package org.nuxeo.ecm.platform.signature.web.sign;

import java.io.IOException;
import java.io.Serializable;
import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.faces.context.FacesContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.international.StatusMessage;
import org.nuxeo.ecm.core.api.Blob;
import org.nuxeo.ecm.core.api.ClientException;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.ListDiff;
import org.nuxeo.ecm.core.api.blobholder.BlobHolder;
import org.nuxeo.ecm.core.api.impl.blob.FileBlob;
import org.nuxeo.ecm.core.event.EventProducer;
import org.nuxeo.ecm.core.event.impl.DocumentEventContext;
import org.nuxeo.ecm.platform.signature.api.exception.CertException;
import org.nuxeo.ecm.platform.signature.api.exception.SignException;
import org.nuxeo.ecm.platform.signature.api.pki.CertService;
import org.nuxeo.ecm.platform.signature.api.sign.SignatureService;
import org.nuxeo.ecm.platform.signature.api.user.CUserService;
import org.nuxeo.ecm.platform.ui.web.api.NavigationContext;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.ecm.webapp.helpers.ResourcesAccessor;
import org.nuxeo.runtime.api.Framework;

@Name("signActions")
@Scope(ScopeType.CONVERSATION)
/* loaded from: input_file:org/nuxeo/ecm/platform/signature/web/sign/SignActions.class */
public class SignActions implements Serializable {
    private static final long serialVersionUID = 2;
    private static final Log LOG = LogFactory.getLog(SignActions.class);

    @In(create = true)
    protected transient SignatureService signatureService;

    @In(create = true)
    protected transient CUserService cUserService;

    @In(create = true)
    protected transient CertService certService;

    @In(create = true)
    protected transient NavigationContext navigationContext;

    @In(create = true)
    protected ResourcesAccessor resourcesAccessor;

    @In(create = true, required = false)
    protected FacesMessages facesMessages;

    @In(create = true)
    protected transient UserManager userManager;
    public static final String DOCUMENT_SIGNED = "documentSigned";
    public static final String CATEGORY = "Document";
    public static final String DOCUMENT_SIGNED_COMMENT = "PDF signed";

    public void signCurrentDoc(String str, String str2) throws SignException, ClientException {
        DocumentModel currentDocument = this.navigationContext.getCurrentDocument();
        if (currentDocument == null) {
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.document.missing"), new Object[0]);
        }
        try {
            Blob blob = ((BlobHolder) currentDocument.getAdapter(BlobHolder.class)).getBlob();
            if (blob == null) {
                this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.attachments.missing"), new Object[0]);
            } else {
                if (!blob.getMimeType().equals("application/pdf")) {
                    this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.pdf.warning"), new Object[0]);
                }
                FileBlob fileBlob = new FileBlob(this.signatureService.signPDF(getCurrentUser(), str2, str, blob.getStream()));
                archiveOriginal(currentDocument, blob, fileBlob);
                this.navigationContext.saveCurrentDocument();
                notifyEvent(DOCUMENT_SIGNED, currentDocument, new HashMap(), DOCUMENT_SIGNED_COMMENT);
                this.facesMessages.add(StatusMessage.Severity.INFO, fileBlob.getFilename() + " " + ((String) this.resourcesAccessor.getMessages().get("notification.sign.signed")), new Object[0]);
            }
        } catch (CertException e) {
            LOG.info("PDF SIGNING PROBLEM. CERTIFICATE ACCESS PROBLEM" + e);
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("notification.sign.certificate.access.problem"), new Object[0]);
        } catch (IOException e2) {
            LOG.info("PDF SIGNING PROBLEM:" + e2);
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("notification.sign.problem"), new Object[0]);
        } catch (SignException e3) {
            LOG.info("PDF signing problem:" + e3);
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("notification.sign.problem"), new Object[0]);
        } catch (ClientException e4) {
            LOG.info("PDF SIGNING PROBLEM:" + e4);
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("notification.sign.problem"), new Object[0]);
        }
    }

    protected DocumentModel archiveOriginal(DocumentModel documentModel, Blob blob, Blob blob2) throws ClientException {
        blob2.setFilename(blob.getFilename());
        blob2.setEncoding(blob.getEncoding());
        blob2.setMimeType(blob.getMimeType());
        HashMap hashMap = new HashMap();
        hashMap.put("filename", "Previous-name-before-" + (getCurrentUser().getProperty("user", "firstName") + "_" + getCurrentUser().getProperty("user", "lastName")) + "-signed-on-" + DateFormat.getDateInstance().format(new Date()) + "-" + blob.getFilename());
        ListDiff listDiff = new ListDiff();
        hashMap.put("file", blob);
        listDiff.add(hashMap);
        documentModel.setProperty("files", "files", listDiff);
        ((BlobHolder) documentModel.getAdapter(BlobHolder.class)).setBlob(blob2);
        return documentModel;
    }

