package org.gluu.oxtrust.ldap.service;

import com.unboundid.ldap.sdk.schema.AttributeTypeDefinition;
import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.inject.Named;
import javax.xml.parsers.FactoryConfigurationError;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.validation.Schema;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.util.ClassUtils;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.config.oxtrust.AttributeResolverConfiguration;
import org.gluu.config.oxtrust.NameIdConfig;
import org.gluu.config.oxtrust.ShibbolethCASProtocolConfiguration;
import org.gluu.model.GluuAttribute;
import org.gluu.model.GluuStatus;
import org.gluu.model.GluuUserRole;
import org.gluu.oxtrust.config.ConfigurationFactory;
import org.gluu.oxtrust.model.GluuConfiguration;
import org.gluu.oxtrust.model.GluuMetadataSourceType;
import org.gluu.oxtrust.model.GluuSAMLFederationProposal;
import org.gluu.oxtrust.model.GluuSAMLTrustRelationship;
import org.gluu.oxtrust.model.MetadataFilter;
import org.gluu.oxtrust.model.SamlAcr;
import org.gluu.oxtrust.util.EasyCASSLProtocolSocketFactory;
import org.gluu.oxtrust.util.OxTrustApiConstants;
import org.gluu.persist.PersistenceEntryManager;
import org.gluu.saml.metadata.SAMLMetadataParser;
import org.gluu.service.SchemaService;
import org.gluu.service.XmlService;
import org.gluu.util.INumGenerator;
import org.gluu.util.StringHelper;
import org.gluu.util.Util;
import org.gluu.util.exception.InvalidConfigurationException;
import org.gluu.util.io.FileUploadWrapper;
import org.gluu.util.io.HTTPFileDownloader;
import org.gluu.util.security.StringEncrypter;
import org.gluu.xml.GluuErrorHandler;
import org.gluu.xml.XMLValidator;
import org.opensaml.xml.schema.SchemaBuilder;
import org.slf4j.Logger;
import org.w3c.dom.Document;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

@Stateless
@Named("shibboleth3ConfService")
/* loaded from: input_file:org/gluu/oxtrust/ldap/service/Shibboleth3ConfService.class */
public class Shibboleth3ConfService implements Serializable {
    private List<String> schemaValidationFileNames = new ArrayList();
    private static final long serialVersionUID = 6752452480800274694L;
    private static final String SHIB3_IDP_CONF_FOLDER = "conf";
    private static final String SHIB3_IDP_AUNTHN_FOLDER = "authn";
    public static final String SHIB3_IDP_METADATA_FOLDER = "metadata";
    private static final String SHIB3_IDP_METADATA_PROVIDERS_FILE = "metadata-providers.xml";
    private static final String SHIB3_IDP_ATTRIBUTE_FILTER_FILE = "attribute-filter.xml";
    private static final String SHIB3_IDP_ATTRIBUTE_RESOLVER_FILE = "attribute-resolver.xml";
    private static final String SHIB3_IDP_RELYING_PARTY_FILE = "relying-party.xml";
    private static final String SHIB3_IDP_CAS_PROTOCOL_FILE = "cas-protocol.xml";
    public static final String SHIB3_IDP_IDP_METADATA_FILE = "idp-metadata.xml";
    public static final String SHIB3_IDP_SP_METADATA_FILE = "sp-metadata.xml";
    public static final String SHIB3_SP_ATTRIBUTE_MAP_FILE = "attribute-map.xml";
    public static final String SHIB3_SP_SHIBBOLETH2_FILE = "shibboleth2.xml";
    private static final String SHIB3_SP_READ_ME = "/WEB-INF/resources/doc/README_SP.pdf";
    private static final String SHIB3_SP_READ_ME_WINDOWS = "/WEB-INF/resources/doc/README_SP_windows.pdf";
    private static final String SHIB3_SAML_NAMEID_FILE = "saml-nameid.xml";
    private static final String SHIB3_SAML_NAMEID_PROPS_FILE = "saml-nameid.properties";
    private static final String SHIB3_SP_METADATA_FILE_PATTERN = "%s-sp-metadata.xml";
    public static final String PUBLIC_CERTIFICATE_START_LINE = "-----BEGIN CERTIFICATE-----";
    public static final String PUBLIC_CERTIFICATE_END_LINE = "-----END CERTIFICATE-----";
    public static final String SHIB3_IDP_PROPERTIES_FILE = "idp.properties";
    private static final String SHIB3_IDP_LOGIN_CONFIG_FILE = "login.config";
    private static final String SHIB3_METADATA_FILE_PATTERN = "%s-metadata.xml";
    public static final String SHIB3_IDP_TEMPMETADATA_FOLDER = "temp_metadata";
    public static final String SHIB3_IDP_SP_KEY_FILE = "spkey.key";
    public static final String SHIB3_IDP_SP_CERT_FILE = "spcert.crt";
    public static final String GLUU_SAML_OXAUTH_SUPPORTED_PRINCIPALS_FILE = "oxauth-supported-principals.xml";

    @Inject
    private AttributeService attributeService;

    @Inject
    private TemplateService templateService;

    @Inject
    private Logger log;

    @Inject
    private FilterService filterService;

    @Inject
    private ConfigurationService configurationService;

    @Inject
    private ConfigurationFactory configurationFactory;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private EncryptionService encryptionService;

    @Inject
    private XmlService xmlService;

    @Inject
    private ProfileConfigurationService profileConfigurationService;

    @Inject
    @Named("casService")
    private CASService casService;

    @Inject
    private SchemaService shemaService;

    @Inject
    private TrustService trustService;

    @Inject
    private PersistenceEntryManager persistenceEntryManager;

