package com.atlassian.oai.validator.interaction.request;

import com.atlassian.oai.validator.model.ApiOperation;
import com.atlassian.oai.validator.model.Headers;
import com.atlassian.oai.validator.model.NormalisedPath;
import com.atlassian.oai.validator.model.Request;
import com.atlassian.oai.validator.report.MessageResolver;
import com.atlassian.oai.validator.report.ValidationReport;
import com.atlassian.oai.validator.schema.SchemaValidator;
import com.google.common.base.Joiner;
import com.google.common.net.MediaType;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.parameters.Parameter;
import io.swagger.v3.oas.models.security.SecurityScheme;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.annotation.Nonnull;
import org.apache.commons.lang3.ObjectUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/oai/validator/interaction/request/RequestValidator.class */
public class RequestValidator {
    private static final Logger log = LoggerFactory.getLogger(RequestValidator.class);
    private final MessageResolver messages;
    private final Components components;
    private final ParameterValidator parameterValidator;
    private final SecurityValidator securityValidator;
    private final RequestBodyValidator requestBodyValidator;
    private final List<CustomRequestValidator> customRequestValidators;

    public RequestValidator(SchemaValidator schemaValidator, MessageResolver messageResolver, OpenAPI openAPI, List<CustomRequestValidator> list) {
        this.messages = (MessageResolver) Objects.requireNonNull(messageResolver, "A message resolver is required");
        this.components = (Components) ObjectUtils.defaultIfNull(openAPI.getComponents(), new Components());
        this.customRequestValidators = list;
        this.parameterValidator = new ParameterValidator(schemaValidator, messageResolver);
        this.securityValidator = new SecurityValidator(messageResolver, openAPI);
        this.requestBodyValidator = new RequestBodyValidator(messageResolver, schemaValidator);
    }

    @Nonnull
    public ValidationReport validateRequest(Request request, ApiOperation apiOperation) {
        Objects.requireNonNull(request, "A request is required");
        Objects.requireNonNull(apiOperation, "An API operation is required");
        return this.securityValidator.validateSecurity(request, apiOperation).merge(validateContentType(request, apiOperation)).merge(validateAccepts(request, apiOperation)).merge(validateHeaders(request, apiOperation)).merge(validatePathParameters(apiOperation)).merge(this.requestBodyValidator.validateRequestBody(request, apiOperation.getOperation().getRequestBody())).merge(validateQueryParameters(request, apiOperation)).merge(validateUnexpectedQueryParameters(request, apiOperation)).merge(validateCookieParameters(request, apiOperation)).merge(validateCustom(request, apiOperation)).withAdditionalContext(ValidationReport.MessageContext.create().in(ValidationReport.MessageContext.Location.REQUEST).withApiOperation(apiOperation).withRequestPath(apiOperation.getRequestPath().original()).withRequestMethod(request.getMethod()).build());
    }

    @Nonnull
    private ValidationReport validateContentType(Request request, ApiOperation apiOperation) {
        return validateMediaTypes(request, Headers.CONTENT_TYPE, getConsumes(apiOperation), "validation.request.contentType.invalid", "validation.request.contentType.notAllowed");
    }

    @Nonnull
    private ValidationReport validateAccepts(Request request, ApiOperation apiOperation) {
        return validateMediaTypes(request, Headers.ACCEPT, getProduces(apiOperation), "validation.request.accept.invalid", "validation.request.accept.notAllowed");
    }

    @Nonnull
    private ValidationReport validateMediaTypes(Request request, String str, Collection<String> collection, String str2, String str3) {
        Collection<String> headerValues = request.getHeaderValues(str);
        if (headerValues.isEmpty()) {
            return ValidationReport.empty();
        }
        ArrayList arrayList = new ArrayList();
        for (String str4 : headerValues) {
            try {
                arrayList.add(MediaType.parse(str4));
            } catch (IllegalArgumentException e) {
                return ValidationReport.singleton(this.messages.get(str2, str4));
            }
        }
        if (collection.isEmpty()) {
            return ValidationReport.empty();
        }
        String str5 = "*/*";
        return collection.stream().allMatch((v1) -> {
            return r1.equals(v1);
        }) ? ValidationReport.empty() : (ValidationReport) collection.stream().map(MediaType::parse).filter(mediaType -> {
            return arrayList.stream().anyMatch(mediaType -> {
                return mediaType.withoutParameters().is(mediaType.withoutParameters());
            });
        }).findFirst().map(mediaType2 -> {
            return ValidationReport.empty();
        }).orElse(ValidationReport.singleton(this.messages.get(str3, headerValues, collection)));
    }

