package org.wso2.carbon.identity.application.authentication.endpoint.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Enumeration;
import java.util.Properties;
import java.util.StringTokenizer;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.endpoint.util.Constants;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.securevault.SecretResolver;
import org.wso2.securevault.SecretResolverFactory;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/endpoint/util/EndpointConfigManager.class */
public class EndpointConfigManager {
    private static final String PROTECTED_TOKENS = "protectedTokens";
    private static final String DEFAULT_CALLBACK_HANDLER = "org.wso2.carbon.securevault.DefaultSecretCallbackHandler";
    private static final String SECRET_PROVIDER = "secretProvider";
    private static Properties prop;
    private static String serverOrigin;
    private static final Log log = LogFactory.getLog(EndpointConfigManager.class);
    private static String appName = null;
    private static char[] appPassword = null;

    public static void init() {
        prop = new Properties();
        try {
            File file = new File(buildFilePath(Constants.TenantConstants.CONFIG_RELATIVE_PATH));
            if (file.exists()) {
                log.info("EndpointConfig.properties file loaded from ./repository/conf/identity/EndpointConfig.properties");
                prop.load(new FileInputStream(file));
                if (isSecuredPropertyAvailable(prop)) {
                    resolveSecrets(prop);
                }
            } else {
                InputStream resourceAsStream = EndpointConfigManager.class.getClassLoader().getResourceAsStream(Constants.TenantConstants.CONFIG_FILE_NAME);
                if (resourceAsStream != null) {
                    prop.load(resourceAsStream);
                    log.debug("EndpointConfig.properties file loaded from authentication endpoint webapp");
                } else if (log.isDebugEnabled()) {
                    log.debug("EndpointConfig.properties could not be located in ./repository/conf/identity/EndpointConfig.properties or authentication endpoint webapp");
                }
            }
            appName = getPropertyValue(Constants.CONFIG_APP_NAME);
            appPassword = getPropertyValue(Constants.CONFIG_APP_PASSWORD).toCharArray();
            serverOrigin = getPropertyValue(Constants.CONFIG_SERVER_ORIGIN);
            if (StringUtils.isNotBlank(serverOrigin)) {
                serverOrigin = IdentityUtil.fillURLPlaceholders(serverOrigin);
            }
        } catch (IOException e) {
            log.error("Initialization failed : ", e);
        }
    }

    public static String getAppName() {
        return appName;
    }

    public static char[] getAppPassword() {
        return appPassword;
    }

    public static String getServerOrigin() {
        return serverOrigin;
    }

    private static String buildFilePath(String str) throws IOException {
        if (StringUtils.isNotEmpty(str) && str.startsWith(Constants.TenantConstants.RELATIVE_PATH_START_CHAR)) {
            str = new File(new File(Constants.TenantConstants.RELATIVE_PATH_START_CHAR).getAbsolutePath()).getCanonicalPath() + File.separator + str;
        }
        if (log.isDebugEnabled()) {
            log.debug("File path for KeyStore/TrustStore : " + str);
        }
        return str;
    }

    private static String getPropertyValue(String str) {
        return (!Constants.SERVICES_URL.equals(str) || prop.containsKey(Constants.SERVICES_URL)) ? prop.getProperty(str) : IdentityUtil.getServerURL(IdentityUtil.getServicePath(), true, true);
    }

    private static boolean isSecuredPropertyAvailable(Properties properties) {
        Enumeration<?> propertyNames = properties.propertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            if (PROTECTED_TOKENS.equals(str) && StringUtils.isNotBlank(properties.getProperty(str))) {
                return true;
            }
        }
        return false;
    }

    private static void resolveSecrets(Properties properties) {
        String str = (String) properties.get(PROTECTED_TOKENS);
        if (!StringUtils.isNotBlank(str)) {
            if (log.isDebugEnabled()) {
                log.debug("Secure vault encryption ignored since no protected tokens available");
                return;
            }
            return;
        }
        if (StringUtils.isBlank((String) properties.get(SECRET_PROVIDER))) {
            properties.put(SECRET_PROVIDER, DEFAULT_CALLBACK_HANDLER);
        }
        SecretResolver create = SecretResolverFactory.create(properties, "");
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreElements()) {
            String trim = stringTokenizer.nextElement().toString().trim();
            if (create.isTokenProtected(trim)) {
                if (log.isDebugEnabled()) {
                    log.debug("Resolving and replacing secret for " + trim);
                }
                properties.put(trim, create.resolve(trim));
            } else if (log.isDebugEnabled()) {
                log.debug("No encryption done for value with key :" + trim);
            }
        }
    }
}
