package pl.edu.icm.unity.webui.authn.extensions;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.vaadin.server.Resource;
import com.vaadin.server.UserError;
import com.vaadin.server.VaadinServletService;
import com.vaadin.ui.Component;
import com.vaadin.ui.Label;
import com.vaadin.ui.VerticalLayout;
import eu.emi.security.authn.x509.impl.X500NameUtils;
import eu.unicore.util.configuration.ConfigurationException;
import java.security.cert.X509Certificate;
import javax.servlet.http.HttpServletRequest;
import pl.edu.icm.unity.Constants;
import pl.edu.icm.unity.exceptions.InternalException;
import pl.edu.icm.unity.server.authn.AuthenticatedEntity;
import pl.edu.icm.unity.server.authn.AuthenticationResult;
import pl.edu.icm.unity.server.authn.CredentialExchange;
import pl.edu.icm.unity.server.authn.CredentialRetrieval;
import pl.edu.icm.unity.server.utils.UnityMessageSource;
import pl.edu.icm.unity.stdext.credential.CertificateExchange;
import pl.edu.icm.unity.webui.authn.VaadinAuthentication;

/* loaded from: input_file:pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval.class */
public class TLSRetrieval implements CredentialRetrieval, VaadinAuthentication {
    private CertificateExchange credentialExchange;
    private UnityMessageSource msg;
    private String name;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval$TLSRetrievalUI.class */
    public class TLSRetrievalUI implements VaadinAuthentication.VaadinAuthenticationUI {
        private TLSAuthnComponent component;
        private VaadinAuthentication.AuthenticationResultCallback callback;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:pl/edu/icm/unity/webui/authn/extensions/TLSRetrieval$TLSRetrievalUI$TLSAuthnComponent.class */
        public class TLSAuthnComponent extends VerticalLayout {
            private Label info;

            public TLSAuthnComponent() {
                Label label = new Label(TLSRetrieval.this.name.trim().equals("") ? TLSRetrieval.this.msg.getMessage("WebTLSRetrieval.title", new Object[0]) : TLSRetrieval.this.name);
                label.addStyleName("h2");
                addComponent(label);
                this.info = new Label();
                addComponent(this.info);
                X509Certificate[] tLSCertificate = TLSRetrievalUI.this.getTLSCertificate();
                if (tLSCertificate == null) {
                    this.info.setValue(TLSRetrieval.this.msg.getMessage("WebTLSRetrieval.noCert", new Object[0]));
                } else {
                    this.info.setValue(TLSRetrieval.this.msg.getMessage("WebTLSRetrieval.certInfo", new Object[]{X500NameUtils.getReadableForm(tLSCertificate[0].getSubjectX500Principal())}));
                }
            }

            public void setError(boolean z) {
                this.info.setComponentError(z ? new UserError(TLSRetrieval.this.msg.getMessage("WebTLSRetrieval.unknownUser", new Object[0])) : null);
            }
        }

        private TLSRetrievalUI() {
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public boolean needsCommonUsernameComponent() {
            return false;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public Component getComponent() {
            this.component = new TLSAuthnComponent();
            return this.component;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void setUsernameCallback(VaadinAuthentication.UsernameProvider usernameProvider) {
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void setAuthenticationResultCallback(VaadinAuthentication.AuthenticationResultCallback authenticationResultCallback) {
            this.callback = authenticationResultCallback;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void triggerAuthentication() {
            this.callback.setAuthenticationResult(getAuthenticationResult());
        }

        private AuthenticationResult getAuthenticationResult() {
            X509Certificate[] tLSCertificate = getTLSCertificate();
            if (tLSCertificate == null) {
                return new AuthenticationResult(AuthenticationResult.Status.notApplicable, (AuthenticatedEntity) null);
            }
            try {
                AuthenticationResult checkCertificate = TLSRetrieval.this.credentialExchange.checkCertificate(tLSCertificate);
                this.component.setError(checkCertificate.getStatus() != AuthenticationResult.Status.success);
                return checkCertificate;
            } catch (Exception e) {
                this.component.setError(true);
                return new AuthenticationResult(AuthenticationResult.Status.deny, (AuthenticatedEntity) null);
            }
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public String getLabel() {
            return TLSRetrieval.this.name;
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public Resource getImage() {
            return null;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public X509Certificate[] getTLSCertificate() {
            HttpServletRequest currentServletRequest = VaadinServletService.getCurrentServletRequest();
            if (currentServletRequest == null) {
                return null;
            }
            return (X509Certificate[]) currentServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void cancelAuthentication() {
        }

        @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication.VaadinAuthenticationUI
        public void clear() {
        }
    }

    public TLSRetrieval(UnityMessageSource unityMessageSource) {
        this.msg = unityMessageSource;
    }

    public String getBindingName() {
        return VaadinAuthentication.NAME;
    }

    public String getSerializedConfiguration() {
        ObjectNode createObjectNode = Constants.MAPPER.createObjectNode();
        createObjectNode.put("name", this.name);
        try {
            return Constants.MAPPER.writeValueAsString(createObjectNode);
        } catch (JsonProcessingException e) {
            throw new InternalException("Can't serialize web-based TLS retrieval configuration to JSON", e);
        }
    }

    public void setSerializedConfiguration(String str) {
        try {
            this.name = Constants.MAPPER.readTree(str).get("name").asText();
        } catch (Exception e) {
            throw new ConfigurationException("The configuration of the web-based TLS retrieval can not be parsed", e);
        }
    }

    public void setCredentialExchange(CredentialExchange credentialExchange) {
        this.credentialExchange = (CertificateExchange) credentialExchange;
    }

    @Override // pl.edu.icm.unity.webui.authn.VaadinAuthentication
    public VaadinAuthentication.VaadinAuthenticationUI createUIInstance() {
        return new TLSRetrievalUI();
    }
}
