package se.litsec.opensaml.saml2.metadata.provider;

import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
import net.shibboleth.utilities.java.support.security.RandomIdentifierGenerationStrategy;
import org.apache.commons.lang.Validate;
import org.joda.time.DateTime;
import org.joda.time.chrono.ISOChronology;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.core.xml.io.UnmarshallingException;
import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
import org.opensaml.saml.metadata.resolver.impl.CompositeMetadataResolver;
import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.xmlsec.signature.Signature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.litsec.opensaml.utils.ObjectUtils;

/* loaded from: input_file:se/litsec/opensaml/saml2/metadata/provider/CompositeMetadataProvider.class */
public class CompositeMetadataProvider extends AbstractMetadataProvider {
    private CompositeMetadataResolverEx metadataResolver;
    private List<MetadataProvider> metadataProviders;
    private String id;
    private DateTime initTime;
    private EntitiesDescriptor compositeMetadata;
    private DateTime compositeMetadataCreationTime;
    private Logger log = LoggerFactory.getLogger(CompositeMetadataProvider.class);
    private RandomIdentifierGenerationStrategy idGenerator = new RandomIdentifierGenerationStrategy(20);
    private List<String> destroyList = new ArrayList();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:se/litsec/opensaml/saml2/metadata/provider/CompositeMetadataProvider$CompositeMetadataResolverEx.class */
    public static class CompositeMetadataResolverEx extends CompositeMetadataResolver {
        private CompositeMetadataResolverEx() {
        }

        public void setId(String str) {
            super.setId(str);
        }
    }

    public CompositeMetadataProvider(String str, List<MetadataProvider> list) {
        Validate.notNull(str, "id must not be null");
        Validate.notNull(list, "metadataProviders must not be null");
        this.id = str;
        this.metadataProviders = list;
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.MetadataProvider
    public String getID() {
        return this.id;
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.MetadataProvider
    public MetadataResolver getMetadataResolver() {
        return this.metadataResolver;
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider, se.litsec.opensaml.saml2.metadata.provider.MetadataProvider
    public synchronized Optional<XMLObject> getMetadata() {
        Optional<DateTime> lastUpdate = getLastUpdate();
        if (!lastUpdate.isPresent()) {
            this.log.debug("No metadata available for provider '{}'", getID());
            return Optional.empty();
        }
        if (this.compositeMetadata != null && !this.compositeMetadataCreationTime.isBefore(lastUpdate.get())) {
            return Optional.of(this.compositeMetadata);
        }
        collectMetadata();
        return Optional.ofNullable(this.compositeMetadata);
    }