    @Inject
    private PersonService personService;

    public boolean generateConfigurationFiles(SamlAcr[] samlAcrArr) {
        this.log.info(">>>>>>>>>> IN generateConfigurationFiles(SamlAcr[] acrs)...");
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpConfAuthnDir = getIdpConfAuthnDir();
        ArrayList arrayList = new ArrayList();
        for (SamlAcr samlAcr : samlAcrArr) {
            arrayList.add(samlAcr.getClassRef());
        }
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("acrs", arrayList);
        boolean writeConfFile = this.templateService.writeConfFile(idpConfAuthnDir + GLUU_SAML_OXAUTH_SUPPORTED_PRINCIPALS_FILE, this.templateService.generateConfFile(GLUU_SAML_OXAUTH_SUPPORTED_PRINCIPALS_FILE, velocityContext));
        this.log.info(">>>>>>>>>> LEAVING generateConfigurationFiles(SamlAcr[] acrs)...");
        return writeConfFile;
    }

    public boolean generateConfigurationFiles(List<GluuSAMLTrustRelationship> list) {
        this.log.info(">>>>>>>>>> IN Shibboleth3ConfService.generateConfigurationFiles()...");
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpConfDir = getIdpConfDir();
        String idpMetadataDir = getIdpMetadataDir();
        initAttributes(list);
        HashMap<String, Object> initTrustParamMap = initTrustParamMap(list);
        HashMap<String, Object> initAttributeParamMap = initAttributeParamMap(list);
        HashMap<String, Object> initCASParamMap = initCASParamMap();
        HashMap<String, Object> initAttributeResolverParamMap = initAttributeResolverParamMap();
        boolean z = (initTrustParamMap == null || initAttributeParamMap == null || initCASParamMap == null || initAttributeResolverParamMap == null) ? false : true;
        if (!z) {
            this.log.error(">>>>>>>>>> Shibboleth3ConfService.generateConfigurationFiles() - params preparation failed, break files generation");
            return z;
        }
        VelocityContext prepareVelocityContext = prepareVelocityContext(initTrustParamMap, initAttributeParamMap, initCASParamMap, initAttributeResolverParamMap, idpMetadataDir);
        String generateConfFile = this.templateService.generateConfFile(SHIB3_IDP_METADATA_PROVIDERS_FILE, prepareVelocityContext);
        String generateConfFile2 = this.templateService.generateConfFile(SHIB3_IDP_ATTRIBUTE_RESOLVER_FILE, prepareVelocityContext);
        String generateConfFile3 = this.templateService.generateConfFile(SHIB3_IDP_ATTRIBUTE_FILTER_FILE, prepareVelocityContext);
        String generateConfFile4 = this.templateService.generateConfFile(SHIB3_IDP_RELYING_PARTY_FILE, prepareVelocityContext);
        String generateConfFile5 = this.templateService.generateConfFile(SHIB3_IDP_CAS_PROTOCOL_FILE, prepareVelocityContext);
        String generateConfFile6 = this.templateService.generateConfFile(SHIB3_SP_SHIBBOLETH2_FILE, prepareVelocityContext);
        boolean writeConfFile = ((generateConfFile == null || generateConfFile3 == null || generateConfFile2 == null || generateConfFile4 == null || generateConfFile5 == null || generateConfFile6 == null) ? false : true) & this.templateService.writeConfFile(idpConfDir + SHIB3_IDP_METADATA_PROVIDERS_FILE, generateConfFile) & this.templateService.writeConfFile(idpConfDir + SHIB3_IDP_ATTRIBUTE_RESOLVER_FILE, generateConfFile2) & this.templateService.writeConfFile(idpConfDir + SHIB3_IDP_ATTRIBUTE_FILTER_FILE, generateConfFile3) & this.templateService.writeConfFile(idpConfDir + SHIB3_IDP_RELYING_PARTY_FILE, generateConfFile4) & this.templateService.writeConfFile(idpConfDir + SHIB3_IDP_CAS_PROTOCOL_FILE, generateConfFile5) & this.templateService.writeConfFile(getSpShibboleth3FilePath(), generateConfFile6) & this.templateService.writeConfFile(idpConfDir + SHIB3_SAML_NAMEID_FILE, this.templateService.generateConfFile(SHIB3_SAML_NAMEID_FILE, prepareVelocityContext)) & this.templateService.writeConfFile(idpConfDir + SHIB3_SAML_NAMEID_PROPS_FILE, this.templateService.generateConfFile(SHIB3_SAML_NAMEID_PROPS_FILE, prepareVelocityContext));
        this.log.info(">>>>>>>>>> LEAVING Shibboleth3ConfService.generateConfigurationFiles()...");
        return writeConfFile;
    }

    private void initAttributes(List<GluuSAMLTrustRelationship> list) {
        List<GluuAttribute> allPersonAttributes = this.attributeService.getAllPersonAttributes(GluuUserRole.ADMIN);
        HashMap<String, GluuAttribute> attributeMapByDNs = this.attributeService.getAttributeMapByDNs(allPersonAttributes);
        GluuAttribute attributeByName = this.attributeService.getAttributeByName("uid");
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : list) {
            List releasedAttributes = gluuSAMLTrustRelationship.getReleasedAttributes();
            ArrayList arrayList = new ArrayList();
            if (releasedAttributes != null) {
                arrayList.addAll(releasedAttributes);
            }
            if (attributeByName != null && arrayList.remove(attributeByName.getDn())) {
                arrayList.add(0, attributeByName.getDn());
            }
            gluuSAMLTrustRelationship.setReleasedCustomAttributes(this.attributeService.getCustomAttributesByAttributeDNs(arrayList, attributeMapByDNs));
            this.attributeService.setAttributeMetadata(gluuSAMLTrustRelationship.getReleasedCustomAttributes(), allPersonAttributes);
        }
    }

