package no.difi.certvalidator;

import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.transform.stream.StreamSource;
import net.klakegg.pkix.ocsp.OcspClient;
import net.klakegg.pkix.ocsp.api.OcspFetcher;
import net.klakegg.pkix.ocsp.builder.Builder;
import no.difi.certvalidator.api.CertificateBucket;
import no.difi.certvalidator.api.CertificateValidationException;
import no.difi.certvalidator.api.ErrorHandler;
import no.difi.certvalidator.api.Order;
import no.difi.certvalidator.api.ValidatorRecipeParser;
import no.difi.certvalidator.api.ValidatorRule;
import no.difi.certvalidator.api.ValidatorRuleParser;
import no.difi.certvalidator.jaxb.BlacklistType;
import no.difi.certvalidator.jaxb.CachedType;
import no.difi.certvalidator.jaxb.ChainType;
import no.difi.certvalidator.jaxb.HandleErrorType;
import no.difi.certvalidator.jaxb.JunctionEnum;
import no.difi.certvalidator.jaxb.JunctionType;
import no.difi.certvalidator.jaxb.OCSPType;
import no.difi.certvalidator.jaxb.TryType;
import no.difi.certvalidator.jaxb.ValidatorRecipe;
import no.difi.certvalidator.jaxb.ValidatorType;
import no.difi.certvalidator.jaxb.WhitelistType;
import no.difi.certvalidator.lang.ValidatorParsingException;
import no.difi.certvalidator.rule.BlacklistRule;
import no.difi.certvalidator.rule.ChainRule;
import no.difi.certvalidator.rule.HandleErrorRule;
import no.difi.certvalidator.rule.OCSPRule;
import no.difi.certvalidator.rule.WhitelistRule;
import no.difi.certvalidator.structure.Junction;
import no.difi.certvalidator.util.CachedValidatorRule;

/* loaded from: input_file:no/difi/certvalidator/ValidatorLoaderParser.class */
class ValidatorLoaderParser {
    private static JAXBContext jaxbContext;
    private static List<ValidatorRecipeParser> recipeParser = serviceLoader(ValidatorRecipeParser.class);
    private static List<ValidatorRuleParser> ruleParsers = serviceLoader(ValidatorRuleParser.class);

    ValidatorLoaderParser() {
    }

    public static ValidatorGroup parse(InputStream inputStream, Map<String, Object> map) throws ValidatorParsingException {
        try {
            ValidatorRecipe validatorRecipe = (ValidatorRecipe) jaxbContext.createUnmarshaller().unmarshal(new StreamSource(inputStream), ValidatorRecipe.class).getValue();
            Iterator<ValidatorRecipeParser> it = recipeParser.iterator();
            while (it.hasNext()) {
                it.next().parse(validatorRecipe, map);
            }
            HashMap hashMap = new HashMap();
            for (ValidatorType validatorType : validatorRecipe.getValidator()) {
                ValidatorRule parse = parse(validatorType.getBlacklistOrCachedOrChain(), map, JunctionEnum.AND);
                if (validatorType.getTimeout() != null) {
                    parse = new CachedValidatorRule(parse, validatorType.getTimeout().longValue());
                }
                String name = validatorType.getName() == null ? "default" : validatorType.getName();
                hashMap.put(name, parse);
                map.put(String.format("#validator::%s", name), parse);
            }
            return new ValidatorGroup(hashMap, validatorRecipe.getName(), validatorRecipe.getVersion());
        } catch (JAXBException | CertificateValidationException e) {
            throw new ValidatorParsingException(e.getMessage(), e);
        }
    }

    private static ValidatorRule parse(List<Object> list, Map<String, Object> map, JunctionEnum junctionEnum) throws CertificateValidationException {
        ArrayList arrayList = new ArrayList();
        Iterator<Object> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(parse(it.next(), map));
        }
        return junctionEnum == JunctionEnum.AND ? Junction.and((ValidatorRule[]) arrayList.toArray(new ValidatorRule[arrayList.size()])) : junctionEnum == JunctionEnum.OR ? Junction.or((ValidatorRule[]) arrayList.toArray(new ValidatorRule[arrayList.size()])) : Junction.xor((ValidatorRule[]) arrayList.toArray(new ValidatorRule[arrayList.size()]));
    }

