package org.n52.security.service.facade;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import net.sf.json.util.JSONUtils;
import org.apache.log4j.Logger;
import org.apache.xmlbeans.XmlOptions;
import org.n52.security.authentication.AuthenticationMethod;
import org.n52.security.authentication.AuthenticationMethodFactory;
import org.n52.security.authentication.Credential;
import org.n52.security.authentication.CredentialFactory;
import org.n52.security.authentication.LicenseReference;
import org.n52.security.authentication.PasswordAuthenticationMethod;
import org.n52.security.authentication.WASAuthenticationMethod;
import org.n52.security.common.artifact.ServiceException;
import org.n52.security.common.util.FileFinder;
import org.n52.security.precondition.IdentifyPrecondition;
import org.n52.security.precondition.LicensePrecondition;
import org.n52.security.precondition.PreconditionGlobals;
import org.n52.security.service.facade.config.FacadesDocument;
import org.n52.security.service.facade.config.TAuthnMethod;
import org.n52.security.service.facade.config.TConstraints;
import org.n52.security.service.facade.config.TCredentials;
import org.n52.security.service.facade.config.TExpirationConstraint;
import org.n52.security.service.facade.config.TFacade;
import org.n52.security.service.facade.config.TFacades;
import org.n52.security.service.facade.config.TIPAccessConstraint;
import org.n52.security.service.facade.ip.IPRangeParseException;
import org.n52.security.service.facade.ip.IPRangeStringUtils;
import org.n52.security.service.wss.WSS1_1Adapter;
import org.n52.security.service.wss.client.WSSSecurityClient;
import org.n52.security.service.wss.precondition.IdentifyPreconditionHandler;
import org.n52.security.service.wss.precondition.LicenseReferencePreconditionHandler;

/* loaded from: input_file:lib/52n-security-facade-2.2-SNAPSHOT.jar:org/n52/security/service/facade/XMLFacadeStore.class */
public class XMLFacadeStore implements FacadeStore {
    private static final Logger LOGGER = Logger.getLogger(XMLFacadeStore.class);
    private File m_file;
    private Map<String, Facade> m_facades;
    private String m_filePath;

    public XMLFacadeStore() {
    }

    public XMLFacadeStore(String str) {
        setFilePath(str);
    }

    public void init() throws FacadeStoreException {
        File file;
        if (getFilePath() == null) {
            throw new IllegalArgumentException("parameter <filePath> must not be null");
        }
        try {
            file = new FileFinder(getFilePath()).getFile();
        } catch (IllegalArgumentException e) {
            if (!new File(getFilePath()).mkdirs()) {
                throw new IllegalArgumentException("File path <" + getFilePath() + "> does not exist or can't be created.");
            }
            file = new FileFinder(getFilePath()).getFile();
        }
        if (file.isDirectory()) {
            this.m_file = new File(file, "facades.xml");
        } else {
            this.m_file = file;
        }
        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("Loading facade store from: " + this.m_file.getAbsolutePath());
        }
        load();
    }

    @Override // org.n52.security.service.facade.FacadeStore
    public synchronized void addFacade(Facade facade) throws FacadeStoreException {
        this.m_facades.put(facade.getFacadeName(), facade);
        try {
            save();
        } catch (IOException e) {
            throw new FacadeStoreException(e);
        }
    }

    @Override // org.n52.security.service.facade.FacadeStore
    public synchronized Facade getFacade(String str) {
        return this.m_facades.get(str);
    }

    @Override // org.n52.security.service.facade.FacadeStore
    public synchronized void removeFacade(String str) throws FacadeStoreException {
        this.m_facades.remove(str);
        try {
            save();
        } catch (IOException e) {
            throw new FacadeStoreException(e);
        }
    }

