package org.pac4j.saml.metadata;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.Proxy;
import java.net.URLConnection;
import java.util.Collections;
import java.util.Iterator;
import java.util.concurrent.locks.ReentrantLock;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import org.opensaml.core.criterion.EntityIdCriterion;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.saml.metadata.IterableMetadataSource;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.metadata.resolver.impl.DOMMetadataResolver;
import org.opensaml.saml.metadata.resolver.index.impl.RoleMetadataIndex;
import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.saml.config.SAML2Configuration;
import org.pac4j.saml.exceptions.SAMLException;
import org.pac4j.saml.util.Configuration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.Resource;
import org.springframework.core.io.UrlResource;

/* loaded from: input_file:org/pac4j/saml/metadata/SAML2IdentityProviderMetadataResolver.class */
public class SAML2IdentityProviderMetadataResolver implements SAML2MetadataResolver {
    private static final long NO_LAST_MODIFIED = -1;
    private MetadataResolver metadataResolver;
    private HostnameVerifier hostnameVerifier;
    private SSLSocketFactory sslSocketFactory;
    private final SAML2Configuration configuration;
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    private final ReentrantLock lock = new ReentrantLock();
    private long lastModified = -1;
    private Proxy proxy = Proxy.NO_PROXY;

    public SAML2IdentityProviderMetadataResolver(SAML2Configuration sAML2Configuration) {
        if (sAML2Configuration.getSslSocketFactory() != null) {
            setSslSocketFactory(sAML2Configuration.getSslSocketFactory());
        }
        if (sAML2Configuration.getHostnameVerifier() != null) {
            setHostnameVerifier(sAML2Configuration.getHostnameVerifier());
        }
        this.configuration = sAML2Configuration;
    }

    public void init() {
        this.metadataResolver = resolve(true);
        hasChanged();
    }

    /* JADX WARN: Removed duplicated region for block: B:8:0x001f A[Catch: all -> 0x0031, TryCatch #0 {all -> 0x0031, blocks: (B:17:0x000e, B:8:0x001f), top: B:16:0x000e }] */
    @Override // org.pac4j.saml.metadata.SAML2MetadataResolver
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final org.opensaml.saml.metadata.resolver.MetadataResolver resolve(boolean r4) {
        /*
            r3 = this;
            r0 = r3
            java.util.concurrent.locks.ReentrantLock r0 = r0.lock
            boolean r0 = r0.tryLock()
            if (r0 == 0) goto L3b
            r0 = r4
            if (r0 != 0) goto L15
            r0 = r3
            boolean r0 = r0.hasChanged()     // Catch: java.lang.Throwable -> L31
            if (r0 == 0) goto L19
        L15:
            r0 = 1
            goto L1a
        L19:
            r0 = 0
        L1a:
            r5 = r0
            r0 = r5
            if (r0 == 0) goto L27
            r0 = r3
            r1 = r3
            org.opensaml.saml.metadata.resolver.MetadataResolver r1 = r1.buildMetadataResolver()     // Catch: java.lang.Throwable -> L31
            r0.metadataResolver = r1     // Catch: java.lang.Throwable -> L31
        L27:
            r0 = r3
            java.util.concurrent.locks.ReentrantLock r0 = r0.lock
            r0.unlock()
            goto L3b
        L31:
            r6 = move-exception
            r0 = r3
            java.util.concurrent.locks.ReentrantLock r0 = r0.lock
            r0.unlock()
            r0 = r6
            throw r0
        L3b:
            r0 = r3
            org.opensaml.saml.metadata.resolver.MetadataResolver r0 = r0.metadataResolver
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.pac4j.saml.metadata.SAML2IdentityProviderMetadataResolver.resolve(boolean):org.opensaml.saml.metadata.resolver.MetadataResolver");
    }

    boolean hasChanged() {
        long j;
        try {
            j = this.configuration.getIdentityProviderMetadataResource().lastModified();
        } catch (Exception e) {
            j = -1;
        }
        boolean z = this.lastModified != j;
        this.logger.debug("lastModified: {} / newLastModified: {} -> hasChanged: {}", Long.valueOf(this.lastModified), Long.valueOf(j), Boolean.valueOf(z));
        this.lastModified = j;
        return z;
    }

    protected MetadataResolver buildMetadataResolver() {
        return initializeMetadataResolver();
    }

