package org.eclipse.hono.deviceregistry.file;

import io.opentracing.Span;
import io.vertx.core.Future;
import io.vertx.core.Promise;
import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.json.DecodeException;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Stream;
import javax.security.auth.x500.X500Principal;
import org.eclipse.hono.client.ClientErrorException;
import org.eclipse.hono.deviceregistry.service.tenant.AbstractTenantManagementService;
import org.eclipse.hono.deviceregistry.util.DeviceRegistryUtils;
import org.eclipse.hono.deviceregistry.util.Versioned;
import org.eclipse.hono.service.management.Id;
import org.eclipse.hono.service.management.OperationResult;
import org.eclipse.hono.service.management.Result;
import org.eclipse.hono.service.management.tenant.Tenant;
import org.eclipse.hono.service.management.tenant.TenantManagementService;
import org.eclipse.hono.service.tenant.TenantService;
import org.eclipse.hono.tracing.TracingHelper;
import org.eclipse.hono.util.Lifecycle;
import org.eclipse.hono.util.TenantResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:org/eclipse/hono/deviceregistry/file/FileBasedTenantService.class */
public final class FileBasedTenantService extends AbstractTenantManagementService implements TenantService, TenantManagementService, Lifecycle {
    private static final Logger LOG = LoggerFactory.getLogger(FileBasedTenantService.class);
    private final ConcurrentMap<String, Versioned<Tenant>> tenants;
    private AtomicBoolean running;
    private AtomicBoolean dirty;
    private FileBasedTenantsConfigProperties config;

    @Autowired
    public FileBasedTenantService(Vertx vertx) {
        super(vertx);
        this.tenants = new ConcurrentHashMap();
        this.running = new AtomicBoolean(false);
        this.dirty = new AtomicBoolean(false);
    }

    @Autowired
    public void setConfig(FileBasedTenantsConfigProperties fileBasedTenantsConfigProperties) {
        this.config = fileBasedTenantsConfigProperties;
    }

    protected FileBasedTenantsConfigProperties getConfig() {
        return this.config;
    }

    public Future<Void> start() {
        Promise promise = Promise.promise();
        if (this.running.compareAndSet(false, true)) {
            if (!getConfig().isModificationEnabled()) {
                LOG.info("modification of registered tenants has been disabled");
            }
            if (getConfig().getFilename() == null) {
                LOG.debug("tenant file name is not set, tenant information will not be loaded");
                promise.complete();
            } else {
                checkFileExists(getConfig().isSaveToFile()).compose(r3 -> {
                    return loadTenantData();
                }).onSuccess(r6 -> {
                    if (!getConfig().isSaveToFile()) {
                        LOG.info("persistence is disabled, will not save tenants to file");
                    } else {
                        LOG.info("saving tenants to file every 3 seconds");
                        this.vertx.setPeriodic(3000L, l -> {
                            saveToFile();
                        });
                    }
                }).onFailure(th -> {
                    LOG.error("failed to start up service", th);
                    this.running.set(false);
                }).onComplete(promise);
            }
        } else {
            promise.complete();
        }
        return promise.future();
    }

    Future<Void> loadTenantData() {
        if (getConfig().getFilename() == null || getConfig().isStartEmpty()) {
            LOG.info("Either filename is null or empty start is set, won't load any tenants");
            return Future.succeededFuture();
        }
        Promise promise = Promise.promise();
        this.vertx.fileSystem().readFile(getConfig().getFilename(), promise);
        return promise.future().compose(buffer -> {
            return addAll(buffer);
        }).recover(th -> {
            LOG.debug("cannot load tenants from file [{}]: {}", getConfig().getFilename(), th.getMessage());
            return Future.succeededFuture();
        });
    }

