package org.gluu.oxtrust.service;

import com.unboundid.ldap.sdk.schema.AttributeTypeDefinition;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Serializable;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.xml.parsers.FactoryConfigurationError;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.validation.Schema;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.io.LineIterator;
import org.apache.commons.lang3.StringUtils;
import org.apache.velocity.VelocityContext;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.config.oxtrust.AttributeResolverConfiguration;
import org.gluu.config.oxtrust.NameIdConfig;
import org.gluu.config.oxtrust.ShibbolethCASProtocolConfiguration;
import org.gluu.model.GluuAttribute;
import org.gluu.model.GluuStatus;
import org.gluu.model.GluuUserRole;
import org.gluu.oxtrust.model.GluuMetadataSourceType;
import org.gluu.oxtrust.model.GluuSAMLFederationProposal;
import org.gluu.oxtrust.model.GluuSAMLTrustRelationship;
import org.gluu.oxtrust.model.MetadataFilter;
import org.gluu.oxtrust.model.SamlAcr;
import org.gluu.oxtrust.util.EasyCASSLProtocolSocketFactory;
import org.gluu.persist.PersistenceEntryManager;
import org.gluu.saml.metadata.SAMLMetadataParser;
import org.gluu.service.SchemaService;
import org.gluu.service.XmlService;
import org.gluu.service.config.ConfigurationFactory;
import org.gluu.service.document.store.conf.DocumentStoreType;
import org.gluu.service.document.store.service.DocumentStoreService;
import org.gluu.service.document.store.service.LocalDocumentStoreService;
import org.gluu.util.INumGenerator;
import org.gluu.util.StringHelper;
import org.gluu.util.Util;
import org.gluu.util.exception.InvalidConfigurationException;
import org.gluu.util.io.HTTPFileDownloader;
import org.gluu.util.security.StringEncrypter;
import org.gluu.xml.GluuErrorHandler;
import org.gluu.xml.XMLValidator;
import org.opensaml.saml.common.xml.SAMLSchemaBuilder;
import org.opensaml.xml.parse.XMLParserException;
import org.slf4j.Logger;
import org.w3c.dom.Document;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

@ApplicationScoped
/* loaded from: input_file:org/gluu/oxtrust/service/Shibboleth3ConfService.class */
public class Shibboleth3ConfService implements Serializable {
    private static final long serialVersionUID = 6752452480800274694L;
    private static final String SHIB3_IDP_CONF_FOLDER = "conf";
    private static final String SHIB3_IDP_AUNTHN_FOLDER = "authn";
    public static final String SHIB3_IDP_METADATA_FOLDER = "metadata";
    private static final String SHIB3_IDP_METADATA_PROVIDERS_FILE = "metadata-providers.xml";
    private static final String SHIB3_IDP_ATTRIBUTE_FILTER_FILE = "attribute-filter.xml";
    private static final String SHIB3_IDP_ATTRIBUTE_RESOLVER_FILE = "attribute-resolver.xml";
    private static final String SHIB3_IDP_RELYING_PARTY_FILE = "relying-party.xml";
    private static final String SHIB3_IDP_CAS_PROTOCOL_FILE = "cas-protocol.xml";
    public static final String SHIB3_IDP_IDP_METADATA_FILE = "idp-metadata.xml";
    public static final String SHIB3_IDP_SP_METADATA_FILE = "sp-metadata.xml";
    public static final String SHIB3_SP_ATTRIBUTE_MAP_FILE = "attribute-map.xml";
    public static final String SHIB3_SP_SHIBBOLETH2_FILE = "shibboleth2.xml";
    private static final String SHIB3_SP_READ_ME = "/WEB-INF/resources/doc/README_SP.pdf";
    private static final String SHIB3_SP_READ_ME_WINDOWS = "/WEB-INF/resources/doc/README_SP_windows.pdf";
    private static final String SHIB3_SAML_NAMEID_FILE = "saml-nameid.xml";
    private static final String SHIB3_SAML_NAMEID_PROPS_FILE = "saml-nameid.properties";
    private static final String SHIB3_SP_METADATA_FILE_PATTERN = "%s-sp-metadata.xml";
    public static final String PUBLIC_CERTIFICATE_START_LINE = "-----BEGIN CERTIFICATE-----";
    public static final String PUBLIC_CERTIFICATE_END_LINE = "-----END CERTIFICATE-----";
    public static final String SHIB3_IDP_PROPERTIES_FILE = "idp.properties";
    private static final String SHIB3_IDP_LOGIN_CONFIG_FILE = "login.config";
    private static final String SHIB3_METADATA_FILE_PATTERN = "%s-metadata.xml";
    public static final String SHIB3_IDP_TEMPMETADATA_FOLDER = "temp_metadata";
    public static final String SHIB3_IDP_SP_KEY_FILE = "spkey.key";
    public static final String SHIB3_IDP_SP_CERT_FILE = "spcert.crt";
    public static final String GLUU_SAML_OXAUTH_SUPPORTED_PRINCIPALS_FILE = "oxauth-supported-principals.xml";
    Charset UTF_8 = Charset.forName("utf-8");

    @Inject
    private AttributeService attributeService;

    @Inject
    private TemplateService templateService;

    @Inject
    private Logger log;

    @Inject
    private FilterService filterService;

    @Inject
    private ConfigurationService configurationService;

    @Inject
    private ConfigurationFactory<?> configurationFactory;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private EncryptionService encryptionService;

    @Inject
    private XmlService xmlService;

    @Inject
    private ProfileConfigurationService profileConfigurationService;

    @Inject
    private CASService casService;

    @Inject
    private SchemaService shemaService;

    @Inject
    private TrustService trustService;

    @Inject
    private PersistenceEntryManager persistenceEntryManager;

    @Inject
    private PersonService personService;

    @Inject
    private SAMLMetadataParser samlMetadataParser;

    @Inject
    private DocumentStoreService documentStoreService;

    @Inject
    private LocalDocumentStoreService localDocumentStoreService;
    private Schema samlSchema;

