package com.evolveum.polygon.connector.grouper.rest;

import java.io.IOException;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.regex.Pattern;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.exceptions.ConnectorIOException;
import org.identityconnectors.framework.common.exceptions.InvalidCredentialException;
import org.identityconnectors.framework.common.exceptions.InvalidPasswordException;
import org.identityconnectors.framework.common.exceptions.OperationTimeoutException;
import org.identityconnectors.framework.common.exceptions.PermissionDeniedException;
import org.identityconnectors.framework.common.exceptions.PreconditionFailedException;
import org.identityconnectors.framework.common.exceptions.UnknownUidException;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: input_file:com/evolveum/polygon/connector/grouper/rest/Processor.class */
public class Processor {
    static final Log LOG;
    private static final String CONTENT_TYPE_JSON = "application/json; charset=utf-8";
    static final String J_WS_REST_GET_MEMBERS_REQUEST = "WsRestGetMembersRequest";
    static final String J_WS_REST_FIND_GROUPS_REQUEST = "WsRestFindGroupsRequest";
    static final String J_WS_REST_FIND_STEMS_REQUEST = "WsRestFindStemsRequest";
    static final String J_WS_QUERY_FILTER = "wsQueryFilter";
    static final String J_WS_STEM_QUERY_FILTER = "wsStemQueryFilter";
    static final String J_STEM_QUERY_FILTER_TYPE = "stemQueryFilterType";
    static final String J_INCLUDE_SUBJECT_DETAIL = "includeSubjectDetail";
    static final String J_QUERY_FILTER_TYPE = "queryFilterType";
    static final String J_STEM_NAME = "stemName";
    static final String J_STEM_NAME_SCOPE = "stemNameScope";
    static final String J_GROUP_NAME = "groupName";
    static final String J_WS_FIND_GROUPS_RESULTS = "WsFindGroupsResults";
    static final String J_WS_FIND_STEMS_RESULTS = "WsFindStemsResults";
    static final String J_WS_GET_MEMBERS_RESULTS = "WsGetMembersResults";
    static final String J_RESULTS = "results";
    static final String J_STEM_RESULTS = "stemResults";
    static final String J_GROUP_RESULTS = "groupResults";
    static final String J_WS_GROUP_LOOKUPS = "wsGroupLookups";
    private static final String J_RESULT_METADATA = "resultMetadata";
    private static final String J_SUCCESS = "success";
    static final String J_WS_SUBJECTS = "wsSubjects";
    static final String J_WS_GROUP = "wsGroup";
    static final String J_UUID = "uuid";
    static final String J_NAME = "name";
    static final String J_EXTENSION = "extension";
    static final String J_SOURCE_ID = "sourceId";
    static final String J_ID = "id";
    private static final String VAL_T = "T";
    static final String VAL_FIND_BY_STEM_NAME = "FIND_BY_STEM_NAME";
    static final String VAL_ALL_IN_SUBTREE = "ALL_IN_SUBTREE";
    private static final String URI_BASE_PATH = "/grouper-ws/servicesRest/json/v2_4_000";
    private static final String PATH_GROUPS = "/groups";
    private static final String PATH_STEMS = "/stems";
    GrouperConfiguration configuration;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    public Processor(GrouperConfiguration grouperConfiguration) {
        this.configuration = grouperConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSONObject callRequest(HttpEntityEnclosingRequestBase httpEntityEnclosingRequestBase, JSONObject jSONObject) {
        httpEntityEnclosingRequestBase.addHeader("Content-Type", CONTENT_TYPE_JSON);
        httpEntityEnclosingRequestBase.addHeader("Authorization", "Basic " + getAuthEncoded());
        httpEntityEnclosingRequestBase.setEntity(new ByteArrayEntity(jSONObject.toString().getBytes(StandardCharsets.UTF_8)));
        LOG.info("Payload: {0}", new Object[]{jSONObject});
        try {
            CloseableHttpResponse execute = execute(httpEntityEnclosingRequestBase);
            Throwable th = null;
            try {
                try {
                    LOG.info("Response: {0}", new Object[]{execute});
                    processResponseErrors(execute);
                    String entityUtils = EntityUtils.toString(execute.getEntity());
                    LOG.info("Response body: {0}", new Object[]{entityUtils});
                    JSONObject jSONObject2 = new JSONObject(entityUtils);
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    return jSONObject2;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            String str = "Request failed: problem occurred during execute request with uri: " + httpEntityEnclosingRequestBase.getURI() + ": \n\t" + e.getLocalizedMessage();
            LOG.error("{0}", new Object[]{str});
            throw new ConnectorIOException(str, e);
        }
    }

