package com.liferay.saml.web.internal.display.context;

import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.saml.runtime.SamlException;
import com.liferay.saml.runtime.configuration.SamlConfiguration;
import com.liferay.saml.runtime.exception.CredentialAuthException;
import com.liferay.saml.runtime.metadata.LocalEntityManager;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:com/liferay/saml/web/internal/display/context/GeneralTabDefaultViewDisplayContext.class */
public class GeneralTabDefaultViewDisplayContext {
    private static final Log _log = LogFactoryUtil.getLog(GeneralTabDefaultViewDisplayContext.class);
    private final LocalEntityManager _localEntityManager;
    private final SamlConfiguration _samlConfiguration;
    private final Map<LocalEntityManager.CertificateUsage, X509CertificateStatus> _x509CertificateStatuses = new HashMap();

    /* loaded from: input_file:com/liferay/saml/web/internal/display/context/GeneralTabDefaultViewDisplayContext$X509CertificateStatus.class */
    public static class X509CertificateStatus {
        private final Status _status;
        private final X509Certificate _x509Certificate;

        /* loaded from: input_file:com/liferay/saml/web/internal/display/context/GeneralTabDefaultViewDisplayContext$X509CertificateStatus$Status.class */
        public enum Status {
            BOUND,
            SAML_KEYSTORE_EXCEPTION,
            SAML_KEYSTORE_PASSWORD_INCORRECT,
            SAML_X509_CERTIFICATE_AUTH_NEEDED,
            UNBOUND,
            UNKNOWN_EXCEPTION
        }

        public X509CertificateStatus(X509Certificate x509Certificate, Status status) {
            this._x509Certificate = x509Certificate;
            this._status = status;
        }

        public Status getStatus() {
            return this._status;
        }

        public X509Certificate getX509Certificate() {
            return this._x509Certificate;
        }
    }

    public GeneralTabDefaultViewDisplayContext(LocalEntityManager localEntityManager, SamlConfiguration samlConfiguration) {
        this._localEntityManager = localEntityManager;
        this._samlConfiguration = samlConfiguration;
    }

    public X509CertificateStatus getX509CertificateStatus() {
        return getX509CertificateStatus(LocalEntityManager.CertificateUsage.SIGNING);
    }

    public X509CertificateStatus getX509CertificateStatus(LocalEntityManager.CertificateUsage certificateUsage) {
        return this._x509CertificateStatuses.computeIfAbsent(certificateUsage, this::doGetX509CertificateStatus);
    }

    public boolean isRoleIdPAvailable() {
        return this._samlConfiguration.idpRoleConfigurationEnabled();
    }

    protected X509CertificateStatus doGetX509CertificateStatus(LocalEntityManager.CertificateUsage certificateUsage) {
        try {
            X509Certificate localEntityCertificate = this._localEntityManager.getLocalEntityCertificate(certificateUsage);
            return localEntityCertificate != null ? new X509CertificateStatus(localEntityCertificate, X509CertificateStatus.Status.BOUND) : new X509CertificateStatus(null, X509CertificateStatus.Status.UNBOUND);
        } catch (CredentialAuthException e) {
            return _buildX509CertificateStatus(e, true, X509CertificateStatus.Status.UNKNOWN_EXCEPTION);
        } catch (CredentialAuthException.InvalidKeyStorePassword e2) {
            return _buildX509CertificateStatus(e2, true, X509CertificateStatus.Status.SAML_KEYSTORE_PASSWORD_INCORRECT);
        } catch (CredentialAuthException.InvalidKeyStore e3) {
            return _buildX509CertificateStatus(e3, true, X509CertificateStatus.Status.SAML_KEYSTORE_EXCEPTION);
        } catch (SamlException e4) {
            return _buildX509CertificateStatus(e4, false, X509CertificateStatus.Status.UNBOUND);
        } catch (CredentialAuthException.InvalidCredentialPassword e5) {
            return _buildX509CertificateStatus(e5, false, X509CertificateStatus.Status.SAML_X509_CERTIFICATE_AUTH_NEEDED);
        }
    }

    private X509CertificateStatus _buildX509CertificateStatus(Exception exc, boolean z, X509CertificateStatus.Status status) {
        if (_log.isDebugEnabled()) {
            _log.debug("Unable to get local entity certificate: " + exc.getMessage(), exc);
        } else if (z) {
            _log.error("Unable to get local entity certificate: " + exc.getMessage());
        }
        return new X509CertificateStatus(null, status);
    }
}
