package pl.edu.icm.unity.saml.sp.console;

import com.vaadin.flow.server.StreamResource;
import eu.unicore.util.configuration.ConfigurationException;
import io.imunity.vaadin.endpoint.common.file.FileFieldUtils;
import io.imunity.vaadin.endpoint.common.file.LocalOrRemoteResource;
import io.imunity.vaadin.endpoint.common.forms.VaadinLogoImageLoader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.lang.invoke.SerializedLambda;
import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.exceptions.InternalException;
import pl.edu.icm.unity.base.file.FileData;
import pl.edu.icm.unity.base.message.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.PKIManagement;
import pl.edu.icm.unity.engine.api.files.FileStorageService;
import pl.edu.icm.unity.engine.api.files.URIAccessService;
import pl.edu.icm.unity.engine.api.files.URIHelper;
import pl.edu.icm.unity.saml.SamlProperties;
import pl.edu.icm.unity.saml.console.SAMLIdentityMapping;
import pl.edu.icm.unity.saml.sp.SAMLSPProperties;
import pl.edu.icm.unity.saml.sp.config.ComparisonMethod;
import pl.edu.icm.unity.saml.sp.config.RequestACRsMode;

/* loaded from: input_file:pl/edu/icm/unity/saml/sp/console/SAMLAuthenticatorConfiguration.class */
public class SAMLAuthenticatorConfiguration {
    private static Logger log = Log.getLogger("unity.server.saml", SAMLAuthenticatorConfiguration.class);
    private String requesterId;
    private String credential;
    private String additionalCredential;
    private boolean includeAdditionalCredentialInMetadata;
    private List<String> acceptedNameFormats;
    private boolean requireSignedAssertion;
    private boolean defSignRequest;
    private List<String> defaultRequestedNameFormat;
    private boolean defAccountAssociation;
    private List<SAMLAuthnTrustedFederationConfiguration> trustedFederations;
    private List<SAMLIndividualTrustedSamlIdpConfiguration> individualTrustedIdps;
    private boolean publishMetadata;
    private String metadataPath;
    private boolean signMetadata;
    private boolean autoGenerateMetadata;
    private LocalOrRemoteResource metadataSource;
    private String sloPath;
    private String sloRealm;
    private List<SAMLIdentityMapping> sloMappings;
    private RequestACRsMode requestACR;
    private List<String> requestedACRs;
    private ComparisonMethod comparisonMethod;

    public SAMLAuthenticatorConfiguration() {
        setPublishMetadata(true);
        setAutoGenerateMetadata(true);
        setMetadataPath("sp");
        setDefAccountAssociation(true);
        this.acceptedNameFormats = new ArrayList();
        this.defaultRequestedNameFormat = new ArrayList();
        this.requestACR = RequestACRsMode.NONE;
        this.requestedACRs = new ArrayList();
        this.comparisonMethod = ComparisonMethod.EXACT;
    }