    private HashMap<String, Object> initTrustParamMap(List<GluuSAMLTrustRelationship> list) {
        this.log.trace("Starting trust parameters map initialization.");
        HashMap<String, Object> hashMap = new HashMap<>();
        ArrayList arrayList = new ArrayList();
        HashMap hashMap2 = new HashMap();
        ArrayList arrayList2 = new ArrayList();
        HashMap hashMap3 = new HashMap();
        HashMap hashMap4 = new HashMap();
        HashMap hashMap5 = new HashMap();
        int i = 1;
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : list) {
            if ((gluuSAMLTrustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.URI) || gluuSAMLTrustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.FILE)) ? false : true) {
                initProfileConfiguration(gluuSAMLTrustRelationship);
                String gluuContainerFederation = gluuSAMLTrustRelationship.getGluuContainerFederation();
                if (hashMap4.get(gluuContainerFederation) == null) {
                    hashMap4.put(gluuContainerFederation, new ArrayList());
                }
                ((List) hashMap4.get(gluuContainerFederation)).add(gluuSAMLTrustRelationship.getEntityId());
                arrayList2.add(gluuSAMLTrustRelationship);
                int i2 = i;
                i++;
                hashMap3.put(gluuSAMLTrustRelationship.getEntityId(), String.valueOf(i2));
            } else {
                int i3 = i;
                i++;
                hashMap2.put(gluuSAMLTrustRelationship.getInum(), String.valueOf(i3));
                List entityIdFromMetadataFile = SAMLMetadataParser.getEntityIdFromMetadataFile(new File(getIdpMetadataDir() + gluuSAMLTrustRelationship.getSpMetaDataFN()));
                if (entityIdFromMetadataFile == null) {
                    gluuSAMLTrustRelationship.setStatus(GluuStatus.INACTIVE);
                    this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship);
                } else {
                    hashMap5.put(gluuSAMLTrustRelationship.getInum(), entityIdFromMetadataFile);
                    initProfileConfiguration(gluuSAMLTrustRelationship);
                    if (gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation") != null) {
                        HashMap hashMap6 = new HashMap();
                        hashMap6.put(OxTrustApiConstants.ID, "Trust" + StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()));
                        hashMap6.put("certPath", getIdpMetadataDir() + "credentials" + File.separator + ((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation")).getFilterCertFileName());
                        arrayList.add(hashMap6);
                    }
                    if (gluuSAMLTrustRelationship.getGluuSAMLMetaDataFilter() != null) {
                        ArrayList arrayList3 = new ArrayList();
                        String str = null;
                        for (String str2 : gluuSAMLTrustRelationship.getGluuSAMLMetaDataFilter()) {
                            try {
                                if (this.xmlService.getXmlDocument(str2.getBytes()).getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(FilterService.ENTITY_ROLE_WHITE_LIST_TYPE)) {
                                    str = str2;
                                } else {
                                    arrayList3.add(str2);
                                }
                            } catch (Exception e) {
                                this.log.error("GluuSAMLMetaDataFilter contains invalid value.", e);
                                e.printStackTrace();
                            }
                        }
                        if (str != null) {
                            arrayList3.add(str);
                        }
                        gluuSAMLTrustRelationship.setGluuSAMLMetaDataFilter(arrayList3);
                    }
                }
            }
        }
        for (String str3 : hashMap5.keySet()) {
            List list2 = (List) hashMap4.get(str3);
            if (list2 != null) {
                ((List) hashMap5.get(str3)).removeAll(list2);
            }
        }
        hashMap.put("idpCredentialsPath", getIdpMetadataDir() + "credentials" + File.separator);
        hashMap.put("deconstructed", arrayList2);
        hashMap.put("deconstructedIds", hashMap3);
        hashMap.put("trustEngines", arrayList);
        hashMap.put("trusts", list);
        hashMap.put("trustIds", hashMap2);
        hashMap.put("trustEntityIds", hashMap5);
        return hashMap;
    }

    protected void initProfileConfiguration(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) throws FactoryConfigurationError {
        try {
            this.filterService.parseFilters(gluuSAMLTrustRelationship);
            this.profileConfigurationService.parseProfileConfigurations(gluuSAMLTrustRelationship);
        } catch (Exception e) {
            this.log.error("Failed to parse stored metadataFilter configuration for trustRelationship " + gluuSAMLTrustRelationship.getDn(), e);
        }
    }

    private HashMap<String, Object> initAttributeParamMap(List<GluuSAMLTrustRelationship> list) {
        new HashMap();
        HashSet hashSet = new HashSet();
        list.stream().forEach(gluuSAMLTrustRelationship -> {
            gluuSAMLTrustRelationship.getReleasedCustomAttributes().stream().forEach(gluuCustomAttribute -> {
                hashSet.add(gluuCustomAttribute.getMetadata());
            });
        });
        return createAttributeMap(hashSet);
    }

    private HashMap<String, Object> createAttributeMap(Set<GluuAttribute> set) {
        HashMap<String, Object> hashMap = new HashMap<>();
        ArrayList arrayList = new ArrayList();
        Iterator<GluuAttribute> it = set.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getName());
        }
        List attributeTypeDefinitions = this.shemaService.getAttributeTypeDefinitions(this.shemaService.getSchema(), arrayList);
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        for (GluuAttribute gluuAttribute : set) {
            String name = gluuAttribute.getName();
            String saml1Uri = gluuAttribute.getSaml1Uri();
            if (StringHelper.isEmpty(saml1Uri)) {
                Object[] objArr = new Object[2];
                objArr[0] = gluuAttribute.isCustom() || StringHelper.isEmpty(gluuAttribute.getUrn()) || (!StringHelper.isEmpty(gluuAttribute.getUrn()) && gluuAttribute.getUrn().startsWith("urn:gluu:dir:attribute-def:")) ? "gluu" : "mace";
                objArr[1] = name;
                saml1Uri = String.format("urn:%s:dir:attribute-def:%s", objArr);
            }
            hashMap2.put(name, saml1Uri);
            String saml2Uri = gluuAttribute.getSaml2Uri();
            if (StringHelper.isEmpty(saml2Uri)) {
                AttributeTypeDefinition attributeTypeDefinition = this.shemaService.getAttributeTypeDefinition(attributeTypeDefinitions, name);
                if (attributeTypeDefinition == null) {
                    this.log.error("Failed to get OID for attribute name {}", name);
                    return null;
                }
                saml2Uri = String.format("urn:oid:%s", attributeTypeDefinition.getOID());
            }
            hashMap3.put(name, saml2Uri);
        }
        hashMap.put("attributes", set);
        hashMap.put("attributeSAML1Strings", hashMap2);
        hashMap.put("attributeSAML2Strings", hashMap3);
        return hashMap;
    }