    @PostConstruct
    public void create() {
        try {
            this.samlSchema = new SAMLSchemaBuilder(SAMLSchemaBuilder.SAML1Version.SAML_11).getSAMLSchema();
        } catch (SAXException e) {
            this.log.error("Failed to load SAML schema", e);
        }
    }

    public boolean generateConfigurationFiles(SamlAcr[] samlAcrArr) {
        this.log.info(">>>>>>>>>> IN generateConfigurationFiles(SamlAcr[] acrs)...");
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpConfAuthnDir = getIdpConfAuthnDir();
        ArrayList arrayList = new ArrayList();
        for (SamlAcr samlAcr : samlAcrArr) {
            arrayList.add(samlAcr.getClassRef());
        }
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("acrs", arrayList);
        boolean writeConfFile = writeConfFile(idpConfAuthnDir + GLUU_SAML_OXAUTH_SUPPORTED_PRINCIPALS_FILE, generateConfFile(GLUU_SAML_OXAUTH_SUPPORTED_PRINCIPALS_FILE, velocityContext));
        this.log.info(">>>>>>>>>> LEAVING generateConfigurationFiles(SamlAcr[] acrs)...");
        return writeConfFile;
    }

    public boolean generateConfigurationFiles(List<GluuSAMLTrustRelationship> list) {
        this.log.info(">>>>>>>>>> IN Shibboleth3ConfService.generateConfigurationFiles()...");
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpConfDir = getIdpConfDir();
        String idpMetadataDir = getIdpMetadataDir();
        initAttributes(list);
        HashMap<String, Object> initTrustParamMap = initTrustParamMap(list);
        HashMap<String, Object> initAttributeParamMap = initAttributeParamMap(list);
        HashMap<String, Object> initCASParamMap = initCASParamMap();
        HashMap<String, Object> initAttributeResolverParamMap = initAttributeResolverParamMap();
        Iterator<String> it = initAttributeParamMap.keySet().iterator();
        while (it.hasNext()) {
            initAttributeResolverParamMap.remove(it.next());
        }
        boolean z = (initTrustParamMap == null || initAttributeParamMap == null || initCASParamMap == null || initAttributeResolverParamMap == null) ? false : true;
        if (!z) {
            this.log.error(">>>>>>>>>> Shibboleth3ConfService.generateConfigurationFiles() - params preparation failed, break files generation");
            return z;
        }
        VelocityContext prepareVelocityContext = prepareVelocityContext(initTrustParamMap, initAttributeParamMap, initCASParamMap, initAttributeResolverParamMap, idpMetadataDir);
        String generateConfFile = generateConfFile(SHIB3_IDP_METADATA_PROVIDERS_FILE, prepareVelocityContext);
        String generateConfFile2 = generateConfFile(SHIB3_IDP_ATTRIBUTE_RESOLVER_FILE, prepareVelocityContext);
        String generateConfFile3 = generateConfFile(SHIB3_IDP_ATTRIBUTE_FILTER_FILE, prepareVelocityContext);
        String generateConfFile4 = generateConfFile(SHIB3_IDP_RELYING_PARTY_FILE, prepareVelocityContext);
        String generateConfFile5 = generateConfFile(SHIB3_IDP_CAS_PROTOCOL_FILE, prepareVelocityContext);
        String generateConfFile6 = generateConfFile(SHIB3_SP_SHIBBOLETH2_FILE, prepareVelocityContext);
        boolean writeConfFile = ((generateConfFile == null || generateConfFile3 == null || generateConfFile2 == null || generateConfFile4 == null || generateConfFile5 == null || generateConfFile6 == null) ? false : true) & writeConfFile(idpConfDir + SHIB3_IDP_METADATA_PROVIDERS_FILE, generateConfFile) & writeConfFile(idpConfDir + SHIB3_IDP_ATTRIBUTE_RESOLVER_FILE, generateConfFile2) & writeConfFile(idpConfDir + SHIB3_IDP_ATTRIBUTE_FILTER_FILE, generateConfFile3) & writeConfFile(idpConfDir + SHIB3_IDP_RELYING_PARTY_FILE, generateConfFile4) & writeConfFile(idpConfDir + SHIB3_IDP_CAS_PROTOCOL_FILE, generateConfFile5) & writeConfFile(getSpShibboleth3FilePath(), generateConfFile6) & writeConfFile(idpConfDir + SHIB3_SAML_NAMEID_FILE, generateConfFile(SHIB3_SAML_NAMEID_FILE, prepareVelocityContext)) & writeConfFile(idpConfDir + SHIB3_SAML_NAMEID_PROPS_FILE, generateConfFile(SHIB3_SAML_NAMEID_PROPS_FILE, prepareVelocityContext));
        this.log.info(">>>>>>>>>> LEAVING Shibboleth3ConfService.generateConfigurationFiles()...");
        return writeConfFile;
    }

    private void initAttributes(List<GluuSAMLTrustRelationship> list) {
        List<GluuAttribute> allPersonAttributes = this.attributeService.getAllPersonAttributes(GluuUserRole.ADMIN);
        HashMap<String, GluuAttribute> attributeMapByDNs = this.attributeService.getAttributeMapByDNs(allPersonAttributes);
        GluuAttribute attributeByName = this.attributeService.getAttributeByName("uid");
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : list) {
            List releasedAttributes = gluuSAMLTrustRelationship.getReleasedAttributes();
            ArrayList arrayList = new ArrayList();
            if (releasedAttributes != null) {
                arrayList.addAll(releasedAttributes);
            }
            if (attributeByName != null && arrayList.remove(attributeByName.getDn())) {
                arrayList.add(0, attributeByName.getDn());
            }
            gluuSAMLTrustRelationship.setReleasedCustomAttributes(this.attributeService.getCustomAttributesByAttributeDNs(arrayList, attributeMapByDNs));
            this.attributeService.setAttributeMetadata(gluuSAMLTrustRelationship.getReleasedCustomAttributes(), allPersonAttributes);
        }
    }

