package de.uniba.minf.core.rest.client.security.memarc;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import de.uniba.minf.core.rest.client.security.SecurityToken;
import de.uniba.minf.core.rest.client.security.SecurityTokenException;
import de.uniba.minf.core.rest.client.security.SecurityTokenImpl;
import de.uniba.minf.core.rest.client.security.SecurityTokenIssuer;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.PublicKey;
import java.security.spec.MGF1ParameterSpec;
import java.time.Duration;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import java.util.Optional;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import org.apache.http.cookie.ClientCookie;
import org.apache.uima.pear.tools.InstallationController;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.opensaml.soap.soap12.RoleBearing;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/core-rest-client-1.0-SNAPSHOT.jar:de/uniba/minf/core/rest/client/security/memarc/MemarcSecurityTokenIssuer.class */
public class MemarcSecurityTokenIssuer implements SecurityTokenIssuer {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) MemarcSecurityTokenIssuer.class);
    private String apiServer;
    private String username;
    private String password;
    private ObjectMapper objectMapper;
    private SecurityTokenImpl currentToken;

    @Override // de.uniba.minf.core.rest.client.security.SecurityTokenIssuer
    public Optional<SecurityToken> getSecurityToken(String str) {
        if (this.currentToken == null || this.currentToken.isExpired()) {
            return fetchSecurityToken();
        }
        if (log.isDebugEnabled()) {
            log.debug("Reusing existing token");
            logCurrentToken();
        }
        return Optional.of(this.currentToken);
    }

    private Optional<SecurityToken> fetchSecurityToken() {
        try {
            UserData postLoginDataToAPI = postLoginDataToAPI(buildLoginPayloadFromData(getRSAKeyFromAPI()));
            this.currentToken = new SecurityTokenImpl();
            this.currentToken.setValue(postLoginDataToAPI.getToken());
            this.currentToken.setName("X-API-Key");
            this.currentToken.setTokenType(SecurityTokenImpl.TokenTypes.HEADER);
            this.currentToken.setExpiry(Instant.ofEpochSecond(postLoginDataToAPI.getExpires()));
            if (log.isDebugEnabled()) {
                log.debug("Fetched new token");
                logCurrentToken();
            }
            return Optional.of(this.currentToken);
        } catch (Exception e) {
            log.error("Failed to obtain valid Memarc security token", (Throwable) e);
            return Optional.empty();
        }
    }

    private void logCurrentToken() {
        log.debug("Using token {}", this.currentToken.getValue());
        log.debug("Token expires {}", this.currentToken.getExpiry() == null ? "NEVER" : this.currentToken.getExpiry());
        if (this.currentToken.getExpiry() != null) {
            log.debug("Token valid for {}", Duration.between(Instant.now(), this.currentToken.getExpiry()));
        }
    }

    private UserData postLoginDataToAPI(LoginPayload loginPayload) throws Exception {
        ObjectNode createObjectNode = this.objectMapper.createObjectNode();
        createObjectNode.put("key", loginPayload.getKey());
        createObjectNode.put(InstallationController.PACKAGE_DATA_DIR, loginPayload.getData());
        JsonNode readTree = this.objectMapper.readTree(postDataToURL(this.apiServer + "session/login-token", createObjectNode.toString()));
        UserData userData = new UserData();
        userData.setToken(readTree.get(SchemaSymbols.ATTVAL_TOKEN).asText());
        userData.setExpires(readTree.get(ClientCookie.EXPIRES_ATTR).asLong());
        userData.setFullname(readTree.get("fullname").asText());
        userData.setRole(readTree.get(RoleBearing.SOAP12_ROLE_ATTR_LOCAL_NAME).asText());
        userData.setUsergroup(readTree.get("usergroup").asText());
        if (readTree.get("acls").isArray()) {
            ArrayList arrayList = new ArrayList();
            Iterator<JsonNode> elements = readTree.get("acls").elements();
            while (elements.hasNext()) {
                arrayList.add(elements.next().asText());
            }
            userData.setAcls((String[]) arrayList.toArray(new String[arrayList.size()]));
        }
        return userData;
    }

    private LoginPayload buildLoginPayloadFromData(RSAResponse rSAResponse) throws Exception {
        LoginPayload loginPayload = new LoginPayload();
        PublicKey publicKey = rSAResponse.getPublicKey();
        ObjectNode createObjectNode = this.objectMapper.createObjectNode();
        createObjectNode.put("userName", this.username);
        createObjectNode.put("password", this.password);
        byte[] bytes = createObjectNode.toString().getBytes();
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
        cipher.init(1, publicKey, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), PSource.PSpecified.DEFAULT));
        loginPayload.setData(new String(Base64.getEncoder().encode(cipher.doFinal(bytes))));
        log.info(loginPayload.getData());
        loginPayload.setKey(rSAResponse.getKey());
        return loginPayload;
    }