    @Nonnull
    private Collection<String> getConsumes(ApiOperation apiOperation) {
        return apiOperation.getOperation().getRequestBody() == null ? Collections.emptyList() : (Collection) ObjectUtils.defaultIfNull(apiOperation.getOperation().getRequestBody().getContent().keySet(), Collections.emptySet());
    }

    @Nonnull
    private Collection<String> getProduces(ApiOperation apiOperation) {
        return (Collection) apiOperation.getOperation().getResponses().values().stream().filter(apiResponse -> {
            return apiResponse.getContent() != null;
        }).flatMap(apiResponse2 -> {
            return apiResponse2.getContent().keySet().stream();
        }).collect(Collectors.toSet());
    }

    @Nonnull
    private ValidationReport validatePathParameters(ApiOperation apiOperation) {
        ValidationReport empty = ValidationReport.empty();
        NormalisedPath requestPath = apiOperation.getRequestPath();
        for (int i = 0; i < apiOperation.getApiPath().numberOfParts(); i++) {
            if (apiOperation.getApiPath().hasParams(i)) {
                empty = empty.merge((ValidationReport) apiOperation.getApiPath().paramValues(i, requestPath.part(i)).entrySet().stream().map(entry -> {
                    return validatePathParameter(apiOperation, (String) entry.getKey(), (Optional) entry.getValue());
                }).reduce(ValidationReport.empty(), (v0, v1) -> {
                    return v0.merge(v1);
                }));
            }
        }
        return empty;
    }

    @Nonnull
    private ValidationReport validatePathParameter(ApiOperation apiOperation, String str, Optional<String> optional) {
        return (ValidationReport) ((List) ObjectUtils.defaultIfNull(apiOperation.getOperation().getParameters(), Collections.emptyList())).stream().filter(RequestValidator::isPathParam).filter(parameter -> {
            return parameter.getName().equalsIgnoreCase(str);
        }).findFirst().map(parameter2 -> {
            return this.parameterValidator.validate((String) optional.orElse(null), parameter2);
        }).orElse(ValidationReport.empty());
    }

    @Nonnull
    private ValidationReport validateQueryParameters(Request request, ApiOperation apiOperation) {
        return (ValidationReport) ((List) ObjectUtils.defaultIfNull(apiOperation.getOperation().getParameters(), Collections.emptyList())).stream().filter(RequestValidator::isQueryParam).map(parameter -> {
            return validateParameter(apiOperation, parameter, request.getQueryParameterValues(parameter.getName()), "validation.request.parameter.query.missing");
        }).reduce(ValidationReport.empty(), (v0, v1) -> {
            return v0.merge(v1);
        });
    }

    @Nonnull
    private ValidationReport validateUnexpectedQueryParameters(Request request, ApiOperation apiOperation) {
        Set set = (Set) Stream.concat(((List) ObjectUtils.defaultIfNull(apiOperation.getOperation().getParameters(), Collections.emptyList())).stream().filter(RequestValidator::isQueryParam).map((v0) -> {
            return v0.getName();
        }), ((Map) ObjectUtils.defaultIfNull(this.components.getSecuritySchemes(), Collections.emptyMap())).values().stream().filter(securityScheme -> {
            return securityScheme.getIn() != null && securityScheme.getIn() == SecurityScheme.In.QUERY;
        }).map((v0) -> {
            return v0.getName();
        })).collect(Collectors.toSet());
        return (ValidationReport) request.getQueryParameters().stream().map(str -> {
            return validateUnexpectedQueryParameter(set, str, apiOperation);
        }).reduce(ValidationReport.empty(), (v0, v1) -> {
            return v0.merge(v1);
        });
    }

