package com.appiancorp.security.auth.saml.functions;

import com.appiancorp.common.config.LegacyServiceProvider;
import com.appiancorp.core.API;
import com.appiancorp.core.data.Dictionary;
import com.appiancorp.core.expr.portable.Type;
import com.appiancorp.core.expr.portable.Value;
import com.appiancorp.core.expr.reaction.ReactionFunction;
import com.appiancorp.expr.server.ServerAPI;
import com.appiancorp.security.ssl.CertificateData;
import com.appiancorp.security.ssl.CertificateService;
import com.appiancorp.suiteapi.common.exceptions.AppianRuntimeException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.suiteapi.content.ContentConstants;
import com.appiancorp.suiteapi.content.ContentService;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/appiancorp/security/auth/saml/functions/SaveSamlCertificateReaction.class */
public class SaveSamlCertificateReaction implements ReactionFunction {
    private static final Logger LOG = Logger.getLogger(SaveSamlCertificateReaction.class);
    public static final String SAML_CERTIFICATE_KEY = "saveSamlCertificate";
    private final LegacyServiceProvider legacyServiceProvider;
    private final CertificateService certificateService;

    public SaveSamlCertificateReaction(LegacyServiceProvider legacyServiceProvider, CertificateService certificateService) {
        this.legacyServiceProvider = legacyServiceProvider;
        this.certificateService = certificateService;
    }

    public String getKey() {
        return SAML_CERTIFICATE_KEY;
    }

    public Value activate(Value[] valueArr) {
        Dictionary dictionary = (Dictionary) API.typedValueToCore(ServerAPI.valueToTypedValue(valueArr[0]));
        Object value = dictionary.get("document").getValue();
        if (value == null || !(value instanceof Integer)) {
            throw new RuntimeException("invalid input " + ArrayUtils.toString(valueArr));
        }
        Long valueOf = Long.valueOf(((Integer) value).intValue());
        ContentService contentService = this.legacyServiceProvider.getContentService();
        try {
            try {
                String str = (String) dictionary.get("password").getValue();
                contentService.reactivate(valueOf);
                return Type.STRING.valueOf(this.certificateService.importPemFile(contentService.download(valueOf, ContentConstants.VERSION_CURRENT, false)[0].accessAsReadOnlyFile(), str, CertificateData.CertificateType.SAML).getAlias());
            } finally {
                try {
                    contentService.deactivate(valueOf, Boolean.valueOf(true));
                } catch (Exception e) {
                    LOG.warn("failed to deactivate certificate file after parsing", e);
                }
            }
        } catch (Exception e2) {
            throw new AppianRuntimeException(e2, ErrorCode.CLIENT_CERTIFICATE_IMPORT_FAILED, new Object[0]);
        }
    }
}