    private HashMap<String, Object> initTrustParamMap(List<GluuSAMLTrustRelationship> list) {
        this.log.trace("Starting trust parameters map initialization.");
        HashMap<String, Object> hashMap = new HashMap<>();
        ArrayList arrayList = new ArrayList();
        HashMap hashMap2 = new HashMap();
        ArrayList arrayList2 = new ArrayList();
        HashMap hashMap3 = new HashMap();
        HashMap hashMap4 = new HashMap();
        HashMap hashMap5 = new HashMap();
        int i = 1;
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : list) {
            if ((gluuSAMLTrustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.URI) || gluuSAMLTrustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.FILE)) ? false : true) {
                initProfileConfiguration(gluuSAMLTrustRelationship);
                String gluuContainerFederation = gluuSAMLTrustRelationship.getGluuContainerFederation();
                if (hashMap4.get(gluuContainerFederation) == null) {
                    hashMap4.put(gluuContainerFederation, new ArrayList());
                }
                ((List) hashMap4.get(gluuContainerFederation)).add(gluuSAMLTrustRelationship.getEntityId());
                arrayList2.add(gluuSAMLTrustRelationship);
                int i2 = i;
                i++;
                hashMap3.put(gluuSAMLTrustRelationship.getEntityId(), String.valueOf(i2));
            } else {
                int i3 = i;
                i++;
                hashMap2.put(gluuSAMLTrustRelationship.getInum(), String.valueOf(i3));
                List entityIdFromMetadataFile = this.samlMetadataParser.getEntityIdFromMetadataFile(getIdpMetadataDir() + gluuSAMLTrustRelationship.getSpMetaDataFN());
                if (entityIdFromMetadataFile == null) {
                    gluuSAMLTrustRelationship.setStatus(GluuStatus.INACTIVE);
                    this.trustService.updateTrustRelationship(gluuSAMLTrustRelationship);
                } else {
                    hashMap5.put(gluuSAMLTrustRelationship.getInum(), entityIdFromMetadataFile);
                    initProfileConfiguration(gluuSAMLTrustRelationship);
                    if (gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation") != null) {
                        HashMap hashMap6 = new HashMap();
                        hashMap6.put("id", "Trust" + StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()));
                        hashMap6.put("certPath", getIdpMetadataDir() + "credentials" + File.separator + ((MetadataFilter) gluuSAMLTrustRelationship.getMetadataFilters().get("signatureValidation")).getFilterCertFileName());
                        arrayList.add(hashMap6);
                    }
                    if (gluuSAMLTrustRelationship.getGluuSAMLMetaDataFilter() != null) {
                        ArrayList arrayList3 = new ArrayList();
                        String str = null;
                        for (String str2 : gluuSAMLTrustRelationship.getGluuSAMLMetaDataFilter()) {
                            try {
                                if (this.xmlService.getXmlDocument(str2.getBytes()).getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(FilterService.ENTITY_ROLE_WHITE_LIST_TYPE)) {
                                    str = str2;
                                } else {
                                    arrayList3.add(str2);
                                }
                            } catch (Exception e) {
                                this.log.error("GluuSAMLMetaDataFilter contains invalid value.", e);
                                e.printStackTrace();
                            }
                        }
                        if (str != null) {
                            arrayList3.add(str);
                        }
                        gluuSAMLTrustRelationship.setGluuSAMLMetaDataFilter(arrayList3);
                    }
                }
            }
        }
        for (String str3 : hashMap5.keySet()) {
            List list2 = (List) hashMap4.get(str3);
            if (list2 != null) {
                ((List) hashMap5.get(str3)).removeAll(list2);
            }
        }
        hashMap.put("idpCredentialsPath", getIdpMetadataDir() + "credentials" + File.separator);
        hashMap.put("deconstructed", arrayList2);
        hashMap.put("deconstructedIds", hashMap3);
        hashMap.put("trustEngines", arrayList);
        hashMap.put("trusts", list);
        hashMap.put("trustIds", hashMap2);
        hashMap.put("trustEntityIds", hashMap5);
        return hashMap;
    }

    protected void initProfileConfiguration(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) throws FactoryConfigurationError {
        try {
            this.filterService.parseFilters(gluuSAMLTrustRelationship);
            this.profileConfigurationService.parseProfileConfigurations(gluuSAMLTrustRelationship);
        } catch (Exception e) {
            this.log.error("Failed to parse stored metadataFilter configuration for trustRelationship " + gluuSAMLTrustRelationship.getDn(), e);
        }
    }

    private HashMap<String, Object> initAttributeParamMap(List<GluuSAMLTrustRelationship> list) {
        new HashMap();
        HashSet hashSet = new HashSet();
        list.stream().forEach(gluuSAMLTrustRelationship -> {
            gluuSAMLTrustRelationship.getReleasedCustomAttributes().stream().forEach(gluuCustomAttribute -> {
                hashSet.add(gluuCustomAttribute.getMetadata());
            });
        });
        return createAttributeMap(hashSet);
    }

    private HashMap<String, Object> createAttributeMap(Set<GluuAttribute> set) {
        HashMap<String, Object> hashMap = new HashMap<>();
        ArrayList arrayList = new ArrayList();
        Iterator<GluuAttribute> it = set.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getName());
        }
        List attributeTypeDefinitions = this.shemaService.getAttributeTypeDefinitions(this.shemaService.getSchema(), arrayList);
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        for (GluuAttribute gluuAttribute : set) {
            String name = gluuAttribute.getName();
            String saml1Uri = gluuAttribute.getSaml1Uri();
            if (StringHelper.isEmpty(saml1Uri)) {
                Object[] objArr = new Object[2];
                objArr[0] = gluuAttribute.isCustom() || StringHelper.isEmpty(gluuAttribute.getUrn()) || (!StringHelper.isEmpty(gluuAttribute.getUrn()) && gluuAttribute.getUrn().startsWith("urn:gluu:dir:attribute-def:")) ? "gluu" : "mace";
                objArr[1] = name;
                saml1Uri = String.format("urn:%s:dir:attribute-def:%s", objArr);
            }
            hashMap2.put(name, saml1Uri);
            String saml2Uri = gluuAttribute.getSaml2Uri();
            if (StringHelper.isEmpty(saml2Uri)) {
                AttributeTypeDefinition attributeTypeDefinition = this.shemaService.getAttributeTypeDefinition(attributeTypeDefinitions, name);
                if (attributeTypeDefinition == null) {
                    this.log.error("Failed to get OID for attribute name {}", name);
                    return null;
                }
                saml2Uri = String.format("urn:oid:%s", attributeTypeDefinition.getOID());
            }
            hashMap3.put(name, saml2Uri);
        }
        hashMap.put("attributes", set);
        hashMap.put("attributeSAML1Strings", hashMap2);
        hashMap.put("attributeSAML2Strings", hashMap3);
        return hashMap;
    }

