package org.gluu.oxtrust.action;

import java.io.Serializable;
import java.lang.reflect.InvocationTargetException;
import javax.enterprise.context.ConversationScoped;
import javax.faces.application.FacesMessage;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.lang.StringUtils;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.config.oxtrust.DbApplicationConfiguration;
import org.gluu.config.oxtrust.ImportPersonConfig;
import org.gluu.jsf2.message.FacesMessages;
import org.gluu.jsf2.service.ConversationService;
import org.gluu.oxauth.model.configuration.CIBAEndUserNotificationConfig;
import org.gluu.oxtrust.service.AttributeService;
import org.gluu.oxtrust.service.EmailUniquenessService;
import org.gluu.oxtrust.service.EncryptionService;
import org.gluu.oxtrust.service.JsonConfigurationService;
import org.gluu.service.DataSourceTypeService;
import org.gluu.service.JsonService;
import org.gluu.service.cache.AbstractRedisProvider;
import org.gluu.service.cache.CacheConfiguration;
import org.gluu.service.cache.CacheProviderType;
import org.gluu.service.cache.MemcachedProvider;
import org.gluu.service.cache.RedisConfiguration;
import org.gluu.service.cache.RedisProviderFactory;
import org.gluu.service.cdi.util.CdiUtil;
import org.gluu.service.document.store.conf.DocumentStoreConfiguration;
import org.gluu.service.document.store.conf.DocumentStoreType;
import org.gluu.service.document.store.conf.JcaDocumentStoreConfiguration;
import org.gluu.service.document.store.provider.JcaDocumentStoreProvider;
import org.gluu.service.security.Secure;
import org.gluu.util.StringHelper;
import org.gluu.util.security.StringEncrypter;
import org.slf4j.Logger;

@ConversationScoped
@Secure("#{permissionService.hasPermission('configuration', 'access')}")
@Named("jsonConfigAction")
/* loaded from: input_file:org/gluu/oxtrust/action/JsonConfigurationAction.class */
public class JsonConfigurationAction implements Serializable {
    private String HIDDEN_PASSWORD_TEXT = "hidden";
    private static final long serialVersionUID = -4470460481895022468L;

    @Inject
    private FacesMessages facesMessages;

    @Inject
    private Logger log;

    @Inject
    private JsonService jsonService;

    @Inject
    private JsonConfigurationService jsonConfigurationService;

    @Inject
    private AttributeService attributeService;

    @Inject
    private EncryptionService encryptionService;

    @Inject
    private ConversationService conversationService;

    @Inject
    private EmailUniquenessService emailUniquenessService;

    @Inject
    private DataSourceTypeService dataSourceTypeService;

    @Inject
    private StringEncrypter stringEncrypter;
    private AppConfiguration oxTrustappConfiguration;
    private ImportPersonConfig oxTrustImportPersonConfiguration;
    private String oxTrustConfigJson;
    private String oxTrustImportPersonConfigJson;
    private String oxAuthDynamicConfigJson;
    private CacheConfiguration cacheConfiguration;
    private DocumentStoreConfiguration storeConfiguration;
    private String cacheConfigurationJson;
    private String storeConfigurationJson;
    private String fido2ConfigJson;

    public String init() {
        try {
            this.log.debug("Loading oxauth-config.json and oxtrust-config.json");
            this.oxTrustappConfiguration = this.jsonConfigurationService.getOxTrustappConfiguration();
            this.oxTrustImportPersonConfiguration = this.jsonConfigurationService.getOxTrustImportPersonConfiguration();
            this.cacheConfiguration = this.jsonConfigurationService.getOxMemCacheConfiguration();
            if (this.cacheConfiguration.getRedisConfiguration().getPassword() != null) {
                decryptPassword(this.cacheConfiguration.getRedisConfiguration());
            }
            this.storeConfiguration = this.jsonConfigurationService.getDocumentStoreConfiguration();
            if (this.storeConfiguration.getJcaConfiguration().getPassword() != null) {
                decryptPassword(this.storeConfiguration.getJcaConfiguration());
            }
            this.oxTrustConfigJson = getProtectedOxTrustappConfiguration(this.oxTrustappConfiguration);
            this.oxTrustImportPersonConfigJson = getOxTrustImportPersonConfiguration(this.oxTrustImportPersonConfiguration);
            this.oxAuthDynamicConfigJson = getProtectedOxAuthAppConfiguration(this.jsonConfigurationService.getOxAuthDynamicConfigJson());
            this.cacheConfigurationJson = getCacheConfiguration(this.cacheConfiguration);
            this.storeConfigurationJson = getStoreConfiguration(this.storeConfiguration);
            DbApplicationConfiguration loadFido2Configuration = this.jsonConfigurationService.loadFido2Configuration();
            if (loadFido2Configuration != null) {
                this.fido2ConfigJson = loadFido2Configuration.getDynamicConf();
            }
            if (this.oxTrustConfigJson != null) {
                if (this.oxAuthDynamicConfigJson != null) {
                    return "success";
                }
            }
        } catch (Exception e) {
            this.log.error("Failed to load configuration from LDAP", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to load configuration from LDAP");
        }
        this.conversationService.endConversation();
        return "failure";
    }