    @Nonnull
    private ValidationReport validateUnexpectedQueryParameter(Set<String> set, String str, ApiOperation apiOperation) {
        return set.contains(str) ? ValidationReport.empty() : ValidationReport.singleton(this.messages.get("validation.request.parameter.query.unexpected", str, apiOperation.getApiPath().original())).withAdditionalContext(ValidationReport.MessageContext.create().withApiOperation(apiOperation).withParameter(new Parameter().name(str).in("query")).build());
    }

    @Nonnull
    private ValidationReport validateHeaders(Request request, ApiOperation apiOperation) {
        return (ValidationReport) ((List) ObjectUtils.defaultIfNull(apiOperation.getOperation().getParameters(), Collections.emptyList())).stream().filter(RequestValidator::isHeaderParam).map(parameter -> {
            return validateParameter(apiOperation, parameter, request.getHeaderValues(parameter.getName()), "validation.request.parameter.header.missing");
        }).reduce(ValidationReport.empty(), (v0, v1) -> {
            return v0.merge(v1);
        });
    }

    @Nonnull
    private ValidationReport validateCookieParameters(Request request, ApiOperation apiOperation) {
        Map<String, Collection<String>> cookieParameterValues = getCookieParameterValues(request);
        return (ValidationReport) ((List) ObjectUtils.defaultIfNull(apiOperation.getOperation().getParameters(), Collections.emptyList())).stream().filter(RequestValidator::isCookieParam).map(parameter -> {
            return validateParameter(apiOperation, parameter, (Collection) ObjectUtils.defaultIfNull(cookieParameterValues.get(parameter.getName()), Collections.emptyList()), "validation.request.parameter.cookie.missing");
        }).reduce(ValidationReport.empty(), (v0, v1) -> {
            return v0.merge(v1);
        });
    }

    private Map<String, Collection<String>> getCookieParameterValues(Request request) {
        HashMap hashMap = new HashMap();
        Collection<String> headerValues = request.getHeaderValues("Cookie");
        if (!headerValues.isEmpty()) {
            for (String str : Joiner.on(",").join(headerValues).split("; ")) {
                int indexOf = str.indexOf(61);
                if (indexOf > 0) {
                    String substring = str.substring(0, indexOf);
                    String substring2 = str.substring(indexOf + 1);
                    hashMap.putIfAbsent(substring, new ArrayList());
                    ((Collection) hashMap.get(substring)).add(substring2);
                }
            }
        }
        return hashMap;
    }

    @Nonnull
    private ValidationReport validateParameter(ApiOperation apiOperation, Parameter parameter, Collection<String> collection, String str) {
        return (collection.isEmpty() && Boolean.TRUE.equals(parameter.getRequired())) ? ValidationReport.singleton(this.messages.get(str, parameter.getName(), apiOperation.getApiPath().original())).withAdditionalContext(ValidationReport.MessageContext.create().withParameter(parameter).build()) : (ValidationReport) collection.stream().map(str2 -> {
            return this.parameterValidator.validate(str2, parameter);
        }).reduce(ValidationReport.empty(), (v0, v1) -> {
            return v0.merge(v1);
        });
    }

    @Nonnull
    private ValidationReport validateCustom(Request request, ApiOperation apiOperation) {
        return (ValidationReport) this.customRequestValidators.stream().map(customRequestValidator -> {
            return customRequestValidator.validate(request, apiOperation);
        }).reduce(ValidationReport.empty(), (v0, v1) -> {
            return v0.merge(v1);
        });
    }

    private static boolean isPathParam(Parameter parameter) {
        return isParam(parameter, "path");
    }

    private static boolean isQueryParam(Parameter parameter) {
        return isParam(parameter, "query");
    }

    private static boolean isHeaderParam(Parameter parameter) {
        return isParam(parameter, "header");
    }

    private static boolean isCookieParam(Parameter parameter) {
        return isParam(parameter, "cookie");
    }

    private static boolean isParam(Parameter parameter, String str) {
        return (parameter == null || parameter.getIn() == null || !parameter.getIn().equalsIgnoreCase(str)) ? false : true;
    }
}
