package org.graylog2.migrations;

import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.auto.value.AutoValue;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;
import org.graylog.events.legacy.LegacyAlarmCallbackEventNotificationConfig;
import org.graylog.events.notifications.DBNotificationService;
import org.graylog.events.notifications.EventNotificationConfig;
import org.graylog.events.notifications.NotificationDto;
import org.graylog.events.notifications.types.HTTPEventNotificationConfig;
import org.graylog2.configuration.HttpConfiguration;
import org.graylog2.lookup.adapters.DSVHTTPDataAdapter;
import org.graylog2.lookup.adapters.HTTPJSONPathDataAdapter;
import org.graylog2.lookup.db.DBDataAdapterService;
import org.graylog2.lookup.dto.DataAdapterDto;
import org.graylog2.plugin.cluster.ClusterConfigService;
import org.graylog2.plugin.lookup.LookupDataAdapterConfiguration;
import org.graylog2.system.urlwhitelist.LiteralWhitelistEntry;
import org.graylog2.system.urlwhitelist.RegexWhitelistEntry;
import org.graylog2.system.urlwhitelist.UrlWhitelist;
import org.graylog2.system.urlwhitelist.UrlWhitelistService;
import org.graylog2.system.urlwhitelist.WhitelistEntry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/migrations/V20191129134600_CreateInitialUrlWhitelist.class */
public class V20191129134600_CreateInitialUrlWhitelist extends Migration {
    private static final Logger log = LoggerFactory.getLogger(V20191129134600_CreateInitialUrlWhitelist.class);
    private final ClusterConfigService configService;
    private final UrlWhitelistService whitelistService;
    private final DBDataAdapterService dataAdapterService;
    private final DBNotificationService notificationService;

    @AutoValue
    @JsonAutoDetect
    /* loaded from: input_file:org/graylog2/migrations/V20191129134600_CreateInitialUrlWhitelist$MigrationCompleted.class */
    public static abstract class MigrationCompleted {
        @JsonProperty("created_whitelist")
        public abstract String createdWhitelist();

        @JsonCreator
        public static MigrationCompleted create(@JsonProperty("created_whitelist") String str) {
            return new AutoValue_V20191129134600_CreateInitialUrlWhitelist_MigrationCompleted(str);
        }
    }

    @Inject
    public V20191129134600_CreateInitialUrlWhitelist(ClusterConfigService clusterConfigService, UrlWhitelistService urlWhitelistService, DBDataAdapterService dBDataAdapterService, DBNotificationService dBNotificationService) {
        this.configService = clusterConfigService;
        this.whitelistService = urlWhitelistService;
        this.dataAdapterService = dBDataAdapterService;
        this.notificationService = dBNotificationService;
    }

    @Override // org.graylog2.migrations.Migration
    public ZonedDateTime createdAt() {
        return ZonedDateTime.parse("2019-11-29T13:46:00Z");
    }

    @Override // org.graylog2.migrations.Migration
    public void upgrade() {
        if (((MigrationCompleted) this.configService.get(MigrationCompleted.class)) != null) {
            log.debug("Migration already completed.");
            return;
        }
        UrlWhitelist createWhitelist = createWhitelist();
        this.whitelistService.saveWhitelist(createWhitelist);
        this.configService.write(MigrationCompleted.create(createWhitelist.toString()));
    }

    private UrlWhitelist createWhitelist() {
        HashSet hashSet = new HashSet();
        this.dataAdapterService.findAll().stream().map(this::extractFromDataAdapter).forEach(optional -> {
            Objects.requireNonNull(hashSet);
            optional.ifPresent((v1) -> {
                r1.add(v1);
            });
        });
        Stream<NotificationDto> streamAll = this.notificationService.streamAll();
        Throwable th = null;
        try {
            try {
                streamAll.map(this::extractFromNotification).forEach(optional2 -> {
                    Objects.requireNonNull(hashSet);
                    optional2.ifPresent((v1) -> {
                        r1.add(v1);
                    });
                });
                if (streamAll != null) {
                    if (0 != 0) {
                        try {
                            streamAll.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        streamAll.close();
                    }
                }
                log.info("Created {} whitelist entries from URLs configured in data adapters and event notifications.", Integer.valueOf(hashSet.size()));
                UrlWhitelist createEnabled = UrlWhitelist.createEnabled(new ArrayList(hashSet));
                log.debug("Resulting whitelist: {}.", createEnabled);
                return createEnabled;
            } finally {
            }
        } catch (Throwable th3) {
            if (streamAll != null) {
                if (th != null) {
                    try {
                        streamAll.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    streamAll.close();
                }
            }
            throw th3;
        }
    }

    private Optional<WhitelistEntry> extractFromNotification(NotificationDto notificationDto) {
        EventNotificationConfig config = notificationDto.config();
        String str = HttpConfiguration.PATH_WEB;
        if (config instanceof HTTPEventNotificationConfig) {
            str = ((HTTPEventNotificationConfig) config).url();
        } else if (config instanceof LegacyAlarmCallbackEventNotificationConfig) {
            str = Objects.toString(((LegacyAlarmCallbackEventNotificationConfig) config).configuration().get("url"), HttpConfiguration.PATH_WEB);
        }
        return StringUtils.isNotBlank(str) ? defaultIfNotMatching(LiteralWhitelistEntry.create(UUID.randomUUID().toString(), "\"" + notificationDto.title() + "\" alert notification", str), str) : Optional.empty();
    }

    private Optional<WhitelistEntry> extractFromDataAdapter(DataAdapterDto dataAdapterDto) {
        LookupDataAdapterConfiguration config = dataAdapterDto.config();
        if (config instanceof DSVHTTPDataAdapter.Config) {
            String url = ((DSVHTTPDataAdapter.Config) config).url();
            return defaultIfNotMatching(LiteralWhitelistEntry.create(UUID.randomUUID().toString(), "\"" + dataAdapterDto.title() + "\" data adapter", url), url);
        }
        if (!(config instanceof HTTPJSONPathDataAdapter.Config)) {
            return Optional.empty();
        }
        String strip = StringUtils.strip(((HTTPJSONPathDataAdapter.Config) config).url());
        return defaultIfNotMatching(RegexWhitelistEntry.create(UUID.randomUUID().toString(), "\"" + dataAdapterDto.title() + "\" data adapter", "^" + ((String) Arrays.stream(StringUtils.splitByWholeSeparator(strip, "${key}")).map(str -> {
            return StringUtils.isBlank(str) ? str : Pattern.quote(str);
        }).collect(Collectors.joining(".*?"))) + "$"), strip);
    }

    private Optional<WhitelistEntry> defaultIfNotMatching(WhitelistEntry whitelistEntry, String str) {
        if (whitelistEntry.isWhitelisted(str)) {
            return Optional.of(whitelistEntry);
        }
        log.error("Unable to create matching URL whitelist entry for URL <{}>. Please configure your URL whitelist manually.", str);
        return Optional.empty();
    }
}
