package coldfusion.saml;

import coldfusion.log.CFLogs;
import coldfusion.osgi.services.SamlService;
import coldfusion.runtime.ApplicationException;
import coldfusion.runtime.Struct;
import coldfusion.saml.util.Utils;
import coldfusion.server.ConfigMap;
import coldfusion.server.ServiceBase;
import coldfusion.server.ServiceException;
import coldfusion.util.PasswordUtils;
import coldfusion.util.RB;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Observable;
import java.util.Observer;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:coldfusion/saml/SAMLServiceImpl.class */
public class SAMLServiceImpl extends ServiceBase implements SamlService, Observer {
    private File samlServiceFile;
    private String seed;
    protected Map<String, IdpConfiguration> idpConfig = new HashMap();
    protected Map<String, SpConfiguration> spConfig = new HashMap();
    private ConfigMap samlSettings;
    private String rootDir;
    private String samlFolderPrefix;
    private static final String IDP_LIST = "IdentityProvidersMap";
    private static final String SP_LIST = "ServiceProvidersMap";
    private static final String METADATA_FILE_SUFFIX = "_metadata.xml";

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$IdpException.class */
    public static class IdpException extends ApplicationException {
        public String fieldsMissing;

        /* JADX WARN: Failed to find 'out' block for switch in B:5:0x0039. Please report as an issue. */
        public IdpException(List<String> list) {
            this.fieldsMissing = "";
            ArrayList arrayList = new ArrayList();
            for (String str : list) {
                boolean z = -1;
                switch (str.hashCode()) {
                    case -2143577537:
                        if (str.equals("idp_entityId_not_found")) {
                            z = false;
                            break;
                        }
                        break;
                    case -1598562451:
                        if (str.equals("idp_sso_url_invalid")) {
                            z = true;
                            break;
                        }
                        break;
                    case -570423530:
                        if (str.equals("idp_cert_or_fingerprint_not_found_and_required")) {
                            z = 2;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                        arrayList.add("Entity Id");
                        break;
                    case true:
                        arrayList.add("Single Sign On URL");
                        break;
                    case true:
                        arrayList.add("IDP Encryption Certificate");
                        break;
                }
            }
            this.fieldsMissing = String.join(",", arrayList);
        }
    }

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$IdpMetadataException.class */
    public static class IdpMetadataException extends ApplicationException {
        public String exceptionMessage;

        public IdpMetadataException(String str) {
            this.exceptionMessage = "";
            this.exceptionMessage = str;
        }
    }

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$IdpNameAlreadyExistsException.class */
    public class IdpNameAlreadyExistsException extends ApplicationException {
        public String alias;

        public IdpNameAlreadyExistsException(String str) {
            this.alias = "";
            this.alias = str;
        }
    }

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$IdpNotFoundException.class */
    public class IdpNotFoundException extends ApplicationException {
        public String alias;

        public IdpNotFoundException(String str) {
            this.alias = str;
        }
    }

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$SpException.class */
    public static class SpException extends ApplicationException {
        public String fieldsMissing;

        /* JADX WARN: Failed to find 'out' block for switch in B:5:0x0039. Please report as an issue. */
        public SpException(List<String> list) {
            this.fieldsMissing = "";
            ArrayList arrayList = new ArrayList();
            for (String str : list) {
                boolean z = -1;
                switch (str.hashCode()) {
                    case -1163019071:
                        if (str.equals("acs_url")) {
                            z = true;
                            break;
                        }
                        break;
                    case -740565257:
                        if (str.equals("entity_id")) {
                            z = false;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                        arrayList.add("Entity Id");
                        break;
                    case true:
                        arrayList.add("Assertion Consumer Service URL");
                        break;
                }
            }
            this.fieldsMissing = String.join(",", arrayList);
        }
    }

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$SpMetadataException.class */
    public static class SpMetadataException extends ApplicationException {
        public String exceptionMessage;

        public SpMetadataException(String str) {
            this.exceptionMessage = "";
            this.exceptionMessage = str;
        }
    }

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$SpNameAlreadyExistsException.class */
    public class SpNameAlreadyExistsException extends ApplicationException {
        public String name;

        public SpNameAlreadyExistsException(String str) {
            this.name = "";
            this.name = str;
        }
    }

