package org.xdi.oxauth.service;

import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang.StringUtils;
import org.gluu.site.ldap.persistence.AttributeData;
import org.gluu.site.ldap.persistence.AttributeDataModification;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.AutoCreate;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Observer;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.async.Asynchronous;
import org.jboss.seam.async.TimerSchedule;
import org.jboss.seam.core.Events;
import org.jboss.seam.log.Log;
import org.xdi.oxauth.client.FederationMetadataClient;
import org.xdi.oxauth.client.FederationMetadataResponse;
import org.xdi.oxauth.model.config.ConfigurationFactory;
import org.xdi.oxauth.model.federation.FederationMetadata;
import org.xdi.oxauth.model.federation.FederationTrust;
import org.xdi.oxauth.model.federation.FederationTrustStatus;
import org.xdi.oxauth.model.util.Pair;

@Name("federationCheckTimer")
@AutoCreate
@Scope(ScopeType.APPLICATION)
/* loaded from: input_file:org/xdi/oxauth/service/FederationCheckTimer.class */
public class FederationCheckTimer {
    private static final String EVENT_TYPE = "FederationCheckTimerEvent";
    private static final long DEFAULT_INTERVAL = TimeUnit.HOURS.toMillis(24);

    @Logger
    private Log log;

    @In
    private LdapEntryManager ldapEntryManager;

    @Observer({"org.jboss.seam.postInitialization"})
    public void init() {
        if (ConfigurationFactory.getConfiguration().getFederationEnabled().booleanValue()) {
            this.log.trace("Initializing FederationCheckTimer...", new Object[0]);
            long federationCheckInterval = ConfigurationFactory.getConfiguration().getFederationCheckInterval();
            if (federationCheckInterval <= 0) {
                federationCheckInterval = DEFAULT_INTERVAL;
            }
            long j = federationCheckInterval * 1000;
            Events.instance().raiseTimedEvent(EVENT_TYPE, new TimerSchedule(Long.valueOf(j), Long.valueOf(j)), new Object[0]);
            this.log.trace("FederationCheckTimer initialized", new Object[0]);
        }
    }

    @Observer({EVENT_TYPE})
    @Asynchronous
    public void process() {
        this.log.trace("Federation Trust clean up started...", new Object[0]);
        cleanUpTrusts();
        this.log.trace("Federation Trust clean up finished.", new Object[0]);
    }

    public void cleanUpTrusts() {
        try {
            Map<Pair<String, String>, List<FederationTrust>> groupByMetadata = groupByMetadata(this.ldapEntryManager.findEntries(ConfigurationFactory.getBaseDn().getFederationTrust(), FederationTrust.class, Filter.create("inum=*")));
            if (!groupByMetadata.isEmpty()) {
                Iterator<Map.Entry<Pair<String, String>, List<FederationTrust>>> it = groupByMetadata.entrySet().iterator();
                while (it.hasNext()) {
                    cleanUpByMetadata(it.next());
                }
            }
        } catch (LDAPException e) {
            this.log.trace(e.getMessage(), e, new Object[0]);
        } catch (Exception e2) {
            this.log.trace(e2.getMessage(), e2, new Object[0]);
        }
    }

    private static Map<Pair<String, String>, List<FederationTrust>> groupByMetadata(List<FederationTrust> list) {
        HashMap hashMap = new HashMap();
        if (list != null && !list.isEmpty()) {
            for (FederationTrust federationTrust : list) {
                Pair pair = new Pair(federationTrust.getFederationMetadataUri(), federationTrust.getFederationId());
                List list2 = (List) hashMap.get(pair);
                if (list2 == null) {
                    hashMap.put(pair, new ArrayList(Arrays.asList(federationTrust)));
                } else {
                    list2.add(federationTrust);
                }
            }
        }
        return hashMap;
    }

    private void cleanUpByMetadata(Map.Entry<Pair<String, String>, List<FederationTrust>> entry) {
        try {
            Pair<String, String> key = entry.getKey();
            if (StringUtils.isNotBlank((String) key.getFirst()) && StringUtils.isNotBlank((String) key.getSecond()) && entry.getValue() != null && !entry.getValue().isEmpty()) {
                FederationMetadataResponse execGetMetadataById = new FederationMetadataClient((String) key.getFirst()).execGetMetadataById((String) key.getSecond());
                if (execGetMetadataById == null || execGetMetadataById.getMetadata() == null) {
                    setStatusToInactiveByChecker(entry);
                } else {
                    FederationMetadata metadata = execGetMetadataById.getMetadata();
                    this.log.trace("Check trusts against metadata: {0}", new Object[]{metadata.toString()});
                    for (FederationTrust federationTrust : entry.getValue()) {
                        if (federationTrust.getRedirectUris() != null && !federationTrust.getRedirectUris().isEmpty()) {
                            ArrayList arrayList = new ArrayList(federationTrust.getRedirectUris());
                            List collectAllRedirectUris = metadata.collectAllRedirectUris();
                            if (arrayList.retainAll(collectAllRedirectUris)) {
                                ArrayList arrayList2 = new ArrayList(federationTrust.getRedirectUris());
                                arrayList2.removeAll(collectAllRedirectUris);
                                this.log.trace("Removed outdated redirectUris {0}, trust dn: {1}", new Object[]{arrayList2, federationTrust.getDn()});
                                federationTrust.setRedirectUris(arrayList);
                                this.ldapEntryManager.merge(federationTrust);
                            }
                        }
                    }
                }
            }
        } catch (Exception e) {
            this.log.trace(e.getMessage(), e, new Object[0]);
            setStatusToInactiveByChecker(entry);
        }
    }

    private void setStatusToInactiveByChecker(Map.Entry<Pair<String, String>, List<FederationTrust>> entry) {
        Pair<String, String> key = entry.getKey();
        List<FederationTrust> value = entry.getValue();
        this.log.trace("Unable to retrieve information for metadata endpoint, url: {0}, id: {1}", new Object[]{key.getFirst(), key.getSecond()});
        for (FederationTrust federationTrust : value) {
            this.log.trace("Unable to check info of trust, set status to inactive_by_checker, dn: {0}", new Object[]{federationTrust.getDn()});
            this.ldapEntryManager.merge(federationTrust.getDn(), Arrays.asList(new AttributeDataModification(AttributeDataModification.AttributeModificationType.REPLACE, new AttributeData("oxAuthFederationTrustStatus", FederationTrustStatus.INACTIVE_BY_CHECKER.getValue()))));
        }
    }
}
