package pl.edu.icm.unity.webui.authn.extensions;

import com.vaadin.server.Resource;
import com.vaadin.server.Sizeable;
import com.vaadin.server.VaadinRequest;
import com.vaadin.server.VaadinServletService;
import com.vaadin.ui.Button;
import com.vaadin.ui.VerticalLayout;
import eu.emi.security.authn.x509.impl.X500NameUtils;
import eu.unicore.util.configuration.ConfigurationException;
import java.io.StringReader;
import java.lang.invoke.SerializedLambda;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.Properties;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.ObjectFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.engine.api.authn.AbstractCredentialRetrieval;
import pl.edu.icm.unity.engine.api.authn.AbstractCredentialRetrievalFactory;
import pl.edu.icm.unity.engine.api.authn.AuthenticatedEntity;
import pl.edu.icm.unity.engine.api.authn.AuthenticationResult;
import pl.edu.icm.unity.engine.api.authn.remote.SandboxAuthnResultCallback;
import pl.edu.icm.unity.stdext.credential.cert.CertificateExchange;
import pl.edu.icm.unity.types.I18nString;
import pl.edu.icm.unity.types.basic.Entity;
import pl.edu.icm.unity.webui.authn.VaadinAuthentication;
import pl.edu.icm.unity.webui.common.Images;
import pl.edu.icm.unity.webui.common.Styles;

@Scope("prototype")
@Component("WebTLSRetrieval")
/* loaded from: input_file:pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval.class */
public class TLSRetrieval extends AbstractCredentialRetrieval<CertificateExchange> implements VaadinAuthentication {
    public static final String NAME = "web-certificate";
    public static final String DESC = "WebTLSRetrievalFactory.desc";
    private MessageSource msg;
    private I18nString name;
    private String registrationFormForUnknown;
    private boolean enableAssociation;
    private String configuration;

    @Component("WebTLSRetrievalFactory")
    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval$Factory.class */
    public static class Factory extends AbstractCredentialRetrievalFactory<TLSRetrieval> {
        @Autowired
        public Factory(ObjectFactory<TLSRetrieval> objectFactory) {
            super(TLSRetrieval.NAME, TLSRetrieval.DESC, VaadinAuthentication.NAME, objectFactory, "certificate exchange");
        }
    }

    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval$TLSRetrievalUI.class */
    private class TLSRetrievalUI implements VaadinAuthentication.VaadinAuthenticationUI {
        private com.vaadin.ui.Component component = new TLSAuthnComponent();
        private VaadinAuthentication.AuthenticationCallback callback;
        private SandboxAuthnResultCallback sandboxCallback;

        /* loaded from: input_file:pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval$TLSRetrievalUI$TLSAuthnComponent.class */
        private class TLSAuthnComponent extends VerticalLayout {
            private Button authenticateButton;

            public TLSAuthnComponent() {
                setMargin(false);
                setSpacing(true);
                X509Certificate[] tLSCertificate = TLSRetrieval.getTLSCertificate();
                String message = tLSCertificate == null ? "" : TLSRetrieval.this.msg.getMessage("WebTLSRetrieval.certInfo", new Object[]{X500NameUtils.getReadableForm(tLSCertificate[0].getSubjectX500Principal())});
                this.authenticateButton = new Button(TLSRetrieval.this.msg.getMessage("WebTLSRetrieval.signInButton", new Object[0]));
                this.authenticateButton.addClickListener(clickEvent -> {
                    TLSRetrievalUI.this.triggerAuthentication();
                });
                this.authenticateButton.setIcon(TLSRetrievalUI.this.getImage());
                this.authenticateButton.addStyleName(Styles.signInButton.toString());
                this.authenticateButton.addStyleName("u-x509SignInButton");
                this.authenticateButton.setWidth(100.0f, Sizeable.Unit.PERCENTAGE);
                this.authenticateButton.setDescription(message);
                addComponent(this.authenticateButton);
            }

