package tigase.xmpp.impl;

import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Queue;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import tigase.db.NonAuthUserRepository;
import tigase.db.TigaseDBException;
import tigase.form.Field;
import tigase.form.Form;
import tigase.io.SSLContextContainerIfc;
import tigase.server.Iq;
import tigase.server.Packet;
import tigase.xml.Element;
import tigase.xmpp.Authorization;
import tigase.xmpp.JID;
import tigase.xmpp.NotAuthorizedException;
import tigase.xmpp.PacketErrorTypeException;
import tigase.xmpp.XMPPProcessorAbstract;
import tigase.xmpp.XMPPResourceConnection;

/* loaded from: input_file:tigase/xmpp/impl/RemoteRosterManagement.class */
public class RemoteRosterManagement extends XMPPProcessorAbstract {
    private static final String ID = "remote-roster-management";
    private static final String[][] ELEMENT_PATHS = {new String[]{Iq.ELEM_NAME, Iq.QUERY_NAME}, new String[]{tigase.server.Message.ELEM_NAME, "x"}};
    private static final Logger log = Logger.getLogger("eu.hilow.xtigase.server.xmpp.RemoteRosterManagement");
    private static final String XMLNS = "http://spectrum.im/protocol/remote-roster";
    private static final String[] XMLNSS = {XMLNS, "jabber:x:data"};

    @Override // tigase.xmpp.XMPPImplIfc
    public String id() {
        return ID;
    }

    @Override // tigase.xmpp.XMPPProcessor, tigase.xmpp.XMPPImplIfc
    public int concurrentQueuesNo() {
        return Runtime.getRuntime().availableProcessors();
    }

    @Override // tigase.xmpp.XMPPProcessorAbstract
    public void processFromUserToServerPacket(JID jid, Packet packet, XMPPResourceConnection xMPPResourceConnection, NonAuthUserRepository nonAuthUserRepository, Queue<Packet> queue, Map<String, Object> map) throws PacketErrorTypeException {
        if (packet.getElemName() != tigase.server.Message.ELEM_NAME) {
            queue.offer(packet);
            return;
        }
        try {
            processMessageFormResponse(packet, xMPPResourceConnection, nonAuthUserRepository, queue);
        } catch (TigaseDBException e) {
            queue.offer(Authorization.INTERNAL_SERVER_ERROR.getResponseMessage(packet, null, true));
        } catch (NotAuthorizedException e2) {
            queue.offer(Authorization.FORBIDDEN.getResponseMessage(packet, null, false));
        }
    }

    @Override // tigase.xmpp.XMPPProcessorAbstract
    public void processServerSessionPacket(Packet packet, XMPPResourceConnection xMPPResourceConnection, NonAuthUserRepository nonAuthUserRepository, Queue<Packet> queue, Map<String, Object> map) throws PacketErrorTypeException {
    }

    @Override // tigase.xmpp.XMPPProcessorAbstract
    public void processToUserPacket(Packet packet, XMPPResourceConnection xMPPResourceConnection, NonAuthUserRepository nonAuthUserRepository, Queue<Packet> queue, Map<String, Object> map) throws PacketErrorTypeException {
        if (packet.getElemName() == Iq.ELEM_NAME) {
            processIq(packet, xMPPResourceConnection, nonAuthUserRepository, queue, map);
        } else {
            super.processToUserPacket(packet, xMPPResourceConnection, nonAuthUserRepository, queue, map);
        }
    }

    private void processIq(Packet packet, XMPPResourceConnection xMPPResourceConnection, NonAuthUserRepository nonAuthUserRepository, Queue<Packet> queue, Map<String, Object> map) throws PacketErrorTypeException {
        Element child = packet.getElement().getChild(Iq.QUERY_NAME, XMLNS);
        if (child == null) {
            super.processToUserPacket(packet, xMPPResourceConnection, nonAuthUserRepository, queue, map);
            return;
        }
        switch (packet.getType()) {
            case set:
                if (!"request".equals(child.getAttributeStaticStr("type"))) {
                    queue.offer(Authorization.BAD_REQUEST.getResponseMessage(packet, "Unknown request type", false));
                    return;
                }
                JID jidInstanceNS = JID.jidInstanceNS(packet.getStanzaTo().getDomain());
                Element element = new Element(tigase.server.Message.ELEM_NAME);
                element.setAttribute(Packet.FROM_ATT, jidInstanceNS.toString());
                element.setAttribute(Packet.TO_ATT, packet.getStanzaTo().toString());
                Form form = new Form(Packet.FROM_ATT, "Roster change permission", packet.getStanzaFrom().getBareJID().toString() + " wants to edit your roster with following reason: " + child.getAttributeStaticStr("reason") + ". Do you want to allow it?");
                form.addField(Field.fieldHidden("FORM_TYPE", XMLNS));
                form.addField(Field.fieldHidden("jid", packet.getStanzaFrom().getBareJID().toString()));
                form.addField(Field.fieldBoolean("answer", true, "Allow roster edit"));
                element.addChildren(Collections.singletonList(form.getElement()));
                queue.offer(Packet.packetInstance(element, jidInstanceNS, packet.getStanzaTo()));
                return;
            default:
                queue.offer(Authorization.BAD_REQUEST.getResponseMessage(packet, "Bad request", true));
                return;
        }
    }

