package org.apereo.cas.support.saml.idp.metadata.generator;

import java.io.BufferedWriter;
import java.io.File;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.util.Optional;
import lombok.Generated;
import net.shibboleth.tool.xmlsectool.XMLSecTool;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-saml-idp-core-6.6.14.jar:org/apereo/cas/support/saml/idp/metadata/generator/FileSystemSamlIdPMetadataGenerator.class */
public class FileSystemSamlIdPMetadataGenerator extends BaseSamlIdPMetadataGenerator implements InitializingBean {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) FileSystemSamlIdPMetadataGenerator.class);

    public FileSystemSamlIdPMetadataGenerator(SamlIdPMetadataGeneratorConfigurationContext samlIdPMetadataGeneratorConfigurationContext) {
        super(samlIdPMetadataGeneratorConfigurationContext);
    }

    @Override // org.apereo.cas.support.saml.idp.metadata.generator.BaseSamlIdPMetadataGenerator
    public Pair<String, String> buildSelfSignedEncryptionCert(Optional<SamlRegisteredService> optional) throws Exception {
        File file = getConfigurationContext().getSamlIdPMetadataLocator().getEncryptionCertificate(optional).getFile();
        File file2 = getConfigurationContext().getSamlIdPMetadataLocator().resolveEncryptionKey(optional).getFile();
        writeCertificateAndKey(file, file2, optional);
        return Pair.of(FileUtils.readFileToString(file, StandardCharsets.UTF_8), FileUtils.readFileToString(file2, StandardCharsets.UTF_8));
    }

    @Override // org.apereo.cas.support.saml.idp.metadata.generator.BaseSamlIdPMetadataGenerator
    public Pair<String, String> buildSelfSignedSigningCert(Optional<SamlRegisteredService> optional) throws Exception {
        File file = getConfigurationContext().getSamlIdPMetadataLocator().resolveSigningCertificate(optional).getFile();
        File file2 = getConfigurationContext().getSamlIdPMetadataLocator().resolveSigningKey(optional).getFile();
        writeCertificateAndKey(file, file2, optional);
        return Pair.of(FileUtils.readFileToString(file, StandardCharsets.UTF_8), FileUtils.readFileToString(file2, StandardCharsets.UTF_8));
    }

    @Override // org.apereo.cas.support.saml.idp.metadata.generator.BaseSamlIdPMetadataGenerator
    protected String writeMetadata(String str, Optional<SamlRegisteredService> optional) throws Exception {
        File file = getConfigurationContext().getSamlIdPMetadataLocator().resolveMetadata(optional).getFile();
        FileUtils.write(file, str, StandardCharsets.UTF_8);
        if (getConfigurationContext().getCasProperties().getAuthn().getSamlIdp().getMetadata().getFileSystem().isSignMetadata()) {
            XMLSecTool.main(new String[]{"--sign", "--referenceIdAttributeName", "ID", "--signatureAlgorithm", "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "--inFile", file.getCanonicalPath(), "--certificate", getConfigurationContext().getSamlIdPMetadataLocator().resolveSigningCertificate(optional).getFile().getCanonicalPath(), "--keyFile", getConfigurationContext().getSamlIdPMetadataLocator().resolveSigningKey(optional).getFile().getCanonicalPath(), "--outFile", file.getCanonicalPath()});
        }
        return str;
    }

    protected void writeCertificateAndKey(File file, File file2, Optional<SamlRegisteredService> optional) throws Exception {
        if (file.exists()) {
            LOGGER.info("Certificate file [{}] already exists, and will be deleted", file.getCanonicalPath());
            FileUtils.forceDelete(file);
        }
        if (file2.exists()) {
            LOGGER.info("Key file [{}] already exists, and will be deleted", file2.getCanonicalPath());
            FileUtils.forceDelete(file2);
        }
        BufferedWriter newBufferedWriter = Files.newBufferedWriter(file2.toPath(), StandardCharsets.UTF_8, new OpenOption[0]);
        try {
            BufferedWriter newBufferedWriter2 = Files.newBufferedWriter(file.toPath(), StandardCharsets.UTF_8, new OpenOption[0]);
            try {
                getConfigurationContext().getSamlIdPCertificateAndKeyWriter().writeCertificateAndKey(newBufferedWriter, newBufferedWriter2);
                if (newBufferedWriter2 != null) {
                    newBufferedWriter2.close();
                }
                if (newBufferedWriter != null) {
                    newBufferedWriter.close();
                }
            } catch (Throwable th) {
                if (newBufferedWriter2 != null) {
                    try {
                        newBufferedWriter2.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Throwable th3) {
            if (newBufferedWriter != null) {
                try {
                    newBufferedWriter.close();
                } catch (Throwable th4) {
                    th3.addSuppressed(th4);
                }
            }
            throw th3;
        }
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        generate(Optional.empty());
    }

    public void initialize() throws Exception {
        getConfigurationContext().getSamlIdPMetadataLocator().initialize();
        generate(Optional.empty());
    }
}
