package org.gluu.oxtrust.action;

import java.io.File;
import java.io.FileInputStream;
import java.io.Serializable;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.annotation.PostConstruct;
import javax.enterprise.context.SessionScoped;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.gluu.jsf2.message.FacesMessages;
import org.gluu.oxtrust.ldap.service.ConfigurationService;
import org.gluu.oxtrust.ldap.service.SSLService;
import org.gluu.oxtrust.model.cert.TrustStoreCertificate;
import org.gluu.oxtrust.util.OxTrustConstants;
import org.gluu.oxtrust.util.X509CertificateShortInfo;
import org.gluu.service.security.Secure;
import org.slf4j.Logger;

@Secure("#{permissionService.hasPermission('configuration', 'access')}")
@SessionScoped
@Named
/* loaded from: input_file:org/gluu/oxtrust/action/CertificateManagementAction.class */
public class CertificateManagementAction implements Serializable {
    private static final long serialVersionUID = -1938167091985945238L;
    private static final String OPENLDAP_CERTIFICATE_FILE = "/etc/certs/openldap.crt";
    private static final String OPENDJ_CERTIFICATE_FILE = "/etc/certs/opendj.crt";
    private static final String HTTPD_CERTIFICATE_FILE = "/etc/certs/httpd.crt";
    private static final String IDP_SIGNING_CERTIFICATE_FILE = "/etc/certs/idp-signing.crt";
    private static final String IDP_ENCRYPT_CERTIFICATE_FILE = "/etc/certs/idp-encryption.crt";

    @Inject
    private Logger log;

    @Inject
    private FacesMessages facesMessages;

    @Inject
    private ConfigurationService configurationService;
    private List<X509CertificateShortInfo> trustStoreCertificates;
    private List<X509CertificateShortInfo> internalCertificates;

    @PostConstruct
    public void init() {
        this.log.info("init() CertificateManagement call");
        refresh();
    }

    public void refresh() {
        this.log.info("refresh() CertificateManagement call");
        updateTableView();
    }

    public String cancel() {
        this.log.info("cancel CertificateManagement");
        this.facesMessages.add(FacesMessage.SEVERITY_INFO, "Certificates not updated");
        return OxTrustConstants.RESULT_SUCCESS;
    }

    private void updateTableView() {
        try {
            this.trustStoreCertificates = new ArrayList();
            List<TrustStoreCertificate> trustStoreCertificates = this.configurationService.getConfiguration().getTrustStoreCertificates();
            if (trustStoreCertificates != null) {
                for (TrustStoreCertificate trustStoreCertificate : trustStoreCertificates) {
                    try {
                        for (X509Certificate x509Certificate : SSLService.loadCertificates(trustStoreCertificate.getCertificate().getBytes())) {
                            this.trustStoreCertificates.add(new X509CertificateShortInfo(trustStoreCertificate.getName(), x509Certificate));
                        }
                    } catch (Exception e) {
                        this.log.error("Certificate load exception", e);
                    }
                }
            }
        } catch (Exception e2) {
            this.log.error("Load trustStoreCertificates configuration exception", e2);
        }
        try {
            this.internalCertificates = new ArrayList();
            try {
                for (X509Certificate x509Certificate2 : SSLService.loadCertificates(new FileInputStream(OPENDJ_CERTIFICATE_FILE))) {
                    this.internalCertificates.add(new X509CertificateShortInfo(OPENDJ_CERTIFICATE_FILE, "OpenDJ SSL", x509Certificate2));
                }
            } catch (Exception e3) {
                this.log.warn("OPENDJ certificate load exception");
            }
            try {
                for (X509Certificate x509Certificate3 : SSLService.loadCertificates(new FileInputStream(HTTPD_CERTIFICATE_FILE))) {
                    this.internalCertificates.add(new X509CertificateShortInfo(HTTPD_CERTIFICATE_FILE, "HTTPD SSL", x509Certificate3));
                }
            } catch (Exception e4) {
                this.log.warn("HTTPD Certificate load exception");
            }
            try {
                for (X509Certificate x509Certificate4 : SSLService.loadCertificates(new FileInputStream(IDP_SIGNING_CERTIFICATE_FILE))) {
                    this.internalCertificates.add(new X509CertificateShortInfo(IDP_SIGNING_CERTIFICATE_FILE, "IDP SIGNING", x509Certificate4));
                }
            } catch (Exception e5) {
                this.log.warn("IDP SIGNING certificate load exception");
            }
            try {
                for (X509Certificate x509Certificate5 : SSLService.loadCertificates(new FileInputStream(IDP_ENCRYPT_CERTIFICATE_FILE))) {
                    this.internalCertificates.add(new X509CertificateShortInfo(IDP_ENCRYPT_CERTIFICATE_FILE, "IDP ENCRYPTION", x509Certificate5));
                }
            } catch (Exception e6) {
                this.log.warn("IDP ENCRYPTION certificate load exception");
            }
            try {
                for (X509Certificate x509Certificate6 : SSLService.loadCertificates(new FileInputStream(OPENLDAP_CERTIFICATE_FILE))) {
                    this.internalCertificates.add(new X509CertificateShortInfo(OPENLDAP_CERTIFICATE_FILE, "OpenLDAP ENCRYPTION", x509Certificate6));
                }
            } catch (Exception e7) {
                this.log.warn("OpenLDAP certificate load exception");
            }
        } catch (Exception e8) {
            this.log.error("Load internalCertificates configuration exception", e8);
        }
    }

    public List<X509CertificateShortInfo> getTrustStoreCertificates() {
        return this.trustStoreCertificates;
    }

    public void setTrustStoreCertificates(List<X509CertificateShortInfo> list) {
        this.trustStoreCertificates = list;
    }

    public List<X509CertificateShortInfo> getInternalCertificates() {
        return this.internalCertificates;
    }

    public void setInternalCertificates(List<X509CertificateShortInfo> list) {
        this.internalCertificates = list;
    }

    public void download(X509CertificateShortInfo x509CertificateShortInfo) {
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        HttpServletResponse httpServletResponse = (HttpServletResponse) currentInstance.getExternalContext().getResponse();
        httpServletResponse.setContentType(OxTrustConstants.CONTENT_TYPE_TEXT_PLAIN);
        httpServletResponse.addHeader("Content-disposition", "attachment; filename=\"" + x509CertificateShortInfo.getName() + "\"");
        try {
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            Throwable th = null;
            try {
                try {
                    IOUtils.copy(Files.newInputStream(new File(x509CertificateShortInfo.getPath()).toPath(), new OpenOption[0]), outputStream);
                    outputStream.flush();
                    currentInstance.responseComplete();
                    if (outputStream != null) {
                        if (0 != 0) {
                            try {
                                outputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            outputStream.close();
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (Exception e) {
            this.log.error("", e);
        }
    }
}
