package org.wso2.carbon.apimgt.rest.api.publisher.v1.common.mappings;

import com.fasterxml.jackson.databind.ObjectMapper;
import graphql.language.FieldDefinition;
import graphql.language.ObjectTypeDefinition;
import graphql.language.TypeDefinition;
import graphql.schema.idl.SchemaParser;
import graphql.schema.idl.TypeDefinitionRegistry;
import graphql.schema.idl.UnExecutableSchemaGenerator;
import graphql.schema.idl.errors.SchemaProblem;
import graphql.schema.validation.SchemaValidator;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
import org.wso2.carbon.apimgt.api.APIDefinition;
import org.wso2.carbon.apimgt.api.APIDefinitionValidationResponse;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.APIProvider;
import org.wso2.carbon.apimgt.api.ExceptionCodes;
import org.wso2.carbon.apimgt.api.FaultGatewaysException;
import org.wso2.carbon.apimgt.api.doc.model.APIResource;
import org.wso2.carbon.apimgt.api.model.API;
import org.wso2.carbon.apimgt.api.model.APICategory;
import org.wso2.carbon.apimgt.api.model.APIIdentifier;
import org.wso2.carbon.apimgt.api.model.APIProduct;
import org.wso2.carbon.apimgt.api.model.APIProductIdentifier;
import org.wso2.carbon.apimgt.api.model.APIStateChangeResponse;
import org.wso2.carbon.apimgt.api.model.ApiTypeWrapper;
import org.wso2.carbon.apimgt.api.model.Documentation;
import org.wso2.carbon.apimgt.api.model.DocumentationContent;
import org.wso2.carbon.apimgt.api.model.Identifier;
import org.wso2.carbon.apimgt.api.model.ResourceFile;
import org.wso2.carbon.apimgt.api.model.ServiceEntry;
import org.wso2.carbon.apimgt.api.model.SwaggerData;
import org.wso2.carbon.apimgt.api.model.Tier;
import org.wso2.carbon.apimgt.api.model.URITemplate;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.definitions.AsyncApiParser;
import org.wso2.carbon.apimgt.impl.definitions.GraphQLSchemaDefinition;
import org.wso2.carbon.apimgt.impl.definitions.OAS2Parser;
import org.wso2.carbon.apimgt.impl.definitions.OAS3Parser;
import org.wso2.carbon.apimgt.impl.definitions.OASParserUtil;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.impl.utils.APIVersionStringComparator;
import org.wso2.carbon.apimgt.impl.wsdl.SequenceGenerator;
import org.wso2.carbon.apimgt.rest.api.common.RestApiCommonUtil;
import org.wso2.carbon.apimgt.rest.api.common.annotations.Scope;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIInfoAdditionalPropertiesDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIOperationsDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIProductDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.DocumentDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.GraphQLSchemaDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.GraphQLValidationResponseDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.GraphQLValidationResponseGraphQLInfoDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.LifecycleHistoryDTO;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.LifecycleStateDTO;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;

/* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/PublisherCommonUtils.class */
public class PublisherCommonUtils {
    private static final Log log = LogFactory.getLog(PublisherCommonUtils.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.wso2.carbon.apimgt.rest.api.publisher.v1.common.mappings.PublisherCommonUtils$1, reason: invalid class name */
    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/publisher/v1/common/mappings/PublisherCommonUtils$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$wso2$carbon$apimgt$api$model$ServiceEntry$DefinitionType = new int[ServiceEntry.DefinitionType.values().length];

