package de.iip_ecosphere.platform.support.identities;

import de.iip_ecosphere.platform.support.identities.IdentityStore;
import de.iip_ecosphere.platform.support.identities.IdentityToken;
import de.iip_ecosphere.platform.support.identities.YamlIdentityFile;
import de.iip_ecosphere.platform.support.net.SslUtils;
import de.iip_ecosphere.platform.support.net.UriResolver;
import de.iip_ecosphere.platform.support.resources.ResourceLoader;
import de.iip_ecosphere.platform.support.resources.ResourceResolver;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.junit.platform.engine.support.descriptor.ClasspathResourceSource;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/support.aas-0.7.1-SNAPSHOT.jar:de/iip_ecosphere/platform/support/identities/YamlIdentityStore.class */
public class YamlIdentityStore extends IdentityStore {
    private YamlIdentityFile data;

    /* loaded from: input_file:BOOT-INF/lib/support.aas-0.7.1-SNAPSHOT.jar:de/iip_ecosphere/platform/support/identities/YamlIdentityStore$YamlIdentityStoreDescriptor.class */
    public static class YamlIdentityStoreDescriptor implements IdentityStoreDescriptor {
        @Override // de.iip_ecosphere.platform.support.identities.IdentityStoreDescriptor
        public IdentityStore createStore() {
            return new YamlIdentityStore();
        }
    }

    public YamlIdentityStore() {
        InputStream resolve = resolve("identityStore-ipr.yml", false);
        if (null == resolve) {
            resolve = resolve("identityStore.yml", true);
            if (null == resolve) {
                resolve = resolve("identityStore-test.yml", true);
            }
        }
        this.data = YamlIdentityFile.load(resolve);
        LoggerFactory.getLogger((Class<?>) YamlIdentityFile.class).info("Loaded identityStore '{}'", this.data.getName());
    }

    private static InputStream resolve(String str, boolean z) {
        String str2 = ClasspathResourceSource.CLASSPATH_SCHEME;
        InputStream resourceAsStream = ResourceLoader.getResourceAsStream(str, new ResourceResolver[0]);
        if (null == resourceAsStream) {
            resourceAsStream = ResourceLoader.getResourceAsStream("resources/" + str, new ResourceResolver[0]);
            str2 = "classpath: resources";
        }
        if (null == resourceAsStream) {
            File file = new File(System.getProperty("iip.identityStore", "."), str);
            if (!file.exists()) {
                file = new File("src/test/resources/" + str);
            }
            if (!file.exists()) {
                file = new File("src/main/resources/" + str);
            }
            if (file.exists()) {
                try {
                    resourceAsStream = new FileInputStream(file);
                    str2 = file.getAbsolutePath();
                } catch (IOException e) {
                    if (z) {
                        LoggerFactory.getLogger((Class<?>) YamlIdentityFile.class).info("Cannot load {}: {}", str, e.getMessage());
                    }
                }
            } else {
                resourceAsStream = null;
            }
        }
        if (z) {
            if (null != resourceAsStream) {
                LoggerFactory.getLogger((Class<?>) YamlIdentityFile.class).info("Loading {} from {}", str, str2);
            } else {
                LoggerFactory.getLogger((Class<?>) YamlIdentityFile.class).warn("{} not found!", str);
            }
        }
        return resourceAsStream;
    }

    private YamlIdentityFile.IdentityInformation resolve(String str, String... strArr) {
        YamlIdentityFile.IdentityInformation data = this.data.getData(str);
        if (null == data) {
            for (String str2 : strArr) {
                data = this.data.getData(str2);
                if (data != null) {
                    break;
                }
            }
        }
        return data;
    }

    private YamlIdentityFile.IdentityInformation resolveWithLogging(String str, String... strArr) {
        YamlIdentityFile.IdentityInformation resolve = resolve(str, strArr);
        if (null == resolve) {
            LoggerFactory.getLogger(getClass()).warn("No identity information found for {} in store {} (with fallbacks {})", str, this.data.getName(), strArr);
        }
        return resolve;
    }

    @Override // de.iip_ecosphere.platform.support.identities.IdentityStore
    public IdentityToken getToken(String str, boolean z, String... strArr) {
        IdentityToken identityToken = null;
        YamlIdentityFile.IdentityInformation resolve = resolve(str, strArr);
        IdentityToken.IdentityTokenBuilder identityTokenBuilder = null;
        if (null != resolve || !z) {
            if (resolve != null) {
                identityTokenBuilder = IdentityToken.IdentityTokenBuilder.newBuilder(resolve.getTokenPolicyId(), resolve.getSignatureAlgorithm(), resolve.getSignatureAsBytes());
                switch (resolve.getType()) {
                    case ISSUED:
                        identityTokenBuilder.setIssuedToken(resolve.getTokenDataAsBytes(), resolve.getTokenEncryptionAlgorithm());
                        break;
                    case USERNAME:
                        identityTokenBuilder.setUsernameToken(resolve.getUserName(), resolve.getTokenDataAsBytes(), resolve.getTokenEncryptionAlgorithm());
                        break;
                    case X509:
                        identityTokenBuilder.setX509Token(resolve.getTokenDataAsBytes());
                        break;
                }
            }
        } else {
            identityTokenBuilder = IdentityToken.IdentityTokenBuilder.newBuilder();
        }
        if (null != identityTokenBuilder) {
            identityToken = identityTokenBuilder.build();
        } else {
            LoggerFactory.getLogger(getClass()).warn("No identity information found for {} (with fallbacks {}) in store {}. Using anonymous token: {}", str, strArr, this.data.getName(), Boolean.valueOf(z));
        }
        return identityToken;
    }

