package org.gluu.oxtrust.ldap.service;

import com.unboundid.ldap.sdk.Filter;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.mail.AuthenticationFailedException;
import javax.mail.MessagingException;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
import org.gluu.oxtrust.model.GluuAppliance;
import org.gluu.oxtrust.model.GluuCustomAttribute;
import org.gluu.oxtrust.model.GluuMetadataSourceType;
import org.gluu.oxtrust.model.GluuSAMLTrustRelationship;
import org.gluu.oxtrust.model.OrganizationalUnit;
import org.gluu.oxtrust.util.MailUtils;
import org.gluu.oxtrust.util.OxTrustConstants;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.AutoCreate;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.log.Log;
import org.xdi.config.oxtrust.ApplicationConfiguration;
import org.xdi.ldap.model.GluuStatus;
import org.xdi.ldap.model.InumEntry;
import org.xdi.model.GluuAttribute;
import org.xdi.model.GluuUserRole;
import org.xdi.model.TrustContact;
import org.xdi.service.XmlService;
import org.xdi.util.INumGenerator;
import org.xdi.util.StringHelper;

@Name("trustService")
@AutoCreate
@Scope(ScopeType.STATELESS)
/* loaded from: input_file:org/gluu/oxtrust/ldap/service/TrustService.class */
public class TrustService {

    @Logger
    private Log log;

    @In
    LdapEntryManager ldapEntryManager;

    @In
    private Shibboleth2ConfService shibboleth2ConfService;

    @In
    private AttributeService attributeService;

    @In
    private XmlService xmlService;
    public static final String GENERATED_SSL_ARTIFACTS_DIR = "ssl";

    @In("#{oxTrustConfiguration.applicationConfiguration}")
    private ApplicationConfiguration applicationConfiguration;

    public void addTrustRelationship(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        this.log.info("Creating TR " + gluuSAMLTrustRelationship.getInum(), new Object[0]);
        String[] clusteredInums = this.applicationConfiguration.getClusteredInums();
        String applianceInum = this.applicationConfiguration.getApplianceInum();
        if (clusteredInums == null || clusteredInums.length == 0) {
            this.log.debug("there is no cluster configuration. Assuming standalone appliance.", new Object[0]);
            clusteredInums = new String[]{applianceInum};
        }
        String dn = gluuSAMLTrustRelationship.getDn();
        for (String str : clusteredInums) {
            String replaceLast = StringHelper.replaceLast(dn, applianceInum, str);
            gluuSAMLTrustRelationship.setDn(replaceLast);
            GluuSAMLTrustRelationship gluuSAMLTrustRelationship2 = new GluuSAMLTrustRelationship();
            gluuSAMLTrustRelationship2.setDn(gluuSAMLTrustRelationship.getDn());
            if (containsTrustRelationship(gluuSAMLTrustRelationship2)) {
                this.ldapEntryManager.merge(gluuSAMLTrustRelationship);
            } else {
                this.log.debug("Adding TR" + replaceLast, new Object[0]);
                OrganizationalUnit organizationalUnit = new OrganizationalUnit();
                organizationalUnit.setDn(getDnForTrustRelationShip(null));
                if (!this.ldapEntryManager.contains(organizationalUnit)) {
                    this.ldapEntryManager.persist(organizationalUnit);
                }
                this.ldapEntryManager.persist(gluuSAMLTrustRelationship);
            }
        }
        gluuSAMLTrustRelationship.setDn(dn);
    }

