package com.hypersocket.certificates.json;

import com.hypersocket.auth.json.AuthenticationRequired;
import com.hypersocket.auth.json.ResourceController;
import com.hypersocket.auth.json.UnauthorizedException;
import com.hypersocket.certificates.CertificateProvider;
import com.hypersocket.certificates.CertificateResource;
import com.hypersocket.certificates.CertificateResourceColumns;
import com.hypersocket.certificates.CertificateResourceService;
import com.hypersocket.certs.InvalidPassphraseException;
import com.hypersocket.certs.X509CertificateUtils;
import com.hypersocket.certs.json.CertificateStatus;
import com.hypersocket.context.AuthenticatedContext;
import com.hypersocket.i18n.I18N;
import com.hypersocket.json.PropertyItem;
import com.hypersocket.json.RequestStatus;
import com.hypersocket.json.ResourceList;
import com.hypersocket.json.ResourceStatus;
import com.hypersocket.json.ResourceUpdate;
import com.hypersocket.permissions.AccessDeniedException;
import com.hypersocket.properties.PropertyCategory;
import com.hypersocket.realm.Realm;
import com.hypersocket.resource.ResourceException;
import com.hypersocket.resource.ResourceNotFoundException;
import com.hypersocket.resource.TransactionOperation;
import com.hypersocket.session.json.SessionTimeoutException;
import com.hypersocket.tables.BootstrapTableResult;
import com.hypersocket.tables.Column;
import com.hypersocket.tables.ColumnSort;
import com.hypersocket.tables.json.BootstrapTablePageProcessor;
import com.hypersocket.util.Pair;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.URLEncoder;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.openssl.jcajce.JcePEMEncryptorBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RequestPart;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.multipart.MultipartFile;

@Controller
/* loaded from: input_file:com/hypersocket/certificates/json/CertificateResourceController.class */
public class CertificateResourceController extends ResourceController {
    private static final Logger LOG = LoggerFactory.getLogger(CertificateResourceController.class);

    @Autowired
    private CertificateResourceService resourceService;

    @RequestMapping(value = {"certificates/providers"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext(anonymous = true)
    public ResourceList<CertificateProviderData> getStates(HttpServletRequest httpServletRequest) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        return new ResourceList<>((Collection) this.resourceService.getProviders().values().stream().map(certificateProvider -> {
            return new CertificateProviderData(certificateProvider);
        }).collect(Collectors.toList()));
    }

    @RequestMapping(value = {"certificates/list"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public ResourceList<CertificateResource> getResources(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        return new ResourceList<>(this.resourceService.allResources());
    }

    @RequestMapping(value = {"certificates/table"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public BootstrapTableResult<?> tableCertificates(final HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        return processDataTablesRequest(httpServletRequest, new BootstrapTablePageProcessor() { // from class: com.hypersocket.certificates.json.CertificateResourceController.1
            @Override // com.hypersocket.tables.json.BootstrapTablePageProcessor
            public Column getColumn(String str) {
                return CertificateResourceColumns.valueOf(str.toUpperCase());
            }

            @Override // com.hypersocket.tables.json.BootstrapTablePageProcessor
            public List<?> getPage(String str, String str2, int i, int i2, ColumnSort[] columnSortArr) throws UnauthorizedException, AccessDeniedException {
                return CertificateResourceController.this.resourceService.searchResources(CertificateResourceController.this.sessionUtils.getCurrentRealm(httpServletRequest), str, str2, i, i2, columnSortArr);
            }

            @Override // com.hypersocket.tables.json.BootstrapTablePageProcessor
            public Long getTotalCount(String str, String str2) throws UnauthorizedException, AccessDeniedException {
                return Long.valueOf(CertificateResourceController.this.resourceService.getResourceCount(CertificateResourceController.this.sessionUtils.getCurrentRealm(httpServletRequest), str, str2));
            }
        });
    }

    @RequestMapping(value = {"certificates/all"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public BootstrapTableResult<?> alLCertificates(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        return processDataTablesRequest(httpServletRequest, new BootstrapTablePageProcessor() { // from class: com.hypersocket.certificates.json.CertificateResourceController.2
            @Override // com.hypersocket.tables.json.BootstrapTablePageProcessor
            public Column getColumn(String str) {
                return CertificateResourceColumns.valueOf(str.toUpperCase());
            }

