package org.opensaml.saml.metadata.resolver.impl;

import com.google.common.base.Strings;
import java.io.IOException;
import java.net.URI;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.annotation.Nonnull;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.opensaml.core.criterion.EntityIdCriterion;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.io.UnmarshallingException;
import org.opensaml.saml.metadata.resolver.filter.FilterException;
import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver;
import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opensaml/saml/metadata/resolver/impl/AbstractDynamicMetadataResolver.class */
public abstract class AbstractDynamicMetadataResolver extends AbstractMetadataResolver {
    public static final String[] DEFAULT_CONTENT_TYPES = {"application/samlmetadata+xml", "application/xml", "text/xml"};
    private final Logger log;
    private HttpClient httpClient;
    private Timer taskTimer;
    private boolean createdOwnTaskTimer;
    private List<String> supportedContentTypes;
    private String supportedContentTypesValue;
    private long maxLastAccessedInterval;

    /* loaded from: input_file:org/opensaml/saml/metadata/resolver/impl/AbstractDynamicMetadataResolver$BackingStoreCleanupSweeper.class */
    protected class BackingStoreCleanupSweeper extends TimerTask {
        protected BackingStoreCleanupSweeper() {
        }

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run() {
            if (AbstractDynamicMetadataResolver.this.isInitialized()) {
                long currentTimeMillis = System.currentTimeMillis() - AbstractDynamicMetadataResolver.this.maxLastAccessedInterval;
                DynamicEntityBackingStore backingStore = AbstractDynamicMetadataResolver.this.getBackingStore();
                Map<String, List<EntityDescriptor>> indexedDescriptors = backingStore.getIndexedDescriptors();
                for (String str : indexedDescriptors.keySet()) {
                    Lock writeLock = backingStore.getManagementData(str).getReadWriteLock().writeLock();
                    try {
                        writeLock.lock();
                        if (backingStore.getManagementData(str).getLastAccessedTime() < currentTimeMillis) {
                            indexedDescriptors.remove(str);
                        }
                    } finally {
                        writeLock.unlock();
                    }
                }
                backingStore.cleanupOrphanedManagementData();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/opensaml/saml/metadata/resolver/impl/AbstractDynamicMetadataResolver$DynamicEntityBackingStore.class */
    public class DynamicEntityBackingStore extends AbstractMetadataResolver.EntityBackingStore {
        private Map<String, EntityManagementData> mgmtDataMap;

        protected DynamicEntityBackingStore() {
            super();
            this.mgmtDataMap = new ConcurrentHashMap();
        }

        public EntityManagementData getManagementData(String str) {
            Constraint.isNotNull(str, "EntityID may not be null");
            EntityManagementData entityManagementData = this.mgmtDataMap.get(str);
            if (entityManagementData != null) {
                return entityManagementData;
            }
            synchronized (this) {
                EntityManagementData entityManagementData2 = this.mgmtDataMap.get(str);
                if (entityManagementData2 != null) {
                    return entityManagementData2;
                }
                EntityManagementData entityManagementData3 = new EntityManagementData();
                this.mgmtDataMap.put(str, entityManagementData3);
                return entityManagementData3;
            }
        }

        public void removeManagementData(String str) {
            Constraint.isNotNull(str, "EntityID may not be null");
            synchronized (this) {
                this.mgmtDataMap.remove(str);
            }
        }

        public void cleanupOrphanedManagementData() {
            for (String str : this.mgmtDataMap.keySet()) {
                Lock writeLock = this.mgmtDataMap.get(str).getReadWriteLock().writeLock();
                try {
                    writeLock.lock();
                    if (!getIndexedDescriptors().containsKey(str)) {
                        removeManagementData(str);
                    }
                } finally {
                    writeLock.unlock();
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/opensaml/saml/metadata/resolver/impl/AbstractDynamicMetadataResolver$EntityManagementData.class */
    public class EntityManagementData {
        private long lastAccessedTime = System.currentTimeMillis();
        private ReadWriteLock readWriteLock = new ReentrantReadWriteLock(true);

