package io.jans.as.server.model.config;

import io.jans.as.common.model.event.CryptoProviderEvent;
import io.jans.as.model.config.BaseDnConfiguration;
import io.jans.as.model.config.Conf;
import io.jans.as.model.config.StaticConfiguration;
import io.jans.as.model.config.WebKeysConfiguration;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.configuration.Configuration;
import io.jans.as.model.crypto.AbstractCryptoProvider;
import io.jans.as.model.crypto.CryptoProviderFactory;
import io.jans.as.model.error.ErrorMessages;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.model.jwk.JSONWebKeySet;
import io.jans.as.model.util.JwtUtil;
import io.jans.as.server.util.ServerUtil;
import io.jans.exception.ConfigurationException;
import io.jans.orm.PersistenceEntryManager;
import io.jans.orm.exception.BasePersistenceException;
import io.jans.orm.model.PersistenceConfiguration;
import io.jans.orm.service.PersistanceFactoryService;
import io.jans.service.ApplicationConfigurationFactory;
import io.jans.service.cdi.async.Asynchronous;
import io.jans.service.cdi.event.BaseConfigurationReload;
import io.jans.service.cdi.event.ConfigurationEvent;
import io.jans.service.cdi.event.ConfigurationUpdate;
import io.jans.service.cdi.event.LdapConfigurationReload;
import io.jans.service.cdi.event.Scheduled;
import io.jans.service.timer.event.TimerEvent;
import io.jans.service.timer.schedule.TimerSchedule;
import io.jans.util.StringHelper;
import io.jans.util.properties.FileConfiguration;
import jakarta.annotation.PostConstruct;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.enterprise.event.Event;
import jakarta.enterprise.event.Observes;
import jakarta.enterprise.inject.Instance;
import jakarta.enterprise.inject.Produces;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletRegistration;
import java.io.File;
import java.lang.annotation.Annotation;
import java.util.Objects;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.json.JSONObject;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:io/jans/as/server/model/config/ConfigurationFactory.class */
public class ConfigurationFactory extends ApplicationConfigurationFactory {

    @Inject
    private Logger log;

    @Inject
    private Event<TimerEvent> timerEvent;

    @Inject
    private Event<AppConfiguration> configurationUpdateEvent;

    @Inject
    private Event<AbstractCryptoProvider> cryptoProviderEvent;

    @Inject
    private Event<String> event;

    @Inject
    @Named("persistenceEntryManager")
    private Instance<PersistenceEntryManager> persistenceEntryManagerInstance;

    @Inject
    private PersistanceFactoryService persistanceFactoryService;

    @Inject
    private Instance<Configuration> configurationInstance;

    @Inject
    private Instance<AbstractCryptoProvider> abstractCryptoProviderInstance;
    public static final String PERSISTENCE_CONFIGURATION_RELOAD_EVENT_TYPE = "persistenceConfigurationReloadEvent";
    public static final String BASE_CONFIGURATION_RELOAD_EVENT_TYPE = "baseConfigurationReloadEvent";
    private static final int DEFAULT_INTERVAL = 30;
    private static final String BASE_DIR;
    private static final String DIR;
    private static final String BASE_PROPERTIES_FILE;
    private static final String APP_PROPERTIES_FILE;
    private static final String CONFIG_FILE_NAME = "jans-config.json";
    private static final String ERRORS_FILE_NAME = "jans-errors.json";
    private static final String STATIC_CONF_FILE_NAME = "jans-static-conf.json";
    private static final String WEB_KEYS_FILE_NAME = "jans-web-keys.json";
    private String configFilePath;
    private String errorsFilePath;
    private String staticConfFilePath;
    private String webKeysFilePath;
    private String saltFilePath;
    private FileConfiguration baseConfiguration;
    private PersistenceConfiguration persistenceConfiguration;
    private AppConfiguration conf;
    private StaticConfiguration staticConf;
    private WebKeysConfiguration jwks;
    private ErrorResponseFactory errorResponseFactory;
    private String cryptoConfigurationSalt;
    private String contextPath;
    private String facesMapping;
    private AtomicBoolean isActive;
    private long baseConfigurationFileLastModifiedTime;
    private boolean loaded = false;
    private long loadedRevision = -1;
    private boolean loadedFromLdap = true;