    private HashMap<String, Object> initCASParamMap() {
        HashMap<String, Object> hashMap = new HashMap<>();
        try {
            ShibbolethCASProtocolConfiguration loadCASConfiguration = this.casService.loadCASConfiguration();
            if (loadCASConfiguration != null) {
                this.log.info("add ShibbolethCASProtocolConfiguration parameters");
                hashMap.put("enabled", Boolean.valueOf(loadCASConfiguration.isEnabled()));
                hashMap.put("extended", Boolean.valueOf(loadCASConfiguration.isExtended()));
                hashMap.put("enableToProxyPatterns", Boolean.valueOf(loadCASConfiguration.isEnableToProxyPatterns()));
                hashMap.put("authorizedToProxyPattern", loadCASConfiguration.getAuthorizedToProxyPattern());
                hashMap.put("unauthorizedToProxyPattern", loadCASConfiguration.getAuthorizedToProxyPattern());
            }
        } catch (Exception e) {
            this.log.error("initCASParamMap() exception", e);
        }
        return hashMap;
    }

    public HashMap<String, Object> initAttributeResolverParamMap() {
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet();
        AttributeResolverConfiguration attributeResolverConfiguration = this.configurationFactory.getAttributeResolverConfiguration();
        if (attributeResolverConfiguration != null && attributeResolverConfiguration.getNameIdConfigs() != null) {
            for (NameIdConfig nameIdConfig : attributeResolverConfiguration.getNameIdConfigs()) {
                if (StringHelper.isNotEmpty(nameIdConfig.getSourceAttribute()) && nameIdConfig.isEnabled()) {
                    GluuAttribute attributeByName = this.attributeService.getAttributeByName(nameIdConfig.getSourceAttribute());
                    arrayList.add(nameIdConfig);
                    hashSet.add(attributeByName);
                }
            }
        }
        HashMap<String, Object> createAttributeMap = createAttributeMap(hashSet);
        createAttributeMap.put("configs", arrayList);
        createAttributeMap.put("attributes", hashSet);
        String persistenceType = this.persistenceEntryManager.getPersistenceType(this.personService.getDnForPerson(null));
        this.log.debug(">>>>>>>>>> Shibboleth3ConfService.initAttributeResolverParamMap() - Persistance type: '{}'", persistenceType);
        createAttributeMap.put("persistenceType", persistenceType);
        return createAttributeMap;
    }

    private VelocityContext prepareVelocityContext(HashMap<String, Object> hashMap, HashMap<String, Object> hashMap2, HashMap<String, Object> hashMap3, HashMap<String, Object> hashMap4, String str) {
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("StringHelper", StringHelper.class);
        velocityContext.put(ConfigurationFactory.SALT_FILE_NAME, this.configurationFactory.getCryptoConfigurationSalt());
        velocityContext.put("trustParams", hashMap);
        velocityContext.put("attrParams", hashMap2);
        velocityContext.put("casParams", hashMap3);
        velocityContext.put("resovlerParams", hashMap4);
        velocityContext.put("medataFolder", str);
        velocityContext.put("orgInum", StringHelper.removePunctuation("gluu"));
        velocityContext.put("orgSupportEmail", this.appConfiguration.getOrgSupportEmail());
        String idpUrl = this.appConfiguration.getIdpUrl();
        velocityContext.put("idpUrl", idpUrl);
        velocityContext.put("idpHost", idpUrl.replaceAll(":[0-9]*$", ""));
        String applicationUrl = this.appConfiguration.getApplicationUrl();
        velocityContext.put("spUrl", applicationUrl);
        velocityContext.put("spHost", applicationUrl.replaceAll(":[0-9]*$", "").replaceAll("^.*?//", ""));
        GluuSAMLTrustRelationship relationshipByInum = this.trustService.getRelationshipByInum(this.configurationService.getConfiguration().getGluuSPTR());
        if (relationshipByInum == null) {
            relationshipByInum = new GluuSAMLTrustRelationship();
        }
        velocityContext.put("gluuSPEntityId", relationshipByInum.getEntityId());
        String[] split = this.appConfiguration.getIdpLdapServer().split("\\s*(=>|,|\\s)\\s*");
        String str2 = "";
        if (split != null) {
            for (String str3 : split) {
                if (str2.length() > 1) {
                    str2 = str2 + " ";
                }
                str2 = str2 + this.appConfiguration.getIdpLdapProtocol() + "://" + str3;
            }
        } else {
            str2 = this.appConfiguration.getIdpLdapProtocol() + "://" + this.appConfiguration.getIdpLdapServer();
        }
        velocityContext.put("ldapUrl", str2);
        velocityContext.put("bindDN", this.appConfiguration.getIdpBindDn());
        try {
            velocityContext.put("ldapPass", this.encryptionService.decrypt(this.appConfiguration.getIdpBindPassword()));
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Failed to decrypt bindPassword", e);
            e.printStackTrace();
        }
        velocityContext.put("securityKey", this.appConfiguration.getIdpSecurityKey());
        velocityContext.put("securityCert", this.appConfiguration.getIdpSecurityCert());
        try {
            velocityContext.put("securityKeyPassword", this.encryptionService.decrypt(this.appConfiguration.getIdpSecurityKeyPassword()));
        } catch (StringEncrypter.EncryptionException e2) {
            this.log.error("Failed to decrypt idp.securityKeyPassword", e2);
            e2.printStackTrace();
        }
        return velocityContext;
    }

    public String getIdpMetadataFilePath() {
        return getIdpMetadataDir() + SHIB3_IDP_IDP_METADATA_FILE;
    }

    public String getIdpConfAuthnDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_CONF_FOLDER + File.separator + SHIB3_IDP_AUNTHN_FOLDER + File.separator;
    }

    public String getIdpConfDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_CONF_FOLDER + File.separator;
    }

    public String getIdpMetadataDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_METADATA_FOLDER + File.separator;
    }

    public String getIdpMetadataTempDir() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_TEMPMETADATA_FOLDER + File.separator;
    }

    public String getSpMetadataFilePath(String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to return SP meta-data file due to undefined IDP root folder");
        }
        return getIdpMetadataDir() + str;
    }

