package pl.edu.icm.unity.saml.metadata.cfg;

import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import org.apache.log4j.Logger;
import org.apache.xmlbeans.XmlException;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.saml.SamlProperties;
import pl.edu.icm.unity.saml.metadata.cfg.MetadataVerificator;
import pl.edu.icm.unity.saml.sp.SAMLSPProperties;
import pl.edu.icm.unity.server.api.PKIManagement;
import pl.edu.icm.unity.server.utils.ExecutorsService;
import pl.edu.icm.unity.server.utils.Log;
import pl.edu.icm.unity.server.utils.UnityServerConfiguration;
import xmlbeans.org.oasis.saml2.metadata.EntitiesDescriptorDocument;

/* loaded from: input_file:pl/edu/icm/unity/saml/metadata/cfg/RemoteMetaManager.class */
public class RemoteMetaManager {
    private static final Logger log = Log.getLogger("unity.server.saml", RemoteMetaManager.class);
    private PKIManagement pkiManagement;
    private SamlProperties configuration;
    private ExecutorsService executorsService;
    private RemoteMetadataProvider remoteMetaProvider;
    private AbstractMetaToConfigConverter converter;
    private MetadataVerificator verificator = new MetadataVerificator();
    private SamlProperties virtualConfiguration;
    private Date validationDate;
    private String metaPrefix;

    /* loaded from: input_file:pl/edu/icm/unity/saml/metadata/cfg/RemoteMetaManager$Reloader.class */
    private class Reloader implements Runnable {
        private Reloader() {
        }

        @Override // java.lang.Runnable
        public void run() {
            try {
                RemoteMetaManager.this.reloadAll();
            } catch (Exception e) {
                RemoteMetaManager.log.error("Problem loading metadata of external saml 2 provider", e);
            }
        }
    }

    public RemoteMetaManager(SamlProperties samlProperties, UnityServerConfiguration unityServerConfiguration, ExecutorsService executorsService, PKIManagement pKIManagement, AbstractMetaToConfigConverter abstractMetaToConfigConverter, MetaDownloadManager metaDownloadManager, String str) {
        this.configuration = samlProperties;
        this.executorsService = executorsService;
        this.converter = abstractMetaToConfigConverter;
        this.remoteMetaProvider = new RemoteMetadataProvider(metaDownloadManager);
        this.pkiManagement = pKIManagement;
        this.virtualConfiguration = samlProperties.mo4clone();
        this.metaPrefix = str;
    }

    public void start() {
        log.trace("Staring remote meta manager");
        this.executorsService.getService().scheduleWithFixedDelay(new Reloader(), 5L, getBaseConfiguration().getLongValue(SamlProperties.METADATA_REFRESH).longValue(), TimeUnit.SECONDS);
    }

    public void reloadAll() {
        SamlProperties baseConfiguration = getBaseConfiguration();
        Set structuredListKeys = baseConfiguration.getStructuredListKeys(this.metaPrefix);
        Properties sourceProperties = baseConfiguration.getSourceProperties();
        Iterator it = structuredListKeys.iterator();
        while (it.hasNext()) {
            reloadSingle((String) it.next(), sourceProperties, baseConfiguration);
        }
        setVirtualConfiguration(sourceProperties);
    }

    public synchronized SamlProperties getVirtualConfiguration() {
        return this.virtualConfiguration.mo4clone();
    }

    public synchronized void setVirtualConfiguration(Properties properties) {
        this.virtualConfiguration.setProperties(properties);
    }

    public synchronized void setBaseConfiguration(SamlProperties samlProperties) {
        boolean z = !this.configuration.getProperties().equals(samlProperties.getProperties());
        this.configuration = samlProperties;
        if (z) {
            this.executorsService.getService().schedule(new Reloader(), 500L, TimeUnit.MILLISECONDS);
        }
    }

    private synchronized SamlProperties getBaseConfiguration() {
        return this.configuration;
    }

    private void reloadSingle(String str, Properties properties, SamlProperties samlProperties) {
        X509Certificate certificate;
        String value = samlProperties.getValue(str + SamlProperties.METADATA_URL);
        try {
            EntitiesDescriptorDocument load = this.remoteMetaProvider.load(value, samlProperties.getIntValue(str + SamlProperties.METADATA_REFRESH).intValue(), samlProperties.getValue(str + SamlProperties.METADATA_HTTPS_TRUSTSTORE));
            SAMLSPProperties.MetadataSignatureValidation metadataSignatureValidation = (SAMLSPProperties.MetadataSignatureValidation) samlProperties.getEnumValue(str + SamlProperties.METADATA_SIGNATURE, SAMLSPProperties.MetadataSignatureValidation.class);
            String value2 = samlProperties.getValue(str + SamlProperties.METADATA_ISSUER_CERT);
            if (value2 != null) {
                try {
                    certificate = this.pkiManagement.getCertificate(value2);
                } catch (EngineException e) {
                    log.error("Problem establishing certificate for metadata validation " + value2, e);
                    return;
                } catch (MetadataVerificator.MetadataValidationException e2) {
                    log.error("Metadata from " + value + " is invalid, won't be used", e2);
                    return;
                }
            } else {
                certificate = null;
            }
            this.verificator.validate(load, this.validationDate != null ? this.validationDate : new Date(), metadataSignatureValidation, certificate);
            this.converter.convertToProperties(load, properties, samlProperties, str);
        } catch (XmlException e3) {
            log.warn("Metadata from " + value + " was downloaded, but can not be parsed", e3);
        } catch (EngineException e4) {
            log.error("Internal problem fetching metadata from " + value, e4);
        } catch (IOException e5) {
            log.warn("Problem fetching metadata from " + value, e5);
        }
    }

    public void setValidationDate(Date date) {
        this.validationDate = date;
    }
}
