package org.subshare.local;

import co.codewizards.cloudstore.core.auth.SignatureException;
import co.codewizards.cloudstore.core.dto.jaxb.CloudStoreJaxbContext;
import co.codewizards.cloudstore.core.io.ByteArrayInputStream;
import co.codewizards.cloudstore.core.io.ByteArrayOutputStream;
import co.codewizards.cloudstore.core.io.NoCloseInputStream;
import co.codewizards.cloudstore.core.repo.local.LocalRepoManager;
import co.codewizards.cloudstore.core.repo.local.LocalRepoTransaction;
import co.codewizards.cloudstore.core.util.UrlUtil;
import co.codewizards.cloudstore.local.persistence.RemoteRepositoryDao;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.Writer;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import java.util.Set;
import java.util.UUID;
import java.util.zip.CRC32;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import java.util.zip.ZipOutputStream;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.subshare.core.Cryptree;
import org.subshare.core.CryptreeFactoryRegistry;
import org.subshare.core.dto.PermissionType;
import org.subshare.core.dto.UserRepoInvitationDto;
import org.subshare.core.file.EncryptedDataFile;
import org.subshare.core.pgp.ImportKeysResult;
import org.subshare.core.pgp.Pgp;
import org.subshare.core.pgp.PgpDecoder;
import org.subshare.core.pgp.PgpEncoder;
import org.subshare.core.pgp.PgpKey;
import org.subshare.core.pgp.PgpKeyId;
import org.subshare.core.pgp.PgpRegistry;
import org.subshare.core.repo.ServerRepo;
import org.subshare.core.repo.ServerRepoManagerImpl;
import org.subshare.core.repo.ServerRepoRegistry;
import org.subshare.core.repo.ServerRepoRegistryImpl;
import org.subshare.core.server.Server;
import org.subshare.core.server.ServerRegistry;
import org.subshare.core.server.ServerRegistryImpl;
import org.subshare.core.user.User;
import org.subshare.core.user.UserRegistry;
import org.subshare.core.user.UserRepoInvitation;
import org.subshare.core.user.UserRepoInvitationDtoConverter;
import org.subshare.core.user.UserRepoInvitationManager;
import org.subshare.core.user.UserRepoInvitationToken;
import org.subshare.core.user.UserRepoKey;
import org.subshare.core.user.UserRepoKeyRing;
import org.subshare.local.persistence.InvitationUserRepoKeyPublicKey;
import org.subshare.local.persistence.SsRemoteRepository;
import org.subshare.local.persistence.UserIdentityDao;
import org.subshare.local.persistence.UserIdentityLinkDao;
import org.subshare.local.persistence.UserRepoKeyPublicKeyDao;
import org.subshare.local.persistence.VerifySignableAndWriteProtectedEntityListener;

/* loaded from: input_file:org/subshare/local/UserRepoInvitationManagerImpl.class */
public class UserRepoInvitationManagerImpl implements UserRepoInvitationManager {
    private static final String USER_REPO_INVITATION_DTO_XML_FILE_NAME = "userRepoInvitationDto.xml";
    private static final Logger logger = LoggerFactory.getLogger(UserRepoInvitationManagerImpl.class);
    private final UserRepoInvitationDtoConverter userRepoInvitationDtoConverter = new UserRepoInvitationDtoConverter();
    private UserRegistry userRegistry;
    private LocalRepoManager localRepoManager;
    private LocalRepoTransaction transaction;
    private Cryptree cryptree;
    private User grantingUser;

    public int getPriority() {
        return 0;
    }

    public UserRegistry getUserRegistry() {
        return this.userRegistry;
    }

    public void setUserRegistry(UserRegistry userRegistry) {
        this.userRegistry = userRegistry;
    }

    public LocalRepoManager getLocalRepoManager() {
        return this.localRepoManager;
    }

    public void setLocalRepoManager(LocalRepoManager localRepoManager) {
        this.localRepoManager = localRepoManager;
    }

