package org.wso2.carbon.apimgt.gateway.handlers.security.basicauth;

import io.swagger.v3.oas.models.OpenAPI;
import java.nio.charset.StandardCharsets;
import java.rmi.RemoteException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import javax.cache.Cache;
import javax.cache.Caching;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
import org.wso2.carbon.apimgt.gateway.MethodStats;
import org.wso2.carbon.apimgt.gateway.MethodTimeLogger;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityConstants;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException;
import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.gateway.threatprotection.utils.ThreatProtectorConstants;
import org.wso2.carbon.apimgt.gateway.utils.OpenAPIUtils;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.caching.CacheProvider;
import org.wso2.carbon.apimgt.impl.dto.EventHubConfigurationDto;
import org.wso2.carbon.apimgt.impl.dto.xsd.BasicAuthValidationInfoDTO;
import org.wso2.carbon.apimgt.keymgt.stub.usermanager.APIKeyMgtRemoteUserStoreMgtServiceAPIManagementException;
import org.wso2.carbon.apimgt.keymgt.stub.usermanager.APIKeyMgtRemoteUserStoreMgtServiceStub;
import org.wso2.carbon.utils.CarbonUtils;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator.class */
public class BasicAuthCredentialValidator {
    private APIKeyMgtRemoteUserStoreMgtServiceStub apiKeyMgtRemoteUserStoreMgtServiceStub;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;
    private static final JoinPoint.StaticPart ajc$tjp_5 = null;
    private static final JoinPoint.StaticPart ajc$tjp_6 = null;
    private static final JoinPoint.StaticPart ajc$tjp_7 = null;
    private static final JoinPoint.StaticPart ajc$tjp_8 = null;
    private static final JoinPoint.StaticPart ajc$tjp_9 = null;
    private static final JoinPoint.StaticPart ajc$tjp_10 = null;
    private static final JoinPoint.StaticPart ajc$tjp_11 = null;
    private static final JoinPoint.StaticPart ajc$tjp_12 = null;
    protected Log log = LogFactory.getLog(getClass());
    private boolean gatewayKeyCacheEnabled = isGatewayTokenCacheEnabled();

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.validate_aroundBody0((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (String) objArr2[2], (JoinPoint) objArr2[3]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure11.class */
    public class AjcClosure11 extends AroundClosure {
        public AjcClosure11(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getUserRoles_aroundBody10((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure13.class */
    public class AjcClosure13 extends AroundClosure {
        public AjcClosure13(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.hashString_aroundBody12((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure15.class */
    public class AjcClosure15 extends AroundClosure {
        public AjcClosure15(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getGatewayBasicAuthResourceCache_aroundBody14((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure17.class */
    public class AjcClosure17 extends AroundClosure {
        public AjcClosure17(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getGatewayUsernameCache_aroundBody16((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure19.class */
    public class AjcClosure19 extends AroundClosure {
        public AjcClosure19(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getInvalidUsernameCache_aroundBody18((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure21.class */
    public class AjcClosure21 extends AroundClosure {
        public AjcClosure21(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getApiManagerConfiguration_aroundBody20((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure23.class */
    public class AjcClosure23 extends AroundClosure {
        public AjcClosure23(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getCacheFromCacheManager_aroundBody22((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure25.class */
    public class AjcClosure25 extends AroundClosure {
        public AjcClosure25(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(BasicAuthCredentialValidator.isGatewayTokenCacheEnabled_aroundBody24((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.convertToDTO_aroundBody2((BasicAuthCredentialValidator) objArr2[0], (BasicAuthValidationInfoDTO) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(BasicAuthCredentialValidator.validateScopes_aroundBody4((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (OpenAPI) objArr2[2], (MessageContext) objArr2[3], (JoinPoint) objArr2[4]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(BasicAuthCredentialValidator.validateScopes_aroundBody6((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (OpenAPI) objArr2[2], (MessageContext) objArr2[3], (String[]) objArr2[4], (JoinPoint) objArr2[5]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(BasicAuthCredentialValidator.validateInternalUserRoles_aroundBody8((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (String[]) objArr2[2], (JoinPoint) objArr2[3]));
        }
    }

