package org.gcube.common.authorization.client.proxy;

import com.liferay.portal.kernel.util.Http;
import com.liferay.portal.kernel.util.StringPool;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import org.gcube.common.authorization.client.Binder;
import org.gcube.common.authorization.client.Constants;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.endpoints.AuthorizationEndpoint;
import org.gcube.common.authorization.library.endpoints.AuthorizationEndpointScanner;
import org.gcube.common.authorization.library.endpoints.EndpointsContainer;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.authorization.library.utils.AuthorizationEntryList;
import org.gcube.common.authorization.library.utils.ListMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/authorization-client-3.0.1-SNAPSHOT.jar:org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.class */
public class DefaultAuthorizationProxy implements AuthorizationProxy {
    private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class);
    private static Map<String, AuthorizationEntryCache> cache = Collections.synchronizedMap(new HashMap());
    private static EndpointsContainer endpoints;

    public DefaultAuthorizationProxy() {
        if (endpoints == null) {
            endpoints = AuthorizationEndpointScanner.endpoints();
        }
    }

    private String getInternalEnpoint(int i) {
        return getInternalEnpoint(getEndpoint(i));
    }

    private String getInternalEnpoint(AuthorizationEndpoint authorizationEndpoint) {
        return (authorizationEndpoint.isSecureConnection() ? Http.HTTPS_WITH_SLASH : Http.HTTP_WITH_SLASH) + authorizationEndpoint.getHost() + StringPool.COLON + authorizationEndpoint.getPort() + "/authorization-service/gcube/service";
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public String resolveTokenByUserAndContext(String str, String str2) throws ObjectNotFound, Exception {
        int infrastructureHashfromContext = Utils.getInfrastructureHashfromContext(str2);
        StringBuilder append = new StringBuilder(getInternalEnpoint(infrastructureHashfromContext)).append("/token/resolve/").append(str).append("?context=").append(str2);
        HttpURLConnection makeRequest = makeRequest(new URL(append.toString()), "GET");
        log.debug("response code for " + append.toString() + " is " + makeRequest.getResponseCode() + " " + makeRequest.getResponseMessage());
        if (makeRequest.getResponseCode() == 404) {
            throw new ObjectNotFound("token not found");
        }
        if (makeRequest.getResponseCode() != 200) {
            throw new Exception("error contacting authorization service (error code is " + makeRequest.getResponseCode() + ")");
        }
        if (makeRequest.getContentLengthLong() == 0) {
            return null;
        }
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader((InputStream) makeRequest.getContent()));
        try {
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    String sb2 = sb.toString();
                    bufferedReader.close();
                    return Utils.addInfrastructureHashToToken(sb2, infrastructureHashfromContext);
                }
                sb.append(readLine);
            }
        } catch (Throwable th) {
            try {
                bufferedReader.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public String generateUserToken(UserInfo userInfo, String str) throws Exception {
        int infrastructureHashfromContext = Utils.getInfrastructureHashfromContext(str);
        StringBuilder append = new StringBuilder(getInternalEnpoint(infrastructureHashfromContext)).append("/token/user").append(StringPool.QUESTION).append(Constants.CONTEXT_PARAM).append(StringPool.EQUAL).append(str);
        HttpURLConnection makeRequest = makeRequest(new URL(append.toString()), "PUT");
        makeRequest.setDoOutput(true);
        makeRequest.setDoInput(true);
        makeRequest.setRequestProperty("Content-type", "application/xml");
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(makeRequest.getOutputStream());
        try {
            Binder.getContext().createMarshaller().marshal(userInfo, bufferedOutputStream);
            bufferedOutputStream.close();
            log.debug("response code for " + append.toString() + " is " + makeRequest.getResponseCode() + " " + makeRequest.getResponseMessage());
            if (makeRequest.getResponseCode() != 200) {
                throw new Exception("error contacting authorization service");
            }
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader((InputStream) makeRequest.getContent()));
            try {
                StringBuilder sb = new StringBuilder();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        String sb2 = sb.toString();
                        bufferedReader.close();
                        return Utils.addInfrastructureHashToToken(sb2, infrastructureHashfromContext);
                    }
                    sb.append(readLine);
                }
            } catch (Throwable th) {
                try {
                    bufferedReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (Throwable th3) {
            try {
                bufferedOutputStream.close();
            } catch (Throwable th4) {
                th3.addSuppressed(th4);
            }
            throw th3;
        }
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public void setTokenRoles(String str, List<String> list) throws Exception {
        StringBuilder append = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(str, endpoints.getDefaultInfrastructure()))).append(String.format("/token/user/%s/roles", Utils.getRealToken(str)));
        HttpURLConnection makeRequest = makeRequest(new URL(append.toString()), "PUT");
        makeRequest.setDoOutput(true);
        makeRequest.setDoInput(true);
        makeRequest.setRequestProperty("Content-type", "application/xml");
        ListMapper listMapper = new ListMapper(list);
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(makeRequest.getOutputStream());
        try {
            Binder.getContext().createMarshaller().marshal(listMapper, bufferedOutputStream);
            bufferedOutputStream.close();
