package com.helger.phoss.smp.ui.secure;

import com.helger.commons.annotation.Nonempty;
import com.helger.commons.collection.CollectionHelper;
import com.helger.commons.collection.impl.CommonsArrayList;
import com.helger.commons.collection.impl.CommonsHashMap;
import com.helger.commons.collection.impl.CommonsHashSet;
import com.helger.commons.collection.impl.CommonsTreeSet;
import com.helger.commons.collection.impl.ICommonsList;
import com.helger.commons.collection.impl.ICommonsSet;
import com.helger.commons.compare.ESortOrder;
import com.helger.commons.datetime.PDTFactory;
import com.helger.commons.mutable.MutableInt;
import com.helger.commons.state.EValidity;
import com.helger.commons.state.IValidityIndicator;
import com.helger.commons.string.StringHelper;
import com.helger.commons.text.ReadOnlyMultilingualText;
import com.helger.html.hc.IHCNode;
import com.helger.html.hc.html.forms.HCHiddenField;
import com.helger.html.hc.html.forms.HCTextArea;
import com.helger.html.hc.html.grouping.HCDiv;
import com.helger.html.hc.html.grouping.HCUL;
import com.helger.html.hc.html.tabular.HCRow;
import com.helger.html.hc.html.tabular.HCTable;
import com.helger.html.hc.html.tabular.IHCCol;
import com.helger.html.hc.html.textlevel.HCA;
import com.helger.html.hc.html.textlevel.HCCode;
import com.helger.html.hc.html.textlevel.HCEM;
import com.helger.html.hc.impl.HCNodeList;
import com.helger.phoss.smp.CSMPServer;
import com.helger.phoss.smp.domain.SMPMetaManager;
import com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup;
import com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroupManager;
import com.helger.phoss.smp.domain.serviceinfo.ISMPEndpoint;
import com.helger.phoss.smp.domain.serviceinfo.ISMPProcess;
import com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformation;
import com.helger.phoss.smp.domain.serviceinfo.ISMPServiceInformationManager;
import com.helger.phoss.smp.domain.serviceinfo.SMPEndpoint;
import com.helger.phoss.smp.ui.AbstractSMPWebPage;
import com.helger.phoss.smp.ui.SMPCommonUI;
import com.helger.photon.bootstrap4.alert.BootstrapInfoBox;
import com.helger.photon.bootstrap4.alert.BootstrapSuccessBox;
import com.helger.photon.bootstrap4.button.BootstrapButton;
import com.helger.photon.bootstrap4.buttongroup.BootstrapButtonToolbar;
import com.helger.photon.bootstrap4.form.BootstrapForm;
import com.helger.photon.bootstrap4.form.BootstrapFormGroup;
import com.helger.photon.bootstrap4.traits.IHCBootstrap4Trait;
import com.helger.photon.bootstrap4.uictrls.datatables.BootstrapDTColAction;
import com.helger.photon.bootstrap4.uictrls.datatables.BootstrapDataTables;
import com.helger.photon.core.form.FormErrorList;
import com.helger.photon.core.form.RequestField;
import com.helger.photon.core.longrun.AbstractLongRunningJobRunnable;
import com.helger.photon.core.longrun.LongRunningJobResult;
import com.helger.photon.io.PhotonWorkerPool;
import com.helger.photon.uicore.icon.EDefaultIcon;
import com.helger.photon.uicore.page.AbstractWebPageForm;
import com.helger.photon.uicore.page.IWebPageExecutionContext;
import com.helger.photon.uicore.page.WebPageExecutionContext;
import com.helger.photon.uictrls.datatables.column.DTCol;
import com.helger.photon.uictrls.datatables.column.EDTColType;
import com.helger.security.certificate.CertificateHelper;
import com.helger.web.scope.mgr.WebScoped;
import java.security.cert.X509Certificate;
import java.time.OffsetDateTime;
import java.util.Collection;
import java.util.Iterator;
import java.util.Locale;
import java.util.concurrent.atomic.AtomicInteger;
import javax.annotation.Nonnegative;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;