    private HashMap<String, Object> initCASParamMap() {
        HashMap<String, Object> hashMap = new HashMap<>();
        try {
            ShibbolethCASProtocolConfiguration loadCASConfiguration = this.casService.loadCASConfiguration();
            if (loadCASConfiguration != null) {
                this.log.info("add ShibbolethCASProtocolConfiguration parameters");
                hashMap.put("enabled", Boolean.valueOf(loadCASConfiguration.isEnabled()));
                hashMap.put("extended", Boolean.valueOf(loadCASConfiguration.isExtended()));
                hashMap.put("enableToProxyPatterns", Boolean.valueOf(loadCASConfiguration.isEnableToProxyPatterns()));
                hashMap.put("authorizedToProxyPattern", loadCASConfiguration.getAuthorizedToProxyPattern());
                hashMap.put("unauthorizedToProxyPattern", loadCASConfiguration.getAuthorizedToProxyPattern());
            }
        } catch (Exception e) {
            this.log.error("initCASParamMap() exception", e);
        }
        return hashMap;
    }

    public HashMap<String, Object> initAttributeResolverParamMap() {
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet();
        AttributeResolverConfiguration attributeResolverConfig = this.configurationFactory.loadConfigurationFromLdap(new String[0]).getAttributeResolverConfig();
        if (attributeResolverConfig != null && attributeResolverConfig.getNameIdConfigs() != null) {
            for (NameIdConfig nameIdConfig : attributeResolverConfig.getNameIdConfigs()) {
                if (StringHelper.isNotEmpty(nameIdConfig.getSourceAttribute()) && nameIdConfig.isEnabled()) {
                    GluuAttribute attributeByName = this.attributeService.getAttributeByName(nameIdConfig.getSourceAttribute());
                    arrayList.add(nameIdConfig);
                    hashSet.add(attributeByName);
                }
            }
        }
        HashMap<String, Object> createAttributeMap = createAttributeMap(hashSet);
        createAttributeMap.put("configs", arrayList);
        createAttributeMap.put("attributes", hashSet);
        String persistenceType = this.persistenceEntryManager.getPersistenceType(this.personService.getDnForPerson(null));
        this.log.debug(">>>>>>>>>> Shibboleth3ConfService.initAttributeResolverParamMap() - Persistance type: '{}'", persistenceType);
        createAttributeMap.put("persistenceType", persistenceType);
        return createAttributeMap;
    }

    private VelocityContext prepareVelocityContext(HashMap<String, Object> hashMap, HashMap<String, Object> hashMap2, HashMap<String, Object> hashMap3, HashMap<String, Object> hashMap4, String str) {
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("StringHelper", StringHelper.class);
        velocityContext.put(ConfigurationFactory.SALT_FILE_NAME, this.configurationFactory.getCryptoConfigurationSalt());
        velocityContext.put("trustParams", hashMap);
        velocityContext.put("attrParams", hashMap2);
        velocityContext.put("casParams", hashMap3);
        velocityContext.put("resovlerParams", hashMap4);
        velocityContext.put("medataFolder", str);
        velocityContext.put("orgInum", StringHelper.removePunctuation("gluu"));
        velocityContext.put("orgSupportEmail", this.appConfiguration.getOrgSupportEmail());
        String idpUrl = this.appConfiguration.getIdpUrl();
        velocityContext.put("idpUrl", idpUrl);
        velocityContext.put("idpHost", idpUrl.replaceAll(":[0-9]*$", ""));
        String applicationUrl = this.appConfiguration.getApplicationUrl();
        velocityContext.put("spUrl", applicationUrl);
        velocityContext.put("spHost", applicationUrl.replaceAll(":[0-9]*$", "").replaceAll("^.*?//", ""));
        GluuSAMLTrustRelationship relationshipByInum = this.trustService.getRelationshipByInum(this.configurationService.getConfiguration().getGluuSPTR());
        if (relationshipByInum == null) {
            relationshipByInum = new GluuSAMLTrustRelationship();
        }
        velocityContext.put("gluuSPEntityId", relationshipByInum.getEntityId());
        String[] split = this.appConfiguration.getIdpLdapServer().split("\\s*(=>|,|\\s)\\s*");
        String str2 = "";
        if (split != null) {
            for (String str3 : split) {
                if (str2.length() > 1) {
                    str2 = str2 + " ";
                }
                str2 = str2 + this.appConfiguration.getIdpLdapProtocol() + "://" + str3;
            }
        } else {
            str2 = this.appConfiguration.getIdpLdapProtocol() + "://" + this.appConfiguration.getIdpLdapServer();
        }
        velocityContext.put("ldapUrl", str2);
        velocityContext.put("bindDN", this.appConfiguration.getIdpBindDn());
        try {
            velocityContext.put("ldapPass", this.encryptionService.decrypt(this.appConfiguration.getIdpBindPassword()));
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Failed to decrypt bindPassword", e);
            e.printStackTrace();
        }
        velocityContext.put("securityKey", this.appConfiguration.getIdpSecurityKey());
        velocityContext.put("securityCert", this.appConfiguration.getIdpSecurityCert());
        try {
            velocityContext.put("securityKeyPassword", this.encryptionService.decrypt(this.appConfiguration.getIdpSecurityKeyPassword()));
        } catch (StringEncrypter.EncryptionException e2) {
            this.log.error("Failed to decrypt idp.securityKeyPassword", e2);
            e2.printStackTrace();
        }
        return velocityContext;
    }

    public String getIdpMetadataFilePath() {
        return getIdpMetadataDir() + SHIB3_IDP_IDP_METADATA_FILE;
    }

    public String getIdpConfAuthnDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_CONF_FOLDER + File.separator + SHIB3_IDP_AUNTHN_FOLDER + File.separator;
    }

    public String getIdpConfDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_CONF_FOLDER + File.separator;
    }

    public String getIdpMetadataDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_METADATA_FOLDER + File.separator;
    }

