package org.italiangrid.voms.ac.impl;

import eu.emi.security.authn.x509.X509CertChainValidatorExt;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.x509.AttributeCertificate;
import org.italiangrid.voms.VOMSAttribute;
import org.italiangrid.voms.ac.VOMSACLookupStrategy;
import org.italiangrid.voms.ac.VOMSACValidationStrategy;
import org.italiangrid.voms.ac.VOMSACValidator;
import org.italiangrid.voms.ac.VOMSValidationResult;
import org.italiangrid.voms.ac.ValidationResultListener;
import org.italiangrid.voms.asn1.VOMSACUtils;
import org.italiangrid.voms.store.UpdatingVOMSTrustStore;
import org.italiangrid.voms.store.VOMSTrustStore;
import org.italiangrid.voms.store.VOMSTrustStores;
import org.italiangrid.voms.util.CertificateValidatorBuilder;
import org.italiangrid.voms.util.NullListener;

/* loaded from: input_file:org/italiangrid/voms/ac/impl/DefaultVOMSValidator.class */
public class DefaultVOMSValidator extends DefaultVOMSACParser implements VOMSACValidator {
    public static final String DEFAULT_TRUST_ANCHORS_DIR = "/etc/grid-security/certificates";
    private final VOMSACValidationStrategy validationStrategy;
    private ValidationResultListener validationResultListener;
    private final VOMSTrustStore trustStore;

    public DefaultVOMSValidator(ValidationResultListener validationResultListener) {
        this(VOMSTrustStores.newTrustStore(), CertificateValidatorBuilder.buildCertificateValidator(DEFAULT_TRUST_ANCHORS_DIR), validationResultListener);
    }

    public DefaultVOMSValidator() {
        this(VOMSTrustStores.newTrustStore(), CertificateValidatorBuilder.buildCertificateValidator(DEFAULT_TRUST_ANCHORS_DIR), NullListener.INSTANCE);
    }

    public DefaultVOMSValidator(VOMSTrustStore vOMSTrustStore, X509CertChainValidatorExt x509CertChainValidatorExt) {
        this(vOMSTrustStore, x509CertChainValidatorExt, NullListener.INSTANCE);
    }

    public DefaultVOMSValidator(VOMSTrustStore vOMSTrustStore, X509CertChainValidatorExt x509CertChainValidatorExt, ValidationResultListener validationResultListener) {
        this.trustStore = vOMSTrustStore;
        this.validationStrategy = new DefaultVOMSValidationStrategy(this.trustStore, x509CertChainValidatorExt);
        this.validationResultListener = validationResultListener;
    }

    public DefaultVOMSValidator(VOMSTrustStore vOMSTrustStore, X509CertChainValidatorExt x509CertChainValidatorExt, ValidationResultListener validationResultListener, VOMSACLookupStrategy vOMSACLookupStrategy) {
        super(vOMSACLookupStrategy);
        this.trustStore = vOMSTrustStore;
        this.validationStrategy = new DefaultVOMSValidationStrategy(this.trustStore, x509CertChainValidatorExt);
        this.validationResultListener = validationResultListener;
    }

    @Override // org.italiangrid.voms.ac.VOMSACValidator
    public synchronized List<VOMSValidationResult> validateWithResult(X509Certificate[] x509CertificateArr) {
        setCertChain(x509CertificateArr);
        return validate();
    }

    protected synchronized List<VOMSValidationResult> validate() {
        List<VOMSAttribute> parse = parse();
        ArrayList arrayList = new ArrayList();
        Iterator<VOMSAttribute> it = parse.iterator();
        while (it.hasNext()) {
            VOMSValidationResult validateAC = this.validationStrategy.validateAC(it.next(), getCertChain());
            this.validationResultListener.notifyValidationResult(validateAC);
            arrayList.add(validateAC);
        }
        return arrayList;
    }

    @Override // org.italiangrid.voms.ac.VOMSACValidator
    public synchronized List<VOMSAttribute> validate(X509Certificate[] x509CertificateArr) {
        setCertChain(x509CertificateArr);
        ArrayList arrayList = new ArrayList();
        for (VOMSValidationResult vOMSValidationResult : validate()) {
            if (vOMSValidationResult.isValid()) {
                arrayList.add(vOMSValidationResult.getAttributes());
            }
        }
        return arrayList;
    }

    @Override // org.italiangrid.voms.ac.VOMSACValidator
    public synchronized void shutdown() {
        if (this.trustStore instanceof UpdatingVOMSTrustStore) {
            ((UpdatingVOMSTrustStore) this.trustStore).cancel();
        }
    }

    @Override // org.italiangrid.voms.ac.VOMSACValidator
    public synchronized List<AttributeCertificate> validateACs(List<AttributeCertificate> list) {
        ArrayList arrayList = new ArrayList();
        for (AttributeCertificate attributeCertificate : list) {
            VOMSValidationResult validateAC = this.validationStrategy.validateAC(VOMSACUtils.deserializeVOMSAttributes(attributeCertificate));
            this.validationResultListener.notifyValidationResult(validateAC);
            if (validateAC.isValid()) {
                arrayList.add(attributeCertificate);
            }
        }
        return arrayList;
    }

    @Override // org.italiangrid.voms.ac.VOMSACValidator
    public synchronized void setValidationResultListener(ValidationResultListener validationResultListener) {
        if (validationResultListener != null) {
            this.validationResultListener = validationResultListener;
        }
    }
}
