package org.openfact.keys;

import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.List;
import org.openfact.component.ComponentModel;
import org.openfact.keys.KeyMetadata;
import org.openfact.models.OrganizationModel;

/* loaded from: input_file:WEB-INF/lib/openfact-integration-1.0.RC26.jar:org/openfact/keys/AbstractRsaKeyProvider.class */
public abstract class AbstractRsaKeyProvider implements RsaKeyProvider {
    private final boolean enabled;
    private final boolean active;
    private final ComponentModel model;
    private final Keys keys;

    /* loaded from: input_file:WEB-INF/lib/openfact-integration-1.0.RC26.jar:org/openfact/keys/AbstractRsaKeyProvider$Keys.class */
    public static class Keys {
        private String kid;
        private KeyPair keyPair;
        private X509Certificate certificate;

        public Keys(String str, KeyPair keyPair, X509Certificate x509Certificate) {
            this.kid = str;
            this.keyPair = keyPair;
            this.certificate = x509Certificate;
        }

        public String getKid() {
            return this.kid;
        }

        public KeyPair getKeyPair() {
            return this.keyPair;
        }

        public X509Certificate getCertificate() {
            return this.certificate;
        }
    }

    public AbstractRsaKeyProvider(OrganizationModel organizationModel, ComponentModel componentModel) {
        this.model = componentModel;
        this.enabled = componentModel.get("enabled", true);
        this.active = componentModel.get(Attributes.ACTIVE_KEY, true);
        if (componentModel.hasNote(Keys.class.getName())) {
            this.keys = (Keys) componentModel.getNote(Keys.class.getName());
        } else {
            this.keys = loadKeys(organizationModel, componentModel);
            componentModel.setNote(Keys.class.getName(), this.keys);
        }
    }

    protected abstract Keys loadKeys(OrganizationModel organizationModel, ComponentModel componentModel);

    @Override // org.openfact.keys.KeyProvider
    public final String getKid() {
        if (isActive()) {
            return this.keys.getKid();
        }
        return null;
    }

    @Override // org.openfact.keys.RsaKeyProvider
    public final PrivateKey getPrivateKey() {
        if (isActive()) {
            return this.keys.getKeyPair().getPrivate();
        }
        return null;
    }

    @Override // org.openfact.keys.RsaKeyProvider
    public final PublicKey getPublicKey(String str) {
        if (isEnabled() && str.equals(this.keys.getKid())) {
            return this.keys.getKeyPair().getPublic();
        }
        return null;
    }

    @Override // org.openfact.keys.RsaKeyProvider
    public X509Certificate getCertificate(String str) {
        if (isEnabled() && str.equals(this.keys.getKid())) {
            return this.keys.getCertificate();
        }
        return null;
    }

    @Override // org.openfact.keys.KeyProvider
    public final List<RsaKeyMetadata> getKeyMetadata() {
        String kid = this.keys.getKid();
        PublicKey publicKey = this.keys.getKeyPair().getPublic();
        if (kid == null || publicKey == null) {
            return Collections.emptyList();
        }
        RsaKeyMetadata rsaKeyMetadata = new RsaKeyMetadata();
        rsaKeyMetadata.setProviderId(this.model.getId());
        rsaKeyMetadata.setProviderPriority(this.model.get("priority", 0L));
        rsaKeyMetadata.setKid(kid);
        if (isActive()) {
            rsaKeyMetadata.setStatus(KeyMetadata.Status.ACTIVE);
        } else if (isEnabled()) {
            rsaKeyMetadata.setStatus(KeyMetadata.Status.PASSIVE);
        } else {
            rsaKeyMetadata.setStatus(KeyMetadata.Status.DISABLED);
        }
        rsaKeyMetadata.setPublicKey(publicKey);
        rsaKeyMetadata.setCertificate(this.keys.getCertificate());
        return Collections.singletonList(rsaKeyMetadata);
    }

    private boolean isEnabled() {
        return this.keys != null && this.enabled;
    }

    private boolean isActive() {
        return isEnabled() && this.active;
    }
}
