package edu.internet2.middleware.shibboleth.common.relyingparty.provider;

import edu.internet2.middleware.shibboleth.common.config.BaseReloadableService;
import edu.internet2.middleware.shibboleth.common.config.relyingparty.RelyingPartyGroup;
import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfiguration;
import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfigurationManager;
import edu.internet2.middleware.shibboleth.common.service.ServiceException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.locks.Lock;
import org.opensaml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.provider.BaseMetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/common/relyingparty/provider/SAMLMDRelyingPartyConfigurationManager.class */
public class SAMLMDRelyingPartyConfigurationManager extends BaseReloadableService implements RelyingPartyConfigurationManager {
    public static final String ANONYMOUS_RP_NAME = "anonymous";
    public static final String DEFAULT_RP_NAME = "default";
    private MetadataProvider metadataProvider;
    private final Logger log = LoggerFactory.getLogger(SAMLMDRelyingPartyConfigurationManager.class);
    private HashMap<String, RelyingPartyConfiguration> rpConfigs = new HashMap<>();

    @Override // edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfigurationManager
    public RelyingPartyConfiguration getAnonymousRelyingConfiguration() {
        Lock readLock = getReadWriteLock().readLock();
        readLock.lock();
        try {
            RelyingPartyConfiguration relyingPartyConfiguration = this.rpConfigs.get(ANONYMOUS_RP_NAME);
            readLock.unlock();
            return relyingPartyConfiguration;
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    @Override // edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfigurationManager
    public RelyingPartyConfiguration getDefaultRelyingPartyConfiguration() {
        Lock readLock = getReadWriteLock().readLock();
        readLock.lock();
        try {
            RelyingPartyConfiguration relyingPartyConfiguration = this.rpConfigs.get(DEFAULT_RP_NAME);
            readLock.unlock();
            return relyingPartyConfiguration;
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    public MetadataProvider getMetadataProvider() {
        Lock readLock = getReadWriteLock().readLock();
        readLock.lock();
        try {
            MetadataProvider metadataProvider = this.metadataProvider;
            readLock.unlock();
            return metadataProvider;
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    public void setMetadataProvider(MetadataProvider metadataProvider) {
        this.metadataProvider = metadataProvider;
    }

    @Override // edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfigurationManager
    public RelyingPartyConfiguration getRelyingPartyConfiguration(String str) {
        Lock readLock = getReadWriteLock().readLock();
        readLock.lock();
        try {
            this.log.debug("Looking up relying party configuration for {}", str);
            if (this.rpConfigs.containsKey(str)) {
                this.log.debug("Custom relying party configuration found for {}", str);
                RelyingPartyConfiguration relyingPartyConfiguration = this.rpConfigs.get(str);
                readLock.unlock();
                return relyingPartyConfiguration;
            }
            this.log.debug("No custom relying party configuration found for {}, looking up configuration based on metadata groups.", str);
            try {
                if (this.metadataProvider == null) {
                    this.log.debug("No metadata provider available, unable to lookup configuration based on entity group");
                } else {
                    EntityDescriptor entityDescriptor = this.metadataProvider.getEntityDescriptor(str);
                    if (entityDescriptor != null) {
                        for (EntitiesDescriptor parent = entityDescriptor.getParent(); parent != null; parent = (EntitiesDescriptor) parent.getParent()) {
                            if (this.rpConfigs.containsKey(parent.getName())) {
                                this.log.debug("Relying party configuration found for {} as member of metadata group {}", str, parent.getName());
                                RelyingPartyConfiguration relyingPartyConfiguration2 = this.rpConfigs.get(parent.getName());
                                readLock.unlock();
                                return relyingPartyConfiguration2;
                            }
                        }
                    }
                }
            } catch (MetadataProviderException e) {
                this.log.error("Error fetching metadata for relying party " + str, e);
            }
            this.log.debug("No custom or group-based relying party configuration found for {}. Using default relying party configuration.", str);
            RelyingPartyConfiguration defaultRelyingPartyConfiguration = getDefaultRelyingPartyConfiguration();
            readLock.unlock();
            return defaultRelyingPartyConfiguration;
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    @Override // edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfigurationManager
    public Map<String, RelyingPartyConfiguration> getRelyingPartyConfigurations() {
        return this.rpConfigs;
    }

    @Override // edu.internet2.middleware.shibboleth.common.config.BaseService
    protected void onNewContextCreated(ApplicationContext applicationContext) throws ServiceException {
        BaseMetadataProvider baseMetadataProvider = this.metadataProvider;
        HashMap<String, RelyingPartyConfiguration> hashMap = this.rpConfigs;
        try {
            RelyingPartyGroup relyingPartyGroup = (RelyingPartyGroup) applicationContext.getBean(applicationContext.getBeanNamesForType(RelyingPartyGroup.class)[0]);
            this.metadataProvider = relyingPartyGroup.getMetadataProvider();
            HashMap<String, RelyingPartyConfiguration> hashMap2 = new HashMap<>();
            List<RelyingPartyConfiguration> relyingParties = relyingPartyGroup.getRelyingParties();
            if (relyingParties != null) {
                for (RelyingPartyConfiguration relyingPartyConfiguration : relyingParties) {
                    hashMap2.put(relyingPartyConfiguration.getRelyingPartyId(), relyingPartyConfiguration);
                    this.log.debug("Registering configuration for relying party: {}", relyingPartyConfiguration.getRelyingPartyId());
                }
            }
            hashMap2.put(ANONYMOUS_RP_NAME, relyingPartyGroup.getAnonymousRP());
            hashMap2.put(DEFAULT_RP_NAME, relyingPartyGroup.getDefaultRP());
            this.rpConfigs = hashMap2;
            if (baseMetadataProvider instanceof BaseMetadataProvider) {
                baseMetadataProvider.destroy();
            }
        } catch (Exception e) {
            this.metadataProvider = baseMetadataProvider;
            this.rpConfigs = hashMap;
            throw new ServiceException(getId() + " configuration is not valid, retaining old configuration", e);
        }
    }
}
