package com.atlassian.refapp.trustedapps.internal;

import com.atlassian.plugin.spring.scanner.annotation.export.ExportAsService;
import com.atlassian.sal.api.pluginsettings.PluginSettings;
import com.atlassian.sal.api.pluginsettings.PluginSettingsFactory;
import com.atlassian.security.auth.trustedapps.Application;
import com.atlassian.security.auth.trustedapps.ApplicationRetriever;
import com.atlassian.security.auth.trustedapps.CurrentApplication;
import com.atlassian.security.auth.trustedapps.DefaultCurrentApplication;
import com.atlassian.security.auth.trustedapps.DefaultTrustedApplication;
import com.atlassian.security.auth.trustedapps.EncryptionProvider;
import com.atlassian.security.auth.trustedapps.RequestConditions;
import com.atlassian.security.auth.trustedapps.TrustedApplication;
import com.atlassian.security.auth.trustedapps.TrustedApplicationsConfigurationManager;
import com.atlassian.security.auth.trustedapps.TrustedApplicationsManager;
import java.security.KeyPair;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.lang.ObjectUtils;
import org.apache.commons.lang.StringUtils;

@ExportAsService
@Named("trusted-apps-manager")
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-refapp-sal-trust-plugin-3.0.0-m247.jar:com/atlassian/refapp/trustedapps/internal/RefAppTrustedApplicationsManagerImpl.class */
public class RefAppTrustedApplicationsManagerImpl implements TrustedApplicationsManager, TrustedApplicationsConfigurationManager {
    private static final String TRUSTED_APPS_KEY = "trustedapps";
    private static final String TRUSTED_APP_KEY_PREFIX = "trustedapp.";
    private static final String PUBLIC_KEY_KEY = "public.key";
    private static final String TIMEOUT_KEY = "timeout";
    private static final String URLS_KEY = "urls";
    private static final String IPS_KEY = "ips";
    private final EncryptionProvider encryptionProvider;
    private final CurrentApplication currentApplication;
    private final PluginSettingsFactory pluginSettingsFactory;

    @Inject
    public RefAppTrustedApplicationsManagerImpl(EncryptionProvider encryptionProvider, KeyFactory keyFactory, PluginSettingsFactory pluginSettingsFactory) {
        this.encryptionProvider = encryptionProvider;
        this.pluginSettingsFactory = pluginSettingsFactory;
        KeyPair keyPair = keyFactory.getKeyPair();
        this.currentApplication = new DefaultCurrentApplication(encryptionProvider, keyPair.getPublic(), keyPair.getPrivate(), keyFactory.getApplicationId());
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplicationsManager
    public CurrentApplication getCurrentApplication() {
        return this.currentApplication;
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplicationsManager
    public synchronized TrustedApplication getTrustedApplication(String str) {
        return load(str);
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplicationsConfigurationManager
    public Application getApplicationCertificate(String str) throws ApplicationRetriever.RetrievalException {
        return this.encryptionProvider.getApplicationCertificate(str);
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplicationsConfigurationManager
    public TrustedApplication addTrustedApplication(Application application, RequestConditions requestConditions) {
        DefaultTrustedApplication defaultTrustedApplication = new DefaultTrustedApplication(this.encryptionProvider, application.getPublicKey(), application.getID(), requestConditions);
        store(application, requestConditions);
        return defaultTrustedApplication;
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplicationsConfigurationManager
    public Collection<TrustedApplication> getTrustedApplications() {
        List list = (List) this.pluginSettingsFactory.createGlobalSettings().get(TRUSTED_APPS_KEY);
        ArrayList arrayList = new ArrayList();
        if (list != null) {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                TrustedApplication load = load((String) it.next());
                if (load != null) {
                    arrayList.add(load);
                }
            }
        }
        return arrayList;
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplicationsConfigurationManager
    public boolean deleteApplication(String str) {
        PluginSettings createGlobalSettings = this.pluginSettingsFactory.createGlobalSettings();
        List list = (List) createGlobalSettings.get(TRUSTED_APPS_KEY);
        if (list != null && list.contains(str)) {
            list.remove(str);
            if (list.isEmpty()) {
                createGlobalSettings.remove(TRUSTED_APPS_KEY);
            } else {
                createGlobalSettings.put(TRUSTED_APPS_KEY, list);
            }
        }
        return createGlobalSettings.remove(new StringBuilder().append(TRUSTED_APP_KEY_PREFIX).append(str).toString()) != null;
    }

    private void store(Application application, RequestConditions requestConditions) {
        PluginSettings createGlobalSettings = this.pluginSettingsFactory.createGlobalSettings();
        List list = (List) ObjectUtils.defaultIfNull(createGlobalSettings.get(TRUSTED_APPS_KEY), new ArrayList());
        if (!list.contains(application.getID())) {
            list.add(application.getID());
        }
        createGlobalSettings.put(TRUSTED_APPS_KEY, list);
        Properties properties = new Properties();
        properties.put(PUBLIC_KEY_KEY, KeyUtils.encode(application.getPublicKey()));
        properties.put("timeout", Long.toString(requestConditions.getCertificateTimeout()));
        properties.put(URLS_KEY, iterableToString(requestConditions.getURLPatterns()));
        properties.put(IPS_KEY, iterableToString(requestConditions.getIPPatterns()));
        createGlobalSettings.put(TRUSTED_APP_KEY_PREFIX + application.getID(), properties);
    }

    private TrustedApplication load(String str) {
        Properties properties = (Properties) this.pluginSettingsFactory.createGlobalSettings().get(TRUSTED_APP_KEY_PREFIX + str);
        if (properties == null) {
            return null;
        }
        String property = properties.getProperty(PUBLIC_KEY_KEY);
        long parseLong = Long.parseLong(properties.getProperty("timeout"));
        return new DefaultTrustedApplication(this.encryptionProvider, KeyUtils.decodePublicKey(this.encryptionProvider, property), str, RequestConditions.builder().setCertificateTimeout(parseLong).addURLPattern(decodeCommaSeparatedString(properties.getProperty(URLS_KEY))).addIPPattern(decodeCommaSeparatedString(properties.getProperty(IPS_KEY))).build());
    }

    private static String iterableToString(Iterable<String> iterable) {
        return StringUtils.join((Iterator) iterable.iterator(), ',');
    }

    private static String[] decodeCommaSeparatedString(String str) {
        return (str == null || str.length() == 0) ? new String[0] : str.split(",");
    }
}