    public String getSpNewMetadataFileName(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return getSpNewMetadataFileName(gluuSAMLTrustRelationship.getInum());
    }

    public String getSpNewMetadataFileName(String str) {
        return String.format(SHIB3_SP_METADATA_FILE_PATTERN, StringHelper.removePunctuation(str));
    }

    public String saveSpMetadataFile(String str, byte[] bArr) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            Throwable th = null;
            try {
                String saveSpMetadataFile = saveSpMetadataFile(str, byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
                return saveSpMetadataFile;
            } finally {
            }
        } catch (IOException e) {
            throw new InvalidConfigurationException(e);
        }
    }

    public String saveSpMetadataFile(String str, InputStream inputStream) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to save SP meta-data file due to undefined IDP root folder");
        }
        String idpMetadataTempDir = getIdpMetadataTempDir();
        String tempMetadataFilename = getTempMetadataFilename(idpMetadataTempDir, str);
        String str2 = idpMetadataTempDir + tempMetadataFilename;
        try {
            try {
                if (this.documentStoreService.saveDocumentStream(str2, inputStream)) {
                    IOUtils.closeQuietly(inputStream);
                    return tempMetadataFilename;
                }
                IOUtils.closeQuietly(inputStream);
                return null;
            } catch (Exception e) {
                this.log.error("Failed to write SP meta-data file '{}'", str2, e);
                IOUtils.closeQuietly(inputStream);
                return null;
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    private String getTempMetadataFilename(String str, String str2) {
        String str3;
        synchronized (getClass()) {
            do {
                str3 = str2 + INumGenerator.generate(2);
            } while (this.documentStoreService.hasDocument(str + str3));
        }
        return str3;
    }

    public String saveSpMetadataFile(String str, String str2) {
        if (StringHelper.isEmpty(str)) {
            return null;
        }
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to save SP meta-data file due to undefined IDP root folder");
        }
        HTTPFileDownloader.setEasyhttps(new Protocol("https", new EasyCASSLProtocolSocketFactory(), 443));
        String resource = HTTPFileDownloader.getResource(str, "application/xml, text/xml", (String) null, (String) null);
        if (StringHelper.isEmpty(resource)) {
            return null;
        }
        String idpMetadataTempDir = getIdpMetadataTempDir();
        String tempMetadataFilename = getTempMetadataFilename(idpMetadataTempDir, str2);
        String str3 = idpMetadataTempDir + tempMetadataFilename;
        try {
            if (this.documentStoreService.saveDocument(str3, resource, this.UTF_8)) {
                return tempMetadataFilename;
            }
            return null;
        } catch (Exception e) {
            this.log.error("Failed to write SP meta-data file '{}'", str3, e);
            return null;
        }
    }

    public String generateSpAttributeMapFile(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        List<GluuSAMLTrustRelationship> asList = Arrays.asList(gluuSAMLTrustRelationship);
        initAttributes(asList);
        HashMap<String, Object> initAttributeParamMap = initAttributeParamMap(asList);
        if (initAttributeParamMap == null) {
            return null;
        }
        return generateConfFile(SHIB3_SP_ATTRIBUTE_MAP_FILE, prepareVelocityContext(null, initAttributeParamMap, null, null, null));
    }

    public boolean generateSpMetadataFile(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to generate SP meta-data file due to undefined IDP root folder");
        }
        String idpMetadataDir = getIdpMetadataDir();
        String generateSpMetadataFileContent = generateSpMetadataFileContent(gluuSAMLTrustRelationship, str);
        if (StringHelper.isEmpty(generateSpMetadataFileContent)) {
            return false;
        }
        if (!StringHelper.isEmpty(gluuSAMLTrustRelationship.getUrl())) {
            return writeConfFile(idpMetadataDir + gluuSAMLTrustRelationship.getSpMetaDataFN(), generateSpMetadataFileContent);
        }
        this.log.error("Trust relationship URL is empty");
        return false;
    }

    public String generateSpMetadataFileContent(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) {
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("certificate", str);
        velocityContext.put("trustRelationship", gluuSAMLTrustRelationship);
        velocityContext.put("entityId", Util.encodeString(StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum())));
        velocityContext.put("spHost", gluuSAMLTrustRelationship.getUrl().replaceFirst("/$", ""));
        return generateConfFile(SHIB3_IDP_SP_METADATA_FILE, velocityContext);
    }

    public void removeSpMetadataFile(String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to remove SP meta-data file due to undefined IDP root folder");
        }
        String str2 = getIdpMetadataDir() + str;
        try {
            this.documentStoreService.removeDocument(str2);
        } catch (Exception e) {
            this.log.error("Failed to remove {}", str2, e);
        }
    }

    public boolean isCorrectSpMetadataFile(String str) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to check SP meta-data file due to undefined IDP root folder");
        }
        List spEntityIdFromMetadataFile = this.samlMetadataParser.getSpEntityIdFromMetadataFile(getIdpMetadataDir() + str);
        return (spEntityIdFromMetadataFile == null || spEntityIdFromMetadataFile.isEmpty()) ? false : true;
    }

    public String getSpAttributeMapFilePath() {
        return this.appConfiguration.getShibboleth3SpConfDir() + File.separator + SHIB3_SP_ATTRIBUTE_MAP_FILE;
    }

    public String getSpShibboleth3FilePath() {
        return this.appConfiguration.getShibboleth3SpConfDir() + File.separator + SHIB3_SP_SHIBBOLETH2_FILE;
    }

    public String getSpReadMeResourceName() {
        return SHIB3_SP_READ_ME;
    }

    public String getSpReadMeWindowsResourceName() {
        return SHIB3_SP_READ_ME_WINDOWS;
    }

    public String getPublicCertificate(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            Throwable th = null;
            try {
                String publicCertificate = getPublicCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
                return publicCertificate;
            } finally {
            }
        } catch (IOException e) {
            return null;
        }
    }

    public String getPublicCertificate(InputStream inputStream) {
        List<String> list = null;
        try {
            list = IOUtils.readLines(new InputStreamReader(inputStream, "US-ASCII"));
        } catch (IOException e) {
            this.log.error("Failed to read public key file", e);
            e.printStackTrace();
        }
        StringBuilder sb = new StringBuilder();
        boolean z = false;
        for (String str : list) {
            if (str.startsWith(PUBLIC_CERTIFICATE_END_LINE)) {
                break;
            }
            if (z) {
                if (sb.length() > 0) {
                    sb.append("\n");
                }
                sb.append(str);
            }
            if (str.startsWith(PUBLIC_CERTIFICATE_START_LINE)) {
                z = true;
            }
        }
        if (sb.length() == 0) {
            return null;
        }
        return sb.toString();
    }

