package org.wso2.solutions.identity.cards;

import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;
import org.apache.axiom.om.util.Base64;
import org.apache.axiom.om.util.UUIDGenerator;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;
import org.wso2.solutions.identity.IdentityProviderConstants;
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.cards.model.CardImage;
import org.wso2.solutions.identity.cards.model.CardModelException;
import org.wso2.solutions.identity.cards.model.Identity;
import org.wso2.solutions.identity.cards.model.InformationCard;
import org.wso2.solutions.identity.cards.model.InformationCardReference;
import org.wso2.solutions.identity.cards.model.Metadata;
import org.wso2.solutions.identity.cards.model.RequireAppliesTo;
import org.wso2.solutions.identity.cards.model.SelfIssuedCredential;
import org.wso2.solutions.identity.cards.model.SupportedClaimType;
import org.wso2.solutions.identity.cards.model.SupportedClaimTypeList;
import org.wso2.solutions.identity.cards.model.TokenService;
import org.wso2.solutions.identity.cards.model.TokenServiceList;
import org.wso2.solutions.identity.cards.model.UserCredential;
import org.wso2.solutions.identity.cards.model.UsernamePasswordCredential;
import org.wso2.solutions.identity.i18n.Messages;
import org.wso2.solutions.identity.persistence.IPPersistenceManager;
import org.wso2.solutions.identity.persistence.dataobject.ClaimDO;
import org.wso2.solutions.identity.persistence.dataobject.InfoCardDO;
import org.wso2.utils.ServerConfiguration;

/* loaded from: input_file:org/wso2/solutions/identity/cards/CardIssuer.class */
public class CardIssuer {
    private static Log log;
    private static Messages messages;
    private static CardIssuerConfig issuerConfig;
    static Class class$org$wso2$solutions$identity$cards$CardIssuer;

    public CardIssuer() throws IdentityProviderException {
        issuerConfig = CardIssuerConfig.getInstance();
    }

    public Element issueCardForUsername(String str, boolean z) throws IdentityProviderException {
        UsernamePasswordCredential usernamePasswordCredential = new UsernamePasswordCredential();
        usernamePasswordCredential.setUsername(str);
        return issueCard(new UserCredential(usernamePasswordCredential), z);
    }

    public Element issueCardForSelfIssuedCard(String str, boolean z) throws IdentityProviderException {
        return issueCard(new UserCredential(new SelfIssuedCredential(str)), z);
    }

    private Element issueCard(UserCredential userCredential, boolean z) throws IdentityProviderException {
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        try {
            FileInputStream fileInputStream = new FileInputStream(serverConfiguration.getFirstProperty("Security.KeyStore.Location"));
            KeyStore keyStore = KeyStore.getInstance(serverConfiguration.getFirstProperty("Security.KeyStore.Type"));
            keyStore.load(fileInputStream, serverConfiguration.getFirstProperty("Security.KeyStore.Password").toCharArray());
            Generator generator = new Generator();
            generator.setSignatureAlgorithm(issuerConfig.getSigAlgo());
            String firstProperty = serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias");
            generator.setCertCain(keyStore.getCertificateChain(firstProperty));
            generator.setPrivateKey((PrivateKey) keyStore.getKey(firstProperty, serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword").toCharArray()));
            Identity identity = new Identity();
            identity.setCertificate((X509Certificate) keyStore.getCertificate(firstProperty));
            InformationCard infoCard = getInfoCard(userCredential, identity, z);
            storeCard(infoCard, userCredential.getCredentialId());
            return generator.signCard(infoCard);
        } catch (CardModelException e) {
            throw new IdentityProviderException("cardModelError", e);
        } catch (Exception e2) {
            throw new IdentityProviderException("keyStoreException", new String[]{serverConfiguration.getFirstProperty("Security.KeyStore.Location")}, e2);
        }
    }