    private Future<Void> checkFileExists(boolean z) {
        Promise promise = Promise.promise();
        if (getConfig().getFilename() == null) {
            promise.fail("no filename set");
        } else if (this.vertx.fileSystem().existsBlocking(getConfig().getFilename())) {
            promise.complete();
        } else if (z) {
            this.vertx.fileSystem().createFile(getConfig().getFilename(), promise);
        } else {
            LOG.debug("no such file [{}]", getConfig().getFilename());
            promise.complete();
        }
        return promise.future();
    }

    private Future<Void> addAll(Buffer buffer) {
        Promise promise = Promise.promise();
        try {
            if (buffer.length() > 0) {
                AtomicInteger atomicInteger = new AtomicInteger();
                Stream stream = buffer.toJsonArray().stream();
                Class<JsonObject> cls = JsonObject.class;
                Objects.requireNonNull(JsonObject.class);
                Stream filter = stream.filter(cls::isInstance);
                Class<JsonObject> cls2 = JsonObject.class;
                Objects.requireNonNull(JsonObject.class);
                filter.map(cls2::cast).forEach(jsonObject -> {
                    try {
                        addTenant(jsonObject);
                        atomicInteger.incrementAndGet();
                    } catch (ClassCastException | IllegalArgumentException e) {
                        LOG.warn("cannot deserialize tenant", e);
                    }
                });
                LOG.info("successfully loaded {} tenants from file [{}]", Integer.valueOf(atomicInteger.get()), getConfig().getFilename());
            }
            promise.complete();
        } catch (DecodeException e) {
            LOG.warn("cannot read malformed JSON from tenants file [{}]", getConfig().getFilename());
            promise.fail(e);
        }
        return promise.future();
    }

    private void addTenant(JsonObject jsonObject) {
        Optional ofNullable = Optional.ofNullable(jsonObject.getValue("trusted-ca"));
        Class<JsonObject> cls = JsonObject.class;
        Objects.requireNonNull(JsonObject.class);
        Optional filter = ofNullable.filter(cls::isInstance);
        Class<JsonObject> cls2 = JsonObject.class;
        Objects.requireNonNull(JsonObject.class);
        filter.map(cls2::cast).ifPresent(jsonObject2 -> {
            jsonObject.put("trusted-ca", new JsonArray().add(jsonObject2));
        });
        Optional ofNullable2 = Optional.ofNullable(jsonObject.remove("tenant-id"));
        Class<String> cls3 = String.class;
        Objects.requireNonNull(String.class);
        Optional filter2 = ofNullable2.filter(cls3::isInstance);
        Class<String> cls4 = String.class;
        Objects.requireNonNull(String.class);
        String str = (String) filter2.map(cls4::cast).orElseThrow(() -> {
            return new IllegalArgumentException("tenant has no tenant-id property");
        });
        Versioned<Tenant> versioned = new Versioned<>((Tenant) jsonObject.mapTo(Tenant.class));
        LOG.debug("loading tenant [{}]", str);
        this.tenants.put(str, versioned);
    }

    public Future<Void> stop() {
        Promise promise = Promise.promise();
        if (this.running.compareAndSet(true, false)) {
            saveToFile().onComplete(promise);
        } else {
            promise.complete();
        }
        return promise.future();
    }

    Future<Void> saveToFile() {
        Promise promise = Promise.promise();
        if (!getConfig().isSaveToFile()) {
            promise.complete();
        } else if (this.dirty.get()) {
            checkFileExists(true).compose(r6 -> {
                JsonArray jsonArray = new JsonArray();
                this.tenants.forEach((str, versioned) -> {
                    JsonObject mapFrom = JsonObject.mapFrom(versioned.getValue());
                    mapFrom.put("tenant-id", str);
                    jsonArray.add(mapFrom);
                });
                Promise promise2 = Promise.promise();
                this.vertx.fileSystem().writeFile(getConfig().getFilename(), Buffer.buffer(jsonArray.encodePrettily()), promise2);
                return promise2.future().map(jsonArray);
            }).map(jsonArray -> {
                this.dirty.set(false);
                LOG.trace("successfully wrote {} tenants to file {}", Integer.valueOf(jsonArray.size()), getConfig().getFilename());
                return (Void) null;
            }).onFailure(th -> {
                LOG.warn("could not write tenants to file {}", getConfig().getFilename(), th);
            }).onComplete(promise);
        } else {
            LOG.trace("tenants registry does not need to be persisted");
            promise.complete();
        }
        return promise.future();
    }

    public Future<TenantResult<JsonObject>> get(String str) {
        return get(str, (Span) null);
    }

    public Future<TenantResult<JsonObject>> get(String str, Span span) {
        return Future.succeededFuture(getTenantObjectResult(str, span));
    }

