package be.iminds.ilabt.jfed.lowlevel.user;

import be.iminds.ilabt.jfed.fedmon.webapi.service.json.Server;
import be.iminds.ilabt.jfed.lowlevel.GeniUser;
import be.iminds.ilabt.jfed.lowlevel.authority.AuthorityFinder;
import be.iminds.ilabt.jfed.lowlevel.userloginmodel.InvalidLoginException;
import be.iminds.ilabt.jfed.util.GeniUrn;
import be.iminds.ilabt.jfed.util.KeyUtil;
import com.google.common.base.Objects;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/iminds/ilabt/jfed/lowlevel/user/AbstractUserLoginInfo.class */
public abstract class AbstractUserLoginInfo implements UserLoginInfo {
    private static final Logger LOG = LoggerFactory.getLogger(AbstractUserLoginInfo.class);

    @Nullable
    protected final String keyCertContent;
    protected final boolean unlocked;
    protected final List<X509Certificate> certificateChain;

    @Nullable
    protected final GeniUrn userUrn;

    @Nullable
    protected final Date expirationDate;

    @Nullable
    protected final Server userAuthorityServer;
    protected final GeniUserFactory geniUserFactory;
    protected String error = null;
    private final boolean userAndAuthorityProvidedSeperately = true;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractUserLoginInfo(@Nullable String str, @Nullable GeniUrn geniUrn, @Nullable Server server, GeniUserFactory geniUserFactory) {
        this.keyCertContent = str;
        this.userUrn = geniUrn;
        this.geniUserFactory = geniUserFactory;
        this.userAuthorityServer = server;
        if (str == null) {
            this.unlocked = false;
            this.certificateChain = null;
            this.expirationDate = null;
        } else {
            this.unlocked = !KeyUtil.isPemPrivateKeyEncrypted(str);
            this.certificateChain = KeyUtil.pemToX509CertificateChain(str);
            if (this.certificateChain == null) {
                addError("Could not parse certificate chain");
            }
            this.expirationDate = getEarliestExpire(this.certificateChain);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractUserLoginInfo(@Nullable String str, GeniUserFactory geniUserFactory, AuthorityFinder authorityFinder) {
        this.keyCertContent = str;
        this.geniUserFactory = geniUserFactory;
        if (str == null) {
            this.unlocked = false;
            this.certificateChain = null;
            this.userUrn = null;
            this.expirationDate = null;
            this.userAuthorityServer = null;
            return;
        }
        this.unlocked = !KeyUtil.isPemPrivateKeyEncrypted(str);
        this.certificateChain = KeyUtil.pemToX509CertificateChain(str);
        if (this.certificateChain == null) {
            addError("Could not parse certificate chain");
        }
        this.expirationDate = getEarliestExpire(this.certificateChain);
        GeniUrn geniUrn = null;
        if (this.certificateChain != null) {
            try {
                geniUrn = GeniUserFactory.deriveUserUrnFromCertificateChain(this.certificateChain);
            } catch (CertificateParsingException e) {
                LOG.error("Could not parse certificate chain. Will not extract user urn and expiration date", e);
                addError("Could not parse certificate chain for user URN");
            }
        }
        this.userUrn = geniUrn;
        if (geniUrn != null) {
            this.userAuthorityServer = authorityFinder.findByAnyUrn(geniUrn, AuthorityFinder.Purpose.FIND_USERAUTH);
        } else {
            this.userAuthorityServer = null;
        }
    }

    private static Date getEarliestExpire(List<X509Certificate> list) {
        if (list == null) {
            return null;
        }
        Date date = null;
        Iterator<X509Certificate> it = list.iterator();
        while (it.hasNext()) {
            Date notAfter = it.next().getNotAfter();
            if (date == null || date.after(notAfter)) {
                date = notAfter;
            }
        }
        return date;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    public boolean isUserAndAuthorityProvidedSeperately() {
        return this.userAndAuthorityProvidedSeperately;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    public boolean isValid() {
        return (this.certificateChain == null || this.userUrn == null || this.expirationDate == null) ? false : true;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    public boolean isUnlocked() {
        return this.unlocked;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    @Nullable
    public GeniUrn getUserUrn() {
        return this.userUrn;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    @Nullable
    public List<X509Certificate> getCertificateChain() {
        return this.certificateChain;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    @Nullable
    public Date getExpirationDate() {
        return this.expirationDate;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    public GeniUser login(@Nullable char[] cArr) throws InvalidLoginException {
        if (this.keyCertContent == null) {
            throw new InvalidLoginException("Cannot login user with empty keyCertContent");
        }
        return this.geniUserFactory.createGeniUser(this.keyCertContent, cArr, null, null);
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    @Nullable
    public Server getUserAuthorityServer() {
        return this.userAuthorityServer;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    public String getCertificateContent() {
        return this.keyCertContent;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.UserLoginInfo
    @Nullable
    public String getError() {
        return this.error;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addError(String str) {
        if (this.error != null) {
            this.error += "\n" + str;
        } else {
            this.error = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean equalInfo(UserLoginInfo userLoginInfo) {
        return Objects.equal(this.keyCertContent, userLoginInfo.getCertificateContent()) && Objects.equal(this.userUrn, userLoginInfo.getUserUrn()) && Objects.equal(this.userAuthorityServer, userLoginInfo.getUserAuthorityServer());
    }
}
