package ca.nrc.cadc.cred.client;

import ca.nrc.cadc.auth.CertCmdArgUtil;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.cred.CertUtil;
import ca.nrc.cadc.reg.client.RegistryClient;
import ca.nrc.cadc.util.ArgumentMap;
import ca.nrc.cadc.util.Log4jInit;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.PrivilegedAction;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;

/* loaded from: input_file:ca/nrc/cadc/cred/client/Main.class */
public class Main implements PrivilegedAction<Boolean> {
    private static Logger logger = Logger.getLogger(Main.class);
    public static final String ARG_HELP = "help";
    public static final String ARG_VERBOSE = "verbose";
    public static final String ARG_DEBUG = "debug";
    public static final String ARG_H = "h";
    public static final String ARG_V = "v";
    public static final String ARG_D = "d";
    public static final String ARG_VIEW_CMD = "view";
    public static final String ARG_DELEGATE_CMD = "delegate";
    public static final String ARG_VALID_DAYS = "daysValid";
    public static final String ARG_RESOUIRCE_ID = "resourceID";
    public static final String ARG_GET_PROXY = "get";
    public static final String ARG_USERID = "userid";
    public static final String ARG_USERDN = "userdn";
    public static final String ARG_OUT = "out";
    private static Subject subject;
    private String baseURL;
    private RegistryClient registryClient = new RegistryClient();
    private CredClient client;
    private Double daysValid;
    private String userID;
    private String userDN;
    private PrintWriter outPEM;
    private static final int INIT_STATUS = 1;
    private static final int NET_STATUS = 2;
    private Operation operation;

    /* loaded from: input_file:ca/nrc/cadc/cred/client/Main$Operation.class */
    public enum Operation {
        DELEGATE,
        VIEW,
        GET
    }

    public static void main(String[] strArr) {
        ArgumentMap argumentMap = new ArgumentMap(strArr);
        if (argumentMap.isSet(ARG_HELP) || argumentMap.isSet(ARG_H)) {
            usage();
            System.exit(0);
        }
        if (argumentMap.isSet(ARG_DEBUG) || argumentMap.isSet(ARG_D)) {
            Log4jInit.setLevel("ca.nrc.cadc.cred", Level.DEBUG);
        } else if (argumentMap.isSet(ARG_VERBOSE) || argumentMap.isSet(ARG_V)) {
            Log4jInit.setLevel("ca.nrc.cadc.cred", Level.INFO);
        } else {
            Log4jInit.setLevel("ca", Level.WARN);
        }
        Main main = new Main();
        try {
            main.validateCommand(argumentMap);
        } catch (IllegalArgumentException e) {
            msg("illegal argument(s): " + e.getMessage());
            msg("");
            usage();
            System.exit(INIT_STATUS);
        }
        try {
            main.init(argumentMap);
            Subject.doAs(subject, main);
        } catch (Throwable th) {
            logger.error("unexpected failure", th);
            System.exit(NET_STATUS);
        }
        System.exit(0);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.security.PrivilegedAction
    public Boolean run() {
        logger.info("run - START");
        if (this.operation.equals(Operation.DELEGATE)) {
            doDelegate();
        } else if (this.operation.equals(Operation.VIEW)) {
            doView();
        } else if (this.operation.equals(Operation.GET)) {
            doGet();
        }
        logger.info("run - DONE");
        return new Boolean(true);
    }

    private void doDelegate() {
        try {
            this.client.delegate(this.daysValid.doubleValue());
            msg("Certificate updated");
        } catch (Exception e) {
            logger.error("failed to delegate", e);
            System.exit(NET_STATUS);
        }
    }

    private void doView() {
        try {
            X509Certificate[] certificate = this.client.getCertificate(null);
            certificate[0].checkValidity();
            msg("Found valid certificate");
            msg("Certificate Subject DN: " + certificate[0].getSubjectX500Principal().getName());
            msg("Certificate Expiry Date: " + certificate[0].getNotAfter());
            msg("Certificate Details: " + certificate[0].toString());
        } catch (Exception e) {
            logger.error("failed to delegate", e);
            System.exit(NET_STATUS);
        }
    }

    private void doGet() {
        try {
            HashSet hashSet = new HashSet();
            if (this.userID != null) {
                hashSet.add(new HttpPrincipal(this.userID));
            } else {
                hashSet.add(new X500Principal(this.userDN));
            }
            Subject subject2 = new Subject(true, hashSet, new HashSet(), new HashSet());
            double d = 0.0d;
            if (this.daysValid != null) {
                d = this.daysValid.doubleValue();
            }
            CertUtil.writePEMCertificateAndKey(this.client.getProxyCertificate(subject2, d), this.outPEM);
        } catch (Exception e) {
            logger.error("failed to get", e);
            System.exit(NET_STATUS);
        }
    }