    public UserRepoInvitationToken createUserRepoInvitationToken(String str, User user, Set<PgpKey> set, PermissionType permissionType, long j) {
        Objects.requireNonNull(str, "localPath");
        Objects.requireNonNull(user, "user");
        Objects.requireNonNull(permissionType, "permissionType");
        if (set == null) {
            if (user.getPgpKeys().isEmpty()) {
                throw new IllegalArgumentException("The user does not have any PGP keys assigned: " + user);
            }
            set = user.getValidPgpKeys();
            if (set.isEmpty()) {
                throw new IllegalArgumentException("All the user's PGP keys are revoked or expired: " + user);
            }
        } else {
            if (set.isEmpty()) {
                throw new IllegalArgumentException("The specified userPgpKeys must not be empty!");
            }
            Set pgpKeys = user.getPgpKeys();
            for (PgpKey pgpKey : set) {
                if (!pgpKeys.contains(pgpKey)) {
                    throw new IllegalArgumentException(String.format("The key %s given in userPgpKeys does not belong to the user %s!", pgpKey, user));
                }
            }
        }
        UserRepoInvitation createUserRepoInvitation = createUserRepoInvitation(str, user, permissionType, j);
        User user2 = (User) Objects.requireNonNull(this.grantingUser, "grantingUser");
        byte[] userRepoInvitationData = toUserRepoInvitationData(createUserRepoInvitation);
        PgpKey pgpKeyContainingSecretKeyOrFail = user2.getPgpKeyContainingSecretKeyOrFail();
        HashSet hashSet = new HashSet(set.size() + 1);
        hashSet.addAll(set);
        hashSet.add(pgpKeyContainingSecretKeyOrFail);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        getPgpOrFail().exportPublicKeys(Collections.singleton(pgpKeyContainingSecretKeyOrFail), byteArrayOutputStream);
        byte[] encrypt = encrypt(byteArrayOutputStream.toByteArray(), hashSet);
        byte[] signAndEncrypt = signAndEncrypt(userRepoInvitationData, pgpKeyContainingSecretKeyOrFail, hashSet);
        EncryptedDataFile encryptedDataFile = new EncryptedDataFile();
        encryptedDataFile.putSigningKeyData(encrypt);
        encryptedDataFile.putDefaultData(signAndEncrypt);
        try {
            return new UserRepoInvitationToken(encryptedDataFile.write());
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private byte[] encrypt(byte[] bArr, Set<PgpKey> set) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PgpEncoder createEncoder = getPgpOrFail().createEncoder(new ByteArrayInputStream(bArr), byteArrayOutputStream);
        createEncoder.getEncryptPgpKeys().addAll(set);
        try {
            createEncoder.encode();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private byte[] signAndEncrypt(byte[] bArr, PgpKey pgpKey, Set<PgpKey> set) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PgpEncoder createEncoder = getPgpOrFail().createEncoder(new ByteArrayInputStream(bArr), byteArrayOutputStream);
        createEncoder.setSignPgpKey(pgpKey);
        createEncoder.getEncryptPgpKeys().addAll(set);
        try {
            createEncoder.encode();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public ServerRepo importUserRepoInvitationToken(UserRepoInvitationToken userRepoInvitationToken) {
        Objects.requireNonNull(userRepoInvitationToken, "userRepoInvitationToken");
        try {
            EncryptedDataFile encryptedDataFile = new EncryptedDataFile(userRepoInvitationToken.getSignedEncryptedUserRepoInvitationData());
            byte[] defaultData = encryptedDataFile.getDefaultData();
            if (defaultData == null) {
                throw new IllegalArgumentException("Container does not contain defaultData!");
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] signingKeyData = encryptedDataFile.getSigningKeyData();
            Pgp pgpOrFail = getPgpOrFail();
            if (signingKeyData != null) {
                try {
                    pgpOrFail.createDecoder(new ByteArrayInputStream(signingKeyData), byteArrayOutputStream).decode();
                    ImportKeysResult importKeys = pgpOrFail.importKeys(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
                    HashMap hashMap = new HashMap();
                    Iterator it = importKeys.getPgpKeyId2ImportedMasterKey().values().iterator();
                    while (it.hasNext()) {
                        PgpKeyId pgpKeyId = ((ImportKeysResult.ImportedMasterKey) it.next()).getPgpKeyId();
                        PgpKey pgpKey = pgpOrFail.getPgpKey(pgpKeyId);
                        Objects.requireNonNull(pgpKey, "pgp.getPgpKey(" + pgpKeyId + ")");
                        hashMap.put(pgpKeyId, pgpKey);
                    }
                    this.userRegistry.importUsersFromPgpKeys(hashMap.values());
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
            byteArrayOutputStream.reset();
            PgpDecoder createDecoder = pgpOrFail.createDecoder(new ByteArrayInputStream(defaultData), byteArrayOutputStream);
            try {
                createDecoder.decode();
                if (createDecoder.getPgpSignature() == null) {
                    throw new SignatureException("Missing signature!");
                }
                UserRepoInvitation fromUserRepoInvitationData = fromUserRepoInvitationData(byteArrayOutputStream.toByteArray());
                ServerRepo importUserRepoInvitation = importUserRepoInvitation(fromUserRepoInvitationData);
                ServerRepoManagerImpl.connectLocalRepositoryWithServerRepository(this.localRepoManager, importUserRepoInvitation.getRepositoryId(), UrlUtil.appendEncodedPath(fromUserRepoInvitationData.getServerUrl(), fromUserRepoInvitationData.getServerPath()));
                return importUserRepoInvitation;
            } catch (IOException e2) {
                throw new RuntimeException(e2);
            }
        } catch (IOException e3) {
            throw new RuntimeException(e3);
        }
    }