    public String getIdpMetadataTempDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_TEMPMETADATA_FOLDER + File.separator;
    }

    public String getSpMetadataFilePath(String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to return SP meta-data file due to undefined IDP root folder");
        }
        return getIdpMetadataDir() + str;
    }

    public String getSpNewMetadataFileName(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return getSpNewMetadataFileName(gluuSAMLTrustRelationship.getInum());
    }

    public String getSpNewMetadataFileName(String str) {
        return String.format(SHIB3_SP_METADATA_FILE_PATTERN, StringHelper.removePunctuation(str));
    }

    public String saveSpMetadataFile(String str, byte[] bArr) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            Throwable th = null;
            try {
                String saveSpMetadataFile = saveSpMetadataFile(str, byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
                return saveSpMetadataFile;
            } finally {
            }
        } catch (IOException e) {
            throw new InvalidConfigurationException(e);
        }
    }

    public String saveSpMetadataFile(String str, InputStream inputStream) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            this.log.error("Failed to save SP meta-data file due to undefined IDP root folder");
            throw new InvalidConfigurationException("Failed to save SP meta-data file due to undefined IDP root folder");
        }
        String idpMetadataTempDir = getIdpMetadataTempDir();
        String tempMetadataFilename = getTempMetadataFilename(idpMetadataTempDir, str);
        File file = new File(idpMetadataTempDir + tempMetadataFilename);
        try {
            FileOutputStream openOutputStream = FileUtils.openOutputStream(file);
            Throwable th = null;
            try {
                try {
                    IOUtils.copy(inputStream, openOutputStream);
                    openOutputStream.flush();
                    if (openOutputStream != null) {
                        if (0 != 0) {
                            try {
                                openOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            openOutputStream.close();
                        }
                    }
                    return tempMetadataFilename;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            this.log.error("Failed to write SP meta-data file '{}'", file, e);
            e.printStackTrace();
            return null;
        }
    }

    private String getTempMetadataFilename(String str, String str2) {
        File file;
        String name;
        synchronized (getClass()) {
            new File(str2);
            do {
                file = new File(str + str2 + INumGenerator.generate(2));
            } while (file.exists());
            name = file.getName();
        }
        return name;
    }

    public String saveSpMetadataFile(String str, String str2) {
        if (StringHelper.isEmpty(str)) {
            return null;
        }
        HTTPFileDownloader.setEasyhttps(new Protocol("https", new EasyCASSLProtocolSocketFactory(), 443));
        String resource = HTTPFileDownloader.getResource(str, "application/xml, text/xml", (String) null, (String) null);
        if (StringHelper.isEmpty(resource)) {
            return null;
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(resource.getBytes("UTF-8"));
            FileUploadWrapper fileUploadWrapper = new FileUploadWrapper();
            fileUploadWrapper.setStream(byteArrayInputStream);
            return saveSpMetadataFile(str2, fileUploadWrapper.getStream());
        } catch (UnsupportedEncodingException e) {
            this.log.error("saveSpMetadataFile exception", e);
            e.printStackTrace();
            return null;
        }
    }

    public String generateSpAttributeMapFile(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        List<GluuSAMLTrustRelationship> asList = Arrays.asList(gluuSAMLTrustRelationship);
        initAttributes(asList);
        HashMap<String, Object> initAttributeParamMap = initAttributeParamMap(asList);
        if (initAttributeParamMap == null) {
            return null;
        }
        return this.templateService.generateConfFile(SHIB3_SP_ATTRIBUTE_MAP_FILE, prepareVelocityContext(null, initAttributeParamMap, null, null, null));
    }

    public boolean generateSpMetadataFile(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to generate SP meta-data file due to undefined IDP root folder");
        }
        String idpMetadataDir = getIdpMetadataDir();
        String generateSpMetadataFileContent = generateSpMetadataFileContent(gluuSAMLTrustRelationship, str);
        if (StringHelper.isEmpty(generateSpMetadataFileContent)) {
            return false;
        }
        if (!StringHelper.isEmpty(gluuSAMLTrustRelationship.getUrl())) {
            return this.templateService.writeConfFile(idpMetadataDir + gluuSAMLTrustRelationship.getSpMetaDataFN(), generateSpMetadataFileContent);
        }
        this.log.error("Trust relationship URL is empty");
        return false;
    }

    public String generateSpMetadataFileContent(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) {
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("certificate", str);
        velocityContext.put("trustRelationship", gluuSAMLTrustRelationship);
        velocityContext.put("entityId", Util.encodeString(StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum())));
        velocityContext.put("spHost", gluuSAMLTrustRelationship.getUrl().replaceFirst("/$", ""));
        return this.templateService.generateConfFile(SHIB3_IDP_SP_METADATA_FILE, velocityContext);
    }

    public void removeSpMetadataFile(String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to remove SP meta-data file due to undefined IDP root folder");
        }
        File file = new File(getIdpMetadataDir() + str);
        if (file.exists()) {
            file.delete();
        }
    }

    public boolean isCorrectSpMetadataFile(String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to check SP meta-data file due to undefined IDP root folder");
        }
        List spEntityIdFromMetadataFile = SAMLMetadataParser.getSpEntityIdFromMetadataFile(new File(getIdpMetadataDir() + str));
        return (spEntityIdFromMetadataFile == null || spEntityIdFromMetadataFile.isEmpty()) ? false : true;
    }

    public String getSpAttributeMapFilePath() {
        return this.appConfiguration.getShibboleth3SpConfDir() + File.separator + SHIB3_SP_ATTRIBUTE_MAP_FILE;
    }

    public String getSpShibboleth3FilePath() {
        return this.appConfiguration.getShibboleth3SpConfDir() + File.separator + SHIB3_SP_SHIBBOLETH2_FILE;
    }

    public String getSpReadMeResourceName() {
        return SHIB3_SP_READ_ME;
    }

    public String getSpReadMeWindowsResourceName() {
        return SHIB3_SP_READ_ME_WINDOWS;
    }

    public String getPublicCertificate(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            Throwable th = null;
            try {
                String publicCertificate = getPublicCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
                return publicCertificate;
            } finally {
            }
        } catch (IOException e) {
            return null;
        }
    }

