package com.atlassian.connect.spring.internal.lifecycle;

import com.atlassian.connect.spring.AddonInstalledEvent;
import com.atlassian.connect.spring.AddonUninstalledEvent;
import com.atlassian.connect.spring.AtlassianHost;
import com.atlassian.connect.spring.AtlassianHostRepository;
import com.atlassian.connect.spring.AtlassianHostUser;
import com.atlassian.connect.spring.internal.AsynchronousApplicationEventPublisher;
import com.atlassian.connect.spring.internal.AtlassianConnectProperties;
import com.atlassian.connect.spring.internal.descriptor.AddonDescriptorLoader;
import java.lang.reflect.Method;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.function.Supplier;
import javax.validation.Valid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.util.concurrent.ListenableFuture;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.request.async.AsyncRequestTimeoutException;

@RestController
/* loaded from: input_file:com/atlassian/connect/spring/internal/lifecycle/LifecycleController.class */
public class LifecycleController {
    private static final Logger log = LoggerFactory.getLogger(LifecycleController.class);

    @Autowired
    private AtlassianHostRepository hostRepository;

    @Autowired
    private AddonDescriptorLoader addonDescriptorLoader;

    @Autowired
    private AsynchronousApplicationEventPublisher eventPublisher;

    @Autowired
    private TransactionExecutor transactionExecutor;

    @Autowired
    private AtlassianConnectProperties atlassianConnectProperties;

    /* JADX INFO: Access modifiers changed from: private */
    @ResponseStatus(code = HttpStatus.FORBIDDEN)
    /* loaded from: input_file:com/atlassian/connect/spring/internal/lifecycle/LifecycleController$HostForbiddenException.class */
    public static class HostForbiddenException extends RuntimeException {
        private HostForbiddenException() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @ResponseStatus(code = HttpStatus.BAD_REQUEST, reason = "Invalid lifecycle event type")
    /* loaded from: input_file:com/atlassian/connect/spring/internal/lifecycle/LifecycleController$InvalidLifecycleEventTypeException.class */
    public static class InvalidLifecycleEventTypeException extends RuntimeException {
        private InvalidLifecycleEventTypeException() {
        }
    }

    public static Method getInstalledMethod() {
        return getSafeMethod("installed");
    }

    public static Method getUninstalledMethod() {
        return getSafeMethod("uninstalled");
    }

    private static Method getSafeMethod(String str) {
        try {
            return LifecycleController.class.getMethod(str, LifecycleEvent.class, AtlassianHostUser.class);
        } catch (NoSuchMethodException e) {
            throw new IllegalStateException(e);
        }
    }

    public ResponseEntity<Void> installed(@Valid @RequestBody LifecycleEvent lifecycleEvent, @AuthenticationPrincipal AtlassianHostUser atlassianHostUser) {
        Supplier supplier = () -> {
            return installedImpl(lifecycleEvent, atlassianHostUser);
        };
        AtomicBoolean atomicBoolean = new AtomicBoolean(false);
        ListenableFuture executeWithRollbackOption = this.transactionExecutor.executeWithRollbackOption(supplier, atomicBoolean);
        Integer installTimeout = this.atlassianConnectProperties.getInstallTimeout();
        try {
            return (ResponseEntity) executeWithRollbackOption.get(installTimeout.intValue(), TimeUnit.SECONDS);
        } catch (InterruptedException | TimeoutException e) {
            log.warn("Installation request timed out. Attempting to roll back transaction. (Timeout is {} seconds per property {}.)", installTimeout, "atlassian.connect.install-timeout");
            atomicBoolean.set(true);
            AsyncRequestTimeoutException asyncRequestTimeoutException = new AsyncRequestTimeoutException();
            asyncRequestTimeoutException.initCause(e);
            throw asyncRequestTimeoutException;
        } catch (ExecutionException e2) {
            throw new RuntimeException(e2.getCause());
        }
    }