    /* loaded from: input_file:coldfusion/saml/SAMLServiceImpl$SpNotFoundException.class */
    public class SpNotFoundException extends ApplicationException {
        public String alias;

        public SpNotFoundException(String str) {
            this.alias = str;
        }
    }

    public SAMLServiceImpl(File file, String str) {
        this.samlServiceFile = file;
        this.rootDir = str;
        this.samlFolderPrefix = str + File.separator + "lib" + File.separator + "saml" + File.separator;
        File file2 = new File(this.samlFolderPrefix);
        if (!file2.exists()) {
            file2.mkdir();
        }
        SamlCacheHelper.initSamlAuthCache(str);
    }

    public String getRootDir() {
        return this.rootDir;
    }

    public void addIdpMetadata(String str, Object obj) {
        IdpConfiguration idpConfiguration = (IdpConfiguration) obj;
        if (Utils.isEmpty(str)) {
            throw new IdpMetadataException(RB.getString(this, "AliasEmptyIDP"));
        }
        if (str.length() > 50) {
            throw new IdpMetadataException(RB.getString(this, "AliasTooLong"));
        }
        if (idpConfiguration.getMetadataRaw() != null) {
            idpConfiguration.setMetadataRaw(StringEscapeUtils.unescapeHtml4(idpConfiguration.getMetadataRaw()));
        }
        List<String> validateIdpSettings = SamlHelper.validateIdpSettings(idpConfiguration);
        if (!validateIdpSettings.isEmpty()) {
            throw new IdpException(validateIdpSettings);
        }
        if (this.idpConfig.containsKey(str)) {
            throw new IdpNameAlreadyExistsException(str);
        }
        this.idpConfig.put(str, idpConfiguration);
        this.samlSettings.put(IDP_LIST, this.idpConfig);
        store();
    }

    public void modifyIdpMetadata(String str, String str2, Object obj) {
        IdpConfiguration idpConfiguration = (IdpConfiguration) obj;
        if (Utils.isEmpty(str) || Utils.isEmpty(str2)) {
            throw new IdpMetadataException(RB.getString(this, "AliasEmptyIDP"));
        }
        if (idpConfiguration.getMetadataRaw() != null) {
            idpConfiguration.setMetadataRaw(StringEscapeUtils.unescapeHtml4(idpConfiguration.getMetadataRaw()));
        }
        List<String> validateIdpSettings = SamlHelper.validateIdpSettings(idpConfiguration);
        if (!validateIdpSettings.isEmpty()) {
            throw new IdpException(validateIdpSettings);
        }
        if (!this.idpConfig.containsKey(str)) {
            throw new IdpNotFoundException(str);
        }
        this.idpConfig.remove(str);
        this.idpConfig.put(str2, idpConfiguration);
        this.samlSettings.put(IDP_LIST, this.idpConfig);
        store();
    }

    public void deleteIdpMetadata(String str) {
        if (!this.idpConfig.containsKey(str)) {
            throw new IdpNotFoundException(str);
        }
        this.idpConfig.remove(str);
        this.samlSettings.put(IDP_LIST, this.idpConfig);
        store();
    }

    public Map getAllIdpConfig() {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        this.idpConfig.entrySet().stream().sorted(Map.Entry.comparingByKey()).forEachOrdered(entry -> {
            linkedHashMap.put(entry.getKey(), entry.getValue());
        });
        return linkedHashMap;
    }

    public Map getAllSpConfig() {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        this.spConfig.entrySet().stream().sorted(Map.Entry.comparingByKey()).forEachOrdered(entry -> {
            linkedHashMap.put(entry.getKey(), entry.getValue());
        });
        return linkedHashMap;
    }

    public Struct getIdpMetadataData(String str) {
        return SamlHelper.toIdpStruct(m1getIdpMetadata(str));
    }

    /* renamed from: getIdpMetadata, reason: merged with bridge method [inline-methods] */
    public IdpConfiguration m1getIdpMetadata(String str) {
        if (this.idpConfig.containsKey(str)) {
            return this.idpConfig.get(str);
        }
        return null;
    }

    public Struct getSpMetadataData(String str) {
        return SamlHelper.toSpStruct(m0getSpMetadata(str));
    }