    private byte[] toUserRepoInvitationData(UserRepoInvitation userRepoInvitation) {
        Objects.requireNonNull(userRepoInvitation, "userRepoInvitation");
        try {
            Marshaller createMarshaller = CloudStoreJaxbContext.getJaxbContext().createMarshaller();
            UserRepoInvitationDto userRepoInvitationDto = this.userRepoInvitationDtoConverter.toUserRepoInvitationDto(userRepoInvitation);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ZipOutputStream zipOutputStream = new ZipOutputStream(byteArrayOutputStream);
            writeManifest(zipOutputStream);
            zipOutputStream.putNextEntry(new ZipEntry(USER_REPO_INVITATION_DTO_XML_FILE_NAME));
            createMarshaller.marshal(userRepoInvitationDto, zipOutputStream);
            zipOutputStream.closeEntry();
            zipOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (JAXBException | IOException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    private void writeManifest(ZipOutputStream zipOutputStream) throws IOException {
        byte[] createManifestData = createManifestData();
        zipOutputStream.putNextEntry(createManifestZipEntry(createManifestData));
        zipOutputStream.write(createManifestData);
        zipOutputStream.closeEntry();
    }

    private UserRepoInvitation fromUserRepoInvitationData(byte[] bArr) {
        Objects.requireNonNull(bArr, "userRepoInvitationData");
        try {
            ZipInputStream zipInputStream = new ZipInputStream(new ByteArrayInputStream(bArr));
            int versionFromManifestProperties = getVersionFromManifestProperties(readManifest(zipInputStream));
            if (versionFromManifestProperties != 1) {
                throw new IllegalArgumentException("userRepoInvitationData invalid: Unsupported version: " + versionFromManifestProperties);
            }
            UserRepoInvitationDto userRepoInvitationDto = (UserRepoInvitationDto) readName2Dto(zipInputStream).get(USER_REPO_INVITATION_DTO_XML_FILE_NAME);
            if (userRepoInvitationDto == null) {
                throw new IllegalArgumentException("userRepoInvitationData invalid: Missing zip-entry: userRepoInvitationDto.xml");
            }
            return this.userRepoInvitationDtoConverter.fromUserRepoInvitationDto(userRepoInvitationDto);
        } catch (JAXBException | IOException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    private Map<String, Object> readName2Dto(ZipInputStream zipInputStream) throws IOException, JAXBException {
        Unmarshaller createUnmarshaller = CloudStoreJaxbContext.getJaxbContext().createUnmarshaller();
        HashMap hashMap = new HashMap();
        while (true) {
            ZipEntry nextEntry = zipInputStream.getNextEntry();
            if (null == nextEntry) {
                return hashMap;
            }
            if (nextEntry.getName().endsWith(".xml")) {
                hashMap.put(nextEntry.getName(), createUnmarshaller.unmarshal(new NoCloseInputStream(zipInputStream)));
            } else {
                logger.warn("fromUserRepoInvitationData: Ignoring file (not ending on '.xml'): {}", nextEntry.getName());
            }
        }
    }