    TenantResult<JsonObject> getTenantObjectResult(String str, Span span) {
        LOG.debug("reading tenant info [id: {}]", str);
        Versioned<Tenant> versioned = this.tenants.get(str);
        if (versioned != null) {
            return TenantResult.from(200, DeviceRegistryUtils.convertTenant(str, (Tenant) versioned.getValue(), true), DeviceRegistryUtils.getCacheDirective(this.config.getCacheMaxAge()));
        }
        TracingHelper.logError(span, "tenant not found");
        return TenantResult.from(404);
    }

    public Future<TenantResult<JsonObject>> get(X500Principal x500Principal) {
        Objects.requireNonNull(x500Principal);
        return Future.succeededFuture(getForCertificateAuthority(x500Principal, null));
    }

    protected Future<OperationResult<Tenant>> processReadTenant(String str, Span span) {
        Objects.requireNonNull(str);
        Versioned<Tenant> versioned = this.tenants.get(str);
        if (versioned != null) {
            return Future.succeededFuture(OperationResult.ok(200, (Tenant) versioned.getValue(), Optional.ofNullable(DeviceRegistryUtils.getCacheDirective(this.config.getCacheMaxAge())), Optional.ofNullable(versioned.getVersion())));
        }
        TracingHelper.logError(span, "Tenant not found");
        return Future.failedFuture(new ClientErrorException(str, 404, "no such tenant"));
    }

    public Future<TenantResult<JsonObject>> get(X500Principal x500Principal, Span span) {
        Objects.requireNonNull(x500Principal);
        return Future.succeededFuture(getForCertificateAuthority(x500Principal, span));
    }

    private TenantResult<JsonObject> getForCertificateAuthority(X500Principal x500Principal, Span span) {
        if (x500Principal == null) {
            TracingHelper.logError(span, "missing subject DN");
            return TenantResult.from(400);
        }
        Map.Entry<String, Versioned<Tenant>> byCa = getByCa(x500Principal);
        if (byCa != null) {
            return TenantResult.from(200, DeviceRegistryUtils.convertTenant(byCa.getKey(), (Tenant) byCa.getValue().getValue(), true), DeviceRegistryUtils.getCacheDirective(this.config.getCacheMaxAge()));
        }
        TracingHelper.logError(span, "no tenant found for subject DN");
        return TenantResult.from(404);
    }

    protected Future<Result<Void>> processDeleteTenant(String str, Optional<String> optional, Span span) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(optional);
        if (!getConfig().isModificationEnabled()) {
            TracingHelper.logError(span, "Modification is disabled for Tenant Service");
            return Future.failedFuture(new ClientErrorException(str, 403, "modification of registry data is not supported"));
        }
        if (!this.tenants.containsKey(str)) {
            TracingHelper.logError(span, "Tenant not found.");
            return Future.failedFuture(new ClientErrorException(str, 404, "no such tenant"));
        }
        if (!checkResourceVersion(optional, this.tenants.get(str).getVersion())) {
            TracingHelper.logError(span, "Resource Version mismatch.");
            return Future.failedFuture(new ClientErrorException(str, 412, "resource Version mismatch"));
        }
        this.tenants.remove(str);
        this.dirty.set(true);
        return Future.succeededFuture(Result.from(204));
    }

