package org.wso2.carbon.appmgt.gateway.handlers.security;

import java.util.ArrayList;
import javax.cache.Cache;
import javax.cache.Caching;
import org.apache.axis2.engine.AxisConfiguration;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.rest.RESTUtils;
import org.wso2.carbon.appmgt.api.model.URITemplate;
import org.wso2.carbon.appmgt.gateway.handlers.security.keys.APIKeyDataStore;
import org.wso2.carbon.appmgt.gateway.handlers.security.keys.WSAPIKeyDataStore;
import org.wso2.carbon.appmgt.gateway.handlers.security.thrift.ThriftAPIDataStore;
import org.wso2.carbon.appmgt.gateway.handlers.throttling.APIThrottleConstants;
import org.wso2.carbon.appmgt.gateway.internal.ServiceReferenceHolder;
import org.wso2.carbon.appmgt.impl.dto.APIInfoDTO;
import org.wso2.carbon.appmgt.impl.dto.APIKeyValidationInfoDTO;
import org.wso2.carbon.appmgt.impl.dto.ResourceInfoDTO;
import org.wso2.carbon.appmgt.impl.dto.VerbInfoDTO;

/* loaded from: input_file:org/wso2/carbon/appmgt/gateway/handlers/security/APIKeyValidator.class */
public class APIKeyValidator {
    private APIKeyDataStore dataStore;
    private AxisConfiguration axisConfig;
    private boolean isGatewayAPIKeyValidationEnabled;
    protected static final Log log = LogFactory.getLog(APIKeyValidator.class);

    public APIKeyValidator(AxisConfiguration axisConfiguration) {
        this.isGatewayAPIKeyValidationEnabled = true;
        this.axisConfig = axisConfiguration;
        String keyValidatorClientType = APISecurityUtils.getKeyValidatorClientType();
        if ("WSClient".equals(keyValidatorClientType)) {
            this.dataStore = new WSAPIKeyDataStore();
        } else if ("ThriftClient".equals(keyValidatorClientType)) {
            this.dataStore = new ThriftAPIDataStore();
        }
        this.isGatewayAPIKeyValidationEnabled = isAPIKeyValidationEnabled();
        getKeyCache();
        getResourceCache();
    }

    protected Cache getKeyCache() {
        return Caching.getCacheManager("API_MANAGER_CACHE").getCache("keyCache");
    }

    protected Cache getResourceCache() {
        return Caching.getCacheManager("API_MANAGER_CACHE").getCache("resourceCache");
    }

    public APIKeyValidationInfoDTO getKeyValidationInfo(String str, String str2, String str3, String str4, String str5) throws APISecurityException {
        APIKeyValidationInfoDTO aPIKeyValidationInfoDTO;
        String str6 = str2 + ":" + str + ":" + str3 + ":" + str4;
        if (this.isGatewayAPIKeyValidationEnabled && (aPIKeyValidationInfoDTO = (APIKeyValidationInfoDTO) getKeyCache().get(str6)) != null) {
            return aPIKeyValidationInfoDTO;
        }
        APIKeyValidationInfoDTO doGetKeyValidationInfo = doGetKeyValidationInfo(str, str3, str2, str4, str5);
        if (doGetKeyValidationInfo == null) {
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, "WebApp key validator returned null");
        }
        if (this.isGatewayAPIKeyValidationEnabled && str5 == null) {
            getKeyCache().put(str6, doGetKeyValidationInfo);
        }
        return doGetKeyValidationInfo;
    }

    protected APIKeyValidationInfoDTO doGetKeyValidationInfo(String str, String str2, String str3, String str4, String str5) throws APISecurityException {
        return this.dataStore.getAPIKeyData(str, str2, str3, str4, str5);
    }

    public void cleanup() {
        this.dataStore.cleanup();
    }

    public boolean isAPIKeyValidationEnabled() {
        try {
            return Boolean.parseBoolean(ServiceReferenceHolder.getInstance().getAPIManagerConfiguration().getFirstProperty("APIGateway.EnableGatewayKeyCache"));
        } catch (Exception e) {
            log.error("Did not found valid WebApp Validation Information cache configuration. Use default configuration" + e);
            return true;
        }
    }

