package org.wso2.carbon.device.mgt.jaxrs.service.impl.admin;

import java.io.File;
import java.io.FileInputStream;
import java.io.FilenameFilter;
import java.io.IOException;
import java.nio.file.Files;
import java.rmi.RemoteException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.activation.DataHandler;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.Response;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.Stub;
import org.apache.axis2.java.security.SSLProtocolSocketFactory;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.validator.messageinterpolation.ValueFormatterMessageInterpolator;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
import org.wso2.carbon.application.mgt.stub.upload.CarbonAppUploaderStub;
import org.wso2.carbon.application.mgt.stub.upload.types.carbon.UploadedFileItem;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.util.Utils;
import org.wso2.carbon.device.mgt.jaxrs.service.api.admin.DeviceAnalyticsArtifactUploaderAdminService;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.event.receiver.stub.EventReceiverAdminServiceStub;
import org.wso2.carbon.event.stream.stub.EventStreamAdminServiceStub;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.CarbonUtils;

@Path("/admin/publish-artifact")
/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceAnalyticsArtifactUploaderAdminServiceImpl.class */
public class DeviceAnalyticsArtifactUploaderAdminServiceImpl implements DeviceAnalyticsArtifactUploaderAdminService {
    private static final String AUTHORIZATION_HEADER = "Authorization";
    private static final String AUTHORIZATION_HEADER_VALUE = "Bearer";
    private static final String KEY_STORE_TYPE = "JKS";
    private static final String TRUST_STORE_TYPE = "JKS";
    private static final String KEY_MANAGER_TYPE = "SunX509";
    private static final String TRUST_MANAGER_TYPE = "SunX509";
    private static final String SSLV3 = "SSLv3";
    private KeyStore keyStore;
    private KeyStore trustStore;
    private char[] keyStorePassword;
    private SSLContext sslContext;
    private String tenantDomain;
    private static final String DEFAULT_RESOURCE_LOCATION = "/resources/devicetypes";
    private static final String DAS_PORT = "${iot.analytics.https.port}";
    private static final String DAS_HOST_NAME = "${iot.analytics.host}";
    private static final String DEFAULT_HTTP_PROTOCOL = "https";
    private static final String IOT_MGT_PORT = "${iot.manager.https.port}";
    private static final String IOT_MGT_HOST_NAME = "${iot.manager.host}";
    private static final String DAS_URL = "https://${iot.analytics.host}:${iot.analytics.https.port}/services/CarbonAppUploader/";
    private static final String DAS_EVENT_RECEIVER_EP = "https://${iot.analytics.host}:${iot.analytics.https.port}/services/EventReceiverAdminService/";
    private static final String DAS_EVENT_STREAM_EP = "https://${iot.analytics.host}:${iot.analytics.https.port}/services/EventStreamAdminService/";
    private static final String IOT_MGT_URL = "https://${iot.manager.host}:${iot.manager.https.port}/services/CarbonAppUploader/";
    private static final String MEDIA_TYPE_XML = "application/xml";
    private static final String DEVICE_MANAGEMENT_TYPE = "device_management";
    private static final String TENANT_DOMAIN_PROPERTY = "\\$\\{tenant-domain\\}";
    private static final Log log = LogFactory.getLog(DeviceAnalyticsArtifactUploaderAdminServiceImpl.class);
    private static final String CAR_FILE_LOCATION = CarbonUtils.getCarbonHome() + File.separator + "repository" + File.separator + "resources" + File.separator + "devicetypes";