    private Properties readManifest(ZipInputStream zipInputStream) throws IOException {
        Objects.requireNonNull(zipInputStream, "zin");
        ZipEntry nextEntry = zipInputStream.getNextEntry();
        if (nextEntry == null) {
            throw new IllegalArgumentException(String.format("userRepoInvitationData is not valid: It lacks the '%s' as very first zip-entry (there is no first ZipEntry)!", "MANIFEST.properties"));
        }
        if (!"MANIFEST.properties".equals(nextEntry.getName())) {
            throw new IllegalArgumentException(String.format("userRepoInvitationData is not valid: The very first zip-entry is not '%s' (it is '%s' instead)!", "MANIFEST.properties", nextEntry.getName()));
        }
        Properties properties = new Properties();
        properties.load(zipInputStream);
        String property = properties.getProperty("contentType");
        if ("application/vnd.subshare.user-repo-invitation".equals(property)) {
            return properties;
        }
        throw new IllegalArgumentException(String.format("userRepoInvitationData is not valid: The manifest indicates the content-type '%s', but '%s' is expected!", property, "application/vnd.subshare.user-repo-invitation"));
    }

    private int getVersionFromManifestProperties(Properties properties) {
        String property = properties.getProperty("contentTypeVersion");
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            throw new IllegalArgumentException(String.format("The manifest does not contain a valid version number ('%s' is not a valid integer)!", property), e);
        }
    }

    private ZipEntry createManifestZipEntry(byte[] bArr) {
        ZipEntry zipEntry = new ZipEntry("MANIFEST.properties");
        zipEntry.setMethod(0);
        zipEntry.setSize(bArr.length);
        zipEntry.setCompressedSize(bArr.length);
        CRC32 crc32 = new CRC32();
        crc32.update(bArr);
        zipEntry.setCrc(crc32.getValue());
        return zipEntry;
    }

    private byte[] createManifestData() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter((OutputStream) byteArrayOutputStream, StandardCharsets.UTF_8);
        writeManifestEntry(outputStreamWriter, "contentType", "application/vnd.subshare.user-repo-invitation");
        writeManifestEntry(outputStreamWriter, "contentTypeVersion", Integer.toString(1));
        outputStreamWriter.close();
        return byteArrayOutputStream.toByteArray();
    }

    private void writeManifestEntry(Writer writer, String str, String str2) throws IOException {
        writer.write(str);
        writer.write(61);
        writer.write(str2);
        writer.write(10);
    }