    public String getPublicCertificate(InputStream inputStream) {
        List<String> list = null;
        try {
            list = IOUtils.readLines(new InputStreamReader(inputStream, "US-ASCII"));
        } catch (IOException e) {
            this.log.error("Failed to read public key file", e);
            e.printStackTrace();
        }
        StringBuilder sb = new StringBuilder();
        boolean z = false;
        for (String str : list) {
            if (str.startsWith(PUBLIC_CERTIFICATE_END_LINE)) {
                break;
            }
            if (z) {
                if (sb.length() > 0) {
                    sb.append("\n");
                }
                sb.append(str);
            }
            if (str.startsWith(PUBLIC_CERTIFICATE_START_LINE)) {
                z = true;
            }
        }
        if (sb.length() == 0) {
            return null;
        }
        return sb.toString();
    }

    /* JADX WARN: Finally extract failed */
    public boolean isFederationMetadata(String str) {
        InputStreamReader inputStreamReader;
        if (str == null) {
            return false;
        }
        File file = new File(getSpMetadataFilePath(str));
        Document document = null;
        try {
            FileInputStream openInputStream = FileUtils.openInputStream(file);
            Throwable th = null;
            try {
                try {
                    inputStreamReader = new InputStreamReader(openInputStream, "UTF-8");
                    Throwable th2 = null;
                    try {
                        document = this.xmlService.getXmlDocument(new InputSource(inputStreamReader));
                    } catch (Exception e) {
                        this.log.error("Failed to parse metadata file '{}'", file.getAbsolutePath(), e);
                        e.printStackTrace();
                    }
                    if (inputStreamReader != null) {
                        if (0 != 0) {
                            try {
                                inputStreamReader.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            inputStreamReader.close();
                        }
                    }
                    if (openInputStream != null) {
                        if (0 != 0) {
                            try {
                                openInputStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            openInputStream.close();
                        }
                    }
                } catch (Throwable th5) {
                    if (openInputStream != null) {
                        if (0 != 0) {
                            try {
                                openInputStream.close();
                            } catch (Throwable th6) {
                                th.addSuppressed(th6);
                            }
                        } else {
                            openInputStream.close();
                        }
                    }
                    throw th5;
                }
            } catch (Throwable th7) {
                if (inputStreamReader != null) {
                    if (th != null) {
                        try {
                            inputStreamReader.close();
                        } catch (Throwable th8) {
                            th.addSuppressed(th8);
                        }
                    } else {
                        inputStreamReader.close();
                    }
                }
                throw th7;
            }
        } catch (IOException e2) {
            this.log.error("Failed to read metadata file '{}'", file.getAbsolutePath(), e2);
            e2.printStackTrace();
        }
        if (document == null) {
            return false;
        }
        String str2 = null;
        try {
            str2 = XPathFactory.newInstance().newXPath().compile("count(//*[local-name() = 'EntitiesDescriptor'])").evaluate(document);
        } catch (XPathExpressionException e3) {
            this.log.error("Failed to find IDP metadata file in relaying party file '{}'", file.getAbsolutePath(), e3);
            e3.printStackTrace();
        }
        return Integer.parseInt(str2) > 0;
    }

    public boolean generateIdpConfigurationFiles() {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpConfDir = getIdpConfDir();
        VelocityContext velocityContext = new VelocityContext();
        String[] split = this.appConfiguration.getIdpLdapServer().split("\\s*(=>|,|\\s)\\s*");
        String str = "";
        if (split != null) {
            for (String str2 : split) {
                if (str.length() > 1) {
                    str = str + " ";
                }
                str = str + this.appConfiguration.getIdpLdapProtocol() + "://" + str2;
            }
        } else {
            str = this.appConfiguration.getIdpLdapProtocol() + "://" + this.appConfiguration.getIdpLdapServer();
        }
        String str3 = str;
        String baseDN = this.appConfiguration.getBaseDN();
        String idpBindDn = this.appConfiguration.getIdpBindDn();
        String str4 = "";
        try {
            str4 = this.encryptionService.decrypt(this.appConfiguration.getIdpBindPassword());
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Failed to decrypt bindPassword", e);
            e.printStackTrace();
        }
        String idpUserFields = this.appConfiguration.getIdpUserFields();
        velocityContext.put("host", str3);
        velocityContext.put("base", baseDN);
        velocityContext.put("serviceUser", idpBindDn);
        velocityContext.put("serviceCredential", str4);
        velocityContext.put("userField", idpUserFields);
        String generateConfFile = this.templateService.generateConfFile(SHIB3_IDP_LOGIN_CONFIG_FILE, velocityContext);
        return (generateConfFile != null) & this.templateService.writeConfFile(idpConfDir + SHIB3_IDP_LOGIN_CONFIG_FILE, generateConfFile);
    }

    public boolean isCorrectMetadataFile(String str) {
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to check meta-data file due to undefined federation root folder");
        }
        List entityIdFromMetadataFile = SAMLMetadataParser.getEntityIdFromMetadataFile(new File(getIdpMetadataDir() + str));
        return (entityIdFromMetadataFile == null || entityIdFromMetadataFile.isEmpty()) ? false : true;
    }

    public void removeMetadataFile(String str) {
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to remove meta-data file due to undefined federation root folder");
        }
        File file = new File(getIdpMetadataDir() + str);
        if (file.exists()) {
            file.delete();
        }
    }

    public String getMetadataFilePath(String str) {
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to return meta-data file due to undefined federation root folder");
        }
        String idpMetadataDir = getIdpMetadataDir();
        File file = new File(idpMetadataDir);
        if (!file.exists()) {
            file.mkdirs();
        }
        return idpMetadataDir + str;
    }

    public String getNewMetadataFileName(GluuSAMLFederationProposal gluuSAMLFederationProposal, List<GluuSAMLFederationProposal> list) {
        return String.format(SHIB3_METADATA_FILE_PATTERN, StringHelper.removePunctuation(gluuSAMLFederationProposal.getInum()));
    }