            @Override // com.hypersocket.tables.json.BootstrapTablePageProcessor
            public List<?> getPage(String str, String str2, int i, int i2, ColumnSort[] columnSortArr) throws UnauthorizedException, AccessDeniedException {
                return CertificateResourceController.this.resourceService.searchResources((Realm) null, str, str2, i, i2, columnSortArr);
            }

            @Override // com.hypersocket.tables.json.BootstrapTablePageProcessor
            public Long getTotalCount(String str, String str2) throws UnauthorizedException, AccessDeniedException {
                return Long.valueOf(CertificateResourceController.this.resourceService.getResourceCount((Realm) null, str, str2));
            }
        });
    }

    @RequestMapping(value = {"certificates/template"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public ResourceList<PropertyCategory> getResourceTemplate(HttpServletRequest httpServletRequest) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        return new ResourceList<>(this.resourceService.getPropertyTemplate());
    }

    @RequestMapping(value = {"certificates/properties/{id}"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public ResourceList<PropertyCategory> getActionTemplate(HttpServletRequest httpServletRequest, @PathVariable Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException, ResourceNotFoundException {
        return new ResourceList<>(this.resourceService.getPropertyTemplate(this.resourceService.getResourceById(l)));
    }

    @RequestMapping(value = {"certificates/certificate/{id}"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public CertificateResource getResource(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable("id") Long l) throws AccessDeniedException, UnauthorizedException, ResourceNotFoundException, SessionTimeoutException {
        return this.resourceService.getResourceById(l);
    }

    @RequestMapping(value = {"certificates/certificate"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public ResourceStatus<CertificateResource> createOrUpdateCertificate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody ResourceUpdate resourceUpdate) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException, ResourceException {
        CertificateResource createResource;
        Realm currentRealm = this.sessionUtils.getCurrentRealm(httpServletRequest);
        HashMap hashMap = new HashMap();
        for (PropertyItem propertyItem : resourceUpdate.getProperties()) {
            hashMap.put(propertyItem.getId(), propertyItem.getValue());
        }
        if (resourceUpdate.getId() != null) {
            createResource = this.resourceService.updateResource(this.resourceService.getResourceById(resourceUpdate.getId()), resourceUpdate.getName(), hashMap);
        } else {
            createResource = this.resourceService.createResource(resourceUpdate.getName(), currentRealm, hashMap, false);
            CertificateProvider provider = this.resourceService.getProvider(createResource.getProvider());
            if (provider.isDeferredCertificateCreation(createResource, currentRealm, hashMap, true)) {
                Pair deferredCertificateCreationMessageInfo = provider.deferredCertificateCreationMessageInfo();
                return new ResourceStatus<>(createResource, I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), (String) deferredCertificateCreationMessageInfo.getFirst(), (String) deferredCertificateCreationMessageInfo.getSecond(), new Object[]{resourceUpdate.getName()}));
            }
        }
        return new ResourceStatus<>(createResource, I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", resourceUpdate.getId() != null ? "resource.updated.info" : "resource.created.info", new Object[]{resourceUpdate.getName()}));
    }

    @RequestMapping(value = {"certificates/certificate/{id}"}, method = {RequestMethod.DELETE}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public ResourceStatus<CertificateResource> deleteResource(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable("id") Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        try {
            CertificateResource resourceById = this.resourceService.getResourceById(l);
            if (resourceById == null) {
                return new ResourceStatus<>(false, I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "error.invalidResourceId", new Object[]{l}));
            }
            String name = resourceById.getName();
            this.resourceService.deleteResource(resourceById, new TransactionOperation[0]);
            return new ResourceStatus<>(true, I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "resource.deleted.info", new Object[]{name}));
        } catch (ResourceException e) {
            return new ResourceStatus<>(false, e.getMessage());
        }
    }

