package de.governikus.autent.sdk.eidservice.config;

import de.governikus.autent.sdk.eidservice.exceptions.ConfigurationException;
import de.governikus.autent.sdk.eidservice.wrapper.KeyStoreAccessor;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/governikus/autent/sdk/eidservice/config/EidServiceConfigHandler.class */
public class EidServiceConfigHandler {
    private static final Logger log = LoggerFactory.getLogger(EidServiceConfigHandler.class);
    protected EidServiceConfiguration configuration;

    public EidServiceConfigHandler(EidServiceConfiguration eidServiceConfiguration) {
        this.configuration = eidServiceConfiguration;
    }

    public void validateConfiguration() {
        validateWsdlEndpointUrl();
        validateEidWebServiceUrl();
    }

    private void validateWsdlEndpointUrl() {
        validateUrl(getConfiguration().getEidServiceWsdlUrl(), "\nthis URL must point to the WSDL of the eid-webservice on the autent-server.", "WSDL-url");
    }

    private void validateEidWebServiceUrl() {
        validateUrl(getConfiguration().getEidServiceUrl(), "\nthis URL must point to the WSDL of the eid-webservice on the autent-server.", "eid-service-url");
        if (!getConfiguration().getEidServiceUrl().startsWith("https")) {
            throw new ConfigurationException("the URL pointing to the EID webservice MUST be accessed with HTTPS! '" + getConfiguration().getEidServiceUrl() + "'");
        }
    }

    private void validateUrl(String str, String str2, String str3) {
        if (StringUtils.isBlank(str)) {
            throw new ConfigurationException(str3 + " must not be blank! " + str2);
        }
        try {
            new URL(str);
        } catch (MalformedURLException e) {
            throw new ConfigurationException(str3 + " is not a valid URL: '" + str + "'" + str2, e);
        }
    }

    public void logConfiguration() {
        if (log.isDebugEnabled()) {
            log.debug("using WSDL-URL: {}", getConfiguration().getEidServiceWsdlUrl());
            log.debug("using eID-Service-URL: {}", getConfiguration().getEidServiceUrl());
            log.debug("using webservice features: {}", Arrays.toString(getConfiguration().getEidWebServiceFeatures()));
            log.debug("using XML signature verification ceritificate: {}", getConfiguration().getXmlSignatureVerificationCertificate());
            KeyStore truststore = getConfiguration().getTruststore();
            if (truststore == null) {
                log.warn("no additional truststore information have been provided");
            } else {
                log.debug("using truststore with aliases: {}", toAliasList(truststore, "Truststore not initialized"));
            }
            KeyStoreAccessor xmlSignatureCreationKeystore = getConfiguration().getXmlSignatureCreationKeystore();
            if (xmlSignatureCreationKeystore == null || xmlSignatureCreationKeystore.getKeyStore() == null) {
                log.warn("no keystore provided for XML signature creation. Service calls will probably fail");
            } else {
                log.debug("using XML signature creation keystore with aliases: {}", toAliasList(xmlSignatureCreationKeystore.getKeyStore(), "XML signature Keystore not initialized"));
            }
            KeyStoreAccessor sslKeystoreForMutualTlsAuthentication = getConfiguration().getSslKeystoreForMutualTlsAuthentication();
            if (sslKeystoreForMutualTlsAuthentication == null || sslKeystoreForMutualTlsAuthentication.getKeyStore() == null) {
                log.warn("no keystore provided for client authentication");
            } else {
                log.debug("using keystore for mutual client authentication with aliases: {}", toAliasList(sslKeystoreForMutualTlsAuthentication.getKeyStore(), "Keystore for mutual client authentication not initialized"));
            }
        }
    }

    private List<String> toAliasList(KeyStore keyStore, String str) {
        ArrayList arrayList = new ArrayList();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                arrayList.add(aliases.nextElement());
            }
            return arrayList;
        } catch (KeyStoreException e) {
            throw new IllegalArgumentException(str, e);
        }
    }

    public EidServiceConfiguration getConfiguration() {
        return this.configuration;
    }
}
