package org.jgroups.protocols;

import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.web.page.admin.roles.SearchBoxConfigurationHelper;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.ProtocolException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import javax.script.ScriptException;
import javax.script.SimpleBindings;
import net.shibboleth.utilities.java.support.scripting.AbstractScriptEvaluator;
import org.apache.activemq.artemis.utils.uri.SchemaConstants;
import org.apache.wicket.markup.resolver.WicketContainerResolver;
import org.jgroups.Address;
import org.jgroups.annotations.Experimental;
import org.jgroups.annotations.Property;
import org.jgroups.logging.Log;
import org.jgroups.util.Responses;
import org.jgroups.util.Util;

@Experimental
/* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING.class */
public class SWIFT_PING extends FILE_PING {
    protected SwiftClient swiftClient;

    @Property(description = "Authentication url")
    protected String auth_url;

    @Property(description = "Openstack Keystone tenant name")
    protected String tenant;

    @Property(description = "Username")
    protected String username;

    @Property(description = "Password", exposeAsManagedAttribute = false)
    protected String password;

    @Property(description = "Authentication type")
    protected String auth_type = "keystone_v_2_0";

    @Property(description = "Name of the root container")
    protected String container = SchemaConstants.JGROUPS;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$AUTH_TYPE.class */
    public enum AUTH_TYPE {
        KEYSTONE_V_2_0("keystone_v_2_0");

        private static final Map<String, AUTH_TYPE> LOOKUP = new HashMap();
        private final String configName;

        AUTH_TYPE(String str) {
            this.configName = str;
        }

        public static AUTH_TYPE getByConfigName(String str) {
            return LOOKUP.get(str);
        }

        static {
            Iterator it = EnumSet.allOf(AUTH_TYPE.class).iterator();
            while (it.hasNext()) {
                AUTH_TYPE auth_type = (AUTH_TYPE) it.next();
                LOOKUP.put(auth_type.configName, auth_type);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$Authenticator.class */
    public interface Authenticator {
        void validateParams();

        Credentials authenticate() throws Exception;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$ConnBuilder.class */
    public static class ConnBuilder {
        private final HttpURLConnection con;

        public ConnBuilder(URL url) throws IOException {
            this.con = (HttpURLConnection) url.openConnection();
        }

        public ConnBuilder(Credentials credentials, String str, String str2) throws IOException {
            String str3 = credentials.storageUrl + "/" + str;
            this.con = (HttpURLConnection) new URL(str2 != null ? str3 + "/" + str2 : str3).openConnection();
        }

        public ConnBuilder method(String str) throws ProtocolException {
            this.con.setRequestMethod(str);
            return this;
        }

        public ConnBuilder addHeader(String str, String str2) {
            this.con.setRequestProperty(str, str2);
            return this;
        }

        public HttpURLConnection getConnection() {
            return this.con;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$Credentials.class */
    public static class Credentials {
        private final String authToken;
        private final String storageUrl;

        public Credentials(String str, String str2) {
            this.authToken = str;
            this.storageUrl = str2;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$HttpHeaders.class */
    private static class HttpHeaders {
        private static final String CONTENT_TYPE_HEADER = "Content-type";
        private static final String ACCEPT_HEADER = "Accept";
        private static final String STORAGE_TOKEN_HEADER = "X-Storage-Token";
        private static final String CONTENT_LENGTH_HEADER = "Content-Length";

        private HttpHeaders() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$HttpResponse.class */
    public static class HttpResponse {
        private final Map<String, List<String>> headers;
        private final int code;
        private final byte[] payload;

        HttpResponse(Map<String, List<String>> map, int i, byte[] bArr) {
            this.headers = map;
            this.code = i;
            this.payload = bArr;
        }

        public List<String> payloadAsLines() throws IOException {
            ArrayList arrayList = new ArrayList();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(this.payload)));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    bufferedReader.close();
                    return arrayList;
                }
                arrayList.add(readLine);
            }
        }

        public boolean isSuccessCode() {
            return Utils.isSuccessCode(this.code);
        }