        static {
            try {
                $SwitchMap$org$wso2$carbon$apimgt$api$model$ServiceEntry$DefinitionType[ServiceEntry.DefinitionType.WSDL1.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$wso2$carbon$apimgt$api$model$ServiceEntry$DefinitionType[ServiceEntry.DefinitionType.WSDL2.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$wso2$carbon$apimgt$api$model$ServiceEntry$DefinitionType[ServiceEntry.DefinitionType.GRAPHQL_SDL.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$wso2$carbon$apimgt$api$model$ServiceEntry$DefinitionType[ServiceEntry.DefinitionType.ASYNC_API.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public static API updateApi(API api, APIDTO apidto, APIProvider aPIProvider, String[] strArr) throws ParseException, CryptoException, APIManagementException, FaultGatewaysException {
        APIIdentifier id = api.getId();
        if (strArr == null) {
            throw new APIManagementException("Error occurred while updating the  API " + api.getUUID() + " as the token information hasn't been correctly set internally", ExceptionCodes.TOKEN_SCOPES_NOT_SET);
        }
        boolean z = api.getType() != null && APIConstants.APITransportType.GRAPHQL.toString().equals(api.getType());
        boolean z2 = api.getType() != null && (APIConstants.APITransportType.WS.toString().equals(api.getType()) || APIConstants.APITransportType.WEBSUB.toString().equals(api.getType()) || APIConstants.APITransportType.SSE.toString().equals(api.getType()) || APIConstants.APITransportType.ASYNC.toString().equals(api.getType()));
        boolean checkClassScopeAnnotation = checkClassScopeAnnotation(APIDTO.class.getAnnotationsByType(Scope.class), strArr);
        JSONParser jSONParser = new JSONParser();
        String endpointConfig = api.getEndpointConfig();
        JSONObject jSONObject = StringUtils.isNotBlank(endpointConfig) ? (JSONObject) jSONParser.parse(endpointConfig) : null;
        String str = null;
        String str2 = null;
        if (jSONObject != null && jSONObject.containsKey("endpoint_security")) {
            JSONObject jSONObject2 = (JSONObject) jSONObject.get("endpoint_security");
            if (jSONObject2.containsKey("production")) {
                JSONObject jSONObject3 = (JSONObject) jSONObject2.get("production");
                if (jSONObject3.get("clientId") != null && jSONObject3.get("clientSecret") != null) {
                    str = jSONObject3.get("clientSecret").toString();
                }
            }
            if (jSONObject2.containsKey("sandbox")) {
                JSONObject jSONObject4 = (JSONObject) jSONObject2.get("sandbox");
                if (jSONObject4.get("clientId") != null && jSONObject4.get("clientSecret") != null) {
                    str2 = jSONObject4.get("clientSecret").toString();
                }
            }
        }
        Map map = (Map) apidto.getEndpointConfig();
        CryptoUtil defaultCryptoUtil = CryptoUtil.getDefaultCryptoUtil();
        encryptEndpointSecurityOAuthCredentials(map, defaultCryptoUtil, str, str2, apidto);
        if (apidto.getEndpointConfig() != null && map.containsKey("amznSecretKey")) {
            String str3 = (String) map.get("amznSecretKey");
            if (!StringUtils.isEmpty(str3)) {
                if ("AWS_SECRET_KEY".equals(str3)) {
                    map.put("amznSecretKey", (String) ((JSONObject) new JSONParser().parse(api.getEndpointConfig())).get("amznSecretKey"));
                    apidto.setEndpointConfig(map);
                } else {
                    map.put("amznSecretKey", defaultCryptoUtil.encryptAndBase64Encode(str3.getBytes()));
                    apidto.setEndpointConfig(map);
                }
            }
        }
        if (!checkClassScopeAnnotation) {
            apidto = getFieldOverriddenAPIDTO(apidto, api, strArr);
        }
        if (APIUtil.isOnPremResolver()) {
            apidto.setName(id.getApiName());
        } else if (!api.getId().getApiName().equals(apidto.getName())) {
            if (aPIProvider.isApiNameExist(apidto.getName(), api.getOrganization()) || aPIProvider.isApiNameWithDifferentCaseExist(apidto.getName(), api.getOrganization())) {
                throw new APIManagementException("Error occurred while updating the API name. API with name " + apidto.getName() + " already exists.", ExceptionCodes.from(ExceptionCodes.API_NAME_ALREADY_EXISTS, new String[]{apidto.getName()}));
            }
        }
        apidto.setVersion(id.getVersion());
        apidto.setProvider(id.getProviderName());
        apidto.setContext(api.getContextTemplate());
        apidto.setLifeCycleStatus(api.getStatus());
        apidto.setType(APIDTO.TypeEnum.fromValue(api.getType()));
        List<APIResource> removedProductResources = getRemovedProductResources(apidto, api);
        if (!removedProductResources.isEmpty()) {
            throw new APIManagementException("Cannot remove following resource paths " + removedProductResources.toString() + " because they are used by one or more API Products", ExceptionCodes.from(ExceptionCodes.API_PRODUCT_USED_RESOURCES, new String[]{api.getId().getApiName(), api.getId().getVersion()}));
        }
        List<String> securityScheme = apidto.getSecurityScheme();
        List<String> policies = apidto.getPolicies();
        String status = api.getStatus();
        if ((securityScheme.contains("oauth2") || securityScheme.contains("api_key")) && ((policies == null || !(!policies.isEmpty() || "CREATED".equals(status) || "PROTOTYPED".equals(status))) && !apidto.getAdvertiseInfo().isAdvertised().booleanValue())) {
            throw new APIManagementException("A tier should be defined if the API is not in CREATED or PROTOTYPED state", ExceptionCodes.TIER_CANNOT_BE_NULL);
        }
        if (policies != null && !policies.isEmpty()) {
            List<String> invalidTierNames = getInvalidTierNames(aPIProvider.getTiers(), policies);
            if (invalidTierNames.size() > 0) {
                throw new APIManagementException("Specified tier(s) " + Arrays.toString(invalidTierNames.toArray()) + " are invalid", ExceptionCodes.TIER_NAME_INVALID);
            }
        }
        if (apidto.getAccessControlRoles() != null) {
            String validateUserRoles = validateUserRoles(apidto.getAccessControlRoles());
            if (!validateUserRoles.isEmpty()) {
                throw new APIManagementException(validateUserRoles, ExceptionCodes.INVALID_USER_ROLES);
            }
        }
        if (apidto.getVisibleRoles() != null) {
            String validateRoles = validateRoles(apidto.getVisibleRoles());
            if (!validateRoles.isEmpty()) {
                throw new APIManagementException(validateRoles, ExceptionCodes.INVALID_USER_ROLES);
            }
        }
        if (apidto.getAdditionalProperties() != null) {
            String validateAdditionalProperties = validateAdditionalProperties(apidto.getAdditionalProperties());
            if (!validateAdditionalProperties.isEmpty()) {
                throw new APIManagementException(validateAdditionalProperties, ExceptionCodes.from(ExceptionCodes.INVALID_ADDITIONAL_PROPERTIES, new String[]{apidto.getName(), apidto.getVersion()}));
            }
        }
        if (apidto.getOperations() == null || apidto.getOperations().isEmpty()) {
            throw new APIManagementException(ExceptionCodes.NO_RESOURCES_FOUND);
        }
        API fromDTOtoAPI = APIMappingUtil.fromDTOtoAPI(apidto, id.getProviderName());
        if ("public".equals(fromDTOtoAPI.getVisibility())) {
            fromDTOtoAPI.setVisibleRoles("");
        }
        fromDTOtoAPI.setUUID(api.getUUID());
        fromDTOtoAPI.setOrganization(api.getOrganization());
        validateScopes(fromDTOtoAPI);
        fromDTOtoAPI.setThumbnailUrl(api.getThumbnailUrl());
        if (apidto.getKeyManagers() instanceof List) {
            fromDTOtoAPI.setKeyManagers((List) apidto.getKeyManagers());
        } else {
            fromDTOtoAPI.setKeyManagers(Collections.singletonList("all"));
        }
        if (z2) {
            aPIProvider.saveAsyncApiDefinition(api, new AsyncApiParser().updateAsyncAPIDefinition(aPIProvider.getAsyncAPIDefinition(fromDTOtoAPI.getUuid(), api.getOrganization()), fromDTOtoAPI));
        } else {
            String openAPIDefinition = aPIProvider.getOpenAPIDefinition(fromDTOtoAPI.getUuid(), api.getOrganization());
            APIDefinition oASParser = OASParserUtil.getOASParser(openAPIDefinition);
            String generateAPIDefinition = oASParser.generateAPIDefinition(new SwaggerData(fromDTOtoAPI), openAPIDefinition);
            aPIProvider.saveSwaggerDefinition(fromDTOtoAPI, generateAPIDefinition, api.getOrganization());
            if (!z) {
                Set<URITemplate> uRITemplates = oASParser.getURITemplates(generateAPIDefinition);
                Set<URITemplate> uriTemplates = fromDTOtoAPI.getUriTemplates();
                HashMap hashMap = new HashMap();
                for (URITemplate uRITemplate : uriTemplates) {
                    if (!uRITemplate.getOperationPolicies().isEmpty()) {
                        hashMap.put(uRITemplate.getHTTPVerb() + ":" + uRITemplate.getUriTemplate(), uRITemplate.getOperationPolicies());
                    }
                }
                for (URITemplate uRITemplate2 : uRITemplates) {
                    String str4 = uRITemplate2.getHTTPVerb() + ":" + uRITemplate2.getUriTemplate();
                    if (hashMap.containsKey(str4)) {
                        uRITemplate2.setOperationPolicies((List) hashMap.get(str4));
                    }
                }
                fromDTOtoAPI.setUriTemplates(uRITemplates);
            }
        }
        fromDTOtoAPI.setWsdlUrl(apidto.getWsdlUrl());
        fromDTOtoAPI.setGatewayType(apidto.getGatewayType());
        if (apidto.getThrottlingLimit() != null) {
            fromDTOtoAPI.setThrottleLimit(ThrottlingLimitMappingUtil.fromDTOToThrottlingLimit(apidto.getThrottlingLimit()));
        }
        List<APICategory> apiCategories = fromDTOtoAPI.getApiCategories();
        ArrayList arrayList = new ArrayList();
        for (APICategory aPICategory : apiCategories) {
            aPICategory.setOrganization(api.getOrganization());
            arrayList.add(aPICategory);
        }
        fromDTOtoAPI.setApiCategories(arrayList);
        if (arrayList.size() > 0 && !APIUtil.validateAPICategories(arrayList, api.getOrganization())) {
            throw new APIManagementException("Invalid API Category name(s) defined", ExceptionCodes.from(ExceptionCodes.API_CATEGORY_INVALID, new String[0]));
        }
        fromDTOtoAPI.setOrganization(api.getOrganization());
        aPIProvider.updateAPI(fromDTOtoAPI, api);
        return aPIProvider.getAPIbyUUID(api.getUuid(), api.getOrganization());
    }

    public static void encryptEndpointSecurityOAuthCredentials(Map map, CryptoUtil cryptoUtil, String str, String str2, APIDTO apidto) throws CryptoException, APIManagementException {
        if (map == null || map.get("endpoint_security") == null) {
            return;
        }
        Map map2 = (Map) map.get("endpoint_security");
        if (map2.get("production") != null) {
            Map map3 = (Map) map2.get("production");
            String str3 = (String) map3.get("type");
            map3.put("customParameters", !(map3.get("customParameters") instanceof String) ? JSONObject.toJSONString((LinkedHashMap) map3.get("customParameters")) : map3.get("customParameters") != null ? (String) map3.get("customParameters") : "{}");
            if ("OAUTH".equals(str3)) {
                if (map3.get("clientSecret") != null && StringUtils.isNotBlank(map3.get("clientSecret").toString())) {
                    map3.put("clientSecret", cryptoUtil.encryptAndBase64Encode(map3.get("clientSecret").toString().getBytes()));
                } else {
                    if (!StringUtils.isNotBlank(str)) {
                        throw new APIManagementException(ExceptionCodes.from(ExceptionCodes.INVALID_ENDPOINT_CREDENTIALS, new String[]{"Client secret is not provided for production endpoint security"}));
                    }
                    map3.put("clientSecret", str);
                }
            }
            map2.put("production", map3);
            map.put("endpoint_security", map2);
            apidto.setEndpointConfig(map);
        }
        if (map2.get("sandbox") != null) {
            Map map4 = (Map) map2.get("sandbox");
            String str4 = (String) map4.get("type");
            map4.put("customParameters", !(map4.get("customParameters") instanceof String) ? JSONObject.toJSONString((Map) map4.get("customParameters")) : map4.get("customParameters") != null ? (String) map4.get("customParameters") : "{}");
            if ("OAUTH".equals(str4)) {
                if (map4.get("clientSecret") != null && StringUtils.isNotBlank(map4.get("clientSecret").toString())) {
                    map4.put("clientSecret", cryptoUtil.encryptAndBase64Encode(map4.get("clientSecret").toString().getBytes()));
                } else {
                    if (!StringUtils.isNotBlank(str2)) {
                        throw new APIManagementException(ExceptionCodes.from(ExceptionCodes.INVALID_ENDPOINT_CREDENTIALS, new String[]{"Client secret is not provided for sandbox endpoint security"}));
                    }
                    map4.put("clientSecret", str2);
                }
            }
            map2.put("sandbox", map4);
            map.put("endpoint_security", map2);
            apidto.setEndpointConfig(map);
        }
    }

