package com.atlassian.applinks.core.auth.trusted;

import com.atlassian.applinks.api.ApplicationLink;
import com.atlassian.applinks.api.auth.types.TrustedAppsAuthenticationProvider;
import com.atlassian.applinks.core.webfragment.WebFragmentContext;
import com.atlassian.applinks.spi.auth.AuthenticationConfigurationManager;
import com.atlassian.security.auth.trustedapps.Application;
import com.atlassian.security.auth.trustedapps.ApplicationRetriever;
import com.atlassian.security.auth.trustedapps.RequestConditions;
import com.atlassian.security.auth.trustedapps.TrustedApplication;
import com.atlassian.security.auth.trustedapps.TrustedApplicationsConfigurationManager;
import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Iterables;
import java.util.NoSuchElementException;
import javax.annotation.Nullable;

/* loaded from: input_file:com/atlassian/applinks/core/auth/trusted/TrustConfigurator.class */
public class TrustConfigurator {
    public static final long DEFAULT_CERTIFICATE_TIMEOUT = 10000;
    protected final TrustedApplicationsConfigurationManager trustedAppsManager;
    protected final AuthenticationConfigurationManager configurationManager;

    /* loaded from: input_file:com/atlassian/applinks/core/auth/trusted/TrustConfigurator$ConfigurationException.class */
    public static class ConfigurationException extends Exception {
        public ConfigurationException(String str) {
            super(str);
        }

        public ConfigurationException(String str, Throwable th) {
            super(str, th);
        }
    }

    public TrustConfigurator(AuthenticationConfigurationManager authenticationConfigurationManager, TrustedApplicationsConfigurationManager trustedApplicationsConfigurationManager) {
        this.configurationManager = authenticationConfigurationManager;
        this.trustedAppsManager = trustedApplicationsConfigurationManager;
    }

    public void updateInboundTrust(ApplicationLink applicationLink, RequestConditions requestConditions) throws ConfigurationException {
        Application applicationCertificate = getApplicationCertificate(applicationLink);
        this.trustedAppsManager.addTrustedApplication(applicationCertificate, requestConditions);
        applicationLink.putProperty(AbstractTrustedAppsServlet.TRUSTED_APPS_INCOMING_ID, applicationCertificate.getID());
    }

    private Application getApplicationCertificate(ApplicationLink applicationLink) throws ConfigurationException {
        Preconditions.checkNotNull(applicationLink, WebFragmentContext.APPLICATION_LINK);
        try {
            return this.trustedAppsManager.getApplicationCertificate(applicationLink.getRpcUrl().toString());
        } catch (ApplicationRetriever.RetrievalException e) {
            throw new ConfigurationException("Unable to retrieve the application's certificate: " + e.getMessage(), e);
        }
    }

    public void issueInboundTrust(ApplicationLink applicationLink) throws ConfigurationException {
        final Application applicationCertificate = getApplicationCertificate(applicationLink);
        Preconditions.checkNotNull(applicationLink, WebFragmentContext.APPLICATION_LINK);
        try {
            Iterables.find(this.trustedAppsManager.getTrustedApplications(), new Predicate<TrustedApplication>() { // from class: com.atlassian.applinks.core.auth.trusted.TrustConfigurator.1
                public boolean apply(@Nullable TrustedApplication trustedApplication) {
                    return trustedApplication.getID().equals(applicationCertificate.getID());
                }
            });
        } catch (NoSuchElementException e) {
            this.trustedAppsManager.addTrustedApplication(applicationCertificate, RequestConditions.builder().setCertificateTimeout(DEFAULT_CERTIFICATE_TIMEOUT).build());
        }
        applicationLink.putProperty(AbstractTrustedAppsServlet.TRUSTED_APPS_INCOMING_ID, applicationCertificate.getID());
    }

    public boolean inboundTrustEnabled(ApplicationLink applicationLink) {
        return applicationLink.getProperty(AbstractTrustedAppsServlet.TRUSTED_APPS_INCOMING_ID) != null;
    }

    public void revokeInboundTrust(ApplicationLink applicationLink) {
        Object property = applicationLink.getProperty(AbstractTrustedAppsServlet.TRUSTED_APPS_INCOMING_ID);
        if (property != null) {
            this.trustedAppsManager.deleteApplication(property.toString());
        }
        applicationLink.removeProperty(AbstractTrustedAppsServlet.TRUSTED_APPS_INCOMING_ID);
    }

    public void configureOutboundTrust(ApplicationLink applicationLink, Action action) {
        if (Action.ENABLE == Preconditions.checkNotNull(action)) {
            issueOutboundTrust(applicationLink);
        } else {
            revokeOutboundTrust(applicationLink);
        }
    }

    public void issueOutboundTrust(ApplicationLink applicationLink) {
        Preconditions.checkNotNull(applicationLink, WebFragmentContext.APPLICATION_LINK);
        this.configurationManager.registerProvider(applicationLink.getId(), TrustedAppsAuthenticationProvider.class, ImmutableMap.of());
    }

    public void revokeOutboundTrust(ApplicationLink applicationLink) {
        Preconditions.checkNotNull(applicationLink, WebFragmentContext.APPLICATION_LINK);
        this.configurationManager.unregisterProvider(applicationLink.getId(), TrustedAppsAuthenticationProvider.class);
    }
}