        public boolean isAuthDenied() {
            return Utils.isAuthDenied(this.code);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$Keystone_V_2_0_Auth.class */
    public static class Keystone_V_2_0_Auth implements Authenticator {
        private static final String JSON_RESPONSE_PARSING_SCRIPT = "var response = JSON.parse(json);var result = {};result.id = response.access.token.id;var serviceCatalog = response.access.serviceCatalog;for (var i = 0; i < serviceCatalog.length; i++) {    var service = serviceCatalog[i];    if (service.type == \"object-store\") {        result.url = service.endpoints[0].publicURL;        break;    }}result;";
        private static final Object scriptEngineLock = new Object();
        private static ScriptEngine scriptEngine;
        private final String tenant;
        private final URL authUrl;
        private final String username;
        private final String password;

        public Keystone_V_2_0_Auth(String str, URL url, String str2, String str3) {
            this.tenant = str;
            this.authUrl = url;
            this.username = str2;
            this.password = str3;
        }

        @Override // org.jgroups.protocols.SWIFT_PING.Authenticator
        public void validateParams() {
            Utils.validateNotEmpty(this.tenant, SearchBoxConfigurationHelper.F_TENANT);
        }

        @Override // org.jgroups.protocols.SWIFT_PING.Authenticator
        public Credentials authenticate() throws Exception {
            HttpURLConnection connection = new ConnBuilder(this.authUrl).addHeader("Content-type", "application/json").addHeader("Accept", "application/json").getConnection();
            StringBuilder sb = new StringBuilder();
            sb.append("{\"auth\": {\"tenantName\": \"").append(this.tenant).append("\", \"passwordCredentials\": {\"username\": \"").append(this.username).append("\", \"password\": \"").append(this.password).append("\"}}}");
            HttpResponse doOperation = Utils.doOperation(connection, sb.toString().getBytes(), true);
            if (!doOperation.isSuccessCode()) {
                throw new IllegalStateException("Error authenticating to the service. Please check your credentials. Code = " + doOperation.code);
            }
            Map<String, String> parseJsonResponse = parseJsonResponse(new String(doOperation.payload, StandardCharsets.UTF_8));
            String str = parseJsonResponse.get("id");
            String str2 = parseJsonResponse.get("url");
            if (str == null) {
                throw new IllegalStateException("Missing token id in authentication response");
            }
            if (str2 == null) {
                throw new IllegalStateException("Missing storage service URL in authentication response");
            }
            return new Credentials(str, str2);
        }

        protected static Map<String, String> parseJsonResponse(String str) throws ScriptException {
            Map<String, String> map;
            synchronized (scriptEngineLock) {
                if (scriptEngine == null) {
                    scriptEngine = new ScriptEngineManager().getEngineByName(AbstractScriptEvaluator.DEFAULT_ENGINE);
                    if (scriptEngine == null) {
                        throw new RuntimeException("Failed to load JavaScript script engine");
                    }
                }
                SimpleBindings simpleBindings = new SimpleBindings();
                simpleBindings.put(PrismContext.LANG_JSON, str);
                map = (Map) scriptEngine.eval(JSON_RESPONSE_PARSING_SCRIPT, simpleBindings);
            }
            return map;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$SwiftClient.class */
    protected static class SwiftClient {
        private final Authenticator authenticator;
        private volatile Credentials credentials;
        private final Log log;

        public SwiftClient(Authenticator authenticator, Log log) {
            this.authenticator = authenticator;
            this.log = log;
        }

        public void authenticate() throws Exception {
            this.credentials = this.authenticator.authenticate();
        }

        public void deleteObject(String str, String str2) throws Exception {
            HttpResponse doVoidOperation = Utils.doVoidOperation(getConnBuilder(str, str2).method("DELETE").getConnection());
            if (doVoidOperation.isSuccessCode()) {
                return;
            }
            if (!doVoidOperation.isAuthDenied()) {
                this.log.error(Util.getMessage("ErrorDeletingObject") + str2 + " from container " + str + ",code = " + doVoidOperation.code);
                return;
            }
            this.log.warn("Refreshing credentials and retrying");
            authenticate();
            deleteObject(str, str2);
        }