    private static ValidatorRule parse(Object obj, Map<String, Object> map) throws CertificateValidationException {
        if (obj instanceof BlacklistType) {
            return parse((BlacklistType) obj, map);
        }
        if (obj instanceof CachedType) {
            return parse((CachedType) obj, map);
        }
        if (obj instanceof ChainType) {
            return parse((ChainType) obj, map);
        }
        if (obj instanceof JunctionType) {
            return parse((JunctionType) obj, map);
        }
        if (obj instanceof OCSPType) {
            return parse((OCSPType) obj, map);
        }
        if (obj instanceof HandleErrorType) {
            return parse((HandleErrorType) obj, map);
        }
        if (obj instanceof TryType) {
            return parse((TryType) obj, map);
        }
        if (obj instanceof WhitelistType) {
            return parse((WhitelistType) obj, map);
        }
        for (ValidatorRuleParser validatorRuleParser : ruleParsers) {
            if (validatorRuleParser.supports(obj.getClass())) {
                return validatorRuleParser.parse(obj, map);
            }
        }
        throw new ValidatorParsingException(String.format("Unable to parse '%s'", obj));
    }

    private static ValidatorRule parse(BlacklistType blacklistType, Map<String, Object> map) {
        return new BlacklistRule(getBucket(blacklistType.getValue(), map));
    }

    private static ValidatorRule parse(CachedType cachedType, Map<String, Object> map) throws CertificateValidationException {
        return new CachedValidatorRule(parse(cachedType.getBlacklistOrCachedOrChain(), map, JunctionEnum.AND), cachedType.getTimeout());
    }

    private static ValidatorRule parse(ChainType chainType, Map<String, Object> map) {
        return new ChainRule(getBucket(chainType.getRootBucketReference().getValue(), map), getBucket(chainType.getIntermediateBucketReference().getValue(), map), (String[]) chainType.getPolicy().toArray(new String[chainType.getPolicy().size()]));
    }

    private static ValidatorRule parse(HandleErrorType handleErrorType, Map<String, Object> map) throws CertificateValidationException {
        ArrayList arrayList = new ArrayList();
        Iterator<Object> it = handleErrorType.getBlacklistOrCachedOrChain().iterator();
        while (it.hasNext()) {
            arrayList.add(parse(it.next(), map));
        }
        String handler = handleErrorType.getHandler() != null ? handleErrorType.getHandler() : "#errorhandler";
        return map.get(handler) != null ? new HandleErrorRule((ErrorHandler) map.get(handler), arrayList) : new HandleErrorRule(arrayList);
    }

    private static ValidatorRule parse(JunctionType junctionType, Map<String, Object> map) throws CertificateValidationException {
        return parse(junctionType.getBlacklistOrCachedOrChain(), map, junctionType.getType());
    }

    private static ValidatorRule parse(OCSPType oCSPType, Map<String, Object> map) {
        Builder builder = OcspClient.builder().set(OcspClient.INTERMEDIATES, getBucket(oCSPType.getIntermediateBucketReference().getValue(), map).asList());
        if (map.containsKey("ocsp_fetcher")) {
            builder = builder.set(OcspClient.FETCHER, (OcspFetcher) map.get("ocsp_fetcher"));
        }
        return new OCSPRule((OcspClient) builder.build());
    }

    private static ValidatorRule parse(TryType tryType, Map<String, Object> map) throws CertificateValidationException {
        Iterator<Object> it = tryType.getBlacklistOrCachedOrChain().iterator();
        while (it.hasNext()) {
            try {
                return parse(it.next(), map);
            } catch (Exception e) {
            }
        }
        throw new CertificateValidationException("Unable to find valid rule in try.");
    }

    private static ValidatorRule parse(WhitelistType whitelistType, Map<String, Object> map) throws CertificateValidationException {
        return new WhitelistRule(getBucket(whitelistType.getValue(), map));
    }

    private static CertificateBucket getBucket(String str, Map<String, Object> map) {
        return (CertificateBucket) map.get(String.format("#bucket::%s", str));
    }

    public static <T> List<T> serviceLoader(Class<T> cls) {
        return (List) StreamSupport.stream(ServiceLoader.load(cls).spliterator(), false).sorted((obj, obj2) -> {
            return Integer.compare(obj.getClass().isAnnotationPresent(Order.class) ? ((Order) obj.getClass().getAnnotation(Order.class)).value() : 0, obj2.getClass().isAnnotationPresent(Order.class) ? ((Order) obj2.getClass().getAnnotation(Order.class)).value() : 0);
        }).collect(Collectors.toList());
    }

    static {
        try {
            jaxbContext = JAXBContext.newInstance(new Class[]{ValidatorRecipe.class});
        } catch (JAXBException e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }
}