    @Override // org.n52.security.service.facade.FacadeStore
    public synchronized List<Facade> getFacades() {
        return new ArrayList(this.m_facades.values());
    }

    private void load() throws FacadeStoreException {
        this.m_facades = new HashMap();
        if (this.m_file.exists()) {
            InputStream inputStream = null;
            try {
                try {
                    FileInputStream fileInputStream = new FileInputStream(this.m_file);
                    for (TFacade tFacade : FacadesDocument.Factory.parse(fileInputStream).getFacades().getFacadeArray()) {
                        String facadeName = tFacade.getFacadeName();
                        String wss = tFacade.getWSS();
                        String authnMethod = tFacade.getCredentials().getAuthnMethod();
                        String stringValue = tFacade.getCredentials().getStringValue();
                        String id = tFacade.getAuthnMethod().getId();
                        boolean authnAnonymousLogin = tFacade.getAuthnMethod().getAuthnAnonymousLogin();
                        String authnServiceName = tFacade.getAuthnMethod().getAuthnServiceName();
                        String authnServiceUrl = tFacade.getAuthnMethod().getAuthnServiceUrl();
                        String pathInfo = tFacade.isSetPathInfo() ? tFacade.getPathInfo() : null;
                        String str = null;
                        if (tFacade.getLicenseReference() != null && tFacade.getLicenseReference().length > 0) {
                            try {
                                str = new String(tFacade.getLicenseReference(), "UTF-8");
                            } catch (UnsupportedEncodingException e) {
                                throw new FacadeStoreException("Unable to read license reference from store for facade '" + tFacade.getFacadeName() + "' due to an encoding error!", e);
                            }
                        }
                        try {
                            URL url = new URL(wss);
                            AuthenticationMethod create = AuthenticationMethodFactory.getDefault().create(id);
                            if (create instanceof WASAuthenticationMethod) {
                                WASAuthenticationMethod wASAuthenticationMethod = (WASAuthenticationMethod) create;
                                wASAuthenticationMethod.setName(authnServiceName);
                                wASAuthenticationMethod.setUrl(authnServiceUrl);
                            }
                            ArrayList arrayList = new ArrayList();
                            if (tFacade.getConstraints() != null) {
                                TExpirationConstraint expirationConstraint = tFacade.getConstraints().getExpirationConstraint();
                                TIPAccessConstraint[] iPAccessConstraintArray = tFacade.getConstraints().getIPAccessConstraintArray();
                                if (expirationConstraint != null) {
                                    arrayList.add(new ExpirationConstraint(expirationConstraint.getRenewalInterval(), expirationConstraint.getExpires()));
                                }
                                for (TIPAccessConstraint tIPAccessConstraint : iPAccessConstraintArray) {
                                    IPFilterConstraint iPFilterConstraint = new IPFilterConstraint(tIPAccessConstraint.getEnabled());
                                    try {
                                        iPFilterConstraint.addIPRanges(IPRangeStringUtils.parseRanges(tIPAccessConstraint.getAllowFrom(), ","));
                                        arrayList.add(iPFilterConstraint);
                                    } catch (IPRangeParseException e2) {
                                        throw new FacadeStoreException("Could nor parse IP constraint", e2);
                                    }
                                }
                            }
                            Credential create2 = CredentialFactory.getDefaultFactory().create(authnMethod, stringValue);
                            WSS1_1Adapter wSS1_1Adapter = new WSS1_1Adapter(url);
                            WSSSecurityClient wSSSecurityClient = new WSSSecurityClient(url);
                            IdentifyPrecondition identifyPrecondition = new IdentifyPrecondition();
                            ArrayList arrayList2 = new ArrayList();
                            arrayList2.add(create);
                            identifyPrecondition.setSupportedAuthenticationMethods(arrayList2);
                            IdentifyPreconditionHandler identifyPreconditionHandler = new IdentifyPreconditionHandler(identifyPrecondition, wSS1_1Adapter);
                            identifyPreconditionHandler.addListener(wSSSecurityClient);
                            identifyPreconditionHandler.setCredential(create2);
                            identifyPreconditionHandler.setCredentialFormat(authnMethod);
                            identifyPreconditionHandler.setSelectedAuthnMethod(create);
                            identifyPreconditionHandler.setAnonymous(authnAnonymousLogin);
                            wSSSecurityClient.setIdentifyPreconditionHandler(identifyPreconditionHandler);
                            if (str != null) {
                                try {
                                    if (str.length() > 0) {
                                        LicenseReference createFrom = LicenseReference.createFrom(str);
                                        LicenseReferencePreconditionHandler licenseReferencePreconditionHandler = new LicenseReferencePreconditionHandler(new LicensePrecondition(), wSS1_1Adapter);
                                        if (identifyPreconditionHandler != null) {
                                            identifyPreconditionHandler.addListener(licenseReferencePreconditionHandler);
                                        }
                                        licenseReferencePreconditionHandler.setLicenseReference(createFrom);
                                        wSSSecurityClient.setLicenseReferencePreconditionHandler(licenseReferencePreconditionHandler);
                                    }
                                } catch (Exception e3) {
                                    LOGGER.error("Could not create license reference from stored string! Facade " + facadeName + " will not be restored!", e3);
                                }
                            }
                            Facade facade = new Facade(facadeName, wSSSecurityClient, arrayList);
                            if (pathInfo != null) {
                                facade.setPathInfo(pathInfo);
                            }
                            this.m_facades.put(facade.getFacadeName(), facade);
                        } catch (MalformedURLException e4) {
                            LOGGER.warn("WSS URL '" + wss + "' malformed. Not loading facade with name '" + facadeName + JSONUtils.SINGLE_QUOTE);
                        }
                    }
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e5) {
                            LOGGER.warn("Could not close stream");
                        }
                    }
                } catch (Exception e6) {
                    throw new FacadeStoreException("Could not load facades from store " + this.m_file.getPath(), e6);
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (IOException e7) {
                        LOGGER.warn("Could not close stream");
                        throw th;
                    }
                }
                throw th;
            }
        }
    }

