package org.apereo.cas.support.wsfederation;

import java.io.InputStream;
import java.io.Serializable;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.x509.BasicX509Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.Resource;

/* loaded from: input_file:org/apereo/cas/support/wsfederation/WsFederationConfiguration.class */
public class WsFederationConfiguration implements Serializable {
    private static final long serialVersionUID = 2310859477512242659L;
    private static final Logger LOGGER = LoggerFactory.getLogger(WsFederationConfiguration.class);
    private Resource encryptionPrivateKey;
    private Resource encryptionCertificate;
    private String encryptionPrivateKeyPassword;
    private String identityAttribute;
    private String identityProviderIdentifier;
    private String identityProviderUrl;
    private List<Resource> signingCertificateResources = new ArrayList();
    private String relyingPartyIdentifier;
    private long tolerance;
    private WsFedPrincipalResolutionAttributesType attributesType;
    private WsFederationAttributeMutator attributeMutator;
    private List<Credential> signingWallet;

    /* loaded from: input_file:org/apereo/cas/support/wsfederation/WsFederationConfiguration$WsFedPrincipalResolutionAttributesType.class */
    public enum WsFedPrincipalResolutionAttributesType {
        CAS,
        WSFED,
        BOTH
    }

    @PostConstruct
    private void initCertificates() {
        createSigningWallet(this.signingCertificateResources);
    }

    public String getIdentityAttribute() {
        return this.identityAttribute;
    }

    public void setIdentityAttribute(String str) {
        this.identityAttribute = str;
    }

    public String getIdentityProviderIdentifier() {
        return this.identityProviderIdentifier;
    }

    public void setIdentityProviderIdentifier(String str) {
        this.identityProviderIdentifier = str;
    }

    public String getIdentityProviderUrl() {
        return this.identityProviderUrl;
    }

    public void setIdentityProviderUrl(String str) {
        this.identityProviderUrl = str;
    }

    public String getRelyingPartyIdentifier() {
        return this.relyingPartyIdentifier;
    }

    public void setRelyingPartyIdentifier(String str) {
        this.relyingPartyIdentifier = str;
    }

    public List<Credential> getSigningCertificates() {
        return this.signingWallet;
    }

    public List<Resource> getSigningCertificateResources() {
        return this.signingCertificateResources;
    }

    public void setSigningCertificateResources(Resource... resourceArr) {
        this.signingCertificateResources = Arrays.asList(resourceArr);
        createSigningWallet(this.signingCertificateResources);
    }

    private void createSigningWallet(List<Resource> list) {
        this.signingWallet = (List) list.stream().map(WsFederationConfiguration::getSigningCredential).collect(Collectors.toList());
    }

    public long getTolerance() {
        return this.tolerance;
    }

    public void setTolerance(long j) {
        this.tolerance = j;
    }

    public WsFederationAttributeMutator getAttributeMutator() {
        return this.attributeMutator;
    }

    public void setAttributeMutator(WsFederationAttributeMutator wsFederationAttributeMutator) {
        this.attributeMutator = wsFederationAttributeMutator;
    }

    public WsFedPrincipalResolutionAttributesType getAttributesType() {
        return this.attributesType;
    }

    public void setAttributesType(WsFedPrincipalResolutionAttributesType wsFedPrincipalResolutionAttributesType) {
        this.attributesType = wsFedPrincipalResolutionAttributesType;
    }

    public void setSigningCertificateResources(List<Resource> list) {
        this.signingCertificateResources = list;
    }

    public Resource getEncryptionPrivateKey() {
        return this.encryptionPrivateKey;
    }

    public void setEncryptionPrivateKey(Resource resource) {
        this.encryptionPrivateKey = resource;
    }

    public Resource getEncryptionCertificate() {
        return this.encryptionCertificate;
    }

    public void setEncryptionCertificate(Resource resource) {
        this.encryptionCertificate = resource;
    }

    public String getEncryptionPrivateKeyPassword() {
        return this.encryptionPrivateKeyPassword;
    }

    public void setEncryptionPrivateKeyPassword(String str) {
        this.encryptionPrivateKeyPassword = str;
    }

    private static Credential getSigningCredential(Resource resource) {
        try {
            InputStream inputStream = resource.getInputStream();
            Throwable th = null;
            try {
                BasicX509Credential basicX509Credential = new BasicX509Credential((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream));
                LOGGER.debug("getSigningCredential: key retrieved.");
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                return basicX509Credential;
            } finally {
            }
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), e);
            return null;
        }
    }
}