            private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
                String implMethodName = serializedLambda.getImplMethodName();
                boolean z = -1;
                switch (implMethodName.hashCode()) {
                    case 1361935482:
                        if (implMethodName.equals("lambda$new$61446b05$1")) {
                            z = false;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                        if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/ui/Button$ClickListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("buttonClick") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/ui/Button$ClickEvent;)V") && serializedLambda.getImplClass().equals("pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval$TLSRetrievalUI$TLSAuthnComponent") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/ui/Button$ClickEvent;)V")) {
                            TLSAuthnComponent tLSAuthnComponent = (TLSAuthnComponent) serializedLambda.getCapturedArg(0);
                            return clickEvent -> {
                                TLSRetrievalUI.this.triggerAuthentication();
                            };
                        }
                        break;
                }
                throw new IllegalArgumentException("Invalid lambda deserialization");
            }
        }

        public TLSRetrievalUI() {
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public com.vaadin.ui.Component getComponent() {
            return this.component;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void setAuthenticationCallback(VaadinAuthentication.AuthenticationCallback authenticationCallback) {
            this.callback = authenticationCallback;
        }

        private AuthenticationResult getAuthenticationResult() {
            X509Certificate[] tLSCertificate = TLSRetrieval.getTLSCertificate();
            if (tLSCertificate == null) {
                return new AuthenticationResult(AuthenticationResult.Status.notApplicable, (AuthenticatedEntity) null);
            }
            AuthenticationResult checkCertificate = TLSRetrieval.this.credentialExchange.checkCertificate(tLSCertificate, this.sandboxCallback);
            if (TLSRetrieval.this.registrationFormForUnknown != null) {
                checkCertificate.setFormForUnknownPrincipal(TLSRetrieval.this.registrationFormForUnknown);
            }
            checkCertificate.setEnableAssociation(TLSRetrieval.this.enableAssociation);
            return checkCertificate;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public String getLabel() {
            return TLSRetrieval.this.name.getValue(TLSRetrieval.this.msg);
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public Resource getImage() {
            return Images.certificate.getResource();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void triggerAuthentication() {
            this.callback.onStartedAuthentication(VaadinAuthentication.AuthenticationStyle.IMMEDIATE);
            AuthenticationResult authenticationResult = getAuthenticationResult();
            if (authenticationResult.getStatus() == AuthenticationResult.Status.success) {
                this.component.setEnabled(false);
            }
            this.callback.onCompletedAuthentication(authenticationResult);
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public boolean isAvailable() {
            return TLSRetrieval.getTLSCertificate() != null;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void clear() {
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void refresh(VaadinRequest vaadinRequest) {
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void setSandboxAuthnCallback(SandboxAuthnResultCallback sandboxAuthnResultCallback) {
            this.sandboxCallback = sandboxAuthnResultCallback;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public String getId() {
            return "certificate";
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void presetEntity(Entity entity) {
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public Set<String> getTags() {
            return Collections.emptySet();
        }
    }

    @Autowired
    public TLSRetrieval(MessageSource messageSource) {
        super(VaadinAuthentication.NAME);
        this.msg = messageSource;
    }

    public String getSerializedConfiguration() {
        return this.configuration;
    }

    public void setSerializedConfiguration(String str) {
        this.configuration = str;
        try {
            Properties properties = new Properties();
            properties.load(new StringReader(str));
            TLSRetrievalProperties tLSRetrievalProperties = new TLSRetrievalProperties(properties);
            this.name = tLSRetrievalProperties.getLocalizedString(this.msg, TLSRetrievalProperties.NAME);
            if (this.name.isEmpty()) {
                this.name = new I18nString("WebTLSRetrieval.title", this.msg, new Object[0]);
            }
            this.registrationFormForUnknown = tLSRetrievalProperties.getValue("registrationFormForUnknown");
            this.enableAssociation = tLSRetrievalProperties.getBooleanValue("enableAssociation").booleanValue();
        } catch (Exception e) {
            throw new ConfigurationException("The configuration of the web-based TLS retrieval can not be parsed", e);
        }
    }

    @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication
    public Collection<VaadinAuthentication.VaadinAuthenticationUI> createUIInstance(VaadinAuthentication.Context context) {
        return Collections.singleton(new TLSRetrievalUI());
    }

    @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication
    public boolean supportsGrid() {
        return false;
    }

    public static X509Certificate[] getTLSCertificate() {
        HttpServletRequest currentServletRequest = VaadinServletService.getCurrentServletRequest();
        if (currentServletRequest == null) {
            return null;
        }
        return (X509Certificate[]) currentServletRequest.getAttribute("javax.servlet.request.X509Certificate");
    }
}
