package org.cloudfoundry.identity.uaa.login.saml;

import java.util.Iterator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.identity.uaa.authentication.Origin;
import org.cloudfoundry.identity.uaa.login.saml.ZoneAwareMetadataManager;
import org.cloudfoundry.identity.uaa.util.ObjectUtils;
import org.cloudfoundry.identity.uaa.zone.IdentityProvider;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneProvisioning;
import org.cloudfoundry.identity.uaa.zone.event.IdentityProviderModifiedEvent;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.springframework.context.ApplicationListener;
import org.springframework.security.saml.metadata.ExtendedMetadataDelegate;

/* loaded from: input_file:lib/cloudfoundry-identity-common-2.7.4.jar:org/cloudfoundry/identity/uaa/login/saml/ProviderChangedListener.class */
public class ProviderChangedListener implements ApplicationListener<IdentityProviderModifiedEvent> {
    private static final Log logger = LogFactory.getLog(ProviderChangedListener.class);
    private ZoneAwareMetadataManager metadataManager = null;
    private final SamlIdentityProviderConfigurator configurator;
    private final IdentityZoneProvisioning zoneProvisioning;

    public ProviderChangedListener(SamlIdentityProviderConfigurator samlIdentityProviderConfigurator, IdentityZoneProvisioning identityZoneProvisioning) {
        this.configurator = samlIdentityProviderConfigurator;
        this.zoneProvisioning = identityZoneProvisioning;
    }

    @Override // org.springframework.context.ApplicationListener
    public void onApplicationEvent(IdentityProviderModifiedEvent identityProviderModifiedEvent) {
        if (this.metadataManager == null) {
            return;
        }
        IdentityProvider identityProvider = (IdentityProvider) identityProviderModifiedEvent.getSource();
        if (Origin.SAML.equals(identityProvider.getType())) {
            IdentityZone retrieve = this.zoneProvisioning.retrieve(identityProvider.getIdentityZoneId());
            ZoneAwareMetadataManager.ExtensionMetadataManager manager = this.metadataManager.getManager(retrieve);
            SamlIdentityProviderDefinition samlIdentityProviderDefinition = (SamlIdentityProviderDefinition) ObjectUtils.castInstance(identityProvider.getConfig(), SamlIdentityProviderDefinition.class);
            try {
                if (identityProvider.isActive()) {
                    ExtendedMetadataDelegate[] addSamlIdentityProviderDefinition = this.configurator.addSamlIdentityProviderDefinition(samlIdentityProviderDefinition);
                    if (addSamlIdentityProviderDefinition[1] != null) {
                        manager.removeMetadataProvider(addSamlIdentityProviderDefinition[1]);
                    }
                    manager.addMetadataProvider(addSamlIdentityProviderDefinition[0]);
                } else {
                    ExtendedMetadataDelegate removeIdentityProviderDefinition = this.configurator.removeIdentityProviderDefinition(samlIdentityProviderDefinition);
                    if (removeIdentityProviderDefinition != null) {
                        manager.removeMetadataProvider(removeIdentityProviderDefinition);
                    }
                }
                Iterator<MetadataProvider> it = manager.getProviders().iterator();
                while (it.hasNext()) {
                    it.next().getMetadata();
                }
                manager.refreshMetadata();
                this.metadataManager.getManager(retrieve).refreshMetadata();
            } catch (MetadataProviderException e) {
                logger.error("Unable to add new IDP provider:" + samlIdentityProviderDefinition, e);
            }
        }
    }

    public void setMetadataManager(ZoneAwareMetadataManager zoneAwareMetadataManager) {
        this.metadataManager = zoneAwareMetadataManager;
    }
}