    /* JADX WARN: Failed to calculate best type for var: r10v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r10v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r9v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r9v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 10, insn: 0x00e3: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r10 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:75:0x00e3 */
    /* JADX WARN: Not initialized variable reg: 9, insn: 0x00de: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r9 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:73:0x00de */
    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r9v0, types: [java.io.InputStream] */
    public boolean isFederationMetadata(String str) {
        InputStream readDocumentAsStream;
        Throwable th;
        InputStreamReader inputStreamReader;
        Throwable th2;
        if (str == null) {
            return false;
        }
        String spMetadataFilePath = getSpMetadataFilePath(str);
        Document document = null;
        try {
            try {
                readDocumentAsStream = this.documentStoreService.readDocumentAsStream(spMetadataFilePath);
                th = null;
                inputStreamReader = new InputStreamReader(readDocumentAsStream, "UTF-8");
                th2 = null;
            } catch (IOException e) {
                this.log.error("Failed to read metadata file '{}'", spMetadataFilePath, e);
                e.printStackTrace();
            }
            try {
                try {
                    try {
                        document = this.xmlService.getXmlDocument(new InputSource(inputStreamReader));
                    } catch (Exception e2) {
                        this.log.error("Failed to parse metadata file '{}'", spMetadataFilePath, e2);
                        e2.printStackTrace();
                    }
                    if (inputStreamReader != null) {
                        if (0 != 0) {
                            try {
                                inputStreamReader.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            inputStreamReader.close();
                        }
                    }
                    if (readDocumentAsStream != null) {
                        if (0 != 0) {
                            try {
                                readDocumentAsStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            readDocumentAsStream.close();
                        }
                    }
                    if (document == null) {
                        return false;
                    }
                    String str2 = null;
                    try {
                        str2 = XPathFactory.newInstance().newXPath().compile("count(//*[local-name() = 'EntitiesDescriptor'])").evaluate(document);
                    } catch (XPathExpressionException e3) {
                        this.log.error("Failed to find IDP metadata file in relaying party file '{}'", spMetadataFilePath, e3);
                        e3.printStackTrace();
                    }
                    return Integer.parseInt(str2) > 0;
                } catch (Throwable th5) {
                    th2 = th5;
                    throw th5;
                }
            } catch (Throwable th6) {
                if (inputStreamReader != null) {
                    if (th2 != null) {
                        try {
                            inputStreamReader.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        inputStreamReader.close();
                    }
                }
                throw th6;
            }
        } finally {
        }
    }

    public boolean isFederationMetadataImprove(String str) {
        boolean z = false;
        if (str == null) {
            return false;
        }
        try {
            LineIterator lineIterator = FileUtils.lineIterator(new File(getSpMetadataFilePath(str)), "UTF-8");
            Throwable th = null;
            while (true) {
                try {
                    try {
                        if (!lineIterator.hasNext()) {
                            break;
                        }
                        if (lineIterator.nextLine().contains("<EntitiesDescriptor")) {
                            z = true;
                            break;
                        }
                    } finally {
                    }
                } finally {
                }
            }
            if (lineIterator != null) {
                if (0 != 0) {
                    try {
                        lineIterator.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    lineIterator.close();
                }
            }
        } catch (IOException e) {
            this.log.error(" Error accessing metadata file", e);
        }
        return z;
    }

    public boolean generateIdpConfigurationFiles() {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpConfDir = getIdpConfDir();
        VelocityContext velocityContext = new VelocityContext();
        String[] split = this.appConfiguration.getIdpLdapServer().split("\\s*(=>|,|\\s)\\s*");
        String str = "";
        if (split != null) {
            for (String str2 : split) {
                if (str.length() > 1) {
                    str = str + " ";
                }
                str = str + this.appConfiguration.getIdpLdapProtocol() + "://" + str2;
            }
        } else {
            str = this.appConfiguration.getIdpLdapProtocol() + "://" + this.appConfiguration.getIdpLdapServer();
        }
        String str3 = str;
        String baseDN = this.appConfiguration.getBaseDN();
        String idpBindDn = this.appConfiguration.getIdpBindDn();
        String str4 = "";
        try {
            str4 = this.encryptionService.decrypt(this.appConfiguration.getIdpBindPassword());
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Failed to decrypt bindPassword", e);
            e.printStackTrace();
        }
        String idpUserFields = this.appConfiguration.getIdpUserFields();
        velocityContext.put("host", str3);
        velocityContext.put("base", baseDN);
        velocityContext.put("serviceUser", idpBindDn);
        velocityContext.put("serviceCredential", str4);
        velocityContext.put("userField", idpUserFields);
        String generateConfFile = generateConfFile(SHIB3_IDP_LOGIN_CONFIG_FILE, velocityContext);
        return (generateConfFile != null) & writeConfFile(idpConfDir + SHIB3_IDP_LOGIN_CONFIG_FILE, generateConfFile);
    }

    public boolean isCorrectMetadataFile(GluuSAMLFederationProposal gluuSAMLFederationProposal) {
        String spMetaDataFN = gluuSAMLFederationProposal.getSpMetaDataFN();
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to check meta-data file due to undefined federation root folder");
        }
        List entityIdFromMetadataFile = this.samlMetadataParser.getEntityIdFromMetadataFile(getIdpMetadataDir() + spMetaDataFN);
        return (entityIdFromMetadataFile == null || entityIdFromMetadataFile.isEmpty()) ? false : true;
    }

    public boolean removeMetadataFile(String str) {
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to remove meta-data file due to undefined federation root folder");
        }
        String str2 = getIdpMetadataDir() + str;
        try {
            return this.documentStoreService.removeDocument(str2);
        } catch (Exception e) {
            this.log.error("Failed to remove {}", str2, e);
            return false;
        }
    }

    public String getMetadataFilePath(String str) {
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to return meta-data file due to undefined federation root folder");
        }
        return getIdpMetadataDir() + str;
    }

