package org.apache.syncope.wa.starter.pac4j.saml;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Base64;
import org.apache.syncope.common.lib.to.SAML2SPEntityTO;
import org.apache.syncope.common.rest.api.service.SAML2SPEntityService;
import org.apache.syncope.wa.bootstrap.WARestClient;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.metadata.keystore.BaseSAML2KeystoreGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/syncope/wa/starter/pac4j/saml/WASAML2ClientKeystoreGenerator.class */
public class WASAML2ClientKeystoreGenerator extends BaseSAML2KeystoreGenerator {
    private static final Logger LOG = LoggerFactory.getLogger(WASAML2ClientKeystoreGenerator.class);
    private final WARestClient restClient;
    private final SAML2Client saml2Client;

    /* JADX INFO: Access modifiers changed from: package-private */
    public WASAML2ClientKeystoreGenerator(WARestClient wARestClient, SAML2Client sAML2Client) {
        super(sAML2Client.getConfiguration());
        this.restClient = wARestClient;
        this.saml2Client = sAML2Client;
    }

    public boolean shouldGenerate() {
        return true;
    }

    protected void store(KeyStore keyStore, X509Certificate x509Certificate, PrivateKey privateKey) throws Exception {
        SAML2SPEntityTO build;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            keyStore.store(byteArrayOutputStream, this.saml2Configuration.getKeystorePassword().toCharArray());
            byteArrayOutputStream.flush();
            String encodeToString = Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());
            LOG.debug("Encoded keystore {}", encodeToString);
            try {
                build = ((SAML2SPEntityService) this.restClient.getSyncopeClient().getService(SAML2SPEntityService.class)).get(this.saml2Client.getName());
                build.setKeystore(encodeToString);
            } catch (Exception e) {
                LOG.debug("SP Entity {} not found, creating new", this.saml2Client.getName(), e);
                build = new SAML2SPEntityTO.Builder().key(this.saml2Client.getName()).keystore(encodeToString).build();
            }
            LOG.debug("Storing SP Entity {}", build);
            ((SAML2SPEntityService) this.restClient.getSyncopeClient().getService(SAML2SPEntityService.class)).set(build);
            byteArrayOutputStream.close();
        } catch (Throwable th) {
            try {
                byteArrayOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public InputStream retrieve() throws Exception {
        try {
            SAML2SPEntityTO sAML2SPEntityTO = ((SAML2SPEntityService) this.restClient.getSyncopeClient().getService(SAML2SPEntityService.class)).get(this.saml2Client.getName());
            LOG.debug("Retrieved keystore {}", sAML2SPEntityTO.getKeystore());
            return new ByteArrayInputStream(Base64.getDecoder().decode(sAML2SPEntityTO.getKeystore()));
        } catch (Exception e) {
            String str = "Unable to fetch SAML2 SP keystore for " + this.saml2Client.getName();
            LOG.error(str, e);
            throw new Exception(str);
        }
    }
}
