package at.itsv.security.servicesecurity.identityprovider.ldap.credentials.provider;

import at.itsv.commons.lang.Result;
import at.itsv.commons.stringdecoding.timestamp.StringToTimestamp;
import at.itsv.security.servicesecurity.identityprovider.ldap.credentials.ConsumerCredentials;
import at.itsv.security.servicesecurity.identityprovider.ldap.crypto.AccessCredentials;
import at.itsv.security.servicesecurity.identityprovider.ldap.crypto.binarycipher.BinaryCipher;
import java.nio.charset.Charset;
import java.time.Instant;
import java.time.ZoneId;
import java.time.format.DateTimeFormatter;
import java.util.Collections;
import java.util.HashSet;
import java.util.NoSuchElementException;
import java.util.Optional;
import java.util.Set;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;

/* loaded from: input_file:at/itsv/security/servicesecurity/identityprovider/ldap/credentials/provider/CredentialsMapper.class */
final class CredentialsMapper {
    private static final String ATTR_PREFIX = "x-at-itsv-wssec-";
    public static final String ATTR_MODE = "x-at-itsv-wssec-Mode";
    public static final Charset PASSWORD_CHARSET = Charset.forName("UTF-8");
    private static final String ATTR_USERNAME = "x-at-itsv-wssec-UserName";
    private static final String ATTR_CONS_PW = "x-at-itsv-wssec-ConsumerEncodedPassword";
    private static final String ATTR_PROV_PW = "x-at-itsv-wssec-ProviderEncodedPassword";
    private static final String ATTR_ITMAP_PW = "x-at-itsv-wssec-ItMapEncodedPassword";
    private static final String ATTR_VALID_FROM = "x-at-itsv-wssec-ValidFromTS";
    private static final String ATTR_VALID_UNTIL = "x-at-itsv-wssec-ValidToTS";
    private static final String ATTR_ITMAP_REF = "x-at-itsv-wssec-ItMapRef";
    private static final String ATTR_STATUS = "x-at-itsv-wssec-Status";
    private static final String ATTR_ROLES = "x-at-itsv-wssec-Role";
    private final StringToTimestamp stringToTimestamp;
    private final AccessCredentials accessCredentials;
    private final BinaryCipher passwordCipher;
    private static final String TIMESTAMP_PATTERN = "yyyyMMddHHmmss.SSS";

    private CredentialsMapper(AccessCredentials accessCredentials, ZoneId zoneId) {
        this.accessCredentials = accessCredentials;
        this.passwordCipher = BinaryCipher.rsa(accessCredentials.getPrivateKey(), accessCredentials.getPublicKey()).andThen(BinaryCipher.base64());
        this.stringToTimestamp = str -> {
            return (Instant) StringToTimestamp.adapt(DateTimeFormatter.ofPattern(TIMESTAMP_PATTERN).withZone(zoneId)).apply(str.substring(0, TIMESTAMP_PATTERN.length()));
        };
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static CredentialsMapper of(AccessCredentials accessCredentials, ZoneId zoneId) {
        return new CredentialsMapper(accessCredentials, zoneId);
    }

    public Result<ConsumerCredentials> map(Attributes attributes) {
        return Result.of(() -> {
            return failableMapCredentialsFrom(attributes);
        });
    }

    private ConsumerCredentials failableMapCredentialsFrom(Attributes attributes) throws NamingException {
        String singleRequiredValueAsString = singleRequiredValueAsString(attributes, ATTR_USERNAME);
        String singleRequiredValueAsString2 = singleRequiredValueAsString(attributes, ATTR_ITMAP_REF);
        String singleRequiredValueAsString3 = singleRequiredValueAsString(attributes, ATTR_MODE);
        String singleValueAsString = singleValueAsString(attributes, ATTR_STATUS);
        Set<String> valuesAsSetOfStrings = valuesAsSetOfStrings(attributes, ATTR_ROLES);
        String str = (String) Optional.ofNullable(encodedPassword(attributes)).map(this::decryptPassword).orElseThrow(() -> {
            return new NoSuchElementException("No password set");
        });
        String singleRequiredValueAsString4 = singleRequiredValueAsString(attributes, ATTR_VALID_FROM);
        String singleValueAsString2 = singleValueAsString(attributes, ATTR_VALID_UNTIL);
        return new ConsumerCredentials(singleRequiredValueAsString, str, (Instant) this.stringToTimestamp.decode(singleRequiredValueAsString4), (singleValueAsString2 == null || singleValueAsString2.isEmpty()) ? null : (Instant) this.stringToTimestamp.decode(singleValueAsString2), singleRequiredValueAsString2, singleRequiredValueAsString3, ConsumerCredentials.Status.valueOfIgnoreCase(singleValueAsString), valuesAsSetOfStrings);
    }

    private String decryptPassword(String str) {
        return new String(this.passwordCipher.decrypt(str.getBytes(PASSWORD_CHARSET)), PASSWORD_CHARSET);
    }

    private String encodedPassword(Attributes attributes) throws NamingException {
        switch (this.accessCredentials.getAccessType()) {
            case SERVICE_CONSUMER:
                return singleValueAsString(attributes, ATTR_CONS_PW);
            case SERVICE_PROVIDER:
                return singleValueAsString(attributes, ATTR_PROV_PW);
            case ITMAP:
                return singleValueAsString(attributes, ATTR_ITMAP_PW);
            default:
                return null;
        }
    }

    private static String singleValueAsString(Attribute attribute) throws NamingException {
        if (attribute.size() == 1) {
            return (String) attribute.get(0);
        }
        throw new IllegalArgumentException("Attribute " + attribute.getID() + " had not one but " + attribute.size() + " values");
    }

    private static String singleRequiredValueAsString(Attributes attributes, String str) throws NamingException {
        Attribute attribute = attributes.get(str);
        if (attribute != null) {
            return singleValueAsString(attribute);
        }
        throw new NoSuchElementException("Required Attribute " + str + " not found");
    }

    private static String singleValueAsString(Attributes attributes, String str) throws NamingException {
        Attribute attribute = attributes.get(str);
        if (attribute != null) {
            return singleValueAsString(attribute);
        }
        return null;
    }

    private static Set<String> valuesAsSetOfStrings(Attributes attributes, String str) throws NamingException {
        Attribute attribute = attributes.get(str);
        int size = attribute.size();
        HashSet hashSet = new HashSet(size);
        for (int i = 0; i < size; i++) {
            hashSet.add((String) attribute.get(i));
        }
        return Collections.unmodifiableSet(hashSet);
    }
}