    public String saveOxAuthDynamicConfigJson() {
        try {
            this.log.debug("Saving oxauth-config.json:" + this.oxAuthDynamicConfigJson);
            if (this.oxAuthDynamicConfigJson != null) {
                this.jsonConfigurationService.saveOxAuthDynamicConfigJson(convertToOxAuthAppConfiguration(this.oxAuthDynamicConfigJson));
            }
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, "oxAuthDynamic Configuration is updated.");
            return "success";
        } catch (Exception e) {
            this.log.error("Failed to update oxauth-config.json", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update oxAuth configuration in LDAP");
            return "failure";
        }
    }

    public String saveOxTrustConfigJson() {
        try {
            this.log.debug("Saving oxtrust-config.json:" + this.oxTrustConfigJson);
            if (this.oxTrustConfigJson != null) {
                this.oxTrustappConfiguration = convertToOxTrustappConfiguration(this.oxTrustConfigJson);
                trimUriProperties();
                if (this.dataSourceTypeService.isLDAP(this.attributeService.getDnForAttribute((String) null))) {
                    this.emailUniquenessService.setEmailUniqueness(this.oxTrustappConfiguration.getEnforceEmailUniqueness().booleanValue());
                }
                this.jsonConfigurationService.saveOxTrustappConfiguration(this.oxTrustappConfiguration);
            }
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, "oxTrust Configuration is updated.");
            return "success";
        } catch (Exception e) {
            this.log.error("Failed to update oxtrust-config.json", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update oxTrust configuration in LDAP");
            return "failure";
        }
    }

    public String saveFido2ConfigJson() {
        try {
            this.log.debug("Saving fido2-config.json:" + this.fido2ConfigJson);
            if (this.fido2ConfigJson != null) {
                this.jsonConfigurationService.saveFido2Configuration(this.fido2ConfigJson);
            }
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, "Fido2 Configuration is updated.");
            return "success";
        } catch (Exception e) {
            this.log.error("Failed to update fido2-config.json", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update Fido2 configuration in DB");
            return "failure";
        }
    }

    public String saveOxMemCacheConfigJson() {
        try {
            this.log.debug("Saving memcache-config.json:" + this.cacheConfigurationJson);
            if (this.cacheConfigurationJson != null) {
                this.cacheConfiguration = convertToCacheConfiguration(this.cacheConfigurationJson);
                CacheProviderType cacheProviderType = this.cacheConfiguration.getCacheProviderType();
                if (cacheProviderType.equals(CacheProviderType.REDIS) && !canConnectToRedis()) {
                    this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Error connecting to redis with provided configuration");
                    return "failure";
                }
                if (cacheProviderType.equals(CacheProviderType.MEMCACHED) && !canConnectToMemCached()) {
                    this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Error connecting to memcached server with provided configuration");
                    return "failure";
                }
                this.jsonConfigurationService.saveOxMemCacheConfiguration(this.cacheConfiguration);
            }
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, "Сache Configuration is updated.");
            return "success";
        } catch (Exception e) {
            this.log.error("Failed to update oxMemcache-config.json", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update oxTrust configuration in LDAP");
            return "failure";
        }
    }