    private static boolean checkClassScopeAnnotation(Scope[] scopeArr, String[] strArr) {
        for (Scope scope : scopeArr) {
            for (String str : strArr) {
                if (scope.name().equals(str)) {
                    return true;
                }
            }
        }
        return false;
    }

    private static JSONObject overrideDTOValues(JSONObject jSONObject, JSONObject jSONObject2, Field field, String[] strArr, Scope[] scopeArr) throws APIManagementException {
        for (String str : strArr) {
            for (Scope scope : scopeArr) {
                if (scope.name().equals(str)) {
                    jSONObject.put(field.getName(), jSONObject2.get(field.getName()));
                    return jSONObject;
                }
            }
        }
        throw new APIManagementException("User is not authorized to update one or more API fields. None of the required scopes found in user token to update the field. So the request will be failed.", ExceptionCodes.INVALID_SCOPE);
    }

    private static APIDTO getFieldOverriddenAPIDTO(APIDTO apidto, API api, String[] strArr) throws APIManagementException {
        try {
            APIDTO fromAPItoDTO = APIMappingUtil.fromAPItoDTO(api);
            Field[] declaredFields = APIDTO.class.getDeclaredFields();
            ObjectMapper objectMapper = new ObjectMapper();
            String writeValueAsString = objectMapper.writeValueAsString(apidto);
            JSONParser jSONParser = new JSONParser();
            JSONObject jSONObject = (JSONObject) jSONParser.parse(writeValueAsString);
            JSONObject jSONObject2 = (JSONObject) jSONParser.parse(objectMapper.writeValueAsString(fromAPItoDTO));
            for (Field field : declaredFields) {
                Scope[] annotationsByType = field.getAnnotationsByType(Scope.class);
                if (!StringUtils.equals(objectMapper.writeValueAsString(jSONObject2.get(field.getName())), objectMapper.writeValueAsString(jSONObject.get(field.getName())))) {
                    jSONObject2 = overrideDTOValues(jSONObject2, jSONObject, field, strArr, annotationsByType);
                }
            }
            return (APIDTO) objectMapper.readValue(jSONObject2.toJSONString(), APIDTO.class);
        } catch (IOException | ParseException e) {
            throw new APIManagementException("Error while processing API DTO json strings", e, ExceptionCodes.JSON_PARSE_ERROR);
        }
    }

    private static List<APIResource> getRemovedProductResources(APIDTO apidto, API api) {
        List<APIOperationsDTO> operations = apidto.getOperations();
        Set<URITemplate> uriTemplates = api.getUriTemplates();
        ArrayList arrayList = new ArrayList();
        for (URITemplate uRITemplate : uriTemplates) {
            if (!uRITemplate.retrieveUsedByProducts().isEmpty()) {
                String hTTPVerb = uRITemplate.getHTTPVerb();
                String uriTemplate = uRITemplate.getUriTemplate();
                boolean z = true;
                Iterator<APIOperationsDTO> it = operations.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    APIOperationsDTO next = it.next();
                    String verb = next.getVerb();
                    String target = next.getTarget();
                    if (hTTPVerb.equalsIgnoreCase(verb) && uriTemplate.equalsIgnoreCase(target)) {
                        z = false;
                        break;
                    }
                }
                if (z) {
                    arrayList.add(new APIResource(hTTPVerb, uriTemplate));
                }
            }
        }
        return arrayList;
    }

    public static String validateUserRoles(List<String> list) throws APIManagementException {
        String loggedInUsername = RestApiCommonUtil.getLoggedInUsername();
        boolean z = false;
        String[] strArr = null;
        if (APIUtil.hasPermission(loggedInUsername, "/permission/admin/manage/apim_admin")) {
            z = true;
        } else {
            strArr = APIUtil.getListOfRoles(loggedInUsername);
        }
        if (list == null || list.isEmpty()) {
            return "";
        }
        if (z || strArr == null) {
            return !APIUtil.isRoleNameExist(loggedInUsername, String.join(",", list)) ? "Invalid user roles found in accessControlRole list" : "";
        }
        Iterator<String> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (APIUtil.compareRoleList(strArr, it.next())) {
                z = true;
                break;
            }
        }
        return z ? "" : "This user does not have at least one role specified in API access control.";
    }

    public static String validateRoles(List<String> list) throws APIManagementException {
        return (list == null || list.isEmpty() || APIUtil.isRoleNameExist(RestApiCommonUtil.getLoggedInUsername(), String.join(",", list))) ? "" : "Invalid user roles found in visibleRoles list";
    }

    public static String validateAdditionalProperties(List<APIInfoAdditionalPropertiesDTO> list) {
        if (list == null) {
            return "";
        }
        for (APIInfoAdditionalPropertiesDTO aPIInfoAdditionalPropertiesDTO : list) {
            String name = aPIInfoAdditionalPropertiesDTO.getName();
            String value = aPIInfoAdditionalPropertiesDTO.getValue();
            if (name.contains(" ")) {
                return "Property names should not contain space character. Property '" + name + "' contains space in it.";
            }
            if (Arrays.asList(APIConstants.API_SEARCH_PREFIXES).contains(name.toLowerCase())) {
                return "Property '" + name + "' conflicts with the reserved keywords. Reserved keywords are [" + Arrays.toString(APIConstants.API_SEARCH_PREFIXES) + "]";
            }
            if (name.length() > 80) {
                return "Property name can have maximum of 80 characters. Property '" + name + "' + contains " + name.length() + "characters";
            }
            if (value.length() > 900) {
                return "Property value can have maximum of 900 characters. Property '" + name + "' + contains a value with " + value.length() + "characters";
            }
        }
        return "";
    }

    public static void validateScopes(API api) throws APIManagementException {
        String loggedInUsername = RestApiCommonUtil.getLoggedInUsername();
        int internalOrganizationId = APIUtil.getInternalOrganizationId(api.getOrganization());
        String tenantDomainFromTenantId = APIUtil.getTenantDomainFromTenantId(internalOrganizationId);
        APIProvider provider = RestApiCommonUtil.getProvider(loggedInUsername);
        HashSet hashSet = new HashSet();
        String scopePrefix = api.getScopePrefix();
        for (org.wso2.carbon.apimgt.api.model.Scope scope : api.getScopes()) {
            String key = scope.getKey();
            if (StringUtils.isBlank(scope.getName())) {
                scope.setName(APIUtil.removeScopePrefix(scopePrefix, key));
            }
            if (scopePrefix != null) {
                key = APIUtil.prependScopePrefix(scopePrefix, key);
            }
            if (!APIUtil.isAllowedScope(key)) {
                if (provider.isScopeKeyAssignedLocally(api.getId().getApiName(), key, api.getOrganization())) {
                    throw new APIManagementException("Scope " + key + " is already assigned locally by another API", ExceptionCodes.SCOPE_ALREADY_ASSIGNED);
                }
                if (provider.isSharedScopeNameExists(key, internalOrganizationId)) {
                    hashSet.add(scope);
                }
            }
            if (StringUtils.isBlank(scope.getDescription())) {
                scope.setDescription("");
            }
            if (scope.getRoles() != null) {
                for (String str : scope.getRoles().split(",")) {
                    if (!APIUtil.isRoleNameExist(loggedInUsername, str)) {
                        throw new APIManagementException("Role '" + str + "' does not exist.", ExceptionCodes.ROLE_DOES_NOT_EXIST);
                    }
                }
            } else {
                continue;
            }
        }
        provider.validateSharedScopes(hashSet, tenantDomainFromTenantId);
    }