        protected EntityManagementData() {
        }

        public long getLastAccessedTime() {
            return this.lastAccessedTime;
        }

        public void recordEntityAccess() {
            if (System.currentTimeMillis() > this.lastAccessedTime) {
                this.lastAccessedTime = System.currentTimeMillis();
            }
        }

        public ReadWriteLock getReadWriteLock() {
            return this.readWriteLock;
        }
    }

    public AbstractDynamicMetadataResolver(HttpClient httpClient) {
        this(null, httpClient);
    }

    public AbstractDynamicMetadataResolver(Timer timer, HttpClient httpClient) {
        this.log = LoggerFactory.getLogger(AbstractDynamicMetadataResolver.class);
        this.httpClient = (HttpClient) Constraint.isNotNull(httpClient, "HttpClient may not be null");
        if (timer != null) {
            this.taskTimer = timer;
        } else {
            this.taskTimer = new Timer(true);
            this.createdOwnTaskTimer = true;
        }
    }

    public List<String> getSupportedContentTypes() {
        return this.supportedContentTypes;
    }

    public void setSupportedContentTypes(List<String> list) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.supportedContentTypes = list;
    }

    @Nonnull
    public Iterable<EntityDescriptor> resolve(CriteriaSet criteriaSet) throws ResolverException {
        ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
        EntityIdCriterion entityIdCriterion = (EntityIdCriterion) criteriaSet.get(EntityIdCriterion.class);
        if (entityIdCriterion == null || Strings.isNullOrEmpty(entityIdCriterion.getEntityId())) {
            throw new ResolverException("Entity Id was not supplied in criteria set");
        }
        String trimOrNull = StringSupport.trimOrNull(((EntityIdCriterion) criteriaSet.get(EntityIdCriterion.class)).getEntityId());
        Lock readLock = getBackingStore().getManagementData(trimOrNull).getReadWriteLock().readLock();
        try {
            readLock.lock();
            List<EntityDescriptor> lookupEntityID = lookupEntityID(trimOrNull);
            if (!lookupEntityID.isEmpty()) {
                return lookupEntityID;
            }
            readLock.unlock();
            return fetchByCriteria(criteriaSet);
        } finally {
            readLock.unlock();
        }
    }

    protected Iterable<EntityDescriptor> fetchByCriteria(CriteriaSet criteriaSet) throws ResolverException {
        String trimOrNull = StringSupport.trimOrNull(((EntityIdCriterion) criteriaSet.get(EntityIdCriterion.class)).getEntityId());
        Lock writeLock = getBackingStore().getManagementData(trimOrNull).getReadWriteLock().writeLock();
        try {
            try {
                writeLock.lock();
                List<EntityDescriptor> lookupEntityID = lookupEntityID(trimOrNull);
                if (!lookupEntityID.isEmpty()) {
                    this.log.debug("Metadata was resolved and stored by another thread while this thread was waiting on the write lock");
                    writeLock.unlock();
                    return lookupEntityID;
                }
                HttpUriRequest buildHttpRequest = buildHttpRequest(criteriaSet);
                processResponse(this.httpClient.execute(buildHttpRequest), buildHttpRequest.getURI());
                List<EntityDescriptor> lookupEntityID2 = lookupEntityID(trimOrNull);
                writeLock.unlock();
                return lookupEntityID2;
            } catch (IOException e) {
                throw new ResolverException("Error executing HTTP request", e);
            }
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver
    @Nonnull
    public List<EntityDescriptor> lookupEntityID(@Nonnull String str) throws ResolverException {
        getBackingStore().getManagementData(str).recordEntityAccess();
        return super.lookupEntityID(str);
    }

    protected HttpUriRequest buildHttpRequest(CriteriaSet criteriaSet) {
        String buildRequestURL = buildRequestURL(criteriaSet);
        this.log.debug("Built request URL of: {}", buildRequestURL);
        HttpGet httpGet = new HttpGet(buildRequestURL);
        if (!Strings.isNullOrEmpty(this.supportedContentTypesValue)) {
            httpGet.addHeader("Accept", this.supportedContentTypesValue);
        }
        return httpGet;
    }