    @Override // org.wso2.carbon.device.mgt.jaxrs.service.api.admin.DeviceAnalyticsArtifactUploaderAdminService
    @POST
    @Path("/deploy/{type}")
    public Response doPublish(@PathParam("type") String str) {
        try {
            try {
                this.tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
                String str2 = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername() + "@" + this.tenantDomain;
                String firstProperty = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Password");
                String firstProperty2 = ServerConfiguration.getInstance().getFirstProperty("Security.TrustStore.Password");
                String firstProperty3 = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Location");
                String firstProperty4 = ServerConfiguration.getInstance().getFirstProperty("Security.TrustStore.Location");
                loadKeyStore(firstProperty3, firstProperty);
                loadTrustStore(firstProperty4, firstProperty2);
                initSSLConnection();
                String str3 = "Bearer " + new String(Base64.encodeBase64(DeviceMgtAPIUtils.getJWTClientManagerService().getJWTClient().getJwtToken(str2).getBytes()));
                ArrayList arrayList = new ArrayList();
                Header header = new Header();
                header.setName("Authorization");
                header.setValue(str3);
                arrayList.add(header);
                List<String> streamsList = getStreamsList(str);
                List<String> receiversList = getReceiversList(str);
                if (!this.tenantDomain.equals("carbon.super")) {
                    if (streamsList != null) {
                        publishDynamicEventStream(str, "carbon.super", streamsList);
                    }
                    if (receiversList != null) {
                        publishDynamicEventReceivers(str, "carbon.super", receiversList);
                    }
                }
                if (streamsList != null) {
                    publishDynamicEventStream(str, this.tenantDomain, streamsList);
                }
                if (deployAnalyticsCapp(str, arrayList)) {
                    return Response.status(Response.Status.BAD_REQUEST).entity("\"Error, Artifact does not exist.\"").build();
                }
                if (receiversList != null) {
                    publishDynamicEventReceivers(str, this.tenantDomain, receiversList);
                }
                return Response.status(Response.Status.CREATED).entity("\"OK. \\n Successfully uploaded the artifacts.\"").build();
            } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
                log.error("Failed to access keystore for, tenantDomain: " + this.tenantDomain, e);
                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
            }
        } catch (ParseException e2) {
            log.error("Invalid stream definition for device type" + str + " for tenant, tenantDomain: " + this.tenantDomain, e2);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        } catch (RegistryException e3) {
            log.error("Failed to load tenant, tenantDomain: " + this.tenantDomain, e3);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        } catch (RemoteException e4) {
            log.error("Failed to connect with the remote services:" + this.tenantDomain, e4);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        } catch (AxisFault e5) {
            log.error("failed to publish event definitions for tenantDomain:" + this.tenantDomain, e5);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        } catch (JWTClientException e6) {
            log.error("Failed to generate jwt token for tenantDomain:" + this.tenantDomain, e6);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        } catch (UserStoreException e7) {
            log.error("Failed to connect with the user store, tenantDomain: " + this.tenantDomain, e7);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }

    private boolean deployAnalyticsCapp(@PathParam("type") String str, List<Header> list) throws IOException, RegistryException {
        CarbonAppUploaderStub carbonAppUploaderStub = null;
        try {
            File file = new File(CAR_FILE_LOCATION + File.separator + str);
            if (!file.isDirectory() || !file.exists()) {
                return true;
            }
            UploadedFileItem[] loadCappFromFileSystem = loadCappFromFileSystem(str);
            if (loadCappFromFileSystem.length > 0) {
                if (DEVICE_MANAGEMENT_TYPE.equals(str.toLowerCase())) {
                    carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(IOT_MGT_URL));
                    Options options = carbonAppUploaderStub._getServiceClient().getOptions();
                    if (options == null) {
                        options = new Options();
                    }
                    options.setProperty("HTTP_HEADERS", list);
                    options.setProperty("CUSTOM_PROTOCOL_HANDLER", new Protocol(DEFAULT_HTTP_PROTOCOL, new SSLProtocolSocketFactory(this.sslContext), Integer.parseInt(Utils.replaceSystemProperty(IOT_MGT_PORT))));
                    carbonAppUploaderStub._getServiceClient().setOptions(options);
                    carbonAppUploaderStub.uploadApp(loadCappFromFileSystem);
                } else {
                    carbonAppUploaderStub = new CarbonAppUploaderStub(Utils.replaceSystemProperty(DAS_URL));
                    Options options2 = carbonAppUploaderStub._getServiceClient().getOptions();
                    if (options2 == null) {
                        options2 = new Options();
                    }
                    options2.setProperty("HTTP_HEADERS", list);
                    options2.setProperty("CUSTOM_PROTOCOL_HANDLER", new Protocol(DEFAULT_HTTP_PROTOCOL, new SSLProtocolSocketFactory(this.sslContext), Integer.parseInt(Utils.replaceSystemProperty("${iot.analytics.https.port}"))));
                    carbonAppUploaderStub._getServiceClient().setOptions(options2);
                    carbonAppUploaderStub.uploadApp(loadCappFromFileSystem);
                }
            }
            cleanup(carbonAppUploaderStub);
            return false;
        } finally {
            cleanup(null);
        }
    }

