package org.apereo.cas.support.saml.idp.metadata;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Optional;
import lombok.Generated;
import org.apache.commons.io.FileUtils;
import org.apereo.cas.git.GitRepository;
import org.apereo.cas.support.saml.idp.metadata.locator.FileSystemSamlIdPMetadataLocator;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlIdPMetadataDocument;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;

/* loaded from: input_file:org/apereo/cas/support/saml/idp/metadata/GitSamlIdPMetadataLocator.class */
public class GitSamlIdPMetadataLocator extends FileSystemSamlIdPMetadataLocator {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(GitSamlIdPMetadataLocator.class);
    private final GitRepository gitRepository;

    public GitSamlIdPMetadataLocator(GitRepository gitRepository) {
        super(gitRepository.getRepositoryDirectory());
        this.gitRepository = gitRepository;
    }

    public SamlIdPMetadataDocument fetchInternal(Optional<SamlRegisteredService> optional) {
        if (this.gitRepository.pull()) {
            LOGGER.debug("Successfully pulled metadata changes from the remote repository");
        } else {
            LOGGER.warn("Unable to pull changes from the remote repository. Metadata files may be stale.");
        }
        File metadataDirectory = getMetadataDirectory(optional);
        File file = new File(metadataDirectory, "idp-metadata.xml");
        File file2 = new File(metadataDirectory, "idp-signing.key");
        File file3 = new File(metadataDirectory, "idp-signing.crt");
        File file4 = new File(metadataDirectory, "idp-encryption.key");
        return SamlIdPMetadataDocument.builder().appliesTo(getAppliesToFor(optional)).encryptionCertificate(readFromFile(new File(metadataDirectory, "idp-encryption.crt"))).encryptionKey(readFromFile(file4)).signingCertificate(readFromFile(file3)).signingKey(readFromFile(file2)).metadata(readFromFile(file)).build();
    }

    private File getMetadataDirectory(Optional<SamlRegisteredService> optional) {
        File file = new File(this.gitRepository.getRepositoryDirectory(), getAppliesToFor(optional));
        if (file.exists() || file.mkdir()) {
            return file;
        }
        throw new IllegalArgumentException("Metadata directory location " + file + " cannot be located/created");
    }

    private static String readFromFile(File file) throws IOException {
        return (file.exists() && file.canRead() && file.length() > 0) ? FileUtils.readFileToString(file, StandardCharsets.UTF_8) : "";
    }

    private static String getAppliesToFor(Optional<SamlRegisteredService> optional) {
        if (!optional.isPresent()) {
            return "CAS";
        }
        SamlRegisteredService samlRegisteredService = optional.get();
        return samlRegisteredService.getName() + "-" + samlRegisteredService.getId();
    }

    protected Resource getMetadataArtifact(Optional<SamlRegisteredService> optional, String str) {
        return new FileSystemResource(new File(getMetadataDirectory(optional), str));
    }
}
