package io.cellery.security.cell.sts.server.core;

import com.google.gson.GsonBuilder;
import io.cellery.security.cell.sts.server.core.Constants;
import io.cellery.security.cell.sts.server.core.model.CellStsRequest;
import io.cellery.security.cell.sts.server.core.model.config.CellStsConfiguration;
import io.cellery.security.cell.sts.server.core.service.CelleryCellSTSException;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;

/* loaded from: input_file:io/cellery/security/cell/sts/server/core/CellStsUtils.class */
public class CellStsUtils {
    private static final String STS_CONFIG_PATH_ENV_VARIABLE = "CONF_PATH";
    private static final String UNSECURED_PATHS_ENV_VARIABLE = "UNSECURED_CONTEXTS_CONF_PATH";
    private static final String UNSECURED_PATHS_CONFIG_PATH = "/etc/config/unsecured-paths.json";
    private static final String CONFIG_FILE_PATH = "/etc/config/sts.json";

    public static String getMyCellName() throws CelleryCellSTSException {
        String resolveSystemVariable = resolveSystemVariable(Constants.CELL_INSTANCE_NAME_ENV_VAR);
        if (StringUtils.isBlank(resolveSystemVariable)) {
            throw new CelleryCellSTSException("Environment variable 'CELL_INSTANCE_NAME' is empty.");
        }
        return resolveSystemVariable;
    }

    public static String getCellImageName() {
        return resolveSystemVariable(Constants.CELL_IMAGE_NAME_ENV_VAR);
    }

    public static String getCellVersion() {
        return resolveSystemVariable(Constants.CELL_VERSION_ENV_VAR);
    }

    public static boolean isRequestToMicroGateway(CellStsRequest cellStsRequest) throws CelleryCellSTSException {
        String workload = cellStsRequest.getDestination().getWorkload();
        return (StringUtils.isNotEmpty(workload) && workload.startsWith(new StringBuilder().append(getMyCellName()).append("--gateway-service").toString())) || cellStsRequest.isGatewayIncomingRequest();
    }

    public static boolean isWorkloadExternalToCellery(String str) {
        return !StringUtils.contains(str, "--");
    }

    public static String getPrettyPrintJson(Map<String, String> map) {
        JSONObject jSONObject = new JSONObject();
        map.forEach((str, str2) -> {
            jSONObject.put(str, str2);
        });
        return new GsonBuilder().setPrettyPrinting().create().toJson(jSONObject);
    }

    public static String getIssuerName(String str) {
        return str + "--sts-service";
    }

    public static String getGatewayIssuer(String str) {
        return str + "--gateway";
    }

    public static String getConfigFilePath() {
        String resolveSystemVariable = resolveSystemVariable(STS_CONFIG_PATH_ENV_VARIABLE);
        return StringUtils.isNotBlank(resolveSystemVariable) ? resolveSystemVariable : CONFIG_FILE_PATH;
    }

    public static String getUnsecuredPathsConfigPath() {
        String resolveSystemVariable = resolveSystemVariable(UNSECURED_PATHS_ENV_VARIABLE);
        return StringUtils.isNotBlank(resolveSystemVariable) ? resolveSystemVariable : UNSECURED_PATHS_CONFIG_PATH;
    }

    public static void buildCellStsConfiguration() throws CelleryCellSTSException {
        try {
            JSONObject jSONObject = (JSONObject) new JSONParser().parse(new String(Files.readAllBytes(Paths.get(getConfigFilePath(), new String[0])), StandardCharsets.UTF_8));
            CellStsConfiguration.getInstance().setCellName(getMyCellName()).setStsEndpoint((String) jSONObject.get(Constants.Configs.CONFIG_STS_ENDPOINT)).setUsername((String) jSONObject.get(Constants.Configs.CONFIG_AUTH_USERNAME)).setPassword((String) jSONObject.get(Constants.Configs.CONFIG_AUTH_PASSWORD)).setGlobalJWKEndpoint((String) jSONObject.get(Constants.Configs.CONFIG_GLOBAL_JWKS)).setSignatureValidationEnabled(Boolean.parseBoolean(String.valueOf(jSONObject.get(Constants.Configs.CONFIG_SIGNATURE_VALIDATION_ENABLED)))).setAudienceValidationEnabled(Boolean.parseBoolean(String.valueOf(jSONObject.get(Constants.Configs.CONFIG_AUDIENCE_VALIDATION_ENABLED)))).setIssuerValidationEnabled(Boolean.parseBoolean(String.valueOf(jSONObject.get(Constants.Configs.CONFIG_ISSUER_VALIDATION_ENABLED)))).setSTSOPAQueryPrefix((String) jSONObject.get(Constants.Configs.CONFIG_OPA_PREFIX)).setAuthorizationEnabled(Boolean.parseBoolean(String.valueOf(jSONObject.get(Constants.Configs.CONFIG_AUTHORIZATION_ENABLED))));
        } catch (IOException | ParseException e) {
            throw new CelleryCellSTSException("Error while setting up STS configurations", e);
        }
    }

    public static void readUnsecuredContexts() throws CelleryCellSTSException {
        try {
            JSONArray jSONArray = (JSONArray) new JSONParser().parse(new String(Files.readAllBytes(Paths.get(getUnsecuredPathsConfigPath(), new String[0])), StandardCharsets.UTF_8));
            CellStsConfiguration.getInstance().setUnsecuredAPIS(jSONArray.subList(0, jSONArray.size()));
        } catch (IOException | ParseException e) {
            throw new CelleryCellSTSException("Error while reading unsecured contexts from config file", e);
        }
    }

    public static boolean isRunningInDebugMode() {
        return StringUtils.isNotEmpty(resolveSystemVariable("debug"));
    }

    public static String resolveSystemVariable(String str) {
        String property = System.getProperty(str);
        if (StringUtils.isEmpty(property)) {
            property = System.getenv(str);
        }
        return property;
    }

    public static boolean isCompositeSTS() {
        try {
            return Constants.COMPOSITE_CELL_NAME.equalsIgnoreCase(getMyCellName());
        } catch (CelleryCellSTSException e) {
            return false;
        }
    }

    public static String extractJwtFromAuthzHeader(String str) {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        String[] split = str.split("\\s+");
        if (split.length > 1) {
            return split[1];
        }
        return null;
    }

    public static String getAuthorizationHeaderValue(Map<String, String> map) {
        String str = map.get(Constants.CELLERY_AUTHORIZATION_HEADER_NAME);
        if (StringUtils.isBlank(str)) {
            str = map.get(Constants.AUTHORIZATION_HEADER_NAME);
        }
        return str;
    }
}