    protected Future<OperationResult<Id>> processCreateTenant(String str, Tenant tenant, Span span) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(tenant);
        Objects.requireNonNull(span);
        if (this.tenants.containsKey(str)) {
            TracingHelper.logError(span, "Conflict: tenantId already exists");
            return Future.failedFuture(new ClientErrorException(str, 409, "tenantId already exists"));
        }
        try {
            if (LOG.isTraceEnabled()) {
                LOG.trace("adding tenant [id: {}]: {}", str, JsonObject.mapFrom(tenant).encodePrettily());
            }
            if (tenant.getTrustedCertificateAuthoritySubjectDNs().stream().anyMatch(x500Principal -> {
                return getByCa(x500Principal) != null;
            })) {
                TracingHelper.logError(span, "Conflict: CA already used by an existing tenant");
                return Future.failedFuture(new ClientErrorException(str, 409, "CA already used by an existing tenant"));
            }
            Versioned<Tenant> versioned = new Versioned<>(tenant);
            this.tenants.put(str, versioned);
            this.dirty.set(true);
            return Future.succeededFuture(OperationResult.ok(201, Id.of(str), Optional.empty(), Optional.of(versioned.getVersion())));
        } catch (IllegalArgumentException e) {
            LOG.debug("error parsing payload of add tenant request", e);
            TracingHelper.logError(span, e);
            return Future.failedFuture(new ClientErrorException(str, 400, "invalid tenant payload"));
        }
    }

    protected Future<OperationResult<Void>> processUpdateTenant(String str, Tenant tenant, Optional<String> optional, Span span) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(tenant);
        Objects.requireNonNull(optional);
        Objects.requireNonNull(span);
        if (!getConfig().isModificationEnabled()) {
            TracingHelper.logError(span, "Modification disabled for Tenant Service.");
            return Future.failedFuture(new ClientErrorException(str, 403, "modification of registry data is not supported"));
        }
        if (!this.tenants.containsKey(str)) {
            TracingHelper.logError(span, "Tenant not found.");
            return Future.failedFuture(new ClientErrorException(str, 404, "no such tenant"));
        }
        try {
            Map.Entry entry = (Map.Entry) tenant.getTrustedCertificateAuthoritySubjectDNs().stream().map(x500Principal -> {
                return getByCa(x500Principal);
            }).filter(entry2 -> {
                return entry2 != null;
            }).findFirst().orElse(null);
            if (entry != null && !str.equals(entry.getKey())) {
                TracingHelper.logError(span, "Conflict: CA already used by an existing tenant");
                return Future.failedFuture(new ClientErrorException(str, 409, "CA already used by an existing tenant"));
            }
            Versioned<Tenant> update = this.tenants.get(str).update(optional, () -> {
                return tenant;
            });
            if (update == null) {
                TracingHelper.logError(span, "Resource Version mismatch.");
                return Future.failedFuture(new ClientErrorException(str, 412, "resource version mismatch"));
            }
            this.tenants.put(str, update);
            this.dirty.set(true);
            return Future.succeededFuture(OperationResult.ok(204, (Object) null, Optional.empty(), Optional.of(update.getVersion())));
        } catch (IllegalArgumentException e) {
            TracingHelper.logError(span, e);
            return Future.failedFuture(new ClientErrorException(str, 400));
        }
    }

    private Map.Entry<String, Versioned<Tenant>> getByCa(X500Principal x500Principal) {
        if (x500Principal == null) {
            return null;
        }
        return this.tenants.entrySet().stream().filter(entry -> {
            return ((Tenant) ((Versioned) entry.getValue()).getValue()).hasTrustedCertificateAuthoritySubjectDN(x500Principal);
        }).findFirst().orElse(null);
    }

    public void clear() {
        this.tenants.clear();
        this.dirty.set(true);
    }

    public String toString() {
        return String.format("%s[filename=%s]", FileBasedTenantService.class.getSimpleName(), getConfig().getFilename());
    }

    private boolean checkResourceVersion(Optional<String> optional, String str) {
        return str.equals(optional.orElse(str));
    }
}