        public void createContainer(String str) throws Exception {
            HttpResponse doVoidOperation = Utils.doVoidOperation(getConnBuilder(str, null).method("PUT").getConnection());
            if (doVoidOperation.isSuccessCode()) {
                return;
            }
            if (!doVoidOperation.isAuthDenied()) {
                this.log.error(Util.getMessage("ErrorCreatingContainer") + str + " ,code = " + doVoidOperation.code);
                return;
            }
            this.log.warn("Refreshing credentials and retrying");
            authenticate();
            createContainer(str);
        }

        public void createObject(String str, String str2, byte[] bArr) throws Exception {
            HttpResponse doSendOperation = Utils.doSendOperation(getConnBuilder(str, str2).method("PUT").addHeader("Content-Length", String.valueOf(bArr.length)).getConnection(), bArr);
            if (doSendOperation.isSuccessCode()) {
                return;
            }
            if (!doSendOperation.isAuthDenied()) {
                this.log.error(Util.getMessage("ErrorCreatingObject") + str2 + " in container " + str + ",code = " + doSendOperation.code);
                return;
            }
            this.log.warn("Refreshing credentials and retrying");
            authenticate();
            createObject(str, str2, bArr);
        }

        public byte[] readObject(String str, String str2) throws Exception {
            HttpResponse doReadOperation = Utils.doReadOperation(getConnBuilder(str, str2).getConnection());
            if (!doReadOperation.isSuccessCode()) {
                if (doReadOperation.isAuthDenied()) {
                    this.log.warn("Refreshing credentials and retrying");
                    authenticate();
                    return readObject(str, str2);
                }
                this.log.error(Util.getMessage("ErrorReadingObject") + str2 + " from container " + str + ", code = " + doReadOperation.code);
            }
            return doReadOperation.payload;
        }

        public List<String> listObjects(String str) throws Exception {
            HttpResponse doReadOperation = Utils.doReadOperation(getConnBuilder(str, null).getConnection());
            if (!doReadOperation.isSuccessCode()) {
                if (doReadOperation.isAuthDenied()) {
                    this.log.warn("Refreshing credentials and retrying");
                    authenticate();
                    return listObjects(str);
                }
                this.log.error(Util.getMessage("ErrorListingContainer") + str + ", code = " + doReadOperation.code);
            }
            return doReadOperation.payloadAsLines();
        }

        private ConnBuilder getConnBuilder(String str, String str2) throws IOException {
            ConnBuilder connBuilder = new ConnBuilder(this.credentials, str, str2);
            connBuilder.addHeader("X-Storage-Token", this.credentials.authToken);
            connBuilder.addHeader("Accept", "*/*");
            return connBuilder;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/jgroups-5.3.2.Final.jar:org/jgroups/protocols/SWIFT_PING$Utils.class */
    public static class Utils {
        private Utils() {
        }

        public static void validateNotEmpty(String str, String str2) {
            if (str == null || str.trim().isEmpty()) {
                throw new IllegalArgumentException("'" + str2 + "' cannot be empty");
            }
        }

        public static boolean isSuccessCode(int i) {
            return i >= 200 && i < 300;
        }

        public static boolean isAuthDenied(int i) {
            return i == 401;
        }

        public static HttpResponse doOperation(HttpURLConnection httpURLConnection, byte[] bArr, boolean z) throws IOException {
            OutputStream outputStream = null;
            byte[] bArr2 = null;
            if (bArr != null) {
                try {
                    httpURLConnection.setDoOutput(true);
                    outputStream = httpURLConnection.getOutputStream();
                    outputStream.write(bArr);
                } catch (Throwable th) {
                    Util.close((Closeable) null);
                    Util.close(outputStream);
                    throw th;
                }
            }
            int responseCode = httpURLConnection.getResponseCode();
            if (z && isSuccessCode(responseCode)) {
                bArr2 = getBytes(httpURLConnection.getInputStream());
            }
            HttpResponse httpResponse = new HttpResponse(httpURLConnection.getHeaderFields(), responseCode, bArr2);
            Util.close((Closeable) null);
            Util.close(outputStream);
            return httpResponse;
        }

        public static byte[] getBytes(InputStream inputStream) throws IOException {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[4096];
            while (true) {
                int read = inputStream.read(bArr);
                if (read == -1) {
                    return byteArrayOutputStream.toByteArray();
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        }

        public static HttpResponse doVoidOperation(HttpURLConnection httpURLConnection) throws IOException {
            return doOperation(httpURLConnection, null, false);
        }

        public static HttpResponse doSendOperation(HttpURLConnection httpURLConnection, byte[] bArr) throws IOException {
            return doOperation(httpURLConnection, bArr, false);
        }

        public static HttpResponse doReadOperation(HttpURLConnection httpURLConnection) throws IOException {
            return doOperation(httpURLConnection, null, true);
        }
    }

