package org.apache.syncope.wa.starter.saml.idp.metadata;

import com.github.benmanes.caffeine.cache.Cache;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Optional;
import org.apache.syncope.client.lib.SyncopeClient;
import org.apache.syncope.common.lib.SyncopeClientException;
import org.apache.syncope.common.lib.to.SAML2IdPEntityTO;
import org.apache.syncope.common.lib.types.ClientExceptionType;
import org.apache.syncope.common.rest.api.service.SAML2IdPEntityService;
import org.apache.syncope.wa.bootstrap.WARestClient;
import org.apereo.cas.support.saml.idp.metadata.locator.AbstractSamlIdPMetadataLocator;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlIdPMetadataDocument;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/syncope/wa/starter/saml/idp/metadata/RestfulSamlIdPMetadataLocator.class */
public class RestfulSamlIdPMetadataLocator extends AbstractSamlIdPMetadataLocator {
    private static final Logger LOG = LoggerFactory.getLogger(RestfulSamlIdPMetadataLocator.class);
    private final WARestClient restClient;

    public RestfulSamlIdPMetadataLocator(CipherExecutor<String, String> cipherExecutor, Cache<String, SamlIdPMetadataDocument> cache, WARestClient wARestClient) {
        super(cipherExecutor, cache);
        this.restClient = wARestClient;
    }

    public SamlIdPMetadataDocument fetchInternal(Optional<SamlRegisteredService> optional) {
        try {
            LOG.info("Locating SAML2 IdP metadata document");
            SAML2IdPEntityTO fetchFromCore = fetchFromCore(optional);
            if (fetchFromCore != null) {
                SamlIdPMetadataDocument samlIdPMetadataDocument = new SamlIdPMetadataDocument();
                samlIdPMetadataDocument.setAppliesTo(fetchFromCore.getKey());
                samlIdPMetadataDocument.setMetadata(new String(Base64.getDecoder().decode(fetchFromCore.getMetadata()), StandardCharsets.UTF_8));
                if (fetchFromCore.getSigningCertificate() != null) {
                    samlIdPMetadataDocument.setSigningCertificate(new String(Base64.getDecoder().decode(fetchFromCore.getSigningCertificate()), StandardCharsets.UTF_8));
                }
                if (fetchFromCore.getSigningKey() != null) {
                    samlIdPMetadataDocument.setSigningKey(new String(Base64.getDecoder().decode(fetchFromCore.getSigningKey().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
                }
                if (fetchFromCore.getEncryptionCertificate() != null) {
                    samlIdPMetadataDocument.setEncryptionCertificate(new String(Base64.getDecoder().decode(fetchFromCore.getEncryptionCertificate()), StandardCharsets.UTF_8));
                }
                if (fetchFromCore.getEncryptionKey() != null) {
                    samlIdPMetadataDocument.setEncryptionKey(new String(Base64.getDecoder().decode(fetchFromCore.getEncryptionKey().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
                }
                if (samlIdPMetadataDocument.isValid()) {
                    LOG.debug("Found SAML2 IdP metadata document: {}", Long.valueOf(samlIdPMetadataDocument.getId()));
                    return samlIdPMetadataDocument;
                }
            }
            LOG.warn("Not a valid SAML2 IdP metadata document");
            return null;
        } catch (Exception e) {
            if ((e instanceof SyncopeClientException) && e.getType() == ClientExceptionType.NotFound) {
                LOG.info(e.getMessage());
                return null;
            }
            if (LOG.isDebugEnabled()) {
                LOG.error("While fetching SAML2 IdP metadata", e);
                return null;
            }
            LOG.error("While fetching SAML2 IdP metadata: " + e.getMessage());
            return null;
        }
    }

    private SAML2IdPEntityTO fetchFromCore(Optional<SamlRegisteredService> optional) {
        SAML2IdPEntityTO sAML2IdPEntityTO;
        String str = (String) optional.map((v0) -> {
            return v0.getName();
        }).orElse("Syncope");
        SAML2IdPEntityService sAML2IdPEntityService = (SAML2IdPEntityService) getSyncopeClient().getService(SAML2IdPEntityService.class);
        try {
            sAML2IdPEntityTO = sAML2IdPEntityService.get(str);
        } catch (SyncopeClientException e) {
            if (e.getType() != ClientExceptionType.NotFound || !optional.isPresent()) {
                throw e;
            }
            sAML2IdPEntityTO = sAML2IdPEntityService.get("Syncope");
        }
        return sAML2IdPEntityTO;
    }

    private SyncopeClient getSyncopeClient() {
        if (WARestClient.isReady()) {
            return this.restClient.getSyncopeClient();
        }
        LOG.info("Syncope client is not yet ready");
        throw new IllegalStateException("Syncope core is not yet ready to access requests");
    }
}
