package org.wso2.solutions.identity.cards;

import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;
import org.apache.axiom.om.util.Base64;
import org.apache.axiom.om.util.UUIDGenerator;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;
import org.wso2.solutions.identity.IdentityProviderConstants;
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.admin.ParameterAdmin;
import org.wso2.solutions.identity.admin.RegisteredInfoCardInfoAdmin;
import org.wso2.solutions.identity.admin.ReportAdmin;
import org.wso2.solutions.identity.cards.model.CardImage;
import org.wso2.solutions.identity.cards.model.CardModelException;
import org.wso2.solutions.identity.cards.model.Identity;
import org.wso2.solutions.identity.cards.model.InformationCard;
import org.wso2.solutions.identity.cards.model.InformationCardReference;
import org.wso2.solutions.identity.cards.model.Metadata;
import org.wso2.solutions.identity.cards.model.RequireAppliesTo;
import org.wso2.solutions.identity.cards.model.SelfIssuedCredential;
import org.wso2.solutions.identity.cards.model.SupportedClaimType;
import org.wso2.solutions.identity.cards.model.SupportedClaimTypeList;
import org.wso2.solutions.identity.cards.model.TokenService;
import org.wso2.solutions.identity.cards.model.TokenServiceList;
import org.wso2.solutions.identity.cards.model.UserCredential;
import org.wso2.solutions.identity.cards.model.UsernamePasswordCredential;
import org.wso2.solutions.identity.i18n.Messages;
import org.wso2.solutions.identity.persistence.IPPersistenceManager;
import org.wso2.solutions.identity.persistence.dataobject.ActionDO;
import org.wso2.solutions.identity.persistence.dataobject.ClaimDO;
import org.wso2.solutions.identity.persistence.dataobject.InfoCardDO;
import org.wso2.utils.ServerConfiguration;

/* loaded from: input_file:org/wso2/solutions/identity/cards/CardIssuer.class */
public class CardIssuer {
    private static Log log = LogFactory.getLog(CardIssuer.class);
    private static Messages messages = Messages.getInstance(IdentityProviderConstants.RESOURCES);
    private static CardIssuerConfig issuerConfig = null;

    public CardIssuer() throws IdentityProviderException {
        issuerConfig = CardIssuerConfig.getInstance();
    }

    public Element issueCardForUsername(String str, boolean z) throws IdentityProviderException {
        UsernamePasswordCredential usernamePasswordCredential = new UsernamePasswordCredential();
        usernamePasswordCredential.setUsername(str);
        return issueCard(new UserCredential(usernamePasswordCredential), z, str);
    }

    public Element issueCardForSelfIssuedCard(String str, boolean z) throws IdentityProviderException {
        SelfIssuedCredential selfIssuedCredential = new SelfIssuedCredential(str);
        String extractPrimaryUserName = new RegisteredInfoCardInfoAdmin().extractPrimaryUserName(str);
        UserCredential userCredential = new UserCredential(selfIssuedCredential);
        return extractPrimaryUserName == null ? issueCard(userCredential, z, str) : issueCard(userCredential, z, extractPrimaryUserName);
    }

    private Element issueCard(UserCredential userCredential, boolean z, String str) throws IdentityProviderException {
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        try {
            FileInputStream fileInputStream = new FileInputStream(serverConfiguration.getFirstProperty("Security.KeyStore.Location"));
            KeyStore keyStore = KeyStore.getInstance(serverConfiguration.getFirstProperty("Security.KeyStore.Type"));
            keyStore.load(fileInputStream, serverConfiguration.getFirstProperty("Security.KeyStore.Password").toCharArray());
            Generator generator = new Generator();
            generator.setSignatureAlgorithm(issuerConfig.getSigAlgo());
            String firstProperty = serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias");
            generator.setCertCain(keyStore.getCertificateChain(firstProperty));
            generator.setPrivateKey((PrivateKey) keyStore.getKey(firstProperty, serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword").toCharArray()));
            Identity identity = new Identity();
            identity.setCertificate((X509Certificate) keyStore.getCertificate(firstProperty));
            InformationCard infoCard = getInfoCard(userCredential, identity, z);
            storeCard(infoCard, str);
            Element signCard = generator.signCard(infoCard);
            ReportAdmin.record(str, ActionDO.ACTION_USER_DOWNLOAD_CARD, "CardId=" + infoCard.getInformationCardReference().getCardId());
            return signCard;
        } catch (CardModelException e) {
            throw new IdentityProviderException("cardModelError", e);
        } catch (Exception e2) {
            throw new IdentityProviderException("keyStoreException", new String[]{serverConfiguration.getFirstProperty("Security.KeyStore.Location")}, e2);
        }
    }