    protected UserRepoInvitation createUserRepoInvitation(String str, User user, PermissionType permissionType, long j) {
        Objects.requireNonNull(str, "localPath");
        Objects.requireNonNull(user, "user");
        Objects.requireNonNull(permissionType, "permissionType");
        try {
            LocalRepoTransaction beginWriteTransaction = this.localRepoManager.beginWriteTransaction();
            try {
                this.transaction = beginWriteTransaction;
                this.grantingUser = createCryptreeAndDetermineGrantingUser(str);
                UserRepoKey createInvitationUserRepoKey = this.grantingUser.createInvitationUserRepoKey(user, this.cryptree.getRemoteRepositoryId(), j);
                user.getUserRepoKeyPublicKeys().add(createInvitationUserRepoKey.getPublicKey());
                this.cryptree.grantPermission(str, permissionType, createInvitationUserRepoKey.getPublicKey());
                SsRemoteRepository ssRemoteRepository = (SsRemoteRepository) ((RemoteRepositoryDao) beginWriteTransaction.getDao(RemoteRepositoryDao.class)).getRemoteRepositoryOrFail(this.cryptree.getRemoteRepositoryId());
                URL remoteRoot = ssRemoteRepository.getRemoteRoot();
                if (remoteRoot == null) {
                    throw new IllegalStateException("Could not determine the remoteRoot for the remoteRepositoryId " + this.cryptree.getRemoteRepositoryId());
                }
                URL removePathSuffix = removePathSuffix(removePathSuffix(remoteRoot, (String) Objects.requireNonNull(ssRemoteRepository.getRemotePathPrefix(), "remoteRepository.remotePathPrefix")), ssRemoteRepository.getRepositoryId().toString());
                UserRepoInvitation userRepoInvitation = new UserRepoInvitation(removePathSuffix, getPathAfterPrefix(UrlUtil.appendEncodedPath(remoteRoot, this.cryptree.getServerPath(str)), removePathSuffix), createInvitationUserRepoKey);
                logger.info("createUserRepoInvitation: grantingUser={} grantingUserRepoKeyIds={} invitedUser={} invitationUserRepoKey={}", new Object[]{this.grantingUser, this.grantingUser.getUserRepoKeyRing().getUserRepoKeys(), user, createInvitationUserRepoKey});
                beginWriteTransaction.commit();
                if (beginWriteTransaction != null) {
                    beginWriteTransaction.close();
                }
                return userRepoInvitation;
            } finally {
            }
        } finally {
            this.cryptree = null;
            this.transaction = null;
        }
    }

    private URL removePathSuffix(URL url, String str) {
        String str2;
        Objects.requireNonNull(url, "url");
        Objects.requireNonNull(str, "suffix");
        String url2 = url.toString();
        while (true) {
            str2 = url2;
            if (!str2.endsWith("/")) {
                break;
            }
            url2 = str2.substring(0, str2.length() - 1);
        }
        while (str.endsWith("/")) {
            str = str.substring(0, str.length() - 1);
        }
        if (!str2.endsWith(str)) {
            throw new IllegalArgumentException(String.format("url '%s' does not end with suffix '%s'!", str2, str));
        }
        String substring = str2.substring(0, str2.length() - str.length());
        if (substring.endsWith("/")) {
            substring = substring.substring(0, substring.length() - 1);
        }
        try {
            return new URL(substring);
        } catch (MalformedURLException e) {
            throw new RuntimeException(e);
        }
    }

    private String getPathAfterPrefix(URL url, URL url2) {
        Objects.requireNonNull(url, "completeUrl");
        Objects.requireNonNull(url2, "prefixUrl");
        String externalForm = url.toExternalForm();
        String externalForm2 = url2.toExternalForm();
        if (externalForm2.endsWith("/")) {
            throw new IllegalStateException("prefixUrlStr.endsWith(\"/\") :: " + externalForm2);
        }
        if (externalForm.startsWith(externalForm2)) {
            return externalForm.substring(externalForm2.length());
        }
        throw new IllegalStateException("! completeUrlStr.startsWith(prefixUrlStr) :: " + externalForm + " :: " + externalForm2);
    }