    /* renamed from: getSpMetadata, reason: merged with bridge method [inline-methods] */
    public SpConfiguration m0getSpMetadata(String str) {
        if (str == null || !this.spConfig.containsKey(str)) {
            return null;
        }
        try {
            SpConfiguration m9clone = this.spConfig.get(str).m9clone();
            m9clone.setSignKeystorePassword(decryptPassword(m9clone.getSignKeystorePassword()));
            return m9clone;
        } catch (CloneNotSupportedException e) {
            return this.spConfig.get(str);
        }
    }

    public void addSpMetadata(String str, Object obj) {
        SpConfiguration spConfiguration = (SpConfiguration) obj;
        if (Utils.isEmpty(str)) {
            throw new SpMetadataException(RB.getString(this, "AliasEmptySP"));
        }
        if (str.length() > 50) {
            throw new SpMetadataException(RB.getString(this, "AliasTooLong"));
        }
        if (entityIdExists(spConfiguration.getEntityId())) {
            throw new SpMetadataException(RB.getString(this, "DuplicateEntityId"));
        }
        List<String> validateSpSettings = spConfiguration.isGenerated() ? null : SamlHelper.validateSpSettings(spConfiguration);
        if (validateSpSettings != null && !validateSpSettings.isEmpty()) {
            throw new SpException(validateSpSettings);
        }
        if (spConfiguration.getSignKeystorePassword() != null) {
            spConfiguration.setSignKeystorePassword(encryptPassword(spConfiguration.getSignKeystorePassword()));
        }
        if (this.spConfig.containsKey(str)) {
            throw new SpNameAlreadyExistsException(str);
        }
        this.spConfig.put(str, spConfiguration);
        this.samlSettings.put(SP_LIST, this.spConfig);
        store();
    }

    private boolean entityIdExists(String str) {
        boolean z = false;
        Iterator<SpConfiguration> it = this.spConfig.values().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (it.next().getEntityId().equals(str)) {
                z = true;
                break;
            }
        }
        return z;
    }

    public void modifySpMetadata(String str, String str2, Object obj) throws CloneNotSupportedException {
        modifySpMetadata(str, str2, obj, false);
    }

    public void modifySpMetadata(String str, String str2, Object obj, boolean z) throws CloneNotSupportedException {
        SpConfiguration spConfiguration = (SpConfiguration) obj;
        if (Utils.isEmpty(str) || Utils.isEmpty(str2)) {
            throw new SpMetadataException(RB.getString(this, "AliasEmptySP"));
        }
        if (z) {
            SamlHelper.mergeSp(m0getSpMetadata(str), spConfiguration);
        }
        List<String> validateSpSettings = SamlHelper.validateSpSettings(spConfiguration);
        if (!validateSpSettings.isEmpty()) {
            throw new SpException(validateSpSettings);
        }
        if (!this.spConfig.containsKey(str)) {
            throw new SpNotFoundException(str);
        }
        SpConfiguration m9clone = this.spConfig.get(str).m9clone();
        if (StringUtils.equals(PasswordUtils.decryptPassword(m9clone.getSignKeystorePassword(), this.seed), spConfiguration.getSignKeystorePassword())) {
            spConfiguration.setSignKeystorePassword(m9clone.getSignKeystorePassword());
        } else {
            spConfiguration.setSignKeystorePassword(PasswordUtils.encryptPassword(spConfiguration.getSignKeystorePassword(), this.seed));
        }
        this.spConfig.remove(str);
        this.spConfig.put(str2, spConfiguration);
        this.samlSettings.put(SP_LIST, this.spConfig);
        store();
    }

    public void deleteSpMetadata(String str) {
        if (!this.spConfig.containsKey(str)) {
            throw new SpNotFoundException(str);
        }
        SpConfiguration spConfiguration = this.spConfig.get(str);
        if (spConfiguration.isGenerated()) {
            try {
                Files.deleteIfExists(new File(spConfiguration.getSignKeystorePath()).toPath());
            } catch (IOException e) {
            }
        }
        this.spConfig.remove(str);
        this.samlSettings.put(SP_LIST, this.spConfig);
        store();
    }

    public void start() throws ServiceException {
        super.start();
        PasswordUtils.getInstance().addObserver(this);
    }

    public void addPasswordObserver() {
        try {
            start();
        } catch (ServiceException e) {
            CFLogs.SERVER_LOG.error(e);
        }
    }

