package org.wso2.choreo.connect.enforcer.api;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.wso2.choreo.connect.discovery.api.Api;
import org.wso2.choreo.connect.discovery.api.Certificate;
import org.wso2.choreo.connect.discovery.api.MockedContentConfig;
import org.wso2.choreo.connect.discovery.api.MockedContentExample;
import org.wso2.choreo.connect.discovery.api.MockedHeaderConfig;
import org.wso2.choreo.connect.discovery.api.MockedResponseConfig;
import org.wso2.choreo.connect.discovery.api.Operation;
import org.wso2.choreo.connect.discovery.api.Resource;
import org.wso2.choreo.connect.discovery.api.Scopes;
import org.wso2.choreo.connect.discovery.api.SecurityList;
import org.wso2.choreo.connect.discovery.api.SecurityScheme;
import org.wso2.choreo.connect.enforcer.analytics.AnalyticsFilter;
import org.wso2.choreo.connect.enforcer.commons.Filter;
import org.wso2.choreo.connect.enforcer.commons.model.APIConfig;
import org.wso2.choreo.connect.enforcer.commons.model.EndpointCluster;
import org.wso2.choreo.connect.enforcer.commons.model.EndpointSecurity;
import org.wso2.choreo.connect.enforcer.commons.model.MockedApiConfig;
import org.wso2.choreo.connect.enforcer.commons.model.MockedContentExamples;
import org.wso2.choreo.connect.enforcer.commons.model.RequestContext;
import org.wso2.choreo.connect.enforcer.commons.model.ResourceConfig;
import org.wso2.choreo.connect.enforcer.commons.model.SecuritySchemaConfig;
import org.wso2.choreo.connect.enforcer.config.ConfigHolder;
import org.wso2.choreo.connect.enforcer.config.dto.FilterDTO;
import org.wso2.choreo.connect.enforcer.config.dto.MutualSSLDto;
import org.wso2.choreo.connect.enforcer.constants.APIConstants;
import org.wso2.choreo.connect.enforcer.constants.HttpConstants;
import org.wso2.choreo.connect.enforcer.cors.CorsFilter;
import org.wso2.choreo.connect.enforcer.interceptor.MediationPolicyFilter;
import org.wso2.choreo.connect.enforcer.security.AuthFilter;
import org.wso2.choreo.connect.enforcer.security.mtls.MtlsUtils;
import org.wso2.choreo.connect.enforcer.throttle.ThrottleFilter;
import org.wso2.choreo.connect.enforcer.util.FilterUtils;
import org.wso2.choreo.connect.enforcer.util.MockImplUtils;

/* loaded from: input_file:org/wso2/choreo/connect/enforcer/api/RestAPI.class */
public class RestAPI implements API {
    private static final Logger logger = LogManager.getLogger(RestAPI.class);
    private final List<Filter> filters = new ArrayList();
    private APIConfig apiConfig;
    private String apiLifeCycleState;

    @Override // org.wso2.choreo.connect.enforcer.api.API
    public List<Filter> getFilters() {
        return this.filters;
    }