    @PostConstruct
    public void init() {
        this.log.info("Initializing ConfigurationFactory ...");
        this.isActive = new AtomicBoolean(true);
        try {
            this.log.info("---------PATH to file configuration: {}", APP_PROPERTIES_FILE);
            this.persistenceConfiguration = this.persistanceFactoryService.loadPersistenceConfiguration(APP_PROPERTIES_FILE);
            loadBaseConfiguration();
            String confDir = confDir();
            this.configFilePath = confDir + "jans-config.json";
            this.errorsFilePath = confDir + "jans-errors.json";
            this.staticConfFilePath = confDir + "jans-static-conf.json";
            String string = this.baseConfiguration.getString("certsDir");
            if (StringHelper.isEmpty(string)) {
                string = confDir;
            }
            this.webKeysFilePath = string + File.separator + "jans-web-keys.json";
            this.saltFilePath = confDir + "salt";
            loadCryptoConfigurationSalt();
        } finally {
            this.isActive.set(false);
        }
    }

    public void onServletContextActivation(@Observes ServletContext servletContext) {
        this.contextPath = servletContext.getContextPath();
        this.facesMapping = "";
        ServletRegistration servletRegistration = servletContext.getServletRegistration("Faces Servlet");
        if (servletRegistration == null) {
            return;
        }
        String[] strArr = (String[]) servletRegistration.getMappings().toArray(new String[0]);
        if (strArr.length == 0) {
            return;
        }
        this.facesMapping = strArr[0].replaceAll("\\*", "");
    }

    public void initTimer() {
        this.log.debug("Initializing Configuration Timer");
        this.timerEvent.fire(new TimerEvent(new TimerSchedule(DEFAULT_INTERVAL, DEFAULT_INTERVAL), new ConfigurationEvent(), new Annotation[]{Scheduled.Literal.INSTANCE}));
    }

    @Asynchronous
    public void reloadConfigurationTimerEvent(@Observes @Scheduled ConfigurationEvent configurationEvent) {
        if (!this.isActive.get() && this.isActive.compareAndSet(false, true)) {
            try {
                reloadConfiguration();
            } catch (Exception e) {
                this.log.error("Exception happened while reloading application configuration", e);
            } finally {
                this.isActive.set(false);
            }
        }
    }

    private void reloadConfiguration() {
        PersistenceConfiguration loadPersistenceConfiguration = this.persistanceFactoryService.loadPersistenceConfiguration(APP_PROPERTIES_FILE);
        if (loadPersistenceConfiguration != null && (!StringHelper.equalsIgnoreCase(this.persistenceConfiguration.getFileName(), loadPersistenceConfiguration.getFileName()) || loadPersistenceConfiguration.getLastModifiedTime() > this.persistenceConfiguration.getLastModifiedTime())) {
            this.persistenceConfiguration = loadPersistenceConfiguration;
            this.event.select(new Annotation[]{LdapConfigurationReload.Literal.INSTANCE}).fire(PERSISTENCE_CONFIGURATION_RELOAD_EVENT_TYPE);
        }
        File file = new File(BASE_PROPERTIES_FILE);
        if (file.exists() && file.lastModified() > this.baseConfigurationFileLastModifiedTime) {
            loadBaseConfiguration();
            this.event.select(new Annotation[]{BaseConfigurationReload.Literal.INSTANCE}).fire(BASE_CONFIGURATION_RELOAD_EVENT_TYPE);
        }
        if (this.loadedFromLdap && isRevisionIncreased()) {
            createFromDB(false);
        }
    }

