package org.gluu.oxtrust.ldap.service;

import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.List;
import java.util.Properties;
import java.util.concurrent.atomic.AtomicBoolean;
import org.apache.commons.configuration.ConfigurationException;
import org.codehaus.jackson.map.ObjectMapper;
import org.gluu.oxtrust.config.OxTrustConfiguration;
import org.gluu.oxtrust.model.GluuSAMLTrustRelationship;
import org.gluu.oxtrust.model.OxIDPAuthConf;
import org.gluu.oxtrust.model.scim.ScimCustomAttributes;
import org.gluu.oxtrust.util.OxTrustConstants;
import org.gluu.site.ldap.LDAPConnectionProvider;
import org.gluu.site.ldap.OperationsFacade;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.gluu.site.ldap.persistence.exception.EntryPersistenceException;
import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.AutoCreate;
import org.jboss.seam.annotations.Create;
import org.jboss.seam.annotations.Destroy;
import org.jboss.seam.annotations.Factory;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Observer;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.async.Asynchronous;
import org.jboss.seam.async.TimerSchedule;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.core.Events;
import org.jboss.seam.log.Log;
import org.xdi.exception.OxIntializationException;
import org.xdi.model.SimpleProperty;
import org.xdi.model.custom.script.CustomScriptType;
import org.xdi.model.ldap.GluuLdapConfiguration;
import org.xdi.oxauth.client.OpenIdConfigurationClient;
import org.xdi.oxauth.client.OpenIdConfigurationResponse;
import org.xdi.oxauth.client.OpenIdConnectDiscoveryClient;
import org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse;
import org.xdi.oxauth.client.uma.UmaClientFactory;
import org.xdi.oxauth.model.discovery.WebFingerLink;
import org.xdi.oxauth.model.uma.UmaConfiguration;
import org.xdi.oxauth.model.util.SecurityProviderUtility;
import org.xdi.service.PythonService;
import org.xdi.service.custom.script.CustomScriptManager;
import org.xdi.service.ldap.LdapConnectionService;
import org.xdi.util.StringHelper;
import org.xdi.util.properties.FileConfiguration;
import org.xdi.util.security.PropertiesDecrypter;

@AutoCreate
@Name("appInitializer")
@Scope(ScopeType.APPLICATION)
@Startup(depends = {"oxTrustConfiguration"})
/* loaded from: input_file:org/gluu/oxtrust/ldap/service/AppInitializer.class */
public class AppInitializer {
    private static final String EVENT_TYPE = "AppInitializerTimerEvent";
    private static final int DEFAULT_INTERVAL = 30;
    public static final String LDAP_ENTRY_MANAGER_NAME = "ldapEntryManager";
    public static final String LDAP_AUTH_ENTRY_MANAGER_NAME = "ldapAuthEntryManager";
    public static final String LDAP_CENTRAL_ENTRY_MANAGER_NAME = "centralLdapEntryManager";
    public static final long CONNECTION_CHECKER_INTERVAL = 120000;
    public static final long STATUS_CHECKER_INTERVAL = 61000;
    public static final long SVN_SYNC_INTERVAL = 310000;
    private static final long VALIDATION_INTERVAL = 63000;
    private static final long LOG_MONITOR_INTERVAL = 92160000;
    public static final long STATUS_CHECKER_DAILY = 93600000;

    @Logger
    private Log log;

    @In
    private SvnSyncTimer svnSyncTimer;

    @In
    private StatusCheckerTimer statusCheckerTimer;

    @In
    private StatusCheckerDaily statusCheckerDaily;

    @In
    private MetadataValidationTimer metadataValidationTimer;

    @In
    private LogFileSizeChecker logFileSizeChecker;

    @In
    private OxTrustConfiguration oxTrustConfiguration;
    private GluuLdapConfiguration ldapConfig;
    private AtomicBoolean isActive;
    private long lastFinishedTime;