    public String toProperties(PKIManagement pKIManagement, FileStorageService fileStorageService, MessageSource messageSource, String str) throws ConfigurationException {
        Properties properties = new Properties();
        properties.put("unity.saml.requester.requesterEntityId", getRequesterId());
        if (getCredential() != null) {
            properties.put("unity.saml.requester.requesterCredential", getCredential());
        }
        if (getAdditionalCredential() != null && !getAdditionalCredential().isEmpty()) {
            properties.put("unity.saml.requester.additionalCredential", getAdditionalCredential());
        }
        properties.put("unity.saml.requester.includeAddtionalCredentialInMetadata", String.valueOf(this.includeAdditionalCredentialInMetadata));
        if (this.acceptedNameFormats != null) {
            this.acceptedNameFormats.stream().forEach(str2 -> {
                properties.put("unity.saml.requester.acceptedNameFormats." + (this.acceptedNameFormats.indexOf(str2) + 1), str2);
            });
        }
        properties.put("unity.saml.requester.requireSignedAssertion", String.valueOf(isRequireSignedAssertion()));
        properties.put("unity.saml.requester.defaultSignRequest", String.valueOf(isDefSignRequest()));
        if (this.defaultRequestedNameFormat != null) {
            this.defaultRequestedNameFormat.stream().forEach(str3 -> {
                properties.put("unity.saml.requester.defaultRequestedNameFormat", str3);
            });
        }
        properties.put("unity.saml.requester.defaultEnableAccountAssociation", String.valueOf(isDefAccountAssociation()));
        if (getTrustedFederations() != null) {
            getTrustedFederations().stream().forEach(sAMLAuthnTrustedFederationConfiguration -> {
                sAMLAuthnTrustedFederationConfiguration.toProperties(properties);
            });
        }
        if (getIndividualTrustedIdps() != null) {
            getIndividualTrustedIdps().stream().forEach(sAMLIndividualTrustedSamlIdpConfiguration -> {
                sAMLIndividualTrustedSamlIdpConfiguration.toProperties(properties, messageSource, fileStorageService, str);
            });
        }
        properties.put("unity.saml.requester.publishMetadata", String.valueOf(isPublishMetadata()));
        if (getMetadataPath() != null) {
            properties.put("unity.saml.requester.metadataPath", getMetadataPath());
        }
        properties.put("unity.saml.requester.signMetadata", String.valueOf(isSignMetadata()));
        if (getMetadataSource() != null && !isAutoGenerateMetadata()) {
            FileFieldUtils.saveInProperties(getMetadataSource(), "unity.saml.requester.metadataSource", properties, fileStorageService, FileStorageService.StandardOwner.SERVICE.toString(), str);
        }
        if (getSloPath() != null) {
            properties.put("unity.saml.requester.sloPath", getSloPath());
        }
        if (getSloRealm() != null) {
            properties.put("unity.saml.requester.sloRealm", getSloRealm());
        }
        if (getSloMappings() != null) {
            getSloMappings().forEach(sAMLIdentityMapping -> {
                int indexOf = getSloMappings().indexOf(sAMLIdentityMapping) + 1;
                properties.put("unity.saml.requester.identityMapping." + indexOf + ".localIdentity", sAMLIdentityMapping.getUnityId() == null ? "" : sAMLIdentityMapping.getUnityId());
                properties.put("unity.saml.requester.identityMapping." + indexOf + ".samlIdentity", sAMLIdentityMapping.getSamlId() == null ? "" : sAMLIdentityMapping.getSamlId());
            });
        }
        properties.put("unity.saml.requester.requestACRs", getRequestACR().name());
        if (getRequestACR().equals(RequestACRsMode.FIXED)) {
            putACRs("unity.saml.requester.requestedACRs.", getRequestedACRs(), properties);
        }
        properties.put("unity.saml.requester.comparisonMethod", getComparisonMethod().name());
        return new SAMLSPProperties(properties, pKIManagement).getAsString();
    }

    private void putACRs(String str, List<String> list, Properties properties) {
        for (String str2 : list) {
            properties.put(str + (list.indexOf(str2) + 1), str2);
        }
    }