    public boolean isPDFSignedByCurrentUser() throws SignException, ClientException {
        return isPDFSigned(true);
    }

    public boolean isPDFSigned() throws SignException, ClientException {
        return isPDFSigned(false);
    }

    protected boolean isPDFSigned(boolean z) throws SignException, ClientException {
        boolean z2 = false;
        DocumentModel currentDocument = this.navigationContext.getCurrentDocument();
        if (currentDocument == null) {
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.document.missing"), new Object[0]);
        }
        Blob blob = ((BlobHolder) currentDocument.getAdapter(BlobHolder.class)).getBlob();
        if (blob == null) {
            this.facesMessages.add(StatusMessage.Severity.WARN, "Your document does not contain any attachments", new Object[0]);
        } else if (blob.getMimeType() == null) {
            this.facesMessages.add(StatusMessage.Severity.INFO, (String) this.resourcesAccessor.getMessages().get("label.sign.document.mime"), new Object[0]);
        } else if (!blob.getMimeType().equals("application/pdf")) {
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.pdf.warning"), new Object[0]);
        } else if (blob.getLength() == 0) {
            this.facesMessages.add("The file is empty", new Object[0]);
        } else {
            try {
                List<X509Certificate> pDFCertificates = this.signatureService.getPDFCertificates(blob.getStream());
                if (pDFCertificates.size() > 0) {
                    if (z) {
                        return containsCurrentPrincipal(pDFCertificates);
                    }
                    z2 = true;
                }
            } catch (IOException e) {
                throw new SignException(e);
            }
        }
        return z2;
    }

    protected boolean containsCurrentPrincipal(List<X509Certificate> list) throws ClientException {
        String str = (String) getCurrentUser().getProperty("user", "email");
        if (str == null || str.length() == 0) {
            return false;
        }
        Iterator<X509Certificate> it = list.iterator();
        while (it.hasNext()) {
            if (str.equals(this.certService.getCertificateEmail(it.next()))) {
                return true;
            }
        }
        return false;
    }

    public List<String> getPDFCertificateList() throws SignException, ClientException {
        ArrayList arrayList = new ArrayList();
        DocumentModel currentDocument = this.navigationContext.getCurrentDocument();
        if (currentDocument == null) {
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.document.missing"), new Object[0]);
        }
        Blob blob = ((BlobHolder) currentDocument.getAdapter(BlobHolder.class)).getBlob();
        if (blob == null) {
            this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.attachments.missing"), new Object[0]);
        } else {
            if (!blob.getMimeType().equals("application/pdf")) {
                this.facesMessages.add(StatusMessage.Severity.ERROR, (String) this.resourcesAccessor.getMessages().get("label.sign.pdf.warning"), new Object[0]);
            }
            try {
                Iterator it = this.signatureService.getPDFCertificates(blob.getStream()).iterator();
                while (it.hasNext()) {
                    arrayList.add(getCertificateInfo((X509Certificate) it.next()));
                }
            } catch (IOException e) {
                throw new SignException(e);
            }
        }
        return arrayList;
    }

    protected EventProducer getEventProducer() throws ClientException {
        try {
            return (EventProducer) Framework.getService(EventProducer.class);
        } catch (Exception e) {
            throw new ClientException(e);
        }
    }

    protected void notifyEvent(String str, DocumentModel documentModel, Map<String, Serializable> map, String str2) throws ClientException {
        map.put("comment", str2);
        map.put("category", "eventDocumentCategory");
        DocumentEventContext documentEventContext = new DocumentEventContext(documentModel.getCoreSession(), documentModel.getCoreSession().getPrincipal(), documentModel);
        documentEventContext.setProperties(map);
        try {
            getEventProducer().fireEvent(documentEventContext.newEvent(str));
        } catch (ClientException e) {
            LOG.error("Error firing an audit event", e);
        }
    }

    DocumentModel getCurrentUser() throws ClientException {
        return this.userManager.getUserModel(FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal().getName());
    }

    String getCertificateInfo(X509Certificate x509Certificate) {
        return "This certificate belongs to" + x509Certificate.getSubjectDN() + ". It was issued by " + x509Certificate.getIssuerDN() + ". It will expire on " + x509Certificate.getNotAfter();
    }
}
