package org.wso2.carbon.apimgt.gateway.inbound.websocket.request;

import graphql.language.Definition;
import graphql.language.Document;
import graphql.language.OperationDefinition;
import graphql.parser.Parser;
import graphql.validation.Validator;
import java.util.Iterator;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONObject;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.common.gateway.dto.QueryAnalyzerResponseDTO;
import org.wso2.carbon.apimgt.common.gateway.graphql.QueryValidator;
import org.wso2.carbon.apimgt.gateway.dto.GraphQLOperationDTO;
import org.wso2.carbon.apimgt.gateway.handlers.graphQL.GraphQLConstants;
import org.wso2.carbon.apimgt.gateway.handlers.graphQL.analyzer.SubscriptionAnalyzer;
import org.wso2.carbon.apimgt.gateway.handlers.graphQL.utils.GraphQLProcessorUtil;
import org.wso2.carbon.apimgt.gateway.handlers.streaming.websocket.WebSocketApiConstants;
import org.wso2.carbon.apimgt.gateway.handlers.streaming.websocket.WebSocketUtils;
import org.wso2.carbon.apimgt.gateway.inbound.InboundMessageContext;
import org.wso2.carbon.apimgt.gateway.inbound.websocket.GraphQLProcessorResponseDTO;
import org.wso2.carbon.apimgt.gateway.inbound.websocket.InboundProcessorResponseDTO;
import org.wso2.carbon.apimgt.gateway.inbound.websocket.utils.InboundWebsocketProcessorUtil;
import org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/inbound/websocket/request/GraphQLRequestProcessor.class */
public class GraphQLRequestProcessor extends RequestProcessor {
    private static final Log log = LogFactory.getLog(GraphQLRequestProcessor.class);

    @Override // org.wso2.carbon.apimgt.gateway.inbound.websocket.request.RequestProcessor
    public InboundProcessorResponseDTO handleRequest(int i, String str, InboundMessageContext inboundMessageContext) {
        JSONObject jSONObject = new JSONObject(str);
        InboundProcessorResponseDTO authenticateToken = InboundWebsocketProcessorUtil.authenticateToken(inboundMessageContext);
        Parser parser = new Parser();
        if (!authenticateToken.isError() && checkIfSubscribeMessage(jSONObject)) {
            String string = jSONObject.getString(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_ID);
            if (validatePayloadFields(jSONObject)) {
                String string2 = ((JSONObject) jSONObject.get(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_PAYLOAD)).getString(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_QUERY);
                Document parseDocument = parser.parseDocument(string2);
                OperationDefinition operationFromPayload = getOperationFromPayload(parseDocument);
                if (operationFromPayload == null) {
                    authenticateToken = InboundWebsocketProcessorUtil.getBadRequestGraphQLFrameErrorDTO("Operation definition cannot be empty", string);
                } else if (checkIfValidSubscribeOperation(operationFromPayload)) {
                    authenticateToken = validateQueryPayload(inboundMessageContext, parseDocument, string);
                    if (!authenticateToken.isError()) {
                        String operationList = GraphQLProcessorUtil.getOperationList(operationFromPayload, inboundMessageContext.getGraphQLSchemaDTO().getTypeDefinitionRegistry());
                        WebSocketUtils.setApiPropertyToChannel(inboundMessageContext.getCtx(), "API_ELECTED_RESOURCE", operationList);
                        VerbInfoDTO findMatchingVerb = InboundWebsocketProcessorUtil.findMatchingVerb(operationList, inboundMessageContext);
                        if (!StringUtils.capitalize("NONE".toLowerCase()).equals(findMatchingVerb.getAuthType())) {
                            authenticateToken = InboundWebsocketProcessorUtil.validateScopes(inboundMessageContext, operationList, string);
                        }
                        if (!authenticateToken.isError()) {
                            authenticateToken = validateQueryDepthAndComplexity(new SubscriptionAnalyzer(inboundMessageContext.getGraphQLSchemaDTO().getGraphQLSchema()), inboundMessageContext, string2, string);
                            if (!authenticateToken.isError()) {
                                authenticateToken = InboundWebsocketProcessorUtil.doThrottleForGraphQL(i, findMatchingVerb, inboundMessageContext, string);
                                inboundMessageContext.addVerbInfoForGraphQLMsgId(jSONObject.getString(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_ID), new GraphQLOperationDTO(findMatchingVerb, operationList));
                            }
                        }
                    }
                } else {
                    authenticateToken = InboundWebsocketProcessorUtil.getBadRequestGraphQLFrameErrorDTO("Invalid operation. Only allowed Subscription type operations", string);
                }
            } else {
                authenticateToken = InboundWebsocketProcessorUtil.getBadRequestGraphQLFrameErrorDTO("Invalid operation payload", string);
            }
        }
        return authenticateToken;
    }

    private boolean checkIfSubscribeMessage(JSONObject jSONObject) {
        return (jSONObject.getString(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_TYPE) == null || !GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_ARRAY_FOR_SUBSCRIBE.contains(jSONObject.getString(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_TYPE)) || jSONObject.getString(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_ID) == null) ? false : true;
    }

    private boolean validatePayloadFields(JSONObject jSONObject) {
        return jSONObject.has(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_PAYLOAD) && jSONObject.get(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_PAYLOAD) != null && ((JSONObject) jSONObject.get(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_PAYLOAD)).has(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_QUERY) && ((JSONObject) jSONObject.get(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_PAYLOAD)).get(GraphQLConstants.SubscriptionConstants.PAYLOAD_FIELD_NAME_QUERY) != null;
    }