    private User createCryptreeAndDetermineGrantingUser(String str) {
        RemoteRepositoryDao remoteRepositoryDao = (RemoteRepositoryDao) this.transaction.getDao(RemoteRepositoryDao.class);
        Map remoteRepositoryId2RemoteRootMap = remoteRepositoryDao.getRemoteRepositoryId2RemoteRootMap();
        if (remoteRepositoryId2RemoteRootMap.size() > 1) {
            throw new UnsupportedOperationException("Currently, only exactly one remote-repository is allowed per local repository!");
        }
        if (remoteRepositoryId2RemoteRootMap.isEmpty()) {
            throw new IllegalStateException("There is no remote-repository connected with this local repository!");
        }
        UUID uuid = (UUID) remoteRepositoryId2RemoteRootMap.keySet().iterator().next();
        SsRemoteRepository ssRemoteRepository = (SsRemoteRepository) remoteRepositoryDao.getRemoteRepositoryOrFail(uuid);
        for (User user : this.userRegistry.getUsers()) {
            UserRepoKeyRing userRepoKeyRing = user.getUserRepoKeyRing();
            if (userRepoKeyRing != null && user.getPgpKeyContainingSecretKey() != null) {
                this.cryptree = CryptreeFactoryRegistry.getInstance().getCryptreeFactoryOrFail().getCryptreeOrCreate(this.transaction, uuid, ssRemoteRepository.getRemotePathPrefix(), userRepoKeyRing);
                if (this.cryptree.getUserRepoKey(str, PermissionType.grant) != null) {
                    return user;
                }
                this.transaction.removeContextObject(this.cryptree);
            }
        }
        throw new IllegalArgumentException("No User found having a local UserRepoKey allowed to grant access as desired!");
    }

    protected ServerRepo importUserRepoInvitation(UserRepoInvitation userRepoInvitation) {
        Objects.requireNonNull(userRepoInvitation, "userRepoInvitation");
        logger.info("importUserRepoInvitation: serverUrl='{}' serverPath='{}' invitationUserRepoKey={}", new Object[]{userRepoInvitation.getServerUrl(), userRepoInvitation.getServerPath(), userRepoInvitation.getInvitationUserRepoKey()});
        User findUserWithPgpKeyOrFail = findUserWithPgpKeyOrFail(determineDecryptPgpKey(userRepoInvitation));
        ServerRepo registerInServerRepoRegistry = registerInServerRepoRegistry(userRepoInvitation, findUserWithPgpKeyOrFail);
        findUserWithPgpKeyOrFail.getUserRepoKeyRingOrCreate().addUserRepoKey(userRepoInvitation.getInvitationUserRepoKey());
        UserRepoKey createUserRepoKey = findUserWithPgpKeyOrFail.createUserRepoKey(userRepoInvitation.getInvitationUserRepoKey().getServerRepositoryId());
        try {
            LocalRepoTransaction beginWriteTransaction = this.localRepoManager.beginWriteTransaction();
            try {
                this.transaction = beginWriteTransaction;
                this.cryptree = CryptreeFactoryRegistry.getInstance().getCryptreeFactoryOrFail().getCryptreeOrCreate(beginWriteTransaction, userRepoInvitation.getInvitationUserRepoKey().getServerRepositoryId(), "NOT_NEEDED_FOR_THIS_OPERATION", findUserWithPgpKeyOrFail.getUserRepoKeyRingOrCreate());
                UserRepoKeyPublicKeyDao userRepoKeyPublicKeyDao = (UserRepoKeyPublicKeyDao) beginWriteTransaction.getDao(UserRepoKeyPublicKeyDao.class);
                this.cryptree.requestReplaceInvitationUserRepoKey(userRepoInvitation.getInvitationUserRepoKey(), createUserRepoKey.getPublicKey());
                logger.info("importUserRepoInvitation: invitationUserRepoKey={} realUserRepoKey={}", userRepoInvitation.getInvitationUserRepoKey(), createUserRepoKey);
                InvitationUserRepoKeyPublicKey invitationUserRepoKeyPublicKey = (InvitationUserRepoKeyPublicKey) userRepoKeyPublicKeyDao.getUserRepoKeyPublicKeyOrFail(userRepoInvitation.getInvitationUserRepoKey().getUserRepoKeyId());
                VerifySignableAndWriteProtectedEntityListener verifySignableAndWriteProtectedEntityListener = (VerifySignableAndWriteProtectedEntityListener) beginWriteTransaction.getContextObject(VerifySignableAndWriteProtectedEntityListener.class);
                Objects.requireNonNull(verifySignableAndWriteProtectedEntityListener, "verifySignableAndWriteProtectedEntityListener");
                verifySignableAndWriteProtectedEntityListener.removeSignable(invitationUserRepoKeyPublicKey);
                UserIdentityDao userIdentityDao = (UserIdentityDao) beginWriteTransaction.getDao(UserIdentityDao.class);
                UserIdentityLinkDao userIdentityLinkDao = (UserIdentityLinkDao) beginWriteTransaction.getDao(UserIdentityLinkDao.class);
                userIdentityLinkDao.deletePersistentAll(userIdentityLinkDao.getObjects());
                beginWriteTransaction.flush();
                userIdentityDao.deletePersistentAll(userIdentityDao.getObjects());
                beginWriteTransaction.flush();
                beginWriteTransaction.commit();
                if (beginWriteTransaction != null) {
                    beginWriteTransaction.close();
                }
                this.userRegistry.writeIfNeeded();
                return registerInServerRepoRegistry;
            } finally {
            }
        } finally {
            this.cryptree = null;
            this.transaction = null;
        }
    }