    private InformationCard getInfoCard(UserCredential userCredential, Identity identity, boolean z) throws CardModelException, IdentityProviderException {
        InformationCard informationCard = new InformationCard();
        informationCard.setInformationCardReference(new InformationCardReference(new StringBuffer().append("http://identity.wso2.org/").append(UUIDGenerator.getUUID()).toString(), 1));
        informationCard.setIssuer(issuerConfig.getIssuer());
        Date time = new GregorianCalendar(TimeZone.getTimeZone("UTC")).getTime();
        Date date = new Date(time.getTime() + (issuerConfig.getValidPeriod() * 1000 * 60 * 60 * 24));
        if (log.isDebugEnabled()) {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
            log.info(messages.getMessage("createdInfocardAt", new String[]{simpleDateFormat.format(time)}));
            log.info(messages.getMessage("infocardExpiresAt", new String[]{simpleDateFormat.format(date)}));
        }
        informationCard.setTimeIssued(time);
        informationCard.setTimeExpires(date);
        informationCard.setCardName("WSO2 Managed Card");
        informationCard.setCardImage(new CardImage("image/jpeg", Base64.encode(getCardImageBytes())));
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        String firstProperty = serverConfiguration.getFirstProperty("HostName");
        String firstProperty2 = serverConfiguration.getFirstProperty("Ports.HTTPS");
        String stringBuffer = new StringBuffer().append("https://").append(firstProperty).append(":").append(firstProperty2).append("/wsas/services/").toString();
        String stringBuffer2 = new StringBuffer().append("https://").append(firstProperty).append(":").append(firstProperty2).append("/wsas/services/").toString();
        if (userCredential.getCredential() instanceof UsernamePasswordCredential) {
            stringBuffer = new StringBuffer().append(stringBuffer).append(IdentityProviderConstants.SERVICE_NAME_STS_UT).toString();
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append("mex-ut/get").toString();
        } else if (userCredential.getCredential() instanceof SelfIssuedCredential) {
            stringBuffer = new StringBuffer().append(stringBuffer).append(IdentityProviderConstants.SERVICE_NAME_STS_IC).toString();
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append("mex-ic/get").toString();
        }
        EndpointReference endpointReference = new EndpointReference(stringBuffer);
        Metadata metadata = new Metadata(stringBuffer2);
        endpointReference.addExtensibleElement(identity.serialize());
        endpointReference.addMetaData(metadata.serialize());
        TokenService tokenService = new TokenService(endpointReference, userCredential);
        TokenServiceList tokenServiceList = new TokenServiceList();
        tokenServiceList.addTokenService(tokenService);
        informationCard.setTokenServiceList(tokenServiceList);
        informationCard.setSupportedTokenTypeList(issuerConfig.getTokenTypeList());
        ClaimDO[] allSupportedClaims = IPPersistenceManager.getPersistanceManager().getAllSupportedClaims();
        SupportedClaimTypeList supportedClaimTypeList = new SupportedClaimTypeList();
        for (int i = 0; i < allSupportedClaims.length; i++) {
            if (allSupportedClaims[i].isSupported()) {
                SupportedClaimType supportedClaimType = new SupportedClaimType(allSupportedClaims[i].getUri());
                supportedClaimType.setDisplayTag(allSupportedClaims[i].getDisplayTag());
                supportedClaimType.setDescription(allSupportedClaims[i].getDescription());
                supportedClaimTypeList.addSupportedClaimType(supportedClaimType);
            }
        }
        informationCard.setSupportedClaimTypeList(supportedClaimTypeList);
        RequireAppliesTo requireAppliesTo = new RequireAppliesTo();
        if (z) {
            informationCard.setRequireAppliesTo(requireAppliesTo);
        } else {
            requireAppliesTo.setOptional(true);
            informationCard.setRequireAppliesTo(requireAppliesTo);
        }
        return informationCard;
    }

    private byte[] getCardImageBytes() throws CardModelException {
        try {
            FileInputStream fileInputStream = new FileInputStream(new StringBuffer().append(System.getProperty("wso2wsas.home")).append("/conf/card.jpg").toString());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (fileInputStream.available() > 0) {
                byteArrayOutputStream.write(bArr, 0, fileInputStream.read(bArr));
            }
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new CardModelException(e.getMessage(), e);
        }
    }

    private void storeCard(InformationCard informationCard, String str) throws IdentityProviderException {
        IPPersistenceManager persistanceManager = IPPersistenceManager.getPersistanceManager();
        InfoCardDO infoCardDO = new InfoCardDO();
        infoCardDO.setCardId(informationCard.getInformationCardReference().getCardId());
        infoCardDO.setDateIssued(informationCard.getTimeIssued());
        infoCardDO.setUserId(str);
        infoCardDO.setDateExpires(informationCard.getTimeExpires());
        persistanceManager.create(infoCardDO);
        log.info(new StringBuffer().append("Information card details stored for card id : ").append(informationCard.getInformationCardReference().getCardId()).toString());
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$wso2$solutions$identity$cards$CardIssuer == null) {
            cls = class$("org.wso2.solutions.identity.cards.CardIssuer");
            class$org$wso2$solutions$identity$cards$CardIssuer = cls;
        } else {
            cls = class$org$wso2$solutions$identity$cards$CardIssuer;
        }
        log = LogFactory.getLog(cls);
        messages = Messages.getInstance(IdentityProviderConstants.RESOURCES);
        issuerConfig = null;
    }
}