    private OperationDefinition getOperationFromPayload(Document document) {
        OperationDefinition operationDefinition = null;
        Iterator it = document.getDefinitions().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Definition definition = (Definition) it.next();
            if (definition instanceof OperationDefinition) {
                operationDefinition = (OperationDefinition) definition;
                break;
            }
        }
        return operationDefinition;
    }

    private boolean checkIfValidSubscribeOperation(OperationDefinition operationDefinition) {
        return operationDefinition.getOperation() != null && "Subscription".equalsIgnoreCase(operationDefinition.getOperation().toString());
    }

    private InboundProcessorResponseDTO validateQueryPayload(InboundMessageContext inboundMessageContext, Document document, String str) {
        GraphQLProcessorResponseDTO graphQLProcessorResponseDTO = new GraphQLProcessorResponseDTO();
        graphQLProcessorResponseDTO.setId(str);
        String validatePayload = new QueryValidator(new Validator()).validatePayload(inboundMessageContext.getGraphQLSchemaDTO().getGraphQLSchema(), document);
        if (validatePayload == null) {
            return graphQLProcessorResponseDTO;
        }
        String str2 = "INVALID QUERY : " + validatePayload;
        log.error(str2);
        graphQLProcessorResponseDTO.setError(true);
        graphQLProcessorResponseDTO.setErrorCode(WebSocketApiConstants.FrameErrorConstants.GRAPHQL_INVALID_QUERY);
        graphQLProcessorResponseDTO.setErrorMessage(str2);
        return graphQLProcessorResponseDTO;
    }

    private GraphQLProcessorResponseDTO validateQueryDepthAndComplexity(SubscriptionAnalyzer subscriptionAnalyzer, InboundMessageContext inboundMessageContext, String str, String str2) {
        GraphQLProcessorResponseDTO validateQueryDepth = validateQueryDepth(subscriptionAnalyzer, inboundMessageContext, str, str2);
        return !validateQueryDepth.isError() ? validateQueryComplexity(subscriptionAnalyzer, inboundMessageContext, str, str2) : validateQueryDepth;
    }

    private GraphQLProcessorResponseDTO validateQueryComplexity(SubscriptionAnalyzer subscriptionAnalyzer, InboundMessageContext inboundMessageContext, String str, String str2) {
        GraphQLProcessorResponseDTO graphQLProcessorResponseDTO = new GraphQLProcessorResponseDTO();
        graphQLProcessorResponseDTO.setId(str2);
        try {
            QueryAnalyzerResponseDTO analyseSubscriptionQueryComplexity = subscriptionAnalyzer.analyseSubscriptionQueryComplexity(str, inboundMessageContext.getInfoDTO().getGraphQLMaxComplexity());
            if (!analyseSubscriptionQueryComplexity.isSuccess() && !analyseSubscriptionQueryComplexity.getErrorList().isEmpty()) {
                log.error("Query complexity validation failed for: " + str + " errors: " + analyseSubscriptionQueryComplexity.getErrorList().toString());
                graphQLProcessorResponseDTO.setError(true);
                graphQLProcessorResponseDTO.setErrorCode(WebSocketApiConstants.FrameErrorConstants.GRAPHQL_QUERY_TOO_COMPLEX);
                graphQLProcessorResponseDTO.setErrorMessage("QUERY TOO COMPLEX : " + analyseSubscriptionQueryComplexity.getErrorList().toString());
                return graphQLProcessorResponseDTO;
            }
        } catch (APIManagementException e) {
            log.error("Error while validating query complexity for: " + str, e);
            graphQLProcessorResponseDTO.setError(true);
            graphQLProcessorResponseDTO.setErrorMessage(e.getMessage());
            graphQLProcessorResponseDTO.setErrorCode(WebSocketApiConstants.FrameErrorConstants.INTERNAL_SERVER_ERROR);
        }
        return graphQLProcessorResponseDTO;
    }

    private GraphQLProcessorResponseDTO validateQueryDepth(SubscriptionAnalyzer subscriptionAnalyzer, InboundMessageContext inboundMessageContext, String str, String str2) {
        GraphQLProcessorResponseDTO graphQLProcessorResponseDTO = new GraphQLProcessorResponseDTO();
        graphQLProcessorResponseDTO.setId(str2);
        QueryAnalyzerResponseDTO analyseSubscriptionQueryDepth = subscriptionAnalyzer.analyseSubscriptionQueryDepth(inboundMessageContext.getInfoDTO().getGraphQLMaxDepth(), str);
        if (analyseSubscriptionQueryDepth.isSuccess() || analyseSubscriptionQueryDepth.getErrorList().isEmpty()) {
            return graphQLProcessorResponseDTO;
        }
        log.error("Query depth validation failed for: " + str + " errors: " + analyseSubscriptionQueryDepth.getErrorList().toString());
        graphQLProcessorResponseDTO.setError(true);
        graphQLProcessorResponseDTO.setErrorCode(WebSocketApiConstants.FrameErrorConstants.GRAPHQL_QUERY_TOO_DEEP);
        graphQLProcessorResponseDTO.setErrorMessage("QUERY TOO DEEP : " + analyseSubscriptionQueryDepth.getErrorList().toString());
        return graphQLProcessorResponseDTO;
    }
}