    @Create
    public void createApplicationComponents() throws ConfigurationException {
        SecurityProviderUtility.installBCProvider();
        this.log.debug("Creating application components", new Object[0]);
        showBuildInfo();
        createConnectionProvider(this.oxTrustConfiguration.getLdapConfiguration(), "localLdapConfiguration", "connectionProvider");
        this.oxTrustConfiguration.create();
        initializeLdifArchiver();
        initiateLDAPAuthConf();
        createConnectionAuthProvider("ldapAuthConfig", this.oxTrustConfiguration.getLdapConfiguration().getFileName(), "localLdapAuthConfiguration", "authConnectionProvider");
        if (this.oxTrustConfiguration.getLdapCentralConfiguration() != null && this.oxTrustConfiguration.getApplicationConfiguration().isUpdateApplianceStatus()) {
            createConnectionProvider(this.oxTrustConfiguration.getLdapCentralConfiguration(), "centralLdapConfiguration", "centralConnectionProvider");
        }
        TemplateService.instance().initTemplateEngine();
        SubversionService.instance().initSubversionService();
        PythonService.instance().initPythonInterpreter();
        startStatusChecker();
        startDailyStatusChecker();
        startSvnSync();
        startMetadataValidator();
        createShibbolethConfiguration();
        logSizeChecker();
        CustomScriptManager.instance().init(Arrays.asList(CustomScriptType.CACHE_REFRESH, CustomScriptType.UPDATE_USER, CustomScriptType.USER_REGISTRATION, CustomScriptType.ID_GENERATOR));
    }

    @Observer({"org.jboss.seam.postInitialization"})
    public void initReloadTimer() {
        this.isActive = new AtomicBoolean(false);
        this.lastFinishedTime = System.currentTimeMillis();
        Events.instance().raiseTimedEvent(EVENT_TYPE, new TimerSchedule(60000L, 30000L), new Object[0]);
    }

    @Observer({EVENT_TYPE})
    @Asynchronous
    public void reloadConfigurationTimerEvent() {
        if (this.isActive.get()) {
            return;
        }
        try {
            if (this.isActive.compareAndSet(false, true)) {
                try {
                    reloadConfiguration();
                    this.isActive.set(false);
                    this.lastFinishedTime = System.currentTimeMillis();
                } catch (Throwable th) {
                    this.log.error("Exception happened while reloading application configuration", th, new Object[0]);
                    this.isActive.set(false);
                    this.lastFinishedTime = System.currentTimeMillis();
                }
            }
        } catch (Throwable th2) {
            this.isActive.set(false);
            this.lastFinishedTime = System.currentTimeMillis();
            throw th2;
        }
    }

    private void reloadConfiguration() {
        GluuLdapConfiguration loadLdapAuthConf = loadLdapAuthConf();
        if (this.ldapConfig.equals(loadLdapAuthConf)) {
            return;
        }
        this.ldapConfig = loadLdapAuthConf;
        recreateLdapAuthEntryManagers();
    }

    private void createConnectionAuthProvider(String str, String str2, String str3, String str4) {
        FileConfiguration fileConfiguration = new FileConfiguration(str2);
        Contexts.getApplicationContext().set(str3, fileConfiguration);
        Properties properties = fileConfiguration.getProperties();
        if (this.ldapConfig != null) {
            Contexts.getApplicationContext().set(str, this.ldapConfig);
            properties.setProperty("servers", buildServersString(this.ldapConfig.getServers()));
            properties.setProperty("bindDN", this.ldapConfig.getBindDN());
            properties.setProperty("bindPassword", this.ldapConfig.getBindPassword());
            properties.setProperty("useSSL", Boolean.toString(this.ldapConfig.isUseSSL()));
        }
        Contexts.getApplicationContext().set(str4, new LdapConnectionService(PropertiesDecrypter.decryptProperties(properties, this.oxTrustConfiguration.getCryptoConfigurationSalt())));
    }

    private String buildServersString(List<SimpleProperty> list) {
        StringBuilder sb = new StringBuilder();
        if (list == null) {
            return sb.toString();
        }
        boolean z = true;
        for (SimpleProperty simpleProperty : list) {
            if (z) {
                z = false;
            } else {
                sb.append(",");
            }
            sb.append(simpleProperty.getValue());
        }
        return sb.toString();
    }

    private void startMetadataValidator() {
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, 60);
        this.metadataValidationTimer.scheduleValidation(calendar.getTime(), Long.valueOf(VALIDATION_INTERVAL));
    }