    public void fromProperties(PKIManagement pKIManagement, URIAccessService uRIAccessService, VaadinLogoImageLoader vaadinLogoImageLoader, MessageSource messageSource, String str) {
        Properties properties = new Properties();
        try {
            properties.load(new StringReader(str));
            SAMLSPProperties sAMLSPProperties = new SAMLSPProperties(properties, pKIManagement);
            setRequesterId(sAMLSPProperties.getValue(SAMLSPProperties.REQUESTER_ID));
            setCredential(sAMLSPProperties.getValue(SAMLSPProperties.CREDENTIAL));
            setAdditionalCredential(sAMLSPProperties.getValue(SAMLSPProperties.ADDITIONAL_CREDENTIAL));
            setIncludeAdditionalCredentialInMetadata(sAMLSPProperties.getBooleanValue(SAMLSPProperties.INCLUDE_ADDITIONAL_CREDENTIAL_IN_METADATA).booleanValue());
            setAcceptedNameFormats(sAMLSPProperties.getListOfValues(SAMLSPProperties.ACCEPTED_NAME_FORMATS));
            setRequireSignedAssertion(sAMLSPProperties.getBooleanValue(SAMLSPProperties.REQUIRE_SIGNED_ASSERTION).booleanValue());
            setDefSignRequest(sAMLSPProperties.getBooleanValue(SAMLSPProperties.DEF_SIGN_REQUEST).booleanValue());
            String value = sAMLSPProperties.getValue(SAMLSPProperties.DEF_REQUESTED_NAME_FORMAT);
            setDefaultRequestedNameFormat(value != null ? Arrays.asList(value) : new ArrayList<>());
            if (sAMLSPProperties.isSet("defaultEnableAccountAssociation")) {
                setDefAccountAssociation(sAMLSPProperties.getBooleanValue("defaultEnableAccountAssociation").booleanValue());
            }
            Set structuredListKeys = sAMLSPProperties.getStructuredListKeys(SAMLSPProperties.IDPMETA_PREFIX);
            this.trustedFederations = new ArrayList();
            structuredListKeys.forEach(str2 -> {
                SAMLAuthnTrustedFederationConfiguration sAMLAuthnTrustedFederationConfiguration = new SAMLAuthnTrustedFederationConfiguration();
                sAMLAuthnTrustedFederationConfiguration.fromProperties(sAMLSPProperties, str2.substring(SAMLSPProperties.IDPMETA_PREFIX.length(), str2.length() - 1));
                this.trustedFederations.add(sAMLAuthnTrustedFederationConfiguration);
            });
            Set structuredListKeys2 = sAMLSPProperties.getStructuredListKeys(SAMLSPProperties.IDP_PREFIX);
            this.individualTrustedIdps = new ArrayList();
            structuredListKeys2.forEach(str3 -> {
                SAMLIndividualTrustedSamlIdpConfiguration sAMLIndividualTrustedSamlIdpConfiguration = new SAMLIndividualTrustedSamlIdpConfiguration();
                sAMLIndividualTrustedSamlIdpConfiguration.fromProperties(messageSource, vaadinLogoImageLoader, sAMLSPProperties, str3.substring(SAMLSPProperties.IDP_PREFIX.length(), str3.length() - 1));
                this.individualTrustedIdps.add(sAMLIndividualTrustedSamlIdpConfiguration);
            });
            if (sAMLSPProperties.isSet(SamlProperties.PUBLISH_METADATA)) {
                setPublishMetadata(sAMLSPProperties.getBooleanValue(SamlProperties.PUBLISH_METADATA).booleanValue());
            }
            setMetadataPath(sAMLSPProperties.getValue(SAMLSPProperties.METADATA_PATH));
            if (sAMLSPProperties.isSet(SamlProperties.SIGN_METADATA)) {
                setSignMetadata(sAMLSPProperties.getBooleanValue(SamlProperties.SIGN_METADATA).booleanValue());
            }
            if (sAMLSPProperties.isSet(SamlProperties.METADATA_SOURCE)) {
                setAutoGenerateMetadata(false);
                String value2 = sAMLSPProperties.getValue(SamlProperties.METADATA_SOURCE);
                try {
                    URI parseURI = URIHelper.parseURI(value2);
                    if (URIHelper.isWebReady(parseURI)) {
                        setMetadataSource(new LocalOrRemoteResource(parseURI.toString(), ""));
                    } else {
                        FileData readURI = uRIAccessService.readURI(parseURI);
                        setMetadataSource(new LocalOrRemoteResource(new StreamResource("metadata", () -> {
                            return new ByteArrayInputStream(readURI.getContents());
                        }), parseURI.toString(), readURI.getContents()));
                    }
                } catch (Exception e) {
                    log.error("Can not load configured metadata from uri: {}", value2, e);
                }
            } else {
                setAutoGenerateMetadata(true);
            }
            setSloPath(sAMLSPProperties.getValue(SAMLSPProperties.SLO_PATH));
            setSloRealm(sAMLSPProperties.getValue(SAMLSPProperties.SLO_REALM));
            Set structuredListKeys3 = sAMLSPProperties.getStructuredListKeys(SamlProperties.IDENTITY_MAPPING_PFX);
            this.sloMappings = new ArrayList();
            structuredListKeys3.forEach(str4 -> {
                SAMLIdentityMapping sAMLIdentityMapping = new SAMLIdentityMapping();
                if (sAMLSPProperties.getValue(str4 + "localIdentity") != null && !sAMLSPProperties.getValue(str4 + "localIdentity").isEmpty()) {
                    sAMLIdentityMapping.setUnityId(sAMLSPProperties.getValue(str4 + "localIdentity"));
                }
                if (sAMLSPProperties.getValue(str4 + "samlIdentity") != null && !sAMLSPProperties.getValue(str4 + "samlIdentity").isEmpty()) {
                    sAMLIdentityMapping.setSamlId(sAMLSPProperties.getValue(str4 + "samlIdentity"));
                }
                this.sloMappings.add(sAMLIdentityMapping);
            });
            if (sAMLSPProperties.isSet(SAMLSPProperties.REQUEST_ACRS_MODE)) {
                setRequestACR((RequestACRsMode) sAMLSPProperties.getEnumValue(SAMLSPProperties.REQUEST_ACRS_MODE, RequestACRsMode.class));
            }
            setRequestedACRs(sAMLSPProperties.getListOfValues(SAMLSPProperties.REQUESTED_ACRS));
            setComparisonMethod((ComparisonMethod) sAMLSPProperties.getEnumValue(SAMLSPProperties.COMPARISON_METHOD, ComparisonMethod.class));
        } catch (IOException e2) {
            throw new InternalException("Invalid configuration of the SAML verificator", e2);
        }
    }

    public String getRequesterId() {
        return this.requesterId;
    }

    public void setRequesterId(String str) {
        this.requesterId = str;
    }

    public String getCredential() {
        return this.credential;
    }

    public void setCredential(String str) {
        this.credential = str;
    }

    public List<String> getAcceptedNameFormats() {
        return this.acceptedNameFormats;
    }