/* loaded from: input_file:com/helger/phoss/smp/ui/secure/PageSecureEndpointChangeCertificate.class */
public final class PageSecureEndpointChangeCertificate extends AbstractSMPWebPage {
    private static final String FIELD_OLD_CERTIFICATE = "oldcert";
    private static final String FIELD_NEW_CERTIFICATE = "newcert";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/helger/phoss/smp/ui/secure/PageSecureEndpointChangeCertificate$BulkChangeCertificate.class */
    public static final class BulkChangeCertificate extends AbstractLongRunningJobRunnable implements IHCBootstrap4Trait {
        private static final AtomicInteger RUNNING_JOBS = new AtomicInteger(0);
        private final Locale m_aDisplayLocale;
        private final String m_sOldUnifiedCert;
        private final String m_sNewCert;

        public BulkChangeCertificate(@Nonnull Locale locale, @Nonnull String str, @Nonnull String str2) {
            super("BulkChangeCertificate", new ReadOnlyMultilingualText(CSMPServer.DEFAULT_LOCALE, "Bulk change certificate"));
            this.m_aDisplayLocale = locale;
            this.m_sOldUnifiedCert = str;
            this.m_sNewCert = str2;
        }

        @Nonnull
        public LongRunningJobResult createLongRunningJobResult() {
            BootstrapSuccessBox warn;
            RUNNING_JOBS.incrementAndGet();
            try {
                WebScoped webScoped = new WebScoped();
                try {
                    ISMPServiceInformationManager serviceInformationMgr = SMPMetaManager.getServiceInformationMgr();
                    MutableInt mutableInt = new MutableInt(0);
                    MutableInt mutableInt2 = new MutableInt(0);
                    CommonsArrayList<ISMPServiceInformation> commonsArrayList = new CommonsArrayList();
                    serviceInformationMgr.forEachSMPServiceInformation(iSMPServiceInformation -> {
                        boolean z = false;
                        Iterator it = iSMPServiceInformation.getAllProcesses().iterator();
                        while (it.hasNext()) {
                            for (SMPEndpoint sMPEndpoint : ((ISMPProcess) it.next()).getAllEndpoints()) {
                                if (this.m_sOldUnifiedCert.equals(PageSecureEndpointChangeCertificate._getUnifiedCert(sMPEndpoint.getCertificate()))) {
                                    z = true;
                                    sMPEndpoint.setCertificate(this.m_sNewCert);
                                    mutableInt.inc();
                                }
                            }
                        }
                        if (z) {
                            commonsArrayList.add(iSMPServiceInformation);
                        }
                    });
                    CommonsTreeSet commonsTreeSet = new CommonsTreeSet();
                    for (ISMPServiceInformation iSMPServiceInformation2 : commonsArrayList) {
                        if (serviceInformationMgr.mergeSMPServiceInformation(iSMPServiceInformation2).isFailure()) {
                            mutableInt2.inc();
                        }
                        commonsTreeSet.add(iSMPServiceInformation2.getServiceGroupID());
                    }
                    if (mutableInt.isGT0()) {
                        IHCNode hcul = new HCUL();
                        Iterator it = commonsTreeSet.iterator();
                        while (it.hasNext()) {
                            hcul.addItem((String) it.next());
                        }
                        HCNodeList addChildren = new HCNodeList().addChildren(new IHCNode[]{div("The old certificate was changed in " + mutableInt.intValue() + " endpoints to the new certificate:"), PageSecureEndpointChangeCertificate._getCertificateDisplay(this.m_sNewCert, this.m_aDisplayLocale), div("Effected service groups are:"), hcul});
                        if (mutableInt2.is0()) {
                            warn = success(addChildren);
                        } else {
                            addChildren.addChildAt(0, h3("Some changes could NOT be saved! Please check the logs!"));
                            warn = error(addChildren);
                        }
                    } else {
                        warn = warn("No endpoint was found that contains the old certificate");
                    }
                    LongRunningJobResult createXML = LongRunningJobResult.createXML(warn);
                    webScoped.close();
                    RUNNING_JOBS.decrementAndGet();
                    return createXML;
                } finally {
                }
            } catch (Throwable th) {
                RUNNING_JOBS.decrementAndGet();
                throw th;
            }
        }

