package net.shibboleth.profile.module;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.file.FileAlreadyExistsException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.StandardCopyOption;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.security.DigestOutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Objects;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.profile.module.Module;
import net.shibboleth.shared.annotation.constraint.NotEmpty;
import net.shibboleth.shared.annotation.constraint.NotLive;
import net.shibboleth.shared.annotation.constraint.Unmodifiable;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.logic.Constraint;
import net.shibboleth.shared.primitive.LoggerFactory;
import net.shibboleth.shared.primitive.StringSupport;
import net.shibboleth.shared.spring.httpclient.resource.ConnectionClosingInputStream;
import org.apache.commons.lang3.SystemUtils;
import org.apache.hc.client5.http.classic.HttpClient;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.http.ClassicHttpResponse;
import org.opensaml.security.httpclient.HttpClientSecuritySupport;
import org.slf4j.Logger;
import org.springframework.core.io.ClassPathResource;

/* loaded from: input_file:WEB-INF/lib/shib-profile-api-5.0.0.jar:net/shibboleth/profile/module/AbstractModule.class */
public abstract class AbstractModule implements Module {

    @Nonnull
    private Logger log = LoggerFactory.getLogger((Class<?>) AbstractModule.class);

    @Nonnull
    private Collection<Module.ModuleResource> moduleResources = CollectionSupport.emptyList();

    @Nonnull
    private String appNewExt;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/shib-profile-api-5.0.0.jar:net/shibboleth/profile/module/AbstractModule$BasicModuleResource.class */
    public class BasicModuleResource implements Module.ModuleResource {

        @Nonnull
        @NotEmpty
        private final String source;

        @Nonnull
        private final Path destination;
        private final boolean replace;
        private final boolean optional;
        private final boolean executable;
        private final boolean windows;
        private final boolean nonwindows;
        static final /* synthetic */ boolean $assertionsDisabled;

        public BasicModuleResource(@Nonnull @NotEmpty String str, @Nonnull Path path, boolean z, boolean z2, boolean z3, boolean z4, boolean z5) {
            this.source = (String) Constraint.isNotNull(StringSupport.trimOrNull(str), "Source cannot be null");
            this.destination = (Path) Constraint.isNotNull(path, "Destination cannot be null");
            this.replace = z;
            this.optional = z2;
            this.executable = z3;
            this.windows = z4;
            this.nonwindows = z5;
        }

        public int hashCode() {
            return this.source.hashCode();
        }

        public boolean equals(Object obj) {
            return (obj instanceof Module.ModuleResource) && this.source.equals(((Module.ModuleResource) obj).getSource()) && this.destination.equals(((Module.ModuleResource) obj).getDestination());
        }

        @Override // net.shibboleth.profile.module.Module.ModuleResource
        @Nonnull
        public String getSource() {
            return this.source;
        }

        @Override // net.shibboleth.profile.module.Module.ModuleResource
        @Nonnull
        public Path getDestination() {
            return this.destination;
        }

        @Override // net.shibboleth.profile.module.Module.ModuleResource
        public boolean isReplace() {
            return this.replace;
        }

        @Override // net.shibboleth.profile.module.Module.ModuleResource
        public boolean isOptional() {
            return this.optional;
        }

        @Override // net.shibboleth.profile.module.Module.ModuleResource
        public boolean isExecutable() {
            return this.executable;
        }

        @Override // net.shibboleth.profile.module.Module.ModuleResource
        public boolean isWindows() {
            return this.windows;
        }

        @Override // net.shibboleth.profile.module.Module.ModuleResource
        public boolean isNonWindows() {
            return this.nonwindows;
        }