    @Override // org.jgroups.protocols.FILE_PING, org.jgroups.protocols.Discovery, org.jgroups.stack.Protocol, org.jgroups.Lifecycle
    public void init() throws Exception {
        Utils.validateNotEmpty(this.auth_url, "auth_url");
        Utils.validateNotEmpty(this.auth_type, "auth_type");
        Utils.validateNotEmpty(this.username, "username");
        Utils.validateNotEmpty(this.password, "password");
        Utils.validateNotEmpty(this.container, WicketContainerResolver.CONTAINER);
        Authenticator createAuthenticator = createAuthenticator();
        createAuthenticator.validateParams();
        this.swiftClient = new SwiftClient(createAuthenticator, this.log);
        this.swiftClient.authenticate();
        super.init();
    }

    private Authenticator createAuthenticator() throws Exception {
        AUTH_TYPE byConfigName = AUTH_TYPE.getByConfigName(this.auth_type);
        if (byConfigName == null) {
            throw new IllegalArgumentException("Invalid 'auth_type' : " + this.auth_type);
        }
        URL url = new URL(this.auth_url);
        switch (byConfigName) {
            case KEYSTONE_V_2_0:
                return new Keystone_V_2_0_Auth(this.tenant, url, this.username, this.password);
            default:
                throw new IllegalStateException("Could not select authenticator");
        }
    }

    @Override // org.jgroups.protocols.FILE_PING
    protected void createRootDir() {
        try {
            this.swiftClient.createContainer(this.container);
        } catch (Exception e) {
            this.log.error(Util.getMessage("FailureCreatingContainer"), e);
        }
    }

    @Override // org.jgroups.protocols.FILE_PING
    protected void readAll(List<Address> list, String str, Responses responses) {
        try {
            for (String str2 : this.swiftClient.listObjects(this.container)) {
                List<PingData> read = read(new ByteArrayInputStream(this.swiftClient.readObject(this.container, str2)));
                if (read == null) {
                    this.log.warn("failed reading " + str2);
                } else {
                    for (PingData pingData : read) {
                        if (list == null || list.contains(pingData.getAddress())) {
                            responses.addResponse(pingData, pingData.isCoord());
                        }
                        if (this.local_addr != null && !this.local_addr.equals(pingData.getAddress())) {
                            addDiscoveryResponseToCaches(pingData.getAddress(), pingData.getLogicalName(), pingData.getPhysicalAddr());
                        }
                    }
                }
            }
        } catch (Exception e) {
            this.log.error(Util.getMessage("ErrorUnmarshallingObject"), e);
        }
    }

    @Override // org.jgroups.protocols.FILE_PING
    protected void write(List<PingData> list, String str) {
        try {
            String str2 = str + "/" + addressToFilename(this.local_addr);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(4096);
            write(list, byteArrayOutputStream);
            this.swiftClient.createObject(this.container, str2, byteArrayOutputStream.toByteArray());
        } catch (Exception e) {
            this.log.error(Util.getMessage("ErrorMarshallingObject"), e);
        }
    }

    @Override // org.jgroups.protocols.FILE_PING
    protected void remove(String str, Address address) {
        try {
            this.swiftClient.deleteObject(this.container, str + "/" + addressToFilename(address));
        } catch (Exception e) {
            this.log.error(Util.getMessage("FailureRemovingData"), e);
        }
    }

    @Override // org.jgroups.protocols.FILE_PING
    protected void removeAll(String str) {
        try {
            Iterator<String> it = this.swiftClient.listObjects(this.container).iterator();
            while (it.hasNext()) {
                this.swiftClient.deleteObject(this.container, it.next());
            }
        } catch (Exception e) {
            this.log.error(Util.getMessage("FailedRemovingObjects"), e);
        }
    }
}
