package com.github.ulisesbocchio.spring.boot.security.saml.configurer.builder;

import com.github.ulisesbocchio.spring.boot.security.saml.configurer.ServiceProviderSecurityBuilder;
import com.github.ulisesbocchio.spring.boot.security.saml.configurer.ServiceProviderSecurityConfigurerBeans;
import com.github.ulisesbocchio.spring.boot.security.saml.properties.KeyManagerProperties;
import com.github.ulisesbocchio.spring.boot.security.saml.properties.SAMLSSOProperties;
import com.github.ulisesbocchio.spring.boot.security.saml.resource.KeystoreFactory;
import java.security.KeyStore;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import org.springframework.core.io.ResourceLoader;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.saml.key.EmptyKeyManager;
import org.springframework.security.saml.key.JKSKeyManager;
import org.springframework.security.saml.key.KeyManager;

/* loaded from: input_file:lib/spring-boot-security-saml-1.1.jar:com/github/ulisesbocchio/spring/boot/security/saml/configurer/builder/KeyManagerConfigurer.class */
public class KeyManagerConfigurer extends SecurityConfigurerAdapter<ServiceProviderSecurityConfigurerBeans, ServiceProviderSecurityBuilder> {
    private KeyManager keyManager;
    private KeyManager keyManagerBean;
    private KeyStore keyStore;
    private String publicKeyPEMLocation;
    private String privateKeyDERLocation;
    private String storeLocation;
    private String storePass;
    private Map<String, String> keyPasswords;
    private String defaultKey;
    private KeyManagerProperties config;
    private KeystoreFactory keystoreFactory;
    private ResourceLoader resourceLoader;

    public KeyManagerConfigurer(KeyManager keyManager) {
        this.keyManager = keyManager;
    }

    public KeyManagerConfigurer() {
    }

    @Override // org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void init(ServiceProviderSecurityBuilder serviceProviderSecurityBuilder) throws Exception {
        this.keyManagerBean = (KeyManager) serviceProviderSecurityBuilder.getSharedObject(KeyManager.class);
        this.config = ((SAMLSSOProperties) serviceProviderSecurityBuilder.getSharedObject(SAMLSSOProperties.class)).getKeyManager();
        this.resourceLoader = (ResourceLoader) serviceProviderSecurityBuilder.getSharedObject(ResourceLoader.class);
        this.keystoreFactory = new KeystoreFactory(this.resourceLoader);
    }

    @Override // org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void configure(ServiceProviderSecurityBuilder serviceProviderSecurityBuilder) throws Exception {
        if (this.keyManagerBean == null) {
            if (this.keyManager == null) {
                Optional ofNullable = Optional.ofNullable(this.privateKeyDERLocation);
                KeyManagerProperties keyManagerProperties = this.config;
                keyManagerProperties.getClass();
                this.privateKeyDERLocation = (String) ofNullable.orElseGet(keyManagerProperties::getPrivateKeyDerLocation);
                Optional ofNullable2 = Optional.ofNullable(this.publicKeyPEMLocation);
                KeyManagerProperties keyManagerProperties2 = this.config;
                keyManagerProperties2.getClass();
                this.publicKeyPEMLocation = (String) ofNullable2.orElseGet(keyManagerProperties2::getPublicKeyPemLocation);
                Optional ofNullable3 = Optional.ofNullable(this.defaultKey);
                KeyManagerProperties keyManagerProperties3 = this.config;
                keyManagerProperties3.getClass();
                this.defaultKey = (String) ofNullable3.orElseGet(keyManagerProperties3::getDefaultKey);
                Optional ofNullable4 = Optional.ofNullable(this.keyPasswords);
                KeyManagerProperties keyManagerProperties4 = this.config;
                keyManagerProperties4.getClass();
                this.keyPasswords = (Map) ofNullable4.orElseGet(keyManagerProperties4::getKeyPasswords);
                Optional ofNullable5 = Optional.ofNullable(this.storePass);
                KeyManagerProperties keyManagerProperties5 = this.config;
                keyManagerProperties5.getClass();
                this.storePass = (String) ofNullable5.orElseGet(keyManagerProperties5::getStorePass);
                Optional ofNullable6 = Optional.ofNullable(this.storeLocation);
                KeyManagerProperties keyManagerProperties6 = this.config;
                keyManagerProperties6.getClass();
                this.storeLocation = (String) ofNullable6.orElseGet(keyManagerProperties6::getStoreLocation);
                if (this.keyStore != null) {
                    this.keyManager = new JKSKeyManager(this.keyStore, this.keyPasswords, this.defaultKey);
                } else if (this.storeLocation != null) {
                    validateDefaultKeyAndPasswords();
                    this.keyManager = new JKSKeyManager(this.resourceLoader.getResource(this.storeLocation), this.storePass, this.keyPasswords, this.defaultKey);
                } else if (this.privateKeyDERLocation == null || this.publicKeyPEMLocation == null) {
                    this.keyManager = new EmptyKeyManager();
                } else {
                    validateDefaultKeyAndPasswords();
                    this.keyStore = this.keystoreFactory.loadKeystore(this.publicKeyPEMLocation, this.privateKeyDERLocation, this.defaultKey, "");
                    this.keyManager = new JKSKeyManager(this.keyStore, this.keyPasswords, this.defaultKey);
                }
            }
            serviceProviderSecurityBuilder.setSharedObject(KeyManager.class, this.keyManager);
        }
    }

    private void validateDefaultKeyAndPasswords() {
        if (this.defaultKey == null || this.defaultKey.trim().equals("")) {
            throw new IllegalArgumentException("'defaultKey' cannot be null or empty.");
        }
        if (this.keyPasswords == null || this.keyPasswords.isEmpty()) {
            throw new IllegalArgumentException("'keyPasswords' cannot be null or empty.");
        }
    }

    public KeyManagerConfigurer keyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
        return this;
    }

    public KeyManagerConfigurer publicKeyPEMLocation(String str) {
        this.publicKeyPEMLocation = str;
        return this;
    }

    public KeyManagerConfigurer privateKeyDERLocation(String str) {
        this.privateKeyDERLocation = str;
        return this;
    }

    public KeyManagerConfigurer storeLocation(String str) {
        this.storeLocation = str;
        return this;
    }

    public KeyManagerConfigurer storePass(String str) {
        this.storePass = str;
        return this;
    }

    public KeyManagerConfigurer keyPasswords(Map<String, String> map) {
        this.keyPasswords = map;
        return this;
    }

    public KeyManagerConfigurer keyPassword(String str, String str2) {
        if (this.keyPasswords == null) {
            this.keyPasswords = new HashMap();
        }
        this.keyPasswords.put(str, str2);
        return this;
    }

    public KeyManagerConfigurer defaultKey(String str) {
        this.defaultKey = str;
        return this;
    }
}