    private String getAuthEncoded() {
        String username = this.configuration.getUsername();
        String passwordPlain = this.configuration.getPasswordPlain();
        if (username == null || username.equals("")) {
            LOG.error("{0}", new Object[]{"Authentication failed: No user name specified"});
            throw new InvalidCredentialException("Authentication failed: No user name specified");
        }
        if (passwordPlain != null && !passwordPlain.equals("")) {
            return Base64.encodeBase64String((username + ":" + passwordPlain).getBytes());
        }
        LOG.error("{0}", new Object[]{"Authentication failed: No password specified"});
        throw new InvalidPasswordException("Authentication failed: No password specified");
    }

    private CloseableHttpResponse execute(HttpUriRequest httpUriRequest) {
        try {
            HttpClientBuilder create = HttpClientBuilder.create();
            if (Boolean.TRUE.equals(this.configuration.getIgnoreSslValidation())) {
                SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
                sSLContextBuilder.loadTrustMaterial((KeyStore) null, (x509CertificateArr, str) -> {
                    return true;
                });
                create.setSSLSocketFactory(new SSLConnectionSocketFactory(sSLContextBuilder.build(), NoopHostnameVerifier.INSTANCE));
                LOG.warn("Ignoring SSL validation: avoid this in production", new Object[0]);
            }
            CloseableHttpResponse execute = create.build().execute(httpUriRequest);
            LOG.ok("response code: {0}", new Object[]{Integer.valueOf(execute.getStatusLine().getStatusCode())});
            return execute;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            String str2 = "Execution of the request failed: problem occurred during HTTP client execution: \n\t" + e.getLocalizedMessage();
            LOG.error("{0}", new Object[]{str2, e});
            throw new ConnectorIOException(str2);
        }
    }

    private void processResponseErrors(CloseableHttpResponse closeableHttpResponse) {
        int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
        if (statusCode < 200 || statusCode > 299) {
            if (statusCode == 401 || statusCode == 403) {
                closeResponse(closeableHttpResponse);
                String str = "HTTP error " + statusCode + " " + closeableHttpResponse.getStatusLine().getReasonPhrase() + " : Authentication failure.";
                LOG.error("{0}", new Object[]{str});
                throw new InvalidCredentialException(str);
            }
            String str2 = null;
            try {
                str2 = EntityUtils.toString(closeableHttpResponse.getEntity());
            } catch (IOException e) {
                LOG.warn("cannot read response body: {0}", new Object[]{e, e});
            }
            String str3 = "HTTP error " + statusCode + " " + closeableHttpResponse.getStatusLine().getReasonPhrase() + " : " + str2;
            LOG.error("{0}", new Object[]{str3});
            closeResponse(closeableHttpResponse);
            if (statusCode == 400 || statusCode == 405 || statusCode == 406) {
                throw new ConnectorIOException(str3);
            }
            if (statusCode == 402 || statusCode == 407) {
                throw new PermissionDeniedException(str3);
            }
            if (statusCode == 404 || statusCode == 410) {
                throw new UnknownUidException(str3);
            }
            if (statusCode == 408) {
                throw new OperationTimeoutException(str3);
            }
            if (statusCode == 412) {
                throw new PreconditionFailedException(str3);
            }
            if (statusCode != 418) {
                throw new ConnectorException(str3);
            }
            throw new UnsupportedOperationException("Sorry, no coffee: " + str3);
        }
    }

    private void closeResponse(CloseableHttpResponse closeableHttpResponse) {
        try {
            closeableHttpResponse.close();
        } catch (IOException e) {
            LOG.warn("Failed to close response: {0}", new Object[]{closeableHttpResponse, e});
        }
    }

