package org.gluu.oxtrust.service;

import java.io.File;
import java.io.FilenameFilter;
import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.inject.Named;
import javax.xml.parsers.FactoryConfigurationError;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.apache.velocity.VelocityContext;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.oxtrust.config.ConfigurationFactory;
import org.gluu.oxtrust.model.GluuSAMLTrustRelationship;
import org.gluu.oxtrust.model.MetadataFilter;
import org.gluu.service.XmlService;
import org.gluu.util.StringHelper;
import org.gluu.util.io.FileUploadWrapper;
import org.slf4j.Logger;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;

@ApplicationScoped
@Named("filterService")
/* loaded from: input_file:org/gluu/oxtrust/service/FilterService.class */
public class FilterService implements Serializable {
    private static final long serialVersionUID = -3450258050259083556L;
    public static final String VALIDATION_TYPE = "SchemaValidation";
    public static final Object ENTITY_ROLE_WHITE_LIST_TYPE = "EntityRoleWhiteList";
    public static final Object VALID_UNTIL_REQUIRED_TYPE = "RequiredValidUntil";
    public static final Object SIGNATURE_VALIDATION_TYPE = "SignatureValidation";

    @Inject
    private Logger log;

    @Inject
    private ConfigurationFactory configurationFactory;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private TemplateService templateService;

    @Inject
    private XmlService xmlService;

    @Inject
    private Shibboleth3ConfService shibboleth3ConfService;

    public List<MetadataFilter> getAvailableMetadataFilters() {
        File file = new File(this.configurationFactory.getIDPTemplatesLocation() + "shibboleth3" + File.separator + "idp" + File.separator + "MetadataFilter");
        ArrayList arrayList = new ArrayList();
        if (file.exists() && file.isDirectory()) {
            for (File file2 : file.listFiles(new FilenameFilter() { // from class: org.gluu.oxtrust.service.FilterService.1
                @Override // java.io.FilenameFilter
                public boolean accept(File file3, String str) {
                    return str.endsWith("Filter.xml.vm");
                }
            })) {
                arrayList.add(createMetadataFilter(file2.getName().split("Filter")[0]));
            }
        }
        return arrayList;
    }

    private MetadataFilter createMetadataFilter(String str) {
        MetadataFilter metadataFilter = new MetadataFilter();
        metadataFilter.setName(str);
        metadataFilter.setExtensionSchemas(new ArrayList());
        metadataFilter.setRemoveRolelessEntityDescriptors(true);
        metadataFilter.setRemoveEmptyEntitiesDescriptors(true);
        metadataFilter.setRetainedRoles(new ArrayList());
        metadataFilter.setRequireSignedMetadata(false);
        return metadataFilter;
    }

    public List<MetadataFilter> getMetadataFiltersForTrustRelationship(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return new ArrayList();
    }

    public void updateFilter(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, MetadataFilter metadataFilter) {
        gluuSAMLTrustRelationship.getMetadataFilters().put(metadataFilter.getName(), metadataFilter);
    }

    public boolean isMetadataFilterPresent(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, MetadataFilter metadataFilter) {
        return gluuSAMLTrustRelationship.getMetadataFilters().keySet().contains(metadataFilter.getName());
    }

    public List<MetadataFilter> getFiltersList(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        ArrayList arrayList = new ArrayList();
        Iterator it = gluuSAMLTrustRelationship.getMetadataFilters().keySet().iterator();
        while (it.hasNext()) {
            arrayList.add(gluuSAMLTrustRelationship.getMetadataFilters().get((String) it.next()));
        }
        return arrayList;
    }

    public void removeFilter(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, MetadataFilter metadataFilter) {
        gluuSAMLTrustRelationship.getMetadataFilters().remove(metadataFilter.getName());
    }