    public static API addAPIWithGeneratedSwaggerDefinition(APIDTO apidto, String str, String str2, String str3) throws APIManagementException, CryptoException {
        if (APIUtil.isOnPremResolver()) {
            apidto.setName(apidto.getName().replaceAll("\\s+", ""));
        }
        if (APIDTO.TypeEnum.ASYNC.equals(apidto.getType())) {
            throw new APIManagementException("ASYNC API type does not support API creation from scratch", ExceptionCodes.API_CREATION_NOT_SUPPORTED_FOR_ASYNC_TYPE_APIS);
        }
        boolean equals = APIDTO.TypeEnum.WS.equals(apidto.getType());
        boolean z = equals || APIDTO.TypeEnum.WEBSUB.equals(apidto.getType()) || APIDTO.TypeEnum.SSE.equals(apidto.getType()) || APIDTO.TypeEnum.ASYNC.equals(apidto.getType());
        String loggedInUsername = StringUtils.isEmpty(str2) ? RestApiCommonUtil.getLoggedInUsername() : str2;
        APIProvider provider = RestApiCommonUtil.getProvider(loggedInUsername);
        if (equals && !isValidWSAPI(apidto)) {
            throw new APIManagementException("Endpoint URLs should be valid web socket URLs", ExceptionCodes.INVALID_ENDPOINT_URL);
        }
        if (!validateEndpoints(apidto)) {
            throw new APIManagementException("Invalid/Malformed endpoint URL(s) detected", ExceptionCodes.INVALID_ENDPOINT_URL);
        }
        Map map = (Map) apidto.getEndpointConfig();
        CryptoUtil defaultCryptoUtil = CryptoUtil.getDefaultCryptoUtil();
        encryptEndpointSecurityOAuthCredentials(map, defaultCryptoUtil, "", "", apidto);
        if (apidto.getEndpointConfig() != null && map.containsKey("amznSecretKey")) {
            String str4 = (String) map.get("amznSecretKey");
            if (!StringUtils.isEmpty(str4)) {
                map.put("amznSecretKey", defaultCryptoUtil.encryptAndBase64Encode(str4.getBytes()));
                apidto.setEndpointConfig(map);
            }
        }
        API prepareToCreateAPIByDTO = prepareToCreateAPIByDTO(apidto, provider, loggedInUsername, str3);
        validateScopes(prepareToCreateAPIByDTO);
        List<APICategory> apiCategories = prepareToCreateAPIByDTO.getApiCategories();
        ArrayList arrayList = new ArrayList();
        for (APICategory aPICategory : apiCategories) {
            aPICategory.setOrganization(str3);
            arrayList.add(aPICategory);
        }
        prepareToCreateAPIByDTO.setApiCategories(arrayList);
        if (arrayList.size() > 0 && !APIUtil.validateAPICategories(arrayList, str3)) {
            throw new APIManagementException("Invalid API Category name(s) defined", ExceptionCodes.from(ExceptionCodes.API_CATEGORY_INVALID, new String[0]));
        }
        if (z) {
            prepareToCreateAPIByDTO.setAsyncApiDefinition(new AsyncApiParser().generateAsyncAPIDefinition(prepareToCreateAPIByDTO));
        } else {
            prepareToCreateAPIByDTO.setSwaggerDefinition(("v2".equalsIgnoreCase(str) ? new OAS2Parser() : new OAS3Parser()).generateAPIDefinition(new SwaggerData(prepareToCreateAPIByDTO)));
        }
        prepareToCreateAPIByDTO.setOrganization(str3);
        if (z) {
            prepareToCreateAPIByDTO.setAsyncApiDefinition(new AsyncApiParser().generateAsyncAPIDefinition(prepareToCreateAPIByDTO));
        }
        provider.addAPI(prepareToCreateAPIByDTO);
        return prepareToCreateAPIByDTO;
    }

    public static boolean isValidWSAPI(APIDTO apidto) {
        boolean z = false;
        if (apidto.getEndpointConfig() != null) {
            Map map = (Map) apidto.getEndpointConfig();
            String valueOf = String.valueOf(((Map) map.get("production_endpoints")).get("url"));
            String valueOf2 = String.valueOf(((Map) map.get("sandbox_endpoints")).get("url"));
            z = valueOf.startsWith("ws://") || valueOf.startsWith("wss://");
            if (z) {
                z = valueOf2.startsWith("ws://") || valueOf2.startsWith("wss://");
            }
        }
        return z;
    }

    public static boolean validateEndpoints(APIDTO apidto) {
        ArrayList arrayList = new ArrayList();
        org.json.JSONObject jSONObject = new org.json.JSONObject((Map) apidto.getEndpointConfig());
        if (!jSONObject.isNull("endpoint_type") && StringUtils.equals(jSONObject.get("endpoint_type").toString(), "default")) {
            return true;
        }
        extractURLsFromEndpointConfig(jSONObject, "sandbox_endpoints", arrayList);
        extractURLsFromEndpointConfig(jSONObject, "production_endpoints", arrayList);
        return APIUtil.validateEndpointURLs(arrayList);
    }

    private static void extractURLsFromEndpointConfig(org.json.JSONObject jSONObject, String str, ArrayList<String> arrayList) {
        if (jSONObject.isNull(str)) {
            return;
        }
        if (jSONObject.optJSONObject(str) != null) {
            arrayList.add(jSONObject.getJSONObject(str).getString("url"));
            return;
        }
        JSONArray jSONArray = jSONObject.getJSONArray(str);
        for (int i = 0; i < jSONArray.length(); i++) {
            arrayList.add((String) jSONArray.getJSONObject(i).get("url"));
        }
    }

    public static String constructEndpointConfigForService(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        String lowerCase = APIDTO.TypeEnum.HTTP.value().toLowerCase();
        if (StringUtils.isNotEmpty(str2) && (APIDTO.TypeEnum.SSE.equals(str2.toUpperCase()) || APIDTO.TypeEnum.WS.equals(str2.toUpperCase()))) {
            lowerCase = "ws";
        }
        if (StringUtils.isNotEmpty(str)) {
            sb.append("{\"endpoint_type\": \"").append(lowerCase).append("\",").append("\"production_endpoints\": {\"url\": \"").append(str).append("\"}}");
        }
        return sb.toString();
    }

    public static APIDTO.TypeEnum getAPIType(ServiceEntry.DefinitionType definitionType, String str) throws APIManagementException {
        if (ServiceEntry.DefinitionType.ASYNC_API.equals(definitionType)) {
            if (str.isEmpty()) {
                throw new APIManagementException("A protocol should be specified in the Async API definition", ExceptionCodes.MISSING_PROTOCOL_IN_ASYNC_API_DEFINITION);
            }
            if (!"WEBSUB".equals(str.toUpperCase()) && !"SSE".equals(str.toUpperCase()) && !"WS".equals(str.toUpperCase())) {
                throw new APIManagementException("Unsupported protocol specified in Async API Definition", ExceptionCodes.UNSUPPORTED_PROTOCOL_SPECIFIED_IN_ASYNC_API_DEFINITION);
            }
        }
        switch (AnonymousClass1.$SwitchMap$org$wso2$carbon$apimgt$api$model$ServiceEntry$DefinitionType[definitionType.ordinal()]) {
            case 1:
            case 2:
                return APIDTO.TypeEnum.SOAP;
            case 3:
                return APIDTO.TypeEnum.GRAPHQL;
            case 4:
                return APIDTO.TypeEnum.fromValue(str.toUpperCase());
            default:
                return APIDTO.TypeEnum.HTTP;
        }
    }