    private void publishDynamicEventReceivers(String str, String str2, List<String> list) throws IOException, UserStoreException, JWTClientException {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(str2, true);
        EventReceiverAdminServiceStub eventReceiverAdminServiceStub = null;
        try {
            eventReceiverAdminServiceStub = new EventReceiverAdminServiceStub(Utils.replaceSystemProperty(DAS_EVENT_RECEIVER_EP));
            Options options = eventReceiverAdminServiceStub._getServiceClient().getOptions();
            if (options == null) {
                options = new Options();
            }
            String str3 = "Bearer " + new String(Base64.encodeBase64(DeviceMgtAPIUtils.getJWTClientManagerService().getJWTClient().getJwtToken(!str2.equals("carbon.super") ? PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName() + "@" + str2 : PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName()).getBytes()));
            ArrayList arrayList = new ArrayList();
            Header header = new Header();
            header.setName("Authorization");
            header.setValue(str3);
            arrayList.add(header);
            options.setProperty("HTTP_HEADERS", arrayList);
            options.setProperty("CUSTOM_PROTOCOL_HANDLER", new Protocol(DEFAULT_HTTP_PROTOCOL, new SSLProtocolSocketFactory(this.sslContext), Integer.parseInt(Utils.replaceSystemProperty("${iot.analytics.https.port}"))));
            eventReceiverAdminServiceStub._getServiceClient().setOptions(options);
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                eventReceiverAdminServiceStub.deployEventReceiverConfiguration(it.next());
            }
            cleanup(eventReceiverAdminServiceStub);
            PrivilegedCarbonContext.endTenantFlow();
        } catch (Throwable th) {
            cleanup(eventReceiverAdminServiceStub);
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private void publishDynamicEventStream(String str, String str2, List<String> list) throws IOException, UserStoreException, JWTClientException, ParseException {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(str2, true);
        EventStreamAdminServiceStub eventStreamAdminServiceStub = null;
        try {
            eventStreamAdminServiceStub = new EventStreamAdminServiceStub(Utils.replaceSystemProperty(DAS_EVENT_STREAM_EP));
            Options options = eventStreamAdminServiceStub._getServiceClient().getOptions();
            if (options == null) {
                options = new Options();
            }
            String str3 = "Bearer " + new String(Base64.encodeBase64(DeviceMgtAPIUtils.getJWTClientManagerService().getJWTClient().getJwtToken(!str2.equals("carbon.super") ? PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName() + "@" + str2 : PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName()).getBytes()));
            ArrayList arrayList = new ArrayList();
            Header header = new Header();
            header.setName("Authorization");
            header.setValue(str3);
            arrayList.add(header);
            options.setProperty("HTTP_HEADERS", arrayList);
            options.setProperty("CUSTOM_PROTOCOL_HANDLER", new Protocol(DEFAULT_HTTP_PROTOCOL, new SSLProtocolSocketFactory(this.sslContext), Integer.parseInt(Utils.replaceSystemProperty("${iot.analytics.https.port}"))));
            eventStreamAdminServiceStub._getServiceClient().setOptions(options);
            for (String str4 : list) {
                JSONObject jSONObject = (JSONObject) new JSONParser().parse(str4);
                if (eventStreamAdminServiceStub.getStreamDefinitionDto(((String) jSONObject.get("name")) + ValueFormatterMessageInterpolator.VALIDATED_VALUE_FORMAT_SEPARATOR + ((String) jSONObject.get("version"))) == null) {
                    eventStreamAdminServiceStub.addEventStreamDefinitionAsString(str4);
                }
            }
            cleanup(eventStreamAdminServiceStub);
            PrivilegedCarbonContext.endTenantFlow();
        } catch (Throwable th) {
            cleanup(eventStreamAdminServiceStub);
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private List<String> getReceiversList(String str) throws IOException {
        File file = new File(CAR_FILE_LOCATION + File.separator + str + File.separator + "receiver");
        if (!file.exists()) {
            return null;
        }
        File[] listFiles = file.listFiles(new FilenameFilter() { // from class: org.wso2.carbon.device.mgt.jaxrs.service.impl.admin.DeviceAnalyticsArtifactUploaderAdminServiceImpl.1
            @Override // java.io.FilenameFilter
            public boolean accept(File file2, String str2) {
                return str2.toLowerCase().endsWith(".xml");
            }
        });
        ArrayList arrayList = new ArrayList();
        for (File file2 : listFiles) {
            arrayList.add(new String(Files.readAllBytes(file2.toPath())).replaceAll(TENANT_DOMAIN_PROPERTY, this.tenantDomain.toLowerCase()));
        }
        return arrayList;
    }