    public String saveStoreConfigJson() {
        try {
            this.log.debug("Saving store-config.json:" + this.storeConfigurationJson);
            if (this.storeConfigurationJson != null) {
                this.storeConfiguration = convertToStoreConfiguration(this.storeConfigurationJson);
                if (this.storeConfiguration.getDocumentStoreType().equals(DocumentStoreType.JCA) && !canConnectToJca()) {
                    this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Error connecting to JCA with provided configuration");
                    return "failure";
                }
                this.jsonConfigurationService.saveDocumentStoreConfiguration(this.storeConfiguration);
            }
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, "Document store configuration is updated.");
            return "success";
        } catch (Exception e) {
            this.log.error("Failed to update store-config.json", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update document store configuration in DB");
            return "failure";
        }
    }

    private boolean canConnectToRedis() {
        try {
            decryptPassword(this.cacheConfiguration.getRedisConfiguration());
            AbstractRedisProvider create = RedisProviderFactory.create(this.cacheConfiguration.getRedisConfiguration());
            create.create();
            if (!create.isConnected()) {
                return false;
            }
            create.destroy();
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private void decryptPassword(RedisConfiguration redisConfiguration) {
        try {
            String password = redisConfiguration.getPassword();
            if (StringUtils.isNotBlank(password)) {
                redisConfiguration.setPassword(this.stringEncrypter.decrypt(password));
                this.log.trace("Decrypted redis password successfully.");
            }
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Error during redis password decryption", e);
        }
    }

    private void decryptPassword(JcaDocumentStoreConfiguration jcaDocumentStoreConfiguration) {
        try {
            String password = jcaDocumentStoreConfiguration.getPassword();
            if (StringUtils.isNotBlank(password)) {
                jcaDocumentStoreConfiguration.setPassword(this.stringEncrypter.decrypt(password));
                this.log.trace("Decrypted JCA store password successfully.");
            }
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Error during JCA store password decryption", e);
        }
    }

    private boolean canConnectToMemCached() {
        try {
            MemcachedProvider memcachedProvider = (MemcachedProvider) CdiUtil.bean(MemcachedProvider.class);
            memcachedProvider.setCacheConfiguration(this.cacheConfiguration);
            memcachedProvider.init();
            memcachedProvider.create();
            if (!memcachedProvider.isConnected()) {
                return false;
            }
            memcachedProvider.destroy();
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private boolean canConnectToJca() {
        try {
            JcaDocumentStoreProvider jcaDocumentStoreProvider = (JcaDocumentStoreProvider) CdiUtil.bean(JcaDocumentStoreProvider.class);
            jcaDocumentStoreProvider.setJcaDocumentStoreConfiguration(this.storeConfiguration.getJcaConfiguration());
            jcaDocumentStoreProvider.create();
            if (!jcaDocumentStoreProvider.isConnected()) {
                return false;
            }
            jcaDocumentStoreProvider.destroy();
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private void trimUriProperties() {
        this.oxTrustappConfiguration.setLogoutRedirectUrl(StringHelper.trimAll(this.oxTrustappConfiguration.getLogoutRedirectUrl()));
        this.oxTrustappConfiguration.setLoginRedirectUrl(StringHelper.trimAll(this.oxTrustappConfiguration.getLoginRedirectUrl()));
        this.oxTrustappConfiguration.setOxAuthSectorIdentifierUrl(StringHelper.trimAll(this.oxTrustappConfiguration.getOxAuthSectorIdentifierUrl()));
    }

    public String saveOxTrustImportPersonConfigJson() {
        try {
            this.log.debug("Saving oxtrust-import-person.json:" + this.oxTrustImportPersonConfigJson);
            this.oxTrustImportPersonConfiguration = convertToOxTrustImportPersonConfiguration(this.oxTrustImportPersonConfigJson);
            this.jsonConfigurationService.saveOxTrustImportPersonConfiguration(this.oxTrustImportPersonConfiguration);
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, "oxTrust Import Person Configuration is updated.");
            return "success";
        } catch (Exception e) {
            this.log.error("Failed to oxtrust-import-person.json", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update oxTrust Import Person configuration in LDAP");
            return "failure";
        }
    }