    public String getNewMetadataFileName(GluuSAMLFederationProposal gluuSAMLFederationProposal, List<GluuSAMLFederationProposal> list) {
        return String.format(SHIB3_METADATA_FILE_PATTERN, StringHelper.removePunctuation(gluuSAMLFederationProposal.getInum()));
    }

    public boolean saveMetadataFile(String str, InputStream inputStream) {
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to save meta-data file due to undefined federation root folder");
        }
        String str2 = getIdpMetadataDir() + str;
        try {
            try {
                boolean saveDocumentStream = this.documentStoreService.saveDocumentStream(str2, inputStream);
                IOUtils.closeQuietly(inputStream);
                return saveDocumentStream;
            } catch (Exception e) {
                this.log.error("Failed to write meta-data file '{}'", str2, e);
                IOUtils.closeQuietly(inputStream);
                return false;
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    public boolean saveMetadataFile(String str, String str2) {
        if (StringHelper.isEmpty(str)) {
            return false;
        }
        if (this.appConfiguration.getShibboleth3FederationRootDir() == null) {
            throw new InvalidConfigurationException("Failed to save meta-data file due to undefined federation root folder");
        }
        HTTPFileDownloader.setEasyhttps(new Protocol("https", new EasyCASSLProtocolSocketFactory(), 443));
        String resource = HTTPFileDownloader.getResource(str, "application/xml, text/xml", (String) null, (String) null);
        if (StringHelper.isEmpty(resource)) {
            return false;
        }
        String str3 = getIdpMetadataDir() + str2;
        try {
            return this.documentStoreService.saveDocument(str3, resource, this.UTF_8);
        } catch (Exception e) {
            this.log.error("Failed to write meta-data file '{}'", str3, e);
            return false;
        }
    }

    public boolean generateMetadataFiles() {
        InputStream readDocumentAsStream;
        this.log.info(">>>>>>>>>> IN Shibboleth3ConfService.generateMetadataFiles()...");
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
        }
        String idpMetadataDir = getIdpMetadataDir();
        VelocityContext velocityContext = new VelocityContext();
        String idpUrl = this.appConfiguration.getIdpUrl();
        velocityContext.put("idpHost", idpUrl);
        velocityContext.put("domain", idpUrl.replaceAll(":[0-9]*$", "").replaceAll("^.*?//", ""));
        velocityContext.put("orgName", this.appConfiguration.getOrganizationName());
        velocityContext.put("orgShortName", this.appConfiguration.getOrganizationName());
        try {
            String idp3SigningCert = this.appConfiguration.getIdp3SigningCert();
            if (DocumentStoreType.LOCAL != this.documentStoreService.getProviderType() && !this.documentStoreService.hasDocument(idp3SigningCert)) {
                readDocumentAsStream = this.localDocumentStoreService.readDocumentAsStream(idp3SigningCert);
                Throwable th = null;
                try {
                    try {
                        this.documentStoreService.saveDocumentStream(idp3SigningCert, readDocumentAsStream);
                        if (readDocumentAsStream != null) {
                            if (0 != 0) {
                                try {
                                    readDocumentAsStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                readDocumentAsStream.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            }
            velocityContext.put("idpSigningCertificate", this.documentStoreService.readDocument(idp3SigningCert, this.UTF_8).replaceAll("-{5}.*?-{5}", ""));
            try {
                String idp3EncryptionCert = this.appConfiguration.getIdp3EncryptionCert();
                if (DocumentStoreType.LOCAL != this.documentStoreService.getProviderType() && !this.documentStoreService.hasDocument(idp3EncryptionCert)) {
                    readDocumentAsStream = this.localDocumentStoreService.readDocumentAsStream(idp3EncryptionCert);
                    Throwable th3 = null;
                    try {
                        try {
                            this.documentStoreService.saveDocumentStream(idp3EncryptionCert, readDocumentAsStream);
                            if (readDocumentAsStream != null) {
                                if (0 != 0) {
                                    try {
                                        readDocumentAsStream.close();
                                    } catch (Throwable th4) {
                                        th3.addSuppressed(th4);
                                    }
                                } else {
                                    readDocumentAsStream.close();
                                }
                            }
                        } finally {
                        }
                    } finally {
                        if (readDocumentAsStream != null) {
                            if (th3 != null) {
                                try {
                                    readDocumentAsStream.close();
                                } catch (Throwable th5) {
                                    th3.addSuppressed(th5);
                                }
                            } else {
                                readDocumentAsStream.close();
                            }
                        }
                    }
                }
                velocityContext.put("idpEncryptionCertificate", this.documentStoreService.readDocument(idp3EncryptionCert, this.UTF_8).replaceAll("-{5}.*?-{5}", ""));
                String generateConfFile = generateConfFile(SHIB3_IDP_IDP_METADATA_FILE, velocityContext);
                boolean writeConfFile = (generateConfFile != null) & writeConfFile(idpMetadataDir + SHIB3_IDP_IDP_METADATA_FILE, generateConfFile);
                this.log.info(">>>>>>>>>> LEAVING Shibboleth3ConfService.generateMetadataFiles()...");
                return writeConfFile;
            } catch (Exception e) {
                this.log.error("Unable to get IDP 3 encryption certificate from " + this.appConfiguration.getIdp3EncryptionCert(), e);
                return false;
            }
        } catch (Exception e2) {
            this.log.error("Unable to get IDP 3 signing certificate from " + this.appConfiguration.getIdp3SigningCert(), e2);
            return false;
        }
    }

    public GluuErrorHandler validateMetadata(String str) throws ParserConfigurationException, SAXException, IOException, XMLParserException {
        if (this.samlSchema == null) {
            ArrayList arrayList = new ArrayList();
            arrayList.add("Error of schema creating");
            arrayList.add("Failed to load SAML schema");
            return new GluuErrorHandler(false, true, arrayList);
        }
        InputStream readDocumentAsStream = this.documentStoreService.readDocumentAsStream(str);
        Throwable th = null;
        try {
            try {
                GluuErrorHandler validateMetadata = XMLValidator.validateMetadata(readDocumentAsStream, this.samlSchema);
                if (readDocumentAsStream != null) {
                    if (0 != 0) {
                        try {
                            readDocumentAsStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        readDocumentAsStream.close();
                    }
                }
                return validateMetadata;
            } finally {
            }
        } catch (Throwable th3) {
            if (readDocumentAsStream != null) {
                if (th != null) {
                    try {
                        readDocumentAsStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    readDocumentAsStream.close();
                }
            }
            throw th3;
        }
    }