    public static API prepareToCreateAPIByDTO(APIDTO apidto, APIProvider aPIProvider, String str, String str2) throws APIManagementException {
        String context = apidto.getContext();
        String str3 = context.startsWith("/") ? context : "/" + context;
        if (apidto.getAccessControlRoles() != null) {
            String validateUserRoles = validateUserRoles(apidto.getAccessControlRoles());
            if (!validateUserRoles.isEmpty()) {
                throw new APIManagementException(validateUserRoles, ExceptionCodes.INVALID_USER_ROLES);
            }
        }
        if (apidto.getAdditionalProperties() != null) {
            String validateAdditionalProperties = validateAdditionalProperties(apidto.getAdditionalProperties());
            if (!validateAdditionalProperties.isEmpty()) {
                throw new APIManagementException(validateAdditionalProperties, ExceptionCodes.from(ExceptionCodes.INVALID_ADDITIONAL_PROPERTIES, new String[]{apidto.getName(), apidto.getVersion()}));
            }
        }
        if (apidto.getContext() == null) {
            throw new APIManagementException("Parameter: \"context\" cannot be null", ExceptionCodes.PARAMETER_NOT_PROVIDED);
        }
        if (apidto.getContext().endsWith("/")) {
            throw new APIManagementException("Context cannot end with '/' character", ExceptionCodes.INVALID_CONTEXT);
        }
        if (aPIProvider.isApiNameWithDifferentCaseExist(apidto.getName(), str2)) {
            throw new APIManagementException("Error occurred while adding API. API with name " + apidto.getName() + " already exists.", ExceptionCodes.from(ExceptionCodes.API_NAME_ALREADY_EXISTS, new String[]{apidto.getName()}));
        }
        if (apidto.getAuthorizationHeader() == null) {
            apidto.setAuthorizationHeader(APIUtil.getOAuthConfigurationFromAPIMConfig("AuthorizationHeader"));
        }
        if (apidto.getAuthorizationHeader() == null) {
            apidto.setAuthorizationHeader("Authorization");
        }
        if (apidto.getVisibility() == APIDTO.VisibilityEnum.RESTRICTED && apidto.getVisibleRoles().isEmpty()) {
            throw new APIManagementException("Valid roles should be added under 'visibleRoles' to restrict the visibility", ExceptionCodes.USER_ROLES_CANNOT_BE_NULL);
        }
        if (apidto.getVisibleRoles() != null) {
            String validateRoles = validateRoles(apidto.getVisibleRoles());
            if (!validateRoles.isEmpty()) {
                throw new APIManagementException(validateRoles, ExceptionCodes.INVALID_USER_ROLES);
            }
        }
        List apiVersionsMatchingApiNameAndOrganization = aPIProvider.getApiVersionsMatchingApiNameAndOrganization(apidto.getName(), str, str2);
        if (apiVersionsMatchingApiNameAndOrganization.size() > 0) {
            Iterator it = apiVersionsMatchingApiNameAndOrganization.iterator();
            while (it.hasNext()) {
                if (((String) it.next()).equalsIgnoreCase(apidto.getVersion())) {
                    if (aPIProvider.isDuplicateContextTemplateMatchingOrganization(str3, str2)) {
                        throw new APIManagementException("Error occurred while adding the API. A duplicate API already exists for " + str3 + " in the organization : " + str2, ExceptionCodes.API_ALREADY_EXISTS);
                    }
                    throw new APIManagementException("Error occurred while adding API. API with name " + apidto.getName() + " already exists with different context" + str3 + " in the organization : " + str2, ExceptionCodes.API_ALREADY_EXISTS);
                }
            }
        } else if (aPIProvider.isDuplicateContextTemplateMatchingOrganization(str3, str2)) {
            throw new APIManagementException("Error occurred while adding the API. A duplicate API context already exists for " + str3 + " in the organization : " + str2, ExceptionCodes.from(ExceptionCodes.API_CONTEXT_ALREADY_EXISTS, new String[]{str3}));
        }
        String provider = apidto.getProvider();
        if (StringUtils.isBlank(provider) || provider.equals(str)) {
            provider = str;
        } else if (!APIUtil.hasPermission(str, "/permission/admin/manage/apim_admin")) {
            if (log.isDebugEnabled()) {
                log.debug("User " + str + " does not have admin permission (/permission/admin/manage/apim_admin) hence provider (" + provider + ") overridden with current user (" + str + ")");
            }
            provider = str;
        } else if (!APIUtil.isUserExist(provider)) {
            throw new APIManagementException("Specified provider " + provider + " not exist.", ExceptionCodes.PARAMETER_NOT_PROVIDED);
        }
        List<String> invalidTierNames = getInvalidTierNames(aPIProvider.getTiers(), apidto.getPolicies());
        if (invalidTierNames.size() > 0) {
            throw new APIManagementException("Specified tier(s) " + Arrays.toString(invalidTierNames.toArray()) + " are invalid", ExceptionCodes.TIER_NAME_INVALID);
        }
        if (aPIProvider.getAPIPolicy(str, apidto.getApiThrottlingPolicy()) == null && apidto.getApiThrottlingPolicy() != null) {
            throw new APIManagementException("Specified policy " + apidto.getApiThrottlingPolicy() + " is invalid", ExceptionCodes.UNSUPPORTED_THROTTLE_LIMIT_TYPE);
        }
        API fromDTOtoAPI = APIMappingUtil.fromDTOtoAPI(apidto, provider);
        if (!"PROTOTYPED".equals(fromDTOtoAPI.getStatus())) {
            fromDTOtoAPI.setStatus("CREATED");
        }
        if (!fromDTOtoAPI.isAdvertiseOnly() || StringUtils.isBlank(fromDTOtoAPI.getApiOwner())) {
            fromDTOtoAPI.setApiOwner(provider);
        }
        if (apidto.getKeyManagers() instanceof List) {
            fromDTOtoAPI.setKeyManagers((List) apidto.getKeyManagers());
        } else {
            if (apidto.getKeyManagers() != null) {
                throw new APIManagementException("KeyManagers value need to be an array");
            }
            fromDTOtoAPI.setKeyManagers(Collections.singletonList("all"));
        }
        if (apidto.getGatewayVendor() == null) {
            fromDTOtoAPI.setGatewayVendor("wso2");
        }
        fromDTOtoAPI.setOrganization(str2);
        fromDTOtoAPI.setGatewayType(apidto.getGatewayType());
        return fromDTOtoAPI;
    }

    public static String updateAPIDefinition(String str, APIDefinitionValidationResponse aPIDefinitionValidationResponse, ServiceEntry serviceEntry, String str2) throws APIManagementException, FaultGatewaysException {
        if (ServiceEntry.DefinitionType.OAS2.equals(serviceEntry.getDefinitionType()) || ServiceEntry.DefinitionType.OAS3.equals(serviceEntry.getDefinitionType())) {
            return updateSwagger(str, aPIDefinitionValidationResponse, true, str2);
        }
        if (ServiceEntry.DefinitionType.ASYNC_API.equals(serviceEntry.getDefinitionType())) {
            return updateAsyncAPIDefinition(str, aPIDefinitionValidationResponse, str2);
        }
        return null;
    }

    public static String updateAsyncAPIDefinition(String str, APIDefinitionValidationResponse aPIDefinitionValidationResponse, String str2) throws APIManagementException, FaultGatewaysException {
        APIProvider loggedInUserProvider = RestApiCommonUtil.getLoggedInUserProvider();
        API aPIbyUUID = loggedInUserProvider.getAPIbyUUID(str, str2);
        API aPIbyUUID2 = loggedInUserProvider.getAPIbyUUID(str, str2);
        aPIbyUUID2.setOrganization(str2);
        String jsonContent = aPIDefinitionValidationResponse.getJsonContent();
        AsyncApiParser asyncApiParser = new AsyncApiParser();
        Set uRITemplates = asyncApiParser.getURITemplates(jsonContent, "WS".equals(aPIbyUUID2.getType()) || !"wso2".equals(aPIbyUUID2.getGatewayVendor()));
        if (uRITemplates == null || uRITemplates.isEmpty()) {
            throw new APIManagementException(ExceptionCodes.NO_RESOURCES_FOUND);
        }
        aPIbyUUID2.setUriTemplates(uRITemplates);
        aPIbyUUID2.setWsUriMapping(asyncApiParser.buildWSUriMapping(jsonContent));
        aPIbyUUID2.setAsyncApiDefinition(jsonContent);
        loggedInUserProvider.saveAsyncApiDefinition(aPIbyUUID2, jsonContent);
        loggedInUserProvider.updateAPI(aPIbyUUID2, aPIbyUUID);
        return loggedInUserProvider.getAsyncAPIDefinition(aPIbyUUID2.getId().getUUID(), str2);
    }

