package tigase.server.xmppserver.proc;

import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Queue;
import java.util.SortedSet;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentSkipListSet;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.logging.Level;
import java.util.logging.Logger;
import tigase.kernel.beans.Bean;
import tigase.kernel.beans.Inject;
import tigase.net.ConnectionType;
import tigase.server.Packet;
import tigase.server.xmppserver.CID;
import tigase.server.xmppserver.CIDConnections;
import tigase.server.xmppserver.S2SConnection;
import tigase.server.xmppserver.S2SConnectionManager;
import tigase.server.xmppserver.S2SIOService;
import tigase.stats.StatisticsList;
import tigase.stats.StatisticsProviderIfc;

@Bean(name = "authenticator-selector-manager", parent = S2SConnectionManager.class, active = true)
/* loaded from: input_file:tigase/server/xmppserver/proc/AuthenticatorSelectorManager.class */
public class AuthenticatorSelectorManager implements StatisticsProviderIfc {
    public static final String S2S_METHOD_USED = "S2S_METHOD_USED";
    public static final String S2S_METHODS_ADVERTISED = "S2S_METHODS_ADVERTISED";
    public static final String S2S_METHODS_AVAILABLE = "S2S_METHODS_AVAILABLE";
    private static final Logger log = Logger.getLogger(AuthenticatorSelectorManager.class.getName());

    @Inject
    public List<AuthenticationProcessor> authenticationProcessors;
    private Map<String, AtomicInteger> failedAuthenticationDomains = new ConcurrentHashMap();

    public boolean isAllowed(Packet packet, S2SIOService s2SIOService, AuthenticationProcessor authenticationProcessor, Queue<Packet> queue) {
        boolean isAuthenticated = s2SIOService.isAuthenticated();
        SortedSet<AuthenticationProcessor> authenticationProcessors = getAuthenticationProcessors(s2SIOService);
        Optional<AuthenticationProcessor> currentAuthenticationProcessor = getCurrentAuthenticationProcessor(s2SIOService);
        if (isAuthenticated) {
            log.log(Level.FINE, "Connection already authenticated, skipping processor: {1}, methodsAvailable: {2}, checking packet: {3} [{0}]", new Object[]{s2SIOService, authenticationProcessor, authenticationProcessors, packet});
            return false;
        }
        log.log(Level.FINE, "Processor {1}, methodsAvailable: {2}, checking packet: {3} [{0}]", new Object[]{s2SIOService, authenticationProcessor.getMethodName(), authenticationProcessors, packet});
        boolean canHandle = authenticationProcessor.canHandle(packet, s2SIOService, queue);
        if (canHandle) {
            authenticationProcessors.add(authenticationProcessor);
        }
        boolean z = !currentAuthenticationProcessor.isPresent() && canHandle;
        log.log(Level.FINEST, "Processor {1}, canHandle: {2}, currentAuthenticationProcessor: {3}, result: {4}, methodsAvailable: {5}, packet: {6} [{0}]", new Object[]{s2SIOService, authenticationProcessor.getMethodName(), Boolean.valueOf(canHandle), currentAuthenticationProcessor, Boolean.valueOf(z), authenticationProcessors, packet});
        if (z) {
            authenticationProcessors.remove(authenticationProcessor);
            s2SIOService.getSessionData().put(S2S_METHOD_USED, authenticationProcessor);
            log.log(Level.FINE, "Allowing auth for: {1}, remaining: {2} [{0}]", new Object[]{s2SIOService, authenticationProcessor.getMethodName(), authenticationProcessors});
        }
        return z;
    }

    public void authenticateConnection(String str, CIDConnections cIDConnections, CID cid) {
        S2SConnection s2SConnectionForSessionId = cIDConnections.getS2SConnectionForSessionId(str);
        if (s2SConnectionForSessionId != null) {
            authenticateConnection(s2SConnectionForSessionId.getS2SIOService(), cIDConnections, cid);
        }
    }

    public void authenticateConnection(S2SIOService s2SIOService, CIDConnections cIDConnections, CID cid) {
        log.log(Level.FINE, "Authenticating connection [{0}]", new Object[]{s2SIOService});
        s2SIOService.getSessionData().remove(S2S_METHOD_USED);
        cIDConnections.connectionAuthenticated(s2SIOService, cid);
    }