    private Server registerInServerRegistry(UserRepoInvitation userRepoInvitation) {
        ServerRegistry serverRegistryImpl = ServerRegistryImpl.getInstance();
        URL serverUrl = userRepoInvitation.getServerUrl();
        Server serverForRemoteRoot = serverRegistryImpl.getServerForRemoteRoot(serverUrl);
        if (serverForRemoteRoot == null) {
            serverForRemoteRoot = serverRegistryImpl.createServer();
            serverForRemoteRoot.setName(serverUrl.getHost());
            serverForRemoteRoot.setUrl(serverUrl);
            serverRegistryImpl.getServers().add(serverForRemoteRoot);
            serverRegistryImpl.writeIfNeeded();
        }
        return serverForRemoteRoot;
    }

    private ServerRepo registerInServerRepoRegistry(UserRepoInvitation userRepoInvitation, User user) {
        Server registerInServerRegistry = registerInServerRegistry(userRepoInvitation);
        UUID serverRepositoryId = userRepoInvitation.getInvitationUserRepoKey().getServerRepositoryId();
        ServerRepoRegistry serverRepoRegistryImpl = ServerRepoRegistryImpl.getInstance();
        ServerRepo serverRepo = serverRepoRegistryImpl.getServerRepo(serverRepositoryId);
        if (serverRepo == null) {
            serverRepo = serverRepoRegistryImpl.createServerRepo(serverRepositoryId);
            serverRepo.setServerId(registerInServerRegistry.getServerId());
            serverRepo.setName(serverRepositoryId.toString());
            serverRepo.setUserId(user.getUserId());
            serverRepoRegistryImpl.getServerRepos().add(serverRepo);
            serverRepoRegistryImpl.writeIfNeeded();
        }
        return serverRepo;
    }

    private PgpKey determineDecryptPgpKey(UserRepoInvitation userRepoInvitation) {
        byte[] encryptedSignedPrivateKeyData = userRepoInvitation.getInvitationUserRepoKey().getEncryptedSignedPrivateKeyData();
        PgpDecoder createDecoder = getPgpOrFail().createDecoder(new ByteArrayInputStream(encryptedSignedPrivateKeyData), new ByteArrayOutputStream());
        try {
            createDecoder.decode();
            if (createDecoder.getPgpSignature() == null) {
                throw new SignatureException("Missing signature!");
            }
            return createDecoder.getDecryptPgpKey();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private Pgp getPgpOrFail() {
        return PgpRegistry.getInstance().getPgpOrFail();
    }

    private User findUserWithPgpKeyOrFail(PgpKey pgpKey) {
        PgpKeyId pgpKeyId = ((PgpKey) Objects.requireNonNull(pgpKey, "pgpKey")).getMasterKey().getPgpKeyId();
        for (User user : this.userRegistry.getUsers()) {
            if (user.getPgpKeyIds().contains(pgpKeyId)) {
                return user;
            }
        }
        throw new IllegalArgumentException("No User associated with the PgpKey with id=" + pgpKeyId);
    }
}