    @Override // org.wso2.choreo.connect.enforcer.api.API
    public String init(Api api) {
        String vhost = api.getVhost();
        String basePath = api.getBasePath();
        String title = api.getTitle();
        String version = api.getVersion();
        String apiType = api.getApiType();
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        ArrayList arrayList = new ArrayList();
        EndpointSecurity endpointSecurity = new EndpointSecurity();
        HashMap hashMap4 = new HashMap();
        String mutualSSL = api.getMutualSSL();
        boolean applicationSecurity = api.getApplicationSecurity();
        EndpointCluster processEndpoints = Utils.processEndpoints(api.getProductionEndpoints());
        EndpointCluster processEndpoints2 = Utils.processEndpoints(api.getSandboxEndpoints());
        if (processEndpoints != null) {
            hashMap.put(APIConstants.API_KEY_TYPE_PRODUCTION, processEndpoints);
        }
        if (processEndpoints2 != null) {
            hashMap.put(APIConstants.API_KEY_TYPE_SANDBOX, processEndpoints2);
        }
        for (SecurityScheme securityScheme : api.getSecuritySchemeList()) {
            if (securityScheme.getType() != null) {
                String definitionName = securityScheme.getDefinitionName();
                SecuritySchemaConfig securitySchemaConfig = new SecuritySchemaConfig();
                securitySchemaConfig.setDefinitionName(definitionName);
                securitySchemaConfig.setType(securityScheme.getType());
                securitySchemaConfig.setName(securityScheme.getName());
                securitySchemaConfig.setIn(securityScheme.getIn());
                hashMap2.put(definitionName, securitySchemaConfig);
            }
        }
        Iterator<SecurityList> it = api.getSecurityList().iterator();
        while (it.hasNext()) {
            Iterator<Map.Entry<String, Scopes>> it2 = it.next().getScopeListMap().entrySet().iterator();
            if (it2.hasNext()) {
                Map.Entry<String, Scopes> next = it2.next();
                hashMap3.put(next.getKey(), new ArrayList());
                if (next.getValue() != null && next.getValue().mo820getScopesList().size() > 0) {
                    hashMap3.replace(next.getKey(), new ArrayList((Collection) next.getValue().mo820getScopesList()));
                }
            }
        }
        for (Resource resource : api.getResourcesList()) {
            HashMap hashMap5 = new HashMap();
            EndpointCluster processEndpoints3 = Utils.processEndpoints(resource.getProductionEndpoints());
            EndpointCluster processEndpoints4 = Utils.processEndpoints(resource.getSandboxEndpoints());
            if (processEndpoints3 != null) {
                hashMap5.put(APIConstants.API_KEY_TYPE_PRODUCTION, processEndpoints3);
            }
            if (processEndpoints4 != null) {
                hashMap5.put(APIConstants.API_KEY_TYPE_SANDBOX, processEndpoints4);
            }
            for (Operation operation : resource.getMethodsList()) {
                ResourceConfig buildResource = Utils.buildResource(operation, resource.getPath(), hashMap3);
                buildResource.setPolicyConfig(Utils.genPolicyConfig(operation.getPolicies()));
                buildResource.setEndpoints(hashMap5);
                buildResource.setMockApiConfig(getMockedApiOperationConfig(operation.getMockedApiConfig(), operation.getMethod()));
                arrayList.add(buildResource);
            }
        }
        if (api.getEndpointSecurity().hasProductionSecurityInfo()) {
            endpointSecurity.setProductionSecurityInfo(APIProcessUtils.convertProtoEndpointSecurity(api.getEndpointSecurity().getProductionSecurityInfo()));
        }
        if (api.getEndpointSecurity().hasSandBoxSecurityInfo()) {
            endpointSecurity.setSandBoxSecurityInfo(APIProcessUtils.convertProtoEndpointSecurity(api.getEndpointSecurity().getSandBoxSecurityInfo()));
        }
        try {
            KeyStore createTrustStore = MtlsUtils.createTrustStore(api.getClientCertificatesList());
            for (Certificate certificate : api.getClientCertificatesList()) {
                hashMap4.put(certificate.getAlias(), certificate.getTier());
            }
            this.apiLifeCycleState = api.getApiLifeCycleState();
            this.apiConfig = new APIConfig.Builder(title).uuid(api.getId()).vhost(vhost).basePath(basePath).version(version).resources(arrayList).apiType(apiType).apiLifeCycleState(this.apiLifeCycleState).tier(api.getTier()).apiSecurity(hashMap3).securitySchemeDefinitions(hashMap2).disableSecurity(api.getDisableSecurity()).authHeader(api.getAuthorizationHeader()).endpoints(hashMap).endpointSecurity(endpointSecurity).mockedApi(api.getIsMockedApi()).trustStore(createTrustStore).organizationId(api.getOrganizationId()).mtlsCertificateTiers(hashMap4).mutualSSL(mutualSSL).applicationSecurity(applicationSecurity).build();
            initFilters();
            return basePath;
        } catch (KeyStoreException e) {
            throw new SecurityException(e);
        }
    }