    private synchronized void collectMetadata() {
        this.log.debug("Collecting composite metadata for {} ...", getID());
        ArrayList arrayList = new ArrayList();
        EntitiesDescriptor createSamlObject = ObjectUtils.createSamlObject(EntitiesDescriptor.class);
        createSamlObject.setName(getID());
        createSamlObject.setID("metadata_" + this.idGenerator.generateIdentifier(true));
        for (MetadataProvider metadataProvider : this.metadataProviders) {
            for (EntityDescriptor entityDescriptor : metadataProvider.iterator()) {
                if (arrayList.contains(entityDescriptor.getEntityID())) {
                    this.log.warn("EntityDescriptor for '{}' already exists in metadata. Entry read from provider '{}' will be ignored.", entityDescriptor.getEntityID(), metadataProvider.getID());
                } else {
                    try {
                        EntityDescriptor cloneXMLObject = XMLObjectSupport.cloneXMLObject(entityDescriptor);
                        cloneXMLObject.setSignature((Signature) null);
                        cloneXMLObject.setCacheDuration((Long) null);
                        cloneXMLObject.setValidUntil((DateTime) null);
                        createSamlObject.getEntityDescriptors().add(cloneXMLObject);
                        arrayList.add(cloneXMLObject.getEntityID());
                        this.log.trace("EntityDescriptor '{}' added to composite metadata", cloneXMLObject.getEntityID());
                    } catch (MarshallingException | UnmarshallingException e) {
                        this.log.error("Error copying EntityDescriptor '{}' ({}), entry will not be included in metadata");
                    }
                }
            }
        }
        this.compositeMetadataCreationTime = new DateTime(ISOChronology.getInstanceUTC());
        this.compositeMetadata = createSamlObject;
        this.log.info("Composite metadata for {} collected and compiled into EntitiesDescriptor", getID());
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider, se.litsec.opensaml.saml2.metadata.provider.MetadataProvider
    public Optional<DateTime> getLastUpdate() {
        DateTime lastUpdate = this.metadataResolver.getLastUpdate();
        return lastUpdate != null ? Optional.of(lastUpdate) : Optional.ofNullable(this.initTime);
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    protected void createMetadataResolver(boolean z, boolean z2, MetadataFilter metadataFilter) throws ResolverException {
        this.metadataResolver = new CompositeMetadataResolverEx();
        this.metadataResolver.setId(this.id);
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    protected MetadataFilter createFilter() {
        return null;
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    protected void initializeMetadataResolver() throws ComponentInitializationException {
        this.log.debug("Initializing CompositeMetadataProvider ...");
        for (MetadataProvider metadataProvider : this.metadataProviders) {
            String id = metadataProvider.getID();
            if (metadataProvider.isInitialized()) {
                this.log.debug("Underlying provider ({}) has already been initialized", id);
            } else {
                this.log.trace("Initializing underlying provider ({}) ...", id);
                metadataProvider.initialize();
                this.destroyList.add(id);
                this.log.debug("Underlying provider ({}) successfully initialized", id);
            }
        }
        this.initTime = new DateTime(ISOChronology.getInstanceUTC());
        List list = (List) this.metadataProviders.stream().map(metadataProvider2 -> {
            return metadataProvider2.getMetadataResolver();
        }).collect(Collectors.toList());
        if (list.isEmpty()) {
            this.log.warn("No metadata sources installed for CompositeMetadataProvider '{}'", getID());
        }
        try {
            this.metadataResolver.setResolvers(list);
            this.metadataResolver.initialize();
            this.log.debug("CompositeMetadataProvider successfully initialized");
        } catch (ResolverException e) {
            throw new ComponentInitializationException("Failed to install resolvers", e);
        }
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    protected void destroyMetadataResolver() {
        for (MetadataProvider metadataProvider : this.metadataProviders) {
            String id = metadataProvider.getID();
            try {
                if (this.destroyList.contains(id) && metadataProvider.isInitialized() && !metadataProvider.isDestroyed()) {
                    metadataProvider.destroy();
                }
            } catch (Exception e) {
                this.log.error("Error while destroying underlying provider ({})", id, e);
            }
        }
        if (this.metadataResolver != null) {
            this.metadataResolver.destroy();
        }
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    public void setRequireValidMetadata(boolean z) {
        throw new UnsupportedOperationException("Cannot configure 'requireValidMetadata' for a CompositeMetadataResolver");
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    public void setFailFastInitialization(boolean z) {
        throw new UnsupportedOperationException("Cannot configure 'failFastInitialization' for a CompositeMetadataResolver");
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    public void setInclusionPredicates(List<Predicate<EntityDescriptor>> list) {
        throw new UnsupportedOperationException("Cannot configure 'inclusionPredicates' for a CompositeMetadataResolver");
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    public void setExclusionPredicates(List<Predicate<EntityDescriptor>> list) {
        throw new UnsupportedOperationException("Cannot configure 'exclusionPredicates' for a CompositeMetadataResolver");
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    public void setSignatureVerificationCertificate(X509Certificate x509Certificate) {
        throw new UnsupportedOperationException("Cannot configure 'signatureVerificationCertificate' for a CompositeMetadataResolver");
    }

    @Override // se.litsec.opensaml.saml2.metadata.provider.AbstractMetadataProvider
    public void setPerformSchemaValidation(boolean z) {
        throw new UnsupportedOperationException("Cannot configure 'performSchemaValidation' for a CompositeMetadataResolver");
    }
}