    private String getProtectedOxTrustappConfiguration(AppConfiguration appConfiguration) {
        if (appConfiguration == null) {
            return null;
        }
        try {
            AppConfiguration appConfiguration2 = (AppConfiguration) BeanUtils.cloneBean(appConfiguration);
            appConfiguration2.setKeystorePassword(this.HIDDEN_PASSWORD_TEXT);
            appConfiguration2.setIdpSecurityKeyPassword(this.HIDDEN_PASSWORD_TEXT);
            appConfiguration2.setIdpBindPassword(this.HIDDEN_PASSWORD_TEXT);
            appConfiguration2.setCaCertsPassphrase(this.HIDDEN_PASSWORD_TEXT);
            appConfiguration2.setOxAuthClientPassword(this.HIDDEN_PASSWORD_TEXT);
            return this.jsonService.objectToJson(appConfiguration2);
        } catch (Exception e) {
            this.log.error("Failed to prepare JSON from appConfiguration: '{}'", appConfiguration, e);
            return null;
        }
    }

    private String getProtectedOxAuthAppConfiguration(String str) {
        if (str == null) {
            return null;
        }
        try {
            org.gluu.oxauth.model.configuration.AppConfiguration appConfiguration = (org.gluu.oxauth.model.configuration.AppConfiguration) this.jsonService.jsonToObject(str, org.gluu.oxauth.model.configuration.AppConfiguration.class);
            if (appConfiguration.getCibaEndUserNotificationConfig() == null) {
                appConfiguration.setCibaEndUserNotificationConfig(new CIBAEndUserNotificationConfig());
                appConfiguration.getCibaEndUserNotificationConfig().setNotificationKey("");
            }
            try {
                appConfiguration.getCibaEndUserNotificationConfig().setNotificationKey(this.encryptionService.decrypt(appConfiguration.getCibaEndUserNotificationConfig().getNotificationKey()));
            } catch (StringEncrypter.EncryptionException e) {
                this.log.error("Failed to decrypt values in the oxAuth json configuration: '{}'", str, e);
                appConfiguration.getCibaEndUserNotificationConfig().setNotificationKey("");
            }
            return this.jsonService.objectToJson(appConfiguration);
        } catch (Exception e2) {
            this.log.error("Problems processing oxAuth App configuration file: {}", str, e2);
            return null;
        }
    }

    private String getOxTrustImportPersonConfiguration(ImportPersonConfig importPersonConfig) {
        if (importPersonConfig == null) {
            return null;
        }
        try {
            return this.jsonService.objectToJson(importPersonConfig);
        } catch (Exception e) {
            this.log.error("Failed to prepare JSON from ImportPersonConfig: '{}'", importPersonConfig, e);
            return null;
        }
    }

    private String getCacheConfiguration(CacheConfiguration cacheConfiguration) {
        if (cacheConfiguration == null) {
            return null;
        }
        try {
            return this.jsonService.objectToJson(cacheConfiguration);
        } catch (Exception e) {
            this.log.error("Failed to prepare JSON from CacheConfiguration: '{}'", cacheConfiguration, e);
            return null;
        }
    }

    private String getStoreConfiguration(DocumentStoreConfiguration documentStoreConfiguration) {
        try {
            return this.jsonService.objectToJson(documentStoreConfiguration);
        } catch (Exception e) {
            this.log.error("Failed to prepare JSON from documentStoreConfiguration: '{}'", documentStoreConfiguration, e);
            return null;
        }
    }

    private AppConfiguration convertToOxTrustappConfiguration(String str) {
        try {
            AppConfiguration appConfiguration = (AppConfiguration) this.jsonService.jsonToObject(str, AppConfiguration.class);
            processPasswordProperty(this.oxTrustappConfiguration, appConfiguration, "keystorePassword");
            processPasswordProperty(this.oxTrustappConfiguration, appConfiguration, "idpSecurityKeyPassword");
            processPasswordProperty(this.oxTrustappConfiguration, appConfiguration, "idpBindPassword");
            processPasswordProperty(this.oxTrustappConfiguration, appConfiguration, "caCertsPassphrase");
            processPasswordProperty(this.oxTrustappConfiguration, appConfiguration, "oxAuthClientPassword");
            return appConfiguration;
        } catch (Exception e) {
            this.log.error("Failed to prepare appConfiguration from JSON: '{}'", str, e);
            return null;
        }
    }

