package org.wildfly.extension.elytron._private;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Iterator;
import java.util.List;
import org.wildfly.common.Assert;
import org.wildfly.security.manager.WildFlySecurityManager;
import org.wildfly.security.x500.cert.acme.Acme;
import org.wildfly.security.x500.cert.acme.AcmeAccount;
import org.wildfly.security.x500.cert.acme.AcmeChallenge;
import org.wildfly.security.x500.cert.acme.AcmeClientSpi;
import org.wildfly.security.x500.cert.acme.AcmeException;

/* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/_private/WildFlyAcmeClient.class */
public final class WildFlyAcmeClient extends AcmeClientSpi {
    private static final String ACME_CHALLENGE_PREFIX = "/.well-known/acme-challenge/";
    private static final String TOKEN_REGEX = "[A-Za-z0-9_-]+";

    @Override // org.wildfly.security.x500.cert.acme.AcmeClientSpi
    public AcmeChallenge proveIdentifierControl(AcmeAccount acmeAccount, List<AcmeChallenge> list) throws AcmeException {
        Assert.checkNotNullParam(Acme.ACCOUNT, acmeAccount);
        Assert.checkNotNullParam(Acme.CHALLENGES, list);
        AcmeChallenge acmeChallenge = null;
        Iterator<AcmeChallenge> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AcmeChallenge next = it.next();
            if (next.getType() == AcmeChallenge.Type.HTTP_01) {
                acmeChallenge = next;
                break;
            }
        }
        String token = acmeChallenge.getToken();
        if (!token.matches(TOKEN_REGEX)) {
            throw ElytronSubsystemMessages.ROOT_LOGGER.invalidCertificateAuthorityChallenge();
        }
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(WildFlySecurityManager.getPropertyPrivileged("jboss.home.dir", ".") + ACME_CHALLENGE_PREFIX + token);
            Throwable th = null;
            try {
                try {
                    fileOutputStream.write(acmeChallenge.getKeyAuthorization(acmeAccount).getBytes(StandardCharsets.US_ASCII));
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                    return acmeChallenge;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw ElytronSubsystemMessages.ROOT_LOGGER.unableToRespondToCertificateAuthorityChallenge(e, e.getLocalizedMessage());
        }
    }

    @Override // org.wildfly.security.x500.cert.acme.AcmeClientSpi
    public void cleanupAfterChallenge(AcmeAccount acmeAccount, AcmeChallenge acmeChallenge) throws AcmeException {
        Assert.checkNotNullParam(Acme.ACCOUNT, acmeAccount);
        Assert.checkNotNullParam("challenge", acmeChallenge);
        String token = acmeChallenge.getToken();
        if (!token.matches(TOKEN_REGEX)) {
            throw ElytronSubsystemMessages.ROOT_LOGGER.invalidCertificateAuthorityChallenge();
        }
        File file = new File(WildFlySecurityManager.getPropertyPrivileged("jboss.home.dir", ".") + ACME_CHALLENGE_PREFIX + token);
        if (file.exists()) {
            file.delete();
        }
    }
}