    public String getResourceAuthenticationScheme(String str, String str2, String str3, String str4) throws APISecurityException {
        String str5 = str + ":" + str2;
        APIInfoDTO aPIInfoDTO = this.isGatewayAPIKeyValidationEnabled ? (APIInfoDTO) getResourceCache().get(str5) : null;
        if (aPIInfoDTO == null) {
            aPIInfoDTO = doGetAPIInfo(str, str2);
            getResourceCache().put(str5, aPIInfoDTO);
        }
        if (APIThrottleConstants.URL_MAPPING_SEPERATOR.equals(str3)) {
            String str6 = str + APIThrottleConstants.URL_MAPPING_SEPERATOR + str2 + str3 + ":" + str4;
            VerbInfoDTO verbInfoDTO = this.isGatewayAPIKeyValidationEnabled ? (VerbInfoDTO) getResourceCache().get(str6) : null;
            if (verbInfoDTO != null) {
                return verbInfoDTO.getAuthType();
            }
            for (ResourceInfoDTO resourceInfoDTO : aPIInfoDTO.getResources()) {
                if ("/*".equals(resourceInfoDTO.getUrlPattern())) {
                    for (VerbInfoDTO verbInfoDTO2 : resourceInfoDTO.getHttpVerbs()) {
                        if (verbInfoDTO2.getHttpVerb().equals(str4)) {
                            getResourceCache().put(str6, verbInfoDTO2);
                            return verbInfoDTO2.getAuthType();
                        }
                    }
                }
            }
        }
        String trimTrailingSlashes = RESTUtils.trimTrailingSlashes(str3);
        while (true) {
            String str7 = trimTrailingSlashes;
            if (str7.length() <= 1) {
                return "noMatchedAuthScheme";
            }
            String str8 = str + APIThrottleConstants.URL_MAPPING_SEPERATOR + str2 + str7 + ":" + str4;
            VerbInfoDTO verbInfoDTO3 = this.isGatewayAPIKeyValidationEnabled ? (VerbInfoDTO) getResourceCache().get(str8) : null;
            if (verbInfoDTO3 != null) {
                return verbInfoDTO3.getAuthType();
            }
            for (ResourceInfoDTO resourceInfoDTO2 : aPIInfoDTO.getResources()) {
                String urlPattern = resourceInfoDTO2.getUrlPattern();
                if (urlPattern.endsWith("/*")) {
                    urlPattern = urlPattern.substring(0, urlPattern.length() - 2);
                }
                if (str7.endsWith(RESTUtils.trimTrailingSlashes(urlPattern))) {
                    for (VerbInfoDTO verbInfoDTO4 : resourceInfoDTO2.getHttpVerbs()) {
                        if (verbInfoDTO4.getHttpVerb().equals(str4)) {
                            getResourceCache().put(str8, verbInfoDTO4);
                            return verbInfoDTO4.getAuthType();
                        }
                    }
                }
            }
            int lastIndexOf = str7.lastIndexOf(APIThrottleConstants.URL_MAPPING_SEPERATOR);
            trimTrailingSlashes = str7.substring(0, lastIndexOf <= 0 ? 0 : lastIndexOf);
        }
    }

    private APIInfoDTO doGetAPIInfo(String str, String str2) throws APISecurityException {
        APIInfoDTO aPIInfoDTO = new APIInfoDTO();
        getAllURITemplates(str, str2);
        return aPIInfoDTO;
    }

    public VerbInfoDTO getVerbInfoDTOFromAPIData(String str, String str2, String str3, String str4) throws APISecurityException {
        String str5 = str + ":" + str2;
        APIInfoDTO aPIInfoDTO = (APIInfoDTO) getResourceCache().get(str5);
        if (aPIInfoDTO == null) {
            aPIInfoDTO = doGetAPIInfo(str, str2);
            getResourceCache().put(str5, aPIInfoDTO);
        }
        if (APIThrottleConstants.URL_MAPPING_SEPERATOR.equals(str3)) {
            String str6 = str + APIThrottleConstants.URL_MAPPING_SEPERATOR + str2 + str3 + ":" + str4;
            VerbInfoDTO verbInfoDTO = this.isGatewayAPIKeyValidationEnabled ? (VerbInfoDTO) getResourceCache().get(str6) : null;
            if (verbInfoDTO != null) {
                verbInfoDTO.setRequestKey(str6);
                return verbInfoDTO;
            }
            for (ResourceInfoDTO resourceInfoDTO : aPIInfoDTO.getResources()) {
                if ("/*".equals(resourceInfoDTO.getUrlPattern())) {
                    for (VerbInfoDTO verbInfoDTO2 : resourceInfoDTO.getHttpVerbs()) {
                        if (verbInfoDTO2.getHttpVerb().equals(str4)) {
                            getResourceCache().put(str6, verbInfoDTO2);
                            verbInfoDTO2.setRequestKey(str6);
                            return verbInfoDTO2;
                        }
                    }
                }
            }
        }
        String trimTrailingSlashes = RESTUtils.trimTrailingSlashes(str3);
        while (true) {
            String str7 = trimTrailingSlashes;
            if (str7.length() <= 1) {
                return null;
            }
            String str8 = str + APIThrottleConstants.URL_MAPPING_SEPERATOR + str2 + str7 + ":" + str4;
            VerbInfoDTO verbInfoDTO3 = this.isGatewayAPIKeyValidationEnabled ? (VerbInfoDTO) getResourceCache().get(str8) : null;
            if (verbInfoDTO3 != null) {
                verbInfoDTO3.setRequestKey(str8);
                return verbInfoDTO3;
            }
            for (ResourceInfoDTO resourceInfoDTO2 : aPIInfoDTO.getResources()) {
                String urlPattern = resourceInfoDTO2.getUrlPattern();
                if (urlPattern.endsWith("/*")) {
                    urlPattern = urlPattern.substring(0, urlPattern.length() - 2);
                }
                if (str7.endsWith(RESTUtils.trimTrailingSlashes(urlPattern))) {
                    for (VerbInfoDTO verbInfoDTO4 : resourceInfoDTO2.getHttpVerbs()) {
                        if (verbInfoDTO4.getHttpVerb().equals(str4)) {
                            getResourceCache().put(str8, verbInfoDTO4);
                            verbInfoDTO4.setRequestKey(str8);
                            return verbInfoDTO4;
                        }
                    }
                }
            }
            int lastIndexOf = str7.lastIndexOf(APIThrottleConstants.URL_MAPPING_SEPERATOR);
            trimTrailingSlashes = str7.substring(0, lastIndexOf <= 0 ? 0 : lastIndexOf);
        }
    }

    private ArrayList<URITemplate> getAllURITemplates(String str, String str2) throws APISecurityException {
        return this.dataStore.getAllURITemplates(str, str2);
    }
}
