package org.apereo.cas.support.saml.metadata.resolver;

import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.model.ObjectMetadata;
import com.amazonaws.services.s3.model.S3Object;
import com.amazonaws.services.s3.model.S3ObjectInputStream;
import com.amazonaws.util.IOUtils;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.util.Collection;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlMetadataDocument;
import org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.BaseSamlRegisteredServiceMetadataResolver;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/support/saml/metadata/resolver/AmazonS3SamlRegisteredServiceMetadataResolver.class */
public class AmazonS3SamlRegisteredServiceMetadataResolver extends BaseSamlRegisteredServiceMetadataResolver {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(AmazonS3SamlRegisteredServiceMetadataResolver.class);
    private final transient AmazonS3 s3Client;
    private final String bucketName;

    public AmazonS3SamlRegisteredServiceMetadataResolver(SamlIdPProperties samlIdPProperties, OpenSamlConfigBean openSamlConfigBean, AmazonS3 amazonS3) {
        super(samlIdPProperties, openSamlConfigBean);
        this.bucketName = samlIdPProperties.getMetadata().getAmazonS3().getBucketName();
        this.s3Client = amazonS3;
    }

    public Collection<MetadataResolver> resolve(SamlRegisteredService samlRegisteredService) {
        try {
            LOGGER.debug("Locating S3 object(s) from bucket [{}]...", this.bucketName);
            List objectSummaries = this.s3Client.listObjectsV2(this.bucketName).getObjectSummaries();
            LOGGER.debug("Located [{}] S3 object(s) from bucket [{}]", Integer.valueOf(objectSummaries.size()), this.bucketName);
            return (Collection) objectSummaries.stream().map(s3ObjectSummary -> {
                String key = s3ObjectSummary.getKey();
                LOGGER.debug("Fetching object [{}] from bucket [{}]", key, this.bucketName);
                S3Object object = this.s3Client.getObject(s3ObjectSummary.getBucketName(), key);
                try {
                    S3ObjectInputStream objectContent = object.getObjectContent();
                    Throwable th = null;
                    try {
                        try {
                            SamlMetadataDocument samlMetadataDocument = new SamlMetadataDocument();
                            samlMetadataDocument.setId(System.nanoTime());
                            samlMetadataDocument.setName(key);
                            ObjectMetadata objectMetadata = object.getObjectMetadata();
                            if (objectMetadata != null) {
                                samlMetadataDocument.setSignature(objectMetadata.getUserMetaDataOf("signature"));
                                if (StringUtils.isNotBlank(samlMetadataDocument.getSignature())) {
                                    LOGGER.debug("Found metadata signature as part of object metadata for [{}] from bucket [{}]", key, this.bucketName);
                                }
                            }
                            samlMetadataDocument.setValue(IOUtils.toString(objectContent));
                            AbstractMetadataResolver buildMetadataResolverFrom = buildMetadataResolverFrom(samlRegisteredService, samlMetadataDocument);
                            if (objectContent != null) {
                                if (0 != 0) {
                                    try {
                                        objectContent.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    objectContent.close();
                                }
                            }
                            return buildMetadataResolverFrom;
                        } finally {
                        }
                    } finally {
                    }
                } catch (Exception e) {
                    LOGGER.error(e.getMessage(), e);
                    return null;
                }
            }).filter((v0) -> {
                return Objects.nonNull(v0);
            }).collect(Collectors.toList());
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), e);
            return null;
        }
    }

    public boolean supports(SamlRegisteredService samlRegisteredService) {
        try {
            return samlRegisteredService.getMetadataLocation().trim().startsWith("awss3://");
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), e);
            return false;
        }
    }

    public void saveOrUpdate(SamlMetadataDocument samlMetadataDocument) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(samlMetadataDocument.getValue().getBytes(StandardCharsets.UTF_8));
        ObjectMetadata objectMetadata = new ObjectMetadata();
        objectMetadata.getUserMetadata().put("signature", samlMetadataDocument.getSignature());
        this.s3Client.putObject(this.bucketName, samlMetadataDocument.getName(), byteArrayInputStream, objectMetadata);
    }

    public boolean isAvailable(SamlRegisteredService samlRegisteredService) {
        return supports(samlRegisteredService) && !this.s3Client.listBuckets().isEmpty();
    }
}
