package org.wso2.carbon.sts;

import java.security.KeyStore;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.AxisFault;
import org.apache.axis2.description.AxisModule;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.AxisServiceGroup;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.AxisConfiguration;
import org.apache.axis2.engine.AxisEvent;
import org.apache.axis2.engine.AxisObserver;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.impl.SAMLTokenIssuerConfig;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.core.deployment.DeploymentInterceptor;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.core.util.KeyStoreUtil;
import org.wso2.carbon.registry.core.session.UserRegistry;
import org.wso2.carbon.registry.core.utils.RegistryUtils;
import org.wso2.carbon.security.keystore.KeyStoreAdmin;
import org.wso2.carbon.security.keystore.service.KeyStoreData;
import org.wso2.carbon.security.util.RampartConfigUtil;
import org.wso2.carbon.security.util.ServerCrypto;
import org.wso2.carbon.sts.internal.STSServiceDataHolder;

/* loaded from: input_file:org/wso2/carbon/sts/STSDeploymentInterceptor.class */
public class STSDeploymentInterceptor implements AxisObserver {
    private static final Log log = LogFactory.getLog(DeploymentInterceptor.class);

    public void serviceUpdate(AxisEvent axisEvent, AxisService axisService) {
        if (axisEvent.getEventType() == 1 && "wso2carbon-sts".equals(axisService.getName())) {
            try {
                updateSTSService(axisService.getAxisConfiguration());
            } catch (Exception e) {
                log.error("Error while updating wso2carbon-sts in STSDeploymentInterceptor", e);
            }
        }
    }

