package org.glite.voms.contact;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.Security;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import org.apache.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.glite.voms.PKIVerifier;
import org.glite.voms.ac.AttributeCertificate;

/* loaded from: input_file:org/glite/voms/contact/VOMSProxyInit.class */
public class VOMSProxyInit {
    private static final Logger log = Logger.getLogger(VOMSProxyInit.class);
    private static VOMSProxyInit instance;
    private VOMSServerMap serverMap;
    private UserCredentials userCredentials;
    private VOMSProtocol protocol = VOMSProtocol.instance();
    private String proxyOutputFile = File.separator + "tmp" + File.separator + "x509up_u_" + System.getProperty("user.name");
    private int proxyLifetime = 86400;
    private int proxyType = 2;
    private int delegationType = 0;
    private String policyType = null;
    private int bits = 1024;
    private VOMSWarningMessage[] warnings = null;

    public VOMSProxyInit(String str) {
        try {
            this.serverMap = VOMSESFileParser.instance().buildServerMap();
            this.userCredentials = UserCredentials.instance(str);
        } catch (IOException e) {
            log.error("Error parsing vomses files: " + e.getMessage());
            if (log.isDebugEnabled()) {
                log.error(e.getMessage(), e);
            }
            throw new VOMSException(e);
        }
    }

    private VOMSProxyInit(UserCredentials userCredentials) {
        if (userCredentials == null) {
            throw new VOMSException("Unable to find GlobusCredentials!");
        }
        this.userCredentials = userCredentials;
        try {
            this.serverMap = VOMSESFileParser.instance().buildServerMap();
        } catch (IOException e) {
            log.error("Error parsing vomses files: " + e.getMessage());
            if (log.isDebugEnabled()) {
                log.error(e.getMessage(), e);
            }
            throw new VOMSException(e);
        }
    }

    public static VOMSProxyInit instance(String str) {
        return new VOMSProxyInit(str);
    }

    public static VOMSProxyInit instance() {
        return new VOMSProxyInit((String) null);
    }

    public static VOMSProxyInit instance(UserCredentials userCredentials) {
        return new VOMSProxyInit(userCredentials);
    }

    public void addVomsServer(VOMSServerInfo vOMSServerInfo) {
        this.serverMap.add(vOMSServerInfo);
    }

    public synchronized AttributeCertificate getVomsAC(VOMSRequestOptions vOMSRequestOptions) {
        VOMSResponse contactServer;
        this.warnings = null;
        if (vOMSRequestOptions.getVoName() == null) {
            throw new VOMSException("Please specify a vo name to create a voms ac.");
        }
        Set set = this.serverMap.get(vOMSRequestOptions.getVoName());
        if (set == null) {
            throw new VOMSException("Unknown VO '" + vOMSRequestOptions.getVoName() + "'. Check the VO name or your vomses configuration files.");
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            VOMSServerInfo vOMSServerInfo = (VOMSServerInfo) it.next();
            try {
                contactServer = contactServer(vOMSServerInfo, vOMSRequestOptions);
            } catch (VOMSException e) {
                log.error(e.getMessage());
                if (log.isDebugEnabled()) {
                    log.error(e.getMessage(), e);
                }
                if (!it.hasNext()) {
                    throw e;
                }
            }
            if (!contactServer.hasErrors()) {
                log.debug("No errors");
                if (contactServer.hasWarnings()) {
                    logAndSetWarningMessages(contactServer);
                }
                AttributeCertificate buildAC = VOMSProxyBuilder.buildAC(contactServer.getAC());
                log.info("Got AC from VOMS server " + vOMSServerInfo.compactString());
                if (log.isDebugEnabled()) {
                    try {
                        log.debug("AC validity period:\nNotBefore:" + buildAC.getNotBefore() + "\nNotAfter:" + buildAC.getNotAfter());
                    } catch (ParseException e2) {
                        log.error(e2.getMessage(), e2);
                        e2.printStackTrace();
                    }
                }
                return buildAC;
            }
            log.error("Got error response from VOMS server " + vOMSServerInfo.compactString());
            logErrorMessages(contactServer);
        }
        return null;
    }

