package com.appiancorp.security.auth.saml.functions;

import com.appiancorp.content.ExtendedContentService;
import com.appiancorp.core.expr.portable.Value;
import com.appiancorp.core.expr.reaction.ReactionFunction;
import com.appiancorp.process.design.importexport.Constants;
import com.appiancorp.security.auth.saml.IdpMetadataService;
import com.appiancorp.security.auth.saml.service.SamlSettings;
import com.appiancorp.security.auth.saml.service.SamlSettingsService;
import com.appiancorp.security.authz.SystemRoleAeImpl;
import com.appiancorp.security.ssl.CertificateData;
import com.appiancorp.security.ssl.CertificateService;
import com.appiancorp.services.ServiceContextFactory;
import com.appiancorp.suite.cfg.SamlConfiguration;
import com.appiancorp.suiteapi.common.ServiceLocator;
import com.appiancorp.suiteapi.content.ContentConstants;
import com.appiancorp.suiteapi.knowledge.Document;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardCopyOption;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.io.FilenameUtils;

/* loaded from: input_file:com/appiancorp/security/auth/saml/functions/AutoConfigureMultipleSamlReaction.class */
public class AutoConfigureMultipleSamlReaction implements ReactionFunction {
    public static final String CONFIGURE_MULTIPLE_SAML_KEY = "autoConfigureMultipleSaml";
    public static final String CERTIFICATE_FILE_NAME = "valid_sp_certificate";
    public static final String METADATA_FILE_NAME_1 = "valid_idp_metadata";
    public static final String METADATA_FILE_NAME_2 = "valid_idp_metadata_2";
    public static final String XML_EXTENSION = ".xml";
    public static final String PEM_EXTENSION = ".pem";
    private static final String RESOURCES_DIRECTORY = "resources/appian/security/auth/saml/";
    private final CertificateService certificateService;
    private final SamlSettingsService samlSettingsService;
    private final IdpMetadataService idpMetadataService;
    private final SamlConfiguration samlConfiguration;

    public AutoConfigureMultipleSamlReaction(CertificateService certificateService, SamlSettingsService samlSettingsService, IdpMetadataService idpMetadataService, SamlConfiguration samlConfiguration) {
        Preconditions.checkNotNull(certificateService);
        Preconditions.checkNotNull(samlSettingsService);
        Preconditions.checkNotNull(idpMetadataService);
        Preconditions.checkNotNull(samlConfiguration);
        this.certificateService = certificateService;
        this.samlSettingsService = samlSettingsService;
        this.idpMetadataService = idpMetadataService;
        this.samlConfiguration = samlConfiguration;
    }

    public String getKey() {
        return CONFIGURE_MULTIPLE_SAML_KEY;
    }

    public Value activate(Value[] valueArr) {
        this.samlSettingsService.removeAll();
        this.samlConfiguration.getAdministeredConfiguration().clear();
        this.samlConfiguration.getAdministeredConfiguration().setValue(SamlConfiguration.SamlProperty.Enabled, true);
        try {
            List<Document> persistIdpMetaData = persistIdpMetaData();
            CertificateData persistSpCertificate = persistSpCertificate();
            this.samlConfiguration.setDefaultIdpEntityId(createSamlSettings(persistSpCertificate, persistIdpMetaData.get(0), SystemRoleAeImpl.DESIGNER.getGroupUuid(), "designerIdp", 1).getIdpEntityId());
            this.samlConfiguration.setUseSelfSelectionPage(false);
            createSamlSettings(persistSpCertificate, persistIdpMetaData.get(1), SystemRoleAeImpl.APP_USER.getGroupUuid(), "userIdp", 2);
            return Value.TRUE;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private SamlSettings createSamlSettings(CertificateData certificateData, Document document, String str, String str2, int i) {
        String uuid = document.getUuid();
        String idpEntityId = this.idpMetadataService.getIdpEntityId(uuid);
        SamlSettings samlSettings = new SamlSettings();
        samlSettings.setIdpEntityId(idpEntityId);
        samlSettings.setDescription(idpEntityId + "-description");
        samlSettings.setSpName("appian");
        samlSettings.setSpEntityId("appianSP");
        samlSettings.setSpCertificateFileName("valid_sp_certificate.pem");
        samlSettings.setSpCertificate(certificateData.getAlias());
        samlSettings.setIdpMetadataUuid(uuid);
        samlSettings.setGroupUuid(str);
        samlSettings.setFriendlyName(str2);
        samlSettings.setPriority(i);
        this.samlSettingsService.createOrUpdate(samlSettings);
        return samlSettings;
    }

    private CertificateData persistSpCertificate() throws Exception {
        List<File> filesFromResource = getFilesFromResource(PEM_EXTENSION, CERTIFICATE_FILE_NAME);
        if (filesFromResource.isEmpty()) {
            throw new RuntimeException("Could not find Saml certificate: valid_sp_certificate.pem");
        }
        return this.certificateService.importPemFile(filesFromResource.get(0), "appian", CertificateData.CertificateType.SAML);
    }

    private List<Document> persistIdpMetaData() throws Exception {
        return createMetaDataDocuments(getFilesFromResource(".xml", METADATA_FILE_NAME_1, METADATA_FILE_NAME_2));
    }

    private List<File> getFilesFromResource(String str, String... strArr) throws IOException {
        ArrayList newArrayList = Lists.newArrayList();
        for (String str2 : strArr) {
            Path createTempFile = Files.createTempFile(str2, str, new FileAttribute[0]);
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream(RESOURCES_DIRECTORY + str2 + ".xml");
            Throwable th = null;
            try {
                try {
                    Files.copy(resourceAsStream, createTempFile, StandardCopyOption.REPLACE_EXISTING);
                    newArrayList.add(createTempFile.toFile());
                    if (resourceAsStream != null) {
                        if (0 != 0) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            resourceAsStream.close();
                        }
                    }
                } catch (Throwable th3) {
                    if (resourceAsStream != null) {
                        if (th != null) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            resourceAsStream.close();
                        }
                    }
                    throw th3;
                }
            } finally {
            }
        }
        return newArrayList;
    }

    @VisibleForTesting
    List<Document> createMetaDataDocuments(List<File> list) throws Exception {
        ArrayList newArrayList = Lists.newArrayList();
        for (File file : list) {
            Document createBlankDocument = createBlankDocument();
            ExtendedContentService extendedContentService = getExtendedContentService();
            FileInputStream fileInputStream = new FileInputStream(file);
            Throwable th = null;
            try {
                try {
                    Long upload = extendedContentService.upload(createBlankDocument, fileInputStream);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    newArrayList.add((Document) extendedContentService.getVersion(upload, ContentConstants.VERSION_CURRENT));
                } finally {
                }
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (th != null) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        }
        return newArrayList;
    }

    private Document createBlankDocument() {
        Document document = new Document();
        document.setName(FilenameUtils.removeExtension(METADATA_FILE_NAME_1));
        document.setExtension(Constants.XML);
        document.setSecurity(0);
        document.addSecurity(128);
        document.addSecurity(16);
        document.setVisibility(0);
        document.addVisibility(16);
        document.removeVisibility(8);
        document.removeVisibility(32);
        document.removeVisibility(2);
        document.removeVisibility(64);
        return document;
    }

    private ExtendedContentService getExtendedContentService() {
        return (ExtendedContentService) ServiceLocator.getService(ServiceContextFactory.getAdministratorServiceContext(), ExtendedContentService.SERVICE_NAME);
    }
}
