package io.gravitee.am.management.service.impl;

import io.gravitee.am.certificate.api.CertificateProvider;
import io.gravitee.am.common.event.CertificateEvent;
import io.gravitee.am.management.service.CertificateManager;
import io.gravitee.am.management.service.DomainNotifierService;
import io.gravitee.am.management.service.impl.upgrades.UpgraderOrder;
import io.gravitee.am.model.Certificate;
import io.gravitee.am.model.common.event.Payload;
import io.gravitee.am.plugins.certificate.core.CertificatePluginManager;
import io.gravitee.am.plugins.certificate.core.CertificateProviderConfiguration;
import io.gravitee.am.service.CertificateService;
import io.gravitee.common.event.Event;
import io.gravitee.common.event.EventListener;
import io.gravitee.common.event.EventManager;
import io.gravitee.common.service.AbstractService;
import io.reactivex.rxjava3.core.Maybe;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/am/management/service/impl/CertificateManagerImpl.class */
public class CertificateManagerImpl extends AbstractService<CertificateManager> implements CertificateManager, EventListener<CertificateEvent, Payload> {
    private static final Logger logger = LoggerFactory.getLogger(CertificateManagerImpl.class);
    private static final long RETRY_TIMEOUT = 10000;
    public static final String DELETE_NOTIFICATION_ERROR = "Unable to delete notification acknowledge for certificate {} due to: {}";
    private final ConcurrentMap<String, CertificateProvider> certificateProviders = new ConcurrentHashMap();

    @Autowired
    private CertificatePluginManager certificatePluginManager;

    @Autowired
    private CertificateService certificateService;

    @Autowired
    private EventManager eventManager;

    @Autowired
    private DomainNotifierService notifierService;

    /* renamed from: io.gravitee.am.management.service.impl.CertificateManagerImpl$1, reason: invalid class name */
    /* loaded from: input_file:io/gravitee/am/management/service/impl/CertificateManagerImpl$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$gravitee$am$common$event$CertificateEvent = new int[CertificateEvent.values().length];

        static {
            try {
                $SwitchMap$io$gravitee$am$common$event$CertificateEvent[CertificateEvent.DEPLOY.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$gravitee$am$common$event$CertificateEvent[CertificateEvent.UPDATE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$gravitee$am$common$event$CertificateEvent[CertificateEvent.UNDEPLOY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    protected void doStart() throws Exception {
        super.doStart();
        logger.info("Register event listener for certificate events for the management API");
        this.eventManager.subscribeForEvents(this, CertificateEvent.class);
        logger.info("Initializing certificate providers");
        this.certificateService.findAll().blockingIterable().forEach(certificate -> {
            logger.info("\tInitializing certificate: {} [{}]", certificate.getName(), certificate.getType());
            loadCertificate(certificate);
        });
    }

    public void onEvent(Event<CertificateEvent, Payload> event) {
        switch (AnonymousClass1.$SwitchMap$io$gravitee$am$common$event$CertificateEvent[event.type().ordinal()]) {
            case 1:
                deployCertificate(((Payload) event.content()).getId());
                return;
            case 2:
                updateCertificate(((Payload) event.content()).getReferenceId(), ((Payload) event.content()).getId());
                return;
            case UpgraderOrder.DEFAULT_ENV_UPGRADER /* 3 */:
                removeCertificate(((Payload) event.content()).getReferenceId(), ((Payload) event.content()).getId());
                return;
            default:
                return;
        }
    }

    @Override // io.gravitee.am.management.service.CertificateManager
    public Maybe<CertificateProvider> getCertificateProvider(String str) {
        return doGetCertificateProvider(str, System.currentTimeMillis());
    }

    private Maybe<CertificateProvider> doGetCertificateProvider(String str, long j) {
        CertificateProvider certificateProvider = this.certificateProviders.get(str);
        if (certificateProvider != null) {
            return Maybe.just(certificateProvider);
        }
        try {
            if (((Certificate) this.certificateService.findById(str).blockingGet()) == null) {
                return Maybe.empty();
            }
            while (certificateProvider == null && System.currentTimeMillis() - j < RETRY_TIMEOUT) {
                certificateProvider = this.certificateProviders.get(str);
            }
            return certificateProvider == null ? Maybe.empty() : Maybe.just(certificateProvider);
        } catch (Exception e) {
            logger.error("An error has occurred while fetching certificate with id {}", str, e);
            throw new IllegalStateException(e);
        }
    }

    private void deployCertificate(String str) {
        logger.info("Management API has received a deploy certificate event for {}", str);
        this.certificateService.findById(str).subscribe(this::loadCertificate, th -> {
            logger.error("Unable to deploy certificate {}", str, th);
        }, () -> {
            logger.error("No certificate found with id {}", str);
        });
    }

    private void updateCertificate(String str, String str2) {
        logger.info("Management API has received a deploy certificate event for {}", str2);
        this.notifierService.unregisterCertificateExpiration(str, str2);
        this.notifierService.deleteCertificateExpirationAcknowledgement(str2).doOnError(th -> {
            logger.warn(DELETE_NOTIFICATION_ERROR, str2, th.getMessage());
        }).subscribe();
        deployCertificate(str2);
    }

    private void removeCertificate(String str, String str2) {
        logger.info("Management API has received a undeploy certificate event for {}", str2);
        this.certificateProviders.remove(str2);
        this.notifierService.unregisterCertificateExpiration(str, str2);
        this.notifierService.deleteCertificateExpirationAcknowledgement(str2).doOnError(th -> {
            logger.warn(DELETE_NOTIFICATION_ERROR, str2, th.getMessage());
        }).subscribe();
    }

    private void loadCertificate(Certificate certificate) {
        try {
            CertificateProvider create = this.certificatePluginManager.create(new CertificateProviderConfiguration(certificate));
            if (create != null) {
                this.certificateProviders.put(certificate.getId(), create);
                create.getExpirationDate().ifPresent(date -> {
                    if (certificate.getExpiresAt() == null || !certificate.getExpiresAt().equals(date)) {
                        this.certificateService.updateExpirationDate(certificate.getId(), date).doOnError(th -> {
                            logger.warn("Unable to update expiration date for certificate {} due to: {}", certificate.getId(), th.getMessage());
                        }).subscribe();
                    }
                    certificate.setExpiresAt(date);
                });
                this.notifierService.registerCertificateExpiration(certificate);
            } else {
                this.notifierService.unregisterCertificateExpiration(certificate.getDomain(), certificate.getId());
                this.notifierService.deleteCertificateExpirationAcknowledgement(certificate.getId()).doOnError(th -> {
                    logger.warn(DELETE_NOTIFICATION_ERROR, certificate.getId(), th.getMessage());
                }).subscribe();
                this.certificateProviders.remove(certificate.getId());
            }
        } catch (Exception e) {
            logger.error("An error has occurred while loading certificate: {} [{}]", new Object[]{certificate.getName(), certificate.getType(), e});
            this.certificateProviders.remove(certificate.getId());
        }
    }
}
