package org.apereo.cas.support.saml.web.idp.metadata;

import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import javax.annotation.PostConstruct;
import net.shibboleth.idp.installer.metadata.MetadataGenerator;
import net.shibboleth.idp.installer.metadata.MetadataGeneratorParameters;
import net.shibboleth.utilities.java.support.security.SelfSignedCertificateGenerator;
import org.apereo.inspektr.aspect.TraceLogAspect;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

@RefreshScope
@Component("shibbolethIdpMetadataAndCertificatesGenerationService")
/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService.class */
public class ShibbolethIdpMetadataAndCertificatesGenerationService implements SamlIdpMetadataAndCertificatesGenerationService {
    private static final String URI_SUBJECT_ALTNAME_POSTFIX = "idp/metadata";
    private transient Logger logger = LoggerFactory.getLogger(getClass());
    private File metadataFile;
    private File signingCertFile;
    private File signingKeyFile;
    private File encryptionCertFile;
    private File encryptionCertKeyFile;

    @Value("${cas.samlidp.metadata.location:}")
    private File metadataLocation;

    @Value("${cas.samlidp.entityid:}")
    private String entityId;

    @Value("${cas.samlidp.hostname:}")
    private String hostName;

    @Value("${cas.samlidp.scope:}")
    private String scope;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;
    private static final JoinPoint.StaticPart ajc$tjp_5 = null;
    private static final JoinPoint.StaticPart ajc$tjp_6 = null;
    private static final JoinPoint.StaticPart ajc$tjp_7 = null;
    private static final JoinPoint.StaticPart ajc$tjp_8 = null;

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            ShibbolethIdpMetadataAndCertificatesGenerationService.initialize_aroundBody0((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
            return null;
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure11.class */
    public class AjcClosure11 extends AroundClosure {
        public AjcClosure11(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ShibbolethIdpMetadataAndCertificatesGenerationService.getSigningCertFile_aroundBody10((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure13.class */
    public class AjcClosure13 extends AroundClosure {
        public AjcClosure13(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ShibbolethIdpMetadataAndCertificatesGenerationService.getEncryptionCertFile_aroundBody12((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure15.class */
    public class AjcClosure15 extends AroundClosure {
        public AjcClosure15(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(ShibbolethIdpMetadataAndCertificatesGenerationService.isMetadataMissing_aroundBody14((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure17.class */
    public class AjcClosure17 extends AroundClosure {
        public AjcClosure17(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ShibbolethIdpMetadataAndCertificatesGenerationService.performGenerationSteps_aroundBody16((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ShibbolethIdpMetadataAndCertificatesGenerationService.getMetadataFile_aroundBody2((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ShibbolethIdpMetadataAndCertificatesGenerationService.getEntityId_aroundBody4((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ShibbolethIdpMetadataAndCertificatesGenerationService.getScope_aroundBody6((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/ShibbolethIdpMetadataAndCertificatesGenerationService$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ShibbolethIdpMetadataAndCertificatesGenerationService.getHostName_aroundBody8((ShibbolethIdpMetadataAndCertificatesGenerationService) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    @PostConstruct
    public void initialize() {
        TraceLogAspect.aspectOf().traceMethod(new AjcClosure1(new Object[]{this, Factory.makeJP(ajc$tjp_0, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public File getMetadataFile() {
        return (File) TraceLogAspect.aspectOf().traceMethod(new AjcClosure3(new Object[]{this, Factory.makeJP(ajc$tjp_1, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public String getEntityId() {
        return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure5(new Object[]{this, Factory.makeJP(ajc$tjp_2, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public String getScope() {
        return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure7(new Object[]{this, Factory.makeJP(ajc$tjp_3, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public String getHostName() {
        return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure9(new Object[]{this, Factory.makeJP(ajc$tjp_4, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public File getSigningCertFile() {
        return (File) TraceLogAspect.aspectOf().traceMethod(new AjcClosure11(new Object[]{this, Factory.makeJP(ajc$tjp_5, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public File getEncryptionCertFile() {
        return (File) TraceLogAspect.aspectOf().traceMethod(new AjcClosure13(new Object[]{this, Factory.makeJP(ajc$tjp_6, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public boolean isMetadataMissing() {
        return Conversions.booleanValue(TraceLogAspect.aspectOf().traceMethod(new AjcClosure15(new Object[]{this, Factory.makeJP(ajc$tjp_7, this, this)}).linkClosureAndJoinPoint(69648)));
    }

