package eu.cec.digit.ecas.client.signature;

import eu.cec.digit.ecas.client.Client;
import eu.cec.digit.ecas.client.configuration.Configurable;
import eu.cec.digit.ecas.client.configuration.ConfigurationException;
import eu.cec.digit.ecas.client.configuration.EcasConfigurationIntf;
import eu.cec.digit.ecas.client.configuration.EmptyConfigurator;
import eu.cec.digit.ecas.client.constants.ContextConstant;
import eu.cec.digit.ecas.client.jaas.InvalidLoginDateException;
import eu.cec.digit.ecas.client.jaas.InvalidProxyException;
import eu.cec.digit.ecas.client.jaas.InvalidSignatureException;
import eu.cec.digit.ecas.client.jaas.InvalidStrengthException;
import eu.cec.digit.ecas.client.jaas.UnexpectedLoginException;
import eu.cec.digit.ecas.client.logging.Logger;
import eu.cec.digit.ecas.client.resolver.context.ServletContextStrategy;
import eu.cec.digit.ecas.client.resolver.logging.ClientFactory;
import eu.cec.digit.ecas.client.signature.impl.AbstractSignatureControllerFactory;
import eu.cec.digit.ecas.client.signature.impl.SignatureConfigImpl;
import eu.cec.digit.ecas.client.signature.impl.VerifierConfigurationImpl;
import eu.cec.digit.ecas.client.signature.verify.AbstractVerifierFactory;
import eu.cec.digit.ecas.client.signature.verify.PublicKeyValidator;
import eu.cec.digit.ecas.client.signature.verify.VerificationException;
import eu.cec.digit.ecas.client.signature.verify.Verifier;
import eu.cec.digit.ecas.client.signature.verify.X509CertificateValidator;
import eu.cec.digit.ecas.client.validation.ClientUserValidator;
import eu.cec.digit.ecas.client.validation.ExtraGroupHandlingException;
import eu.cec.digit.ecas.client.validation.ValidatedUser;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:eu/cec/digit/ecas/client/signature/SignatureClient.class */
public final class SignatureClient extends Client implements SignatureClientIntf {
    private static final Logger LOG;
    private boolean configured;
    private SignatureFactory signatureFactory;
    private ClientUserValidator userValidator;
    private Verifier verifier;
    static Class class$eu$cec$digit$ecas$client$signature$SignatureClient;

    public SignatureClient() {
    }

    public SignatureClient(HttpServletRequest httpServletRequest) {
        configure(httpServletRequest);
    }

    @Override // eu.cec.digit.ecas.client.Client, eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public synchronized boolean isConfigured() {
        return super.isConfigured();
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public synchronized void configure() {
        configure(null);
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public synchronized void configure(HttpServletRequest httpServletRequest) {
        if (this.configured) {
            return;
        }
        if (!isConfigured()) {
            EcasConfigurationIntf ecasConfigurationIntf = null;
            ServletContext servletContext = null;
            if (null != httpServletRequest) {
                servletContext = ServletContextStrategy.getInstance().getServletContext(httpServletRequest);
                setServletContext(servletContext);
                ecasConfigurationIntf = (EcasConfigurationIntf) servletContext.getAttribute(ContextConstant.ECAS_CONFIGURATION.toString());
            }
            boolean isDebugEnabled = LOG.isDebugEnabled();
            try {
                if (null == ecasConfigurationIntf) {
                    setConfigurator(new EmptyConfigurator());
                    if (null != servletContext) {
                        putConfigInContext(servletContext);
                    }
                    if (isDebugEnabled) {
                        LOG.debug(new StringBuffer().append("ECAS SignatureClient configured without existing Client configuration, creating new configuration: ").append(getConfiguration()).toString());
                    }
                } else {
                    setConfigurationResource(ecasConfigurationIntf);
                    if (isDebugEnabled) {
                        LOG.debug(new StringBuffer().append("ECAS SignatureClient configured with existing Client configuration: ").append(ecasConfigurationIntf).toString());
                    }
                }
            } catch (ConfigurationException e) {
                String stringBuffer = new StringBuffer().append("Unable to configure the ECAS SignatureClient: ").append(e).toString();
                if (isDebugEnabled || LOG.isFatalEnabled()) {
                    LOG.fatal(stringBuffer, e);
                }
                throw new IllegalStateException(stringBuffer);
            }
        }
        init();
        this.configured = true;
    }