        @Nonnegative
        public static int getRunningJobCount() {
            return RUNNING_JOBS.get();
        }
    }

    public PageSecureEndpointChangeCertificate(@Nonnull @Nonempty String str) {
        super(str, "Bulk change certificate");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Nonnull
    public IValidityIndicator isValidToDisplayPage(@Nonnull WebPageExecutionContext webPageExecutionContext) {
        HCNodeList nodeList = webPageExecutionContext.getNodeList();
        if (SMPMetaManager.getServiceGroupMgr().getSMPServiceGroupCount() > 0) {
            return super.isValidToDisplayPage((IWebPageExecutionContext) webPageExecutionContext);
        }
        nodeList.addChild(warn("No service group is present! At least one service group must be present to change certificates."));
        nodeList.addChild(new BootstrapButton().addChild("Create new service group").setOnClick(AbstractWebPageForm.createCreateURL(webPageExecutionContext, CMenuSecure.MENU_SERVICE_GROUPS)).setIcon(EDefaultIcon.YES));
        return EValidity.INVALID;
    }

    @Nullable
    private static String _getCertificateParsingError(@Nonnull String str) {
        try {
            if (CertificateHelper.convertStringToCertficate(str) != null) {
                return null;
            }
            return "Invalid input string provided";
        } catch (Exception e) {
            return e.getMessage();
        }
    }

    @Nonnull
    private static IHCNode _getCertificateDisplay(@Nullable String str, @Nonnull Locale locale) {
        X509Certificate x509Certificate = null;
        try {
            x509Certificate = CertificateHelper.convertStringToCertficate(str);
        } catch (Exception e) {
        }
        if (x509Certificate == null) {
            String str2 = str.length() > 20 ? str.substring(0, 20) + "..." : str;
            HCDiv addChild = new HCDiv().addChild("Invalid certificate").addChild(str.length() > 20 ? " starting with: " : ": ");
            if (str2.length() > 0) {
                addChild.addChild(new HCCode().addChild(str2));
            } else {
                addChild.addChild(new HCEM().addChild("empty"));
            }
            return addChild;
        }
        OffsetDateTime currentOffsetDateTime = PDTFactory.getCurrentOffsetDateTime();
        OffsetDateTime createOffsetDateTime = PDTFactory.createOffsetDateTime(x509Certificate.getNotBefore());
        OffsetDateTime createOffsetDateTime2 = PDTFactory.createOffsetDateTime(x509Certificate.getNotAfter());
        HCNodeList hCNodeList = new HCNodeList();
        hCNodeList.addChild(new HCDiv().addChild("Issuer: " + SMPCommonUI.getCertIssuer(x509Certificate)));
        hCNodeList.addChild(new HCDiv().addChild("Subject: " + SMPCommonUI.getCertSubject(x509Certificate)));
        hCNodeList.addChild(new HCDiv().addChild("Serial number: " + SMPCommonUI.getCertSerialNumber(x509Certificate)));
        hCNodeList.addChild(new HCDiv().addChild("Not before: ").addChild(SMPCommonUI.getNodeCertNotBefore(createOffsetDateTime, currentOffsetDateTime, locale)));
        hCNodeList.addChild(new HCDiv().addChild("Not after: ").addChild(SMPCommonUI.getNodeCertNotAfter(createOffsetDateTime2, currentOffsetDateTime, locale)));
        return hCNodeList;
    }