    private boolean createShibbolethConfiguration() {
        boolean isConfigGeneration = this.oxTrustConfiguration.getApplicationConfiguration().isConfigGeneration();
        this.log.info("IDP config generation is set to " + isConfigGeneration, new Object[0]);
        if (!isConfigGeneration) {
            return true;
        }
        try {
            String gluuSPTR = ApplianceService.instance().getAppliance().getGluuSPTR();
            GluuSAMLTrustRelationship gluuSAMLTrustRelationship = new GluuSAMLTrustRelationship();
            gluuSAMLTrustRelationship.setDn(TrustService.instance().getDnForTrustRelationShip(gluuSPTR));
            boolean z = false;
            if (gluuSPTR == null || !TrustService.instance().containsTrustRelationship(gluuSAMLTrustRelationship)) {
                this.log.info("No trust relationships exist in LDAP. Adding gluuSP", new Object[0]);
                TrustService.instance().addGluuSP();
                z = true;
            }
            GluuSAMLTrustRelationship relationshipByInum = TrustService.instance().getRelationshipByInum(ApplianceService.instance().getAppliance().getGluuSPTR());
            List<GluuSAMLTrustRelationship> allActiveTrustRelationships = TrustService.instance().getAllActiveTrustRelationships();
            Shibboleth2ConfService.instance().generateIdpConfigurationFiles();
            Shibboleth2ConfService.instance().generateConfigurationFiles(allActiveTrustRelationships);
            Shibboleth2ConfService.instance().generateMetadataFiles(relationshipByInum);
            Shibboleth2ConfService.instance().removeUnusedCredentials();
            Shibboleth2ConfService.instance().removeUnusedMetadata();
            if (!z) {
                return true;
            }
            ApplianceService.instance().restartServices();
            return true;
        } catch (EntryPersistenceException e) {
            this.log.error("Failed to determine SP inum", e, new Object[0]);
            return false;
        }
    }

    private void showBuildInfo() {
        this.log.info("Build date {0}. Code revision {1} on {2}. Build {3}", new Object[]{OxTrustConstants.getGluuBuildDate(), OxTrustConstants.getGluuRevisionVersion(), OxTrustConstants.getGluuRevisionDate(), OxTrustConstants.getGluuBuildNumber()});
    }

    private void createConnectionProvider(FileConfiguration fileConfiguration, String str, String str2) {
        Contexts.getApplicationContext().set(str, fileConfiguration);
        LdapConnectionService ldapConnectionService = null;
        if (fileConfiguration != null) {
            ldapConnectionService = new LdapConnectionService(PropertiesDecrypter.decryptProperties(fileConfiguration.getProperties(), this.oxTrustConfiguration.getCryptoConfigurationSalt()));
        }
        Contexts.getApplicationContext().set(str2, ldapConnectionService);
    }

    private void startStatusChecker() {
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, 60);
        this.statusCheckerTimer.scheduleStatusChecking(calendar.getTime(), Long.valueOf(STATUS_CHECKER_INTERVAL));
    }

    private void startDailyStatusChecker() {
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, 600);
        this.statusCheckerDaily.scheduleStatusChecking(calendar.getTime(), Long.valueOf(STATUS_CHECKER_DAILY));
    }

    private void startSvnSync() {
        if (this.oxTrustConfiguration.getApplicationConfiguration().isPersistSVN()) {
            Calendar calendar = Calendar.getInstance();
            calendar.add(13, 60);
            this.svnSyncTimer.scheduleSvnSync(calendar.getTime(), Long.valueOf(SVN_SYNC_INTERVAL));
        }
    }

    @Destroy
    public void destroyApplicationComponents() throws ConfigurationException {
        this.log.debug("Destroying application components", new Object[0]);
        ((LdapEntryManager) Contexts.getApplicationContext().get(LDAP_ENTRY_MANAGER_NAME)).destroy();
        LdapEntryManager ldapEntryManager = (LdapEntryManager) Contexts.getApplicationContext().get(LDAP_AUTH_ENTRY_MANAGER_NAME);
        if (ldapEntryManager != null) {
            ldapEntryManager.destroy();
        }
        LdapEntryManager ldapEntryManager2 = (LdapEntryManager) Contexts.getApplicationContext().get(LDAP_CENTRAL_ENTRY_MANAGER_NAME);
        if (ldapEntryManager2 != null) {
            ldapEntryManager2.destroy();
        }
    }