    public static String updateSwagger(String str, APIDefinitionValidationResponse aPIDefinitionValidationResponse, boolean z, String str2) throws APIManagementException, FaultGatewaysException {
        APIProvider loggedInUserProvider = RestApiCommonUtil.getLoggedInUserProvider();
        API aPIbyUUID = loggedInUserProvider.getAPIbyUUID(str, str2);
        APIDefinition parser = aPIDefinitionValidationResponse.getParser();
        String jsonContent = aPIDefinitionValidationResponse.getJsonContent();
        String copyVendorExtensions = z ? parser.copyVendorExtensions(aPIbyUUID.getSwaggerDefinition(), jsonContent) : OASParserUtil.preProcess(jsonContent);
        if ("SOAPTOREST".equals(aPIbyUUID.getType())) {
            aPIbyUUID.setSoapToRestSequences(SequenceGenerator.generateSequencesFromSwagger(copyVendorExtensions));
        }
        Set uRITemplates = parser.getURITemplates(copyVendorExtensions);
        if (uRITemplates == null || uRITemplates.isEmpty()) {
            throw new APIManagementException(ExceptionCodes.NO_RESOURCES_FOUND);
        }
        Set<org.wso2.carbon.apimgt.api.model.Scope> scopes = parser.getScopes(copyVendorExtensions);
        for (org.wso2.carbon.apimgt.api.model.Scope scope : scopes) {
            String roles = scope.getRoles();
            if (roles != null) {
                for (String str3 : roles.split(",")) {
                    if (!APIUtil.isRoleNameExist(RestApiCommonUtil.getLoggedInUsername(), str3)) {
                        throw new APIManagementException("Role '" + str3 + "' Does not exist.");
                    }
                }
            }
            if (aPIbyUUID.getScopes() != null) {
                Iterator it = aPIbyUUID.getScopes().iterator();
                while (true) {
                    if (it.hasNext()) {
                        org.wso2.carbon.apimgt.api.model.Scope scope2 = (org.wso2.carbon.apimgt.api.model.Scope) it.next();
                        if (scope2.getKey() != null && scope2.getKey().equals(scope.getKey())) {
                            scope.setName(scope2.getName());
                            break;
                        }
                    }
                }
            }
        }
        List removedProductResources = loggedInUserProvider.getRemovedProductResources(uRITemplates, aPIbyUUID);
        if (!removedProductResources.isEmpty()) {
            throw new APIManagementException("Cannot remove following resource paths " + removedProductResources.toString() + " because they are used by one or more API Products", ExceptionCodes.from(ExceptionCodes.API_PRODUCT_USED_RESOURCES, new String[]{aPIbyUUID.getId().getApiName(), aPIbyUUID.getId().getVersion()}));
        }
        loggedInUserProvider.setOperationPoliciesToURITemplates(str, uRITemplates);
        aPIbyUUID.setUriTemplates(uRITemplates);
        aPIbyUUID.setScopes(scopes);
        APIUtil.updateAPIScopesWithPrefix(aPIbyUUID);
        validateScopes(aPIbyUUID);
        String populateCustomManagementInfo = parser.populateCustomManagementInfo(copyVendorExtensions, new SwaggerData(aPIbyUUID));
        loggedInUserProvider.saveSwaggerDefinition(aPIbyUUID, populateCustomManagementInfo, str2);
        aPIbyUUID.setSwaggerDefinition(populateCustomManagementInfo);
        API aPIbyUUID2 = loggedInUserProvider.getAPIbyUUID(str, str2);
        aPIbyUUID.setStatus(aPIbyUUID2.getStatus());
        loggedInUserProvider.updateAPI(aPIbyUUID, aPIbyUUID2);
        return parser.getOASDefinitionForPublisher(aPIbyUUID, loggedInUserProvider.getOpenAPIDefinition(str, str2));
    }

    public static API addGraphQLSchema(API api, String str, APIProvider aPIProvider) throws APIManagementException, FaultGatewaysException {
        API aPIbyUUID = aPIProvider.getAPIbyUUID(api.getUuid(), api.getOrganization());
        api.setUriTemplates(APIMappingUtil.getURITemplates(api, APIMappingUtil.getOperationListWithOldData(api.getUriTemplates(), extractGraphQLOperationList(str))));
        aPIProvider.saveGraphqlSchemaDefinition(api.getUuid(), str, api.getOrganization());
        aPIProvider.updateAPI(api, aPIbyUUID);
        return api;
    }

    public static List<APIOperationsDTO> extractGraphQLOperationList(String str) {
        ArrayList arrayList = new ArrayList();
        for (Map.Entry entry : new SchemaParser().parse(str).types().entrySet()) {
            if (((TypeDefinition) entry.getValue()).getName().equals("Query") || ((TypeDefinition) entry.getValue()).getName().equals("Mutation") || ((TypeDefinition) entry.getValue()).getName().equals("Subscription")) {
                for (FieldDefinition fieldDefinition : ((ObjectTypeDefinition) entry.getValue()).getFieldDefinitions()) {
                    APIOperationsDTO aPIOperationsDTO = new APIOperationsDTO();
                    aPIOperationsDTO.setVerb((String) entry.getKey());
                    aPIOperationsDTO.setTarget(fieldDefinition.getName());
                    arrayList.add(aPIOperationsDTO);
                }
            }
        }
        return arrayList;
    }

    public static GraphQLValidationResponseDTO validateGraphQLSchema(String str, String str2) throws APIManagementException {
        String message;
        GraphQLValidationResponseDTO graphQLValidationResponseDTO = new GraphQLValidationResponseDTO();
        boolean z = false;
        try {
        } catch (SchemaProblem e) {
            message = e.getMessage();
        }
        if (!str.endsWith(".graphql") && !str.endsWith(".txt") && !str.endsWith(".sdl")) {
            throw new APIManagementException("Unsupported extension type of file: " + str, ExceptionCodes.UNSUPPORTED_GRAPHQL_FILE_EXTENSION);
        }
        if (str2.isEmpty()) {
            throw new APIManagementException("GraphQL Schema cannot be empty or null to validate it", ExceptionCodes.GRAPHQL_SCHEMA_CANNOT_BE_NULL);
        }
        TypeDefinitionRegistry parse = new SchemaParser().parse(str2);
        if (new SchemaValidator().validateSchema(UnExecutableSchemaGenerator.makeUnExecutableSchema(parse)).toArray().length > 0) {
            graphQLValidationResponseDTO.isValid(Boolean.FALSE);
            graphQLValidationResponseDTO.errorMessage("InValid Schema");
        } else {
            graphQLValidationResponseDTO.setIsValid(Boolean.TRUE);
            GraphQLValidationResponseGraphQLInfoDTO graphQLValidationResponseGraphQLInfoDTO = new GraphQLValidationResponseGraphQLInfoDTO();
            graphQLValidationResponseGraphQLInfoDTO.setOperations(APIMappingUtil.fromURITemplateListToOprationList(new GraphQLSchemaDefinition().extractGraphQLOperationList(parse, (String) null)));
            GraphQLSchemaDTO graphQLSchemaDTO = new GraphQLSchemaDTO();
            graphQLSchemaDTO.setSchemaDefinition(str2);
            graphQLValidationResponseGraphQLInfoDTO.setGraphQLSchema(graphQLSchemaDTO);
            graphQLValidationResponseDTO.setGraphQLInfo(graphQLValidationResponseGraphQLInfoDTO);
        }
        z = graphQLValidationResponseDTO.isIsValid().booleanValue();
        message = graphQLValidationResponseDTO.getErrorMessage();
        if (!z) {
            graphQLValidationResponseDTO.setIsValid(Boolean.valueOf(z));
            graphQLValidationResponseDTO.setErrorMessage(message);
        }
        return graphQLValidationResponseDTO;
    }