    private synchronized void save() throws FacadeStoreException, IOException {
        if (!this.m_file.exists()) {
            this.m_file.getParentFile().mkdirs();
            this.m_file.createNewFile();
        }
        FileOutputStream fileOutputStream = new FileOutputStream(this.m_file);
        FacadesDocument newInstance = FacadesDocument.Factory.newInstance();
        TFacades addNewFacades = newInstance.addNewFacades();
        for (Facade facade : this.m_facades.values()) {
            try {
                boolean z = true;
                if (facade.getSecuritySystemClient() instanceof WSSSecurityClient) {
                    TFacade newInstance2 = TFacade.Factory.newInstance();
                    try {
                        WSSSecurityClient wSSSecurityClient = (WSSSecurityClient) facade.getSecuritySystemClient();
                        try {
                            IdentifyPreconditionHandler identifyPreconditionHandler = wSSSecurityClient.getIdentifyPreconditionHandler();
                            String facadeName = facade.getFacadeName();
                            String url = facade.getSecuritySystemClient().getURL().toString();
                            Credential credential = identifyPreconditionHandler.getCredential();
                            String credentialFormat = identifyPreconditionHandler.getCredentialFormat();
                            String encode = CredentialFactory.getDefaultFactory().encode(credentialFormat, credential);
                            AuthenticationMethod selectedAuthnMethod = identifyPreconditionHandler.getSelectedAuthnMethod();
                            newInstance2.setFacadeName(facadeName);
                            newInstance2.setWSS(url);
                            if (facade.isSetPathInfo()) {
                                newInstance2.setPathInfo(facade.getPathInfo());
                            }
                            TCredentials addNewCredentials = newInstance2.addNewCredentials();
                            addNewCredentials.setAuthnMethod(credentialFormat);
                            addNewCredentials.setStringValue(encode);
                            TAuthnMethod addNewAuthnMethod = newInstance2.addNewAuthnMethod();
                            addNewAuthnMethod.setId(selectedAuthnMethod.getMethodUrn());
                            if (selectedAuthnMethod.getMethodUrn().equals(WASAuthenticationMethod.URN)) {
                                WASAuthenticationMethod wASAuthenticationMethod = (WASAuthenticationMethod) selectedAuthnMethod;
                                addNewAuthnMethod.setAuthnServiceName(wASAuthenticationMethod.getName());
                                addNewAuthnMethod.setAuthnServiceUrl(wASAuthenticationMethod.getUrl());
                                addNewAuthnMethod.setAuthnAnonymousLogin(identifyPreconditionHandler.isAnonymous());
                            } else if (selectedAuthnMethod.getMethodUrn().equals(PasswordAuthenticationMethod.URN)) {
                                addNewAuthnMethod.setAuthnServiceName("nn");
                                addNewAuthnMethod.setAuthnServiceUrl(facade.getSecuritySystemClient().getURL().toString());
                                addNewAuthnMethod.setAuthnAnonymousLogin(identifyPreconditionHandler.isAnonymous());
                            }
                            List<FacadeConstraint> facadeConstraints = facade.getFacadeConstraints();
                            if (facadeConstraints.size() > 0) {
                                TConstraints addNewConstraints = newInstance2.addNewConstraints();
                                for (FacadeConstraint facadeConstraint : facadeConstraints) {
                                    if (facadeConstraint instanceof IPFilterConstraint) {