    @Factory(value = LDAP_ENTRY_MANAGER_NAME, scope = ScopeType.APPLICATION, autoCreate = true)
    public LdapEntryManager createLdapEntryManager() {
        LdapEntryManager ldapEntryManager = new LdapEntryManager(new OperationsFacade((LdapConnectionService) Contexts.getApplicationContext().get("connectionProvider")));
        this.log.debug("Created site LdapEntryManager: " + ldapEntryManager, new Object[0]);
        return ldapEntryManager;
    }

    @Factory(value = LDAP_CENTRAL_ENTRY_MANAGER_NAME, scope = ScopeType.APPLICATION, autoCreate = true)
    public LdapEntryManager createCentralLdapEntryManager() {
        LdapConnectionService ldapConnectionService = (LdapConnectionService) Contexts.getApplicationContext().get("centralConnectionProvider");
        if (ldapConnectionService == null) {
            return null;
        }
        this.log.debug("Created central LdapEntryManager: " + ldapConnectionService, new Object[0]);
        LdapEntryManager ldapEntryManager = new LdapEntryManager(new OperationsFacade(ldapConnectionService));
        this.log.debug("Created central LdapEntryManager: " + ldapEntryManager, new Object[0]);
        return ldapEntryManager;
    }

    @Factory(value = LDAP_AUTH_ENTRY_MANAGER_NAME, scope = ScopeType.APPLICATION, autoCreate = true)
    public LdapEntryManager createLdapAuthEntryManager() {
        LdapEntryManager ldapEntryManager = new LdapEntryManager(new OperationsFacade((LdapConnectionService) Contexts.getApplicationContext().get("authConnectionProvider"), (LDAPConnectionProvider) null));
        this.log.debug("Created site LdapAuthEntryManager: " + ldapEntryManager, new Object[0]);
        return ldapEntryManager;
    }

    @Observer({OxTrustConfiguration.LDAP_CONFIGUARION_RELOAD_EVENT_TYPE})
    public void recreateLdapEntryManager() {
        LdapEntryManager ldapEntryManager = (LdapEntryManager) Component.getInstance(LDAP_ENTRY_MANAGER_NAME);
        createConnectionProvider(this.oxTrustConfiguration.getLdapConfiguration(), "localLdapConfiguration", "connectionProvider");
        Contexts.getApplicationContext().remove(LDAP_ENTRY_MANAGER_NAME);
        ldapEntryManager.destroy();
        this.log.debug("Destroyed {0}: {1}", new Object[]{LDAP_ENTRY_MANAGER_NAME, ldapEntryManager});
    }

    @Observer({OxTrustConfiguration.LDAP_CENTRAL_CONFIGUARION_RELOAD_EVENT_TYPE})
    public void recreateCentralLdapEntryManager() {
        LdapEntryManager ldapEntryManager = (LdapEntryManager) Component.getInstance(LDAP_CENTRAL_ENTRY_MANAGER_NAME);
        if (this.oxTrustConfiguration.getLdapCentralConfiguration() == null || !this.oxTrustConfiguration.getApplicationConfiguration().isUpdateApplianceStatus()) {
            Contexts.getApplicationContext().remove("centralConnectionProvider");
        } else {
            createConnectionProvider(this.oxTrustConfiguration.getLdapCentralConfiguration(), "centralLdapConfiguration", "centralConnectionProvider");
        }
        Contexts.getApplicationContext().remove(LDAP_CENTRAL_ENTRY_MANAGER_NAME);
        if (ldapEntryManager != null) {
            ldapEntryManager.destroy();
            this.log.debug("Destroyed {0}: {1}", new Object[]{LDAP_CENTRAL_ENTRY_MANAGER_NAME, ldapEntryManager});
        }
    }

    public void recreateLdapAuthEntryManagers() {
        LdapEntryManager ldapEntryManager = (LdapEntryManager) Component.getInstance(LDAP_AUTH_ENTRY_MANAGER_NAME);
        createConnectionAuthProvider("ldapAuthConfig", this.oxTrustConfiguration.getLdapConfiguration().getFileName(), "localLdapAuthConfiguration", "authConnectionProvider");
        Contexts.getApplicationContext().remove(LDAP_AUTH_ENTRY_MANAGER_NAME);
        ldapEntryManager.destroy();
        this.log.debug("Destroyed {0}: {1}", new Object[]{LDAP_CENTRAL_ENTRY_MANAGER_NAME, ldapEntryManager});
    }

    private void initializeLdifArchiver() {
        LdapEntryManager ldapEntryManager = (LdapEntryManager) Component.getInstance(LDAP_ENTRY_MANAGER_NAME);
        ldapEntryManager.addDeleteSubscriber(new LdifArchiver(ldapEntryManager));
    }

    private void logSizeChecker() {
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, 60);
        this.logFileSizeChecker.scheduleSizeChecking(calendar.getTime(), Long.valueOf(LOG_MONITOR_INTERVAL));
    }

    private Object jsonToObject(String str, Class<?> cls) throws Exception {
        return new ObjectMapper().readValue(str, cls);
    }

