package com.att.cadi.aaf.v2_0;

import aaf.v2_0.Certs;
import aaf.v2_0.Error;
import aaf.v2_0.Perms;
import aaf.v2_0.Users;
import com.att.cadi.AbsUserCache;
import com.att.cadi.CadiException;
import com.att.cadi.CadiWrap;
import com.att.cadi.Connector;
import com.att.cadi.LocatorException;
import com.att.cadi.PropAccess;
import com.att.cadi.SecuritySetter;
import com.att.cadi.aaf.AAFPermission;
import com.att.cadi.aaf.marshal.CertsMarshal;
import com.att.cadi.client.AbsBasicAuth;
import com.att.cadi.client.Future;
import com.att.cadi.client.Rcli;
import com.att.cadi.client.Retryable;
import com.att.cadi.config.SecurityInfoC;
import com.att.cadi.lur.EpiLur;
import com.att.cadi.principal.BasicPrincipal;
import com.att.cadi.util.Vars;
import com.att.inno.env.APIException;
import com.att.inno.env.Data;
import com.att.inno.env.util.Split;
import com.att.rosetta.env.RosettaDF;
import com.att.rosetta.env.RosettaEnv;
import java.net.URI;
import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/att/cadi/aaf/v2_0/AAFCon.class */
public abstract class AAFCon<CLIENT> implements Connector {
    public static final String AAF_LATEST_VERSION = "2.0";
    public final PropAccess access;
    public final int timeout;
    public final int cleanInterval;
    public final int connTimeout;
    public final int highCount;
    public final int userExpires;
    public final int usageRefreshTriggerCount;
    private Map<String, Rcli<CLIENT>> clients = new ConcurrentHashMap();
    public final RosettaDF<Perms> permsDF;
    public final RosettaDF<Certs> certsDF;
    public final RosettaDF<Users> usersDF;
    public final RosettaDF<Error> errDF;
    private String realm;
    public final String app;
    protected SecuritySetter<CLIENT> ss;
    protected SecurityInfoC<CLIENT> si;
    private DisableCheck disableCheck;
    private AAFLurPerm lur;
    private RosettaEnv env;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/att/cadi/aaf/v2_0/AAFCon$DisableCheck.class */
    public interface DisableCheck {
        boolean isDisabled();
    }

    protected abstract URI initURI();

    protected abstract void setInitURI(String str) throws CadiException;

    public Rcli<CLIENT> client(String str) throws CadiException {
        Rcli<CLIENT> rcli = this.clients.get(str);
        if (rcli == null) {
            rcli = rclient(initURI(), this.ss);
            rcli.apiVersion(str).readTimeout(this.connTimeout);
            this.clients.put(str, rcli);
        }
        return rcli;
    }

    public Rcli<CLIENT> clientAs(String str, ServletRequest servletRequest) throws CadiException {
        return client(str).forUser(transferSS(((HttpServletRequest) servletRequest).getUserPrincipal()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AAFCon(AAFCon<CLIENT> aAFCon) {
        this.access = aAFCon.access;
        this.timeout = aAFCon.timeout;
        this.cleanInterval = aAFCon.cleanInterval;
        this.connTimeout = aAFCon.connTimeout;
        this.highCount = aAFCon.highCount;
        this.userExpires = aAFCon.userExpires;
        this.usageRefreshTriggerCount = aAFCon.usageRefreshTriggerCount;
        this.permsDF = aAFCon.permsDF;
        this.certsDF = aAFCon.certsDF;
        this.usersDF = aAFCon.usersDF;
        this.errDF = aAFCon.errDF;
        this.app = aAFCon.app;
        this.ss = aAFCon.ss;
        this.si = aAFCon.si;
        this.env = aAFCon.env;
        this.disableCheck = aAFCon.disableCheck;
        this.realm = aAFCon.realm;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AAFCon(PropAccess propAccess, String str, SecurityInfoC<CLIENT> securityInfoC) throws CadiException {
        if (str == null) {
            throw new CadiException("AAFCon cannot be constructed with a tag=null");
        }
        try {
            this.access = propAccess;
            this.si = securityInfoC;
            this.ss = securityInfoC.defSS;
            if (this.ss == null) {
                String property = propAccess.getProperty("aaf_id", (String) null);
                String property2 = propAccess.getProperty("aaf_password", (String) null);
                if (property2 == null) {
                    String property3 = propAccess.getProperty("cadi_alias", property);
                    if (property3 == null) {
                        throw new CadiException("cadi_alias or aaf_id required.");
                    }
                    SecuritySetter<CLIENT> x509Alias = x509Alias(property3);
                    securityInfoC.defSS = x509Alias;
                    set(x509Alias);
                } else if (property == null || property2 == null) {
                    SecuritySetter<CLIENT> securitySetter = new SecuritySetter<CLIENT>() { // from class: com.att.cadi.aaf.v2_0.AAFCon.1
                        public String getID() {
                            return "";
                        }