    public boolean existsResourceUri(String str) {
        try {
            HttpURLConnection.setFollowRedirects(false);
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
            httpURLConnection.setRequestMethod("HEAD");
            return httpURLConnection.getResponseCode() == 200;
        } catch (Exception e) {
            this.log.error("existsResourceUri: {}", str);
            return false;
        }
    }

    public boolean isIdpInstalled() {
        return (this.appConfiguration.getShibbolethVersion() == null || this.appConfiguration.getShibbolethVersion().isEmpty()) ? false : true;
    }

    public boolean isFederation(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return isFederationMetadataImprove(gluuSAMLTrustRelationship.getSpMetaDataFN());
    }

    public String generateConfFile(String str, VelocityContext velocityContext) {
        return this.templateService.generateConfFile(str, velocityContext);
    }

    public boolean writeConfFile(String str, String str2) {
        try {
            return this.documentStoreService.saveDocument(str, str2, this.UTF_8);
        } catch (Exception e) {
            this.log.error("Failed to write IDP configuration file '{}'", str, e);
            return false;
        }
    }

    public void saveCert(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) throws IOException {
        String str2 = (this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + TrustService.GENERATED_SSL_ARTIFACTS_DIR + File.separator) + getSpNewMetadataFileName(gluuSAMLTrustRelationship).replaceFirst("\\.xml$", ".crt");
        String str3 = "-----BEGIN CERTIFICATE-----\n" + str + PUBLIC_CERTIFICATE_END_LINE;
        if (str != null) {
            this.documentStoreService.saveDocument(str2, str3, this.UTF_8);
        } else if (this.documentStoreService.hasDocument(str2)) {
            this.documentStoreService.removeDocument(str2);
        }
    }

    public void saveKey(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str) throws IOException {
        String str2 = (this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + TrustService.GENERATED_SSL_ARTIFACTS_DIR + File.separator) + getSpNewMetadataFileName(gluuSAMLTrustRelationship).replaceFirst("\\.xml$", ".key");
        if (str != null) {
            this.documentStoreService.saveDocument(str2, str, this.UTF_8);
        } else if (this.documentStoreService.hasDocument(str2)) {
            this.documentStoreService.removeDocument(str2);
        }
    }

    public boolean existsSpMetadataFilePath(String str) {
        return this.documentStoreService.hasDocument(str);
    }

    public void replaceSpMetadataCert(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, String str, String str2) throws IOException {
        String spMetadataFilePath = getSpMetadataFilePath(gluuSAMLTrustRelationship.getSpMetaDataFN());
        this.documentStoreService.saveDocument(spMetadataFilePath, this.documentStoreService.readDocument(spMetadataFilePath, this.UTF_8).replaceFirst(str, str2), this.UTF_8);
    }

    public String readSpMetadataFile(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) throws IOException {
        String spMetaDataFN = gluuSAMLTrustRelationship.getSpMetaDataFN();
        if (StringUtils.isEmpty(spMetaDataFN)) {
            return null;
        }
        String spMetadataFilePath = getSpMetadataFilePath(spMetaDataFN);
        if (this.documentStoreService.hasDocument(spMetadataFilePath)) {
            return this.documentStoreService.readDocument(spMetadataFilePath, this.UTF_8);
        }
        return null;
    }

    public InputStream readAsStream(String str) throws IOException {
        if (StringHelper.isEmpty(str)) {
            return null;
        }
        return this.documentStoreService.readDocumentAsStream(str);
    }

    public String getSslDirFN() {
        return this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + TrustService.GENERATED_SSL_ARTIFACTS_DIR + File.separator;
    }

    public String getSpKeyFilePath(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return getSslDirFN() + getSpNewMetadataFileName(gluuSAMLTrustRelationship).replaceFirst("\\.xml$", ".key");
    }

    public String getSpCertFilePath(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return getSslDirFN() + getSpNewMetadataFileName(gluuSAMLTrustRelationship).replaceFirst("\\.xml$", ".crt");
    }

    public boolean renameMetadata(String str, String str2) {
        try {
            return this.documentStoreService.renameDocument(str, str2);
        } catch (Exception e) {
            this.log.error("Failed to rename metadata '{}' to '{}'", new Object[]{str, str2, e});
            return false;
        }
    }

    public String saveProfileConfigurationCert(String str, InputStream inputStream) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            IOUtils.closeQuietly(inputStream);
            throw new InvalidConfigurationException("Failed to save Profile Configuration file due to undefined IDP root folder");
        }
        String str2 = (this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_METADATA_FOLDER + File.separator + "credentials" + File.separator) + str;
        try {
            try {
                if (this.documentStoreService.saveDocumentStream(str2, inputStream)) {
                    IOUtils.closeQuietly(inputStream);
                    return str2;
                }
                IOUtils.closeQuietly(inputStream);
                return null;
            } catch (Exception e) {
                this.log.error("Failed to write  Profile Configuration  certificate file '{}'", str2, e);
                IOUtils.closeQuietly(inputStream);
                return null;
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    public String saveFilterCert(String str, InputStream inputStream) {
        if (this.appConfiguration.getShibboleth3IdpRootDir() == null) {
            IOUtils.closeQuietly(inputStream);
            throw new InvalidConfigurationException("Failed to save filter certificate file due to undefined IDP root folder");
        }
        String str2 = (this.appConfiguration.getShibboleth3IdpRootDir() + File.separator + SHIB3_IDP_METADATA_FOLDER + File.separator + "credentials" + File.separator) + str;
        try {
            try {
                if (this.documentStoreService.saveDocumentStream(str2, inputStream)) {
                    IOUtils.closeQuietly(inputStream);
                    return str2;
                }
                IOUtils.closeQuietly(inputStream);
                return null;
            } catch (Exception e) {
                this.log.error("Failed to write  filter certificate file '{}'", str2, e);
                IOUtils.closeQuietly(inputStream);
                return null;
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }
}