        public boolean hasChanged(@Nonnull ModuleContext moduleContext) {
            try {
                InputStream destinationStream = getDestinationStream(moduleContext);
                try {
                    if (destinationStream == null) {
                        AbstractModule.this.log.debug("Module {} resource {} does not exist at destination", AbstractModule.this.getId(), this.source);
                        if (destinationStream != null) {
                            destinationStream.close();
                        }
                        return false;
                    }
                    MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                    OutputStream nullOutputStream = OutputStream.nullOutputStream();
                    try {
                        DigestOutputStream digestOutputStream = new DigestOutputStream(nullOutputStream, messageDigest);
                        try {
                            destinationStream.transferTo(digestOutputStream);
                            byte[] digest = messageDigest.digest();
                            digestOutputStream.close();
                            if (nullOutputStream != null) {
                                nullOutputStream.close();
                            }
                            InputStream sourceStream = getSourceStream(moduleContext);
                            try {
                                if (sourceStream == null) {
                                    AbstractModule.this.log.debug("Module {} resource {} does not exist at source", AbstractModule.this.getId(), this.source);
                                    if (sourceStream != null) {
                                        sourceStream.close();
                                    }
                                    if (destinationStream != null) {
                                        destinationStream.close();
                                    }
                                    return true;
                                }
                                nullOutputStream = OutputStream.nullOutputStream();
                                try {
                                    digestOutputStream = new DigestOutputStream(nullOutputStream, messageDigest);
                                    try {
                                        sourceStream.transferTo(digestOutputStream);
                                        boolean z = !Arrays.equals(digest, messageDigest.digest());
                                        digestOutputStream.close();
                                        if (nullOutputStream != null) {
                                            nullOutputStream.close();
                                        }
                                        if (sourceStream != null) {
                                            sourceStream.close();
                                        }
                                        if (destinationStream != null) {
                                            destinationStream.close();
                                        }
                                        return z;
                                    } finally {
                                    }
                                } finally {
                                    if (nullOutputStream != null) {
                                        try {
                                            nullOutputStream.close();
                                        } catch (Throwable th) {
                                            th.addSuppressed(th);
                                        }
                                    }
                                }
                            } catch (Throwable th2) {
                                if (sourceStream != null) {
                                    try {
                                        sourceStream.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                }
                                throw th2;
                            }
                        } finally {
                        }
                    } catch (Throwable th4) {
                        throw th4;
                    }
                } catch (Throwable th5) {
                    if (destinationStream != null) {
                        try {
                            destinationStream.close();
                        } catch (Throwable th6) {
                            th5.addSuppressed(th6);
                        }
                    }
                    throw th5;
                }
            } catch (IOException e) {
                AbstractModule.this.log.error("Module {} resource {} raised error while checking contents", AbstractModule.this.getId(), this.source, e);
                return true;
            } catch (NoSuchAlgorithmException e2) {
                AbstractModule.this.log.error("Module {} resource {} raised error while checking contents", AbstractModule.this.getId(), this.source, e2);
                return true;
            }
        }

        @Nullable
        private InputStream getSourceStream(@Nonnull ModuleContext moduleContext) throws IOException {
            if (!this.source.startsWith("https://") && !this.source.startsWith("http://")) {
                return AbstractModule.this.getClass().getResourceAsStream(this.source);
            }
            try {
                return connect(moduleContext, new URI(this.source));
            } catch (URISyntaxException e) {
                throw new IOException(e);
            }
        }

        @Nonnull
        private InputStream connect(@Nonnull ModuleContext moduleContext, @Nonnull URI uri) throws IOException {
            HttpClientContext create = HttpClientContext.create();
            if (!$assertionsDisabled && create == null) {
                throw new AssertionError();
            }
            HttpClientSecuritySupport.marshalSecurityParameters(create, moduleContext.getHttpClientSecurityParameters(), true);
            ClassicHttpResponse classicHttpResponse = null;
            try {
                AbstractModule.this.log.debug("Module {} fetching HTTP resource {}", AbstractModule.this.getId(), uri);
                HttpGet httpGet = new HttpGet(uri);
                ClassicHttpResponse executeOpen = ((HttpClient) Constraint.isNotNull(moduleContext.getHttpClient(), "HttpClient cannot be null")).executeOpen(null, httpGet, create);
                HttpClientSecuritySupport.checkTLSCredentialEvaluated(create, httpGet.getScheme());
                if (executeOpen.getCode() != 200) {
                    throw new IOException("HTTP request was unsuccessful");
                }
                ConnectionClosingInputStream connectionClosingInputStream = new ConnectionClosingInputStream(executeOpen);
                ClassicHttpResponse classicHttpResponse2 = null;
                if (0 != 0) {
                    try {
                        classicHttpResponse2.close();
                    } catch (IOException e) {
                        AbstractModule.this.log.debug("Error closing HttpResponse", (Throwable) e);
                    }
                }
                return connectionClosingInputStream;
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        classicHttpResponse.close();
                    } catch (IOException e2) {
                        AbstractModule.this.log.debug("Error closing HttpResponse", (Throwable) e2);
                    }
                }
                throw th;
            }
        }

        @Nullable
        private InputStream getDestinationStream(@Nonnull ModuleContext moduleContext) throws IOException {
            Path resolve = Path.of(moduleContext.getInstallLocation(), new String[0]).resolve(this.destination);
            if (!Files.exists(resolve, new LinkOption[0])) {
                return null;
            }
            try {
                return Files.newInputStream(resolve, StandardOpenOption.READ);
            } catch (IOException e) {
                AbstractModule.this.log.error("Module {} unable to read destination resource {}", AbstractModule.this.getId(), resolve, e);
                return null;
            }
        }