    public void load() throws ServiceException {
        try {
            this.samlServiceFile = coldfusion.util.Utils.getCanonicalFile(this.samlServiceFile);
            this.samlSettings = (ConfigMap) deserialize(this.samlServiceFile);
            if (this.samlSettings == null) {
                this.samlSettings = new ConfigMap(this, "saml");
                this.idpConfig = new HashMap();
                this.spConfig = new HashMap();
                this.samlSettings.put(IDP_LIST, this.idpConfig);
                this.samlSettings.put(SP_LIST, this.spConfig);
            } else {
                Object obj = this.samlSettings.get(IDP_LIST);
                if (obj != null) {
                    this.idpConfig = (Map) obj;
                } else {
                    this.samlSettings.put(IDP_LIST, this.idpConfig);
                }
                Object obj2 = this.samlSettings.get(SP_LIST);
                if (obj2 != null) {
                    this.spConfig = (Map) obj2;
                } else {
                    this.samlSettings.put(SP_LIST, this.spConfig);
                }
            }
        } catch (Exception e) {
            throw new ServiceException(e);
        }
    }

    public void store() {
        serialize(this.samlSettings, this.samlServiceFile);
    }

    @Override // java.util.Observer
    public void update(Observable observable, Object obj) {
        String str;
        String str2 = this.seed;
        if (!(observable instanceof PasswordUtils) || obj == null || !(obj instanceof String) || (str = (String) obj) == null || str.length() <= 0) {
            return;
        }
        this.seed = str;
        if (str2 == null) {
            return;
        }
        synchronized (str) {
            reEncryptPasswords(str2);
        }
    }

    public Map getResourceBundle() {
        if (this.rb == null) {
            this.rb = new HashMap();
            this.rb.put("saml.keys", "IdentityProvidersMap,ServiceProvidersMap");
            this.rb.put("saml.types", "java.util.Map, java.util.Map");
            this.rb.put("saml.formats", "coldfusion.server.MapFormatter, coldfusion.server.MapFormatter");
            this.rb.put("saml.value", "");
        }
        return this.rb;
    }

    private void reEncryptPasswords(String str) {
        this.spConfig.forEach((str2, spConfiguration) -> {
            spConfiguration.setSignKeystorePassword(PasswordUtils.encryptPassword(PasswordUtils.decryptPassword(spConfiguration.getSignKeystorePassword(), str), this.seed));
        });
        store();
    }

    public String exportSpMetadata(String str) throws CloneNotSupportedException, IOException {
        String str2 = this.samlFolderPrefix + str + METADATA_FILE_SUFFIX;
        SpConfiguration m9clone = this.spConfig.get(str).m9clone();
        m9clone.setSignKeystorePassword(PasswordUtils.decryptPassword(m9clone.getSignKeystorePassword(), this.seed));
        SamlHelper.exportSpMetadata(m9clone, str2);
        return new File(str2).getCanonicalPath();
    }

    public String generateDefaultSpMetadata() {
        return (String) SamlHelper.generateDefaultSpMetadata(true, null).get("name");
    }

    public String encryptPassword(String str) {
        return PasswordUtils.encryptPassword(str, this.seed);
    }

    public String decryptPassword(String str) {
        return PasswordUtils.decryptPassword(str, this.seed);
    }

    public boolean isInstaceOfSamlService(Object obj) {
        return obj instanceof SAMLServiceImpl;
    }

    public Map GenerateSAMLSPMetadata(Map map) {
        return SamlHelper.generateSpStruct(map);
    }

    public String GetSAMLAuthRequest(Map map) {
        return new SamlRequestBuilder().buildAuthnRequest(map);
    }

    public String GetSAMLLogoutRequest(Map map) {
        return new SamlRequestBuilder().buildLogoutRequest(map);
    }

    public void InitSAMLAuthRequest(Map map) {
        new SamlRequestBuilder().initAuthRequest(map);
    }

    public void InitSAMLLogoutRequest(Map map) {
        new SamlRequestBuilder().initLogoutRequest(map);
    }

    public Map ProcessSAMLResponse(String str, String str2) {
        return new SamlResponseHandler(false, str, str2).handleResponse();
    }

    public Map ProcessSAMLLogoutRequest(String str, String str2) {
        return new SamlResponseHandler(true, str, str2).handleLogoutRequest();
    }

    public void SendSAMLLogoutResponse(String str, String str2, String str3) {
        new SamlResponseHandler(true, str2, str3).sendLogoutResponse(str);
    }

    public boolean IsSAMLLogoutRequest() {
        return SamlHelper.isSamlLogoutRequest();
    }

    public boolean IsSAMLLogoutResponse() {
        return SamlHelper.isSamlLogoutResponse();
    }
}