    public void updateTrustRelationship(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        this.log.debug("Updating TR " + gluuSAMLTrustRelationship.getInum(), new Object[0]);
        String[] clusteredInums = this.applicationConfiguration.getClusteredInums();
        String applianceInum = this.applicationConfiguration.getApplianceInum();
        if (clusteredInums == null || clusteredInums.length == 0) {
            this.log.debug("there is no cluster configuration. Assuming standalone appliance.", new Object[0]);
            clusteredInums = new String[]{applianceInum};
        }
        String dn = gluuSAMLTrustRelationship.getDn();
        for (String str : clusteredInums) {
            String replaceLast = StringHelper.replaceLast(dn, applianceInum, str);
            gluuSAMLTrustRelationship.setDn(replaceLast);
            GluuSAMLTrustRelationship gluuSAMLTrustRelationship2 = new GluuSAMLTrustRelationship();
            gluuSAMLTrustRelationship2.setDn(gluuSAMLTrustRelationship.getDn());
            if (containsTrustRelationship(gluuSAMLTrustRelationship2)) {
                this.log.trace("Updating TR" + replaceLast, new Object[0]);
                this.ldapEntryManager.merge(gluuSAMLTrustRelationship);
            } else {
                OrganizationalUnit organizationalUnit = new OrganizationalUnit();
                organizationalUnit.setDn(getDnForTrustRelationShip(null));
                if (!this.ldapEntryManager.contains(organizationalUnit)) {
                    this.ldapEntryManager.persist(organizationalUnit);
                }
                this.ldapEntryManager.persist(gluuSAMLTrustRelationship);
            }
        }
        gluuSAMLTrustRelationship.setDn(dn);
    }

    public void removeTrustRelationship(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        this.log.info("Removing TR " + gluuSAMLTrustRelationship.getInum(), new Object[0]);
        String[] clusteredInums = this.applicationConfiguration.getClusteredInums();
        String applianceInum = this.applicationConfiguration.getApplianceInum();
        if (clusteredInums == null || clusteredInums.length == 0) {
            this.log.debug("there is no cluster configuration. Assuming standalone appliance.", new Object[0]);
            clusteredInums = new String[]{applianceInum};
        }
        String dn = gluuSAMLTrustRelationship.getDn();
        for (String str : clusteredInums) {
            String replaceLast = StringHelper.replaceLast(dn, applianceInum, str);
            gluuSAMLTrustRelationship.setDn(replaceLast);
            GluuSAMLTrustRelationship gluuSAMLTrustRelationship2 = new GluuSAMLTrustRelationship();
            gluuSAMLTrustRelationship2.setDn(gluuSAMLTrustRelationship.getDn());
            if (containsTrustRelationship(gluuSAMLTrustRelationship2)) {
                this.log.debug("Removing TR" + replaceLast, new Object[0]);
                this.ldapEntryManager.remove(gluuSAMLTrustRelationship);
            }
        }
        gluuSAMLTrustRelationship.setDn(dn);
    }

    public GluuSAMLTrustRelationship getRelationshipByInum(String str) {
        return (GluuSAMLTrustRelationship) this.ldapEntryManager.find(GluuSAMLTrustRelationship.class, getDnForTrustRelationShip(str));
    }

    public GluuSAMLTrustRelationship getRelationshipByDn(String str) {
        if (StringHelper.isNotEmpty(str)) {
            return (GluuSAMLTrustRelationship) this.ldapEntryManager.find(GluuSAMLTrustRelationship.class, str);
        }
        return null;
    }

    public List<GluuSAMLTrustRelationship> getAllTrustRelationships() {
        return this.ldapEntryManager.findEntries(getDnForTrustRelationShip(null), GluuSAMLTrustRelationship.class, (Filter) null);
    }

    public List<GluuSAMLTrustRelationship> getAllActiveTrustRelationships() {
        GluuSAMLTrustRelationship gluuSAMLTrustRelationship = new GluuSAMLTrustRelationship();
        gluuSAMLTrustRelationship.setBaseDn(getDnForTrustRelationShip(null));
        gluuSAMLTrustRelationship.setStatus(GluuStatus.ACTIVE);
        return this.ldapEntryManager.findEntries(gluuSAMLTrustRelationship);
    }

    public List<GluuSAMLTrustRelationship> getAllFederations() {
        ArrayList arrayList = new ArrayList();
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : getAllActiveTrustRelationships()) {
            if (gluuSAMLTrustRelationship.isFederation()) {
                arrayList.add(gluuSAMLTrustRelationship);
            }
        }
        return arrayList;
    }

    public List<GluuSAMLTrustRelationship> getAllOtherFederations(String str) {
        List<GluuSAMLTrustRelationship> allFederations = getAllFederations();
        allFederations.remove(getRelationshipByInum(str));
        return allFederations;
    }

    public boolean containsTrustRelationship(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return this.ldapEntryManager.contains(gluuSAMLTrustRelationship);
    }

