package tigase.james.utils;

import com.github.rholder.retry.RetryException;
import com.github.rholder.retry.Retryer;
import com.github.rholder.retry.RetryerBuilder;
import com.github.rholder.retry.StopStrategies;
import com.github.rholder.retry.WaitStrategies;
import com.google.common.base.Supplier;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.RemovalListener;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.util.Base64;
import java.util.Objects;
import java.util.concurrent.Callable;
import java.util.concurrent.CompletionException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nonnull;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.configuration2.HierarchicalConfiguration;
import org.apache.commons.configuration2.ex.ConfigurationException;
import org.apache.commons.configuration2.tree.ImmutableNode;
import org.apache.james.domainlist.api.DomainListException;
import org.apache.james.lifecycle.api.Configurable;
import org.apache.james.user.api.UsersRepositoryException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import tigase.james.utils.entities.VHostList;

/* loaded from: input_file:tigase/james/utils/TigaseRestApiClient.class */
public class TigaseRestApiClient implements Configurable {
    public static final String TIGASE_HTTP_API_URL_KEY = "tigaseHttpApiUrl";
    public static final String TIGASE_ADMIN_USER_KEY = "tigaseAdminUsername";
    public static final String TIGASE_ADMIN_PASSWORD_KEY = "tigaseAdminPassword";
    public static final String TIGASE_USE_CACHE_KEY = "tigaseUseCache";
    public static final String TIGASE_CACHE_EXPIRATION_IN_MINUTES_KEY = "tigaseExpirationTimeInMinutes";
    private static final String httpApiUserEndpoint = "rest/user/";
    private static final String httpApiVhostEndpoint = "rest/vhost/";
    private static final Logger logger = LoggerFactory.getLogger(TigaseRestApiClient.class);
    private AdminCredentials adminCredentials;
    private HttpClient client;
    private Supplier<String> defaultVhostCachced;
    private String tigaseHttpApiBaseUrl;
    final String DOMAINS_KEY = "DOMAINS";
    private Cache<String, Boolean> authUserCache = null;
    private Cache<String, Boolean> containsUserCache = null;
    private int expirationTimeInMinutes = 1;
    private boolean useCache = false;
    private Cache<String, VHostList> vhostCache = null;
    Retryer<VHostList> retryer = RetryerBuilder.newBuilder().retryIfExceptionOfType(IOException.class).retryIfExceptionOfType(InterruptedException.class).retryIfExceptionOfType(JAXBException.class).retryIfResult((v0) -> {
        return Objects.isNull(v0);
    }).retryIfRuntimeException().withWaitStrategy(WaitStrategies.fixedWait(10, TimeUnit.SECONDS)).withStopStrategy(StopStrategies.stopAfterDelay(3, TimeUnit.MINUTES)).build();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:tigase/james/utils/TigaseRestApiClient$AdminCredentials.class */
    public static class AdminCredentials {
        private final String password;
        private final String username;

        private AdminCredentials(@Nonnull String str, @Nonnull String str2) {
            this.username = (String) Objects.requireNonNull(str);
            this.password = (String) Objects.requireNonNull(str2);
        }

        private String getBasicAuthenticationHeader() {
            return TigaseRestApiClient.getBasicAuthenticationHeader(this.username, this.password);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:tigase/james/utils/TigaseRestApiClient$VHostRetrieverCallable.class */
    public class VHostRetrieverCallable implements Callable<VHostList> {
        private final HttpRequest request;

        public VHostRetrieverCallable(HttpRequest httpRequest) {
            this.request = httpRequest;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public VHostList call() throws Exception {
            TigaseRestApiClient.logger.trace("Getting list of VHosts");
            HttpResponse send = TigaseRestApiClient.this.client.send(this.request, HttpResponse.BodyHandlers.ofInputStream());
            if (send.statusCode() / 100 != 2) {
                throw new IOException("VHosts request failed: " + String.valueOf(send));
            }
            TigaseRestApiClient.logger.trace("Getting list of VHosts: {}", send.toString());
            VHostList vHostList = (VHostList) JAXBContext.newInstance(new Class[]{VHostList.class}).createUnmarshaller().unmarshal((InputStream) send.body());
            if (TigaseRestApiClient.this.useCache) {
                TigaseRestApiClient.this.vhostCache.put("DOMAINS", vHostList);
            }
            return vHostList;
        }
    }

