package org.dataone.security;

import java.io.IOException;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.security.PrivateKey;
import jettyClient.objectProviderRegisterer.ObjectProviderRegisterer;
import jettyClient.paosClient.ExchangeContent;
import jettyClient.paosClient.PaosClient;
import jettyClient.parser.ParseHelper;
import jettyClient.simpleClient.ClientExchange;
import jettyClient.simpleClient.ClientOptions;
import jettyClient.simpleClient.Connections;
import org.bouncycastle.openssl.PEMWriter;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.io.ByteArrayBuffer;
import org.opensaml.core.config.InitializationException;
import org.opensaml.core.config.InitializationService;
import org.opensaml.saml.saml2.core.IDPEntry;

/* loaded from: input_file:org/dataone/security/CertificateFetcher.class */
public class CertificateFetcher extends PaosClient {
    public CertificateFetcher() {
        super(null);
        this.httpClient = getClient();
    }

    public CertificateFetcher(HttpClient httpClient) {
        super(httpClient);
    }

    public String authenticate(String str, String str2, String str3, String str4) {
        ExchangeContent accessResource;
        ClientOptions clientOptions = new ClientOptions();
        clientOptions.setSpURL(Connections.getURL(str));
        clientOptions.setSpEndpoint(Connections.getURL(str));
        clientOptions.setIdpUrl(Connections.getURL(str2));
        clientOptions.setPrincipal(str3);
        clientOptions.setCredentials(str4);
        IDPEntry buildObject = ParseHelper.buildObject(IDPEntry.DEFAULT_ELEMENT_NAME);
        buildObject.setLoc(str2);
        HttpClient client = getClient();
        try {
            client.start();
        } catch (Exception e) {
            System.out.println("Could not start client.");
            e.printStackTrace();
        }
        System.out.println("Client started");
        if (buildObject == null || (accessResource = new Connections().accessResource(clientOptions, buildObject, client)) == null) {
            return null;
        }
        return getCertificate(clientOptions, client, accessResource);
    }

    private HttpClient getClient() {
        HttpClient httpClient = new HttpClient();
        httpClient.setIdleTimeout(1000L);
        httpClient.setTimeout(100000L);
        httpClient.setConnectorType(2);
        return httpClient;
    }

    private String getCertificate(ClientOptions clientOptions, HttpClient httpClient, ExchangeContent exchangeContent) {
        ExchangeContent exchangeContent2 = new ExchangeContent(null, null);
        exchangeContent2.setCookieField(exchangeContent.getCookieField());
        String str = null;
        CSRGenerator cSRGenerator = new CSRGenerator();
        try {
            str = cSRGenerator.generateCSR("ignoreMe");
        } catch (Exception e) {
            e.printStackTrace();
        }
        try {
            str = URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e2) {
            e2.printStackTrace();
        }
        String sendPOST = new CertificateFetcher(httpClient).sendPOST(clientOptions.getSpURL(), exchangeContent2, "submit=certreq&certlifetime=12&CSRF=fetchMyCertificate&certreq=" + str, "fetchMyCertificate");
        PrivateKey privateKey = cSRGenerator.getPrivateKey();
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        try {
            pEMWriter.writeObject(privateKey);
            pEMWriter.close();
        } catch (IOException e3) {
            e3.printStackTrace();
        }
        String str2 = stringWriter.toString() + sendPOST;
        System.out.println(str2);
        return str2;
    }

    private String sendPOST(URL url, ExchangeContent exchangeContent, String str, String str2) {
        String str3 = null;
        ClientExchange pOSTExchange = getPOSTExchange(url);
        pOSTExchange.setRequestContentType("application/x-www-form-urlencoded;charset=utf-8");
        pOSTExchange.setRequestContent(new ByteArrayBuffer(str.getBytes()));
        System.out.println("\nSent to " + pOSTExchange.getAddress().getHost() + pOSTExchange.getRequestURI() + "\n" + str);
        if (!exchangeContent.getCookieField().equals("")) {
            pOSTExchange.setRequestHeader("Cookie", (exchangeContent.getCookieField() + ";") + " " + ("CSRF=" + str2 + "; path=\"/\"; domain=" + url.getHost() + "; port=" + url.getPort() + "; path_spec; secure; version=1;"));
        }
        if (exchangeContent.getRealmResolver() != null) {
            this.httpClient.setRealmResolver(exchangeContent.getRealmResolver());
        }
        ClientExchange exchangeContent2 = exchangeContent(this.httpClient, pOSTExchange);
        if (exchangeContent2 != null) {
            try {
                str3 = exchangeContent2.getResponseContent();
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
            }
        } else {
            System.out.println("Could not send envelope.");
        }
        return str3;
    }

    public static void main(String[] strArr) {
        new CertificateFetcher().authenticate(strArr[0], strArr[1], strArr[2], strArr[3]);
    }

    static {
        try {
            InitializationService.initialize();
        } catch (InitializationException e) {
            e.printStackTrace();
        }
        ObjectProviderRegisterer.register();
    }
}
