package org.apereo.cas.support.saml.web.idp.metadata;

import java.util.Collection;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
import lombok.Generated;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.audit.AuditableContext;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.SamlUtils;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.web.BaseCasActuatorEndpoint;
import org.opensaml.core.criterion.EntityIdCriterion;
import org.opensaml.saml.criterion.EntityRoleCriterion;
import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.actuate.endpoint.annotation.DeleteOperation;
import org.springframework.boot.actuate.endpoint.annotation.Endpoint;
import org.springframework.boot.actuate.endpoint.annotation.ReadOperation;
import org.springframework.lang.Nullable;

@Endpoint(id = "samlIdPRegisteredServiceMetadataCache", enableByDefault = false)
/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/metadata/SamlRegisteredServiceCachedMetadataEndpoint.class */
public class SamlRegisteredServiceCachedMetadataEndpoint extends BaseCasActuatorEndpoint {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SamlRegisteredServiceCachedMetadataEndpoint.class);
    private final SamlRegisteredServiceCachingMetadataResolver cachingMetadataResolver;
    private final ServicesManager servicesManager;
    private final AuditableExecution registeredServiceAccessStrategyEnforcer;
    private final OpenSamlConfigBean openSamlConfigBean;

    public SamlRegisteredServiceCachedMetadataEndpoint(CasConfigurationProperties casConfigurationProperties, SamlRegisteredServiceCachingMetadataResolver samlRegisteredServiceCachingMetadataResolver, ServicesManager servicesManager, AuditableExecution auditableExecution, OpenSamlConfigBean openSamlConfigBean) {
        super(casConfigurationProperties);
        this.cachingMetadataResolver = samlRegisteredServiceCachingMetadataResolver;
        this.servicesManager = servicesManager;
        this.registeredServiceAccessStrategyEnforcer = auditableExecution;
        this.openSamlConfigBean = openSamlConfigBean;
    }

    @DeleteOperation
    public void invalidate(@Nullable String str) {
        if (StringUtils.isBlank(str)) {
            this.cachingMetadataResolver.invalidate();
            return;
        }
        SamlRegisteredService findRegisteredService = findRegisteredService(str);
        CriteriaSet criteriaSet = new CriteriaSet();
        criteriaSet.add(new EntityIdCriterion(str));
        criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
        this.cachingMetadataResolver.invalidate(findRegisteredService, criteriaSet);
    }

    @ReadOperation
    public Map<String, Object> getCachedMetadataObject(String str, @Nullable String str2) {
        try {
            SamlRegisteredService findRegisteredService = findRegisteredService(str);
            String str3 = (String) StringUtils.defaultIfBlank(str2, findRegisteredService.getServiceId());
            CriteriaSet criteriaSet = new CriteriaSet();
            criteriaSet.add(new EntityIdCriterion(str3));
            criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
            return (Map) StreamSupport.stream(this.cachingMetadataResolver.resolve(findRegisteredService, criteriaSet).resolve(criteriaSet).spliterator(), false).map(entityDescriptor -> {
                return Pair.of(entityDescriptor.getEntityID(), SamlUtils.transformSamlObject(this.openSamlConfigBean, entityDescriptor).toString());
            }).collect(Collectors.toMap((v0) -> {
                return v0.getLeft();
            }, (v0) -> {
                return v0.getRight();
            }));
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), e);
            return CollectionUtils.wrap("error", e.getMessage());
        }
    }

    private SamlRegisteredService findRegisteredService(String str) {
        Collection findServiceBy;
        if (NumberUtils.isCreatable(str)) {
            long parseLong = Long.parseLong(str);
            findServiceBy = this.servicesManager.findServiceBy(registeredService -> {
                return (registeredService instanceof SamlRegisteredService) && registeredService.getId() == parseLong;
            });
        } else {
            findServiceBy = this.servicesManager.findServiceBy(registeredService2 -> {
                return (registeredService2 instanceof SamlRegisteredService) && (registeredService2.getName().equalsIgnoreCase(str) || registeredService2.getServiceId().equalsIgnoreCase(str));
            });
        }
        if (findServiceBy.isEmpty()) {
            throw new IllegalArgumentException("Unable to locate service " + str);
        }
        SamlRegisteredService samlRegisteredService = (SamlRegisteredService) findServiceBy.iterator().next();
        this.registeredServiceAccessStrategyEnforcer.execute(AuditableContext.builder().registeredService(samlRegisteredService).build()).throwExceptionIfNeeded();
        return samlRegisteredService;
    }
}
