package org.wso2.analytics.apim.dashboards.core.data.provider;

import com.google.gson.JsonElement;
import feign.Response;
import feign.RetryableException;
import feign.gson.GsonDecoder;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.analytics.apim.dashboards.core.bean.TenantIdInfo;
import org.wso2.analytics.apim.dashboards.core.internal.DashboardAuthorizerServiceFactory;
import org.wso2.carbon.analytics.idp.client.core.api.AnalyticsHttpClientBuilderService;
import org.wso2.carbon.config.ConfigurationException;
import org.wso2.carbon.config.provider.ConfigProvider;
import org.wso2.carbon.dashboards.core.DashboardMetadataProvider;
import org.wso2.carbon.dashboards.core.bean.DashboardMetadata;
import org.wso2.carbon.dashboards.core.bean.importer.WidgetType;
import org.wso2.carbon.dashboards.core.bean.widget.WidgetMetaInfo;
import org.wso2.carbon.dashboards.core.exception.DashboardException;
import org.wso2.carbon.dashboards.core.exception.UnauthorizedException;
import org.wso2.carbon.dashboards.core.utils.DashboardUtil;
import org.wso2.carbon.data.provider.DataProviderAuthorizer;
import org.wso2.carbon.data.provider.bean.DataProviderConfigRoot;
import org.wso2.carbon.data.provider.exception.DataProviderException;

@Component(service = {DataProviderAuthorizer.class}, immediate = true)
/* loaded from: input_file:org/wso2/analytics/apim/dashboards/core/data/provider/Authorizer.class */
public class Authorizer implements DataProviderAuthorizer {
    private static final Logger LOGGER = LoggerFactory.getLogger(Authorizer.class);
    private static final String AUTH_CONFIGS_HEADER = "auth.configs";
    private static final String AUTH_CONFIGS_PROPERTIES_HEADER = "properties";
    private static final String ADMIN_SERVICE_BASE_URL_KEY = "adminServiceBaseUrl";
    private static final String ADMIN_USERNAME_KEY = "adminUsername";
    private static final String ADMIN_PASSWORD_KEY = "adminPassword";
    private static final String MAIN_CONFIG = "configs";
    private static final String DATA_PROVIDER_CONFIG = "config";
    private static final String QUERY_DATA = "queryData";
    private static final String QUERY_VALUES = "queryValues";
    private static final String QUERY_NAME = "queryName";
    private static final String QUERY_PROPERTY_NAME = "query";
    private static final String NOT_LIKE_CONTEXT_PATH = "not like '/t/%'";
    private static final String LIKE_CONTEXT_PATH = "like '/t/{{tenantDomain}}/%'";
    private static final String STRING_NOT_CONTAIN_CONTEXT = "NOT(str:contains(CONTEXT,'/t/'))";
    private static final String STRING_CONTAIN_CONTEXT = "(str:contains(CONTEXT,'/t/{{tenantDomain}}'))";
    private static final String CONTEXT_CONDITION_KEY = "{{contextCondition}}";
    private static final String CONTEXT_CONTAINS_CONDITION_KEY = "{{contextContainsCondition}}";
    private static final String TENANT_DOMAIN_KEY = "{{tenantDomain}}";
    private static final String TENANT_ID_KEY = "{{tenantId}}";
    private static final String SUPER_TENANT_DOMAIN = "carbon.super";
    private AnalyticsHttpClientBuilderService clientBuilderService;
    private DashboardMetadataProvider dashboardMetadataProvider;
    private ConfigProvider configProvider;

    @Reference(service = DashboardMetadataProvider.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unsetDashboardMetadataProvider")
    protected void setDashboardMetadataProvider(DashboardMetadataProvider dashboardMetadataProvider) {
        this.dashboardMetadataProvider = dashboardMetadataProvider;
        LOGGER.debug("DashboardMetadataProvider '{}' registered.", dashboardMetadataProvider.getClass().getName());
    }

    protected void unsetDashboardMetadataProvider(DashboardMetadataProvider dashboardMetadataProvider) {
        this.dashboardMetadataProvider = null;
        LOGGER.debug("DashboardMetadataProvider '{}' unregistered.", dashboardMetadataProvider.getClass().getName());
    }

