package com.atlassian.jira.security.auth.trustedapps;

import com.atlassian.event.api.EventListener;
import com.atlassian.event.api.EventPublisher;
import com.atlassian.jira.bc.license.JiraLicenseService;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.event.ClearCacheEvent;
import com.atlassian.jira.extension.Startable;
import com.atlassian.jira.security.auth.trustedapps.KeyFactory;
import com.atlassian.jira.util.dbc.Assertions;
import com.atlassian.jira.util.lang.Pair;
import com.atlassian.security.auth.trustedapps.CurrentApplication;
import com.atlassian.security.auth.trustedapps.DefaultCurrentApplication;
import com.atlassian.util.concurrent.ResettableLazyReference;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Random;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/atlassian/jira/security/auth/trustedapps/DefaultCurrentApplicationStore.class */
public class DefaultCurrentApplicationStore implements CurrentApplicationStore, Startable {
    private final ApplicationProperties applicationProperties;
    private final EventPublisher publisher;
    private final ResettableLazyReference<Pair<KeyPair, CurrentApplication>> cache = new ResettableLazyReference<Pair<KeyPair, CurrentApplication>>() { // from class: com.atlassian.jira.security.auth.trustedapps.DefaultCurrentApplicationStore.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* renamed from: create, reason: merged with bridge method [inline-methods] */
        public Pair<KeyPair, CurrentApplication> m789create() {
            return DefaultCurrentApplicationStore.this.getOrCreateCurrentApplication();
        }
    };
    private final JiraLicenseService licenseService;

    /* loaded from: input_file:com/atlassian/jira/security/auth/trustedapps/DefaultCurrentApplicationStore$Keys.class */
    private static final class Keys {
        private static final String PRIVATE_KEY_DATA = "jira.trustedapp.key.private.data";
        private static final String PUBLIC_KEY_DATA = "jira.trustedapp.key.public.data";
        private static final String UID = "jira.trustedapp.uid";

        private Keys() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/jira/security/auth/trustedapps/DefaultCurrentApplicationStore$UIDGenerator.class */
    public static class UIDGenerator {
        final Random random;

        private UIDGenerator() {
            this.random = new Random();
        }

        String generateUID(JiraLicenseService jiraLicenseService) {
            String serverId = jiraLicenseService.getServerId();
            return "jira:" + new BigInteger(1, ArrayUtils.subarray(DigestUtils.md5(serverId != null ? serverId : String.valueOf(this.random.nextLong())), 0, 3)).intValue();
        }
    }

    public DefaultCurrentApplicationStore(ApplicationProperties applicationProperties, JiraLicenseService jiraLicenseService, EventPublisher eventPublisher) {
        this.publisher = (EventPublisher) Assertions.notNull("publisher", eventPublisher);
        this.applicationProperties = (ApplicationProperties) Assertions.notNull("applicationProperties", applicationProperties);
        this.licenseService = (JiraLicenseService) Assertions.notNull("jiraLicenseService", jiraLicenseService);
    }

    @Override // com.atlassian.jira.extension.Startable
    public void start() throws Exception {
        this.publisher.register(this);
    }

    @EventListener
    public void onClearCache(ClearCacheEvent clearCacheEvent) {
        this.cache.reset();
    }

    @Override // com.atlassian.jira.security.auth.trustedapps.CurrentApplicationStore
    public CurrentApplication getCurrentApplication() {
        return (CurrentApplication) ((Pair) this.cache.get()).second();
    }

    @Override // com.atlassian.jira.security.auth.trustedapps.CurrentApplicationStore
    public KeyPair getKeyPair() {
        return (KeyPair) ((Pair) this.cache.get()).first();
    }

    @Override // com.atlassian.jira.security.auth.trustedapps.CurrentApplicationStore
    public synchronized void setCurrentApplication(String str, KeyPair keyPair) {
        Assertions.notBlank("applicationId cannot be blank.", str);
        Assertions.notNull("pair cannot be null.", keyPair);
        Assertions.notNull("pair.private cannot be null.", keyPair.getPrivate());
        Assertions.notNull("pair.public cannot be null.", keyPair.getPublic());
        this.applicationProperties.setText("jira.trustedapp.key.private.data", KeyFactory.encode(keyPair.getPrivate()));
        this.applicationProperties.setText("jira.trustedapp.key.public.data", KeyFactory.encode(keyPair.getPublic()));
        this.applicationProperties.setString("jira.trustedapp.uid", str);
        this.cache.reset();
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.atlassian.jira.security.auth.trustedapps.CurrentApplicationStore
    public void setCurrentApplication(String str, String str2, String str3) {
        Assertions.notBlank("applicationId cannot be blank.", str);
        Assertions.notNull("publicKey cannot be null.", str2);
        Assertions.notNull("privateKey cannot be null.", str3);
        PublicKey publicKey = KeyFactory.getPublicKey(str2);
        if (publicKey instanceof KeyFactory.InvalidPublicKey) {
            throw new IllegalArgumentException("publicKey is not a valid public key.", ((KeyFactory.InvalidKey) publicKey).getCause());
        }
        PrivateKey privateKey = KeyFactory.getPrivateKey(str3);
        if (privateKey instanceof KeyFactory.InvalidPrivateKey) {
            throw new IllegalArgumentException("privateKey is not a valid private key.", ((KeyFactory.InvalidKey) privateKey).getCause());
        }
        setCurrentApplication(str, new KeyPair(publicKey, privateKey));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized Pair<KeyPair, CurrentApplication> getOrCreateCurrentApplication() {
        KeyPair keyPair;
        String text = this.applicationProperties.getText("jira.trustedapp.key.private.data");
        String text2 = this.applicationProperties.getText("jira.trustedapp.key.public.data");
        if (StringUtils.isBlank(text)) {
            keyPair = generateNewKeyPair();
            this.applicationProperties.setText("jira.trustedapp.key.private.data", KeyFactory.encode(keyPair.getPrivate()));
            this.applicationProperties.setText("jira.trustedapp.key.public.data", KeyFactory.encode(keyPair.getPublic()));
        } else {
            keyPair = new KeyPair(KeyFactory.getPublicKey(text2), KeyFactory.getPrivateKey(text));
        }
        String string = this.applicationProperties.getString("jira.trustedapp.uid");
        if (StringUtils.isBlank(string)) {
            string = new UIDGenerator().generateUID(this.licenseService);
            this.applicationProperties.setString("jira.trustedapp.uid", string);
        }
        return Pair.of(keyPair, new DefaultCurrentApplication(keyPair.getPublic(), keyPair.getPrivate(), string));
    }

    private static KeyPair generateNewKeyPair() {
        try {
            return KeyFactory.getEncryptionProvider().generateNewKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        } catch (NoSuchProviderException e2) {
            throw new RuntimeException(e2);
        }
    }
}