    private RSAResponse getRSAKeyFromAPI() throws Exception {
        JsonNode readTree = this.objectMapper.readTree(getDataFromURL(this.apiServer + "session/rsa"));
        RSAResponse rSAResponse = new RSAResponse();
        rSAResponse.setKey(readTree.get("key").asText());
        rSAResponse.setPublicKey(readTree.get("publicKey").asText());
        return rSAResponse;
    }

    private String getDataFromURL(String str) throws IOException, SecurityTokenException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setRequestMethod("GET");
        return getHTTPResponse(httpURLConnection);
    }

    private String postDataToURL(String str, String str2) throws Exception {
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setDoOutput(true);
        OutputStream outputStream = httpURLConnection.getOutputStream();
        outputStream.write(str2.getBytes());
        outputStream.flush();
        outputStream.close();
        return getHTTPResponse(httpURLConnection);
    }

    private String getHTTPResponse(HttpURLConnection httpURLConnection) throws SecurityTokenException, IOException {
        int responseCode = httpURLConnection.getResponseCode();
        if (responseCode != 200) {
            throw new SecurityTokenException("Security token retrieval failed, HTTP response code: " + responseCode);
        }
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()));
        StringBuilder sb = new StringBuilder();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                bufferedReader.close();
                return sb.toString();
            }
            sb.append(readLine);
        }
    }

    public String getApiServer() {
        return this.apiServer;
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }

    public ObjectMapper getObjectMapper() {
        return this.objectMapper;
    }

    public SecurityTokenImpl getCurrentToken() {
        return this.currentToken;
    }

    public void setApiServer(String str) {
        this.apiServer = str;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setObjectMapper(ObjectMapper objectMapper) {
        this.objectMapper = objectMapper;
    }

    public void setCurrentToken(SecurityTokenImpl securityTokenImpl) {
        this.currentToken = securityTokenImpl;
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof MemarcSecurityTokenIssuer)) {
            return false;
        }
        MemarcSecurityTokenIssuer memarcSecurityTokenIssuer = (MemarcSecurityTokenIssuer) obj;
        if (!memarcSecurityTokenIssuer.canEqual(this)) {
            return false;
        }
        String apiServer = getApiServer();
        String apiServer2 = memarcSecurityTokenIssuer.getApiServer();
        if (apiServer == null) {
            if (apiServer2 != null) {
                return false;
            }
        } else if (!apiServer.equals(apiServer2)) {
            return false;
        }
        String username = getUsername();
        String username2 = memarcSecurityTokenIssuer.getUsername();
        if (username == null) {
            if (username2 != null) {
                return false;
            }
        } else if (!username.equals(username2)) {
            return false;
        }
        String password = getPassword();
        String password2 = memarcSecurityTokenIssuer.getPassword();
        if (password == null) {
            if (password2 != null) {
                return false;
            }
        } else if (!password.equals(password2)) {
            return false;
        }
        ObjectMapper objectMapper = getObjectMapper();
        ObjectMapper objectMapper2 = memarcSecurityTokenIssuer.getObjectMapper();
        if (objectMapper == null) {
            if (objectMapper2 != null) {
                return false;
            }
        } else if (!objectMapper.equals(objectMapper2)) {
            return false;
        }
        SecurityTokenImpl currentToken = getCurrentToken();
        SecurityTokenImpl currentToken2 = memarcSecurityTokenIssuer.getCurrentToken();
        return currentToken == null ? currentToken2 == null : currentToken.equals(currentToken2);
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof MemarcSecurityTokenIssuer;
    }

    public int hashCode() {
        String apiServer = getApiServer();
        int hashCode = (1 * 59) + (apiServer == null ? 43 : apiServer.hashCode());
        String username = getUsername();
        int hashCode2 = (hashCode * 59) + (username == null ? 43 : username.hashCode());
        String password = getPassword();
        int hashCode3 = (hashCode2 * 59) + (password == null ? 43 : password.hashCode());
        ObjectMapper objectMapper = getObjectMapper();
        int hashCode4 = (hashCode3 * 59) + (objectMapper == null ? 43 : objectMapper.hashCode());
        SecurityTokenImpl currentToken = getCurrentToken();
        return (hashCode4 * 59) + (currentToken == null ? 43 : currentToken.hashCode());
    }

    public String toString() {
        return "MemarcSecurityTokenIssuer(apiServer=" + getApiServer() + ", username=" + getUsername() + ", password=" + getPassword() + ", objectMapper=" + getObjectMapper() + ", currentToken=" + getCurrentToken() + ")";
    }
}