    private InformationCard getInfoCard(UserCredential userCredential, Identity identity, boolean z) throws CardModelException, IdentityProviderException {
        InformationCard informationCard = new InformationCard();
        informationCard.setInformationCardReference(new InformationCardReference("http://identity.wso2.org/" + UUIDGenerator.getUUID(), 1));
        informationCard.setIssuer(issuerConfig.getIssuer());
        Date time = new GregorianCalendar(TimeZone.getTimeZone("UTC")).getTime();
        Date date = new Date(time.getTime() + (issuerConfig.getValidPeriod() * 1000 * 60 * 60 * 24));
        if (log.isDebugEnabled()) {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
            log.info(messages.getMessage("createdInfocardAt", new String[]{simpleDateFormat.format(time)}));
            log.info(messages.getMessage("infocardExpiresAt", new String[]{simpleDateFormat.format(date)}));
        }
        informationCard.setTimeIssued(time);
        informationCard.setTimeExpires(date);
        informationCard.setCardName("WSO2 Managed Card");
        informationCard.setCardImage(new CardImage("image/jpeg", Base64.encode(getCardImageBytes())));
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        String firstProperty = serverConfiguration.getFirstProperty("HostName");
        String firstProperty2 = serverConfiguration.getFirstProperty("Ports.HTTPS");
        String str = "https://" + firstProperty + ":" + firstProperty2 + "/wsas/services/";
        String str2 = "https://" + firstProperty + ":" + firstProperty2 + "/wsas/services/";
        if (issuerConfig.isUseSymmetricBinding()) {
            if (userCredential.getCredential() instanceof UsernamePasswordCredential) {
                str = str + IdentityProviderConstants.SERVICE_NAME_STS_UT_SYMM;
                str2 = str2 + "mex-ut-symm/get";
            } else if (userCredential.getCredential() instanceof SelfIssuedCredential) {
                str = str + IdentityProviderConstants.SERVICE_NAME_STS_IC_SYMM;
                str2 = str2 + "mex-ic-symm/get";
            }
        } else if (userCredential.getCredential() instanceof UsernamePasswordCredential) {
            str = str + IdentityProviderConstants.SERVICE_NAME_STS_UT;
            str2 = str2 + "mex-ut/get";
        } else if (userCredential.getCredential() instanceof SelfIssuedCredential) {
            str = str + IdentityProviderConstants.SERVICE_NAME_STS_IC;
            str2 = str2 + "mex-ic/get";
        }
        EndpointReference endpointReference = new EndpointReference(str);
        Metadata metadata = new Metadata(str2);
        endpointReference.addExtensibleElement(identity.serialize());
        endpointReference.addMetaData(metadata.serialize());
        TokenService tokenService = new TokenService(endpointReference, userCredential);
        TokenServiceList tokenServiceList = new TokenServiceList();
        tokenServiceList.addTokenService(tokenService);
        informationCard.setTokenServiceList(tokenServiceList);
        informationCard.setSupportedTokenTypeList(issuerConfig.getTokenTypeList());
        ClaimDO[] allSupportedClaims = IPPersistenceManager.getPersistanceManager().getAllSupportedClaims();
        SupportedClaimTypeList supportedClaimTypeList = new SupportedClaimTypeList();
        for (int i = 0; i < allSupportedClaims.length; i++) {
            if (allSupportedClaims[i].isSupported()) {
                SupportedClaimType supportedClaimType = new SupportedClaimType(allSupportedClaims[i].getUri());
                supportedClaimType.setDisplayTag(allSupportedClaims[i].getDisplayTag());
                supportedClaimType.setDescription(allSupportedClaims[i].getDescription());
                supportedClaimTypeList.addSupportedClaimType(supportedClaimType);
            }
        }
        informationCard.setSupportedClaimTypeList(supportedClaimTypeList);
        RequireAppliesTo requireAppliesTo = new RequireAppliesTo();
        if (z) {
            informationCard.setRequireAppliesTo(requireAppliesTo);
        } else {
            requireAppliesTo.setOptional(true);
            informationCard.setRequireAppliesTo(requireAppliesTo);
        }
        return informationCard;
    }

    private byte[] getCardImageBytes() throws CardModelException {
        try {
            new ParameterAdmin();
            FileInputStream fileInputStream = new FileInputStream(System.getProperty("wso2wsas.home") + "/conf/card.jpg");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (fileInputStream.available() > 0) {
                byteArrayOutputStream.write(bArr, 0, fileInputStream.read(bArr));
            }
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new CardModelException(e.getMessage(), e);
        }
    }

    private void storeCard(InformationCard informationCard, String str) throws IdentityProviderException {
        IPPersistenceManager persistanceManager = IPPersistenceManager.getPersistanceManager();
        InfoCardDO infoCardDO = new InfoCardDO();
        infoCardDO.setCardId(informationCard.getInformationCardReference().getCardId());
        infoCardDO.setDateIssued(informationCard.getTimeIssued());
        infoCardDO.setUserId(str);
        infoCardDO.setDateExpires(informationCard.getTimeExpires());
        persistanceManager.create(infoCardDO);
        log.info("Information card details stored for card id : " + informationCard.getInformationCardReference().getCardId());
    }
}
