package org.pac4j.saml.metadata.keystore;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.saml.config.SAML2Configuration;
import org.pac4j.saml.exceptions.SAMLException;

/* loaded from: input_file:org/pac4j/saml/metadata/keystore/SAML2HttpUrlKeystoreGenerator.class */
public class SAML2HttpUrlKeystoreGenerator extends BaseSAML2KeystoreGenerator {
    public SAML2HttpUrlKeystoreGenerator(SAML2Configuration sAML2Configuration) {
        super(sAML2Configuration);
    }

    @Override // org.pac4j.saml.metadata.keystore.SAML2KeystoreGenerator
    public InputStream retrieve() throws Exception {
        validate();
        String externalForm = this.saml2Configuration.getKeystoreResource().getURL().toExternalForm();
        this.logger.debug("Loading keystore from {}", externalForm);
        HttpGet httpGet = new HttpGet(externalForm);
        httpGet.addHeader("Accept", ContentType.TEXT_PLAIN.getMimeType());
        httpGet.addHeader("Content-Type", ContentType.TEXT_PLAIN.getMimeType());
        Object obj = null;
        try {
            HttpResponse execute = this.saml2Configuration.getHttpClient().execute(httpGet);
            if (execute == null || execute.getStatusLine().getStatusCode() != 200) {
                throw new SAMLException("Unable to retrieve keystore from " + externalForm);
            }
            this.logger.info("Successfully submitted/created keystore to {}", externalForm);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.getDecoder().decode(IOUtils.toString(execute.getEntity().getContent(), StandardCharsets.UTF_8)));
            if (execute != null && (execute instanceof CloseableHttpResponse)) {
                ((CloseableHttpResponse) execute).close();
            }
            return byteArrayInputStream;
        } catch (Throwable th) {
            if (0 != 0 && (obj instanceof CloseableHttpResponse)) {
                ((CloseableHttpResponse) null).close();
            }
            throw th;
        }
    }

    @Override // org.pac4j.saml.metadata.keystore.BaseSAML2KeystoreGenerator
    protected void store(KeyStore keyStore, X509Certificate x509Certificate, PrivateKey privateKey) throws Exception {
        validate();
        Object obj = null;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                keyStore.store(byteArrayOutputStream, this.saml2Configuration.getKeystorePassword().toCharArray());
                byteArrayOutputStream.flush();
                String encodeToString = Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());
                if (this.logger.isTraceEnabled()) {
                    this.logger.trace("Encoded keystore as base-64: {}", encodeToString);
                }
                String externalForm = this.saml2Configuration.getKeystoreResource().getURL().toExternalForm();
                HttpPost httpPost = new HttpPost(externalForm);
                httpPost.addHeader("Accept", ContentType.TEXT_PLAIN.getMimeType());
                httpPost.addHeader("Content-Type", ContentType.TEXT_PLAIN.getMimeType());
                httpPost.setEntity(new StringEntity(encodeToString, ContentType.TEXT_PLAIN));
                this.logger.debug("Submitting keystore to {}", externalForm);
                HttpResponse execute = this.saml2Configuration.getHttpClient().execute(httpPost);
                if (execute != null) {
                    int statusCode = execute.getStatusLine().getStatusCode();
                    if (statusCode == 501) {
                        this.logger.info("Storing keystore is not supported/implemented by {}", externalForm);
                    } else if (statusCode == 200 || statusCode == 201) {
                        this.logger.info("Successfully submitted/created keystore to {}", externalForm);
                    } else if (statusCode == 304) {
                        this.logger.info("Keystore was not modified/updated: {}", externalForm);
                    } else {
                        this.logger.error("Unable to store keystore successfully via {}", externalForm);
                    }
                }
                byteArrayOutputStream.close();
                if (execute == null || !(execute instanceof CloseableHttpResponse)) {
                    return;
                }
                ((CloseableHttpResponse) execute).close();
            } finally {
            }
        } catch (Throwable th) {
            if (0 != 0 && (obj instanceof CloseableHttpResponse)) {
                ((CloseableHttpResponse) null).close();
            }
            throw th;
        }
    }

    private void validate() {
        CommonHelper.assertNotNull("keystoreResource", this.saml2Configuration.getKeystoreResource());
        CommonHelper.assertNotBlank("keystorePassword", this.saml2Configuration.getPrivateKeyPassword());
        CommonHelper.assertNotBlank("privateKeyPassword", this.saml2Configuration.getPrivateKeyPassword());
    }
}
