package net.savignano.snotify.jira.gui.webwork;

import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.project.Project;
import com.atlassian.jira.security.request.RequestMethod;
import com.atlassian.jira.security.request.SupportedMethods;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.mail.server.SMTPMailServer;
import com.atlassian.velocity.htmlsafe.HtmlSafe;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import net.savignano.snotify.atlassian.common.ASnotifyAppProperties;
import net.savignano.snotify.atlassian.common.Constants;
import net.savignano.snotify.atlassian.common.EProperty;
import net.savignano.snotify.atlassian.common.ISnotifyProjectProperties;
import net.savignano.snotify.atlassian.common.enums.ECryptographyType;
import net.savignano.snotify.atlassian.common.enums.EEncryptionTypePriority;
import net.savignano.snotify.atlassian.common.util.SecurityUtil;
import net.savignano.snotify.atlassian.gui.keysource.verification.VerificationStatus;
import net.savignano.snotify.atlassian.gui.keysource.verification.pgp.PgpPrivateKeyStoreVerification;
import net.savignano.snotify.atlassian.gui.keysource.verification.smime.SmimeKeyStoreVerification;
import net.savignano.snotify.atlassian.gui.templates.handler.IValueHandler;
import net.savignano.snotify.atlassian.gui.templates.handler.IValueHandlerProvider;
import net.savignano.snotify.atlassian.gui.templates.handler.impl.InputHandler;
import net.savignano.snotify.atlassian.gui.templates.handler.impl.PasswordHandler;
import net.savignano.snotify.atlassian.gui.templates.handler.impl.ValueHandlerWrapper;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@SupportedMethods({RequestMethod.GET, RequestMethod.POST})
/* loaded from: input_file:net/savignano/snotify/jira/gui/webwork/SnotifyPrivateKeystoreSettingsAction.class */
public class SnotifyPrivateKeystoreSettingsAction extends SnotifyAdminSettingsAction implements IValueHandlerProvider {
    private static final long serialVersionUID = 2874223266868307983L;
    private static final String SMIME_PRIVATE_KEYSTORE_LOCATION_ID = "smimePrivateKeystoreLocation";
    private static final String SMIME_PRIVATE_KEYSTORE_PASSWORD_ID = "smimePrivateKeystorePassword";
    private static final String PGP_PRIVATE_KEYSTORE_LOCATION_ID = "pgpPrivateKeystoreLocation";
    private static final String PGP_PRIVATE_KEY_PASSWORD_ID = "pgpPrivateKeyPassword";
    private static final String VERIFY_PGP_BUTTON_PARAM = "Test settings pgp";
    private static final String VERIFY_SMIME_BUTTON_PARAM = "Test settings smime";
    private static final String CLEAR_CACHE_PGP_BUTTON_PARAM = "Clear Cache pgp";
    private static final String CLEAR_CACHE_SMIME_PARAM = "Clear Cache smime";
    private static final String SUBMIT_PGP_BUTTON_PARAM = "Update pgp";
    private static final String SUBMIT_SMIME_BUTTON_PARAM = "Update smime";
    private static final Logger log = LoggerFactory.getLogger(SnotifyPrivateKeystoreSettingsAction.class);

    @Inject
    private ISnotifyProjectProperties projectProps;
    private ValueHandlerWrapper valueWrapper;
    private String verifyMessage;
    private boolean expireKeys;
    private EEncryptionTypePriority typePriority;
    private ECryptographyType lastSubmit;
    private List<String> emails;

    @SupportedMethods({RequestMethod.GET})
    public String doInput() {
        if (hasAdminRights()) {
            createValueHandlers();
            this.valueWrapper.read();
            return "input";
        }
        ApplicationUser loggedInUser = getLoggedInUser();
        log.warn("Unauthorized access to view global S/Notify values from user: {}", loggedInUser != null ? loggedInUser.getDisplayName() : "<Unknown User>");
        return "error";
    }