    public static void updateThumbnail(InputStream inputStream, String str, APIProvider aPIProvider, String str2, String str3) throws APIManagementException {
        aPIProvider.setThumbnailToAPI(str2, new ResourceFile(inputStream, str), str3);
    }

    public static Documentation addDocumentationToAPI(DocumentDTO documentDTO, String str, String str2) throws APIManagementException {
        APIProvider loggedInUserProvider = RestApiCommonUtil.getLoggedInUserProvider();
        Documentation fromDTOtoDocumentation = DocumentationMappingUtil.fromDTOtoDocumentation(documentDTO);
        String name = documentDTO.getName();
        if (documentDTO.getType() == null) {
            throw new APIManagementException("Documentation type cannot be empty", ExceptionCodes.PARAMETER_NOT_PROVIDED);
        }
        if (documentDTO.getType() == DocumentDTO.TypeEnum.OTHER && StringUtils.isBlank(documentDTO.getOtherTypeName())) {
            throw new APIManagementException("otherTypeName cannot be empty if type is OTHER.", ExceptionCodes.PARAMETER_NOT_PROVIDED);
        }
        String sourceUrl = documentDTO.getSourceUrl();
        if (documentDTO.getSourceType() == DocumentDTO.SourceTypeEnum.URL && (StringUtils.isBlank(sourceUrl) || !RestApiCommonUtil.isURL(sourceUrl))) {
            throw new APIManagementException("Invalid document sourceUrl Format", ExceptionCodes.PARAMETER_NOT_PROVIDED);
        }
        if (loggedInUserProvider.isDocumentationExist(str, name, str2)) {
            throw new APIManagementException("Requested document '" + name + "' already exists", ExceptionCodes.DOCUMENT_ALREADY_EXISTS);
        }
        return loggedInUserProvider.addDocumentation(str, fromDTOtoDocumentation, str2);
    }

    public static void addDocumentationContent(Documentation documentation, APIProvider aPIProvider, String str, String str2, String str3, String str4) throws APIManagementException {
        DocumentationContent documentationContent = new DocumentationContent();
        documentationContent.setSourceType(DocumentationContent.ContentSourceType.valueOf(documentation.getSourceType().toString()));
        documentationContent.setTextContent(str4);
        aPIProvider.addDocumentationContent(str, str2, str3, documentationContent);
    }

    public static void addDocumentationContentForFile(InputStream inputStream, String str, String str2, APIProvider aPIProvider, String str3, String str4, String str5) throws APIManagementException {
        DocumentationContent documentationContent = new DocumentationContent();
        ResourceFile resourceFile = new ResourceFile(inputStream, str);
        resourceFile.setName(str2);
        documentationContent.setResourceFile(resourceFile);
        documentationContent.setSourceType(DocumentationContent.ContentSourceType.FILE);
        aPIProvider.addDocumentationContent(str3, str4, str5, documentationContent);
    }

    public static List<String> getInvalidTierNames(Set<Tier> set, List<String> list) {
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            boolean z = false;
            Iterator<Tier> it = set.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (str.equals(it.next().getName())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                arrayList.add(str);
            }
        }
        return arrayList;
    }

    public static APIProduct updateApiProduct(APIProduct aPIProduct, APIProductDTO aPIProductDTO, APIProvider aPIProvider, String str, String str2) throws APIManagementException, FaultGatewaysException {
        List<String> securityScheme = aPIProductDTO.getSecurityScheme();
        List<String> policies = aPIProductDTO.getPolicies();
        if ((securityScheme.contains("oauth2") || securityScheme.contains("api_key")) && (policies == null || policies.isEmpty())) {
            throw new APIManagementException("No tier defined for the API Product", ExceptionCodes.TIER_CANNOT_BE_NULL);
        }
        List<String> invalidTierNames = getInvalidTierNames(aPIProvider.getTiers(), policies);
        if (!invalidTierNames.isEmpty()) {
            throw new APIManagementException("Specified tier(s) " + Arrays.toString(invalidTierNames.toArray()) + " are invalid", ExceptionCodes.TIER_NAME_INVALID);
        }
        if (aPIProductDTO.getAdditionalProperties() != null) {
            String validateAdditionalProperties = validateAdditionalProperties(aPIProductDTO.getAdditionalProperties());
            if (!validateAdditionalProperties.isEmpty()) {
                throw new APIManagementException(validateAdditionalProperties, ExceptionCodes.from(ExceptionCodes.INVALID_ADDITIONAL_PROPERTIES, new String[]{aPIProduct.getId().getName(), aPIProduct.getId().getVersion()}));
            }
        }
        APIProduct fromDTOtoAPIProduct = APIMappingUtil.fromDTOtoAPIProduct(aPIProductDTO, str);
        fromDTOtoAPIProduct.setState(aPIProduct.getState());
        APIProductIdentifier id = aPIProduct.getId();
        fromDTOtoAPIProduct.setID(id);
        fromDTOtoAPIProduct.setUuid(aPIProduct.getUuid());
        fromDTOtoAPIProduct.setOrganization(str2);
        aPIProvider.updateAPIProductSwagger(aPIProduct.getUuid(), aPIProvider.updateAPIProduct(fromDTOtoAPIProduct), fromDTOtoAPIProduct, str2);
        return aPIProvider.getAPIProduct(id);
    }

    public static APIProduct addAPIProductWithGeneratedSwaggerDefinition(APIProductDTO aPIProductDTO, String str, String str2) throws APIManagementException, FaultGatewaysException {
        String loggedInUsername = StringUtils.isEmpty(str) ? RestApiCommonUtil.getLoggedInUsername() : str;
        APIProvider provider = RestApiCommonUtil.getProvider(loggedInUsername);
        String provider2 = aPIProductDTO.getProvider();
        String context = aPIProductDTO.getContext();
        if (StringUtils.isBlank(provider2) || provider2.equals(loggedInUsername)) {
            provider2 = loggedInUsername;
        } else if (!APIUtil.hasPermission(loggedInUsername, "/permission/admin/manage/apim_admin")) {
            if (log.isDebugEnabled()) {
                log.debug("User " + loggedInUsername + " does not have admin permission (/permission/admin/manage/apim_admin) hence provider (" + provider2 + ") overridden with current user (" + loggedInUsername + ")");
            }
            provider2 = loggedInUsername;
        }
        List<String> invalidTierNames = getInvalidTierNames(provider.getTiers(), aPIProductDTO.getPolicies());
        if (!invalidTierNames.isEmpty()) {
            throw new APIManagementException("Specified tier(s) " + Arrays.toString(invalidTierNames.toArray()) + " are invalid", ExceptionCodes.TIER_NAME_INVALID);
        }
        if (aPIProductDTO.getAdditionalProperties() != null) {
            String validateAdditionalProperties = validateAdditionalProperties(aPIProductDTO.getAdditionalProperties());
            if (!validateAdditionalProperties.isEmpty()) {
                throw new APIManagementException(validateAdditionalProperties, ExceptionCodes.from(ExceptionCodes.INVALID_ADDITIONAL_PROPERTIES, new String[]{aPIProductDTO.getName()}));
            }
        }
        if (aPIProductDTO.getVisibility() == null) {
            aPIProductDTO.setVisibility(APIProductDTO.VisibilityEnum.PUBLIC);
        }
        if (aPIProductDTO.getAuthorizationHeader() == null) {
            aPIProductDTO.setAuthorizationHeader(APIUtil.getOAuthConfigurationFromAPIMConfig("AuthorizationHeader"));
        }
        if (aPIProductDTO.getAuthorizationHeader() == null) {
            aPIProductDTO.setAuthorizationHeader("Authorization");
        }
        if (context.endsWith("/{version}")) {
            context = context.replace("/{version}", "");
        }
        String str3 = context.startsWith("/") ? context : "/" + context;
        if (provider.isContextExist(str3, str2)) {
            throw new APIManagementException("Error occurred while adding API Product. API Product with the context " + str3 + " already exists.", ExceptionCodes.from(ExceptionCodes.API_PRODUCT_CONTEXT_ALREADY_EXISTS, new String[]{str3}));
        }
        if (aPIProductDTO.getGatewayVendor() == null) {
            aPIProductDTO.setGatewayVendor("wso2");
        }
        APIProduct fromDTOtoAPIProduct = APIMappingUtil.fromDTOtoAPIProduct(aPIProductDTO, provider2);
        fromDTOtoAPIProduct.setOrganization(str2);
        if (!"PROTOTYPED".equals(fromDTOtoAPIProduct.getState())) {
            fromDTOtoAPIProduct.setState("CREATED");
        }
        APIProductIdentifier id = fromDTOtoAPIProduct.getId();
        Map addAPIProductWithoutPublishingToGateway = provider.addAPIProductWithoutPublishingToGateway(fromDTOtoAPIProduct);
        APIProduct aPIProduct = provider.getAPIProduct(id);
        provider.addAPIProductSwagger(aPIProduct.getUuid(), addAPIProductWithoutPublishingToGateway, aPIProduct, str2);
        return provider.getAPIProduct(id);
    }

