package org.pac4j.saml.metadata.s3;

import com.google.common.net.MediaType;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.ByteArrayInputStream;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import lombok.Generated;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver;
import org.opensaml.saml.metadata.resolver.impl.DOMMetadataResolver;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.saml.exceptions.SAMLException;
import org.pac4j.saml.metadata.BaseSAML2MetadataGenerator;
import org.pac4j.saml.util.Configuration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.amazon.awssdk.core.ResponseInputStream;
import software.amazon.awssdk.core.sync.RequestBody;
import software.amazon.awssdk.services.s3.S3Client;
import software.amazon.awssdk.services.s3.model.ChecksumAlgorithm;
import software.amazon.awssdk.services.s3.model.CreateBucketRequest;
import software.amazon.awssdk.services.s3.model.GetObjectRequest;
import software.amazon.awssdk.services.s3.model.GetObjectResponse;
import software.amazon.awssdk.services.s3.model.ListBucketsRequest;
import software.amazon.awssdk.services.s3.model.ListObjectsV2Request;
import software.amazon.awssdk.services.s3.model.ListObjectsV2Response;
import software.amazon.awssdk.services.s3.model.PutObjectRequest;
import software.amazon.awssdk.services.s3.model.PutObjectResponse;

/* loaded from: input_file:org/pac4j/saml/metadata/s3/SAML2S3MetadataGenerator.class */
public class SAML2S3MetadataGenerator extends BaseSAML2MetadataGenerator {

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SAML2S3MetadataGenerator.class);
    static final String BUCKET_NAME_PREFIX = "pac4j-saml-metadata";
    private final S3Client s3Client;
    private final String entityId;
    private boolean createBucketIfNecessary = true;
    private ChecksumAlgorithm checksumAlgorithm = ChecksumAlgorithm.CRC32;

    @Override // org.pac4j.saml.metadata.BaseSAML2MetadataGenerator
    public AbstractMetadataResolver createMetadataResolver() throws Exception {
        String buildBucketName = buildBucketName();
        ListObjectsV2Response listObjectsV2 = this.s3Client.listObjectsV2((ListObjectsV2Request) ListObjectsV2Request.builder().bucket(buildBucketName).build());
        if (!listObjectsV2.hasContents()) {
            throw new SAMLException("No metadata bucket with valid contents can be found for " + buildBucketName);
        }
        List contents = listObjectsV2.contents();
        LOGGER.debug("Located {} S3 object(s) from bucket {}", Integer.valueOf(contents.size()), buildBucketName);
        if (contents.isEmpty()) {
            throw new SAMLException("No metadata objects could be found in bucket " + buildBucketName);
        }
        String str = this.entityId;
        LOGGER.debug("Fetching object {} from bucket {}", str, buildBucketName);
        ResponseInputStream<GetObjectResponse> object = this.s3Client.getObject((GetObjectRequest) GetObjectRequest.builder().bucket(buildBucketName).key(str).build());
        if (object != null) {
            return buildMetadataResolver(object);
        }
        throw new SAMLException("Unable to locate metadata document for key " + str);
    }

    protected AbstractMetadataResolver buildMetadataResolver(ResponseInputStream<GetObjectResponse> responseInputStream) throws Exception {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(responseInputStream.readAllBytes());
        try {
            DOMMetadataResolver dOMMetadataResolver = new DOMMetadataResolver(Configuration.getParserPool().parse(byteArrayInputStream).getDocumentElement());
            byteArrayInputStream.close();
            return dOMMetadataResolver;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // org.pac4j.saml.metadata.SAML2MetadataGenerator
    public boolean storeMetadata(String str, boolean z) {
        if (CommonHelper.isBlank(str)) {
            this.logger.info("No metadata is provided");
            return false;
        }
        String sign = isSignMetadata() ? getMetadataSigner().sign(str) : str;
        CommonHelper.assertNotBlank("metadata", sign);
        Optional<XMLObject> deserializeSamlObject = Configuration.deserializeSamlObject(sign);
        Class<EntityDescriptor> cls = EntityDescriptor.class;
        Objects.requireNonNull(EntityDescriptor.class);
        EntityDescriptor entityDescriptor = (EntityDescriptor) deserializeSamlObject.map((v1) -> {
            return r1.cast(v1);
        }).orElseThrow();
        String entityID = entityDescriptor.getEntityID();
        if (!((String) Objects.requireNonNull(entityID)).equals(this.entityId)) {
            throw new SAMLException("Entity id from metadata " + entityID + " does not match supplied entity id " + this.entityId);
        }
        createMetadataBucketIfNecessary();
        return putMetadataInBucket(entityDescriptor, sign);
    }

    protected void createMetadataBucketIfNecessary() {
        String buildBucketName = buildBucketName();
        if (this.createBucketIfNecessary && this.s3Client.listBuckets((ListBucketsRequest) ListBucketsRequest.builder().build()).buckets().stream().noneMatch(bucket -> {
            return bucket.name().equalsIgnoreCase(buildBucketName);
        })) {
            LOGGER.debug("Bucket {} does not exist. Creating...", buildBucketName);
            LOGGER.debug("Created bucket {} with name {}", this.s3Client.createBucket((CreateBucketRequest) CreateBucketRequest.builder().bucket(buildBucketName).build()).location(), buildBucketName);
        }
    }

    protected boolean putMetadataInBucket(EntityDescriptor entityDescriptor, String str) {
        PutObjectRequest buildPutRequest = buildPutRequest(entityDescriptor);
        LOGGER.debug("Saving metadata {} in bucket {}", str, buildPutRequest.bucket());
        PutObjectResponse putObject = this.s3Client.putObject(buildPutRequest, RequestBody.fromString(str));
        return putObject != null && putObject.sdkHttpResponse().isSuccessful();
    }

    protected PutObjectRequest buildPutRequest(EntityDescriptor entityDescriptor) {
        return customizePutRequest(PutObjectRequest.builder().key(entityDescriptor.getEntityID()).bucket(buildBucketName()).contentType(MediaType.XML_UTF_8.toString()).metadata(buildBucketMetadata(entityDescriptor)).checksumAlgorithm(this.checksumAlgorithm), entityDescriptor);
    }

    protected PutObjectRequest customizePutRequest(PutObjectRequest.Builder builder, EntityDescriptor entityDescriptor) {
        return (PutObjectRequest) builder.build();
    }

    protected Map<String, String> buildBucketMetadata(EntityDescriptor entityDescriptor) {
        HashMap hashMap = new HashMap();
        hashMap.put("entityId", entityDescriptor.getEntityID());
        return hashMap;
    }

    protected String buildBucketName() {
        return BUCKET_NAME_PREFIX;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public SAML2S3MetadataGenerator(S3Client s3Client, String str) {
        this.s3Client = s3Client;
        this.entityId = str;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public S3Client getS3Client() {
        return this.s3Client;
    }

    @Override // org.pac4j.saml.metadata.BaseSAML2MetadataGenerator
    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String getEntityId() {
        return this.entityId;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public boolean isCreateBucketIfNecessary() {
        return this.createBucketIfNecessary;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public ChecksumAlgorithm getChecksumAlgorithm() {
        return this.checksumAlgorithm;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public void setCreateBucketIfNecessary(boolean z) {
        this.createBucketIfNecessary = z;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public void setChecksumAlgorithm(ChecksumAlgorithm checksumAlgorithm) {
        this.checksumAlgorithm = checksumAlgorithm;
    }
}
