package com.resolution.atlasplugins.samlsso;

import com.atlassian.sal.api.transaction.TransactionCallback;
import com.atlassian.sal.api.transaction.TransactionTemplate;
import com.atlassian.sal.api.user.UserManager;
import com.atlassian.sal.api.user.UserProfile;
import com.resolution.atlasplugins.samlsso.PluginConfiguration;
import java.security.cert.CertificateException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.opensaml.xml.security.x509.X509Util;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path(Defaults.DEFAULT_REDIRECT_URL)
/* loaded from: input_file:com/resolution/atlasplugins/samlsso/PluginConfigurationRestResource.class */
public class PluginConfigurationRestResource {
    private static final Logger logger = LoggerFactory.getLogger(PluginConfigurationRestResource.class);
    private final UserManager userManager;
    private final TransactionTemplate transactionTemplate;
    private final PluginConfiguration pluginConfiguration;

    public PluginConfigurationRestResource(PluginConfiguration pluginConfiguration, UserManager userManager, TransactionTemplate transactionTemplate) {
        logger.debug("Constructing PluginConfigurationRestResource");
        this.pluginConfiguration = pluginConfiguration;
        this.userManager = userManager;
        this.transactionTemplate = transactionTemplate;
    }

    @GET
    @Produces({"application/json"})
    public Response getConfig(@Context HttpServletRequest httpServletRequest) {
        UserProfile remoteUser = this.userManager.getRemoteUser(httpServletRequest);
        if (remoteUser == null || !this.userManager.isSystemAdmin(remoteUser.getUserKey())) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        CacheControl cacheControl = new CacheControl();
        cacheControl.setNoCache(true);
        return Response.ok(this.transactionTemplate.execute(new TransactionCallback<PluginConfiguration.ConfigTransfer>() { // from class: com.resolution.atlasplugins.samlsso.PluginConfigurationRestResource.1
            /* renamed from: doInTransaction, reason: merged with bridge method [inline-methods] */
            public PluginConfiguration.ConfigTransfer m26doInTransaction() {
                PluginConfiguration.ConfigTransfer configTransfer = new PluginConfiguration.ConfigTransfer();
                configTransfer.transferFrom(PluginConfigurationRestResource.this.pluginConfiguration);
                return configTransfer;
            }
        })).cacheControl(cacheControl).build();
    }

    @PUT
    @Consumes({"application/json"})
    public Response updateConfig(final PluginConfiguration.ConfigTransfer configTransfer, @Context HttpServletRequest httpServletRequest) {
        UserProfile remoteUser = this.userManager.getRemoteUser(httpServletRequest);
        if (remoteUser == null || !this.userManager.isSystemAdmin(remoteUser.getUserKey())) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        String str = configTransfer.base64encodedCertificate;
        if (str != null) {
            str = str.trim();
        }
        if (str != null && str.length() > 0) {
            try {
                if (!X509Util.decodeCertificate(str.getBytes()).iterator().hasNext()) {
                    return Response.status(Response.Status.NOT_ACCEPTABLE).build();
                }
            } catch (CertificateException e) {
                logger.error("CERT", e);
                return Response.status(Response.Status.NOT_ACCEPTABLE).build();
            }
        }
        this.transactionTemplate.execute(new TransactionCallback<PluginConfiguration.ConfigTransfer>() { // from class: com.resolution.atlasplugins.samlsso.PluginConfigurationRestResource.2
            /* renamed from: doInTransaction, reason: merged with bridge method [inline-methods] */
            public PluginConfiguration.ConfigTransfer m27doInTransaction() {
                configTransfer.transferTo(PluginConfigurationRestResource.this.pluginConfiguration);
                return null;
            }
        });
        return Response.noContent().build();
    }
}