    protected abstract String buildRequestURL(CriteriaSet criteriaSet);

    protected void processResponse(HttpResponse httpResponse, URI uri) throws ResolverException {
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        if (statusCode == 304) {
            this.log.debug("Metadata document from '{}' has not changed since last retrieval", uri);
            return;
        }
        if (statusCode != 200) {
            String str = "Non-ok status code " + statusCode + " returned from remote metadata source: " + uri;
            this.log.error(str);
            throw new ResolverException(str);
        }
        try {
            try {
                validateResponse(httpResponse, uri);
                try {
                    XMLObject unmarshallMetadata = unmarshallMetadata(httpResponse.getEntity().getContent());
                    closeResponse(httpResponse, uri);
                    try {
                        processNewMetadata(unmarshallMetadata);
                    } catch (FilterException e) {
                        this.log.error("Metadata filtering problem processing new metadata", e);
                    }
                } catch (IOException | UnmarshallingException e2) {
                    this.log.error("Error unmarshalling HTTP response stream", e2);
                    closeResponse(httpResponse, uri);
                }
            } catch (ResolverException e3) {
                this.log.error("Problem validating dynamic metadata HTTP response", e3);
                closeResponse(httpResponse, uri);
            }
        } catch (Throwable th) {
            closeResponse(httpResponse, uri);
            throw th;
        }
    }

    protected void closeResponse(HttpResponse httpResponse, URI uri) {
        if (httpResponse instanceof CloseableHttpResponse) {
            try {
                ((CloseableHttpResponse) httpResponse).close();
            } catch (IOException e) {
                this.log.error("Error closing HTTP response from " + uri, e);
            }
        }
    }

    public void validateResponse(HttpResponse httpResponse, URI uri) throws ResolverException {
        Header contentType;
        if (!getSupportedContentTypes().isEmpty() && (contentType = httpResponse.getEntity().getContentType()) != null && contentType.getValue() != null && !getSupportedContentTypes().contains(contentType.getValue())) {
            throw new ResolverException("HTTP response specified an unsupported Content-Type: " + contentType.getValue());
        }
    }

    @Nonnull
    protected void processNewMetadata(@Nonnull XMLObject xMLObject) throws FilterException {
        XMLObject filterMetadata = filterMetadata(xMLObject);
        if (filterMetadata == null) {
            this.log.info("Metadata filtering process produced a null document, resulting in an empty data set");
            return;
        }
        if (filterMetadata instanceof EntityDescriptor) {
            preProcessEntityDescriptor((EntityDescriptor) filterMetadata, getBackingStore());
        } else if (filterMetadata instanceof EntitiesDescriptor) {
            preProcessEntitiesDescriptor((EntitiesDescriptor) filterMetadata, getBackingStore());
        } else {
            this.log.warn("Document root was neither an EntityDescriptor nor an EntitiesDescriptor: {}", xMLObject.getClass().getName());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver
    @Nonnull
    public DynamicEntityBackingStore createNewBackingStore() {
        return new DynamicEntityBackingStore();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver
    @Nonnull
    public DynamicEntityBackingStore getBackingStore() {
        return (DynamicEntityBackingStore) super.getBackingStore();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver
    public void initMetadataResolver() throws ComponentInitializationException {
        super.initMetadataResolver();
        setBackingStore(createNewBackingStore());
        if (getSupportedContentTypes() == null) {
            setSupportedContentTypes(Arrays.asList(DEFAULT_CONTENT_TYPES));
        }
        if (getSupportedContentTypes().isEmpty()) {
            return;
        }
        this.supportedContentTypesValue = StringSupport.listToStringValue(getSupportedContentTypes(), ", ");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver
    public void doDestroy() {
        this.httpClient = null;
        this.supportedContentTypes = null;
        this.supportedContentTypesValue = null;
        if (this.createdOwnTaskTimer) {
            this.taskTimer.cancel();
        }
        super.doDestroy();
    }
}