    @Nonnull
    private static String _getUnifiedCert(@Nullable String str) {
        return StringHelper.hasNoText(str) ? "" : CertificateHelper.getWithoutPEMHeader(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void fillContent(@Nonnull WebPageExecutionContext webPageExecutionContext) {
        Locale displayLocale = webPageExecutionContext.getDisplayLocale();
        HCNodeList nodeList = webPageExecutionContext.getNodeList();
        ISMPServiceGroupManager serviceGroupMgr = SMPMetaManager.getServiceGroupMgr();
        ISMPServiceInformationManager serviceInformationMgr = SMPMetaManager.getServiceInformationMgr();
        boolean z = true;
        CommonsHashMap commonsHashMap = new CommonsHashMap();
        CommonsHashMap commonsHashMap2 = new CommonsHashMap();
        MutableInt mutableInt = new MutableInt(0);
        serviceInformationMgr.forEachSMPServiceInformation(iSMPServiceInformation -> {
            ISMPServiceGroup sMPServiceGroupOfID = serviceGroupMgr.getSMPServiceGroupOfID(iSMPServiceInformation.getServiceGroupParticipantIdentifier());
            Iterator it = iSMPServiceInformation.getAllProcesses().iterator();
            while (it.hasNext()) {
                for (ISMPEndpoint iSMPEndpoint : ((ISMPProcess) it.next()).getAllEndpoints()) {
                    String _getUnifiedCert = _getUnifiedCert(iSMPEndpoint.getCertificate());
                    ((ICommonsList) commonsHashMap.computeIfAbsent(_getUnifiedCert, str -> {
                        return new CommonsArrayList();
                    })).add(iSMPEndpoint);
                    ((ICommonsSet) commonsHashMap2.computeIfAbsent(_getUnifiedCert, str2 -> {
                        return new CommonsHashSet();
                    })).add(sMPServiceGroupOfID);
                    mutableInt.inc();
                }
            }
        });
        BootstrapButtonToolbar bootstrapButtonToolbar = new BootstrapButtonToolbar(webPageExecutionContext);
        bootstrapButtonToolbar.addButton("Refresh", webPageExecutionContext.getSelfHref(), EDefaultIcon.REFRESH);
        nodeList.addChild(bootstrapButtonToolbar);
        int runningJobCount = BulkChangeCertificate.getRunningJobCount();
        if (runningJobCount > 0) {
            nodeList.addChild(warn((runningJobCount == 1 ? "1 bulk change is" : runningJobCount + " bulk changes are") + " currently running in the background"));
        }
        if (webPageExecutionContext.hasAction("edit")) {
            z = false;
            FormErrorList formErrorList = new FormErrorList();
            String _getUnifiedCert = _getUnifiedCert(webPageExecutionContext.params().getAsString(FIELD_OLD_CERTIFICATE));
            if (webPageExecutionContext.hasSubAction("save")) {
                String asString = webPageExecutionContext.params().getAsString(FIELD_NEW_CERTIFICATE);
                String _getUnifiedCert2 = _getUnifiedCert(asString);
                if (StringHelper.hasNoText(_getUnifiedCert)) {
                    formErrorList.addFieldInfo(FIELD_OLD_CERTIFICATE, "An old certificate must be provided");
                } else {
                    String _getCertificateParsingError = _getCertificateParsingError(_getUnifiedCert);
                    if (_getCertificateParsingError != null) {
                        formErrorList.addFieldInfo(FIELD_OLD_CERTIFICATE, "The old certificate is invalid: " + _getCertificateParsingError);
                    }
                }
                if (StringHelper.hasNoText(_getUnifiedCert2)) {
                    formErrorList.addFieldError(FIELD_NEW_CERTIFICATE, "A new certificate must be provided");
                } else {
                    String _getCertificateParsingError2 = _getCertificateParsingError(_getUnifiedCert2);
                    if (_getCertificateParsingError2 != null) {
                        formErrorList.addFieldError(FIELD_NEW_CERTIFICATE, "The new certificate is invalid: " + _getCertificateParsingError2);
                    } else if (_getUnifiedCert2.equals(_getUnifiedCert)) {