    private String convertToOxAuthAppConfiguration(String str) {
        try {
            org.gluu.oxauth.model.configuration.AppConfiguration appConfiguration = (org.gluu.oxauth.model.configuration.AppConfiguration) this.jsonService.jsonToObject(str, org.gluu.oxauth.model.configuration.AppConfiguration.class);
            appConfiguration.getCibaEndUserNotificationConfig().setNotificationKey(this.encryptionService.encrypt(appConfiguration.getCibaEndUserNotificationConfig().getNotificationKey()));
            return this.jsonService.objectToJson(appConfiguration);
        } catch (Exception e) {
            this.log.error("Failed to prepare oxAuth AppConfiguration from JSON: '{}'", str, e);
            return null;
        }
    }

    private ImportPersonConfig convertToOxTrustImportPersonConfiguration(String str) {
        try {
            return (ImportPersonConfig) this.jsonService.jsonToObject(str, ImportPersonConfig.class);
        } catch (Exception e) {
            this.log.error("Failed to prepare ImportPersonConfig from JSON: '{}'", str, e);
            return null;
        }
    }

    private CacheConfiguration convertToCacheConfiguration(String str) {
        try {
            CacheConfiguration cacheConfiguration = (CacheConfiguration) this.jsonService.jsonToObject(str, CacheConfiguration.class);
            RedisConfiguration redisConfiguration = cacheConfiguration.getRedisConfiguration();
            processPasswordProperty(redisConfiguration, "password");
            cacheConfiguration.setRedisConfiguration(redisConfiguration);
            return cacheConfiguration;
        } catch (Exception e) {
            this.log.error("Failed to prepare CacheConfiguration from JSON: '{}'", str, e);
            return null;
        }
    }

    private DocumentStoreConfiguration convertToStoreConfiguration(String str) {
        try {
            DocumentStoreConfiguration documentStoreConfiguration = (DocumentStoreConfiguration) this.jsonService.jsonToObject(str, DocumentStoreConfiguration.class);
            processPasswordProperty(documentStoreConfiguration.getJcaConfiguration(), "password");
            return documentStoreConfiguration;
        } catch (Exception e) {
            this.log.error("Failed to prepare DocumentStoreConfiguration from JSON: '{}'", str, e);
            return null;
        }
    }

    private void processPasswordProperty(Object obj, String str) throws IllegalAccessException, InvocationTargetException, NoSuchMethodException, StringEncrypter.EncryptionException {
        BeanUtils.setProperty(obj, str, this.encryptionService.encrypt(BeanUtils.getProperty(obj, str)));
    }

    private void processPasswordProperty(AppConfiguration appConfiguration, AppConfiguration appConfiguration2, String str) throws IllegalAccessException, InvocationTargetException, NoSuchMethodException, StringEncrypter.EncryptionException {
        String property = BeanUtils.getProperty(appConfiguration2, str);
        if (StringHelper.equals(property, this.HIDDEN_PASSWORD_TEXT)) {
            BeanUtils.setProperty(appConfiguration2, str, BeanUtils.getSimpleProperty(appConfiguration, str));
        } else {
            BeanUtils.setProperty(appConfiguration2, str, this.encryptionService.encrypt(property));
        }
    }

    public String getOxTrustConfigJson() {
        return this.oxTrustConfigJson;
    }

    public void setOxTrustConfigJson(String str) {
        this.oxTrustConfigJson = str;
    }

    public String getOxTrustImportPersonConfigJson() {
        return this.oxTrustImportPersonConfigJson;
    }

    public void setOxTrustImportPersonConfigJson(String str) {
        this.oxTrustImportPersonConfigJson = str;
    }

    public String getOxAuthDynamicConfigJson() {
        return this.oxAuthDynamicConfigJson;
    }

    public void setOxAuthDynamicConfigJson(String str) {
        this.oxAuthDynamicConfigJson = str;
    }

    public String getFido2ConfigJson() {
        return this.fido2ConfigJson;
    }

    public void setFido2ConfigJson(String str) {
        this.fido2ConfigJson = str;
    }

    public String getCacheConfigurationJson() {
        return this.cacheConfigurationJson;
    }

    public void setCacheConfigurationJson(String str) {
        this.cacheConfigurationJson = str;
    }

    public String getStoreConfigurationJson() {
        return this.storeConfigurationJson;
    }

    public void setStoreConfigurationJson(String str) {
        this.storeConfigurationJson = str;
    }
}