    @Reference(name = "carbon.anaytics.common.clientservice", service = AnalyticsHttpClientBuilderService.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unregisterAnalyticsHttpClient")
    protected void registerAnalyticsHttpClient(AnalyticsHttpClientBuilderService analyticsHttpClientBuilderService) {
        this.clientBuilderService = analyticsHttpClientBuilderService;
        LOGGER.debug("AnalyticsHttpClientBuilderService '{}' registered.", analyticsHttpClientBuilderService.getClass().getName());
    }

    protected void unregisterAnalyticsHttpClient(AnalyticsHttpClientBuilderService analyticsHttpClientBuilderService) {
        this.clientBuilderService = null;
        LOGGER.debug("AnalyticsHttpClientBuilderService '{}' unregistered.", analyticsHttpClientBuilderService.getClass().getName());
    }

    @Reference(service = ConfigProvider.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unsetConfigProvider")
    protected void setConfigProvider(ConfigProvider configProvider) {
        this.configProvider = configProvider;
        LOGGER.debug("ConfigProvider '{}' registered.", configProvider.getClass().getName());
    }

    protected void unsetConfigProvider(ConfigProvider configProvider) {
        this.configProvider = null;
        LOGGER.debug("ConfigProvider '{}' unregistered.", configProvider.getClass().getName());
    }

    public boolean authorize(DataProviderConfigRoot dataProviderConfigRoot) throws DataProviderException {
        if (dataProviderConfigRoot.getAction().equalsIgnoreCase(DataProviderConfigRoot.Types.UNSUBSCRIBE.toString())) {
            return true;
        }
        String dashboardId = dataProviderConfigRoot.getDashboardId();
        String username = dataProviderConfigRoot.getUsername();
        String widgetName = dataProviderConfigRoot.getWidgetName();
        if (dashboardId == null || dashboardId.isEmpty()) {
            LOGGER.error("Dashboard Id in the Data Provider Config cannot be empty.");
            throw new DataProviderException("Dashboard Id in the Data Provider Config cannot be empty.");
        }
        if (username == null || username.isEmpty()) {
            LOGGER.error("Username in the Data Provider Config cannot be empty.");
            throw new DataProviderException("Username in the Data Provider Config cannot be empty.");
        }
        if (widgetName == null || widgetName.isEmpty()) {
            LOGGER.error("Widget Name in the Data Provider Config cannot be empty.");
            throw new DataProviderException("Widget Name in the Data Provider Config cannot be empty.");
        }
        try {
            Optional dashboardByUser = this.dashboardMetadataProvider.getDashboardByUser(username, dashboardId, (String) null);
            if (!dashboardByUser.isPresent()) {
                return false;
            }
            Map findWidgets = DashboardUtil.findWidgets(((DashboardMetadata) dashboardByUser.get()).getContent());
            boolean z = false;
            Iterator it = ((Set) findWidgets.get(WidgetType.CUSTOM)).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (((String) it.next()).equalsIgnoreCase(widgetName)) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                Iterator it2 = ((Set) findWidgets.get(WidgetType.GENERATED)).iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    if (((String) it2.next()).equalsIgnoreCase(widgetName)) {
                        z = true;
                        break;
                    }
                }
            }
            if (!z) {
                return false;
            }
            try {
                Optional widgetConfiguration = this.dashboardMetadataProvider.getWidgetMetadataProvider().getWidgetConfiguration(widgetName);
                if (!widgetConfiguration.isPresent()) {
                    LOGGER.error("Widget configuration cannot be found.");
                    throw new DataProviderException("Widget configuration cannot be found.");
                }
                assembleQuery(username, dataProviderConfigRoot, ((WidgetMetaInfo) widgetConfiguration.get()).getConfigs().getProviderConfig());
                LOGGER.debug("Authorized via the '{}' class.", getClass().getName());
                return true;
            } catch (DashboardException e) {
                LOGGER.error(e.getMessage(), e);
                throw new DataProviderException(e.getMessage(), e);
            }
        } catch (UnauthorizedException e2) {
            return false;
        } catch (DashboardException e3) {
            String message = e3.getMessage();
            LOGGER.error(message, e3);
            throw new DataProviderException(message, e3);
        }
    }