    private ResponseEntity<Void> installedImpl(LifecycleEvent lifecycleEvent, AtlassianHostUser atlassianHostUser) {
        assertExpectedEventType(lifecycleEvent, "installed");
        if (atlassianHostUser != null) {
            assertHostAuthorized(lifecycleEvent, atlassianHostUser);
        } else if (getHostFromLifecycleEvent(lifecycleEvent).isPresent()) {
            log.error("Installation request was not properly authenticated, but we have already installed the add-on for host [clientKey: {}, baseUrl: {}]. Subsequent installation requests must include valid JWT. Returning 401.", lifecycleEvent.clientKey, lifecycleEvent.baseUrl);
            return responseForMissingJwt();
        }
        AtlassianHost atlassianHost = new AtlassianHost();
        atlassianHost.setClientKey(lifecycleEvent.clientKey);
        atlassianHost.setPublicKey(lifecycleEvent.publicKey);
        atlassianHost.setOauthClientId(lifecycleEvent.oauthClientId);
        atlassianHost.setSharedSecret(lifecycleEvent.sharedSecret);
        atlassianHost.setBaseUrl(lifecycleEvent.baseUrl);
        atlassianHost.setProductType(lifecycleEvent.productType);
        atlassianHost.setDescription(lifecycleEvent.description);
        atlassianHost.setServiceEntitlementNumber(lifecycleEvent.serviceEntitlementNumber);
        atlassianHost.setAddonInstalled(true);
        AtlassianHost atlassianHost2 = (AtlassianHost) this.hostRepository.save(atlassianHost);
        log.info("Saved installation for host {} ({})", atlassianHost2.getBaseUrl(), atlassianHost2.getClientKey());
        this.eventPublisher.publishEventAsynchronously(new AddonInstalledEvent(this, atlassianHost2));
        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
    }

    public ResponseEntity<Void> uninstalled(@Valid @RequestBody LifecycleEvent lifecycleEvent, @AuthenticationPrincipal AtlassianHostUser atlassianHostUser) {
        assertExpectedEventType(lifecycleEvent, "uninstalled");
        Optional<AtlassianHost> hostFromLifecycleEvent = getHostFromLifecycleEvent(lifecycleEvent);
        if (atlassianHostUser != null) {
            assertHostAuthorized(lifecycleEvent, atlassianHostUser);
        } else if (hostFromLifecycleEvent.isPresent()) {
            log.error("Uninstallation request was not properly authenticated, but we have already installed the add-on for host [clientKey: {}, baseUrl: {}]. Uninstallation requests must include valid JWT. Returning 401.", lifecycleEvent.clientKey, lifecycleEvent.baseUrl);
            return responseForMissingJwt();
        }
        if (hostFromLifecycleEvent.isPresent()) {
            AtlassianHost atlassianHost = hostFromLifecycleEvent.get();
            atlassianHost.setAddonInstalled(false);
            this.hostRepository.save(atlassianHost);
            log.info("Saved uninstallation for host {} ({})", atlassianHost.getBaseUrl(), atlassianHost.getClientKey());
            this.eventPublisher.publishEventAsynchronously(new AddonUninstalledEvent(this, atlassianHost));
        }
        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
    }

    private Optional<AtlassianHost> getHostFromLifecycleEvent(LifecycleEvent lifecycleEvent) {
        return this.hostRepository.findById(lifecycleEvent.clientKey);
    }

    private void assertExpectedEventType(LifecycleEvent lifecycleEvent, String str) {
        String str2 = lifecycleEvent.eventType;
        if (str.equals(str2)) {
            return;
        }
        log.error(String.format("Received lifecycle callback with unexpected event type %s, expected %s", str2, str));
        throw new InvalidLifecycleEventTypeException();
    }

    private void assertHostAuthorized(LifecycleEvent lifecycleEvent, AtlassianHostUser atlassianHostUser) {
        if (atlassianHostUser.getHost().getClientKey().equals(lifecycleEvent.clientKey)) {
            return;
        }
        log.error("Installation request was authenticated for host " + atlassianHostUser.getHost().getClientKey() + ", but the host in the body of the request is " + lifecycleEvent.clientKey + ". Returning 403.");
        throw new HostForbiddenException();
    }

    private ResponseEntity<Void> responseForMissingJwt() {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("WWW-Authenticate", String.format("JWT realm=\"%s\"", this.addonDescriptorLoader.getDescriptor().getKey()));
        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).headers(httpHeaders).build();
    }
}