    @Deprecated
    private GluuLdapConfiguration mapLdapOldConfig(OxIDPAuthConf oxIDPAuthConf) {
        GluuLdapConfiguration gluuLdapConfiguration = new GluuLdapConfiguration();
        gluuLdapConfiguration.setServers(Arrays.asList(new SimpleProperty(oxIDPAuthConf.getFields().get(0).getValues().get(0) + ":" + oxIDPAuthConf.getFields().get(1).getValues().get(0))));
        gluuLdapConfiguration.setBindDN(oxIDPAuthConf.getFields().get(2).getValues().get(0));
        gluuLdapConfiguration.setBindPassword(oxIDPAuthConf.getFields().get(3).getValues().get(0));
        gluuLdapConfiguration.setUseSSL(Boolean.valueOf(oxIDPAuthConf.getFields().get(4).getValues().get(0)).booleanValue());
        gluuLdapConfiguration.setMaxConnections(3);
        gluuLdapConfiguration.setConfigId("auth_ldap_server");
        gluuLdapConfiguration.setEnabled(oxIDPAuthConf.getEnabled());
        return gluuLdapConfiguration;
    }

    private GluuLdapConfiguration mapLdapConfig(String str) throws Exception {
        return (GluuLdapConfiguration) jsonToObject(str, GluuLdapConfiguration.class);
    }

    public void initiateLDAPAuthConf() {
        this.ldapConfig = loadLdapAuthConf();
    }

    private GluuLdapConfiguration loadLdapAuthConf() {
        GluuLdapConfiguration gluuLdapConfiguration = null;
        List<OxIDPAuthConf> oxIDPAuthentication = ApplianceService.instance().getAppliance().getOxIDPAuthentication();
        if (oxIDPAuthentication == null) {
            this.log.warn("Appliance entry in database does not contain authentication configuration. Guessing local ldap.", new Object[0]);
            oxIDPAuthentication = new ArrayList();
            OxIDPAuthConf oxIDPAuthConf = new OxIDPAuthConf();
            oxIDPAuthConf.setType("ldap");
            oxIDPAuthConf.setName("Ldap authentication");
            oxIDPAuthConf.setLevel(0);
            oxIDPAuthConf.setPriority(1);
            oxIDPAuthConf.setEnabled(true);
            oxIDPAuthConf.setVersion(0);
            ArrayList arrayList = new ArrayList();
            LdapConnectionService ldapConnectionService = (LdapConnectionService) Contexts.getApplicationContext().get("connectionProvider");
            ScimCustomAttributes scimCustomAttributes = new ScimCustomAttributes();
            scimCustomAttributes.setName("ldapHost");
            scimCustomAttributes.setValues(Arrays.asList(ldapConnectionService.getServers()));
            arrayList.add(scimCustomAttributes);
            ScimCustomAttributes scimCustomAttributes2 = new ScimCustomAttributes();
            scimCustomAttributes2.setName("ldapPort");
            ArrayList arrayList2 = new ArrayList();
            for (int i : ldapConnectionService.getPorts()) {
                arrayList2.add(Integer.toString(i));
            }
            scimCustomAttributes2.setValues(arrayList2);
            arrayList.add(scimCustomAttributes2);
            ScimCustomAttributes scimCustomAttributes3 = new ScimCustomAttributes();
            scimCustomAttributes3.setName("ldapBindDn");
            ArrayList arrayList3 = new ArrayList();
            arrayList3.add(ldapConnectionService.getBindDn());
            scimCustomAttributes3.setValues(arrayList3);
            arrayList.add(scimCustomAttributes3);
            ScimCustomAttributes scimCustomAttributes4 = new ScimCustomAttributes();
            scimCustomAttributes4.setName("ldapBindPw");
            ArrayList arrayList4 = new ArrayList();
            arrayList4.add(ldapConnectionService.getBindPassword());
            scimCustomAttributes4.setValues(arrayList4);
            arrayList.add(scimCustomAttributes4);
            ScimCustomAttributes scimCustomAttributes5 = new ScimCustomAttributes();
            scimCustomAttributes5.setName("ldapUseSSL");
            ArrayList arrayList5 = new ArrayList();
            arrayList5.add(Boolean.toString(ldapConnectionService.isUseSSL()));
            scimCustomAttributes5.setValues(arrayList5);
            arrayList.add(scimCustomAttributes5);
            oxIDPAuthConf.setFields(arrayList);
            oxIDPAuthentication.add(oxIDPAuthConf);
        }
        for (OxIDPAuthConf oxIDPAuthConf2 : oxIDPAuthentication) {
            if (oxIDPAuthConf2.getType().equalsIgnoreCase("ldap")) {
                try {
                    gluuLdapConfiguration = mapLdapOldConfig(oxIDPAuthConf2);
                } catch (Exception e) {
                    this.log.error("Failed to load LDAP authentication server connection details", e, new Object[0]);
                }
            } else if (oxIDPAuthConf2.getType().equalsIgnoreCase("auth")) {
                try {
                    gluuLdapConfiguration = mapLdapConfig(oxIDPAuthConf2.getConfig());
                } catch (Exception e2) {
                    this.log.error("Failed to load LDAP authentication server connection details", e2, new Object[0]);
                }
            }
        }
        return gluuLdapConfiguration;
    }