    @RequestMapping(value = {"certificates/downloadCSR/{id}"}, method = {RequestMethod.GET}, produces = {"text/plain"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public String generateCSR(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        new CertificateStatus().setSuccess(false);
        try {
            CertificateResource resourceById = this.resourceService.getResourceById(l);
            String generateCSR = this.resourceService.generateCSR(resourceById);
            httpServletResponse.setHeader("Content-Disposition", "attachment; filename=\"" + resourceById.getName() + ".csr\"");
            return generateCSR;
        } catch (Exception e) {
            try {
                httpServletResponse.sendError(HttpStatus.INTERNAL_SERVER_ERROR.ordinal());
                return null;
            } catch (IOException e2) {
                return null;
            }
        }
    }

    @RequestMapping(value = {"certificates/downloadCertificate/{id}"}, method = {RequestMethod.GET}, produces = {"text/plain"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public String downloadCertificate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        new CertificateStatus().setSuccess(false);
        try {
            CertificateResource resourceById = this.resourceService.getResourceById(l);
            String certificate = resourceById.getCertificate();
            httpServletResponse.setHeader("Content-Disposition", "attachment; filename=\"" + resourceById.getName().replace(' ', '_') + ".crt\"");
            return certificate;
        } catch (Exception e) {
            try {
                httpServletResponse.sendError(HttpStatus.INTERNAL_SERVER_ERROR.ordinal());
                return null;
            } catch (IOException e2) {
                return null;
            }
        }
    }

    @RequestMapping(value = {"certificates/exportPfx/{id}"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public RequestStatus exportPfx(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable Long l, @RequestParam("passphrase") String str) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        new CertificateStatus().setSuccess(false);
        try {
            CertificateResource resourceById = this.resourceService.getResourceById(l);
            ArrayList arrayList = new ArrayList();
            for (X509Certificate x509Certificate : X509CertificateUtils.loadCertificateChainFromPEM(new ByteArrayInputStream(resourceById.getCertificate().getBytes("UTF-8")))) {
                arrayList.add(x509Certificate);
            }
            if (StringUtils.isNotEmpty(resourceById.getBundle())) {
                for (X509Certificate x509Certificate2 : X509CertificateUtils.loadCertificateChainFromPEM(new ByteArrayInputStream(resourceById.getBundle().getBytes("UTF-8")))) {
                    arrayList.add(x509Certificate2);
                }
            }
            KeyStore createPKCS12Keystore = X509CertificateUtils.createPKCS12Keystore(X509CertificateUtils.loadKeyPairFromPEM(new ByteArrayInputStream(resourceById.getPrivateKey().getBytes("UTF-8")), str.toCharArray()), (X509Certificate[]) arrayList.toArray(new X509Certificate[0]), "hypersocket", str.toCharArray());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            createPKCS12Keystore.store(byteArrayOutputStream, str.toCharArray());
            httpServletRequest.getSession().setAttribute("pfx", byteArrayOutputStream.toByteArray());
            return new RequestStatus(true);
        } catch (Exception e) {
            return new RequestStatus(false, e.getMessage());
        }
    }

    @RequestMapping(value = {"certificates/downloadPfx/{id}"}, method = {RequestMethod.GET}, produces = {"application/octet-stream"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public byte[] downloadPfx(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException, ResourceNotFoundException {
        try {
            httpServletResponse.setHeader("Content-Disposition", "attachment; filename=\"" + URLEncoder.encode(this.resourceService.getResourceById(l).getName().replace(' ', '_'), "UTF-8") + ".pfx\"");
            byte[] bArr = (byte[]) httpServletRequest.getSession().getAttribute("pfx");
            httpServletRequest.getSession().removeAttribute("pfx");
            httpServletResponse.setContentLength(bArr.length);
            return bArr;
        } catch (Exception e) {
            try {
                httpServletResponse.sendError(HttpStatus.INTERNAL_SERVER_ERROR.ordinal());
                return null;
            } catch (IOException e2) {
                return null;
            }
        }
    }