    public synchronized String getVomsData(VOMSRequestOptions vOMSRequestOptions) {
        VOMSResponse contactServer;
        AttributeCertificate buildAC;
        this.warnings = null;
        if (vOMSRequestOptions.getVoName() == null) {
            throw new VOMSException("Please specify a vo name to create a voms ac.");
        }
        Set set = this.serverMap.get(vOMSRequestOptions.getVoName());
        if (set == null) {
            throw new VOMSException("Unknown VO '" + vOMSRequestOptions.getVoName() + "'. Check the VO name or your vomses configuration files.");
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            VOMSServerInfo vOMSServerInfo = (VOMSServerInfo) it.next();
            try {
                contactServer = contactServer(vOMSServerInfo, vOMSRequestOptions);
            } catch (VOMSException e) {
                log.error(e.getMessage());
                if (log.isDebugEnabled()) {
                    log.error(e.getMessage(), e);
                }
                if (!it.hasNext()) {
                    throw e;
                }
            }
            if (!contactServer.hasErrors()) {
                if (contactServer.hasWarnings()) {
                    logAndSetWarningMessages(contactServer);
                }
                byte[] data = contactServer.getData();
                if (data != null) {
                    log.info("Got Data from VOMS server " + Arrays.toString(data));
                    return new String(data);
                }
                if (!vOMSRequestOptions.isRequestList() || (buildAC = VOMSProxyBuilder.buildAC(contactServer.getAC())) == null) {
                    return null;
                }
                List fullyQualifiedAttributes = buildAC.getFullyQualifiedAttributes();
                StringBuilder sb = new StringBuilder();
                if (fullyQualifiedAttributes != null) {
                    for (int i = 0; i < fullyQualifiedAttributes.size(); i++) {
                        sb.append((String) fullyQualifiedAttributes.get(i));
                        sb.append("\n");
                    }
                }
                return sb.toString();
            }
            log.error("Got error response from VOMS server " + vOMSServerInfo.compactString());
            logErrorMessages(contactServer);
        }
        return null;
    }

    public void validateACs(List list) {
        if (list.isEmpty()) {
            throw new VOMSException("Cannot validate an empty list of Attribute Certificates!");
        }
        log.debug("AC Validation started at: " + new Date());
        try {
            PKIVerifier pKIVerifier = new PKIVerifier();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                if (!pKIVerifier.verify((AttributeCertificate) it.next())) {
                    it.remove();
                }
            }
            log.debug("AC Validation ended at: " + new Date());
        } catch (Exception e) {
            log.error("Error instantiating PKIVerifier: " + e.getMessage());
            if (log.isDebugEnabled()) {
                log.error(e.getMessage(), e);
            }
            throw new VOMSException("Error instantiating PKIVerifier: " + e.getMessage(), e);
        }
    }

    public synchronized UserCredentials getVomsProxy() {
        return getVomsProxy(null);
    }

    protected UserCredentials getGridProxy() {
        UserCredentials buildProxy = VOMSProxyBuilder.buildProxy(this.userCredentials, this.proxyLifetime, this.proxyType, this.bits);
        this.warnings = null;
        try {
            saveProxy(buildProxy);
            return buildProxy;
        } catch (FileNotFoundException e) {
            log.error("Error saving proxy to file " + this.proxyOutputFile + ":" + e.getMessage());
            if (log.isDebugEnabled()) {
                log.error(e.getMessage(), e);
            }
            throw new VOMSException("Error saving proxy to file " + this.proxyOutputFile + ":" + e.getMessage(), e);
        }
    }

    public synchronized UserCredentials getVomsProxy(Collection collection) {
        if (collection == null) {
            return getGridProxy();
        }
        if (collection.isEmpty()) {
            throw new VOMSException("No request options specified!");
        }
        Iterator it = collection.iterator();
        ArrayList arrayList = new ArrayList();
        this.warnings = null;
        while (it.hasNext()) {
            VOMSRequestOptions vOMSRequestOptions = (VOMSRequestOptions) it.next();
            if (vOMSRequestOptions.getVoName() == null) {
                throw new VOMSException("Please specify a vo name to create a voms proxy.");
            }
            arrayList.add(getVomsAC(vOMSRequestOptions));
        }
        validateACs(arrayList);
        if (arrayList.isEmpty()) {
            throw new VOMSException("AC validation failed!");
        }
        log.info("ACs validation succeded.");
        UserCredentials buildProxy = VOMSProxyBuilder.buildProxy(this.userCredentials, arrayList, this.proxyLifetime, this.proxyType, this.delegationType, this.policyType, this.bits);
        try {
            saveProxy(buildProxy);
            return buildProxy;
        } catch (FileNotFoundException e) {
            log.error("Error saving proxy to file " + this.proxyOutputFile + ":" + e.getMessage());
            if (log.isDebugEnabled()) {
                log.error(e.getMessage(), e);
            }
            throw new VOMSException("Error saving proxy to file " + this.proxyOutputFile + ":" + e.getMessage(), e);
        }
    }

    private void saveProxy(UserCredentials userCredentials) throws FileNotFoundException {
        if (this.proxyOutputFile != null) {
            VOMSProxyBuilder.saveProxy(userCredentials, this.proxyOutputFile);
            log.info("Proxy saved in :" + this.proxyOutputFile);
        }
    }

    private void logErrorMessages(VOMSResponse vOMSResponse) {
        for (VOMSErrorMessage vOMSErrorMessage : vOMSResponse.errorMessages()) {
            log.error(vOMSErrorMessage);
        }
    }

    private void logAndSetWarningMessages(VOMSResponse vOMSResponse) {
        VOMSWarningMessage[] warningMessages = vOMSResponse.warningMessages();
        setWarnings(warningMessages);
        for (VOMSWarningMessage vOMSWarningMessage : warningMessages) {
            log.warn(vOMSWarningMessage);
        }
    }