    public static void updateSTSService(AxisConfiguration axisConfiguration) throws Exception {
        Properties properties;
        String str = null;
        String str2 = null;
        String str3 = null;
        int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
        UserRegistry configSystemRegistry = STSServiceDataHolder.getInstance().getRegistryService().getConfigSystemRegistry(tenantId);
        UserRegistry governanceSystemRegistry = STSServiceDataHolder.getInstance().getRegistryService().getGovernanceSystemRegistry(tenantId);
        if (configSystemRegistry == null || axisConfiguration.getService("wso2carbon-sts") == null) {
            if (log.isDebugEnabled()) {
                log.debug("configRegistry not set or STS service is unavailable");
                return;
            }
            return;
        }
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        KeyStoreAdmin keyStoreAdmin = new KeyStoreAdmin(tenantId, governanceSystemRegistry);
        if (-1234 == tenantId) {
            str = serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword");
            KeyStoreData[] keyStores = keyStoreAdmin.getKeyStores(true);
            int i = 0;
            while (true) {
                if (i >= keyStores.length) {
                    break;
                }
                if (KeyStoreUtil.isPrimaryStore(keyStores[i].getKeyStoreName())) {
                    str3 = keyStores[i].getKeyStoreName();
                    str2 = KeyStoreUtil.getPrivateKeyAlias(KeyStoreManager.getInstance(-1234).getKeyStore(str3));
                    break;
                }
                i++;
            }
        } else {
            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            if (tenantDomain == null) {
                tenantDomain = STSServiceDataHolder.getInstance().getRealmService().getTenantManager().getDomain(tenantId);
            }
            if (tenantDomain == null) {
                throw new Exception("Tenant Domain can not be null");
            }
            str3 = tenantDomain.replace(".", "-") + ".jks";
            KeyStore keyStore = KeyStoreManager.getInstance(tenantId).getKeyStore(str3);
            if (keyStore != null) {
                str2 = KeyStoreUtil.getPrivateKeyAlias(keyStore);
                str = KeyStoreManager.getInstance(tenantId).getKeyStorePassword(str3);
            } else {
                log.warn("No key store is exist as " + str3 + ". STS would be fail");
            }
        }
        String firstProperty = serverConfiguration.getFirstProperty("HostName");
        if (firstProperty == null) {
            firstProperty = "wso2carbon-sts";
        }
        if (str2 != null) {
            AxisService service = axisConfiguration.getService("wso2carbon-sts");
            SAMLTokenIssuerConfig sAMLTokenIssuerConfig = new SAMLTokenIssuerConfig(firstProperty, ServerCrypto.class.getName(), RampartConfigUtil.getServerCryptoProperties(new String[]{str3}, str3, str2));
            sAMLTokenIssuerConfig.setIssuerKeyAlias(str2);
            sAMLTokenIssuerConfig.setIssuerKeyPassword(str);
            sAMLTokenIssuerConfig.setAddRequestedAttachedRef(true);
            sAMLTokenIssuerConfig.setAddRequestedUnattachedRef(true);
            sAMLTokenIssuerConfig.setKeyComputation(2);
            sAMLTokenIssuerConfig.setProofKeyType("BinarySecret");
            if (configSystemRegistry.resourceExists("/repository/axis2/service-groups/wso2carbon-sts/services/wso2carbon-sts/trustedServices") && (properties = configSystemRegistry.get("/repository/axis2/service-groups/wso2carbon-sts/services/wso2carbon-sts/trustedServices").getProperties()) != null && !properties.isEmpty()) {
                for (Map.Entry entry : properties.entrySet()) {
                    if (!RegistryUtils.isHiddenProperty(entry.getKey().toString())) {
                        sAMLTokenIssuerConfig.addTrustedServiceEndpointAddress((String) entry.getKey(), (String) ((List) entry.getValue()).get(0));
                    }
                }
            }
            String firstProperty2 = serverConfiguration.getFirstProperty("STSTimeToLive");
            if (firstProperty2 != null && firstProperty2.length() > 0) {
                try {
                    sAMLTokenIssuerConfig.setTtl(Long.parseLong(firstProperty2));
                    if (log.isDebugEnabled()) {
                        log.debug("STSTimeToLive read from carbon.xml " + firstProperty2);
                    }
                } catch (NumberFormatException e) {
                    log.error("Error while reading STSTimeToLive from carbon.xml", e);
                }
            }
            String firstProperty3 = serverConfiguration.getFirstProperty("Security.DisableTokenStore");
            if (firstProperty3 != null) {
                sAMLTokenIssuerConfig.setTokenStoreDisabled(Boolean.parseBoolean(firstProperty3));
            }
            String firstProperty4 = serverConfiguration.getFirstProperty("Security.TokenPersister.Class");
            String firstProperty5 = serverConfiguration.getFirstProperty("Security.TokenPersister.StoragePath");
            String firstProperty6 = serverConfiguration.getFirstProperty("Security.TokenPersister.InMemoryThreshold");
            if (firstProperty4 != null) {
                sAMLTokenIssuerConfig.setPersisterClassName(firstProperty4);
            }
            HashMap hashMap = new HashMap();
            if (firstProperty5 != null) {
                hashMap.put("StoragePath", firstProperty5);
            }
            if (firstProperty6 != null) {
                hashMap.put("InMemoryThreshold", firstProperty6);
            }
            if (log.isDebugEnabled() && firstProperty4 != null && firstProperty6 == null) {
                log.debug("Although persister is defined, threshold not defined.");
            }
            String[] properties2 = serverConfiguration.getProperties("Security.TokenPersister.Properties.Property.Name");
            String[] properties3 = serverConfiguration.getProperties("Security.TokenPersister.Properties.Property.Value");
            if (properties2.length != 0 && properties3.length != 0 && properties2.length == properties3.length) {
                for (int i2 = 0; i2 < properties2.length; i2++) {
                    hashMap.put(properties2[i2], properties3[i2]);
                }
            }
            if (hashMap.size() != 0) {
                sAMLTokenIssuerConfig.setPersisterPropertyMap(hashMap);
            }
            try {
                if (service.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart()) == null) {
                    service.addParameter(sAMLTokenIssuerConfig.getParameter());
                }
            } catch (AxisFault e2) {
                log.error("Error while updating wso2carbon-sts in STSDeploymentInterceptor", e2);
            }
        }
    }

    public void init(AxisConfiguration axisConfiguration) {
    }

    public void moduleUpdate(AxisEvent axisEvent, AxisModule axisModule) {
    }

    public void serviceGroupUpdate(AxisEvent axisEvent, AxisServiceGroup axisServiceGroup) {
    }

    public void addParameter(Parameter parameter) throws AxisFault {
    }

    public void deserializeParameters(OMElement oMElement) throws AxisFault {
    }

    public Parameter getParameter(String str) {
        return null;
    }

    public ArrayList getParameters() {
        return null;
    }

    public boolean isParameterLocked(String str) {
        return false;
    }

    public void removeParameter(Parameter parameter) throws AxisFault {
    }
}