    public BasicAuthCredentialValidator() throws APISecurityException {
        getGatewayUsernameCache();
        ConfigurationContext axis2ConfigurationContext = ServiceReferenceHolder.getInstance().getAxis2ConfigurationContext();
        EventHubConfigurationDto eventHubConfigurationDto = ServiceReferenceHolder.getInstance().getAPIManagerConfiguration().getEventHubConfigurationDto();
        String username = eventHubConfigurationDto.getUsername();
        String password = eventHubConfigurationDto.getPassword();
        String serviceUrl = eventHubConfigurationDto.getServiceUrl();
        if (serviceUrl == null) {
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, "API key manager URL unspecified");
        }
        try {
            this.apiKeyMgtRemoteUserStoreMgtServiceStub = new APIKeyMgtRemoteUserStoreMgtServiceStub(axis2ConfigurationContext, String.valueOf(serviceUrl) + "/services/APIKeyMgtRemoteUserStoreMgtService");
            ServiceClient _getServiceClient = this.apiKeyMgtRemoteUserStoreMgtServiceStub._getServiceClient();
            Options options = _getServiceClient.getOptions();
            options.setCallTransportCleanup(true);
            options.setManageSession(true);
            CarbonUtils.setBasicAccessSecurityHeaders(username, password, _getServiceClient);
        } catch (AxisFault e) {
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e.getMessage(), e);
        }
    }

    @MethodStats
    public org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO validate(String str, String str2) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, str, str2);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || MethodTimeLogger.isConfigEnabled() || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO) MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, str, str2, makeJP}).linkClosureAndJoinPoint(69648)) : validate_aroundBody0(this, str, str2, makeJP);
    }

    private org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO convertToDTO(BasicAuthValidationInfoDTO basicAuthValidationInfoDTO) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, basicAuthValidationInfoDTO);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO) MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, basicAuthValidationInfoDTO, makeJP}).linkClosureAndJoinPoint(69648)) : convertToDTO_aroundBody2(this, basicAuthValidationInfoDTO, makeJP);
    }

    @MethodStats
    public boolean validateScopes(String str, OpenAPI openAPI, MessageContext messageContext) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, this, this, new Object[]{str, openAPI, messageContext});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || MethodTimeLogger.isConfigEnabled() || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{this, str, openAPI, messageContext, makeJP}).linkClosureAndJoinPoint(69648))) : validateScopes_aroundBody4(this, str, openAPI, messageContext, makeJP);
    }

    @MethodStats
    public boolean validateScopes(String str, OpenAPI openAPI, MessageContext messageContext, String[] strArr) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, this, this, new Object[]{str, openAPI, messageContext, strArr});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || MethodTimeLogger.isConfigEnabled() || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{this, str, openAPI, messageContext, strArr, makeJP}).linkClosureAndJoinPoint(69648))) : validateScopes_aroundBody6(this, str, openAPI, messageContext, strArr, makeJP);
    }

    private boolean validateInternalUserRoles(String str, String[] strArr) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_4, this, this, str, strArr);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure9(new Object[]{this, str, strArr, makeJP}).linkClosureAndJoinPoint(69648))) : validateInternalUserRoles_aroundBody8(this, str, strArr, makeJP);
    }

    private String[] getUserRoles(String str) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_5, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (String[]) MethodTimeLogger.aspectOf().log(new AjcClosure11(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : getUserRoles_aroundBody10(this, str, makeJP);
    }

    private String hashString(String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_6, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure13(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : hashString_aroundBody12(this, str, makeJP);
    }

    private Cache getGatewayBasicAuthResourceCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_7, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure15(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getGatewayBasicAuthResourceCache_aroundBody14(this, makeJP);
    }

    private Cache getGatewayUsernameCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_8, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure17(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getGatewayUsernameCache_aroundBody16(this, makeJP);
    }

    private Cache getInvalidUsernameCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_9, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure19(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getInvalidUsernameCache_aroundBody18(this, makeJP);
    }

    private APIManagerConfiguration getApiManagerConfiguration() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_10, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (APIManagerConfiguration) MethodTimeLogger.aspectOf().log(new AjcClosure21(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getApiManagerConfiguration_aroundBody20(this, makeJP);
    }

    private Cache getCacheFromCacheManager(String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_11, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure23(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : getCacheFromCacheManager_aroundBody22(this, str, makeJP);
    }

    private boolean isGatewayTokenCacheEnabled() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_12, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure25(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648))) : isGatewayTokenCacheEnabled_aroundBody24(this, makeJP);
    }