    private void processMessageFormResponse(Packet packet, XMPPResourceConnection xMPPResourceConnection, NonAuthUserRepository nonAuthUserRepository, Queue<Packet> queue) throws NotAuthorizedException, TigaseDBException {
        Element child = packet.getElement().getChild("x");
        if (child == null) {
            queue.offer(packet);
            return;
        }
        Form form = new Form(child);
        if (!XMLNS.equals(form.getAsString("FORM_TYPE")) && !xMPPResourceConnection.isLocalDomain(packet.getStanzaTo().toString(), false)) {
            queue.offer(packet);
        }
        JID jidInstanceNS = JID.jidInstanceNS(form.get("jid").getValue());
        Boolean bool = false;
        String value = form.get("answer").getValue();
        if (SSLContextContainerIfc.ALLOW_SELF_SIGNED_CERTS_VAL.equals(value) || "1".equals(value)) {
            bool = true;
        }
        synchronized (xMPPResourceConnection) {
            Set<JID> allowed = getAllowed(xMPPResourceConnection);
            if (bool.booleanValue()) {
                allowed.add(jidInstanceNS);
            } else {
                allowed.remove(jidInstanceNS);
            }
            setAllowed(xMPPResourceConnection, allowed);
        }
        Element element = new Element(Iq.ELEM_NAME);
        element.setAttribute(Packet.FROM_ATT, packet.getStanzaFrom().getBareJID().toString());
        element.setAttribute(Packet.TO_ATT, jidInstanceNS.toString());
        Element element2 = new Element(Iq.QUERY_NAME);
        element2.setAttribute("xmlns", XMLNS);
        element2.setAttribute("type", bool.booleanValue() ? "allowed" : "rejected");
        element.addChildren(Collections.singletonList(element2));
        queue.offer(Packet.packetInstance(element, packet.getStanzaFrom().copyWithoutResource(), jidInstanceNS));
    }

    @Override // tigase.xmpp.XMPPProcessor, tigase.xmpp.XMPPImplIfc
    public String[][] supElementNamePaths() {
        return ELEMENT_PATHS;
    }

    @Override // tigase.xmpp.XMPPProcessor, tigase.xmpp.XMPPImplIfc
    public String[] supNamespaces() {
        return XMLNSS;
    }

    private static Set<JID> getAllowed(XMPPResourceConnection xMPPResourceConnection) throws NotAuthorizedException, TigaseDBException {
        Set<JID> set;
        synchronized (xMPPResourceConnection) {
            Set<JID> set2 = (Set) xMPPResourceConnection.getCommonSessionData("remote-roster-allowed");
            if (set2 == null) {
                String data = xMPPResourceConnection.getData(ID, "allowed", null);
                set2 = new HashSet();
                if (data != null) {
                    if (data.contains("/")) {
                        for (String str : data.split("/")) {
                            if (str.length() > 0) {
                                set2.add(JID.jidInstanceNS(str));
                            }
                        }
                    } else {
                        set2.add(JID.jidInstanceNS(data));
                    }
                }
                xMPPResourceConnection.putCommonSessionData("remote-roster-allowed", set2);
                if (log.isLoggable(Level.FINEST)) {
                    log.log(Level.FINEST, "read list of jids allowed to modify roster = {0}", set2);
                }
            }
            set = set2;
        }
        return set;
    }

    private static void setAllowed(XMPPResourceConnection xMPPResourceConnection, Set<JID> set) throws NotAuthorizedException, TigaseDBException {
        StringBuilder sb = new StringBuilder(1024);
        xMPPResourceConnection.putCommonSessionData("remote-roster-allowed", set);
        boolean z = true;
        for (JID jid : set) {
            if (z) {
                z = false;
            } else {
                sb.append("/");
            }
            sb.append(jid.toString());
        }
        xMPPResourceConnection.setData(ID, "allowed", sb.toString());
    }

    public static boolean isRemoteAllowed(JID jid, XMPPResourceConnection xMPPResourceConnection) {
        try {
            if (xMPPResourceConnection == null) {
                if (!log.isLoggable(Level.FINEST)) {
                    return false;
                }
                log.log(Level.FINEST, "no session to check if {0} is allowed", jid.toString());
                return false;
            }
            Set<JID> allowed = getAllowed(xMPPResourceConnection);
            if (log.isLoggable(Level.FINEST)) {
                log.log(Level.FINEST, "checking if sender jid = {0} is in allowed set = {1}", new Object[]{jid, allowed});
            }
            return allowed.contains(jid);
        } catch (Exception e) {
            return false;
        }
    }

    public static void updateBuddyChange(XMPPResourceConnection xMPPResourceConnection, Element element, Element element2, Queue<Packet> queue) throws NotAuthorizedException, TigaseDBException {
        JID jidInstanceNS = JID.jidInstanceNS(element.getAttributeStaticStr("jid"));
        if (jidInstanceNS.getLocalpart() == null) {
            return;
        }
        JID jidInstanceNS2 = JID.jidInstanceNS(jidInstanceNS.getDomain());
        if (isRemoteAllowed(jidInstanceNS2, xMPPResourceConnection)) {
            Element m289clone = element2.m289clone();
            m289clone.setAttribute(Packet.FROM_ATT, xMPPResourceConnection.getBareJID().toString());
            m289clone.setAttribute(Packet.TO_ATT, jidInstanceNS2.getDomain());
            m289clone.setAttribute("id", "rst" + xMPPResourceConnection.nextStanzaId());
            queue.offer(Packet.packetInstance(m289clone, JID.jidInstance(xMPPResourceConnection.getBareJID()), jidInstanceNS2));
        }
    }
}