    @SupportedMethods({RequestMethod.POST})
    public String doSubmit() {
        HttpServletRequest httpRequest = getHttpRequest();
        if (!"POST".equals(httpRequest.getMethod())) {
            log.debug("Access to submit method redirected to input method, as request method wasn't 'POST'. Used method: " + httpRequest.getMethod());
            return doInput();
        }
        if (!hasAdminRights()) {
            ApplicationUser loggedInUser = getLoggedInUser();
            log.warn("Unauthorized access to submit server S/Notify values from user: {}", loggedInUser != null ? loggedInUser.getDisplayName() : "<Unknown User>");
            return "error";
        }
        createValueHandlers();
        this.valueWrapper.receive(httpRequest);
        clearCache();
        if (httpRequest.getParameter(SUBMIT_PGP_BUTTON_PARAM) != null) {
            this.lastSubmit = ECryptographyType.PGP;
            storeSettings();
            return "input";
        }
        if (httpRequest.getParameter(SUBMIT_SMIME_BUTTON_PARAM) != null) {
            this.lastSubmit = ECryptographyType.SMIME;
            storeSettings();
            return "input";
        }
        if (httpRequest.getParameter(VERIFY_PGP_BUTTON_PARAM) != null) {
            this.lastSubmit = ECryptographyType.PGP;
            verifySettings(this.valueWrapper);
            return "input";
        }
        if (httpRequest.getParameter(VERIFY_SMIME_BUTTON_PARAM) != null) {
            this.lastSubmit = ECryptographyType.SMIME;
            verifySettings(this.valueWrapper);
            return "input";
        }
        if (httpRequest.getParameter(CLEAR_CACHE_PGP_BUTTON_PARAM) != null) {
            this.lastSubmit = ECryptographyType.PGP;
            this.expireKeys = true;
            return "input";
        }
        if (httpRequest.getParameter(CLEAR_CACHE_SMIME_PARAM) == null) {
            log.error("Unknown submit option used.");
            return "input";
        }
        this.lastSubmit = ECryptographyType.SMIME;
        this.expireKeys = true;
        return "input";
    }

    private void createValueHandlers() {
        if (this.valueWrapper != null) {
            return;
        }
        this.valueWrapper = new ValueHandlerWrapper();
        this.valueWrapper.add(new InputHandler(SMIME_PRIVATE_KEYSTORE_LOCATION_ID, getAppProps(), EProperty.PRIVATE_SMIME_KEYSTORE_LOCATION));
        this.valueWrapper.add(new PasswordHandler(SMIME_PRIVATE_KEYSTORE_PASSWORD_ID, (ASnotifyAppProperties) getAppProps(), EProperty.PRIVATE_SMIME_KEY_PASSWORD));
        this.valueWrapper.add(new InputHandler(PGP_PRIVATE_KEYSTORE_LOCATION_ID, getAppProps(), EProperty.PRIVATE_PGP_KEYSTORE_LOCATION));
        this.valueWrapper.add(new PasswordHandler(PGP_PRIVATE_KEY_PASSWORD_ID, (ASnotifyAppProperties) getAppProps(), EProperty.PRIVATE_PGP_KEY_PASSWORD));
    }

    private void storeSettings() {
        this.valueWrapper.store();
        this.valueWrapper.read();
        setShowUpdated(true);
    }

    private void verifySettings(IValueHandlerProvider iValueHandlerProvider) {
        ArrayList arrayList = new ArrayList();
        String str = (String) iValueHandlerProvider.getValue(SMIME_PRIVATE_KEYSTORE_LOCATION_ID);
        if (StringUtils.isNotBlank(str)) {
            char[] cArr = (char[]) iValueHandlerProvider.getValue(SMIME_PRIVATE_KEYSTORE_PASSWORD_ID);
            arrayList.addAll(verifySmimePrivateKeystore(str, cArr));
            SecurityUtil.clearPassword(cArr);
        }
        String str2 = (String) iValueHandlerProvider.getValue(PGP_PRIVATE_KEYSTORE_LOCATION_ID);
        if (StringUtils.isNotBlank(str2)) {
            char[] cArr2 = (char[]) iValueHandlerProvider.getValue(PGP_PRIVATE_KEY_PASSWORD_ID);
            arrayList.addAll(verifyPgpPrivateKeystore(str2, cArr2));
            SecurityUtil.clearPassword(cArr2);
        }
        StringBuilder sb = new StringBuilder(512 * arrayList.size());
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            sb.append(((VerificationStatus) it.next()).getHtmlStatus());
        }
        this.verifyMessage = sb.toString();
    }

    private List<VerificationStatus> verifySmimePrivateKeystore(String str, char[] cArr) {
        log.info("Verifying S/MIME private key store at location: {}", str);
        SmimeKeyStoreVerification smimeKeyStoreVerification = new SmimeKeyStoreVerification(str, Constants.P12_KEYSTORE_TYPE, getSnotifyI18n());
        smimeKeyStoreVerification.getEmails().addAll(getEmails());
        smimeKeyStoreVerification.setEnablePrivateKeyCheck(true);
        smimeKeyStoreVerification.setKeyStorePassword(cArr);
        smimeKeyStoreVerification.setKeyPassword(cArr);
        return smimeKeyStoreVerification.verify();
    }