    private URIBuilder getUriBuilderRelative(String str) {
        try {
            URIBuilder uRIBuilder = new URIBuilder(this.configuration.getBaseUrl());
            uRIBuilder.setPath(URI_BASE_PATH + str);
            return uRIBuilder;
        } catch (URISyntaxException e) {
            throw new IllegalStateException(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public URIBuilder getUriBuilderForGroups() {
        return getUriBuilderRelative(PATH_GROUPS);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public URIBuilder getUriBuilderForStems() {
        return getUriBuilderRelative(PATH_STEMS);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkSuccess(JSONObject jSONObject, String str) {
        Object obj = get(jSONObject, str, J_RESULT_METADATA, J_SUCCESS);
        if (!VAL_T.equals(obj)) {
            throw new IllegalStateException("Request was not successful: " + obj);
        }
    }

    public Object getIfExists(JSONObject jSONObject, String... strArr) {
        return get(jSONObject, false, strArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Object get(JSONObject jSONObject, String... strArr) {
        return get(jSONObject, true, strArr);
    }

    private Object get(JSONObject jSONObject, boolean z, String... strArr) {
        if (strArr.length == 0) {
            throw new IllegalArgumentException("Empty item path");
        }
        for (int i = 0; i < strArr.length - 1; i++) {
            if (!jSONObject.has(strArr[i])) {
                if (z) {
                    throw new IllegalStateException("Item " + Arrays.asList(strArr).subList(0, i) + " was not found");
                }
                return null;
            }
            Object obj = jSONObject.get(strArr[i]);
            if (obj instanceof JSONArray) {
                JSONArray jSONArray = (JSONArray) obj;
                if (jSONArray.length() == 0) {
                    if (z) {
                        throw new IllegalStateException("Item " + Arrays.asList(strArr).subList(0, i) + " is an empty array");
                    }
                    return null;
                }
                if (jSONArray.length() > 1) {
                    throw new IllegalStateException("Item " + Arrays.asList(strArr).subList(0, i) + " is a multi-valued array (length: " + jSONArray.length() + ")");
                }
                obj = jSONArray.get(0);
            }
            if (!(obj instanceof JSONObject)) {
                throw new IllegalStateException("Item " + Arrays.asList(strArr).subList(0, i) + " is neither object nor array; it is " + obj.getClass());
            }
            jSONObject = obj;
        }
        String str = strArr[strArr.length - 1];
        if (jSONObject.has(str)) {
            return jSONObject.get(str);
        }
        if (z) {
            throw new IllegalStateException("Item " + Arrays.asList(strArr) + " was not found");
        }
        return null;
    }

    JSONArray getArray(JSONObject jSONObject, String... strArr) {
        return getArray(jSONObject, true, strArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSONArray getArray(JSONObject jSONObject, boolean z, String... strArr) {
        Object obj = get(jSONObject, z, strArr);
        if (obj != null) {
            if (obj instanceof JSONArray) {
                return (JSONArray) obj;
            }
            throw new IllegalStateException("Item " + Arrays.asList(strArr) + " should be an array but it's " + obj.getClass());
        }
        if ($assertionsDisabled || !z) {
            return null;
        }
        throw new AssertionError();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ConnectorException processException(Exception exc, URIBuilder uRIBuilder, String str) {
        String str2 = str + " failed: problem occurred during executing URI: " + uRIBuilder + "\n\t" + exc.getMessage();
        LOG.error("{0}", new Object[]{str2});
        return new ConnectorException(str2, exc);
    }

    public boolean isSuccess(JSONObject jSONObject) {
        return VAL_T.equals(getStringOrNull(jSONObject, J_SUCCESS));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getStringOrNull(JSONObject jSONObject, String str) {
        if (jSONObject.has(str)) {
            return getString(jSONObject, str);
        }
        return null;
    }

    private String getString(JSONObject jSONObject, String str) {
        return (String) get(jSONObject, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean groupNameMatches(String str) {
        if (str == null) {
            return false;
        }
        String[] groupIncludePattern = this.configuration.getGroupIncludePattern();
        return (groupIncludePattern == null || groupIncludePattern.length == 0 || groupNameMatches(str, groupIncludePattern)) && !groupNameMatches(str, this.configuration.getGroupExcludePattern());
    }

    private boolean groupNameMatches(String str, String[] strArr) {
        if (strArr == null) {
            return false;
        }
        for (String str2 : strArr) {
            if (Pattern.compile(str2).matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    static {
        $assertionsDisabled = !Processor.class.desiredAssertionStatus();
        LOG = Log.getLog(GrouperConnector.class);
    }
}