    @Override // tigase.stats.StatisticsProviderIfc
    public void getStatistics(String str, StatisticsList statisticsList) {
        String str2 = str + "/AuthenticationFailures";
        for (Map.Entry<String, AtomicInteger> entry : this.failedAuthenticationDomains.entrySet()) {
            statisticsList.add(str2, entry.getKey(), entry.getValue().intValue(), Level.FINER);
        }
    }

    public void authenticationFailed(Packet packet, S2SIOService s2SIOService, AuthenticationProcessor authenticationProcessor, Queue<Packet> queue) {
        markConnectionAsFailed(authenticationProcessor.getMethodName(), s2SIOService);
        s2SIOService.getSessionData().remove(S2S_METHOD_USED);
        SortedSet<AuthenticationProcessor> authenticationProcessors = getAuthenticationProcessors(s2SIOService);
        authenticationProcessors.remove(authenticationProcessor);
        log.log(Level.FINE, "Authentication failed for: {1}, remaining methodsAvailable: {2} [{0}]", new Object[]{s2SIOService, authenticationProcessor.getMethodName(), authenticationProcessors});
        if (authenticationProcessors.isEmpty()) {
            log.log(Level.WARNING, "All authentication methods failed, stopping connection [{0}]", new Object[]{s2SIOService});
            flushRemainingPackets(s2SIOService, queue);
            s2SIOService.forceStop();
        }
        if (s2SIOService.connectionType() == ConnectionType.connect) {
            Optional findFirst = authenticationProcessors.stream().findFirst();
            if (findFirst.isPresent()) {
                log.log(Level.FINE, "Restarting authentication with: {1} [{0}]", new Object[]{s2SIOService, ((AuthenticationProcessor) findFirst.get()).getMethodName()});
                authenticationProcessors.remove(findFirst.get());
                ((AuthenticationProcessor) findFirst.get()).restartAuth(packet, s2SIOService, queue);
            } else {
                log.log(Level.WARNING, "No more authenticators for outgoing connections, stopping [{0}]", new Object[]{s2SIOService});
                flushRemainingPackets(s2SIOService, queue);
                s2SIOService.forceStop();
            }
        }
    }

    public void markConnectionAsFailed(String str, S2SIOService s2SIOService) {
        CID cid = (CID) s2SIOService.getSessionData().get("cid");
        log.log(Level.FINEST, () -> {
            return "Adding entry to stats, prefix: " + str + ", cid: " + cid;
        });
        this.failedAuthenticationDomains.computeIfAbsent(str + "/" + cid, str2 -> {
            return new AtomicInteger();
        }).incrementAndGet();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SortedSet<AuthenticationProcessor> getAuthenticationProcessors(S2SIOService s2SIOService) {
        SortedSet<AuthenticationProcessor> sortedSet = (SortedSet) s2SIOService.getSessionData().get(S2S_METHODS_AVAILABLE);
        if (sortedSet == null) {
            sortedSet = getAuthenticationProcessors();
            s2SIOService.getSessionData().put(S2S_METHODS_AVAILABLE, sortedSet);
        }
        return sortedSet;
    }

    private void flushRemainingPackets(S2SIOService s2SIOService, Queue<Packet> queue) {
        Iterator<Packet> it = queue.iterator();
        while (it.hasNext()) {
            s2SIOService.addPacketToSend(it.next());
        }
        try {
            s2SIOService.processWaitingPackets();
        } catch (IOException e) {
            log.log(Level.WARNING, "Error while writing packets before closing the stream [" + s2SIOService + "]", (Throwable) e);
        }
    }

    private SortedSet<AuthenticationProcessor> getAuthenticationProcessors() {
        log.log(Level.FINEST, "preparing empty processor list!");
        return new ConcurrentSkipListSet();
    }

    public void setAuthenticationProcessors(List<AuthenticationProcessor> list) {
        this.authenticationProcessors = new CopyOnWriteArrayList(list);
    }

    private Optional<AuthenticationProcessor> getCurrentAuthenticationProcessor(S2SIOService s2SIOService) {
        return Optional.ofNullable((AuthenticationProcessor) s2SIOService.getSessionData().get(S2S_METHOD_USED));
    }
}
