package org.integratedmodelling.common.client.cli.commands;

import java.io.File;
import java.util.Properties;
import java.util.UUID;
import org.apache.naming.ResourceRef;
import org.apache.xalan.templates.Constants;
import org.integratedmodelling.api.auth.IUser;
import org.integratedmodelling.api.modelling.resolution.IModelPrioritizer;
import org.integratedmodelling.api.network.INode;
import org.integratedmodelling.api.services.IServiceCall;
import org.integratedmodelling.api.services.annotations.CLIPrototype;
import org.integratedmodelling.api.services.annotations.Execute;
import org.integratedmodelling.api.services.annotations.Prototype;
import org.integratedmodelling.common.auth.LicenseManager;
import org.integratedmodelling.common.configuration.KLAB;
import org.integratedmodelling.common.utils.MapUtils;
import org.integratedmodelling.exceptions.KlabConfigurationException;
import org.joda.time.DateTime;

@Prototype(id = "certify", description = "create a server certificate (needs full authorization configuration)", args = {"? s|server", "text", "? u|user", "text", "? tp|testport", "integer", "? l|list", Prototype.NONE, "url", "text", "# email", "text", "# auth", "NONE|DIRECT|INDIRECT", "? o|output", "text"})
@CLIPrototype
/* loaded from: input_file:lib/klab-common-0.9.9.jar:org/integratedmodelling/common/client/cli/commands/Certify.class */
public class Certify {
    private static final int CERT_FILE_TTL_DAYS = 365;

    @Execute
    public Object createServerCertificate(IServiceCall iServiceCall) throws Exception {
        boolean has = iServiceCall.has(IModelPrioritizer.SERVER_ID);
        boolean has2 = iServiceCall.has("user");
        String str = has ? "server.cert" : "im.cert";
        if (iServiceCall.has(Constants.ELEMNAME_OUTPUT_STRING)) {
            str = iServiceCall.get(Constants.ELEMNAME_OUTPUT_STRING).toString();
        }
        Properties properties = new Properties();
        File file = new File(str);
        if (iServiceCall.has("testport") || iServiceCall.has("list")) {
            Properties readCertificate = LicenseManager.readCertificate(new File(iServiceCall.getString("url")), new File(KLAB.CONFIG.getDataPath() + File.separator + "ssh" + File.separator + "pubring.gpg"), new String[0]);
            if (iServiceCall.has("list")) {
                return MapUtils.dump(readCertificate);
            }
            readCertificate.setProperty("test.port", "" + Integer.parseInt(iServiceCall.getString("testport")));
            LicenseManager.createCertificate(readCertificate, file);
            return file.getAbsolutePath();
        }
        if (!has && !has2) {
            throw new KlabConfigurationException("either a user or a server name must be specified");
        }
        if (!iServiceCall.has(IUser.EMAIL)) {
            throw new KlabConfigurationException("an email address must be specified");
        }
        if (has) {
            INode.Authentication valueOf = INode.Authentication.valueOf(iServiceCall.getString(ResourceRef.AUTH));
            properties.setProperty("name", iServiceCall.getString(IModelPrioritizer.SERVER_ID));
            properties.setProperty("authentication", valueOf.name());
            properties.setProperty("url", iServiceCall.getString("url"));
        }
        if (has2) {
            properties.setProperty("user", iServiceCall.getString("user"));
            properties.setProperty("primary.server", iServiceCall.getString("url"));
        }
        properties.setProperty(IUser.EMAIL, iServiceCall.getString(IUser.EMAIL));
        properties.setProperty("key", UUID.randomUUID().toString());
        properties.setProperty(IUser.EXPIRY, DateTime.now().plusDays(365).toString());
        LicenseManager.createCertificate(properties, file);
        return file.getAbsolutePath();
    }
}