    private boolean isRevisionIncreased() {
        Conf loadConfigurationFromPersistence = loadConfigurationFromPersistence("jansRevision");
        if (loadConfigurationFromPersistence == null) {
            return false;
        }
        this.log.trace("LDAP revision: {}, server revision: {}", Long.valueOf(loadConfigurationFromPersistence.getRevision()), Long.valueOf(this.loadedRevision));
        return loadConfigurationFromPersistence.getRevision() > this.loadedRevision;
    }

    private String confDir() {
        String string = this.baseConfiguration.getString("confDir", (String) null);
        return StringUtils.isNotBlank(string) ? string : DIR;
    }

    public FileConfiguration getBaseConfiguration() {
        return this.baseConfiguration;
    }

    @ApplicationScoped
    @Produces
    public PersistenceConfiguration getPersistenceConfiguration() {
        return this.persistenceConfiguration;
    }

    @ApplicationScoped
    @Produces
    public AppConfiguration getAppConfiguration() {
        return this.conf;
    }

    @ApplicationScoped
    @Produces
    public StaticConfiguration getStaticConfiguration() {
        return this.staticConf;
    }

    @ApplicationScoped
    @Produces
    public WebKeysConfiguration getWebKeysConfiguration() {
        return this.jwks;
    }

    @ApplicationScoped
    @Produces
    public ErrorResponseFactory getErrorResponseFactory() {
        return this.errorResponseFactory;
    }

    public BaseDnConfiguration getBaseDn() {
        return getStaticConfiguration().getBaseDn();
    }

    public String getCryptoConfigurationSalt() {
        return this.cryptoConfigurationSalt;
    }

    private boolean createFromFile() {
        return reloadConfFromFile() && reloadErrorsFromFile() && reloadStaticConfFromFile() && reloadWebkeyFromFile();
    }

    private boolean reloadWebkeyFromFile() {
        WebKeysConfiguration loadWebKeysFromFile = loadWebKeysFromFile();
        if (loadWebKeysFromFile == null) {
            this.log.error("Failed to load web keys configuration from file: {}", this.webKeysFilePath);
            return false;
        }
        this.log.info("Reloaded web keys from file: {}", this.webKeysFilePath);
        this.jwks = loadWebKeysFromFile;
        return true;
    }

    private boolean reloadStaticConfFromFile() {
        StaticConfiguration loadStaticConfFromFile = loadStaticConfFromFile();
        if (loadStaticConfFromFile == null) {
            this.log.error("Failed to load static configuration from file: {}", this.staticConfFilePath);
            return false;
        }
        this.log.info("Reloaded static conf from file: {}", this.staticConfFilePath);
        this.staticConf = loadStaticConfFromFile;
        return true;
    }

    private boolean reloadErrorsFromFile() {
        ErrorMessages loadErrorsFromFile = loadErrorsFromFile();
        if (loadErrorsFromFile == null) {
            this.log.error("Failed to load errors from file: {}", this.errorsFilePath);
            return false;
        }
        this.log.info("Reloaded errors from file: {}", this.errorsFilePath);
        this.errorResponseFactory = new ErrorResponseFactory(loadErrorsFromFile, this.conf);
        return true;
    }

    private boolean reloadConfFromFile() {
        AppConfiguration loadConfFromFile = loadConfFromFile();
        if (loadConfFromFile == null) {
            this.log.error("Failed to load configuration from file: {}", this.configFilePath);
            return false;
        }
        this.log.info("Reloaded configuration from file: {}", this.configFilePath);
        this.conf = loadConfFromFile;
        return true;
    }

    public boolean reloadConfFromLdap() {
        if (isRevisionIncreased()) {
            return createFromDB(false);
        }
        return false;
    }