    @Override // org.apereo.cas.support.saml.web.idp.metadata.SamlIdpMetadataAndCertificatesGenerationService
    public File performGenerationSteps() {
        return (File) TraceLogAspect.aspectOf().traceMethod(new AjcClosure17(new Object[]{this, Factory.makeJP(ajc$tjp_8, this, this)}).linkClosureAndJoinPoint(69648));
    }

    protected void buildSelfSignedEncryptionCert() throws Exception {
        SelfSignedCertificateGenerator selfSignedCertificateGenerator = new SelfSignedCertificateGenerator();
        selfSignedCertificateGenerator.setHostName(this.hostName);
        selfSignedCertificateGenerator.setCertificateFile(this.encryptionCertFile);
        selfSignedCertificateGenerator.setPrivateKeyFile(this.encryptionCertKeyFile);
        selfSignedCertificateGenerator.setURISubjectAltNames(Arrays.asList(this.hostName.concat(URI_SUBJECT_ALTNAME_POSTFIX)));
        selfSignedCertificateGenerator.generate();
    }

    protected void buildSelfSignedSigningCert() throws Exception {
        SelfSignedCertificateGenerator selfSignedCertificateGenerator = new SelfSignedCertificateGenerator();
        selfSignedCertificateGenerator.setHostName(this.hostName);
        selfSignedCertificateGenerator.setCertificateFile(this.signingCertFile);
        selfSignedCertificateGenerator.setPrivateKeyFile(this.signingKeyFile);
        selfSignedCertificateGenerator.setURISubjectAltNames(Arrays.asList(this.hostName.concat(URI_SUBJECT_ALTNAME_POSTFIX)));
        selfSignedCertificateGenerator.generate();
    }

    protected void buildMetadataGeneratorParameters() throws IOException {
        MetadataGenerator metadataGenerator = new MetadataGenerator(this.metadataFile);
        MetadataGeneratorParameters metadataGeneratorParameters = new MetadataGeneratorParameters();
        metadataGeneratorParameters.setEncryptionCert(this.encryptionCertFile);
        metadataGeneratorParameters.setSigningCert(this.signingCertFile);
        ArrayList arrayList = new ArrayList(2);
        List backchannelCert = metadataGeneratorParameters.getBackchannelCert();
        if (backchannelCert != null) {
            arrayList.add(backchannelCert);
        }
        List signingCert = metadataGeneratorParameters.getSigningCert();
        if (signingCert != null) {
            arrayList.add(signingCert);
        }
        metadataGenerator.setSigningCerts(arrayList);
        List encryptionCert = metadataGeneratorParameters.getEncryptionCert();
        if (encryptionCert != null) {
            metadataGenerator.setEncryptionCerts(Collections.singletonList(encryptionCert));
        }
        metadataGenerator.setDNSName(this.hostName);
        metadataGenerator.setEntityID(this.entityId);
        metadataGenerator.setScope(this.scope);
        metadataGenerator.setSAML2AttributeQueryCommented(true);
        metadataGenerator.setSAML2LogoutCommented(false);
        metadataGenerator.generate();
    }

    static {
        ajc$preClinit();
    }

    static final void initialize_aroundBody0(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        Assert.notNull(shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation, "IdP metadataLocation cannot be null and must be defined");
        Assert.hasText(shibbolethIdpMetadataAndCertificatesGenerationService.entityId, "IdP entityID cannot be empty and must be defined");
        Assert.hasText(shibbolethIdpMetadataAndCertificatesGenerationService.hostName, "IdP hostName cannot be empty and must be defined");
        Assert.hasText(shibbolethIdpMetadataAndCertificatesGenerationService.scope, "IdP scope cannot be empty and must be defined");
        if (!shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation.exists() && !shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation.mkdir()) {
            throw new IllegalArgumentException("Metadata directory location " + shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation + " cannot be located/created");
        }
        shibbolethIdpMetadataAndCertificatesGenerationService.logger.info("Metadata directory location is at [{}] with entityID [{}]", shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation, shibbolethIdpMetadataAndCertificatesGenerationService.entityId);
        shibbolethIdpMetadataAndCertificatesGenerationService.metadataFile = new File(shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation, "idp-metadata.xml");
        shibbolethIdpMetadataAndCertificatesGenerationService.signingCertFile = new File(shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation, "idp-signing.crt");
        shibbolethIdpMetadataAndCertificatesGenerationService.signingKeyFile = new File(shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation, "idp-signing.key");
        shibbolethIdpMetadataAndCertificatesGenerationService.encryptionCertFile = new File(shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation, "idp-encryption.crt");
        shibbolethIdpMetadataAndCertificatesGenerationService.encryptionCertKeyFile = new File(shibbolethIdpMetadataAndCertificatesGenerationService.metadataLocation, "idp-encryption.key");
    }