    public long getLastModified() {
        return this.lastModified;
    }

    protected String determineIdentityProviderEntityId() {
        String identityProviderEntityId = this.configuration.getIdentityProviderEntityId();
        if (identityProviderEntityId == null) {
            Iterator<EntityDescriptor> it = ((IterableMetadataSource) this.metadataResolver).iterator();
            if (it.hasNext()) {
                identityProviderEntityId = it.next().getEntityID();
            }
        }
        if (identityProviderEntityId == null) {
            throw new SAMLException("No idp entityId found");
        }
        return identityProviderEntityId;
    }

    protected DOMMetadataResolver initializeMetadataResolver() {
        try {
            InputStream metadataResourceInputStream = getMetadataResourceInputStream();
            try {
                DOMMetadataResolver dOMMetadataResolver = new DOMMetadataResolver(Configuration.getParserPool().parse(metadataResourceInputStream).getDocumentElement());
                dOMMetadataResolver.setIndexes(Collections.singleton(new RoleMetadataIndex()));
                dOMMetadataResolver.setParserPool(Configuration.getParserPool());
                dOMMetadataResolver.setFailFastInitialization(true);
                dOMMetadataResolver.setRequireValidMetadata(true);
                dOMMetadataResolver.setId(dOMMetadataResolver.getClass().getCanonicalName());
                dOMMetadataResolver.initialize();
                if (metadataResourceInputStream != null) {
                    metadataResourceInputStream.close();
                }
                return dOMMetadataResolver;
            } catch (Throwable th) {
                if (metadataResourceInputStream != null) {
                    try {
                        metadataResourceInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (FileNotFoundException e) {
            throw new TechnicalException("Error loading idp metadata", e);
        } catch (IOException e2) {
            throw new TechnicalException("Error getting idp metadata resource", e2);
        } catch (ComponentInitializationException e3) {
            throw new TechnicalException("Error initializing idp metadata resolver", e3);
        } catch (XMLParserException e4) {
            throw new TechnicalException("Error parsing idp metadata", e4);
        }
    }

    protected InputStream getMetadataResourceInputStream() throws IOException {
        Resource identityProviderMetadataResource = this.configuration.getIdentityProviderMetadataResource();
        if (!(identityProviderMetadataResource instanceof UrlResource)) {
            return identityProviderMetadataResource.getInputStream();
        }
        URLConnection openConnection = identityProviderMetadataResource.getURL().openConnection(this.proxy);
        if (openConnection instanceof HttpsURLConnection) {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) openConnection;
            if (this.sslSocketFactory != null) {
                httpsURLConnection.setSSLSocketFactory(this.sslSocketFactory);
            }
            if (this.hostnameVerifier != null) {
                httpsURLConnection.setHostnameVerifier(this.hostnameVerifier);
            }
        }
        try {
            prepareMetadataRemoteConnection(openConnection);
            return openConnection.getInputStream();
        } catch (Exception e) {
            if (openConnection instanceof HttpURLConnection) {
                ((HttpURLConnection) openConnection).disconnect();
            }
            throw new TechnicalException("Error getting idp metadata resource", e);
        }
    }

    protected void prepareMetadataRemoteConnection(URLConnection uRLConnection) {
        uRLConnection.setConnectTimeout(this.configuration.getIdentityProviderMetadataConnectTimeout());
        uRLConnection.setReadTimeout(this.configuration.getIdentityProviderMetadataReadTimeout());
    }

    @Override // org.pac4j.saml.metadata.SAML2MetadataResolver
    public String getEntityId() {
        XMLObject entityDescriptorElement = getEntityDescriptorElement();
        if (entityDescriptorElement instanceof EntitiesDescriptor) {
            return ((EntitiesDescriptor) entityDescriptorElement).getEntityDescriptors().get(0).getEntityID();
        }
        if (entityDescriptorElement instanceof EntityDescriptor) {
            return ((EntityDescriptor) entityDescriptorElement).getEntityID();
        }
        throw new SAMLException("No idp entityId found");
    }

    @Override // org.pac4j.saml.metadata.SAML2MetadataResolver
    public String getMetadata() {
        if (getEntityDescriptorElement() != null) {
            return Configuration.serializeSamlObject(getEntityDescriptorElement()).toString();
        }
        throw new TechnicalException("Metadata cannot be retrieved because entity descriptor is null");
    }

    @Override // org.pac4j.saml.metadata.SAML2MetadataResolver
    public final XMLObject getEntityDescriptorElement() {
        try {
            return resolve().resolveSingle(new CriteriaSet(new EntityIdCriterion(determineIdentityProviderEntityId())));
        } catch (ResolverException e) {
            throw new SAMLException("Error initializing idpMetadataProvider", e);
        }
    }

    public void setProxy(Proxy proxy) {
        this.proxy = proxy;
    }

    public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
    }

    public void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }
}