    protected boolean createFromDB(boolean z) {
        this.log.info("Loading configuration from '{}' DB...", this.baseConfiguration.getString("persistence.type"));
        try {
            Conf loadConfigurationFromPersistence = loadConfigurationFromPersistence(new String[0]);
            if (loadConfigurationFromPersistence != null) {
                init(loadConfigurationFromPersistence);
                if (this.loaded) {
                    destroy(AppConfiguration.class);
                    destroy(StaticConfiguration.class);
                    destroy(WebKeysConfiguration.class);
                    destroy(ErrorResponseFactory.class);
                }
                this.loaded = true;
                this.configurationUpdateEvent.select(new Annotation[]{ConfigurationUpdate.Literal.INSTANCE}).fire(this.conf);
                destroyCryptoProviderInstance();
                this.cryptoProviderEvent.select(new Annotation[]{CryptoProviderEvent.Literal.INSTANCE}).fire((AbstractCryptoProvider) this.abstractCryptoProviderInstance.get());
                return true;
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
        if (!z) {
            return false;
        }
        this.log.info("Unable to find configuration in LDAP, try to load configuration from file system... ");
        if (!createFromFile()) {
            return false;
        }
        this.loadedFromLdap = false;
        return true;
    }

    public void destroy(Class<? extends Configuration> cls) {
        this.configurationInstance.destroy((Configuration) this.configurationInstance.select(cls, new Annotation[0]).get());
    }

    private void destroyCryptoProviderInstance() {
        this.log.trace("Destroyed crypto provider instance.");
        this.abstractCryptoProviderInstance.destroy((AbstractCryptoProvider) this.abstractCryptoProviderInstance.get());
        CryptoProviderFactory.reset();
    }

    private Conf loadConfigurationFromPersistence(String... strArr) {
        PersistenceEntryManager persistenceEntryManager = (PersistenceEntryManager) this.persistenceEntryManagerInstance.get();
        String string = this.baseConfiguration.getString("jansAuth_ConfigurationEntryDN");
        try {
            return (Conf) persistenceEntryManager.find(string, Conf.class, strArr);
        } catch (BasePersistenceException e) {
            if (!string.contains("_test")) {
                e.printStackTrace();
            }
            this.log.error(e.getMessage(), e);
            return null;
        }
    }

    private void init(Conf conf) {
        initConfigurationConf(conf);
        this.loadedRevision = conf.getRevision();
    }

    private void initConfigurationConf(Conf conf) {
        if (conf.getDynamic() != null) {
            this.conf = conf.getDynamic();
        }
        if (conf.getStatics() != null) {
            this.staticConf = conf.getStatics();
        }
        initWebKeys(conf);
        if (conf.getErrors() != null) {
            this.errorResponseFactory = new ErrorResponseFactory(conf.getErrors(), conf.getDynamic());
        }
    }

    private void initWebKeys(Conf conf) {
        String jwksUri = conf.getDynamic().getJwksUri();
        if (jwksUri.startsWith(conf.getDynamic().getIssuer())) {
            if (conf.getWebKeys() != null) {
                this.jwks = conf.getWebKeys();
                return;
            } else {
                generateWebKeys();
                return;
            }
        }
        JSONObject jSONWebKeys = JwtUtil.getJSONWebKeys(jwksUri);
        this.log.trace("Downloaded external keys from {}, keys: {}", jwksUri, jSONWebKeys);
        JSONWebKeySet fromJSONObject = JSONWebKeySet.fromJSONObject(jSONWebKeys);
        this.jwks = new WebKeysConfiguration();
        this.jwks.setKeys(fromJSONObject.getKeys());
    }

