package org.jasig.cas.adaptors.x509.authentication.handler.support;

import com.google.common.collect.ImmutableSet;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import javax.security.auth.x500.X500Principal;
import javax.validation.constraints.Min;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.io.Resource;

/* loaded from: input_file:org/jasig/cas/adaptors/x509/authentication/handler/support/ResourceCRLRevocationChecker.class */
public class ResourceCRLRevocationChecker extends AbstractCRLRevocationChecker implements InitializingBean {
    public static final int DEFAULT_REFRESH_INTERVAL = 3600;
    private final ScheduledExecutorService scheduler;
    private int refreshInterval;
    private final CRLFetcher fetcher;
    private final Map<X500Principal, X509CRL> crlIssuerMap;
    private final Set<Resource> resources;

    public ResourceCRLRevocationChecker(Resource resource) {
        this(new Resource[]{resource});
    }

    public ResourceCRLRevocationChecker(Resource[] resourceArr) {
        this(new ResourceCRLFetcher(), resourceArr);
    }

    public ResourceCRLRevocationChecker(CRLFetcher cRLFetcher, Resource[] resourceArr) {
        this.scheduler = Executors.newScheduledThreadPool(1);
        this.refreshInterval = DEFAULT_REFRESH_INTERVAL;
        this.crlIssuerMap = Collections.synchronizedMap(new HashMap());
        this.fetcher = cRLFetcher;
        this.resources = ImmutableSet.copyOf(resourceArr);
    }

    public void setRefreshInterval(@Min(1) int i) {
        this.refreshInterval = i;
    }

    public void afterPropertiesSet() throws Exception {
        try {
            addCrls(this.fetcher.fetch((Set<? extends Object>) getResources()));
            this.scheduler.scheduleAtFixedRate(new Runnable() { // from class: org.jasig.cas.adaptors.x509.authentication.handler.support.ResourceCRLRevocationChecker.1
                private final Logger logger = LoggerFactory.getLogger(getClass());

                @Override // java.lang.Runnable
                public void run() {
                    try {
                        ResourceCRLRevocationChecker.this.addCrls(ResourceCRLRevocationChecker.this.getFetcher().fetch(ResourceCRLRevocationChecker.this.getResources()));
                    } catch (Exception e) {
                        this.logger.debug(e.getMessage(), e);
                    }
                }
            }, this.refreshInterval, this.refreshInterval, TimeUnit.SECONDS);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addCrls(Set<X509CRL> set) {
        for (X509CRL x509crl : set) {
            addCRL(x509crl.getIssuerX500Principal(), x509crl);
        }
    }

    protected CRLFetcher getFetcher() {
        return this.fetcher;
    }

    protected Set<Resource> getResources() {
        return this.resources;
    }

    @Override // org.jasig.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker
    protected boolean addCRL(Object obj, X509CRL x509crl) {
        this.logger.debug("Adding CRL for issuer {}", obj);
        this.crlIssuerMap.put((X500Principal) obj, x509crl);
        return this.crlIssuerMap.containsKey(obj);
    }

    @Override // org.jasig.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker
    protected Collection<X509CRL> getCRLs(X509Certificate x509Certificate) {
        return Collections.singleton(this.crlIssuerMap.get(x509Certificate.getIssuerX500Principal()));
    }

    protected void finalize() throws Throwable {
        super.finalize();
        this.scheduler.shutdown();
    }
}