    static {
        ajc$preClinit();
    }

    static final org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO validate_aroundBody0(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, String str2, JoinPoint joinPoint) {
        String hashedPassword;
        String str3 = null;
        String str4 = null;
        if (basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
            str4 = basicAuthCredentialValidator.hashString(str2);
            org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO basicAuthValidationInfoDTO = (org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO) basicAuthCredentialValidator.getGatewayUsernameCache().get(str);
            if (basicAuthValidationInfoDTO != null) {
                str3 = basicAuthValidationInfoDTO.getHashedPassword();
            }
            if (str3 != null && str3.equals(str4)) {
                basicAuthCredentialValidator.log.debug("Basic Authentication: <Valid Username Cache> Username & password authenticated");
                return basicAuthValidationInfoDTO;
            }
            org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO basicAuthValidationInfoDTO2 = (org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO) basicAuthCredentialValidator.getInvalidUsernameCache().get(str);
            if (basicAuthValidationInfoDTO2 != null && (hashedPassword = basicAuthValidationInfoDTO2.getHashedPassword()) != null && hashedPassword.equals(str4)) {
                basicAuthCredentialValidator.log.debug("Basic Authentication: <Invalid Username Cache> Username & password authentication failed");
                basicAuthValidationInfoDTO2.setAuthenticated(false);
                return basicAuthValidationInfoDTO2;
            }
        }
        try {
            org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO convertToDTO = basicAuthCredentialValidator.convertToDTO(basicAuthCredentialValidator.apiKeyMgtRemoteUserStoreMgtServiceStub.getUserAuthenticationInfo(str, str2));
            boolean isAuthenticated = convertToDTO.isAuthenticated();
            if (basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                convertToDTO.setHashedPassword(str4);
                if (isAuthenticated) {
                    basicAuthCredentialValidator.getGatewayUsernameCache().put(str, convertToDTO);
                } else {
                    basicAuthCredentialValidator.getInvalidUsernameCache().put(str, convertToDTO);
                }
            }
            return convertToDTO;
        } catch (APIKeyMgtRemoteUserStoreMgtServiceAPIManagementException | RemoteException e) {
            basicAuthCredentialValidator.log.error("Basic Authentication: Error while accessing backend services to validate user authentication for user : " + str);
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e.getMessage(), e);
        }
    }

    static final org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO convertToDTO_aroundBody2(BasicAuthCredentialValidator basicAuthCredentialValidator, BasicAuthValidationInfoDTO basicAuthValidationInfoDTO, JoinPoint joinPoint) {
        org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO basicAuthValidationInfoDTO2 = new org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO();
        basicAuthValidationInfoDTO2.setAuthenticated(basicAuthValidationInfoDTO.getAuthenticated());
        basicAuthValidationInfoDTO2.setHashedPassword(basicAuthValidationInfoDTO.getHashedPassword());
        basicAuthValidationInfoDTO2.setDomainQualifiedUsername(basicAuthValidationInfoDTO.getDomainQualifiedUsername());
        basicAuthValidationInfoDTO2.setUserRoleList(basicAuthValidationInfoDTO.getUserRoleList());
        return basicAuthValidationInfoDTO2;
    }

    static final boolean validateScopes_aroundBody4(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, OpenAPI openAPI, MessageContext messageContext, JoinPoint joinPoint) {
        String str2 = (String) messageContext.getProperty(ThreatProtectorConstants.API_CONTEXT);
        String str3 = (String) messageContext.getProperty("SYNAPSE_REST_API_VERSION");
        String str4 = (String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE);
        String str5 = String.valueOf(str2) + ":" + str3 + ":" + str4 + ":" + ((String) ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(ThreatProtectorConstants.HTTP_METHOD));
        String str6 = String.valueOf(str5) + ":" + str;
        if (basicAuthCredentialValidator.gatewayKeyCacheEnabled && basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().get(str6) != null) {
            return true;
        }
        if (openAPI != null) {
            String scopesOfResource = OpenAPIUtils.getScopesOfResource(openAPI, messageContext);
            String rolesOfScope = scopesOfResource != null ? OpenAPIUtils.getRolesOfScope(openAPI, messageContext, scopesOfResource) : null;
            if (!StringUtils.isNotBlank(rolesOfScope)) {
                if (basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                    basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                }
                if (!basicAuthCredentialValidator.log.isDebugEnabled()) {
                    return true;
                }
                basicAuthCredentialValidator.log.debug("Basic Authentication: No scopes for the API resource: ".concat(str5));
                return true;
            }
            String[] userRoles = basicAuthCredentialValidator.getUserRoles(str);
            if (basicAuthCredentialValidator.validateInternalUserRoles(rolesOfScope, userRoles)) {
                if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                    return true;
                }
                basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                return true;
            }
            for (String str7 : userRoles) {
                if (rolesOfScope.contains(str7)) {
                    if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                        return true;
                    }
                    basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                    return true;
                }
            }
            if (basicAuthCredentialValidator.log.isDebugEnabled()) {
                basicAuthCredentialValidator.log.debug("Basic Authentication: Scope validation failed for the API resource: ".concat(str4));
            }
            throw new APISecurityException(APISecurityConstants.INVALID_SCOPE, "Scope validation failed");
        }
        if (!"GRAPHQL".equals(messageContext.getProperty("API_TYPE"))) {
            if (!basicAuthCredentialValidator.log.isDebugEnabled()) {
                return true;
            }
            basicAuthCredentialValidator.log.debug("Basic Authentication: No OpenAPI found in the gateway for the API: ".concat(str2).concat(":").concat(str3));
            return true;
        }
        HashMap hashMap = (HashMap) messageContext.getProperty("ScopeOperationMapping");
        HashMap hashMap2 = (HashMap) messageContext.getProperty("ScopeRoleMapping");
        String[] split = ((String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE)).split(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR);
        String[] userRoles2 = basicAuthCredentialValidator.getUserRoles(str);
        for (String str8 : split) {
            String str9 = (String) hashMap.get(str8);
            if (str9 != null) {
                ArrayList arrayList = (ArrayList) hashMap2.get(str9);
                boolean z = false;
                for (String str10 : userRoles2) {
                    Iterator it = arrayList.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (((String) it.next()).equals(str10)) {
                            z = true;
                            break;
                        }
                    }
                    if (z) {
                        break;
                    }
                }
                if (!z) {
                    throw new APISecurityException(APISecurityConstants.INVALID_SCOPE, "Scope validation failed");
                }
            }
        }
        if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
            return true;
        }
        basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
        return true;
    }