    public boolean saveMetadataFile(String str, InputStream inputStream) {
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to save meta-data file due to undefined federation root folder");
        }
        String idpMetadataDir = getIdpMetadataDir();
        File file = new File(idpMetadataDir);
        if (!file.exists()) {
            file.mkdirs();
        }
        File file2 = new File(idpMetadataDir + str);
        try {
            try {
                FileOutputStream openOutputStream = FileUtils.openOutputStream(file2);
                Throwable th = null;
                try {
                    IOUtils.copy(inputStream, openOutputStream);
                    openOutputStream.flush();
                    if (openOutputStream != null) {
                        if (0 != 0) {
                            try {
                                openOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            openOutputStream.close();
                        }
                    }
                    IOUtils.closeQuietly(inputStream);
                    return true;
                } catch (Throwable th3) {
                    if (openOutputStream != null) {
                        if (0 != 0) {
                            try {
                                openOutputStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            openOutputStream.close();
                        }
                    }
                    throw th3;
                }
            } catch (IOException e) {
                this.log.error("Failed to write meta-data file '{}'", file2, e);
                e.printStackTrace();
                IOUtils.closeQuietly(inputStream);
                return false;
            }
        } catch (Throwable th5) {
            IOUtils.closeQuietly(inputStream);
            throw th5;
        }
    }

    public boolean saveMetadataFile(String str, String str2) {
        if (StringHelper.isEmpty(str)) {
            return false;
        }
        String resource = HTTPFileDownloader.getResource(str, "application/xml, text/xml", (String) null, (String) null);
        if (StringHelper.isEmpty(resource)) {
            return false;
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(resource.getBytes("UTF-8"));
            FileUploadWrapper fileUploadWrapper = new FileUploadWrapper();
            fileUploadWrapper.setStream(byteArrayInputStream);
            return saveMetadataFile(str2, fileUploadWrapper.getStream());
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean generateMetadataFiles() {
        this.log.info(">>>>>>>>>> IN Shibboleth3ConfService.generateMetadataFiles()...");
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpMetadataDir = getIdpMetadataDir();
        VelocityContext velocityContext = new VelocityContext();
        String idpUrl = this.appConfiguration.getIdpUrl();
        velocityContext.put("idpHost", idpUrl);
        velocityContext.put("domain", idpUrl.replaceAll(":[0-9]*$", "").replaceAll("^.*?//", ""));
        velocityContext.put("orgName", this.appConfiguration.getOrganizationName());
        velocityContext.put("orgShortName", this.appConfiguration.getOrganizationName());
        try {
            velocityContext.put("idpSigningCertificate", FileUtils.readFileToString(new File(this.appConfiguration.getIdp3SigningCert())).replaceAll("-{5}.*?-{5}", ""));
            try {
                velocityContext.put("idpEncryptionCertificate", FileUtils.readFileToString(new File(this.appConfiguration.getIdp3EncryptionCert())).replaceAll("-{5}.*?-{5}", ""));
                String generateConfFile = this.templateService.generateConfFile(SHIB3_IDP_IDP_METADATA_FILE, velocityContext);
                boolean writeConfFile = (generateConfFile != null) & this.templateService.writeConfFile(idpMetadataDir + SHIB3_IDP_IDP_METADATA_FILE, generateConfFile);
                this.log.info(">>>>>>>>>> LEAVING Shibboleth3ConfService.generateMetadataFiles()...");
                return writeConfFile;
            } catch (IOException e) {
                this.log.error("Unable to get IDP 3 encryption certificate from " + this.appConfiguration.getIdp3EncryptionCert(), e);
                e.printStackTrace();
                return false;
            }
        } catch (IOException e2) {
            this.log.error("Unable to get IDP 3 signing certificate from " + this.appConfiguration.getIdp3SigningCert(), e2);
            e2.printStackTrace();
            return false;
        }
    }

    public GluuErrorHandler validateMetadata(InputStream inputStream) throws ParserConfigurationException, SAXException, IOException {
        List list = null;
        try {
            try {
                String str = "META-INF" + File.separator + "shibboleth3" + File.separator + "idp" + File.separator + "schema" + File.separator;
                this.schemaValidationFileNames = this.templateService.getClasspathTemplateNames(str);
                this.schemaValidationFileNames.remove("schema");
                list = (List) this.schemaValidationFileNames.stream().map(str2 -> {
                    return ClassUtils.getResourceAsStream(getClass(), str + str2);
                }).collect(Collectors.toList());
                Schema buildSchema = SchemaBuilder.buildSchema(SchemaBuilder.SchemaLanguage.XML, (InputStream[]) list.toArray(new InputStream[0]));
                if (list != null) {
                    list.stream().forEach(inputStream2 -> {
                        try {
                            inputStream2.close();
                        } catch (IOException e) {
                            this.log.error("error closing stream;", e);
                        }
                    });
                }
                return XMLValidator.validateMetadata(inputStream, buildSchema);
            } catch (Exception e) {
                this.log.info("", e);
                ArrayList arrayList = new ArrayList();
                arrayList.add("Error of schema creating");
                arrayList.add(e.getMessage());
                GluuErrorHandler gluuErrorHandler = new GluuErrorHandler(false, true, arrayList);
                if (list != null) {
                    list.stream().forEach(inputStream22 -> {
                        try {
                            inputStream22.close();
                        } catch (IOException e2) {
                            this.log.error("error closing stream;", e2);
                        }
                    });
                }
                return gluuErrorHandler;
            }
        } catch (Throwable th) {
            if (list != null) {
                list.stream().forEach(inputStream222 -> {
                    try {
                        inputStream222.close();
                    } catch (IOException e2) {
                        this.log.error("error closing stream;", e2);
                    }
                });
            }
            throw th;
        }
    }

    public boolean existsResourceUri(String str) {
        try {
            HttpURLConnection.setFollowRedirects(false);
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
            httpURLConnection.setRequestMethod("HEAD");
            return httpURLConnection.getResponseCode() == 200;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean isIdpInstalled() {
        return (this.appConfiguration.getShibbolethVersion() == null || this.appConfiguration.getShibbolethVersion().isEmpty()) ? false : true;
    }

