package org.eclipse.lyo.server.oauth.consumerstore;

import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.sql.SQLException;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.jena.rdf.model.Model;
import org.apache.jena.rdf.model.ModelFactory;
import org.apache.jena.rdf.model.ResIterator;
import org.apache.jena.rdf.model.Resource;
import org.apache.jena.shared.JenaException;
import org.apache.jena.shared.PropertyNotFoundException;
import org.apache.jena.util.FileManager;
import org.apache.jena.vocabulary.RDF;
import org.eclipse.lyo.server.oauth.core.consumer.AbstractConsumerStore;
import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/lyo/server/oauth/consumerstore/FileSystemConsumerStore.class */
public class FileSystemConsumerStore extends AbstractConsumerStore {
    protected static final String LYO_OAUTH_NAMESPACE = "http://eclipse.org/lyo/server/oauth#";
    protected static final String CONSUMER_RESOURCE = "http://eclipse.org/lyo/server/oauth#Consumer";
    protected static final String CALLBACK_URL = "http://eclipse.org/lyo/server/oauth#callback";
    protected static final String CONSUMER_NAME = "http://eclipse.org/lyo/server/oauth#consumerName";
    protected static final String CONSUMER_KEY = "http://eclipse.org/lyo/server/oauth#consumerKey";
    protected static final String CONSUMER_SECRET = "http://eclipse.org/lyo/server/oauth#consumerSecret";
    protected static final String PROVISIONAL = "http://eclipse.org/lyo/server/oauth#provisional";
    protected static final String TRUSTED = "http://eclipse.org/lyo/server/oauth#trusted";
    private static final Logger log = LoggerFactory.getLogger(FileSystemConsumerStore.class);
    public static final String AES_CIPHER = "AES/GCM/NoPadding";
    private Model model;
    private String oauthStore;
    private String encryptionKey;

    public FileSystemConsumerStore(String str) throws SQLException, ConsumerStoreException, ClassNotFoundException {
        this.oauthStore = str;
        createModel();
        loadConsumers();
    }

    public FileSystemConsumerStore(String str, String str2) throws SQLException, ConsumerStoreException, ClassNotFoundException {
        this.oauthStore = str;
        this.encryptionKey = str2;
        createModel();
        loadConsumers();
    }

    public FileSystemConsumerStore(Model model, String str) throws ConsumerStoreException {
        this.oauthStore = str;
        this.model = model;
        loadConsumers();
    }

    protected void createModel() {
        try {
            this.model = FileManager.get().loadModel(this.oauthStore);
        } catch (Exception e) {
            this.model = ModelFactory.createDefaultModel();
        }
    }

    protected void writeModel() throws FileNotFoundException {
        Model createDefaultModel = ModelFactory.createDefaultModel();
        createDefaultModel.add(this.model);
        createDefaultModel.write(new FileOutputStream(this.oauthStore), "RDF/XML-ABBREV");
    }

    protected synchronized void loadConsumers() throws ConsumerStoreException {
        ResIterator listResourcesWithProperty = this.model.listResourcesWithProperty(RDF.type, this.model.createResource(CONSUMER_RESOURCE));
        while (listResourcesWithProperty.hasNext()) {
            Resource resource = (Resource) listResourcesWithProperty.next();
            try {
                add(fromResource(resource));
            } catch (JenaException e) {
                throw new ConsumerStoreException(e);
            } catch (PropertyNotFoundException e2) {
                log.error("Could not load consumer " + resource.getProperty(this.model.createProperty(CONSUMER_NAME)) + " (" + resource.getProperty(this.model.createProperty(CONSUMER_KEY)) + ")", e2);
            } catch (UnsupportedEncodingException e3) {
                throw new ConsumerStoreException(e3);
            }
        }
    }

    public synchronized LyoOAuthConsumer addConsumer(LyoOAuthConsumer lyoOAuthConsumer) throws ConsumerStoreException {
        if (this.model == null) {
            throw new ConsumerStoreException("Consumer store not initialized.");
        }
        try {
            removeProperties(lyoOAuthConsumer);
            toResource(lyoOAuthConsumer);
            LyoOAuthConsumer add = add(lyoOAuthConsumer);
            writeModel();
            return add;
        } catch (FileNotFoundException e) {
            throw new ConsumerStoreException(e);
        } catch (UnsupportedEncodingException e2) {
            throw new ConsumerStoreException(e2);
        }
    }

    public synchronized LyoOAuthConsumer removeConsumer(String str) throws ConsumerStoreException {
        if (this.model == null) {
            throw new ConsumerStoreException("Consumer store not initialized.");
        }
        try {
            removeProperties(str);
            LyoOAuthConsumer remove = remove(str);
            writeModel();
            return remove;
        } catch (FileNotFoundException e) {
            throw new ConsumerStoreException(e);
        }
    }