    private void setWarnings(VOMSWarningMessage[] vOMSWarningMessageArr) {
        this.warnings = vOMSWarningMessageArr;
    }

    public boolean hasWarnings() {
        return this.warnings != null;
    }

    public VOMSWarningMessage[] getWarnings() {
        return this.warnings;
    }

    private VOMSResponse contactServerREST(VOMSServerInfo vOMSServerInfo, VOMSRequestOptions vOMSRequestOptions) {
        String str = "https://" + vOMSServerInfo.getHostName() + ":" + vOMSServerInfo.getPort() + VOMSRequestFactory.instance().buildRESTRequest(vOMSRequestOptions);
        log.debug("Final URL is: " + str);
        int globusVersionAsInt = vOMSServerInfo.getGlobusVersionAsInt();
        HttpsURLConnection httpsURLConnection = null;
        try {
            SSLSocketFactory factory = (globusVersionAsInt > 0 ? VOMSSocket.instance(this.userCredentials, vOMSServerInfo.getHostDn(), globusVersionAsInt) : VOMSSocket.instance(this.userCredentials, vOMSServerInfo.getHostDn())).getFactory();
            httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
            httpsURLConnection.setSSLSocketFactory(factory);
            httpsURLConnection.setHostnameVerifier(new GSIVerifier(HttpsURLConnection.getDefaultHostnameVerifier(), vOMSServerInfo.getHostDn()));
            httpsURLConnection.connect();
            return VOMSParser.instance().parseResponse((InputStream) httpsURLConnection.getContent());
        } catch (Exception e) {
            log.error("Error connecting to " + vOMSServerInfo.compactString() + ":" + e.getMessage());
            try {
                log.error("Error code is: " + httpsURLConnection.getResponseCode());
                return VOMSParser.instance().parseResponse(httpsURLConnection.getErrorStream());
            } catch (Exception e2) {
                if (log.isDebugEnabled()) {
                    log.error(e.getMessage(), e);
                }
                throw new VOMSException("Error connecting to " + vOMSServerInfo.compactString() + ":" + e2.getMessage(), e2);
            }
        }
    }

    protected VOMSResponse contactServer(VOMSServerInfo vOMSServerInfo, VOMSRequestOptions vOMSRequestOptions) {
        log.info("Contacting server " + vOMSServerInfo.compactString());
        VOMSResponse contactServerREST = contactServerREST(vOMSServerInfo, vOMSRequestOptions);
        if (contactServerREST != null) {
            return contactServerREST;
        }
        int globusVersionAsInt = vOMSServerInfo.getGlobusVersionAsInt();
        VOMSSocket instance2 = globusVersionAsInt > 0 ? VOMSSocket.instance(this.userCredentials, vOMSServerInfo.getHostDn(), globusVersionAsInt) : VOMSSocket.instance(this.userCredentials, vOMSServerInfo.getHostDn());
        try {
            instance2.connect(vOMSServerInfo.getHostName(), vOMSServerInfo.getPort());
            try {
                vOMSRequestOptions.setVoName(vOMSServerInfo.getVoName());
                this.protocol.sendRequest(vOMSRequestOptions, instance2.getOutputStream());
                VOMSResponse response = this.protocol.getResponse(instance2.getInputStream());
                instance2.close();
                return response;
            } catch (IOException e) {
                log.error("Error communicating with server " + vOMSServerInfo.getHostName() + ":" + vOMSServerInfo.getPort() + ":" + e.getMessage());
                if (log.isDebugEnabled()) {
                    log.error(e.getMessage(), e);
                }
                throw new VOMSException("Error communicating with server " + vOMSServerInfo.getHostName() + ":" + vOMSServerInfo.getPort() + ":" + e.getMessage(), e);
            }
        } catch (Exception e2) {
            log.error("Error connecting to " + vOMSServerInfo.compactString() + ":" + e2.getMessage());
            if (log.isDebugEnabled()) {
                log.error(e2.getMessage(), e2);
            }
            throw new VOMSException("Error connecting to " + vOMSServerInfo.compactString() + ":" + e2.getMessage(), e2);
        }
    }

    public String getProxyOutputFile() {
        return this.proxyOutputFile;
    }

    public void setProxyOutputFile(String str) {
        this.proxyOutputFile = str;
    }

    public int getProxyLifetime() {
        return this.proxyLifetime;
    }

    public void setProxyLifetime(int i) {
        this.proxyLifetime = i;
    }

    public int getProxyType() {
        return this.proxyType;
    }

    public void setProxyType(int i) {
        this.proxyType = i;
    }

    public int getProxyKeySize() {
        return this.bits;
    }

    public void setProxyKeySize(int i) {
        this.bits = i;
    }

    public String getPolicyType() {
        return this.policyType;
    }

    public void setPolicyType(String str) {
        this.policyType = str;
    }

    public int getDelegationType() {
        return this.delegationType;
    }

    public void setDelegationType(int i) {
        this.delegationType = i;
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