    @Factory(value = "openIdConfiguration", scope = ScopeType.APPLICATION, autoCreate = true)
    public OpenIdConfigurationResponse initOpenIdConfiguration() throws OxIntializationException {
        String oxAuthIssuer = this.oxTrustConfiguration.getApplicationConfiguration().getOxAuthIssuer();
        if (StringHelper.isEmpty(oxAuthIssuer)) {
            this.log.info("oxAuth issuer isn't specified", new Object[0]);
            return null;
        }
        this.log.debug("Attempting to determine configuration endpoint URL", new Object[0]);
        try {
            OpenIdConnectDiscoveryResponse exec = new OpenIdConnectDiscoveryClient(oxAuthIssuer).exec();
            if (exec.getStatus() != 200 || exec.getSubject() == null || exec.getLinks().size() == 0) {
                throw new OxIntializationException("OpenId discovery response is invalid!");
            }
            this.log.debug("Attempting to load OpenID configuration", new Object[0]);
            OpenIdConfigurationResponse execOpenIdConfiguration = new OpenIdConfigurationClient(((WebFingerLink) exec.getLinks().get(0)).getHref() + "/.well-known/openid-configuration").execOpenIdConfiguration();
            if (execOpenIdConfiguration.getStatus() != 200) {
                throw new OxIntializationException("OpenId configuration response is invalid!");
            }
            return execOpenIdConfiguration;
        } catch (URISyntaxException e) {
            throw new OxIntializationException("OpenId discovery response is invalid!", e);
        }
    }

    @Factory(value = "umaMetadataConfiguration", scope = ScopeType.APPLICATION, autoCreate = true)
    public UmaConfiguration initUmaMetadataConfiguration() throws OxIntializationException {
        String umaConfigurationEndpoint = getUmaConfigurationEndpoint();
        if (StringHelper.isEmpty(umaConfigurationEndpoint)) {
            return null;
        }
        UmaConfiguration metadataConfiguration = UmaClientFactory.instance().createMetaDataConfigurationService(umaConfigurationEndpoint).getMetadataConfiguration();
        if (metadataConfiguration == null) {
            throw new OxIntializationException("UMA meta data configuration is invalid!");
        }
        return metadataConfiguration;
    }

    public String getUmaConfigurationEndpoint() {
        String umaIssuer = this.oxTrustConfiguration.getApplicationConfiguration().getUmaIssuer();
        if (StringHelper.isEmpty(umaIssuer)) {
            this.log.trace("oxAuth UMA issuer isn't specified", new Object[0]);
            return null;
        }
        String str = umaIssuer;
        if (!str.endsWith("uma-configuration")) {
            str = str + "/.well-known/uma-configuration";
        }
        return str;
    }
}