    public LyoOAuthConsumer updateConsumer(LyoOAuthConsumer lyoOAuthConsumer) throws ConsumerStoreException {
        return addConsumer(lyoOAuthConsumer);
    }

    public void closeConsumerStore() {
        try {
            writeModel();
        } catch (Exception e) {
            log.error("Error finalizing model to disk");
        }
        this.model.close();
    }

    protected void removeProperties(String str) {
        ResIterator listResourcesWithProperty = this.model.listResourcesWithProperty(this.model.createProperty(CONSUMER_KEY), this.model.createLiteral(str));
        while (listResourcesWithProperty.hasNext()) {
            ((Resource) listResourcesWithProperty.next()).removeProperties();
        }
    }

    protected void removeProperties(LyoOAuthConsumer lyoOAuthConsumer) {
        removeProperties(lyoOAuthConsumer.consumerKey);
    }

    protected Resource toResource(LyoOAuthConsumer lyoOAuthConsumer) throws UnsupportedEncodingException {
        Resource createResource = this.model.createResource();
        createResource.addProperty(RDF.type, this.model.createResource(CONSUMER_RESOURCE));
        createResource.addProperty(this.model.createProperty(CONSUMER_NAME), lyoOAuthConsumer.getName());
        createResource.addProperty(this.model.createProperty(CONSUMER_KEY), lyoOAuthConsumer.consumerKey);
        createResource.addProperty(this.model.createProperty(CONSUMER_SECRET), this.encryptionKey != null ? new String(encrypt(lyoOAuthConsumer.consumerSecret, this.encryptionKey)) : new String(Base64.getEncoder().encode(lyoOAuthConsumer.consumerSecret.getBytes("UTF8")), "UTF8"));
        createResource.addProperty(this.model.createProperty(PROVISIONAL), lyoOAuthConsumer.isProvisional() ? "true" : "false");
        createResource.addProperty(this.model.createProperty(TRUSTED), lyoOAuthConsumer.isTrusted() ? "true" : "false");
        return createResource;
    }

    protected LyoOAuthConsumer fromResource(Resource resource) throws UnsupportedEncodingException {
        String string = resource.getRequiredProperty(this.model.createProperty(CONSUMER_KEY)).getString();
        String string2 = resource.getRequiredProperty(this.model.createProperty(CONSUMER_SECRET)).getString();
        LyoOAuthConsumer lyoOAuthConsumer = new LyoOAuthConsumer(string, this.encryptionKey != null ? new String(decrypt(string2, this.encryptionKey)) : new String(Base64.getDecoder().decode(string2.getBytes("UTF8")), "UTF8"));
        lyoOAuthConsumer.setName(resource.getRequiredProperty(this.model.createProperty(CONSUMER_NAME)).getString());
        lyoOAuthConsumer.setProvisional("true".equals(resource.getProperty(this.model.createProperty(PROVISIONAL)).getString()));
        lyoOAuthConsumer.setTrusted("true".equals(resource.getProperty(this.model.createProperty(TRUSTED)).getString()));
        return lyoOAuthConsumer;
    }

    protected String encrypt(String str, String str2) {
        log.debug("Entering encrypt method in EncryptionUtil class");
        try {
            Cipher cipher = Cipher.getInstance(AES_CIPHER);
            SecretKey secreteKey = getSecreteKey(str2);
            byte[] bytes = str.getBytes();
            cipher.init(1, secreteKey);
            String encodeToString = Base64.getEncoder().encodeToString(cipher.doFinal(bytes));
            log.debug("Exiting encrypt method in EncryptionUtil class");
            return encodeToString;
        } catch (GeneralSecurityException e) {
            log.error("Failed to encrypt Consumer configuration file data: {}", e.getMessage());
            throw new RuntimeException(e);
        }
    }

    protected String decrypt(String str, String str2) {
        log.debug("Entering decrypt method in EncryptionUtil class");
        try {
            Cipher cipher = Cipher.getInstance(AES_CIPHER);
            SecretKey secreteKey = getSecreteKey(str2);
            byte[] decode = Base64.getDecoder().decode(str);
            cipher.init(2, secreteKey);
            String str3 = new String(cipher.doFinal(decode));
            log.debug("Exiting decrypt method in EncryptionUtil class");
            return str3;
        } catch (GeneralSecurityException e) {
            log.error("Failed to decrypt Consumer configuration file data: {}", e.getMessage());
            throw new RuntimeException(e);
        }
    }

    protected SecretKey getSecreteKey(String str) {
        log.debug("Entering getSecreteKey method in EncryptionUtil class");
        log.debug("Secret key length should be 16, 24 or 32 bytes");
        SecretKeySpec secretKeySpec = new SecretKeySpec(Base64.getDecoder().decode(str), "AES");
        log.debug("Exiting getSecreteKey method");
        return secretKeySpec;
    }
}
