package org.jahia.modules.saml2.admin;

import java.io.File;
import java.io.IOException;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.function.Consumer;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.fileupload.disk.DiskFileItem;
import org.cryptacular.bean.KeyStoreFactoryBean;
import org.jahia.bin.Action;
import org.jahia.bin.ActionResult;
import org.jahia.modules.saml2.SAML2Constants;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.render.RenderContext;
import org.jahia.services.render.Resource;
import org.jahia.services.render.URLResolver;
import org.jahia.tools.files.FileUpload;
import org.jahia.utils.ClassLoaderUtils;
import org.json.JSONObject;
import org.opensaml.core.config.InitializationService;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.core.Artifact;
import org.pac4j.core.context.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jahia/modules/saml2/admin/SAML2SettingsAction.class */
public final class SAML2SettingsAction extends Action {
    private static final Logger logger = LoggerFactory.getLogger(SAML2SettingsAction.class);
    private final Map<String, String> bindings = new LinkedHashMap();
    private final Map<String, String> keyStoreTypes;
    private SAML2SettingsService saml2SettingsService;

    public SAML2SettingsAction() {
        this.bindings.put(SAMLConstants.SAML2_POST_BINDING_URI, "POST");
        this.bindings.put(SAMLConstants.SAML2_REDIRECT_BINDING_URI, "Redirect");
        this.bindings.put(SAMLConstants.SAML2_ARTIFACT_BINDING_URI, Artifact.DEFAULT_ELEMENT_LOCAL_NAME);
        this.bindings.put(SAMLConstants.SAML2_SOAP11_BINDING_URI, "SOAP");
        this.bindings.put(SAMLConstants.SAML2_PAOS_BINDING_URI, "PAOS");
        this.bindings.put(SAMLConstants.SAML2_POST_SIMPLE_SIGN_BINDING_URI, "POST-SimpleSign");
        this.keyStoreTypes = new LinkedHashMap();
        this.keyStoreTypes.put("JKS", "JKS");
        this.keyStoreTypes.put(KeyStoreFactoryBean.DEFAULT_TYPE, KeyStoreFactoryBean.DEFAULT_TYPE);
        this.keyStoreTypes.put("PKCS12", "PKCS12");
        this.keyStoreTypes.put("PKCS12S2", "PKCS12S2");
    }

    public ActionResult doExecute(HttpServletRequest httpServletRequest, RenderContext renderContext, Resource resource, JCRSessionWrapper jCRSessionWrapper, Map<String, List<String>> map, URLResolver uRLResolver) throws Exception {
        SAML2Settings settings;
        try {
            String siteKey = renderContext.getSite().getSiteKey();
            if (map.get("enabled") != null) {
                SAML2Settings settings2 = this.saml2SettingsService.getSettings(siteKey);
                settings = (SAML2Settings) ClassLoaderUtils.executeWith(InitializationService.class.getClassLoader(), () -> {
                    return saveSettings(map, (FileUpload) httpServletRequest.getAttribute("fileUpload"), siteKey, settings2);
                });
            } else {
                settings = this.saml2SettingsService.getSettings(siteKey);
                if (settings == null) {
                    settings = this.saml2SettingsService.createSAML2Settings(siteKey);
                }
            }
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("enabled", settings.getEnabled());
            jSONObject.put(SAML2Constants.RELYING_PARTY_IDENTIFIER, settings.getRelyingPartyIdentifier());
            jSONObject.put(SAML2Constants.INCOMING_TARGET_URL, settings.getIncomingTargetUrl());
            jSONObject.put(SAML2Constants.KEY_STORE_TYPE, settings.getKeyStoreType());
            jSONObject.put(SAML2Constants.KEY_STORE_ALIAS, settings.getKeyStoreAlias());
            jSONObject.put(SAML2Constants.KEY_STORE_PASS, settings.getKeyStorePass());
            jSONObject.put(SAML2Constants.MAXIMUM_AUTHENTICATION_LIFETIME, settings.getMaximumAuthenticationLifetime());
            jSONObject.put(SAML2Constants.PRIVATE_KEY_PASS, settings.getPrivateKeyPass());
            jSONObject.put(SAML2Constants.POST_LOGIN_PATH, settings.getPostLoginPath());
            jSONObject.put(SAML2Constants.FORCE_AUTH, settings.isForceAuth());
            jSONObject.put(SAML2Constants.PASSIVE, settings.isPassive());
            jSONObject.put(SAML2Constants.REQUIRES_SIGNED_ASSERTIONS, settings.isRequireSignedAssertions());
            jSONObject.put(SAML2Constants.SIGN_AUTH_REQUEST, settings.isSignAuthnRequest());
            jSONObject.put(SAML2Constants.BINDING_TYPE, settings.getBindingType());
            jSONObject.put(SAML2Constants.MAPPER_ID_FIELD, settings.getMapperIdField());
            jSONObject.put("availableBindings", (Map) this.bindings);
            jSONObject.put("availableKeyStoreTypes", (Map) this.keyStoreTypes);
            return new ActionResult(200, (String) null, jSONObject);
        } catch (Exception e) {
            JSONObject jSONObject2 = new JSONObject();
            if (logger.isDebugEnabled()) {
                logger.debug("error while saving settings", (Throwable) e);
            }
            if (e.getMessage() != null) {
                jSONObject2.put("error", e.getMessage());
                if (e.getCause() != null && e.getCause().getMessage() != null) {
                    jSONObject2.put("error", e.getMessage() + " - " + e.getCause().getMessage());
                }
            } else {
                jSONObject2.put("error", "Error when saving");
            }
            jSONObject2.put("type", e.getClass().getSimpleName());
            return new ActionResult(HttpConstants.DEFAULT_CONNECT_TIMEOUT, (String) null, jSONObject2);
        }
    }

