package fr.in2p3.jsaga.adaptor.cream.job;

import eu.emi.security.authn.x509.impl.CertificateUtils;
import eu.emi.security.authn.x509.impl.PEMCredential;
import eu.emi.security.authn.x509.proxy.ProxyGenerator;
import eu.emi.security.authn.x509.proxy.ProxyRequestOptions;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.StringReader;
import java.net.MalformedURLException;
import java.net.URL;
import java.rmi.RemoteException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import org.apache.axis2.AxisFault;
import org.bouncycastle.jce.PKCS10CertificationRequest;
import org.bouncycastle.openssl.PEMReader;
import org.glite.ce.security.delegation.DelegationException_Fault;
import org.glite.ce.security.delegation.DelegationServiceStub;
import org.globus.gsi.CredentialException;
import org.globus.gsi.X509Credential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.ietf.jgss.GSSCredential;
import org.ogf.saga.error.AuthenticationFailedException;
import org.ogf.saga.error.BadParameterException;
import org.ogf.saga.error.NoSuccessException;

/* loaded from: input_file:fr/in2p3/jsaga/adaptor/cream/job/DelegationStub.class */
public class DelegationStub {
    public static final String ANY_VO = null;
    private File m_proxyFile;
    private DelegationServiceStub m_stub;

    public DelegationStub(String str, int i, String str2) throws BadParameterException, NoSuccessException {
        this.m_proxyFile = getDlgorFile(str, str2);
        try {
            this.m_stub = new DelegationServiceStub(new URL("https", str, i, "/ce-cream/services/gridsite-delegation").toString());
        } catch (MalformedURLException e) {
            throw new NoSuccessException(e);
        } catch (AxisFault e2) {
            throw new NoSuccessException(e2);
        }
    }

    public void destroy(DelegationServiceStub.Destroy destroy) throws RemoteException, DelegationException_Fault {
        this.m_stub.destroy(destroy);
    }

    public String renewDelegation(String str, GSSCredential gSSCredential) throws AuthenticationFailedException {
        if (!(gSSCredential instanceof GlobusGSSCredentialImpl)) {
            throw new AuthenticationFailedException("Not a globus proxy: " + gSSCredential.getClass());
        }
        X509Credential x509Credential = ((GlobusGSSCredentialImpl) gSSCredential).getX509Credential();
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.m_proxyFile);
            x509Credential.save(fileOutputStream);
            fileOutputStream.close();
            String str2 = null;
            try {
                DelegationServiceStub.GetTerminationTime getTerminationTime = new DelegationServiceStub.GetTerminationTime();
                getTerminationTime.setDelegationID(str);
                if (this.m_stub.getTerminationTime(getTerminationTime).getGetTerminationTimeReturn().before(Calendar.getInstance())) {
                    DelegationServiceStub.RenewProxyReq renewProxyReq = new DelegationServiceStub.RenewProxyReq();
                    renewProxyReq.setDelegationID(str);
                    str2 = this.m_stub.renewProxyReq(renewProxyReq).getRenewProxyReqReturn();
                }
            } catch (RemoteException e) {
                if (e.getMessage() == null || !e.getMessage().contains("not found")) {
                    throw new AuthenticationFailedException(e.getMessage(), e);
                }
                try {
                    DelegationServiceStub.GetProxyReq getProxyReq = new DelegationServiceStub.GetProxyReq();
                    getProxyReq.setDelegationID(str);
                    str2 = this.m_stub.getProxyReq(getProxyReq).getGetProxyReqReturn();
                } catch (DelegationException_Fault e2) {
                    throw new AuthenticationFailedException(e);
                } catch (RemoteException e3) {
                    throw new AuthenticationFailedException(e);
                }
            } catch (DelegationException_Fault e4) {
                if (e4.getMessage() == null || !e4.getMessage().startsWith("Failed to find delegation ID")) {
                    throw new AuthenticationFailedException(e4.getMessage(), e4);
                }
                try {
                    DelegationServiceStub.GetProxyReq getProxyReq2 = new DelegationServiceStub.GetProxyReq();
                    getProxyReq2.setDelegationID(str);
                    str2 = this.m_stub.getProxyReq(getProxyReq2).getGetProxyReqReturn();
                } catch (DelegationException_Fault e5) {
                    throw new AuthenticationFailedException(e4);
                } catch (RemoteException e6) {
                    throw new AuthenticationFailedException(e4);
                }
            }
            if (str2 == null) {
                return null;
            }
            int timeLeft = ((int) (x509Credential.getTimeLeft() / 3600)) - 1;
            if (timeLeft < 0) {
                throw new AuthenticationFailedException("Proxy is expired or about to expire: " + x509Credential.getIdentity());
            }
            try {
                return signRequest(str2, str, timeLeft);
            } catch (IOException e7) {
                throw new AuthenticationFailedException(e7);
            } catch (InvalidKeyException e8) {
                throw new AuthenticationFailedException(e8);
            } catch (KeyStoreException e9) {
                throw new AuthenticationFailedException(e9);
            } catch (NoSuchAlgorithmException e10) {
                throw new AuthenticationFailedException(e10);
            } catch (NoSuchProviderException e11) {
                throw new AuthenticationFailedException(e11);
            } catch (SignatureException e12) {
                throw new AuthenticationFailedException(e12);
            } catch (CertificateException e13) {
                throw new AuthenticationFailedException(e13);
            }
        } catch (CredentialException e14) {
            throw new AuthenticationFailedException(e14);
        } catch (IOException e15) {
            throw new AuthenticationFailedException(e15);
        }
    }

    public void putProxy(String str, String str2) throws NoSuccessException {
        DelegationServiceStub.PutProxy putProxy = new DelegationServiceStub.PutProxy();
        putProxy.setDelegationID(str);
        putProxy.setProxy(str2);
        try {
            this.m_stub.putProxy(putProxy);
        } catch (RemoteException e) {
            throw new NoSuccessException(e);
        } catch (DelegationException_Fault e2) {
            throw new NoSuccessException(e2);
        }
    }

    public static File getDlgorFile(String str, String str2) {
        return str2 != null ? new File(System.getProperty("java.io.tmpdir"), "dlgor_" + str + "_" + str2 + "_" + System.getProperty("user.name")) : new File(System.getProperty("java.io.tmpdir"), "dlgor_" + str + "_" + System.getProperty("user.name"));
    }

    private String signRequest(String str, String str2, int i) throws IOException, KeyStoreException, CertificateException, InvalidKeyException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(this.m_proxyFile);
            PEMCredential pEMCredential = new PEMCredential(fileInputStream, (char[]) null);
            PrivateKey key = pEMCredential.getKey();
            X509Certificate[] certificateChain = pEMCredential.getCertificateChain();
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            ProxyRequestOptions proxyRequestOptions = new ProxyRequestOptions(certificateChain, (PKCS10CertificationRequest) new PEMReader(new StringReader(str)).readObject());
            proxyRequestOptions.setLifetime(i * 3600);
            X509Certificate[] generate = ProxyGenerator.generate(proxyRequestOptions, key);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            for (X509Certificate x509Certificate : generate) {
                CertificateUtils.saveCertificate(byteArrayOutputStream, x509Certificate, CertificateUtils.Encoding.PEM);
            }
            return byteArrayOutputStream.toString();
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }
}