            log.debug("response code for " + append.toString() + " is " + makeRequest.getResponseCode() + " " + makeRequest.getResponseMessage());
            if (makeRequest.getResponseCode() != 200) {
                throw new Exception("error contacting authorization service");
            }
        } catch (Throwable th) {
            try {
                bufferedOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public void removeAllReleatedToken(String str, String str2) throws Exception {
        StringBuilder append = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashfromContext(str2))).append("/token/user").append(StringPool.QUESTION).append(Constants.CONTEXT_PARAM).append(StringPool.EQUAL).append(str2).append(StringPool.AMPERSAND).append(Constants.CLIENT_ID_PARAM).append(StringPool.EQUAL).append(str);
        HttpURLConnection makeRequest = makeRequest(new URL(append.toString()), "DELETE");
        makeRequest.setDoInput(true);
        log.debug("response code for " + append.toString() + " is " + makeRequest.getResponseCode() + " " + makeRequest.getResponseMessage());
        if (makeRequest.getResponseCode() != 200 && makeRequest.getResponseCode() != 204) {
            throw new Exception("error contacting authorization service");
        }
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public AuthorizationEntry get(String str) throws ObjectNotFound, Exception {
        String realToken = Utils.getRealToken(str);
        String format = String.format("%s********", realToken.substring(0, realToken.length() - 8));
        int infrastructureHashFromToken = Utils.getInfrastructureHashFromToken(str, endpoints.getDefaultInfrastructure());
        AuthorizationEndpoint endpoint = getEndpoint(infrastructureHashFromToken);
        if (cache.containsKey(realToken) && cache.get(realToken).isValid(endpoint.getClientCacheValidity())) {
            log.trace("valid entry found in cache for token {}, returning it", format);
            return cache.get(realToken).getEntry();
        }
        log.trace("invalid entry found in cache for token {}, contacting auth service", format);
        HttpURLConnection makeRequest = makeRequest(new URL(getInternalEnpoint(infrastructureHashFromToken) + "/token/" + realToken), "GET");
        makeRequest.setDoInput(true);
        if (makeRequest.getResponseCode() == 404) {
            throw new ObjectNotFound("token " + format + " not found");
        }
        if (makeRequest.getResponseCode() != 200) {
            throw new Exception("error contacting authorization service (error code is " + makeRequest.getResponseCode() + ")");
        }
        if (makeRequest.getContentLengthLong() == 0) {
            return null;
        }
        InputStream inputStream = (InputStream) makeRequest.getContent();
        try {
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) Binder.getContext().createUnmarshaller().unmarshal(inputStream);
            if (authorizationEntry != null) {
                cache.put(realToken, new AuthorizationEntryCache(authorizationEntry));
            }
            if (inputStream != null) {
                inputStream.close();
            }
            return authorizationEntry;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public List<AuthorizationEntry> get(List<String> list) throws ObjectNotFound, Exception {
        ArrayList<String> arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        AuthorizationEndpoint authorizationEndpoint = null;
        for (String str : list) {
            String realToken = Utils.getRealToken(str);
            if (cache.containsKey(realToken) && cache.get(realToken).isValid(authorizationEndpoint.getClientCacheValidity())) {
                arrayList2.add(cache.get(realToken).getEntry());
            } else {
                arrayList.add(realToken);
            }
            if (authorizationEndpoint == null) {
                authorizationEndpoint = getEndpoint(Utils.getInfrastructureHashFromToken(str, endpoints.getDefaultInfrastructure()));
            }
        }
        StringBuilder append = new StringBuilder(getInternalEnpoint(authorizationEndpoint)).append("/token/bunch/?");
        boolean z = true;
        for (String str2 : arrayList) {
            if (z) {
                append = append.append("token=").append(str2);
                z = false;
            } else {
                append = append.append("&token=").append(str2);
            }
        }
        HttpURLConnection makeRequest = makeRequest(new URL(append.toString()), "GET");
        makeRequest.setDoInput(true);
        if (makeRequest.getResponseCode() == 404) {
            throw new ObjectNotFound("token not found");
        }
        if (makeRequest.getResponseCode() != 200) {
            throw new Exception("error contacting authorization service (error code is " + makeRequest.getResponseCode() + ")");
        }
        if (makeRequest.getContentLengthLong() == 0) {
            return null;
        }
        InputStream inputStream = (InputStream) makeRequest.getContent();
        try {
            List<AuthorizationEntry> entries = ((AuthorizationEntryList) Binder.getContext().createUnmarshaller().unmarshal(inputStream)).getEntries();
            if (inputStream != null) {
                inputStream.close();
            }
            return entries;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private HttpURLConnection makeRequest(URL url, String str) throws Exception {
        HttpURLConnection httpURLConnection = url.toString().startsWith(Http.HTTPS_WITH_SLASH) ? (HttpsURLConnection) url.openConnection() : (HttpURLConnection) url.openConnection();
        httpURLConnection.setRequestMethod(str);
        return httpURLConnection;
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public AuthorizationEndpoint getEndpoint(int i) {
        for (String str : endpoints.getEndpoints().keySet()) {
            if (Utils.getInfrastructureHashfromContext(str) == i) {
                return endpoints.getEndpoints().get(str);
            }
        }
        throw new RuntimeException("Authorization Endpoint not found for the required infrastructure");
    }

    @Override // org.gcube.common.authorization.client.proxy.AuthorizationProxy
    public void setEndpoint(EndpointsContainer endpointsContainer) {
        endpoints = endpointsContainer;
    }
}