    public void setAcceptedNameFormats(List<String> list) {
        this.acceptedNameFormats = list;
    }

    public boolean isRequireSignedAssertion() {
        return this.requireSignedAssertion;
    }

    public void setRequireSignedAssertion(boolean z) {
        this.requireSignedAssertion = z;
    }

    public boolean isDefSignRequest() {
        return this.defSignRequest;
    }

    public void setDefSignRequest(boolean z) {
        this.defSignRequest = z;
    }

    public List<String> getDefaultRequestedNameFormat() {
        return this.defaultRequestedNameFormat;
    }

    public void setDefaultRequestedNameFormat(List<String> list) {
        this.defaultRequestedNameFormat = list;
    }

    public boolean isDefAccountAssociation() {
        return this.defAccountAssociation;
    }

    public void setDefAccountAssociation(boolean z) {
        this.defAccountAssociation = z;
    }

    public List<SAMLAuthnTrustedFederationConfiguration> getTrustedFederations() {
        return this.trustedFederations;
    }

    public void setTrustedFederations(List<SAMLAuthnTrustedFederationConfiguration> list) {
        this.trustedFederations = list;
    }

    public List<SAMLIndividualTrustedSamlIdpConfiguration> getIndividualTrustedIdps() {
        return this.individualTrustedIdps;
    }

    public void setIndividualTrustedIdps(List<SAMLIndividualTrustedSamlIdpConfiguration> list) {
        this.individualTrustedIdps = list;
    }

    public boolean isPublishMetadata() {
        return this.publishMetadata;
    }

    public void setPublishMetadata(boolean z) {
        this.publishMetadata = z;
    }

    public String getMetadataPath() {
        return this.metadataPath;
    }

    public void setMetadataPath(String str) {
        this.metadataPath = str;
    }

    public boolean isSignMetadata() {
        return this.signMetadata;
    }

    public void setSignMetadata(boolean z) {
        this.signMetadata = z;
    }

    public String getSloPath() {
        return this.sloPath;
    }

    public void setSloPath(String str) {
        this.sloPath = str;
    }

    public String getSloRealm() {
        return this.sloRealm;
    }

    public void setSloRealm(String str) {
        this.sloRealm = str;
    }

    public List<SAMLIdentityMapping> getSloMappings() {
        return this.sloMappings;
    }

    public void setSloMappings(List<SAMLIdentityMapping> list) {
        this.sloMappings = list;
    }

    public boolean isAutoGenerateMetadata() {
        return this.autoGenerateMetadata;
    }

    public void setAutoGenerateMetadata(boolean z) {
        this.autoGenerateMetadata = z;
    }

    public LocalOrRemoteResource getMetadataSource() {
        return this.metadataSource;
    }

    public void setMetadataSource(LocalOrRemoteResource localOrRemoteResource) {
        this.metadataSource = localOrRemoteResource;
    }

    public String getAdditionalCredential() {
        return this.additionalCredential;
    }

    public void setAdditionalCredential(String str) {
        this.additionalCredential = str;
    }

    public boolean isIncludeAdditionalCredentialInMetadata() {
        return this.includeAdditionalCredentialInMetadata;
    }

    public void setIncludeAdditionalCredentialInMetadata(boolean z) {
        this.includeAdditionalCredentialInMetadata = z;
    }

    public RequestACRsMode getRequestACR() {
        return this.requestACR;
    }

    public void setRequestACR(RequestACRsMode requestACRsMode) {
        this.requestACR = requestACRsMode;
    }

    public List<String> getRequestedACRs() {
        return this.requestedACRs;
    }

    public void setRequestedACRs(List<String> list) {
        this.requestedACRs = list;
    }

    public ComparisonMethod getComparisonMethod() {
        return this.comparisonMethod;
    }

    public void setComparisonMethod(ComparisonMethod comparisonMethod) {
        this.comparisonMethod = comparisonMethod;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case 26272244:
                if (implMethodName.equals("lambda$fromProperties$e8300739$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/flow/server/InputStreamFactory") && serializedLambda.getFunctionalInterfaceMethodName().equals("createInputStream") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/io/InputStream;") && serializedLambda.getImplClass().equals("pl/edu/icm/unity/saml/sp/console/SAMLAuthenticatorConfiguration") && serializedLambda.getImplMethodSignature().equals("(Lpl/edu/icm/unity/base/file/FileData;)Ljava/io/InputStream;")) {
                    FileData fileData = (FileData) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return new ByteArrayInputStream(fileData.getContents());
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