    private List<String> getStreamsList(String str) throws IOException {
        File file = new File(CAR_FILE_LOCATION + File.separator + str + File.separator + "streams");
        if (!file.exists()) {
            return null;
        }
        File[] listFiles = file.listFiles(new FilenameFilter() { // from class: org.wso2.carbon.device.mgt.jaxrs.service.impl.admin.DeviceAnalyticsArtifactUploaderAdminServiceImpl.2
            @Override // java.io.FilenameFilter
            public boolean accept(File file2, String str2) {
                return str2.toLowerCase().endsWith(".json");
            }
        });
        ArrayList arrayList = new ArrayList();
        for (File file2 : listFiles) {
            arrayList.add(new String(Files.readAllBytes(file2.toPath())));
        }
        return arrayList;
    }

    private UploadedFileItem[] loadCappFromFileSystem(String str) throws IOException {
        File[] listFiles = new File(CAR_FILE_LOCATION + File.separator + str).listFiles(new FilenameFilter() { // from class: org.wso2.carbon.device.mgt.jaxrs.service.impl.admin.DeviceAnalyticsArtifactUploaderAdminServiceImpl.3
            @Override // java.io.FilenameFilter
            public boolean accept(File file, String str2) {
                return str2.toLowerCase().endsWith(".car");
            }
        });
        ArrayList arrayList = new ArrayList();
        if (listFiles != null) {
            for (File file : listFiles) {
                UploadedFileItem uploadedFileItem = new UploadedFileItem();
                uploadedFileItem.setDataHandler(new DataHandler(file.toURI().toURL()));
                uploadedFileItem.setFileName(file.getName());
                uploadedFileItem.setFileType("jar");
                arrayList.add(uploadedFileItem);
            }
        }
        return (UploadedFileItem[]) arrayList.toArray(new UploadedFileItem[arrayList.size()]);
    }

    private void loadKeyStore(String str, String str2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = null;
        try {
            this.keyStorePassword = str2.toCharArray();
            this.keyStore = KeyStore.getInstance("JKS");
            fileInputStream = new FileInputStream(str);
            this.keyStore.load(fileInputStream, this.keyStorePassword);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private void loadTrustStore(String str, String str2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = null;
        try {
            this.trustStore = KeyStore.getInstance("JKS");
            fileInputStream = new FileInputStream(str);
            this.trustStore.load(fileInputStream, str2.toCharArray());
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(this.keyStore, this.keyStorePassword);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        trustManagerFactory.init(this.trustStore);
        this.sslContext = SSLContext.getInstance(SSLV3);
        this.sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        SSLContext.setDefault(this.sslContext);
    }

    private void cleanup(Stub stub) {
        if (stub != null) {
            try {
                stub.cleanup();
            } catch (AxisFault e) {
            }
        }
    }
}
