package org.wso2.carbon.identity.client.attestation.mgt.internal;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Dictionary;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.client.attestation.mgt.services.ClientAttestationService;
import org.wso2.carbon.identity.client.attestation.mgt.services.ClientAttestationServiceImpl;
import org.wso2.carbon.identity.client.attestation.mgt.utils.Constants;
import org.wso2.carbon.identity.core.util.IdentityUtil;

@Component(name = "identity.client.attestation.mgt.component", immediate = true)
/* loaded from: input_file:org/wso2/carbon/identity/client/attestation/mgt/internal/ClientAttestationMgtServiceComponent.class */
public class ClientAttestationMgtServiceComponent {
    private static final Log LOG = LogFactory.getLog(ClientAttestationMgtServiceComponent.class);

    @Activate
    protected void activate(ComponentContext componentContext) {
        try {
            componentContext.getBundleContext().registerService(ClientAttestationService.class.getName(), new ClientAttestationServiceImpl(), (Dictionary) null);
            loadConfigs();
            if (LOG.isDebugEnabled()) {
                LOG.debug("Client Attestation Service Component deployed.");
            }
        } catch (Throwable th) {
            LOG.error("Error while activating Input Validation Service Component.", th);
        }
    }

    private void loadConfigs() {
        ClientAttestationMgtDataHolder.getInstance().setAppleAttestationRootCertificate(getAppleAttestationRootCertificate());
        ClientAttestationMgtDataHolder.getInstance().setAppleAttestationRevocationCheckEnabled(loadAppleAttestationRevocationCheckEnabled());
    }

    private boolean loadAppleAttestationRevocationCheckEnabled() {
        return Boolean.parseBoolean(IdentityUtil.getProperty(Constants.APPLE_ATTESTATION_REVOCATION_CHECK_ENABLED));
    }

    private X509Certificate getAppleAttestationRootCertificate() {
        try {
            String property = IdentityUtil.getProperty(Constants.APPLE_ATTESTATION_ROOT_CERTIFICATE_PATH);
            if (!StringUtils.isNotBlank(property)) {
                LOG.warn("Apple attestation root certificate path is not configured.");
                return null;
            }
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new FileInputStream(property));
            if (isCertificateExpiringSoon(x509Certificate)) {
                LOG.warn("Provided apple attestation root certificate is going to expire soon. Please add the latest certificate.");
            }
            return x509Certificate;
        } catch (FileNotFoundException | CertificateException e) {
            LOG.warn("Apple attestation root certificate not found.", e);
            return null;
        }
    }

    private boolean isCertificateExpiringSoon(X509Certificate x509Certificate) {
        return (x509Certificate.getNotAfter().getTime() - new Date().getTime()) / 86400000 <= 90;
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Input Validation service component deactivated.");
        }
    }

    @Reference(service = ApplicationManagementService.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unsetApplicationManagement")
    public void setApplicationManagement(ApplicationManagementService applicationManagementService) {
        ClientAttestationMgtDataHolder.getInstance().setApplicationManagementService(applicationManagementService);
    }

    public void unsetApplicationManagement(ApplicationManagementService applicationManagementService) {
        ClientAttestationMgtDataHolder.getInstance().setApplicationManagementService(null);
    }
}