    public void saveFilters(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, FileUploadWrapper fileUploadWrapper) {
        VelocityContext velocityContext = new VelocityContext();
        if (gluuSAMLTrustRelationship.getMetadataFilters().get("validation") != null) {
            List extensionSchemas = ((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("validation")).getExtensionSchemas();
            if (extensionSchemas == null || extensionSchemas.isEmpty()) {
                this.log.warn("validation filter on " + gluuSAMLTrustRelationship.getDisplayName() + "is invalid. Removing it.");
                gluuSAMLTrustRelationship.getMetadataFilters().remove("validation");
            } else {
                velocityContext.put("extensionSchemas", extensionSchemas);
            }
        }
        if (gluuSAMLTrustRelationship.getMetadataFilters().get("entityRoleWhiteList") != null) {
            List retainedRoles = ((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("entityRoleWhiteList")).getRetainedRoles();
            if (retainedRoles == null || retainedRoles.isEmpty()) {
                this.log.warn("entityRoleWhiteList filter on " + gluuSAMLTrustRelationship.getDisplayName() + "is invalid. Removing it.");
                gluuSAMLTrustRelationship.getMetadataFilters().remove("entityRoleWhiteList");
            } else {
                velocityContext.put("retainedRoles", retainedRoles);
                velocityContext.put("removeEmptyEntitiesDescriptors", Boolean.valueOf(((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("entityRoleWhiteList")).getRemoveEmptyEntitiesDescriptors()));
                velocityContext.put("removeRolelessEntityDescriptors", Boolean.valueOf(((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("entityRoleWhiteList")).getRemoveRolelessEntityDescriptors()));
            }
        }
        if (gluuSAMLTrustRelationship.getMetadataFilters().get("requiredValidUntil") != null) {
            velocityContext.put("maxValidityInterval", Integer.valueOf(((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("requiredValidUntil")).getMaxValidityInterval()));
        }
        if (gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation") != null) {
            String removePunctuation = StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum());
            if (fileUploadWrapper.getStream() != null) {
                this.shibboleth3ConfService.saveFilterCert(removePunctuation, fileUploadWrapper.getStream());
                ((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation")).setFilterCertFileName(StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()));
            }
            if (StringHelper.isNotEmpty(((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation")).getFilterCertFileName())) {
                boolean requireSignedMetadata = ((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation")).getRequireSignedMetadata();
                velocityContext.put("trustEngine", "shibboleth.FedTrustEngine");
                velocityContext.put("requireSignedMetadata", Boolean.valueOf(requireSignedMetadata));
            } else {
                this.log.warn("signatureValidation filter on " + gluuSAMLTrustRelationship.getDisplayName() + " is invalid. Removing it.");
                gluuSAMLTrustRelationship.getMetadataFilters().remove("signatureValidation");
            }
        }
        gluuSAMLTrustRelationship.setGluuSAMLMetaDataFilter(new ArrayList());
        Iterator it = gluuSAMLTrustRelationship.getMetadataFilters().keySet().iterator();
        while (it.hasNext()) {
            gluuSAMLTrustRelationship.getGluuSAMLMetaDataFilter().add(this.templateService.generateConfFile(((String) it.next()) + "Filter.xml", velocityContext));
        }
    }

    public void parseFilters(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) throws SAXException, IOException, ParserConfigurationException, FactoryConfigurationError, XPathExpressionException {
        if (gluuSAMLTrustRelationship.getGluuSAMLMetaDataFilter() != null) {
            XPath newXPath = XPathFactory.newInstance().newXPath();
            Iterator it = gluuSAMLTrustRelationship.getGluuSAMLMetaDataFilter().iterator();
            while (it.hasNext()) {
                Document xmlDocument = this.xmlService.getXmlDocument(((String) it.next()).getBytes());
                if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(VALIDATION_TYPE)) {
                    MetadataFilter createMetadataFilter = createMetadataFilter("validation");
                    int parseInt = Integer.parseInt(newXPath.compile("count(/MetadataFilter/ExtensionSchema)").evaluate(xmlDocument));
                    for (int i = 1; i <= parseInt; i++) {
                        createMetadataFilter.getExtensionSchemas().add(newXPath.compile("/MetadataFilter/ExtensionSchema[" + i + "]").evaluate(xmlDocument));
                    }
                    gluuSAMLTrustRelationship.getMetadataFilters().put("validation", createMetadataFilter);
                } else if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(ENTITY_ROLE_WHITE_LIST_TYPE)) {
                    MetadataFilter createMetadataFilter2 = createMetadataFilter("entityRoleWhiteList");
                    createMetadataFilter2.setRemoveRolelessEntityDescriptors(Boolean.parseBoolean(xmlDocument.getFirstChild().getAttributes().getNamedItem("removeRolelessEntityDescriptors").getNodeValue()));
                    createMetadataFilter2.setRemoveEmptyEntitiesDescriptors(Boolean.parseBoolean(xmlDocument.getFirstChild().getAttributes().getNamedItem("removeEmptyEntitiesDescriptors").getNodeValue()));
                    int parseInt2 = Integer.parseInt(newXPath.compile("count(/MetadataFilter/RetainedRole)").evaluate(xmlDocument));
                    for (int i2 = 1; i2 <= parseInt2; i2++) {
                        createMetadataFilter2.getRetainedRoles().add(newXPath.compile("/MetadataFilter/RetainedRole[" + i2 + "]").evaluate(xmlDocument));
                    }
                    gluuSAMLTrustRelationship.getMetadataFilters().put("entityRoleWhiteList", createMetadataFilter2);
                } else if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(VALID_UNTIL_REQUIRED_TYPE)) {
                    MetadataFilter createMetadataFilter3 = createMetadataFilter("requiredValidUntil");
                    createMetadataFilter3.setMaxValidityInterval(Integer.parseInt(xmlDocument.getFirstChild().getAttributes().getNamedItem("maxValidityInterval").getNodeValue()));
                    gluuSAMLTrustRelationship.getMetadataFilters().put("requiredValidUntil", createMetadataFilter3);
                } else if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(SIGNATURE_VALIDATION_TYPE)) {
                    MetadataFilter createMetadataFilter4 = createMetadataFilter("signatureValidation");
                    createMetadataFilter4.setFilterCertFileName(StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()));
                    gluuSAMLTrustRelationship.getMetadataFilters().put("signatureValidation", createMetadataFilter4);
                }
            }
        }
    }
}