    private void assembleQuery(String str, DataProviderConfigRoot dataProviderConfigRoot, JsonElement jsonElement) throws DataProviderException {
        CharSequence charSequence;
        CharSequence charSequence2;
        JsonElement jsonElement2 = null;
        String[] split = str.split("@");
        String str2 = split[split.length - 1];
        if (jsonElement.getAsJsonObject().get(MAIN_CONFIG) == null || jsonElement.getAsJsonObject().get(MAIN_CONFIG).getAsJsonObject().get(DATA_PROVIDER_CONFIG) == null || jsonElement.getAsJsonObject().get(MAIN_CONFIG).getAsJsonObject().get(DATA_PROVIDER_CONFIG).getAsJsonObject().get(QUERY_DATA) == null) {
            LOGGER.error("Cannot find the query data in the widget configuration.");
            throw new DataProviderException("Cannot find the query data in the widget configuration.");
        }
        JsonElement jsonElement3 = jsonElement.getAsJsonObject().get(MAIN_CONFIG).getAsJsonObject().get(DATA_PROVIDER_CONFIG).getAsJsonObject().get(QUERY_DATA);
        if (dataProviderConfigRoot.getDataProviderConfiguration() == null || dataProviderConfigRoot.getDataProviderConfiguration().getAsJsonObject().get(QUERY_DATA) == null || dataProviderConfigRoot.getDataProviderConfiguration().getAsJsonObject().get(QUERY_DATA).getAsJsonObject().get(QUERY_NAME) == null) {
            LOGGER.error("Query Name cannot be found in the data provider configuration root.");
            throw new DataProviderException("Query Name cannot be found in the data provider configuration root.");
        }
        String asString = dataProviderConfigRoot.getDataProviderConfiguration().getAsJsonObject().get(QUERY_DATA).getAsJsonObject().get(QUERY_NAME).getAsString();
        if (asString == null || asString.isEmpty() || jsonElement3.getAsJsonObject().get(asString) == null) {
            LOGGER.error("Cannot find the query in the widget configuration.");
            throw new DataProviderException("Cannot find the query in the widget configuration.");
        }
        String asString2 = jsonElement3.getAsJsonObject().get(asString).getAsString();
        if (dataProviderConfigRoot.getDataProviderConfiguration() != null && dataProviderConfigRoot.getDataProviderConfiguration().getAsJsonObject().get(QUERY_DATA) != null && dataProviderConfigRoot.getDataProviderConfiguration().getAsJsonObject().get(QUERY_DATA).getAsJsonObject().get(QUERY_VALUES) != null) {
            jsonElement2 = dataProviderConfigRoot.getDataProviderConfiguration().getAsJsonObject().get(QUERY_DATA).getAsJsonObject().get(QUERY_VALUES);
        }
        if (jsonElement2 != null) {
            for (String str3 : jsonElement2.getAsJsonObject().keySet()) {
                String asString3 = jsonElement2.getAsJsonObject().get(str3).getAsString();
                if (asString3 == null) {
                    String str4 = "Cannot find the replaceable value for " + str3 + ".";
                    LOGGER.error(str4);
                    throw new DataProviderException(str4);
                }
                asString2 = asString2.replace(str3, asString3);
            }
        }
        if (str2 != null && !str2.isEmpty()) {
            if (str2.equalsIgnoreCase(SUPER_TENANT_DOMAIN)) {
                charSequence = NOT_LIKE_CONTEXT_PATH;
                charSequence2 = STRING_NOT_CONTAIN_CONTEXT;
            } else {
                charSequence = LIKE_CONTEXT_PATH;
                charSequence2 = STRING_CONTAIN_CONTEXT;
            }
            asString2 = asString2.replace(CONTEXT_CONDITION_KEY, charSequence).replace(CONTEXT_CONTAINS_CONDITION_KEY, charSequence2).replace(TENANT_DOMAIN_KEY, str2).replace(TENANT_ID_KEY, getTenantId(str));
        }
        ((JsonElement) Objects.requireNonNull(dataProviderConfigRoot.getDataProviderConfiguration())).getAsJsonObject().get(QUERY_DATA).getAsJsonObject().addProperty(QUERY_PROPERTY_NAME, asString2);
    }

