package org.microcrafts.openziti.ldap;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Base64;
import org.apache.commons.io.IOUtils;
import org.openziti.Ziti;
import org.openziti.ZitiContext;
import org.openziti.identity.Enroller;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/microcrafts/openziti/ldap/ZitiApp.class */
public class ZitiApp {
    private static final String TEMP_FILE_PREFIX = "token";
    private static final String TEMP_FILE_SUFFIX = "jwt";
    private final ZitiContext context;
    private static final Logger log = LoggerFactory.getLogger(ZitiApp.class);
    private static final char[] NO_PASSWORD = new char[0];

    /* loaded from: input_file:org/microcrafts/openziti/ldap/ZitiApp$CredentialBuilder.class */
    public static class CredentialBuilder {
        private File json = null;
        private File keyStore = null;

        public CredentialBuilder fromJson(String str) {
            ByteArrayInputStream byteArrayInputStream = null;
            FileOutputStream fileOutputStream = null;
            try {
                try {
                    this.json = File.createTempFile(ZitiApp.TEMP_FILE_PREFIX, ZitiApp.TEMP_FILE_SUFFIX);
                    byteArrayInputStream = new ByteArrayInputStream(str.getBytes());
                    fileOutputStream = new FileOutputStream(this.json);
                    IOUtils.copy(byteArrayInputStream, fileOutputStream);
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e) {
                            ZitiApp.log.error("Failed to read credentials - cause : ", e);
                        }
                    }
                    if (byteArrayInputStream != null) {
                        byteArrayInputStream.close();
                    }
                    return this;
                } catch (Throwable th) {
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e2) {
                            ZitiApp.log.error("Failed to read credentials - cause : ", e2);
                            throw th;
                        }
                    }
                    if (byteArrayInputStream != null) {
                        byteArrayInputStream.close();
                    }
                    throw th;
                }
            } catch (Exception e3) {
                throw new IllegalArgumentException(String.format("Failed to read credentials - cause : %s", e3));
            }
        }

        public CredentialBuilder fromKey(String str) {
            FileOutputStream fileOutputStream = null;
            try {
                try {
                    this.keyStore = File.createTempFile(ZitiApp.TEMP_FILE_PREFIX, ZitiApp.TEMP_FILE_SUFFIX);
                    byte[] decode = Base64.getDecoder().decode(str);
                    KeyStore keyStore = KeyStore.getInstance("PKCS12");
                    keyStore.load(new ByteArrayInputStream(decode), "".toCharArray());
                    fileOutputStream = new FileOutputStream(this.keyStore);
                    keyStore.store(fileOutputStream, ZitiApp.NO_PASSWORD);
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e) {
                            ZitiApp.log.error("Failed to read credentials - cause : ", e);
                        }
                    }
                    return this;
                } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                    throw new IllegalArgumentException(String.format("Failed to read credentials - cause : %s", e2));
                }
            } catch (Throwable th) {
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e3) {
                        ZitiApp.log.error("Failed to read credentials - cause : ", e3);
                        throw th;
                    }
                }
                throw th;
            }
        }

        public ZitiApp build() {
            return this.json != null ? new ZitiApp(Ziti.newContext(this.json, ZitiApp.NO_PASSWORD)) : new ZitiApp(Ziti.newContext(this.keyStore, ZitiApp.NO_PASSWORD));
        }
    }

    private ZitiApp(ZitiContext zitiContext) {
        this.context = zitiContext;
    }

    public static String enroll(InputStream inputStream) {
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(null, null);
                Enroller.fromJWT(new String(inputStream.readAllBytes())).enroll((KeyStore.Entry) null, keyStore, InetAddress.getLocalHost().getHostName());
                byteArrayOutputStream = new ByteArrayOutputStream();
                keyStore.store(byteArrayOutputStream, "".toCharArray());
                String encodeToString = Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());
                log.info("Enrolled Identity : {}", encodeToString);
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.flush();
                        byteArrayOutputStream.close();
                    } catch (IOException e) {
                        log.error("Failed to enroll endpoint - cause : ", e);
                    }
                }
                return encodeToString;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                throw new IllegalArgumentException(String.format("Failed to enroll endpoint - cause : %s", e2));
            }
        } catch (Throwable th) {
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.flush();
                    byteArrayOutputStream.close();
                } catch (IOException e3) {
                    log.error("Failed to enroll endpoint - cause : ", e3);
                }
            }
            throw th;
        }
    }

    public ZitiContext getContext() {
        return this.context;
    }
}
