package org.apereo.cas.support.saml.services.idp.metadata.cache.resolver;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.InputStreamReader;
import java.io.Serializable;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Map;
import lombok.Generated;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import org.apache.commons.io.IOUtils;
import org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties;
import org.apereo.cas.support.saml.InMemoryResourceMetadataResolver;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.ResourceUtils;
import org.apereo.cas.util.function.FunctionUtils;
import org.apereo.cas.util.io.FileWatcherService;
import org.apereo.cas.util.serialization.JacksonObjectMapperFactory;
import org.apereo.cas.util.spring.SpringExpressionLanguageValueResolver;
import org.apereo.inspektr.audit.annotation.Audit;
import org.hjson.JsonValue;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.DisposableBean;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;

/* loaded from: input_file:org/apereo/cas/support/saml/services/idp/metadata/cache/resolver/JsonResourceMetadataResolver.class */
public class JsonResourceMetadataResolver extends BaseSamlRegisteredServiceMetadataResolver implements DisposableBean {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(JsonResourceMetadataResolver.class);
    private static final ObjectMapper MAPPER = JacksonObjectMapperFactory.builder().defaultTypingEnabled(false).build().toObjectMapper();
    private final String metadataTemplate;
    private final Resource jsonResource;
    private Map<String, SamlServiceProviderMetadata> metadataMap;
    private FileWatcherService watcherService;

    /* loaded from: input_file:org/apereo/cas/support/saml/services/idp/metadata/cache/resolver/JsonResourceMetadataResolver$SamlServiceProviderMetadata.class */
    public static class SamlServiceProviderMetadata implements Serializable {
        private static final long serialVersionUID = -7347473226470492601L;
        private String entityId;
        private String certificate;
        private String assertionConsumerServiceUrl;

        @Generated
        public String getEntityId() {
            return this.entityId;
        }

        @Generated
        public String getCertificate() {
            return this.certificate;
        }

        @Generated
        public String getAssertionConsumerServiceUrl() {
            return this.assertionConsumerServiceUrl;
        }

        @Generated
        public void setEntityId(String str) {
            this.entityId = str;
        }

        @Generated
        public void setCertificate(String str) {
            this.certificate = str;
        }

        @Generated
        public void setAssertionConsumerServiceUrl(String str) {
            this.assertionConsumerServiceUrl = str;
        }
    }

    public JsonResourceMetadataResolver(SamlIdPProperties samlIdPProperties, OpenSamlConfigBean openSamlConfigBean) {
        super(samlIdPProperties, openSamlConfigBean);
        this.metadataTemplate = (String) FunctionUtils.doUnchecked(() -> {
            return IOUtils.toString(new ClassPathResource("metadata/sp-metadata-template.xml").getInputStream(), StandardCharsets.UTF_8);
        });
        String resolve = SpringExpressionLanguageValueResolver.getInstance().resolve(samlIdPProperties.getMetadata().getFileSystem().getLocation());
        this.jsonResource = new FileSystemResource(new File((File) FunctionUtils.doUnchecked(() -> {
            return ResourceUtils.getRawResourceFrom(resolve).getFile();
        }), "saml-sp-metadata.json"));
        LOGGER.debug("Service provider metadata as JSON may be found at [{}]", this.jsonResource);
        if (this.jsonResource.exists()) {
            this.metadataMap = readDecisionsFromJsonResource();
            this.watcherService = (FileWatcherService) FunctionUtils.doUnchecked(() -> {
                return new FileWatcherService(this.jsonResource.getFile(), file -> {
                    this.metadataMap = readDecisionsFromJsonResource();
                });
            });
            this.watcherService.start(getClass().getSimpleName());
        }
    }

    @Override // org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.SamlRegisteredServiceMetadataResolver
    @Audit(action = "SAML2_METADATA_RESOLUTION", actionResolverName = "SAML2_METADATA_RESOLUTION_ACTION_RESOLVER", resourceResolverName = "SAML2_METADATA_RESOLUTION_RESOURCE_RESOLVER")
    public Collection<? extends MetadataResolver> resolve(SamlRegisteredService samlRegisteredService, CriteriaSet criteriaSet) {
        return this.metadataMap.containsKey(samlRegisteredService.getServiceId()) ? (Collection) FunctionUtils.doUnchecked(() -> {
            SamlServiceProviderMetadata samlServiceProviderMetadata = this.metadataMap.get(samlRegisteredService.getServiceId());
            InMemoryResourceMetadataResolver inMemoryResourceMetadataResolver = new InMemoryResourceMetadataResolver(new ByteArrayInputStream(this.metadataTemplate.replace("${entityId}", samlServiceProviderMetadata.getEntityId()).replace("${certificate}", samlServiceProviderMetadata.getCertificate()).replace("${assertionConsumerServiceUrl}", samlServiceProviderMetadata.getAssertionConsumerServiceUrl()).getBytes(StandardCharsets.UTF_8)), this.configBean);
            configureAndInitializeSingleMetadataResolver(inMemoryResourceMetadataResolver, samlRegisteredService);
            return CollectionUtils.wrap(inMemoryResourceMetadataResolver);
        }) : new ArrayList(0);
    }

    @Override // org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.SamlRegisteredServiceMetadataResolver
    public boolean supports(SamlRegisteredService samlRegisteredService) {
        return samlRegisteredService.getMetadataLocation().trim().startsWith("json://");
    }

    @Override // org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.SamlRegisteredServiceMetadataResolver
    public boolean isAvailable(SamlRegisteredService samlRegisteredService) {
        return ResourceUtils.doesResourceExist(this.jsonResource);
    }

    public void destroy() {
        if (this.watcherService != null) {
            this.watcherService.close();
        }
    }

    private Map<String, SamlServiceProviderMetadata> readDecisionsFromJsonResource() {
        return (Map) FunctionUtils.doUnchecked(() -> {
            InputStreamReader inputStreamReader = new InputStreamReader(this.jsonResource.getInputStream(), StandardCharsets.UTF_8);
            try {
                Map map = (Map) MAPPER.readValue(JsonValue.readHjson(inputStreamReader).toString(), new TypeReference<Map<String, SamlServiceProviderMetadata>>() { // from class: org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.JsonResourceMetadataResolver.1
                });
                inputStreamReader.close();
                return map;
            } catch (Throwable th) {
                try {
                    inputStreamReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        });
    }
}