    private String getTenantId(String str) throws DataProviderException {
        try {
            Map map = (Map) this.configProvider.getConfigurationObject(AUTH_CONFIGS_HEADER);
            if (map == null) {
                LOGGER.error("Cannot find auth.configs in the deployment.yaml file.");
                throw new DataProviderException("Cannot find auth.configs in the deployment.yaml file.");
            }
            if (!map.containsKey(AUTH_CONFIGS_PROPERTIES_HEADER)) {
                LOGGER.error("Cannot find properties header under the auth.configs in the deployment.yaml file.");
                throw new DataProviderException("Cannot find properties header under the auth.configs in the deployment.yaml file.");
            }
            Map map2 = (Map) map.get(AUTH_CONFIGS_PROPERTIES_HEADER);
            if (map2 == null) {
                LOGGER.error("properties header under auth.configs in the deployment.yaml file cannot be empty");
                throw new DataProviderException("properties header under auth.configs in the deployment.yaml file cannot be empty");
            }
            String propertyValueFromParentMap = getPropertyValueFromParentMap(map2, ADMIN_SERVICE_BASE_URL_KEY);
            try {
                Response tenantId = DashboardAuthorizerServiceFactory.getAuthorizerHttpsClient(this.clientBuilderService, propertyValueFromParentMap + "/api/am/admin/v0.16/tenant-info", getPropertyValueFromParentMap(map2, ADMIN_USERNAME_KEY), getPropertyValueFromParentMap(map2, ADMIN_PASSWORD_KEY)).getTenantId(Base64.getEncoder().encodeToString(str.getBytes(StandardCharsets.UTF_8)));
                if (tenantId == null) {
                    LOGGER.error("Response returned from the admin rest api is null.");
                    throw new DataProviderException("Response returned from the admin rest api is null.");
                }
                if (tenantId.status() == 200) {
                    String num = ((TenantIdInfo) new GsonDecoder().decode(tenantId, TenantIdInfo.class)).getTenantId().toString();
                    if (!num.isEmpty()) {
                        return num;
                    }
                    LOGGER.error("Tenant Id cannot be found.");
                    throw new DataProviderException("Tenant Id cannot be found.");
                }
                if (tenantId.status() == 401) {
                    String str2 = "Unauthorized to get response from admin rest api. Status Code: " + tenantId.status();
                    LOGGER.error(str2);
                    throw new DataProviderException(str2);
                }
                String str3 = "Unknown Error occurred while getting response from admin rest api. Status Code: " + tenantId.status();
                LOGGER.error(str3);
                throw new DataProviderException(str3);
            } catch (IOException e) {
                LOGGER.error("Error occurred while parsing the admin rest api response.", e);
                throw new DataProviderException("Error occurred while parsing the admin rest api response.", e);
            } catch (RetryableException e2) {
                LOGGER.error("Unable to reach the admin rest api.", e2);
                throw new DataProviderException("Unable to reach the admin rest api.", e2);
            }
        } catch (ConfigurationException e3) {
            LOGGER.error("Error occurred while getting the auth.configs configuration from deployment.yaml file.");
            throw new DataProviderException("Error occurred while getting the auth.configs configuration from deployment.yaml file.");
        }
    }

    private String getPropertyValueFromParentMap(Map map, String str) throws DataProviderException {
        if (!map.containsKey(str)) {
            String str2 = "Cannot find property " + str + " under " + AUTH_CONFIGS_HEADER + " in the deployment.yaml file.";
            LOGGER.error(str2);
            throw new DataProviderException(str2);
        }
        String str3 = (String) map.get(str);
        if (str3 != null && !str3.isEmpty()) {
            return str3;
        }
        String str4 = "Value of the property '" + str + "' cannot be empty. Please define the value for the property under " + AUTH_CONFIGS_HEADER + " in the deployment.yaml file.";
        LOGGER.error(str4);
        throw new DataProviderException(str4);
    }
}