                        public void setSecurity(CLIENT client) throws CadiException {
                            throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
                        }

                        public int setLastResponse(int i) {
                            return 0;
                        }
                    };
                    securityInfoC.defSS = securitySetter;
                    set(securitySetter);
                } else {
                    SecuritySetter<CLIENT> basicAuth = basicAuth(property, property2);
                    securityInfoC.defSS = basicAuth;
                    set(basicAuth);
                }
            }
            this.timeout = Integer.parseInt(propAccess.getProperty("aaf_timeout", "5000"));
            this.cleanInterval = Integer.parseInt(propAccess.getProperty("aaf_clean_interval", "30000"));
            this.highCount = Integer.parseInt(propAccess.getProperty("aaf_high_count", "1000").trim());
            this.connTimeout = Integer.parseInt(propAccess.getProperty("aaf_conn_timeout", "3000").trim());
            this.userExpires = Integer.parseInt(propAccess.getProperty("aaf_user_expires", "600000").trim());
            this.usageRefreshTriggerCount = Integer.parseInt(propAccess.getProperty("aaf_user_expires", "600000").trim()) - 1;
            String property4 = propAccess.getProperty(str, (String) null);
            if (property4 == null) {
                throw new CadiException(str + " property is required.");
            }
            setInitURI(property4);
            this.app = reverseDomain(this.ss.getID());
            this.realm = "openecomp.org";
            this.env = new RosettaEnv();
            this.permsDF = this.env.newDataFactory(new Class[]{Perms.class});
            this.usersDF = this.env.newDataFactory(new Class[]{Users.class});
            this.certsDF = this.env.newDataFactory(new Class[]{Certs.class});
            this.certsDF.rootMarshal(new CertsMarshal());
            this.errDF = this.env.newDataFactory(new Class[]{Error.class});
        } catch (APIException e) {
            throw new CadiException("AAFCon cannot be configured", e);
        }
    }

    public RosettaEnv env() {
        return this.env;
    }

    public static final AAFCon<?> obtain(Object obj) {
        EpiLur lur;
        if (!(obj instanceof CadiWrap) || (lur = ((CadiWrap) obj).getLur()) == null) {
            return null;
        }
        if (!(lur instanceof EpiLur)) {
            if (lur instanceof AbsAAFLur) {
                return ((AbsAAFLur) lur).aaf;
            }
            return null;
        }
        AbsAAFLur subLur = lur.subLur(AbsAAFLur.class);
        if (subLur != null) {
            return subLur.aaf;
        }
        return null;
    }

    public abstract AAFCon<CLIENT> clone(String str) throws CadiException;

    public AAFAuthn<CLIENT> newAuthn() throws APIException {
        try {
            return new AAFAuthn<>(this);
        } catch (Exception e) {
            throw new APIException(e);
        } catch (APIException e2) {
            throw e2;
        }
    }

    public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> absUserCache) throws APIException {
        try {
            return new AAFAuthn<>(this, absUserCache);
        } catch (Exception e) {
            throw new APIException(e);
        } catch (APIException e2) {
            throw e2;
        }
    }