    private void init() {
        this.userValidator = new ClientUserValidator(getEcasValidationConfig());
        try {
            EcasConfigurationIntf configuration = getConfiguration();
            SignatureConfigImpl signatureConfigImpl = new SignatureConfigImpl(configuration.getInitSignatureUrl(), configuration.getSignatureUrl(), configuration.getRetrieveSignatureUrl(), configuration.getTransactionUrl(), configuration.getCertificateRevocationUrl(), getEcasValidationConfig().getSecureURLConfig(), configuration.getAcceptStrengths(), configuration.getApplicationSecurityLevel());
            this.signatureFactory = AbstractSignatureControllerFactory.newFactory(signatureConfigImpl);
            this.verifier = AbstractVerifierFactory.getFactory().newVerifier(this.signatureFactory.getSignatureTypeRegistry());
            X509CertificateValidator newX509CertificateValidator = AbstractVerifierFactory.newX509CertificateValidator();
            PublicKeyValidator newPublicKeyValidator = AbstractVerifierFactory.newPublicKeyValidator();
            if (newX509CertificateValidator instanceof Configurable) {
                ((Configurable) newX509CertificateValidator).configure(signatureConfigImpl);
            }
            if (newPublicKeyValidator instanceof Configurable) {
                ((Configurable) newPublicKeyValidator).configure(signatureConfigImpl);
            }
            if (this.verifier instanceof Configurable) {
                ((Configurable) this.verifier).configure(new VerifierConfigurationImpl(newX509CertificateValidator, newPublicKeyValidator));
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug(new StringBuffer().append("SignatureClient configuration: ").append(signatureConfigImpl).toString());
            }
        } catch (ConfigurationException e) {
            throw new IllegalStateException(e.toString());
        }
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public SignatureFactory getSignatureFactory() {
        return this.signatureFactory;
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public Verifier getSignatureVerifier() {
        return this.verifier;
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public Subject authenticateSignedUserConfirmationMessage(UserConfirmationMessage userConfirmationMessage, String str, HttpServletRequest httpServletRequest) throws LoginException {
        configure(httpServletRequest);
        return getEcasServletAuthentication().authenticateSignedUserConfirmationMessage(userConfirmationMessage, str, getEcasValidationConfig(), httpServletRequest);
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public Subject authenticateSignedAuthenticatedMessage(AuthenticatedMessage authenticatedMessage, String str, HttpServletRequest httpServletRequest) throws LoginException {
        configure(httpServletRequest);
        return getEcasServletAuthentication().authenticateSignedAuthenticatedMessage(authenticatedMessage, str, getEcasValidationConfig(), httpServletRequest);
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public void impersonate(Subject subject, HttpServletRequest httpServletRequest) {
        getEcasServletAuthentication().impersonate(subject, httpServletRequest);
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public ValidatedUser validate(UserConfirmationMessage userConfirmationMessage, String str, HttpServletRequest httpServletRequest) throws InvalidSignatureException, InvalidStrengthException, ExtraGroupHandlingException, InvalidLoginDateException, UnexpectedLoginException {
        configure(httpServletRequest);
        return this.userValidator.validateSignedUserConfirmationMessage(userConfirmationMessage, str);
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public ValidatedUser validate(AuthenticatedMessage authenticatedMessage, String str, HttpServletRequest httpServletRequest) throws InvalidSignatureException, InvalidStrengthException, InvalidProxyException, InvalidLoginDateException, ExtraGroupHandlingException, UnexpectedLoginException {
        configure(httpServletRequest);
        return this.userValidator.validateSignedAuthenticatedMessage(authenticatedMessage, str);
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public MessageInfo verifySignedAuthenticatedMessage(AuthenticatedMessage authenticatedMessage) throws VerificationException {
        return this.verifier.verifySignedAuthenticatedMessage(authenticatedMessage).getMessageAuthenticationSignature().getMessageInfo();
    }

    @Override // eu.cec.digit.ecas.client.signature.SignatureClientIntf
    public SignatureInfo verifySignedUserConfirmationMessage(UserConfirmationMessage userConfirmationMessage) throws VerificationException {
        return this.verifier.verifySignedUserConfirmationMessage(userConfirmationMessage).getUserConfirmationSignature().getSignatureInfo();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        ClientFactory clientFactory = ClientFactory.getInstance();
        if (class$eu$cec$digit$ecas$client$signature$SignatureClient == null) {
            cls = class$("eu.cec.digit.ecas.client.signature.SignatureClient");
            class$eu$cec$digit$ecas$client$signature$SignatureClient = cls;
        } else {
            cls = class$eu$cec$digit$ecas$client$signature$SignatureClient;
        }
        LOG = clientFactory.getLogger(cls);
    }
}