    static final File getMetadataFile_aroundBody2(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        return shibbolethIdpMetadataAndCertificatesGenerationService.metadataFile;
    }

    static final String getEntityId_aroundBody4(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        return shibbolethIdpMetadataAndCertificatesGenerationService.entityId;
    }

    static final String getScope_aroundBody6(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        return shibbolethIdpMetadataAndCertificatesGenerationService.scope;
    }

    static final String getHostName_aroundBody8(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        return shibbolethIdpMetadataAndCertificatesGenerationService.hostName;
    }

    static final File getSigningCertFile_aroundBody10(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        return shibbolethIdpMetadataAndCertificatesGenerationService.signingCertFile;
    }

    static final File getEncryptionCertFile_aroundBody12(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        return shibbolethIdpMetadataAndCertificatesGenerationService.encryptionCertFile;
    }

    static final boolean isMetadataMissing_aroundBody14(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        return !shibbolethIdpMetadataAndCertificatesGenerationService.metadataFile.exists();
    }

    static final File performGenerationSteps_aroundBody16(ShibbolethIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService, JoinPoint joinPoint) {
        try {
            shibbolethIdpMetadataAndCertificatesGenerationService.logger.debug("Preparing to generate metadata for entityId [{}]", shibbolethIdpMetadataAndCertificatesGenerationService.entityId);
            if (shibbolethIdpMetadataAndCertificatesGenerationService.isMetadataMissing()) {
                shibbolethIdpMetadataAndCertificatesGenerationService.logger.info("Metadata does not exist at [{}]. Creating...", shibbolethIdpMetadataAndCertificatesGenerationService.metadataFile);
                shibbolethIdpMetadataAndCertificatesGenerationService.logger.info("Creating self-sign certificate for signing...");
                shibbolethIdpMetadataAndCertificatesGenerationService.buildSelfSignedSigningCert();
                shibbolethIdpMetadataAndCertificatesGenerationService.logger.info("Creating self-sign certificate for encryption...");
                shibbolethIdpMetadataAndCertificatesGenerationService.buildSelfSignedEncryptionCert();
                shibbolethIdpMetadataAndCertificatesGenerationService.logger.info("Creating metadata...");
                shibbolethIdpMetadataAndCertificatesGenerationService.buildMetadataGeneratorParameters();
            }
            shibbolethIdpMetadataAndCertificatesGenerationService.logger.info("Metadata is available at [{}]", shibbolethIdpMetadataAndCertificatesGenerationService.metadataFile);
            return shibbolethIdpMetadataAndCertificatesGenerationService.metadataFile;
        } catch (Exception e) {
            shibbolethIdpMetadataAndCertificatesGenerationService.logger.error(e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("ShibbolethIdpMetadataAndCertificatesGenerationService.java", ShibbolethIdpMetadataAndCertificatesGenerationService.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "initialize", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "void"), 56);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getMetadataFile", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "java.io.File"), 77);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getEntityId", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "java.lang.String"), 81);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getScope", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "java.lang.String"), 85);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getHostName", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "java.lang.String"), 89);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getSigningCertFile", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "java.io.File"), 93);
        ajc$tjp_6 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getEncryptionCertFile", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "java.io.File"), 97);
        ajc$tjp_7 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "isMetadataMissing", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "boolean"), 101);
        ajc$tjp_8 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "performGenerationSteps", "org.apereo.cas.support.saml.web.idp.metadata.ShibbolethIdpMetadataAndCertificatesGenerationService", "", "", "", "java.io.File"), 106);
    }
}
