package io.datarouter.web.user.authenticate.saml;

import io.datarouter.auth.authenticate.saml.SamlTool;
import io.datarouter.storage.config.environment.EnvironmentType;
import io.datarouter.storage.config.properties.EnvironmentName;
import io.datarouter.storage.config.properties.ServerName;
import io.datarouter.storage.setting.SettingFinder;
import io.datarouter.storage.setting.SettingNode;
import io.datarouter.storage.setting.cached.CachedSetting;
import io.datarouter.util.cached.MemoizedComputation;
import io.datarouter.util.string.StringTool;
import io.datarouter.web.config.DatarouterWebPaths;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.util.HashMap;
import java.util.Map;
import org.opensaml.security.credential.Credential;

@Singleton
/* loaded from: input_file:io/datarouter/web/user/authenticate/saml/DatarouterSamlSettings.class */
public class DatarouterSamlSettings extends SettingNode {
    public final CachedSetting<String> entityId;
    public final CachedSetting<String> assertionConsumerServicePath;
    public final CachedSetting<String> idpHomeUrl;
    public final CachedSetting<String> idpSamlUrl;
    public final CachedSetting<Boolean> ignoreServiceProviderRegistrationFailures;
    public final CachedSetting<Boolean> shouldUseSaml;
    public final CachedSetting<String> attributesToRoleGroupIds;
    public final CachedSetting<String> encodedIdpPublicKey;
    public final CachedSetting<String> encodedIdpX509Certificate;
    private MemoizedComputation<String, Credential> idpPublicKey;
    private MemoizedComputation<String, Credential> idpX509CertificatePublicKey;
    private final Boolean isLive;

    @Inject
    public DatarouterSamlSettings(SettingFinder settingFinder, EnvironmentName environmentName, DatarouterWebPaths datarouterWebPaths, ServerName serverName) {
        super(settingFinder, "datarouterWeb.saml.");
        this.entityId = registerString("entityId", "https://" + serverName.get());
        this.assertionConsumerServicePath = registerString("assertionConsumerServletPath", datarouterWebPaths.consumer.toSlashedString());
        this.idpHomeUrl = registerString("idpHomeUrl", "");
        this.idpSamlUrl = registerString("idpSamlUrl", "");
        this.ignoreServiceProviderRegistrationFailures = registerBoolean("ignoreServiceProviderRegistrationFailures", true);
        this.shouldUseSaml = registerBoolean("shouldUseSaml", false);
        this.attributesToRoleGroupIds = registerString("attributesToRoleGroupIds", "");
        this.encodedIdpPublicKey = registerString("encodedIdpPublicKey", "");
        this.encodedIdpX509Certificate = registerString("encodedIdpX509Certificate", "");
        this.idpPublicKey = new MemoizedComputation<>(SamlTool::getCredentialFromEncodedRsaPublicKey);
        this.idpX509CertificatePublicKey = new MemoizedComputation<>(SamlTool::getCredentialFromEncodedX509Certificate);
        this.isLive = Boolean.valueOf(!EnvironmentType.DEVELOPMENT.get().getPersistentString().equals(environmentName.get()));
    }

    public Boolean getShouldProcess() {
        return this.isLive.booleanValue() && ((Boolean) this.shouldUseSaml.get()).booleanValue();
    }

    public Map<String, String> getAttributeToRoleGroupIdMap() {
        HashMap hashMap = new HashMap();
        for (String str : ((String) this.attributesToRoleGroupIds.get()).split(",")) {
            String trim = str.trim();
            int indexOf = trim.indexOf("=");
            if (indexOf > 0 && indexOf < trim.length() - 1) {
                hashMap.put(trim.substring(0, indexOf), trim.substring(indexOf + 1));
            }
        }
        return hashMap;
    }

    public Credential getSignatureCredential() {
        String str = (String) this.encodedIdpX509Certificate.get();
        if (StringTool.isEmptyOrWhitespace(str)) {
            str = null;
        }
        Credential credential = (Credential) this.idpX509CertificatePublicKey.getOutput(str);
        if (credential == null) {
            String str2 = (String) this.encodedIdpPublicKey.get();
            if (StringTool.isEmptyOrWhitespace(str2)) {
                str2 = null;
            }
            credential = (Credential) this.idpPublicKey.getOutput(str2);
        }
        if (credential == null) {
            throw new NullPointerException();
        }
        return credential;
    }
}