    @Override // org.wso2.choreo.connect.enforcer.api.API
    public ResponseObject process(RequestContext requestContext) {
        ResponseObject responseObject = new ResponseObject(requestContext.getRequestID());
        responseObject.setRequestPath(requestContext.getRequestPath());
        boolean isEnabled = ConfigHolder.getInstance().getConfig().getAnalyticsConfig().isEnabled();
        populateRemoveAndProtectedHeaders(requestContext);
        boolean z = requestContext.getMatchedResourcePaths() != null && requestContext.getMatchedResourcePaths().size() > 0;
        boolean contains = requestContext.getRequestMethod().contains(HttpConstants.OPTIONS);
        if (!z && !contains) {
            requestContext.getProperties().put(APIConstants.MessageFormat.STATUS_CODE, Integer.valueOf(APIConstants.StatusCodes.NOTFOUND.getCode()));
            requestContext.getProperties().put("code", APIConstants.StatusCodes.NOTFOUND.getValue());
            requestContext.getProperties().put(APIConstants.MessageFormat.ERROR_MESSAGE, APIConstants.NOT_FOUND_MESSAGE);
            requestContext.getProperties().put(APIConstants.MessageFormat.ERROR_DESCRIPTION, APIConstants.NOT_FOUND_DESCRIPTION);
        }
        if ((z || contains) && executeFilterChain(requestContext)) {
            responseObject.setRemoveHeaderMap(requestContext.getRemoveHeaders());
            responseObject.setQueryParamsToRemove(requestContext.getQueryParamsToRemove());
            responseObject.setRemoveAllQueryParams(requestContext.isRemoveAllQueryParams());
            responseObject.setQueryParamsToAdd(requestContext.getQueryParamsToAdd());
            responseObject.setQueryParamMap(requestContext.getQueryParameters());
            responseObject.setStatusCode(APIConstants.StatusCodes.OK.getCode());
            if (requestContext.getAddHeaders() != null && requestContext.getAddHeaders().size() > 0) {
                responseObject.setHeaderMap(requestContext.getAddHeaders());
            }
            if (isEnabled) {
                AnalyticsFilter.getInstance().handleSuccessRequest(requestContext);
            }
            responseObject.setMetaDataMap(requestContext.getMetadataMap());
            if (requestContext.getMatchedAPI().isMockedApi()) {
                MockImplUtils.processMockedApiCall(requestContext, responseObject);
                return responseObject;
            }
        } else {
            responseObject.setDirectResponse(true);
            responseObject.setStatusCode(Integer.parseInt(requestContext.getProperties().get(APIConstants.MessageFormat.STATUS_CODE).toString()));
            if (requestContext.getProperties().get("code") != null) {
                responseObject.setErrorCode(requestContext.getProperties().get("code").toString());
            }
            if (requestContext.getProperties().get(APIConstants.MessageFormat.ERROR_MESSAGE) != null) {
                responseObject.setErrorMessage(requestContext.getProperties().get(APIConstants.MessageFormat.ERROR_MESSAGE).toString());
            }
            if (requestContext.getProperties().get(APIConstants.MessageFormat.ERROR_DESCRIPTION) != null) {
                responseObject.setErrorDescription(requestContext.getProperties().get(APIConstants.MessageFormat.ERROR_DESCRIPTION).toString());
            }
            if (requestContext.getAddHeaders() != null && requestContext.getAddHeaders().size() > 0) {
                responseObject.setHeaderMap(requestContext.getAddHeaders());
            }
            if (isEnabled && !FilterUtils.isSkippedAnalyticsFaultEvent(responseObject.getErrorCode())) {
                AnalyticsFilter.getInstance().handleFailureRequest(requestContext);
                responseObject.setMetaDataMap(new HashMap(0));
            }
        }
        return responseObject;
    }

    @Override // org.wso2.choreo.connect.enforcer.api.API
    public APIConfig getAPIConfig() {
        return this.apiConfig;
    }

    private MockedApiConfig getMockedApiOperationConfig(org.wso2.choreo.connect.discovery.api.MockedApiConfig mockedApiConfig, String str) {
        MockedApiConfig mockedApiConfig2 = new MockedApiConfig();
        HashMap hashMap = new HashMap();
        for (MockedResponseConfig mockedResponseConfig : mockedApiConfig.getResponsesList()) {
            org.wso2.choreo.connect.enforcer.commons.model.MockedResponseConfig mockedResponseConfig2 = new org.wso2.choreo.connect.enforcer.commons.model.MockedResponseConfig();
            ArrayList arrayList = new ArrayList();
            for (MockedHeaderConfig mockedHeaderConfig : mockedResponseConfig.getHeadersList()) {
                org.wso2.choreo.connect.enforcer.commons.model.MockedHeaderConfig mockedHeaderConfig2 = new org.wso2.choreo.connect.enforcer.commons.model.MockedHeaderConfig();
                mockedHeaderConfig2.setName(mockedHeaderConfig.getName());
                mockedHeaderConfig2.setValue(mockedHeaderConfig.getValue());
                arrayList.add(mockedHeaderConfig2);
            }
            mockedResponseConfig2.setHeaders(arrayList);
            HashMap hashMap2 = new HashMap();
            for (MockedContentConfig mockedContentConfig : mockedResponseConfig.getContentList()) {
                MockedContentExamples mockedContentExamples = new MockedContentExamples();
                HashMap hashMap3 = new HashMap();
                for (MockedContentExample mockedContentExample : mockedContentConfig.getExamplesList()) {
                    hashMap3.put(mockedContentExample.getRef(), mockedContentExample.getBody());
                }
                mockedContentExamples.setExampleMap(hashMap3);
                hashMap2.put(mockedContentConfig.getContentType(), mockedContentExamples);
            }
            mockedResponseConfig2.setContentMap(hashMap2);
            hashMap.put(mockedResponseConfig.getCode(), mockedResponseConfig2);
        }
        mockedApiConfig2.setResponses(hashMap);
        logger.debug("Mock API config processed successfully for the " + str + " operation.");
        return mockedApiConfig2;
    }

