package org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.apache.velocity.VelocityContext;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.API;
import org.wso2.carbon.apimgt.api.model.APIProduct;
import org.wso2.carbon.apimgt.api.model.APIProductResource;
import org.wso2.carbon.apimgt.api.model.EndpointSecurity;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.impl.template.APITemplateException;
import org.wso2.carbon.apimgt.impl.utils.GatewayUtils;
import org.wso2.carbon.apimgt.rest.api.publisher.v1.dto.APIDTO;

/* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/publisher/v1/common/template/SecurityConfigContext.class */
public class SecurityConfigContext extends ConfigContextDecorator {
    private API api;
    private APIProduct apiProduct;
    private JSONObject productionEndpointSecurity;
    private JSONObject sandboxEndpointSecurity;
    private Map<String, APIDTO> associatedAPIMap;

    public SecurityConfigContext(ConfigContext configContext, API api) {
        super(configContext);
        this.api = api;
    }

    public SecurityConfigContext(ConfigContext configContext, APIProduct aPIProduct, Map<String, APIDTO> map) {
        super(configContext);
        this.apiProduct = aPIProduct;
        this.associatedAPIMap = map;
    }

    @Override // org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContextDecorator, org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext
    public void validate() throws APITemplateException, APIManagementException {
        super.validate();
        if (this.api != null) {
            JSONParser jSONParser = new JSONParser();
            String endpointConfig = this.api.getEndpointConfig();
            if (StringUtils.isNotEmpty(endpointConfig)) {
                try {
                    JSONObject jSONObject = (JSONObject) jSONParser.parse(endpointConfig);
                    if (jSONObject.get("endpoint_security") != null) {
                        JSONObject jSONObject2 = (JSONObject) jSONObject.get("endpoint_security");
                        if (jSONObject2.get("production") != null) {
                            this.productionEndpointSecurity = (JSONObject) jSONObject2.get("production");
                        }
                        if (jSONObject2.get("sandbox") != null) {
                            this.sandboxEndpointSecurity = (JSONObject) jSONObject2.get("sandbox");
                        }
                    }
                } catch (ParseException e) {
                    handleException("Unable to pass the endpoint JSON config");
                }
            }
        }
    }

    @Override // org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContextDecorator, org.wso2.carbon.apimgt.rest.api.publisher.v1.common.template.ConfigContext
    public VelocityContext getContext() {
        EndpointSecurityModel retrieveEndpointSecurityModel;
        EndpointSecurityModel retrieveEndpointSecurityModel2;
        VelocityContext context = super.getContext();
        boolean parseBoolean = Boolean.parseBoolean(getApiManagerConfiguration().getFirstProperty("EnableSecureVault"));
        if (this.api != null) {
            HashMap hashMap = new HashMap();
            hashMap.put("production", new EndpointSecurityModel());
            hashMap.put("sandbox", new EndpointSecurityModel());
            if (StringUtils.isNotEmpty(this.api.getEndpointConfig())) {
                if (this.productionEndpointSecurity != null && (retrieveEndpointSecurityModel2 = retrieveEndpointSecurityModel((EndpointSecurityModel) new ObjectMapper().convertValue(this.productionEndpointSecurity, EndpointSecurityModel.class), this.api.getId().getApiName(), this.api.getId().getVersion(), this.api.getUuid(), "production", null)) != null) {
                    hashMap.put("production", retrieveEndpointSecurityModel2);
                }
                if (this.sandboxEndpointSecurity != null && (retrieveEndpointSecurityModel = retrieveEndpointSecurityModel((EndpointSecurityModel) new ObjectMapper().convertValue(this.sandboxEndpointSecurity, EndpointSecurityModel.class), this.api.getId().getApiName(), this.api.getId().getVersion(), this.api.getUuid(), "sandbox", null)) != null) {
                    hashMap.put("sandbox", retrieveEndpointSecurityModel);
                }
            }
            context.put("endpoint_security", hashMap);
        } else if (this.apiProduct != null) {
            HashMap hashMap2 = new HashMap();
            for (APIProductResource aPIProductResource : this.apiProduct.getProductResources()) {
                APIDTO apidto = this.associatedAPIMap.get(aPIProductResource.getApiId());
                String str = this.apiProduct.getId().getName() + "--v" + this.apiProduct.getId().getVersion();
                HashMap hashMap3 = new HashMap();
                for (Map.Entry entry : aPIProductResource.getEndpointSecurityMap().entrySet()) {
                    hashMap3.put(entry.getKey(), retrieveEndpointSecurityModel(new EndpointSecurityModel((EndpointSecurity) entry.getValue()), apidto.getName(), apidto.getVersion(), apidto.getId(), (String) entry.getKey(), str));
                }
                hashMap2.put(aPIProductResource.getApiId(), hashMap3);
            }
            context.put("endpoint_security", hashMap2);
        }
        context.put("isSecureVaultEnabled", Boolean.valueOf(parseBoolean));
        return context;
    }

    protected APIManagerConfiguration getApiManagerConfiguration() {
        return ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
    }

    private EndpointSecurityModel retrieveEndpointSecurityModel(EndpointSecurityModel endpointSecurityModel, String str, String str2, String str3, String str4, String str5) {
        if (endpointSecurityModel == null || !endpointSecurityModel.isEnabled()) {
            return null;
        }
        if ("oauth".equalsIgnoreCase(endpointSecurityModel.getType())) {
            if (StringUtils.isNotEmpty(str5)) {
                endpointSecurityModel.setUniqueIdentifier(str5.concat("--").concat(GatewayUtils.retrieveUniqueIdentifier(str3, str4)));
            } else {
                endpointSecurityModel.setUniqueIdentifier(GatewayUtils.retrieveUniqueIdentifier(str3, str4));
            }
            if (StringUtils.isNotEmpty(str5)) {
                endpointSecurityModel.setClientSecretAlias(str5.concat("--").concat(GatewayUtils.retrieveOauthClientSecretAlias(str, str2, str4)));
            } else {
                endpointSecurityModel.setClientSecretAlias(GatewayUtils.retrieveOauthClientSecretAlias(str, str2, str4));
            }
            if (StringUtils.isNotEmpty(str5)) {
                endpointSecurityModel.setPasswordAlias(str5.concat("--").concat(GatewayUtils.retrieveOAuthPasswordAlias(str, str2, str4)));
            } else {
                endpointSecurityModel.setPasswordAlias(GatewayUtils.retrieveOAuthPasswordAlias(str, str2, str4));
            }
        }
        if (StringUtils.isNotBlank(endpointSecurityModel.getUsername()) && StringUtils.isNotBlank(endpointSecurityModel.getPassword())) {
            endpointSecurityModel.setBase64EncodedPassword(new String(Base64.encodeBase64(endpointSecurityModel.getUsername().concat(":").concat(endpointSecurityModel.getPassword()).getBytes())));
        }
        if (StringUtils.isNotEmpty(str5)) {
            endpointSecurityModel.setAlias(str5.concat("--").concat(GatewayUtils.retrieveBasicAuthAlias(str, str2, str4)));
        } else {
            endpointSecurityModel.setAlias(GatewayUtils.retrieveBasicAuthAlias(str, str2, str4));
        }
        return endpointSecurityModel;
    }
}