        @Nonnull
        private Module.ResourceResult enable(@Nonnull ModuleContext moduleContext) throws ModuleException {
            Path resolve;
            Module.ResourceResult resourceResult;
            AbstractModule.this.log.debug("Module {} enabling resource {}", AbstractModule.this.getId(), this.source);
            boolean hasChanged = hasChanged(moduleContext);
            try {
                InputStream sourceStream = getSourceStream(moduleContext);
                try {
                    if (sourceStream == null) {
                        throw new IOException("Source stream was null");
                    }
                    if (!hasChanged) {
                        resolve = Path.of(moduleContext.getInstallLocation(), new String[0]).resolve(this.destination);
                        resourceResult = Module.ResourceResult.CREATED;
                    } else if (isReplace()) {
                        resolve = Path.of(moduleContext.getInstallLocation(), new String[0]).resolve(this.destination);
                        Path resolveSibling = resolve.resolveSibling(resolve.getFileName() + AbstractModule.this.getSaveExtension());
                        if (resolveSibling.toFile().exists()) {
                            AbstractModule.this.log.warn("Module {} overwriting older saved file: {}", AbstractModule.this.getId(), resolveSibling);
                        }
                        Files.copy(resolve, resolveSibling, StandardCopyOption.REPLACE_EXISTING);
                        AbstractModule.this.log.debug("Module {} preserved {}", AbstractModule.this.getId(), resolve);
                        resourceResult = Module.ResourceResult.REPLACED;
                    } else {
                        Path resolve2 = Path.of(moduleContext.getInstallLocation(), new String[0]).resolve(this.destination);
                        resolve = resolve2.resolveSibling(resolve2.getFileName() + AbstractModule.this.appNewExt);
                        resourceResult = Module.ResourceResult.ADDED;
                    }
                    if (!resolve.startsWith(moduleContext.getInstallLocation())) {
                        AbstractModule.this.log.error("Module {} attempted to create file outside of IdP installation: {}", AbstractModule.this.getId(), resolve);
                        throw new ModuleException("Module asked to create file outside of IdP installation");
                    }
                    try {
                        Files.createDirectories(resolve.getParent(), new FileAttribute[0]);
                    } catch (IOException e) {
                        if (!(e instanceof FileAlreadyExistsException)) {
                            throw e;
                        }
                        AbstractModule.this.log.info("Path {} existed but not directory, assuming symlink", resolve.getParent());
                    }
                    Files.copy(sourceStream, resolve, StandardCopyOption.REPLACE_EXISTING);
                    if (isExecutable()) {
                        resolve.toFile().setExecutable(true);
                    }
                    AbstractModule.this.log.debug("Module {} created {}", AbstractModule.this.getId(), resolve);
                    Module.ResourceResult resourceResult2 = resourceResult;
                    if (sourceStream != null) {
                        sourceStream.close();
                    }
                    return resourceResult2;
                } finally {
                }
            } catch (IOException e2) {
                AbstractModule.this.log.error("Module {} unable to enable resource {}", AbstractModule.this.getId(), this.source);
                throw new ModuleException(e2);
            }
        }

        /* JADX WARN: Removed duplicated region for block: B:8:0x00d8 A[Catch: IOException -> 0x00e0, TryCatch #0 {IOException -> 0x00e0, blocks: (B:18:0x003e, B:20:0x006a, B:6:0x00b0, B:8:0x00d8, B:5:0x0046), top: B:17:0x003e }] */
        @javax.annotation.Nonnull
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        private net.shibboleth.profile.module.Module.ResourceResult disable(@javax.annotation.Nonnull net.shibboleth.profile.module.ModuleContext r8, boolean r9) throws net.shibboleth.profile.module.ModuleException {
            /*
                Method dump skipped, instructions count: 290
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: net.shibboleth.profile.module.AbstractModule.BasicModuleResource.disable(net.shibboleth.profile.module.ModuleContext, boolean):net.shibboleth.profile.module.Module$ResourceResult");
        }

        static {
            $assertionsDisabled = !AbstractModule.class.desiredAssertionStatus();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractModule(@Nullable String str) {
        this.appNewExt = str != null ? getNewExtension() + "-" + str.replace(".", "") : getNewExtension();
    }

    @Override // net.shibboleth.profile.module.Module
    @Unmodifiable
    @Nonnull
    @NotLive
    public Collection<Module.ModuleResource> getResources() {
        return this.moduleResources;
    }

    public void setResources(@Nullable Collection<BasicModuleResource> collection) {
        if (collection != null) {
            this.moduleResources = CollectionSupport.copyToList(collection);
        } else {
            this.moduleResources = CollectionSupport.emptyList();
        }
    }