    private void initFilters() {
        AuthFilter authFilter = new AuthFilter();
        authFilter.init(this.apiConfig, null);
        this.filters.add(authFilter);
        ThrottleFilter throttleFilter = new ThrottleFilter();
        throttleFilter.init(this.apiConfig, null);
        this.filters.add(throttleFilter);
        loadCustomFilters(this.apiConfig);
        this.filters.add(0, new CorsFilter());
        this.filters.add(new MediationPolicyFilter());
    }

    private void loadCustomFilters(APIConfig aPIConfig) {
        FilterDTO[] customFilters = ConfigHolder.getInstance().getConfig().getCustomFilters();
        Arrays.sort(customFilters, Comparator.comparing((v0) -> {
            return v0.getPosition();
        }));
        HashMap hashMap = new HashMap(customFilters.length);
        Iterator it = ServiceLoader.load(Filter.class).iterator();
        while (it.hasNext()) {
            Filter filter = (Filter) it.next();
            hashMap.put(filter.getClass().getName(), filter);
        }
        for (FilterDTO filterDTO : customFilters) {
            if (!hashMap.containsKey(filterDTO.getClassName())) {
                logger.error("No Filter Implementation is found in the classPath under the provided name : " + filterDTO.getClassName());
            } else if (filterDTO.getPosition() <= 0 || filterDTO.getPosition() - 1 > this.filters.size()) {
                logger.error("Position provided for the filter is invalid. " + filterDTO.getClassName() + " : " + filterDTO.getPosition() + "(Filters list size is " + this.filters.size() + ")");
            } else {
                Filter filter2 = (Filter) hashMap.get(filterDTO.getClassName());
                filter2.init(aPIConfig, filterDTO.getConfigProperties());
                this.filters.add(filterDTO.getPosition() - 1, filter2);
            }
        }
    }

    private void populateRemoveAndProtectedHeaders(RequestContext requestContext) {
        if (requestContext.getMatchedResourcePaths() == null || requestContext.getMatchedResourcePaths().size() <= 0 || !((ResourceConfig) requestContext.getMatchedResourcePaths().get(0)).isDisableSecurity()) {
            Iterator it = requestContext.getMatchedAPI().getSecuritySchemeDefinitions().entrySet().iterator();
            while (it.hasNext()) {
                SecuritySchemaConfig securitySchemaConfig = (SecuritySchemaConfig) ((Map.Entry) it.next()).getValue();
                if ("apiKey".equalsIgnoreCase(securitySchemaConfig.getType())) {
                    if (APIConstants.SWAGGER_API_KEY_IN_HEADER.equals(securitySchemaConfig.getIn())) {
                        String lowerCase = StringUtils.lowerCase(securitySchemaConfig.getName());
                        requestContext.getProtectedHeaders().add(lowerCase);
                        requestContext.getRemoveHeaders().add(lowerCase);
                    } else if (APIConstants.SWAGGER_API_KEY_IN_QUERY.equals(securitySchemaConfig.getIn())) {
                        requestContext.getQueryParamsToRemove().add(securitySchemaConfig.getName());
                    }
                }
            }
            Utils.removeCommonAuthHeaders(requestContext);
            MutualSSLDto mtlsInfo = ConfigHolder.getInstance().getConfig().getMtlsInfo();
            String certificateHeaderName = FilterUtils.getCertificateHeaderName();
            if (!mtlsInfo.isEnableOutboundCertificateHeader()) {
                requestContext.getRemoveHeaders().add(certificateHeaderName);
            }
            requestContext.getProtectedHeaders().add(certificateHeaderName);
        }
    }
}