    private List<VerificationStatus> verifyPgpPrivateKeystore(String str, char[] cArr) {
        log.info("Verifying PGP private key store at location: {}", str);
        PgpPrivateKeyStoreVerification pgpPrivateKeyStoreVerification = new PgpPrivateKeyStoreVerification(str, getSnotifyI18n());
        pgpPrivateKeyStoreVerification.getEmails().addAll(getEmails());
        pgpPrivateKeyStoreVerification.setPassword(cArr);
        return pgpPrivateKeyStoreVerification.verify();
    }

    private void clearCache() {
        getAppProps().setLong(EProperty.EXPIRE_KEYS_PRIVATE_TIMESTAMP, Long.valueOf(System.currentTimeMillis()));
    }

    private EEncryptionTypePriority getTypePriority() {
        if (this.typePriority == null) {
            this.typePriority = (EEncryptionTypePriority) getAppProps().getEnum(EProperty.ENCRYPTION_TYPE_PRIORITY, EEncryptionTypePriority.class);
        }
        return this.typePriority;
    }

    private List<String> getEmails() {
        if (this.emails == null) {
            this.emails = new ArrayList();
            String mailServerEmail = getMailServerEmail();
            if (mailServerEmail != null) {
                this.emails.add(mailServerEmail);
            }
            if (getAppProps().getBoolean(EProperty.ENABLE_PROJECT_SPECIFIC_ENCRYPTION)) {
                this.emails.addAll(getProjectEmails());
            }
        }
        return this.emails;
    }

    private String getMailServerEmail() {
        SMTPMailServer defaultSMTPMailServer = ComponentAccessor.getMailServerManager().getDefaultSMTPMailServer();
        if (defaultSMTPMailServer == null) {
            log.debug("No outgoing mail server registered. Could not determine sending address.");
            return null;
        }
        String defaultFrom = defaultSMTPMailServer.getDefaultFrom();
        log.debug("Mail addressed used by default mail server: <{}>", defaultFrom);
        return defaultFrom;
    }

    private List<String> getProjectEmails() {
        boolean z = getAppProps().getBoolean(EProperty.DEFAULT_PROJECT_ENCRYPTION_STATE);
        ArrayList arrayList = new ArrayList();
        for (Project project : ComponentAccessor.getProjectManager().getProjects()) {
            String key = project.getKey();
            if (this.projectProps.getBoolean(EProperty.PROJECT_ENABLE_ENCRYPTION, z, key)) {
                String email = project.getEmail();
                log.debug("Email used for project {}: <{}>", key, email);
                if (email != null) {
                    arrayList.add(email);
                }
            }
        }
        return arrayList;
    }

    @Override // net.savignano.snotify.atlassian.gui.templates.handler.IValueHandlerProvider
    public <T> IValueHandler<T> getValueHandler(String str) {
        return this.valueWrapper.getValueHandler(str);
    }

    public boolean isSmimeSelected() {
        if (this.lastSubmit == ECryptographyType.SMIME) {
            return true;
        }
        if (this.lastSubmit == ECryptographyType.PGP) {
            return false;
        }
        switch (getTypePriority()) {
            case SMIME_ONLY:
            case SMIME_PREFERED:
                return true;
            case PGP_ONLY:
            case PGP_PREFERED:
                return false;
            default:
                log.error("Type priority not yet implemented: {}", getTypePriority());
                return false;
        }
    }

    public boolean isPgpSelected() {
        if (this.lastSubmit == ECryptographyType.PGP) {
            return true;
        }
        if (this.lastSubmit == ECryptographyType.SMIME) {
            return false;
        }
        switch (getTypePriority()) {
            case SMIME_ONLY:
            case SMIME_PREFERED:
                return false;
            case PGP_ONLY:
            case PGP_PREFERED:
                return true;
            default:
                log.error("Type priority not yet implemented: {}", getTypePriority());
                return false;
        }
    }

    public boolean isShowExpireCacheInfo() {
        return this.expireKeys;
    }

    public boolean isShowLeavingPageWarning() {
        return this.verifyMessage != null;
    }

    @HtmlSafe
    public String getVerificationMessage() {
        return this.verifyMessage == null ? "" : this.verifyMessage;
    }
}