    @Override // net.shibboleth.profile.module.Module
    public boolean isEnabled(@Nonnull ModuleContext moduleContext) {
        this.log.debug("Module {} checking enabled status", getId());
        if (this.moduleResources.isEmpty()) {
            this.log.debug("Module {} is always enabled", getId());
            return true;
        }
        for (Module.ModuleResource moduleResource : this.moduleResources) {
            if (!moduleResource.isOptional()) {
                if (moduleContext.getInstallLocation().startsWith("classpath:")) {
                    ClassPathResource classPathResource = moduleContext.getInstallLocation().equals("classpath:") ? new ClassPathResource(moduleResource.getDestination().toString()) : (ClassPathResource) new ClassPathResource(moduleContext.getInstallLocation().substring("classpath:".length())).createRelative(moduleResource.getDestination().toString());
                    if (!classPathResource.exists()) {
                        this.log.debug("Module {}: resource destination {} missing, module is disabled", getId(), "classpath:" + classPathResource.getPath());
                        return false;
                    }
                } else {
                    Path resolve = Path.of(moduleContext.getInstallLocation(), new String[0]).resolve(moduleResource.getDestination());
                    if (SystemUtils.IS_OS_WINDOWS && moduleResource.isWindows() && !resolve.toFile().exists()) {
                        this.log.debug("Module {}: resource destination {} missing, module is disabled", getId(), resolve);
                        return false;
                    }
                    if (!SystemUtils.IS_OS_WINDOWS && moduleResource.isNonWindows() && !resolve.toFile().exists()) {
                        this.log.debug("Module {}: resource destination {} missing, module is disabled", getId(), resolve);
                        return false;
                    }
                }
            }
        }
        this.log.debug("Module {} is enabled", getId());
        return true;
    }

    @Override // net.shibboleth.profile.module.Module
    @Unmodifiable
    @Nonnull
    @NotLive
    public Map<Module.ModuleResource, Module.ResourceResult> enable(@Nonnull ModuleContext moduleContext) throws ModuleException {
        Map<Module.ModuleResource, Module.ResourceResult> emptyMap;
        if (moduleContext.getInstallLocation().startsWith("classpath:")) {
            throw new ModuleException("IdP location is a classpath");
        }
        if (isHttpClientRequired() && moduleContext.getHttpClient() == null) {
            throw new ModuleException("HTTP client required but not available");
        }
        this.log.debug("Module {} enabling", getId());
        if (this.moduleResources.isEmpty()) {
            emptyMap = CollectionSupport.emptyMap();
        } else {
            emptyMap = new LinkedHashMap(this.moduleResources.size());
            for (Module.ModuleResource moduleResource : this.moduleResources) {
                if (SystemUtils.IS_OS_WINDOWS) {
                    if (moduleResource.isWindows()) {
                        emptyMap.put(moduleResource, ((BasicModuleResource) moduleResource).enable(moduleContext));
                    } else {
                        this.log.debug("Module {}: skipping non-Windows resource {}", getId(), moduleResource);
                    }
                } else if (moduleResource.isNonWindows()) {
                    emptyMap.put(moduleResource, ((BasicModuleResource) moduleResource).enable(moduleContext));
                } else {
                    this.log.debug("Module {}: skipping Windows resource {}", getId(), moduleResource);
                }
            }
        }
        this.log.debug("Module {} enabled", getId());
        if ($assertionsDisabled || emptyMap != null) {
            return emptyMap;
        }
        throw new AssertionError();
    }

    @Override // net.shibboleth.profile.module.Module
    @Unmodifiable
    @Nonnull
    @NotLive
    public Map<Module.ModuleResource, Module.ResourceResult> disable(@Nonnull ModuleContext moduleContext, boolean z) throws ModuleException {
        Map<Module.ModuleResource, Module.ResourceResult> emptyMap;
        if (moduleContext.getInstallLocation().startsWith("classpath:")) {
            throw new ModuleException("IdP location is a classpath");
        }
        this.log.debug("Module {} disabling", getId());
        if (this.moduleResources.isEmpty()) {
            emptyMap = CollectionSupport.emptyMap();
        } else {
            emptyMap = new LinkedHashMap(this.moduleResources.size());
            for (Module.ModuleResource moduleResource : this.moduleResources) {
                if (SystemUtils.IS_OS_WINDOWS) {
                    if (moduleResource.isWindows()) {
                        emptyMap.put(moduleResource, ((BasicModuleResource) moduleResource).disable(moduleContext, z));
                    }
                } else if (moduleResource.isNonWindows()) {
                    emptyMap.put(moduleResource, ((BasicModuleResource) moduleResource).disable(moduleContext, z));
                }
            }
        }
        this.log.debug("Module {} disabled", getId());
        if ($assertionsDisabled || emptyMap != null) {
            return emptyMap;
        }
        throw new AssertionError();
    }

    public boolean equals(Object obj) {
        return (obj instanceof Module) && Objects.equals(getId(), ((Module) obj).getId());
    }

    public int hashCode() {
        return ((String) Constraint.isNotNull(getId(), "ID cannot be null")).hashCode();
    }

    public String toString() {
        return "IdPModule " + getId();
    }

    static {
        $assertionsDisabled = !AbstractModule.class.desiredAssertionStatus();
    }
}
