package com.mavaratech.plugin.policy.impl;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.gson.Gson;
import com.mavaratech.mavara.utils.exceptions.CoreException;
import com.mavaratech.mavara.utils.service.RedisHelper;
import com.mavaratech.mavara.utils.service.RestRequestHelper;
import com.mavaratech.plugin.policy.abstracts.PolicyImpl;
import com.mavaratech.plugin.policy.dto.ErrorResponse;
import com.mavaratech.plugin.policy.dto.PolicyInfo;
import com.mavaratech.plugin.policy.dto.PolicyResponse;
import com.squareup.okhttp.Response;
import java.io.IOException;
import java.util.HashSet;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.support.GenericApplicationContext;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.HandlerMapping;

/* loaded from: input_file:com/mavaratech/plugin/policy/impl/APIKeyPolicy.class */
public class APIKeyPolicy extends PolicyImpl {
    private static final String REDIS_KEY_PREFIX = "cache:auth:apikey:";
    private final RedisHelper redisHelper;
    private final RestRequestHelper restRequestHelper;
    private final Gson gson;
    private final String apiKeyInfoUrl;
    private final long apiKeyCacheExpiry;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) APIKeyPolicy.class);
    private static final Cache<String, ApiKeyCache> localCache = CacheBuilder.newBuilder().expireAfterWrite(10, TimeUnit.SECONDS).initialCapacity(10000).concurrencyLevel(10).build();

    /* loaded from: input_file:com/mavaratech/plugin/policy/impl/APIKeyPolicy$ApiKeyCache.class */
    public class ApiKeyCache {
        private boolean valid;
        private long userId;
        private HashSet<String> apis;

        public ApiKeyCache() {
        }

        public boolean isValid() {
            return this.valid;
        }

        public void setValid(boolean z) {
            this.valid = z;
        }

        public long getUserId() {
            return this.userId;
        }

        public void setUsername(long j) {
            this.userId = j;
        }

        public HashSet<String> getApis() {
            return this.apis;
        }

        public void setApis(HashSet<String> hashSet) {
            this.apis = hashSet;
        }
    }

    public APIKeyPolicy(GenericApplicationContext genericApplicationContext, PolicyInfo policyInfo) {
        super(genericApplicationContext, policyInfo);
        this.redisHelper = (RedisHelper) getContext().getBean(RedisHelper.class);
        this.restRequestHelper = (RestRequestHelper) getContext().getBean(RestRequestHelper.class);
        this.gson = (Gson) getContext().getBean(Gson.class);
        this.apiKeyInfoUrl = getProperty("itg.restInterface.apiKeyInfoUrl");
        this.apiKeyCacheExpiry = Long.parseLong(getProperty("itg.restInterface.apiKeyCacheExpiry"));
    }

    @Override // com.mavaratech.plugin.policy.abstracts.PolicyImpl, com.mavaratech.plugin.policy.abstracts.Policy
    public PolicyResponse run(HttpServletRequest httpServletRequest, String str) throws CoreException {
        String apiKey = getApiKey(httpServletRequest);
        if (apiKey == null || apiKey.equals("")) {
            return PolicyResponse.createUnsuccessful(ErrorResponse.getUnAuthenticatedResponse(), HttpStatus.UNAUTHORIZED);
        }
        ApiKeyCache apiKeyInfo = getApiKeyInfo(apiKey);
        String str2 = (String) ((Map) httpServletRequest.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE)).get("name");
        if (!apiKeyInfo.isValid() || !apiKeyInfo.getApis().contains(str2)) {
            return PolicyResponse.createUnsuccessful(ErrorResponse.getUnAuthorizedResponse(), HttpStatus.FORBIDDEN);
        }
        LOGGER.trace("User called Rest, [(consumerId:{})], [(trackCode:{})]", Long.valueOf(apiKeyInfo.getUserId()), str);
        return PolicyResponse.createSuccessfully();
    }

    private String getApiKey(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("apikey");
        if (parameter == null || parameter.equals("")) {
            parameter = httpServletRequest.getParameter("apiKey");
        }
        if (parameter != null || parameter.equals("")) {
            parameter = httpServletRequest.getHeader("apikey");
        }
        if (parameter != null || parameter.equals("")) {
            parameter = httpServletRequest.getHeader("apiKey");
        }
        return parameter;
    }

    @Override // com.mavaratech.plugin.policy.abstracts.PolicyImpl, com.mavaratech.plugin.policy.abstracts.Policy
    public String getName() {
        return "api_key";
    }

    private ApiKeyCache getApiKeyInfo(String str) throws CoreException {
        ApiKeyCache ifPresent = localCache.getIfPresent(str);
        if (ifPresent == null) {
            ifPresent = (ApiKeyCache) this.redisHelper.getObject(REDIS_KEY_PREFIX + str, ApiKeyCache.class);
            if (ifPresent == null) {
                ifPresent = getApiKey(str);
                if (ifPresent != null) {
                    localCache.put(str, ifPresent);
                    this.redisHelper.setObject(REDIS_KEY_PREFIX + str, ifPresent, this.apiKeyCacheExpiry);
                }
            }
        }
        return ifPresent;
    }

    private ApiKeyCache getApiKey(String str) throws CoreException {
        ApiKeyCache apiKeyCache = null;
        try {
            Response response = this.restRequestHelper.get(this.apiKeyInfoUrl + str);
            if (response.isSuccessful()) {
                if (response.body() == null) {
                    throw new CoreException(100L, "خطا در احراز هویت", "ApiKeyInfo api responds empty body");
                }
                apiKeyCache = (ApiKeyCache) this.gson.fromJson(response.body().string(), ApiKeyCache.class);
            }
            return apiKeyCache;
        } catch (IOException e) {
            throw new CoreException(100L, "خطا در احراز هویت", "failed to get api key info from crm", e);
        }
    }
}
