package com.floragunn.searchguard.enterprise.auth.saml;

import com.floragunn.codova.config.net.TLSConfig;
import com.floragunn.searchsupport.privileged_code.PrivilegedCode;
import java.net.URI;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import org.apache.http.client.HttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.opensaml.saml.metadata.resolver.impl.HTTPMetadataResolver;

/* loaded from: input_file:com/floragunn/searchguard/enterprise/auth/saml/SamlHTTPMetadataResolver.class */
public class SamlHTTPMetadataResolver extends HTTPMetadataResolver {
    private static int componentIdCounter = 0;
    private volatile ResolverException lastRefreshException;

    public SamlHTTPMetadataResolver(URI uri, TLSConfig tLSConfig) throws ResolverException {
        super(createHttpClient(tLSConfig), uri.toString());
        StringBuilder append = new StringBuilder().append(SamlAuthenticator.class.getName()).append("_");
        int i = componentIdCounter + 1;
        componentIdCounter = i;
        setId(append.append(i).toString());
        setRequireValidMetadata(true);
        setFailFastInitialization(false);
        BasicParserPool basicParserPool = new BasicParserPool();
        try {
            basicParserPool.initialize();
            setParserPool(basicParserPool);
        } catch (ComponentInitializationException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    protected byte[] fetchMetadata() throws ResolverException {
        return (byte[]) PrivilegedCode.execute(() -> {
            byte[] fetchMetadata = super.fetchMetadata();
            this.lastRefreshException = null;
            return fetchMetadata;
        }, ResolverException.class);
    }

    public void initializePrivileged() throws ComponentInitializationException {
        PrivilegedCode.execute(() -> {
            initialize();
        }, ComponentInitializationException.class);
    }

    private static HttpClient createHttpClient(TLSConfig tLSConfig) {
        return (HttpClient) PrivilegedCode.execute(() -> {
            HttpClientBuilder custom = HttpClients.custom();
            custom.useSystemProperties();
            if (tLSConfig != null) {
                custom.setSSLSocketFactory(tLSConfig.toSSLConnectionSocketFactory());
            }
            return custom.build();
        });
    }

    public ResolverException getLastRefreshException() {
        return this.lastRefreshException;
    }
}
