package org.apache.syncope.wa.starter.saml.idp.metadata;

import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Optional;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.syncope.client.lib.SyncopeClient;
import org.apache.syncope.common.lib.to.SAML2IdPEntityTO;
import org.apache.syncope.common.rest.api.service.SAML2IdPEntityService;
import org.apache.syncope.wa.bootstrap.WARestClient;
import org.apereo.cas.support.saml.idp.metadata.generator.BaseSamlIdPMetadataGenerator;
import org.apereo.cas.support.saml.idp.metadata.generator.SamlIdPMetadataGeneratorConfigurationContext;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlIdPMetadataDocument;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/syncope/wa/starter/saml/idp/metadata/RestfulSamlIdPMetadataGenerator.class */
public class RestfulSamlIdPMetadataGenerator extends BaseSamlIdPMetadataGenerator {
    private static final Logger LOG = LoggerFactory.getLogger(RestfulSamlIdPMetadataGenerator.class);
    private final WARestClient restClient;

    public RestfulSamlIdPMetadataGenerator(SamlIdPMetadataGeneratorConfigurationContext samlIdPMetadataGeneratorConfigurationContext, WARestClient wARestClient) {
        super(samlIdPMetadataGeneratorConfigurationContext);
        this.restClient = wARestClient;
    }

    protected SamlIdPMetadataDocument finalizeMetadataDocument(SamlIdPMetadataDocument samlIdPMetadataDocument, Optional<SamlRegisteredService> optional) throws Exception {
        LOG.info("Generating new SAML2 IdP metadata document");
        samlIdPMetadataDocument.setAppliesTo("Syncope");
        SAML2IdPEntityTO build = new SAML2IdPEntityTO.Builder().key(samlIdPMetadataDocument.getAppliesTo()).metadata(Base64.getEncoder().encodeToString(samlIdPMetadataDocument.getMetadata().getBytes(StandardCharsets.UTF_8))).build();
        if (samlIdPMetadataDocument.getSigningKey() != null) {
            build.setSigningKey(Base64.getEncoder().encodeToString(samlIdPMetadataDocument.getSigningKey().getBytes(StandardCharsets.UTF_8)));
        }
        if (samlIdPMetadataDocument.getSigningCertificate() != null) {
            build.setSigningCertificate(Base64.getEncoder().encodeToString(samlIdPMetadataDocument.getSigningCertificate().getBytes(StandardCharsets.UTF_8)));
        }
        if (samlIdPMetadataDocument.getEncryptionKey() != null) {
            build.setEncryptionKey(Base64.getEncoder().encodeToString(samlIdPMetadataDocument.getEncryptionKey().getBytes(StandardCharsets.UTF_8)));
        }
        if (samlIdPMetadataDocument.getEncryptionCertificate() != null) {
            build.setEncryptionCertificate(Base64.getEncoder().encodeToString(samlIdPMetadataDocument.getEncryptionCertificate().getBytes(StandardCharsets.UTF_8)));
        }
        ((SAML2IdPEntityService) getSyncopeClient().getService(SAML2IdPEntityService.class)).set(build);
        return samlIdPMetadataDocument;
    }

    public Pair<String, String> buildSelfSignedEncryptionCert(Optional<SamlRegisteredService> optional) throws Exception {
        return generateCertificateAndKey();
    }

    public Pair<String, String> buildSelfSignedSigningCert(Optional<SamlRegisteredService> optional) throws Exception {
        return generateCertificateAndKey();
    }

    private SyncopeClient getSyncopeClient() {
        if (WARestClient.isReady()) {
            return this.restClient.getSyncopeClient();
        }
        LOG.info("Syncope client is not yet ready");
        throw new IllegalStateException("Syncope core is not yet ready to access requests");
    }
}
