package com.adobe.granite.auth.saml.configuration;

import java.io.IOException;
import java.io.InputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import org.apache.sling.api.resource.LoginException;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.api.resource.ValueMap;

/* loaded from: input_file:com/adobe/granite/auth/saml/configuration/IdpConfiguration.class */
public class IdpConfiguration {
    private String idpPostUrl;
    private String KEY_ROOT = "/etc/key/saml";
    private String IDP_CERT = "idp_cert";
    private ResourceResolverFactory resourceResolverFactory;

    public void setResourceResolverFactory(ResourceResolverFactory resourceResolverFactory) {
        this.resourceResolverFactory = resourceResolverFactory;
    }

    public void setIdpPostUrl(String str) {
        this.idpPostUrl = str;
    }

    public String getIdpPostUrl() {
        return this.idpPostUrl;
    }

    public Certificate getCertificate() {
        ResourceResolver resourceResolver = null;
        InputStream inputStream = null;
        try {
            try {
                ResourceResolver administrativeResourceResolver = this.resourceResolverFactory.getAdministrativeResourceResolver(null);
                InputStream inputStream2 = (InputStream) ((ValueMap) administrativeResourceResolver.getResource(this.KEY_ROOT).adaptTo(ValueMap.class)).get(this.IDP_CERT, InputStream.class);
                if (null == inputStream2) {
                    throw new RuntimeException("Public key has not been configured - please contact your administrator");
                }
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(inputStream2);
                if (null != inputStream2) {
                    try {
                        inputStream2.close();
                    } catch (IOException e) {
                    }
                }
                if (null != administrativeResourceResolver) {
                    administrativeResourceResolver.close();
                }
                return generateCertificate;
            } catch (CertificateException e2) {
                throw new RuntimeException("Error reading certificate", e2);
            } catch (LoginException e3) {
                throw new RuntimeException("Unable to retrieve admin resource resolver", e3);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                }
            }
            if (0 != 0) {
                resourceResolver.close();
            }
            throw th;
        }
    }
}