    @RequestMapping(value = {"certificates/exportPem/{id}"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public RequestStatus exportPem(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable Long l, @RequestParam("passphrase") String str) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        new CertificateStatus().setSuccess(false);
        try {
            CertificateResource resourceById = this.resourceService.getResourceById(l);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ZipOutputStream zipOutputStream = new ZipOutputStream(new BufferedOutputStream(byteArrayOutputStream));
            zipOutputStream.putNextEntry(new ZipEntry("certificate.pem"));
            zipOutputStream.write(resourceById.getCertificate().getBytes("UTF-8"));
            zipOutputStream.closeEntry();
            if (StringUtils.isNotEmpty(resourceById.getBundle())) {
                zipOutputStream.putNextEntry(new ZipEntry("ca-bundle.pem"));
                zipOutputStream.write(resourceById.getBundle().getBytes("UTF-8"));
                zipOutputStream.closeEntry();
            }
            zipOutputStream.putNextEntry(new ZipEntry("key.pem"));
            if (str == null || str.trim().equals("")) {
                zipOutputStream.write(resourceById.getPrivateKey().getBytes("UTF-8"));
            } else {
                KeyPair loadKeyPairFromPEM = X509CertificateUtils.loadKeyPairFromPEM(new ByteArrayInputStream(resourceById.getPrivateKey().getBytes("UTF-8")), str.toCharArray());
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new OutputStreamWriter(byteArrayOutputStream2));
                jcaPEMWriter.writeObject(loadKeyPairFromPEM, new JcePEMEncryptorBuilder("AES-128-CBC").setProvider("BC").build(str.toCharArray()));
                jcaPEMWriter.flush();
                zipOutputStream.write(byteArrayOutputStream2.toByteArray());
                jcaPEMWriter.close();
                byteArrayOutputStream2.close();
            }
            zipOutputStream.closeEntry();
            zipOutputStream.close();
            httpServletRequest.getSession().setAttribute("pem", byteArrayOutputStream.toByteArray());
            return new RequestStatus(true);
        } catch (Exception e) {
            return new RequestStatus(false, e.getMessage());
        }
    }

    @RequestMapping(value = {"certificates/downloadPem/{id}"}, method = {RequestMethod.GET}, produces = {"application/octet-stream"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public byte[] downloadPem(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException, ResourceNotFoundException {
        try {
            httpServletResponse.setHeader("Content-Disposition", "attachment; filename=\"" + URLEncoder.encode(this.resourceService.getResourceById(l).getName().replace(' ', '_'), "UTF-8") + ".zip\"");
            byte[] bArr = (byte[]) httpServletRequest.getSession().getAttribute("pem");
            httpServletRequest.getSession().removeAttribute("pem");
            httpServletResponse.setContentLength(bArr.length);
            return bArr;
        } catch (Exception e) {
            try {
                httpServletResponse.sendError(HttpStatus.INTERNAL_SERVER_ERROR.ordinal());
                return null;
            } catch (IOException e2) {
                return null;
            }
        }
    }

    @RequestMapping(value = {"certificates/cert/{id}"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public CertificateStatus uploadCertificate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @PathVariable Long l, @RequestPart("file") MultipartFile multipartFile, @RequestPart(value = "bundle", required = false) MultipartFile multipartFile2) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        CertificateStatus certificateStatus = new CertificateStatus();
        certificateStatus.setSuccess(false);
        try {
            this.resourceService.updateCertificate(this.resourceService.getResourceById(l), multipartFile, multipartFile2);
            certificateStatus.setSuccess(true);
            certificateStatus.setMessage(I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "info.certUploaded", new Object[0]));
        } catch (Exception e) {
            certificateStatus.setMessage(I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "error.generalError", new Object[]{e.getMessage()}));
        }
        return certificateStatus;
    }

    @RequestMapping(value = {"certificates/pem"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public CertificateStatus uploadKey(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestPart("file") MultipartFile multipartFile, @RequestPart(value = "bundle", required = false) MultipartFile multipartFile2, @RequestPart("key") MultipartFile multipartFile3, @RequestParam("passphrase") String str, @RequestParam("replaceCertificate") Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        return replaceKey(httpServletRequest, httpServletResponse, multipartFile, multipartFile2, multipartFile3, str, l, null);
    }