    public String generateInumForNewTrustRelationship() {
        String generateInumForNewTrustRelationshipImpl;
        InumEntry inumEntry = new InumEntry();
        inumEntry.setDn(this.applicationConfiguration.getBaseDN());
        do {
            generateInumForNewTrustRelationshipImpl = generateInumForNewTrustRelationshipImpl();
            inumEntry.setInum(generateInumForNewTrustRelationshipImpl);
        } while (this.ldapEntryManager.contains(inumEntry));
        return generateInumForNewTrustRelationshipImpl;
    }

    private String generateInumForNewTrustRelationshipImpl() {
        return getApplianceInum() + OxTrustConstants.inumDelimiter + "0006" + OxTrustConstants.inumDelimiter + INumGenerator.generate(2);
    }

    private String getApplianceInum() {
        return this.applicationConfiguration.getApplianceInum();
    }

    public GluuMetadataSourceType[] getMetadataSourceTypes() {
        return GluuMetadataSourceType.values();
    }

    public String getDnForTrustRelationShip(String str) {
        String dnForAppliance = ApplianceService.instance().getDnForAppliance();
        return StringHelper.isEmpty(str) ? String.format("ou=trustRelationships,%s", dnForAppliance) : String.format("inum=%s,ou=trustRelationships,%s", str, dnForAppliance);
    }

    public static TrustService instance() {
        return (TrustService) Component.getInstance(TrustService.class);
    }

    public void addGluuSP() {
        String generateInumForNewTrustRelationship = generateInumForNewTrustRelationship();
        String spNewMetadataFileName = this.shibboleth2ConfService.getSpNewMetadataFileName(generateInumForNewTrustRelationship);
        GluuSAMLTrustRelationship gluuSAMLTrustRelationship = new GluuSAMLTrustRelationship();
        gluuSAMLTrustRelationship.setInum(generateInumForNewTrustRelationship);
        gluuSAMLTrustRelationship.setDisplayName("gluu SP on appliance");
        gluuSAMLTrustRelationship.setDescription("Trust Relationship for the SP");
        gluuSAMLTrustRelationship.setSpMetaDataSourceType(GluuMetadataSourceType.FILE);
        gluuSAMLTrustRelationship.setSpMetaDataFN(spNewMetadataFileName);
        gluuSAMLTrustRelationship.setEntityId(StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()));
        gluuSAMLTrustRelationship.setUrl(this.applicationConfiguration.getApplianceUrl());
        boolean z = false;
        try {
            this.shibboleth2ConfService.generateSpMetadataFile(gluuSAMLTrustRelationship, FileUtils.readFileToString(new File(this.applicationConfiguration.getGluuSpCert())).replaceAll("-{5}.*?-{5}", ""));
            z = this.shibboleth2ConfService.isCorrectSpMetadataFile(gluuSAMLTrustRelationship.getSpMetaDataFN());
        } catch (IOException e) {
            this.log.error("Failed to gluu SP read certificate file.", e, new Object[0]);
        }
        GluuAppliance gluuAppliance = null;
        if (z) {
            gluuSAMLTrustRelationship.setStatus(GluuStatus.ACTIVE);
            gluuSAMLTrustRelationship.setDn(getDnForTrustRelationShip(gluuSAMLTrustRelationship.getInum()));
            ArrayList arrayList = new ArrayList();
            List<GluuAttribute> allPersonAttributes = this.attributeService.getAllPersonAttributes(GluuUserRole.ADMIN);
            HashMap<String, GluuAttribute> attributeMapByDNs = this.attributeService.getAttributeMapByDNs(allPersonAttributes);
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            for (String str : this.applicationConfiguration.getGluuSpAttributes()) {
                GluuAttribute attributeByName = this.attributeService.getAttributeByName(str, allPersonAttributes);
                if (attributeByName != null) {
                    arrayList2.add(attributeByName.getDn());
                }
            }
            arrayList.addAll(this.attributeService.getCustomAttributesByAttributeDNs(arrayList2, attributeMapByDNs));
            gluuSAMLTrustRelationship.setReleasedCustomAttributes(arrayList);
            gluuSAMLTrustRelationship.setReleasedAttributes(arrayList3);
            updateReleasedAttributes(gluuSAMLTrustRelationship);
            addTrustRelationship(gluuSAMLTrustRelationship);
            gluuAppliance = ApplianceService.instance().getAppliance();
            gluuAppliance.setGluuSPTR(gluuSAMLTrustRelationship.getInum());
        }
        if (!z) {
            this.log.error("IDP configuration update failed. GluuSP was not generated.", new Object[0]);
        } else {
            ApplianceService.instance().updateAppliance(gluuAppliance);
            this.log.warn("gluuSP EntityID set to " + StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()) + ". shibboleth2 configuration should be updated.", new Object[0]);
        }
    }