    private void validateCommand(ArgumentMap argumentMap) throws IllegalArgumentException {
        String value = argumentMap.getValue(ARG_VALID_DAYS);
        if (value != null) {
            boolean z = INIT_STATUS;
            try {
                this.daysValid = new Double(value);
                if (this.daysValid.doubleValue() <= 0.0d) {
                    z = false;
                }
            } catch (NumberFormatException e) {
                z = false;
            }
            if (!z) {
                logger.error("daysValid must be a positive double value");
                usage();
                System.exit(INIT_STATUS);
            }
        }
        logger.info("daysValid: " + this.daysValid);
        int i = 0;
        if (argumentMap.isSet(ARG_VIEW_CMD)) {
            this.operation = Operation.VIEW;
            i = 0 + INIT_STATUS;
        }
        if (argumentMap.isSet(ARG_DELEGATE_CMD)) {
            this.operation = Operation.DELEGATE;
            i += INIT_STATUS;
        }
        if (argumentMap.isSet(ARG_GET_PROXY)) {
            i += INIT_STATUS;
            this.operation = Operation.GET;
            this.userID = argumentMap.getValue(ARG_USERID);
            this.userDN = argumentMap.getValue(ARG_USERDN);
            if ((this.userID == null && this.userDN == null) || (this.userID != null && this.userDN != null)) {
                logger.error("one of: userid or userdn must be set");
                usage();
                System.exit(INIT_STATUS);
            }
            String value2 = argumentMap.getValue(ARG_OUT);
            if (value2 != null) {
                try {
                    this.outPEM = new PrintWriter(new FileWriter(new File(value2)));
                } catch (IOException e2) {
                    logger.error("failed to open " + value2 + ": " + e2);
                    usage();
                    System.exit(INIT_STATUS);
                }
            } else {
                this.outPEM = new PrintWriter(System.out);
            }
        }
        if (i != INIT_STATUS) {
            logger.error("Must specify one operation");
            usage();
            System.exit(INIT_STATUS);
        }
    }

    private void init(ArgumentMap argumentMap) {
        try {
            subject = CertCmdArgUtil.initSubject(argumentMap);
        } catch (Exception e) {
            logger.error("failed to initialise SSL from certificates: " + e.getMessage());
            logger.debug("failed to initialise SSL from certificates: ", e);
            if (e instanceof IllegalArgumentException) {
                usage();
            }
            System.exit(INIT_STATUS);
        }
        String value = argumentMap.getValue(ARG_RESOUIRCE_ID);
        if (value == null) {
            usage();
            logger.error("missing required --resourceID");
            System.exit(INIT_STATUS);
        }
        try {
            URI uri = new URI(value);
            this.client = new CredClient(uri);
            logger.info("created: " + this.client.getClass().getSimpleName() + " for " + uri);
            logger.info("found service: " + this.client.getServiceBaseURL());
        } catch (URISyntaxException e2) {
            logger.error("malformed resourceID: " + value);
            System.exit(INIT_STATUS);
        } catch (Exception e3) {
            logger.error("reason: " + e3.getMessage());
            logger.debug("reason", e3);
            System.exit(INIT_STATUS);
        }
    }

    public static void usage() {
        String[] strArr = {"Usage: cadc-cdp [-v|--verbose|-d|--debug] --resourceID=<CDP service to use> <op> ...", CertCmdArgUtil.getCertArgUsage(), "", "Help: cadc-cdp <-h|--help>", "", "  --resourceID specifies the CDP service to use (e.g. ivo://cadc.nrc.ca/cred)", "", "  <op> is one of:    ", "  --delegate [--daysValid=<days>]", "          create new proxy certificate on the server", "  --get --userid=<username> [--out=<file>] [--daysValid=<days>] ", "  --get --userdn=<user distinguished name> [--out=<file>] [--daysValid=<days>] ", "          get a new (shorter) proxy certificate from the server;", "  --view", "          view the currently delegated proxy certificate"};
        int length = strArr.length;
        for (int i = 0; i < length; i += INIT_STATUS) {
            msg(strArr[i]);
        }
    }

    private static void msg(String str) {
        System.out.println(str);
    }
}
