30, DEFAULT_INTERVAL), new EntityIdMonitoringEvent(), new Annotation[]{Scheduled.Literal.INSTANCE}));
    }

    @Asynchronous
    public void processMetadataValidationTimerEvent(@Observes @Scheduled EntityIdMonitoringEvent entityIdMonitoringEvent) {
        if (!this.isActive.get() && this.isActive.compareAndSet(false, true)) {
            try {
                process();
            } catch (Throwable th) {
                this.log.error("Exception happened while monitoring EntityId", th);
            } finally {
                this.isActive.set(false);
            }
        }
    }

    public void process() {
        this.log.trace("Starting entityId monitoring process.");
        this.log.trace("EVENT_METADATA_ENTITY_ID_UPDATE Starting");
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : (List) this.trustService.getAllTrustRelationships().stream().filter(gluuSAMLTrustRelationship2 -> {
            return gluuSAMLTrustRelationship2.isFederation();
        }).collect(Collectors.toList())) {
            this.log.info("==========================CURRENT TR " + gluuSAMLTrustRelationship.getInum());
            List entityIdFromMetadataFile = SAMLMetadataParser.getEntityIdFromMetadataFile(new File((this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + Shibboleth3ConfService.SHIB3_IDP_METADATA_FOLDER + File.separator) + gluuSAMLTrustRelationship.getSpMetaDataFN()));
            HashSet hashSet = new HashSet(entityIdFromMetadataFile);
            if (hashSet == null || hashSet.isEmpty()) {
                gluuSAMLTrustRelationship.setStatus(GluuStatus.INACTIVE);
                gluuSAMLTrustRelationship.setValidationStatus(GluuValidationStatus.FAILED);
                if (gluuSAMLTrustRelationship.getValidationLog() == null || gluuSAMLTrustRelationship.getValidationLog().contains(FEDERATION_FILE_INVALID_MESSAGE)) {
                    gluuSAMLTrustRelationship.setValidationLog(Arrays.asList(FEDERATION_FILE_INVALID_MESSAGE));
                } else {
                    ArrayList arrayList = new ArrayList(gluuSAMLTrustRelationship.getValidationLog());
                    arrayList.add(FEDERATION_FILE_INVALID_MESSAGE);
                    gluuSAMLTrustRelationship.setValidationLog(arrayList);
                }
                List<GluuSAMLTrustRelationship> childTrusts = this.trustService.getChildTrusts(gluuSAMLTrustRelationship);
                if (childTrusts != null && !childTrusts.isEmpty()) {
                    for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship3 : childTrusts) {
                        gluuSAMLTrustRelationship3.setValidationStatus(GluuValidationStatus.FAILED);
                        gluuSAMLTrustRelationship3.setStatus(GluuStatus.INACTIVE);
                        this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship3);
                    }
                }
                this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship);
            } else {
                this.log.trace("EntityIds from metadata: " + this.serviceUtil.iterableToString(entityIdFromMetadataFile));
                this.log.trace("Unique entityIds: " + this.serviceUtil.iterableToString(hashSet));
                Collection disjunction = CollectionUtils.disjunction(hashSet, gluuSAMLTrustRelationship.getGluuEntityId());
                this.log.trace("EntityIds disjunction: " + this.serviceUtil.iterableToString(disjunction));
                if (!disjunction.isEmpty()) {
                    this.log.trace("EntityIds disjunction is not empty. Somthing has changed. Processing further.");
                    gluuSAMLTrustRelationship.setGluuEntityId(hashSet);
                    for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship4 : this.trustService.getChildTrusts(gluuSAMLTrustRelationship)) {
                        this.log.trace("Processing TR part: " + gluuSAMLTrustRelationship4.getDn());
                        boolean z = gluuSAMLTrustRelationship4.getStatus() != null && GluuStatus.ACTIVE.equals(gluuSAMLTrustRelationship4.getStatus());
                        this.log.trace("isActive:" + z);
                        boolean z2 = hashSet != null && hashSet.contains(gluuSAMLTrustRelationship4.getEntityId());
                        this.log.trace("entityIdPresent:" + z2);
                        boolean z3 = gluuSAMLTrustRelationship4.getValidationLog() != null && gluuSAMLTrustRelationship4.getValidationLog().contains(new StringBuilder().append("Invalidated because parent federation does not contain this entityId any more. : ").append(gluuSAMLTrustRelationship4.getEntityId()).toString());
                        this.log.trace("previouslyDisabled:" + z3);
                        if (z && !z2) {
                            this.log.trace("no entityId found for part : " + gluuSAMLTrustRelationship4.getDn());
                            gluuSAMLTrustRelationship4.setStatus(GluuStatus.INACTIVE);
                            ArrayList arrayList2 = new ArrayList();
                            arrayList2.add("Invalidated because parent federation does not contain this entityId any more. : " + gluuSAMLTrustRelationship4.getEntityId());
                            gluuSAMLTrustRelationship4.setValidationLog(arrayList2);
                        } else if (z2 && z3) {
                            this.log.trace("entityId found for part : " + gluuSAMLTrustRelationship4.getDn());
                            gluuSAMLTrustRelationship4.setStatus(GluuStatus.ACTIVE);
                            gluuSAMLTrustRelationship4.setValidationStatus(GluuValidationStatus.SUCCESS);
                            ArrayList arrayList3 = new ArrayList(gluuSAMLTrustRelationship4.getValidationLog());
                            arrayList3.remove("Invalidated because parent federation does not contain this entityId any more. : " + gluuSAMLTrustRelationship4.getEntityId());
                            if (arrayList3.isEmpty()) {
                                arrayList3 = null;
                            }
                            gluuSAMLTrustRelationship4.setValidationLog(arrayList3);
                        } else if (gluuSAMLTrustRelationship4.getValidationStatus().equals(GluuValidationStatus.FAILED)) {
                            gluuSAMLTrustRelationship4.setStatus(GluuStatus.ACTIVE);
                            gluuSAMLTrustRelationship4.setValidationStatus(GluuValidationStatus.SUCCESS);
                        }
                        this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship4);
                    }
                    gluuSAMLTrustRelationship.setStatus(GluuStatus.ACTIVE);
                    gluuSAMLTrustRelationship.setValidationStatus(GluuValidationStatus.SUCCESS);
                    this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship);
                } else if (gluuSAMLTrustRelationship.getStatus().equals(GluuStatus.INACTIVE)) {
                    gluuSAMLTrustRelationship.setStatus(GluuStatus.ACTIVE);
                    gluuSAMLTrustRelationship.setValidationStatus(GluuValidationStatus.SUCCESS);
                    if (gluuSAMLTrustRelationship.getValidationLog() != null && !gluuSAMLTrustRelationship.getValidationLog().isEmpty()) {
                        ArrayList arrayList4 = new ArrayList(gluuSAMLTrustRelationship.getValidationLog());
                        arrayList4.remove(FEDERATION_FILE_INVALID_MESSAGE);
                        gluuSAMLTrustRelationship.setValidationLog(arrayList4);
                    }
                    List<GluuSAMLTrustRelationship> childTrusts2 = this.trustService.getChildTrusts(gluuSAMLTrustRelationship);
                    if (childTrusts2 != null && !childTrusts2.isEmpty()) {
                        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship5 : childTrusts2) {
                            gluuSAMLTrustRelationship5.setValidationStatus(GluuValidationStatus.SUCCESS);
                            gluuSAMLTrustRelationship5.setStatus(GluuStatus.ACTIVE);
                            this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship5);
                        }
                    }
                    this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship);
                }
            }
        }
    }
}