    private static String getBasicAuthenticationHeader(String str, String str2) {
        return "Basic " + Base64.getEncoder().encodeToString((str + ":" + str2).getBytes(StandardCharsets.UTF_8));
    }

    private static String getSha(String str, String str2) {
        return DigestUtils.sha256Hex(str + str2);
    }

    public static void main(String[] strArr) throws UsersRepositoryException, DomainListException, JAXBException, InterruptedException {
        TigaseRestApiClient tigaseRestApiClient = new TigaseRestApiClient("http://localhost:8080", "admin@atlantiscity", "admin");
        System.out.println(tigaseRestApiClient.userExists("tigase1@atlantiscity"));
        System.out.println(tigaseRestApiClient.isPasswordValid("tigase1@atlantiscity", "tigase1"));
        VHostList vhostItemList = tigaseRestApiClient.getVhostItemList();
        System.out.println(vhostItemList);
        System.out.println(vhostItemList.getDefaultVhost());
        System.out.println(vhostItemList.getvHostLists());
    }

    private static String sanitizeHttpApiUrl(String str) {
        if (!str.endsWith("/")) {
            str = str + "/";
        }
        return str;
    }

    public TigaseRestApiClient() {
    }

    public TigaseRestApiClient(@Nonnull String str, @Nonnull String str2, @Nonnull String str3) {
        Objects.requireNonNull(str);
        this.tigaseHttpApiBaseUrl = sanitizeHttpApiUrl(str);
        Objects.requireNonNull(str2);
        Objects.requireNonNull(str3);
        this.adminCredentials = new AdminCredentials(str2, str3);
        initHttpClient();
        initCache();
    }

    public void configure(HierarchicalConfiguration<ImmutableNode> hierarchicalConfiguration) throws ConfigurationException {
        this.tigaseHttpApiBaseUrl = System.getProperty(TIGASE_HTTP_API_URL_KEY, hierarchicalConfiguration.getString(TIGASE_HTTP_API_URL_KEY));
        if (Objects.isNull(this.tigaseHttpApiBaseUrl)) {
            throw new ConfigurationException("Tigase HTTP API URL is required, set it in config file or via environment variable via 'tigaseHttpApiUrl'");
        }
        this.tigaseHttpApiBaseUrl = sanitizeHttpApiUrl(this.tigaseHttpApiBaseUrl);
        String property = System.getProperty(TIGASE_ADMIN_USER_KEY, hierarchicalConfiguration.getString(TIGASE_ADMIN_USER_KEY));
        String property2 = System.getProperty(TIGASE_ADMIN_PASSWORD_KEY, hierarchicalConfiguration.getString(TIGASE_ADMIN_PASSWORD_KEY));
        if (Objects.isNull(property) || Objects.isNull(property2)) {
            throw new ConfigurationException("Admin username and password are required, set it in config file or via environment variable via 'tigaseAdminUsername' and 'tigaseAdminPassword'");
        }
        this.adminCredentials = new AdminCredentials(property, property2);
        String property3 = System.getProperty(TIGASE_USE_CACHE_KEY);
        this.useCache = property3 != null ? Boolean.parseBoolean(property3) : hierarchicalConfiguration.getBoolean(TIGASE_USE_CACHE_KEY);
        if (this.useCache) {
            String property4 = System.getProperty(TIGASE_CACHE_EXPIRATION_IN_MINUTES_KEY);
            this.expirationTimeInMinutes = property4 != null ? Integer.parseInt(property4) : hierarchicalConfiguration.getInt(TIGASE_CACHE_EXPIRATION_IN_MINUTES_KEY, 1);
            initCache();
            logger.info("Using Tigase repo with cache: {} and expiration of: {} minutes", Boolean.valueOf(this.useCache), Integer.valueOf(this.expirationTimeInMinutes));
        }
        initHttpClient();
    }

    private boolean doRequestAndStoreInCache(HttpRequest httpRequest, String str, Cache<String, Boolean> cache) throws UsersRepositoryException {
        try {
            return ((Boolean) this.client.sendAsync(httpRequest, HttpResponse.BodyHandlers.ofString()).thenApply(TigaseRestApiClient::isOkResponse).thenApply(bool -> {
                return putInCache(cache, str, bool);
            }).join()).booleanValue();
        } catch (CompletionException e) {
            throw new UsersRepositoryException("Authentication failed", e.getCause());
        }
    }