    private void generateWebKeys() {
        this.log.info("Failed to load JWKS. Attempting to generate new JWKS...");
        try {
            AbstractCryptoProvider cryptoProvider = CryptoProviderFactory.getCryptoProvider(getAppConfiguration());
            this.jwks = (WebKeysConfiguration) ServerUtil.createJsonMapper().readValue(AbstractCryptoProvider.generateJwks(cryptoProvider, getAppConfiguration()).toString(), WebKeysConfiguration.class);
            Conf conf = (Conf) Objects.requireNonNull(loadConfigurationFromPersistence(new String[0]));
            conf.setWebKeys(this.jwks);
            conf.setRevision(conf.getRevision() + 1);
            ((PersistenceEntryManager) this.persistenceEntryManagerInstance.get()).merge(conf);
            this.log.info("Generated new JWKS successfully.");
            if (this.log.isTraceEnabled()) {
                this.log.trace("JWKS keys: {}", conf.getWebKeys().getKeys().stream().map((v0) -> {
                    return v0.getKid();
                }).collect(Collectors.toList()));
                this.log.trace("KeyStore keys: {}", cryptoProvider.getKeys());
            }
        } catch (Exception e) {
            this.log.error("Failed to re-generate JWKS keys", e);
        }
    }

    private AppConfiguration loadConfFromFile() {
        try {
            return (AppConfiguration) ServerUtil.createJsonMapper().readValue(new File(this.configFilePath), AppConfiguration.class);
        } catch (Exception e) {
            this.log.warn(e.getMessage(), e);
            return null;
        }
    }

    private ErrorMessages loadErrorsFromFile() {
        try {
            return (ErrorMessages) ServerUtil.createJsonMapper().readValue(new File(this.errorsFilePath), ErrorMessages.class);
        } catch (Exception e) {
            this.log.warn(e.getMessage(), e);
            return null;
        }
    }

    private StaticConfiguration loadStaticConfFromFile() {
        try {
            return (StaticConfiguration) ServerUtil.createJsonMapper().readValue(new File(this.staticConfFilePath), StaticConfiguration.class);
        } catch (Exception e) {
            this.log.warn(e.getMessage(), e);
            return null;
        }
    }

    private WebKeysConfiguration loadWebKeysFromFile() {
        try {
            return (WebKeysConfiguration) ServerUtil.createJsonMapper().readValue(new File(this.webKeysFilePath), WebKeysConfiguration.class);
        } catch (Exception e) {
            this.log.warn(e.getMessage(), e);
            return null;
        }
    }

    private void loadBaseConfiguration() {
        this.baseConfiguration = createFileConfiguration(BASE_PROPERTIES_FILE, true);
        this.baseConfigurationFileLastModifiedTime = new File(BASE_PROPERTIES_FILE).lastModified();
    }

    public void loadCryptoConfigurationSalt() {
        try {
            this.cryptoConfigurationSalt = createFileConfiguration(this.saltFilePath, true).getString("encodeSalt");
        } catch (Exception e) {
            if (this.log.isErrorEnabled()) {
                this.log.error("Failed to load configuration from {}", this.saltFilePath, e);
            }
            throw new ConfigurationException("Failed to load configuration from " + this.saltFilePath, e);
        }
    }

    private FileConfiguration createFileConfiguration(String str, boolean z) {
        try {
            return new FileConfiguration(str);
        } catch (Exception e) {
            if (!z) {
                return null;
            }
            this.log.error("Failed to load configuration from {}", str, e);
            throw new ConfigurationException("Failed to load configuration from " + str, e);
        }
    }

    public String getFacesMapping() {
        return this.facesMapping;
    }

    public String getContextPath() {
        return this.contextPath;
    }

    static {
        if (System.getProperty("jans.base") != null) {
            BASE_DIR = System.getProperty("jans.base");
        } else if (System.getProperty("catalina.base") != null && System.getProperty("catalina.base.ignore") == null) {
            BASE_DIR = System.getProperty("catalina.base");
        } else if (System.getProperty("catalina.home") != null) {
            BASE_DIR = System.getProperty("catalina.home");
        } else if (System.getProperty("jboss.home.dir") != null) {
            BASE_DIR = System.getProperty("jboss.home.dir");
        } else {
            BASE_DIR = null;
        }
        DIR = BASE_DIR + File.separator + "conf" + File.separator;
        BASE_PROPERTIES_FILE = DIR + "jans.properties";
        APP_PROPERTIES_FILE = DIR + "jans-ldap.properties";
    }
}