                                        IPFilterConstraint iPFilterConstraint = (IPFilterConstraint) facadeConstraint;
                                        TIPAccessConstraint addNewIPAccessConstraint = addNewConstraints.addNewIPAccessConstraint();
                                        addNewIPAccessConstraint.setAllowFrom(IPRangeStringUtils.rangesToList(iPFilterConstraint.getIPRanges(), ","));
                                        addNewIPAccessConstraint.setEnabled(iPFilterConstraint.isActive());
                                    } else if (facadeConstraint instanceof ExpirationConstraint) {
                                        ExpirationConstraint expirationConstraint = (ExpirationConstraint) facadeConstraint;
                                        TExpirationConstraint addNewExpirationConstraint = addNewConstraints.addNewExpirationConstraint();
                                        addNewExpirationConstraint.setExpires(expirationConstraint.getNextExpiration());
                                        addNewExpirationConstraint.setRenewalInterval(expirationConstraint.getExpirationTimeout());
                                    } else {
                                        LOGGER.warn("Constraint " + facadeConstraint + " unknown. Not saving constraint");
                                    }
                                }
                            }
                            if (wSSSecurityClient.hasPreconditionOfType(PreconditionGlobals.LICENSE_PRECONDITION)) {
                                try {
                                    String referenceAsBase64EncodedString = wSSSecurityClient.getLicenseReferencePreconditionHandler().getLicenseReference().getReferenceAsBase64EncodedString();
                                    if (referenceAsBase64EncodedString == null) {
                                        throw new FacadeStoreException("License reference for facade '" + facade.getFacadeName() + "' is null!");
                                    }
                                    newInstance2.setLicenseReference(referenceAsBase64EncodedString.getBytes("UTF-8"));
                                } catch (ServiceException e) {
                                    throw new FacadeStoreException("Error while getting LicenseReferencePreconditionHandler for facade '" + facade.getFacadeName() + JSONUtils.SINGLE_QUOTE, e);
                                }
                            }
                        } catch (ServiceException e2) {
                            throw new FacadeStoreException("Error while getting IdentifyPreconditionHandlerHandler for facade '" + facade.getFacadeName() + JSONUtils.SINGLE_QUOTE, e2);
                        }
                    } catch (Exception e3) {
                        z = false;
                        LOGGER.warn("Could not store facade " + facade.getFacadeName() + " - this facade will be skipped and not be saved!", e3);
                    }
                    if (z) {
                        addNewFacades.addNewFacade().set(newInstance2);
                    }
                }
            } finally {
                try {
                    fileOutputStream.close();
                } catch (IOException e4) {
                    LOGGER.warn("Could not close stream");
                }
            }
        }
        try {
            XmlOptions xmlOptions = new XmlOptions();
            xmlOptions.put(XmlOptions.SAVE_USE_DEFAULT_NAMESPACE);
            xmlOptions.put(XmlOptions.SAVE_PRETTY_PRINT);
            newInstance.save(fileOutputStream, xmlOptions);
        } catch (IOException e5) {
            throw new FacadeStoreException(e5);
        }
    }

    public String getFilePath() {
        return this.m_filePath;
    }

    public void setFilePath(String str) {
        this.m_filePath = str;
    }
}