    private static boolean isOkResponse(HttpResponse<String> httpResponse) {
        return httpResponse.statusCode() / 100 == 2;
    }

    private Boolean putInCache(Cache<String, Boolean> cache, String str, Boolean bool) {
        if (this.useCache) {
            cache.put(str, bool);
        }
        return bool;
    }

    private <T> Cache<String, T> getCache(RemovalListener<Object, Object> removalListener) {
        return CacheBuilder.newBuilder().expireAfterWrite(Duration.ofMinutes(this.expirationTimeInMinutes)).removalListener(removalListener).maximumSize(10000L).build();
    }

    public VHostList getVhostItemList() throws DomainListException {
        VHostList vHostList;
        if (this.useCache && (vHostList = (VHostList) this.vhostCache.getIfPresent("DOMAINS")) != null) {
            logger.trace("Using VHost list from cache");
            return vHostList;
        }
        URI create = URI.create(this.tigaseHttpApiBaseUrl + "rest/vhost/");
        logger.info("vhost url: {}; username: {}", create, this.adminCredentials.username);
        try {
            return (VHostList) this.retryer.call(new VHostRetrieverCallable(prepareGetBuilder().uri(create).header("Authorization", this.adminCredentials.getBasicAuthenticationHeader()).build()));
        } catch (ExecutionException e) {
            throw new DomainListException("Getting list of VHosts failed", e);
        } catch (RetryException e2) {
            throw new DomainListException("Permanent retry failure of fetting list of VHosts failed", e2);
        }
    }

    private void initCache() {
        this.containsUserCache = getCache(removalNotification -> {
            logger.info("Removing user item (contains): {}", removalNotification);
        });
        this.authUserCache = getCache(removalNotification2 -> {
            logger.info("Removing user item (auth): {}", removalNotification2);
        });
        this.vhostCache = getCache(removalNotification3 -> {
            logger.info("Removing vhost: {}", removalNotification3);
        });
    }

    private void initHttpClient() {
        this.client = HttpClient.newBuilder().version(HttpClient.Version.HTTP_1_1).followRedirects(HttpClient.Redirect.NORMAL).connectTimeout(Duration.ofSeconds(10L)).build();
    }

    public boolean isPasswordValid(String str, String str2) throws UsersRepositoryException {
        Boolean bool;
        String sha = getSha(str, str2);
        if (this.useCache && (bool = (Boolean) this.authUserCache.getIfPresent(sha)) != null) {
            logger.trace("Authenticating user {} with cache; got result cache: {} for sha: {}", new Object[]{str, bool, sha});
            return bool.booleanValue();
        }
        HttpRequest build = prepareGetBuilder().uri(URI.create(this.tigaseHttpApiBaseUrl + "rest/user/")).header("Authorization", getBasicAuthenticationHeader(str, str2)).build();
        boolean doRequestAndStoreInCache = doRequestAndStoreInCache(build, sha, this.authUserCache);
        logger.trace("Authenticating user {}; request: {}, authenticated: {}", new Object[]{str, build.toString(), Boolean.valueOf(doRequestAndStoreInCache)});
        return doRequestAndStoreInCache;
    }

    private HttpRequest.Builder prepareGetBuilder() {
        return HttpRequest.newBuilder().timeout(Duration.ofSeconds(10L)).GET();
    }

    public boolean userExists(String str) throws UsersRepositoryException {
        Boolean bool;
        if (this.useCache && (bool = (Boolean) this.containsUserCache.getIfPresent(str)) != null) {
            logger.trace("Verifying user {} existence; got user from cache: {}", str, bool);
            return bool.booleanValue();
        }
        HttpRequest build = prepareGetBuilder().uri(URI.create(this.tigaseHttpApiBaseUrl + "rest/user/" + str)).header("Authorization", this.adminCredentials.getBasicAuthenticationHeader()).build();
        logger.trace("Verifying user {} existence; request: {}, r.headers: {}", new Object[]{str, build.toString(), build.headers()});
        return doRequestAndStoreInCache(build, str, this.containsUserCache);
    }
}