    static final boolean validateScopes_aroundBody6(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, OpenAPI openAPI, MessageContext messageContext, String[] strArr, JoinPoint joinPoint) {
        String str2 = (String) messageContext.getProperty(ThreatProtectorConstants.API_CONTEXT);
        String str3 = (String) messageContext.getProperty("SYNAPSE_REST_API_VERSION");
        String str4 = (String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE);
        String str5 = String.valueOf(str2) + ":" + str3 + ":" + str4 + ":" + ((String) ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(ThreatProtectorConstants.HTTP_METHOD));
        String str6 = String.valueOf(str5) + ":" + str;
        if (basicAuthCredentialValidator.gatewayKeyCacheEnabled && basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().get(str6) != null) {
            return true;
        }
        if (openAPI != null) {
            String scopesOfResource = OpenAPIUtils.getScopesOfResource(openAPI, messageContext);
            String rolesOfScope = scopesOfResource != null ? OpenAPIUtils.getRolesOfScope(openAPI, messageContext, scopesOfResource) : null;
            if (!StringUtils.isNotBlank(rolesOfScope)) {
                if (basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                    basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                }
                if (!basicAuthCredentialValidator.log.isDebugEnabled()) {
                    return true;
                }
                basicAuthCredentialValidator.log.debug("Basic Authentication: No scopes for the API resource: ".concat(str5));
                return true;
            }
            if (basicAuthCredentialValidator.validateInternalUserRoles(rolesOfScope, strArr)) {
                if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                    return true;
                }
                basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                return true;
            }
            for (String str7 : strArr) {
                if (rolesOfScope.contains(str7)) {
                    if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                        return true;
                    }
                    basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                    return true;
                }
            }
            if (basicAuthCredentialValidator.log.isDebugEnabled()) {
                basicAuthCredentialValidator.log.debug("Basic Authentication: Scope validation failed for the API resource: ".concat(str4));
            }
            throw new APISecurityException(APISecurityConstants.INVALID_SCOPE, "Scope validation failed");
        }
        if (!"GRAPHQL".equals(messageContext.getProperty("API_TYPE"))) {
            if (!basicAuthCredentialValidator.log.isDebugEnabled()) {
                return true;
            }
            basicAuthCredentialValidator.log.debug("Basic Authentication: No OpenAPI found in the gateway for the API: ".concat(str2).concat(":").concat(str3));
            return true;
        }
        HashMap hashMap = (HashMap) messageContext.getProperty("ScopeOperationMapping");
        HashMap hashMap2 = (HashMap) messageContext.getProperty("ScopeRoleMapping");
        for (String str8 : ((String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE)).split(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR)) {
            String str9 = (String) hashMap.get(str8);
            if (str9 != null) {
                ArrayList arrayList = (ArrayList) hashMap2.get(str9);
                boolean z = false;
                for (String str10 : strArr) {
                    Iterator it = arrayList.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (((String) it.next()).equals(str10)) {
                            z = true;
                            break;
                        }
                    }
                    if (z) {
                        break;
                    }
                }
                if (!z) {
                    throw new APISecurityException(APISecurityConstants.INVALID_SCOPE, "Scope validation failed");
                }
            }
        }
        if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
            return true;
        }
        basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
        return true;
    }