    @RequestMapping(value = {"certificates/pem/{id}"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public CertificateStatus replaceKey(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestPart("file") MultipartFile multipartFile, @RequestPart(value = "bundle", required = false) MultipartFile multipartFile2, @RequestPart("key") MultipartFile multipartFile3, @RequestParam("passphrase") String str, @RequestParam("replaceCertificate") Long l, @PathVariable Long l2) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        CertificateStatus certificateStatus = new CertificateStatus();
        certificateStatus.setSuccess(false);
        try {
            if (l2 != null) {
                certificateStatus.setResource(this.resourceService.replacePrivateKey(this.resourceService.getResourceById(l2), multipartFile3, str, multipartFile, multipartFile2));
            } else if (l.longValue() != -1) {
                CertificateResource resourceById = this.resourceService.getResourceById(l);
                if (resourceById == null) {
                    throw new IllegalStateException("Missing certificate, is null.");
                }
                LOG.info(String.format("Replacing certificate resource with id %s.", l));
                certificateStatus.setResource(this.resourceService.replacePrivateKey(resourceById, multipartFile3, str, multipartFile, multipartFile2));
            } else {
                certificateStatus.setResource(this.resourceService.importPrivateKey(multipartFile3, str, multipartFile, multipartFile2));
            }
            certificateStatus.setSuccess(true);
            certificateStatus.setMessage(I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "info.keyUploaded", new Object[0]));
        } catch (Exception e) {
            certificateStatus.setMessage(I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "error.generalError", new Object[]{e.getMessage()}));
        } catch (InvalidPassphraseException e2) {
            certificateStatus.setMessage(I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "error.invalidPassphrase", new Object[0]));
        }
        return certificateStatus;
    }

    @RequestMapping(value = {"certificates/pfx"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public CertificateStatus uploadPfx(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestPart("key") MultipartFile multipartFile, @RequestParam("passphrase") String str, @RequestParam("replaceCertificate") Long l) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        return replacePfx(httpServletRequest, httpServletResponse, multipartFile, str, l, null);
    }

    @RequestMapping(value = {"certificates/pfx/{id}"}, method = {RequestMethod.POST}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public CertificateStatus replacePfx(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestPart("key") MultipartFile multipartFile, @RequestParam("passphrase") String str, @RequestParam("replaceCertificate") Long l, @PathVariable Long l2) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        CertificateStatus certificateStatus = new CertificateStatus();
        certificateStatus.setSuccess(false);
        try {
            if (l2 != null) {
                certificateStatus.setResource(this.resourceService.replacePfx(this.resourceService.getResourceById(l2), multipartFile, str));
            } else if (l.longValue() != -1) {
                CertificateResource resourceById = this.resourceService.getResourceById(l);
                if (resourceById == null) {
                    throw new IllegalStateException("Missing certificate, is null.");
                }
                LOG.info(String.format("Replacing certificate resource with id %s.", l));
                certificateStatus.setResource(this.resourceService.replacePfx(resourceById, multipartFile, str));
            } else {
                certificateStatus.setResource(this.resourceService.importPfx(multipartFile, str));
            }
            certificateStatus.setSuccess(true);
            certificateStatus.setMessage(I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "info.keyUploaded", new Object[0]));
        } catch (Exception e) {
            LOG.error("Failed to import PFX.", e);
            certificateStatus.setMessage(I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "CertificateResourceService", "error.generalError", new Object[]{e.getMessage()}));
        }
        return certificateStatus;
    }

    @RequestMapping(value = {"certificates/bulk"}, method = {RequestMethod.DELETE}, produces = {"application/json"})
    @AuthenticationRequired
    @ResponseStatus(HttpStatus.OK)
    @ResponseBody
    @AuthenticatedContext
    public RequestStatus deleteResources(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody Long[] lArr) throws AccessDeniedException, UnauthorizedException, SessionTimeoutException {
        if (lArr == null) {
            try {
                lArr = new Long[0];
            } catch (Exception e) {
                return new RequestStatus(false, e.getMessage());
            }
        }
        List resourcesByIds = this.resourceService.getResourcesByIds(lArr);
        if (resourcesByIds == null || resourcesByIds.isEmpty()) {
            return new RequestStatus(false, I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "UserInterface", "bulk.delete.empty", new Object[0]));
        }
        this.resourceService.deleteResources(resourcesByIds, new TransactionOperation[0]);
        return new RequestStatus(true, I18N.getResource(this.sessionUtils.getLocale(httpServletRequest), "UserInterface", "bulk.delete.success", new Object[0]));
    }
}