                        formErrorList.addFieldError(FIELD_NEW_CERTIFICATE, "The new certificate is identical to the old certificate");
                    }
                }
                if (formErrorList.containsNoError()) {
                    PhotonWorkerPool.getInstance().run("BulkChangeCertificate", new BulkChangeCertificate(displayLocale, _getUnifiedCert, asString));
                    webPageExecutionContext.postRedirectGetInternal(success().addChildren(new IHCNode[]{div("The bulk change of the endpoint certificate to"), _getCertificateDisplay(_getUnifiedCert2, displayLocale), div("is now running in the background. Please manually refresh the page to see the update.")}));
                }
            }
            int size = CollectionHelper.getSize((ICommonsSet) commonsHashMap2.get(_getUnifiedCert));
            int size2 = CollectionHelper.getSize((Collection) commonsHashMap.get(_getUnifiedCert));
            nodeList.addChild(info("The selected old certificate is currently used in " + size2 + " " + (size2 == 1 ? "endpoint" : CMenuSecure.MENU_ENDPOINTS) + " of " + size + " " + (size == 1 ? "service group" : "service groups") + "."));
            BootstrapForm addAndReturnChild = nodeList.addAndReturnChild(getUIHandler().createFormSelf(webPageExecutionContext));
            addAndReturnChild.setLeft(-1, -1, 12, -1, 2);
            addAndReturnChild.addChild(new HCHiddenField("action", "edit"));
            addAndReturnChild.addChild(new HCHiddenField("action2", "save"));
            addAndReturnChild.addChild(new HCHiddenField(FIELD_OLD_CERTIFICATE, _getUnifiedCert));
            addAndReturnChild.addFormGroup(new BootstrapFormGroup().setLabel("Old certificate").setCtrl(_getCertificateDisplay(_getUnifiedCert, displayLocale)).setHelpText("The old certificate that is to be changed in all matching endpoints").setErrorList(formErrorList.getListOfField(FIELD_OLD_CERTIFICATE)));
            addAndReturnChild.addFormGroup(new BootstrapFormGroup().setLabelMandatory("New certificate").setCtrl(new HCTextArea(new RequestField(FIELD_NEW_CERTIFICATE, _getUnifiedCert)).setRows(10)).setHelpText("The new certificate that is used instead").setErrorList(formErrorList.getListOfField(FIELD_NEW_CERTIFICATE)));
            BootstrapButtonToolbar addAndReturnChild2 = addAndReturnChild.addAndReturnChild(getUIHandler().createToolbar(webPageExecutionContext));
            addAndReturnChild2.addSubmitButton("Save changes", EDefaultIcon.SAVE);
            addAndReturnChild2.addButtonCancel(displayLocale);
        }
        if (z) {
            BootstrapInfoBox info = info();
            IHCNode[] iHCNodeArr = new IHCNode[2];
            iHCNodeArr[0] = div("This page lets you change the certificates of multiple endpoints at once. This is e.g. helpful when the old certificate expired.");
            iHCNodeArr[1] = div("Currently " + (mutableInt.intValue() == 1 ? "1 endpoint is" : mutableInt.intValue() + " endpoints are") + " registered.");
            nodeList.addChild(info.addChildren(iHCNodeArr));
            HCTable id = new HCTable(new IHCCol[]{new DTCol("Certificate").setInitialSorting(ESortOrder.ASCENDING), new DTCol("Service Group Count").setDisplayType(EDTColType.INT, displayLocale), new DTCol("Endpoint Count").setDisplayType(EDTColType.INT, displayLocale), new BootstrapDTColAction(displayLocale)}).setID(getID());
            commonsHashMap.forEach((str, iCommonsList) -> {
                HCRow addBodyRow = id.addBodyRow();
                addBodyRow.addCell(_getCertificateDisplay(str, displayLocale));
                addBodyRow.addCell(Integer.toString(CollectionHelper.getSize((Collection) commonsHashMap2.get(str))));
                addBodyRow.addCell(Integer.toString(iCommonsList.size()));
                addBodyRow.addCell(new HCA(webPageExecutionContext.getSelfHref().add("action", "edit").add(FIELD_OLD_CERTIFICATE, str)).setTitle("Change all endpoints using this certificate").addChild(EDefaultIcon.EDIT.getAsNode()));
            });
            nodeList.addChild(id).addChild(BootstrapDataTables.createDefaultDataTables(webPageExecutionContext, id));
        }
    }
}