    @Override // de.iip_ecosphere.platform.support.identities.IdentityStore
    public InputStream getKeystoreAsStream(String str, String... strArr) {
        InputStream inputStream = null;
        YamlIdentityFile.IdentityInformation resolveForKeystore = resolveForKeystore(str, strArr);
        if (isOkForKeystore(resolveForKeystore)) {
            try {
                File resolveToFile = UriResolver.resolveToFile(new URI(resolveForKeystore.getFile()), null);
                if (null != resolveToFile && resolveToFile.exists()) {
                    inputStream = new FileInputStream(resolveToFile);
                }
            } catch (IOException e) {
                LoggerFactory.getLogger(getClass()).warn("Resolving key file {} failed: {}. Falling back to resource resolution.", resolveForKeystore.getFile(), e.getMessage());
            } catch (IllegalArgumentException | URISyntaxException e2) {
            }
            if (null == inputStream) {
                inputStream = resolve(resolveForKeystore.getFile(), true);
            }
        }
        return inputStream;
    }

    @Override // de.iip_ecosphere.platform.support.identities.IdentityStore
    public KeyStore getKeystoreFile(String str, String... strArr) throws IOException {
        KeyStore keyStore = null;
        YamlIdentityFile.IdentityInformation resolveForKeystore = resolveForKeystore(str, strArr);
        if (isOkForKeystore(resolveForKeystore)) {
            try {
                InputStream keystoreAsStream = getKeystoreAsStream(str, strArr);
                keyStore = KeyStore.getInstance(SslUtils.getKeystoreType(resolveForKeystore.getFile()));
                keyStore.load(keystoreAsStream, null == resolveForKeystore.getTokenData() ? null : resolveForKeystore.getTokenData().toCharArray());
                keystoreAsStream.close();
            } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new IOException(e);
            }
        }
        return keyStore;
    }

    @Override // de.iip_ecosphere.platform.support.identities.IdentityStore
    public IdentityStore.KeystoreCoordinate getKeystoreCoordinate(String str, String... strArr) throws IOException {
        IdentityStore.KeystoreCoordinate keystoreCoordinate = null;
        YamlIdentityFile.IdentityInformation resolveForKeystore = resolveForKeystore(str, strArr);
        if (isOkForKeystore(resolveForKeystore)) {
            keystoreCoordinate = new IdentityStore.KeystoreCoordinate(resolveForKeystore.getFile(), resolveForKeystore.getTokenData());
        }
        return keystoreCoordinate;
    }

    @Override // de.iip_ecosphere.platform.support.identities.IdentityStore
    public Key getKeystoreKey(String str, KeyStore keyStore, String str2, String... strArr) throws IOException {
        Key key = null;
        YamlIdentityFile.IdentityInformation resolveForKeystore = resolveForKeystore(str, strArr);
        if (isOkForKeystore(resolveForKeystore)) {
            if (null == keyStore) {
                keyStore = getKeystoreFile(str, strArr);
            }
            try {
                key = keyStore.getKey(str2, resolveForKeystore.getTokenData().toCharArray());
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new IOException(e.getMessage());
            }
        }
        return key;
    }

    private YamlIdentityFile.IdentityInformation resolveForKeystore(String str, String... strArr) {
        YamlIdentityFile.IdentityInformation resolveWithLogging = resolveWithLogging(str, strArr);
        if (resolveWithLogging != null && !isOkForKeystore(resolveWithLogging)) {
            if (IdentityToken.TokenType.USERNAME != resolveWithLogging.getType()) {
                LoggerFactory.getLogger(getClass()).warn("Keystore information found for {} (with fallbacks {}), but type is not USERNAME", str, strArr);
            } else if (null == resolveWithLogging.getTokenData()) {
                LoggerFactory.getLogger(getClass()).warn("Keystore information found for {} (with fallbacks {}) with type USERNAME but it has no token data", str, strArr);
            } else if (null == resolveWithLogging.getFile()) {
                LoggerFactory.getLogger(getClass()).warn("Keystore information found for {} (with fallbacks {}), but no keystore file specified", str, strArr);
            }
        }
        return resolveWithLogging;
    }

    private boolean isOkForKeystore(YamlIdentityFile.IdentityInformation identityInformation) {
        return (null == identityInformation || IdentityToken.TokenType.USERNAME != identityInformation.getType() || null == identityInformation.getFile()) ? false : true;
    }

    @Override // de.iip_ecosphere.platform.support.identities.IdentityStore
    public KeyManager[] getKeyManagers(String str, String str2, String... strArr) throws IOException {
        KeyStore keystoreFile;
        KeyManager[] keyManagerArr = null;
        YamlIdentityFile.IdentityInformation resolveWithLogging = resolveWithLogging(str, strArr);
        if (null != resolveWithLogging && null != (keystoreFile = getKeystoreFile(str, strArr))) {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(str2);
                keyManagerFactory.init(keystoreFile, resolveWithLogging.getTokenData().toCharArray());
                keyManagerArr = keyManagerFactory.getKeyManagers();
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new IOException(e);
            }
        }
        return keyManagerArr;
    }

    @Override // de.iip_ecosphere.platform.support.identities.IdentityStore
    public Iterable<String> enumerateIdentities(String str) {
        ArrayList arrayList = new ArrayList();
        int i = 1;
        do {
            String str2 = str + i;
            YamlIdentityFile.IdentityInformation resolve = resolve(str2, new String[0]);
            if (null == resolve) {
                str2 = str2.toLowerCase();
                resolve = resolve(str2, new String[0]);
            }
            if (null == resolve) {
                str2 = str2.toUpperCase();
                resolve = resolve(str2, new String[0]);
            }
            if (null == resolve) {
                break;
            }
            arrayList.add(str2);
            i++;
        } while (i < 100);
        return arrayList;
    }
}