    private SAML2Settings saveSettings(Map<String, List<String>> map, FileUpload fileUpload, String str, SAML2Settings sAML2Settings) {
        SAML2Settings createSAML2Settings;
        if (sAML2Settings != null) {
            createSAML2Settings = sAML2Settings;
        } else {
            try {
                createSAML2Settings = this.saml2SettingsService.createSAML2Settings(str);
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
        SAML2Settings sAML2Settings2 = createSAML2Settings;
        setProperty(map, "enabled", str2 -> {
            sAML2Settings2.setEnabled(Boolean.parseBoolean(str2));
        });
        sAML2Settings2.getClass();
        setFile(fileUpload, SAML2Constants.IDENTITY_PROVIDER_METADATA, sAML2Settings2::setIdentityProviderMetadataFile);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.RELYING_PARTY_IDENTIFIER, sAML2Settings2::setRelyingPartyIdentifier);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.INCOMING_TARGET_URL, sAML2Settings2::setIncomingTargetUrl);
        sAML2Settings2.getClass();
        setFile(fileUpload, SAML2Constants.KEY_STORE, sAML2Settings2::setKeyStoreFile);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.KEY_STORE_TYPE, sAML2Settings2::setKeyStoreType);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.KEY_STORE_ALIAS, sAML2Settings2::setKeyStoreAlias);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.KEY_STORE_PASS, sAML2Settings2::setKeyStorePass);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.PRIVATE_KEY_PASS, sAML2Settings2::setPrivateKeyPass);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.POST_LOGIN_PATH, sAML2Settings2::setPostLoginPath);
        setProperty(map, SAML2Constants.MAXIMUM_AUTHENTICATION_LIFETIME, str3 -> {
            sAML2Settings2.setMaximumAuthenticationLifetime(Long.valueOf(Long.parseLong(str3)));
        });
        setProperty(map, SAML2Constants.FORCE_AUTH, str4 -> {
            sAML2Settings2.setForceAuth(Boolean.parseBoolean(str4));
        });
        setProperty(map, SAML2Constants.PASSIVE, str5 -> {
            sAML2Settings2.setPassive(Boolean.parseBoolean(str5));
        });
        setProperty(map, SAML2Constants.REQUIRES_SIGNED_ASSERTIONS, str6 -> {
            sAML2Settings2.setRequireSignedAssertions(Boolean.parseBoolean(str6));
        });
        setProperty(map, SAML2Constants.SIGN_AUTH_REQUEST, str7 -> {
            sAML2Settings2.setSignAuthnRequest(Boolean.parseBoolean(str7));
        });
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.BINDING_TYPE, sAML2Settings2::setBindingType);
        sAML2Settings2.getClass();
        setProperty(map, SAML2Constants.MAPPER_ID_FIELD, sAML2Settings2::setMapperIdField);
        this.saml2SettingsService.saveSAML2Settings(sAML2Settings2);
        return sAML2Settings2;
    }

    private void setProperty(Map<String, List<String>> map, String str, Consumer<String> consumer) {
        if (map.containsKey(str)) {
            consumer.accept(map.get(str).iterator().next());
        }
    }

    private void setFile(FileUpload fileUpload, String str, Consumer<File> consumer) throws IOException {
        if (fileUpload.getFileItems().containsKey(str)) {
            consumer.accept(((DiskFileItem) fileUpload.getFileItems().get(str)).getStoreLocation());
        }
    }

    public void setSaml2SettingsService(SAML2SettingsService sAML2SettingsService) {
        this.saml2SettingsService = sAML2SettingsService;
    }
}