    public static boolean isStreamingAPI(APIDTO apidto) {
        return APIDTO.TypeEnum.WS.equals(apidto.getType()) || APIDTO.TypeEnum.SSE.equals(apidto.getType()) || APIDTO.TypeEnum.WEBSUB.equals(apidto.getType()) || APIDTO.TypeEnum.ASYNC.equals(apidto.getType());
    }

    public static boolean isThirdPartyAsyncAPI(APIDTO apidto) {
        return APIDTO.TypeEnum.ASYNC.equals(apidto.getType()) && apidto.getAdvertiseInfo() != null && apidto.getAdvertiseInfo().isAdvertised().booleanValue();
    }

    public static void addWsdl(String str, InputStream inputStream, API api, APIProvider aPIProvider, String str2) throws APIManagementException {
        ResourceFile resourceFile = ("application/zip".equals(str) || "application/x-zip-compressed".equals(str)) ? new ResourceFile(inputStream, "application/zip") : new ResourceFile(inputStream, str);
        api.setWsdlResource(resourceFile);
        aPIProvider.addWSDLResource(api.getUuid(), resourceFile, (String) null, str2);
    }

    public static API updateAPIBySettingGenerateSequencesFromSwagger(String str, API api, APIProvider aPIProvider, String str2) throws APIManagementException, FaultGatewaysException {
        List generateSequencesFromSwagger = SequenceGenerator.generateSequencesFromSwagger(str);
        API aPIbyUUID = aPIProvider.getAPIbyUUID(api.getUuid(), str2);
        aPIbyUUID.setSoapToRestSequences(generateSequencesFromSwagger);
        return aPIProvider.updateAPI(aPIbyUUID, api);
    }

    public static APIStateChangeResponse changeApiOrApiProductLifecycle(String str, ApiTypeWrapper apiTypeWrapper, String str2, String str3) throws APIManagementException {
        String[] split = str2 != null ? str2.split(",") : new String[0];
        APIProvider loggedInUserProvider = RestApiCommonUtil.getLoggedInUserProvider();
        String[] strArr = (String[]) loggedInUserProvider.getAPILifeCycleData(apiTypeWrapper.getUuid(), str3).get("nextStates");
        if (!ArrayUtils.contains(strArr, str)) {
            throw new APIManagementException("Action '" + str + "' is not allowed. Allowed actions are " + Arrays.toString(strArr), ExceptionCodes.from(ExceptionCodes.UNSUPPORTED_LIFECYCLE_ACTION, new String[]{str}));
        }
        HashMap hashMap = new HashMap();
        for (String str4 : split) {
            String[] split2 = str4.split(":");
            if (split2.length == 2) {
                hashMap.put(split2[0].trim(), Boolean.valueOf(Boolean.parseBoolean(split2[1].trim())));
            }
        }
        return loggedInUserProvider.changeLifeCycleStatus(str3, apiTypeWrapper, str, hashMap);
    }

    public static LifecycleHistoryDTO getLifecycleHistoryDTO(String str, APIProvider aPIProvider) throws APIManagementException {
        return APIMappingUtil.fromLifecycleHistoryModelToDTO(aPIProvider.getLifeCycleEvents(str));
    }

    public static LifecycleStateDTO getLifecycleStateInformation(Identifier identifier, String str) throws APIManagementException {
        APIProvider loggedInUserProvider = RestApiCommonUtil.getLoggedInUserProvider();
        Map aPILifeCycleData = loggedInUserProvider.getAPILifeCycleData(identifier.getUUID(), str);
        if (aPILifeCycleData == null) {
            String str2 = identifier instanceof APIProductIdentifier ? "APIProduct" : "API";
            throw new APIManagementException("Error while getting lifecycle state for " + str2 + " with ID " + identifier, ExceptionCodes.from(ExceptionCodes.LIFECYCLE_STATE_INFORMATION_NOT_FOUND, new String[]{str2, identifier.getUUID()}));
        }
        boolean z = false;
        APIVersionStringComparator aPIVersionStringComparator = new APIVersionStringComparator();
        Iterator it = loggedInUserProvider.getAPIVersions(APIUtil.replaceEmailDomain(identifier.getProviderName()), identifier.getName(), str).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (aPIVersionStringComparator.compare((String) it.next(), identifier.getVersion()) < 0) {
                z = true;
                break;
            }
        }
        return APIMappingUtil.fromLifecycleModelToDTO(aPILifeCycleData, z);
    }

    public static API importAsyncAPIWithDefinition(APIDefinitionValidationResponse aPIDefinitionValidationResponse, Boolean bool, APIDTO apidto, ServiceEntry serviceEntry, String str, APIProvider aPIProvider) throws APIManagementException {
        String jsonContent = aPIDefinitionValidationResponse.getJsonContent();
        String protocol = aPIDefinitionValidationResponse.getProtocol();
        if (bool.booleanValue()) {
            apidto.setType(getAPIType(serviceEntry.getDefinitionType(), protocol));
        }
        if (!"wso2".equals(apidto.getGatewayVendor())) {
            apidto.getPolicies().add("AsyncUnlimited");
            apidto.setAsyncTransportProtocols(AsyncApiParser.getTransportProtocolsForAsyncAPI(jsonContent));
        }
        API prepareToCreateAPIByDTO = prepareToCreateAPIByDTO(apidto, aPIProvider, RestApiCommonUtil.getLoggedInUsername(), str);
        if (bool.booleanValue()) {
            prepareToCreateAPIByDTO.setServiceInfo("key", serviceEntry.getServiceKey());
            prepareToCreateAPIByDTO.setServiceInfo("md5", serviceEntry.getMd5());
            if (!"WEBSUB".equals(protocol.toUpperCase())) {
                prepareToCreateAPIByDTO.setEndpointConfig(constructEndpointConfigForService(serviceEntry.getServiceUrl(), protocol));
            }
        }
        prepareToCreateAPIByDTO.setAsyncApiDefinition(jsonContent);
        prepareToCreateAPIByDTO.setUriTemplates(new AsyncApiParser().getURITemplates(jsonContent, "WS".equals(prepareToCreateAPIByDTO.getType()) || !"wso2".equals(prepareToCreateAPIByDTO.getGatewayVendor())));
        prepareToCreateAPIByDTO.setOrganization(str);
        prepareToCreateAPIByDTO.setAsyncApiDefinition(jsonContent);
        aPIProvider.addAPI(prepareToCreateAPIByDTO);
        return aPIProvider.getAPIbyUUID(prepareToCreateAPIByDTO.getUuid(), str);
    }
}
