package org.eclipse.scada.sec.authz.signature;

import java.security.cert.CertificateFactory;
import java.util.LinkedList;
import java.util.Map;
import javax.script.ScriptEngineManager;
import org.eclipse.scada.ca.ConfigurationDataHelper;
import org.eclipse.scada.sec.AuthenticationImplementation;
import org.eclipse.scada.sec.AuthorizationService;
import org.eclipse.scada.sec.audit.AuditLogService;
import org.eclipse.scada.sec.authz.AuthorizationRule;
import org.eclipse.scada.utils.concurrent.ScheduledExportedExecutorService;
import org.eclipse.scada.utils.script.ScriptExecutor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/scada/sec/authz/signature/SignatureAuthorizationService.class */
public class SignatureAuthorizationService implements AuthorizationService {
    private static final Logger logger = LoggerFactory.getLogger(SignatureAuthorizationService.class);
    private AuditLogService auditLogService;
    private AuthenticationImplementation authenticationImplementation;
    private final CertificateFactory cf = CertificateFactory.getInstance("X.509");
    private ScheduledExportedExecutorService executor;

    public void setAuthenticationImplementation(AuthenticationImplementation authenticationImplementation) {
        this.authenticationImplementation = authenticationImplementation;
    }

    public void setAuditLogService(AuditLogService auditLogService) {
        this.auditLogService = auditLogService;
    }

    public void activate() {
        this.executor = new ScheduledExportedExecutorService("org.eclipse.scada.sec.authz.signature", 1);
    }

    public void deactivate() {
        this.executor.shutdown();
        this.executor = null;
    }

    public synchronized AuthorizationRule createRule(Map<String, String> map) throws Exception {
        ConfigurationDataHelper configurationDataHelper = new ConfigurationDataHelper(map);
        boolean z = configurationDataHelper.getBoolean("indent", false);
        String string = configurationDataHelper.getString("postProcessor", (String) null);
        ScriptExecutor scriptExecutor = string != null ? new ScriptExecutor(new ScriptEngineManager(), configurationDataHelper.getString("postProcessor.engine", "JavaScript"), string, SignatureAuthorizationService.class.getClassLoader()) : null;
        int integer = configurationDataHelper.getInteger("reloadPeriod", 0);
        X509KeySelector makeKeySelector = makeKeySelector(map);
        return new RequestSignatureRuleImpl(this.executor, new SignatureRequestBuilder(), new RequestValidator(makeKeySelector), makeKeySelector, this.auditLogService, z, scriptExecutor, this.authenticationImplementation, integer);
    }

    private X509KeySelector makeKeySelector(Map<String, String> map) throws Exception {
        ConfigurationDataHelper configurationDataHelper = new ConfigurationDataHelper(map);
        LinkedList linkedList = new LinkedList();
        Map prefixed = configurationDataHelper.getPrefixed("ca.");
        for (Map.Entry entry : prefixed.entrySet()) {
            String str = (String) entry.getKey();
            if (str.equals("cert")) {
                String str2 = (String) entry.getValue();
                LinkedList linkedList2 = new LinkedList();
                linkedList2.addAll(new ConfigurationDataHelper(prefixed).getPrefixed("crl.").values());
                String str3 = (String) prefixed.get("crl");
                if (str3 != null) {
                    linkedList2.add(str3);
                }
                logger.debug("CRL uris - {}", linkedList2);
                linkedList.add(new X509CA(this.cf, str2, linkedList2));
            } else if (str.endsWith(".cert")) {
                String str4 = (String) entry.getValue();
                LinkedList linkedList3 = new LinkedList();
                String str5 = String.valueOf(str.substring(0, str.length() - ".cert".length())) + ".crl";
                logger.debug("Using CRL prefix - {}", str5);
                linkedList3.addAll(new ConfigurationDataHelper(prefixed).getPrefixed(String.valueOf(str5) + ".").values());
                String str6 = (String) prefixed.get(str5);
                if (str6 != null) {
                    linkedList3.add(str6);
                }
                logger.debug("CRL uris - {}", linkedList3);
                linkedList.add(new X509CA(this.cf, str4, linkedList3));
            }
        }
        if (linkedList.isEmpty()) {
            throw new IllegalStateException("No key selector configuration found");
        }
        return new X509KeySelector(linkedList);
    }
}