    /* renamed from: newLur, reason: merged with bridge method [inline-methods] */
    public AAFLurPerm m4newLur() throws CadiException {
        try {
            return this.lur == null ? new AAFLurPerm(this) : new AAFLurPerm(this, this.lur);
        } catch (Exception e) {
            throw new CadiException(e);
        } catch (CadiException e2) {
            throw e2;
        }
    }

    public AAFLurPerm newLur(AbsUserCache<AAFPermission> absUserCache) throws APIException {
        try {
            return new AAFLurPerm(this, absUserCache);
        } catch (Exception e) {
            throw new APIException(e);
        } catch (APIException e2) {
            throw e2;
        }
    }

    public static String reverseDomain(String str) {
        StringBuilder sb = null;
        String[] split = Split.split('.', str);
        for (int length = split.length - 1; length >= 0; length--) {
            if (sb == null) {
                sb = new StringBuilder();
            } else {
                sb.append('.');
            }
            int indexOf = split[length].indexOf(64);
            if (indexOf > 0) {
                sb.append(split[length].subSequence(indexOf + 1, split[length].length()));
            } else {
                sb.append(split[length]);
            }
        }
        return sb == null ? "" : sb.toString();
    }

    protected abstract Rcli<CLIENT> rclient(URI uri, SecuritySetter<CLIENT> securitySetter) throws CadiException;

    public abstract <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException;

    public abstract SecuritySetter<CLIENT> basicAuth(String str, String str2) throws CadiException;

    public abstract SecuritySetter<CLIENT> transferSS(Principal principal) throws CadiException;

    public abstract SecuritySetter<CLIENT> basicAuthSS(BasicPrincipal basicPrincipal) throws CadiException;

    public abstract SecuritySetter<CLIENT> x509Alias(String str) throws APIException, CadiException;

    public String getRealm() {
        return this.realm;
    }

    public SecuritySetter<CLIENT> set(final SecuritySetter<CLIENT> securitySetter) {
        this.ss = securitySetter;
        if (securitySetter instanceof AbsBasicAuth) {
            this.disableCheck = securitySetter instanceof AbsBasicAuth ? new DisableCheck() { // from class: com.att.cadi.aaf.v2_0.AAFCon.2
                AbsBasicAuth<?> aba;

                {
                    this.aba = securitySetter;
                }

                @Override // com.att.cadi.aaf.v2_0.AAFCon.DisableCheck
                public boolean isDisabled() {
                    return this.aba.isDenied();
                }
            } : new DisableCheck() { // from class: com.att.cadi.aaf.v2_0.AAFCon.3
                @Override // com.att.cadi.aaf.v2_0.AAFCon.DisableCheck
                public boolean isDisabled() {
                    return isDisabled();
                }
            };
        }
        Iterator<Rcli<CLIENT>> it = this.clients.values().iterator();
        while (it.hasNext()) {
            it.next().setSecuritySetter(securitySetter);
        }
        return securitySetter;
    }

    public SecurityInfoC<CLIENT> securityInfo() {
        return this.si;
    }

    public String defID() {
        return this.ss != null ? this.ss.getID() : "unknown";
    }

    public void invalidate() throws CadiException {
        for (Rcli<CLIENT> rcli : this.clients.values()) {
            rcli.invalidate();
            this.clients.remove(rcli);
        }
    }

    public String readableErrMsg(Future<?> future) {
        String body = future.body();
        if (body == null || body.length() == 0) {
            body = future.code() + ": **No Message**";
        } else if (body.contains("%")) {
            try {
                Error error = (Error) this.errDF.newData().in(Data.TYPE.JSON).load(future.body()).asObject();
                return Vars.convert(error.getText(), error.getVariables());
            } catch (APIException e) {
            }
        }
        return body;
    }

    public boolean isDisabled() {
        return this.disableCheck.isDisabled();
    }
}