    static final boolean validateInternalUserRoles_aroundBody8(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, String[] strArr, JoinPoint joinPoint) {
        int indexOf;
        String[] split = str.split(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR);
        if (!str.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
            return false;
        }
        for (String str2 : split) {
            if (str2.contains(CarbonConstants.DOMAIN_SEPARATOR) && (indexOf = str2.indexOf(CarbonConstants.DOMAIN_SEPARATOR)) > 0 && "Internal".equalsIgnoreCase(str2.substring(0, indexOf))) {
                for (String str3 : strArr) {
                    if (str2.equalsIgnoreCase(str3)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    static final String[] getUserRoles_aroundBody10(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, JoinPoint joinPoint) {
        try {
            return basicAuthCredentialValidator.apiKeyMgtRemoteUserStoreMgtServiceStub.getUserRoles(str);
        } catch (APIKeyMgtRemoteUserStoreMgtServiceAPIManagementException | RemoteException e) {
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e.getMessage(), e);
        }
    }

    static final String hashString_aroundBody12(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, JoinPoint joinPoint) {
        String str2 = null;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(str.getBytes(StandardCharsets.UTF_8));
            byte[] digest = messageDigest.digest();
            StringBuilder sb = new StringBuilder();
            for (byte b : digest) {
                sb.append(Integer.toString((b & 255) + 256, 16).substring(1));
            }
            str2 = sb.toString();
        } catch (NoSuchAlgorithmException e) {
            basicAuthCredentialValidator.log.error(e.getMessage());
        }
        return str2;
    }

    static final Cache getGatewayBasicAuthResourceCache_aroundBody14(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        return CacheProvider.getGatewayBasicAuthResourceCache();
    }

    static final Cache getGatewayUsernameCache_aroundBody16(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        return CacheProvider.getGatewayUsernameCache();
    }

    static final Cache getInvalidUsernameCache_aroundBody18(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        return CacheProvider.getInvalidUsernameCache();
    }

    static final APIManagerConfiguration getApiManagerConfiguration_aroundBody20(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        return ServiceReferenceHolder.getInstance().getAPIManagerConfiguration();
    }

    static final Cache getCacheFromCacheManager_aroundBody22(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, JoinPoint joinPoint) {
        return Caching.getCacheManager("API_MANAGER_CACHE").getCache(str);
    }

    static final boolean isGatewayTokenCacheEnabled_aroundBody24(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        try {
            return Boolean.parseBoolean(basicAuthCredentialValidator.getApiManagerConfiguration().getFirstProperty("CacheConfigurations.EnableGatewayTokenCache"));
        } catch (Exception e) {
            basicAuthCredentialValidator.log.error("Did not found valid API Validation Information cache configuration. Use default configuration " + e, e);
            return true;
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("BasicAuthCredentialValidator.java", BasicAuthCredentialValidator.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "validate", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String:java.lang.String", "username:password", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO"), 108);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "convertToDTO", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "org.wso2.carbon.apimgt.impl.dto.xsd.BasicAuthValidationInfoDTO", "generatedDto", APIMgtGatewayConstants.EMPTY, "org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO"), 166);
        ajc$tjp_10 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getApiManagerConfiguration", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "org.wso2.carbon.apimgt.impl.APIManagerConfiguration"), 489);
        ajc$tjp_11 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getCacheFromCacheManager", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String", "cacheName", APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 499);
        ajc$tjp_12 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "isGatewayTokenCacheEnabled", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "boolean"), 509);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "validateScopes", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String:io.swagger.v3.oas.models.OpenAPI:org.apache.synapse.MessageContext", "username:openAPI:synCtx", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "boolean"), 186);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "validateScopes", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String:io.swagger.v3.oas.models.OpenAPI:org.apache.synapse.MessageContext:[Ljava.lang.String;", "username:openAPI:synCtx:userRoleList", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "boolean"), 296);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "validateInternalUserRoles", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String:[Ljava.lang.String;", "resourceRoles:userRoles", APIMgtGatewayConstants.EMPTY, "boolean"), 402);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getUserRoles", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String", "username", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "[Ljava.lang.String;"), 424);
        ajc$tjp_6 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "hashString", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String", "str", APIMgtGatewayConstants.EMPTY, "java.lang.String"), 440);
        ajc$tjp_7 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getGatewayBasicAuthResourceCache", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 466);
        ajc$tjp_8 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getGatewayUsernameCache", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 473);
        ajc$tjp_9 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getInvalidUsernameCache", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 480);
    }
}