    public void addGluuSP() {
        String generateInumForNewTrustRelationship = this.trustService.generateInumForNewTrustRelationship();
        String spNewMetadataFileName = getSpNewMetadataFileName(generateInumForNewTrustRelationship);
        GluuSAMLTrustRelationship gluuSAMLTrustRelationship = new GluuSAMLTrustRelationship();
        gluuSAMLTrustRelationship.setInum(generateInumForNewTrustRelationship);
        gluuSAMLTrustRelationship.setDisplayName("gluu SP on configuration");
        gluuSAMLTrustRelationship.setDescription("Trust Relationship for the SP");
        gluuSAMLTrustRelationship.setSpMetaDataSourceType(GluuMetadataSourceType.FILE);
        gluuSAMLTrustRelationship.setSpMetaDataFN(spNewMetadataFileName);
        gluuSAMLTrustRelationship.setEntityId(StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()));
        gluuSAMLTrustRelationship.setUrl(this.appConfiguration.getApplicationUrl());
        boolean z = false;
        try {
            generateSpMetadataFile(gluuSAMLTrustRelationship, FileUtils.readFileToString(new File(this.appConfiguration.getGluuSpCert())).replaceAll("-{5}.*?-{5}", ""));
            z = isCorrectSpMetadataFile(gluuSAMLTrustRelationship.getSpMetaDataFN());
        } catch (IOException e) {
            this.log.error("Failed to gluu SP read certificate file.", e);
        }
        if (z) {
            gluuSAMLTrustRelationship.setStatus(GluuStatus.ACTIVE);
            gluuSAMLTrustRelationship.setDn(this.trustService.getDnForTrustRelationShip(gluuSAMLTrustRelationship.getInum()));
            ArrayList arrayList = new ArrayList();
            List<GluuAttribute> allPersonAttributes = this.attributeService.getAllPersonAttributes(GluuUserRole.ADMIN);
            HashMap<String, GluuAttribute> attributeMapByDNs = this.attributeService.getAttributeMapByDNs(allPersonAttributes);
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            for (String str : this.appConfiguration.getGluuSpAttributes()) {
                GluuAttribute attributeByName = this.attributeService.getAttributeByName(str, allPersonAttributes);
                if (attributeByName != null) {
                    arrayList2.add(attributeByName.getDn());
                }
            }
            arrayList.addAll(this.attributeService.getCustomAttributesByAttributeDNs(arrayList2, attributeMapByDNs));
            gluuSAMLTrustRelationship.setReleasedCustomAttributes(arrayList);
            gluuSAMLTrustRelationship.setReleasedAttributes(arrayList3);
            this.trustService.updateReleasedAttributes(gluuSAMLTrustRelationship);
            this.trustService.addTrustRelationship(gluuSAMLTrustRelationship);
            GluuConfiguration configuration = this.configurationService.getConfiguration();
            configuration.setGluuSPTR(gluuSAMLTrustRelationship.getInum());
            this.configurationService.updateConfiguration(configuration);
        }
        if (z) {
            this.log.warn("gluuSP EntityID set to " + StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()) + ". Shibboleth3 configuration should be updated.");
        } else {
            this.log.error("IDP configuration update failed. GluuSP was not generated.");
        }
    }

    public boolean isFederation(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return isFederationMetadata(gluuSAMLTrustRelationship.getSpMetaDataFN());
    }

    public void saveCert(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) {
        String str2 = this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + TrustService.GENERATED_SSL_ARTIFACTS_DIR + File.separator;
        File file = new File(str2);
        if (!file.exists()) {
            this.log.debug("creating directory: " + str2);
            if (file.mkdir()) {
                this.log.debug("DIR created");
            }
        }
        BufferedWriter bufferedWriter = null;
        try {
            bufferedWriter = new BufferedWriter(new FileWriter(str2 + getSpNewMetadataFileName(gluuSAMLTrustRelationship).replaceFirst("\\.xml$", ".crt")));
            bufferedWriter.write("-----BEGIN CERTIFICATE-----\n" + str + PUBLIC_CERTIFICATE_END_LINE);
            if (bufferedWriter != null) {
                try {
                    bufferedWriter.close();
                } catch (IOException e) {
                }
            }
        } catch (IOException e2) {
            if (bufferedWriter != null) {
                try {
                    bufferedWriter.close();
                } catch (IOException e3) {
                }
            }
        } catch (Throwable th) {
            if (bufferedWriter != null) {
                try {
                    bufferedWriter.close();
                } catch (IOException e4) {
                    throw th;
                }
            }
            throw th;
        }
    }

    public void saveKey(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) {
        String str2 = this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + TrustService.GENERATED_SSL_ARTIFACTS_DIR + File.separator;
        File file = new File(str2);
        if (!file.exists()) {
            this.log.debug("creating directory: " + str2);
            if (file.mkdir()) {
                this.log.debug("DIR created");
            }
        }
        if (str == null) {
            File file2 = new File(str2 + getSpNewMetadataFileName(gluuSAMLTrustRelationship).replaceFirst("\\.xml$", ".key"));
            if (file2.exists()) {
                file2.delete();
                return;
            }
            return;
        }
        BufferedWriter bufferedWriter = null;
        try {
            bufferedWriter = new BufferedWriter(new FileWriter(str2 + getSpNewMetadataFileName(gluuSAMLTrustRelationship).replaceFirst("\\.xml$", ".key")));
            bufferedWriter.write(str);
            if (bufferedWriter != null) {
                try {
                    bufferedWriter.close();
                } catch (IOException e) {
                }
            }
        } catch (IOException e2) {
            if (bufferedWriter != null) {
                try {
                    bufferedWriter.close();
                } catch (IOException e3) {
                }
            }
        } catch (Throwable th) {
            if (bufferedWriter != null) {
                try {
                    bufferedWriter.close();
                } catch (IOException e4) {
                    throw th;
                }
            }
            throw th;
        }
    }
}