    public void updateReleasedAttributes(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        ArrayList arrayList = new ArrayList();
        String str = "";
        for (GluuCustomAttribute gluuCustomAttribute : gluuSAMLTrustRelationship.getReleasedCustomAttributes()) {
            if (gluuCustomAttribute.isNew()) {
                str = str + "\nAttribute name: " + gluuCustomAttribute.getName() + " Display name: " + gluuCustomAttribute.getMetadata().getDisplayName() + " Attribute value: " + gluuCustomAttribute.getValue();
                gluuCustomAttribute.setNew(false);
            }
            arrayList.add(gluuCustomAttribute.getMetadata().getDn());
        }
        if (!StringUtils.isEmpty(str)) {
            try {
                String str2 = "Trust RelationShip name: " + gluuSAMLTrustRelationship.getDisplayName() + " (inum:" + gluuSAMLTrustRelationship.getInum() + ")\n\n";
                GluuAppliance appliance = ApplianceService.instance().getAppliance();
                new MailUtils(appliance.getSmtpHost(), appliance.getSmtpPort(), appliance.isRequiresSsl(), appliance.isRequiresAuthentication(), appliance.getSmtpUserName(), appliance.getSmtpPasswordStr()).sendMail(appliance.getSmtpFromName() + " <" + appliance.getSmtpFromEmailAddress() + ">", appliance.getContactEmail(), "Attributes with Privacy level 5 are released in a Trust Relationaship", str2 + str);
            } catch (MessagingException e) {
                this.log.error("SMTP Host Connection Error", e, new Object[0]);
            } catch (Exception e2) {
                this.log.error("Failed to send the notification email: ", e2, new Object[0]);
            } catch (AuthenticationFailedException e3) {
                this.log.error("SMTP Authentication Error: ", e3, new Object[0]);
            }
        }
        if (arrayList.isEmpty()) {
            gluuSAMLTrustRelationship.setReleasedAttributes(null);
        } else {
            gluuSAMLTrustRelationship.setReleasedAttributes(arrayList);
        }
    }

    public boolean isFederation(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        return this.shibboleth2ConfService.isFederationMetadata(gluuSAMLTrustRelationship.getSpMetaDataFN());
    }

    public List<TrustContact> getContacts(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        List<String> gluuTrustContact = gluuSAMLTrustRelationship.getGluuTrustContact();
        ArrayList arrayList = new ArrayList();
        if (gluuTrustContact != null) {
            Iterator<String> it = gluuTrustContact.iterator();
            while (it.hasNext()) {
                arrayList.add(this.xmlService.getTrustContactFromXML(it.next()));
            }
        }
        return arrayList;
    }

    public void saveContacts(GluuSAMLTrustRelationship gluuSAMLTrustRelationship, List<TrustContact> list) {
        if (list == null || list.isEmpty()) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        Iterator<TrustContact> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(this.xmlService.getXMLFromTrustContact(it.next()));
        }
        gluuSAMLTrustRelationship.setGluuTrustContact(arrayList);
    }

    public List<GluuSAMLTrustRelationship> getDeconstructedTrustRelationships(GluuSAMLTrustRelationship gluuSAMLTrustRelationship) {
        ArrayList arrayList = new ArrayList();
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship2 : getAllTrustRelationships()) {
            if (gluuSAMLTrustRelationship.equals(gluuSAMLTrustRelationship2.getContainerFederation())) {
                arrayList.add(gluuSAMLTrustRelationship2);
            }
        }
        return arrayList;
    }

    public GluuSAMLTrustRelationship getTrustByUnpunctuatedInum(String str) {
        for (GluuSAMLTrustRelationship gluuSAMLTrustRelationship : getAllTrustRelationships()) {
            if (StringHelper.removePunctuation(gluuSAMLTrustRelationship.getInum()).equals(str)) {
                return gluuSAMLTrustRelationship;
            }
        }
        return null;
    }
}
