package com.atlassian.applinks.internal.test.utils;

import com.atlassian.applinks.api.ApplicationLink;
import com.atlassian.applinks.api.auth.types.TrustedAppsAuthenticationProvider;
import com.atlassian.applinks.spi.auth.AuthenticationConfigurationManager;
import com.atlassian.security.auth.trustedapps.Application;
import com.atlassian.security.auth.trustedapps.ApplicationRetriever;
import com.atlassian.security.auth.trustedapps.DefaultTrustedApplication;
import com.atlassian.security.auth.trustedapps.RequestConditions;
import com.atlassian.security.auth.trustedapps.TrustedApplication;
import com.atlassian.security.auth.trustedapps.TrustedApplicationsConfigurationManager;
import com.google.common.base.Predicate;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Iterables;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.NoSuchElementException;
import java.util.Objects;

/* loaded from: input_file:com/atlassian/applinks/internal/test/utils/TrustedUtils.class */
public class TrustedUtils {
    public static final long DEFAULT_CERTIFICATE_TIMEOUT = 10000;
    public static final String TRUSTED_APPS_INCOMING_ID = "trustedapps.incoming.applicationId";
    protected final TrustedApplicationsConfigurationManager trustedAppsManager;
    protected final AuthenticationConfigurationManager configurationManager;

    /* loaded from: input_file:com/atlassian/applinks/internal/test/utils/TrustedUtils$ConfigurationException.class */
    public static class ConfigurationException extends Exception {
        public ConfigurationException(String str) {
            super(str);
        }

        public ConfigurationException(String str, Throwable th) {
            super(str, th);
        }
    }

    public TrustedUtils(AuthenticationConfigurationManager authenticationConfigurationManager, TrustedApplicationsConfigurationManager trustedApplicationsConfigurationManager) {
        this.configurationManager = authenticationConfigurationManager;
        this.trustedAppsManager = trustedApplicationsConfigurationManager;
    }

    public void updateInboundTrust(ApplicationLink applicationLink, RequestConditions requestConditions) throws ConfigurationException {
        Application applicationCertificate = getApplicationCertificate(applicationLink);
        this.trustedAppsManager.addTrustedApplication(applicationCertificate, requestConditions);
        applicationLink.putProperty(TRUSTED_APPS_INCOMING_ID, applicationCertificate.getID());
    }

    public void issueInboundTrust(ApplicationLink applicationLink) throws ConfigurationException {
        Objects.requireNonNull(applicationLink, "applicationLink");
        addTrustedApplication(applicationLink, getApplicationCertificate(applicationLink));
    }

    public void issueOfflineInboundTrust(ApplicationLink applicationLink) throws ConfigurationException, NoSuchProviderException, NoSuchAlgorithmException {
        Objects.requireNonNull(applicationLink, "applicationLink");
        addTrustedApplication(applicationLink, new DefaultTrustedApplication(KeyPairGenerator.getInstance("RSA").generateKeyPair().getPublic(), "trustedid", RequestConditions.builder().build()));
    }

    public boolean inboundTrustEnabled(ApplicationLink applicationLink) {
        return applicationLink.getProperty(TRUSTED_APPS_INCOMING_ID) != null;
    }

    public boolean outboundTrustEnabled(ApplicationLink applicationLink) {
        return this.configurationManager.isConfigured(applicationLink.getId(), TrustedAppsAuthenticationProvider.class);
    }

    public void revokeInboundTrust(ApplicationLink applicationLink) {
        Object property = applicationLink.getProperty(TRUSTED_APPS_INCOMING_ID);
        if (property != null) {
            this.trustedAppsManager.deleteApplication(property.toString());
        }
        applicationLink.removeProperty(TRUSTED_APPS_INCOMING_ID);
    }

    public void issueOutboundTrust(ApplicationLink applicationLink) {
        Objects.requireNonNull(applicationLink, "applicationLink");
        this.configurationManager.registerProvider(applicationLink.getId(), TrustedAppsAuthenticationProvider.class, ImmutableMap.of());
    }

    public void revokeOutboundTrust(ApplicationLink applicationLink) {
        Objects.requireNonNull(applicationLink, "applicationLink");
        this.configurationManager.unregisterProvider(applicationLink.getId(), TrustedAppsAuthenticationProvider.class);
    }

    private void addTrustedApplication(ApplicationLink applicationLink, final Application application) {
        try {
            Iterables.find(this.trustedAppsManager.getTrustedApplications(), new Predicate<TrustedApplication>() { // from class: com.atlassian.applinks.internal.test.utils.TrustedUtils.1
                public boolean apply(TrustedApplication trustedApplication) {
                    return trustedApplication.getID().equals(application.getID());
                }
            });
        } catch (NoSuchElementException e) {
            this.trustedAppsManager.addTrustedApplication(application, RequestConditions.builder().setCertificateTimeout(DEFAULT_CERTIFICATE_TIMEOUT).build());
        }
        applicationLink.putProperty(TRUSTED_APPS_INCOMING_ID, application.getID());
    }

    private Application getApplicationCertificate(ApplicationLink applicationLink) throws ConfigurationException {
        Objects.requireNonNull(applicationLink, "applicationLink");
        try {
            return this.trustedAppsManager.getApplicationCertificate(applicationLink.getRpcUrl().toString());
        } catch (ApplicationRetriever.RetrievalException e) {
            throw new ConfigurationException("Unable to retrieve the application's certificate: " + e.getMessage(), e);
        }
    }
}
