package be.iminds.ilabt.jfed.lowlevel.user;

import be.iminds.ilabt.jfed.fedmon.webapi.service.json.Server;
import be.iminds.ilabt.jfed.lowlevel.userloginmodel.InvalidLoginException;
import be.iminds.ilabt.jfed.util.common.GeniUrn;
import be.iminds.ilabt.jfed.util.library.KeyUtil;
import java.io.File;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Objects;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/iminds/ilabt/jfed/lowlevel/user/SimpleGeniUser.class */
public class SimpleGeniUser implements GeniUser {
    private static final Logger LOG;
    protected final List<X509Certificate> certificateChain;
    protected final PrivateKey privateKey;
    protected final PublicKey publicKey;
    protected final Server userAuthorityServer;
    protected final GeniUrn userUrn;
    protected final File privateKeyFile;
    protected final File certificateKeyFile;
    static final /* synthetic */ boolean $assertionsDisabled;

    public SimpleGeniUser(@Nullable Server server, @Nonnull GeniUrn geniUrn, @Nonnull String str, @Nullable char[] cArr, @Nullable File file, @Nullable File file2) throws InvalidLoginException {
        this.userAuthorityServer = server;
        this.userUrn = geniUrn;
        this.certificateKeyFile = file;
        this.privateKeyFile = file2;
        try {
            PrivateKey pemToAnyPrivateKey = KeyUtil.pemToAnyPrivateKey(str, cArr);
            if (pemToAnyPrivateKey == null) {
                throw new InvalidLoginException("ERROR: PEM key and certificate does not contain a key:" + str);
            }
            this.privateKey = pemToAnyPrivateKey;
            this.certificateChain = KeyUtil.pemToX509CertificateChain(str);
            if (this.certificateChain == null || this.certificateChain.isEmpty()) {
                throw new InvalidLoginException("ERROR: PEM key and certificate does not contain a X509 certificate:" + str);
            }
            this.publicKey = this.certificateChain.get(0).getPublicKey();
            try {
                if ($assertionsDisabled || Objects.equals(geniUrn, GeniUserFactory.deriveUserUrnFromCertificateChain(this.certificateChain))) {
                } else {
                    throw new AssertionError("Provided Urn doesn't match the one in the certificate chain");
                }
            } catch (CertificateParsingException e) {
                throw new RuntimeException("Could not parse certificate while creating GeniUser", e);
            }
        } catch (KeyUtil.PEMDecodingException e2) {
            throw new InvalidLoginException("ERROR reading PEM key:" + str + " -> " + e2.getMessage(), e2);
        }
    }

    public SimpleGeniUser(@Nullable Server server, @Nonnull GeniUrn geniUrn, @Nonnull List<X509Certificate> list, @Nonnull PrivateKey privateKey, @Nullable File file, @Nullable File file2) {
        this.userAuthorityServer = server;
        this.userUrn = geniUrn;
        this.privateKey = privateKey;
        this.certificateChain = list;
        this.certificateKeyFile = file;
        this.privateKeyFile = file2;
        if (!$assertionsDisabled && list.isEmpty()) {
            throw new AssertionError();
        }
        this.publicKey = list.get(0).getPublicKey();
        try {
            if ($assertionsDisabled || Objects.equals(geniUrn, GeniUserFactory.deriveUserUrnFromCertificateChain(list))) {
            } else {
                throw new AssertionError("Provided Urn doesn't match the one in the certificate chain");
            }
        } catch (CertificateParsingException e) {
            throw new RuntimeException("Could not parse certificate while creating GeniUser", e);
        }
    }

    public SimpleGeniUser(GeniUser geniUser) {
        if (geniUser instanceof GeniUserWithSpeaksFor) {
            LOG.warn("Making a copy of a GeniUserWithSpeaksFor with SimpleGeniUser will DISCARD the speaks_for details.");
        }
        this.userAuthorityServer = geniUser.getUserAuthorityServer();
        this.userUrn = GeniUrn.parse(geniUser.getUserUrnString());
        this.publicKey = geniUser.getPublicKey();
        this.privateKey = geniUser.getPrivateKey();
        this.privateKeyFile = geniUser.getPrivateKeyFile();
        this.certificateChain = geniUser.getClientCertificateChain();
        this.certificateKeyFile = geniUser.getCertificateFile();
        if (!$assertionsDisabled && this.certificateChain.isEmpty()) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && !Objects.equals(this.certificateChain.get(0).getPublicKey(), this.publicKey)) {
            throw new AssertionError();
        }
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    @Nonnull
    public List<X509Certificate> getClientCertificateChain() {
        return this.certificateChain;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    @Nonnull
    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    @Nonnull
    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    public Server getUserAuthorityServer() {
        return this.userAuthorityServer;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    public Integer getUserAuthorityServerId() {
        return this.userAuthorityServer.getId();
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    @Nonnull
    public GeniUrn getUserUrn() {
        return this.userUrn;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    public File getPrivateKeyFile() {
        return this.privateKeyFile;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    public File getCertificateFile() {
        return this.certificateKeyFile;
    }

    @Override // be.iminds.ilabt.jfed.lowlevel.user.GeniUser
    @Nonnull
    public String getUserUrnString() {
        return this.userUrn.toString();
    }

    static {
        $assertionsDisabled = !SimpleGeniUser.class.desiredAssertionStatus();
        LOG = LoggerFactory.getLogger((Class<?>) SimpleGeniUser.class);
    }
}
