package org.eclipse.hono.deviceregistry.file;

import com.google.common.base.MoreObjects;
import io.opentracing.Span;
import io.opentracing.noop.NoopSpan;
import io.vertx.core.AsyncResult;
import io.vertx.core.CompositeFuture;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Promise;
import io.vertx.core.json.JsonObject;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import org.eclipse.hono.service.management.Id;
import org.eclipse.hono.service.management.OperationResult;
import org.eclipse.hono.service.management.Result;
import org.eclipse.hono.service.management.credentials.CommonCredential;
import org.eclipse.hono.service.management.device.AutoProvisioningEnabledDeviceBackend;
import org.eclipse.hono.service.management.device.Device;
import org.eclipse.hono.tracing.TracingHelper;
import org.eclipse.hono.util.CredentialsResult;
import org.eclipse.hono.util.RegistrationResult;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Repository;

@ConditionalOnProperty(name = {"hono.app.type"}, havingValue = "file", matchIfMissing = true)
@Repository
@Qualifier("backend")
/* loaded from: input_file:org/eclipse/hono/deviceregistry/file/FileBasedDeviceBackend.class */
public class FileBasedDeviceBackend implements AutoProvisioningEnabledDeviceBackend {
    private final FileBasedRegistrationService registrationService;
    private final FileBasedCredentialsService credentialsService;

    @Autowired
    public FileBasedDeviceBackend(@Qualifier("serviceImpl") FileBasedRegistrationService fileBasedRegistrationService, @Qualifier("serviceImpl") FileBasedCredentialsService fileBasedCredentialsService) {
        this.registrationService = fileBasedRegistrationService;
        this.credentialsService = fileBasedCredentialsService;
    }

    public Future<RegistrationResult> assertRegistration(String str, String str2) {
        return this.registrationService.assertRegistration(str, str2);
    }

    public Future<RegistrationResult> assertRegistration(String str, String str2, String str3) {
        return this.registrationService.assertRegistration(str, str2, str3);
    }

    public Future<OperationResult<Device>> readDevice(String str, String str2, Span span) {
        return this.registrationService.readDevice(str, str2, span);
    }

    public Future<Result<Void>> deleteDevice(String str, String str2, Optional<String> optional, Span span) {
        return this.registrationService.deleteDevice(str, str2, optional, span).compose(result -> {
            if (result.getStatus() != 204) {
                return Future.succeededFuture(result);
            }
            Handler<AsyncResult<Result<Void>>> promise = Promise.promise();
            this.credentialsService.remove(str, str2, span, promise);
            return promise.future().map(result);
        });
    }

    public Future<OperationResult<Id>> createDevice(String str, Optional<String> optional, Device device, Span span) {
        return this.registrationService.createDevice(str, optional, device, span).compose(operationResult -> {
            return operationResult.getStatus() != 201 ? Future.succeededFuture(operationResult) : this.credentialsService.updateCredentials(str, ((Id) operationResult.getPayload()).getId(), Collections.emptyList(), Optional.empty(), span).map(operationResult);
        });
    }

    public Future<OperationResult<Id>> updateDevice(String str, String str2, Device device, Optional<String> optional, Span span) {
        return this.registrationService.updateDevice(str, str2, device, optional, span);
    }

    public final Future<CredentialsResult<JsonObject>> get(String str, String str2, String str3) {
        return this.credentialsService.get(str, str2, str3);
    }

    public Future<CredentialsResult<JsonObject>> get(String str, String str2, String str3, Span span) {
        return this.credentialsService.get(str, str2, str3, span);
    }

    public final Future<CredentialsResult<JsonObject>> get(String str, String str2, String str3, JsonObject jsonObject) {
        return get(str, str2, str3, jsonObject, NoopSpan.INSTANCE);
    }

    public Future<CredentialsResult<JsonObject>> get(String str, String str2, String str3, JsonObject jsonObject, Span span) {
        return this.credentialsService.get(str, str2, str3, jsonObject, span).compose(credentialsResult -> {
            return (credentialsResult.getStatus() == 404 && isAutoProvisioningEnabled(str2, jsonObject)) ? provisionDevice(str, str3, jsonObject, span) : Future.succeededFuture(credentialsResult);
        });
    }

    private Future<CredentialsResult<JsonObject>> provisionDevice(String str, String str2, JsonObject jsonObject, Span span) {
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(jsonObject.getBinary("client-certificate")));
            if (x509Certificate.getSubjectX500Principal().getName("RFC2253").equals(str2)) {
                return provisionDevice(str, x509Certificate, span).compose(operationResult -> {
                    if (!operationResult.isError()) {
                        return getNewCredentials(str, str2, span);
                    }
                    TracingHelper.logError(span, (String) operationResult.getPayload());
                    return Future.succeededFuture(createErrorCredentialsResult(operationResult.getStatus(), (String) operationResult.getPayload()));
                });
            }
            throw new IllegalArgumentException("Subject DN of the client certificate does not match authId");
        } catch (ClassCastException | IllegalArgumentException | CertificateException e) {
            TracingHelper.logError(span, e);
            return Future.succeededFuture(createErrorCredentialsResult(400, e.getMessage()));
        }
    }

    private Future<CredentialsResult<JsonObject>> getNewCredentials(String str, String str2, Span span) {
        return this.credentialsService.get(str, "x509-cert", str2, span).map(credentialsResult -> {
            return credentialsResult.isOk() ? CredentialsResult.from(201, (JsonObject) credentialsResult.getPayload()) : credentialsResult;
        });
    }

    private boolean isAutoProvisioningEnabled(String str, JsonObject jsonObject) {
        return str.equals("x509-cert") && jsonObject != null && jsonObject.containsKey("client-certificate");
    }

    private CredentialsResult<JsonObject> createErrorCredentialsResult(int i, String str) {
        return CredentialsResult.from(i, new JsonObject().put("description", str));
    }

    public Future<OperationResult<Void>> updateCredentials(String str, String str2, List<CommonCredential> list, Optional<String> optional, Span span) {
        return this.credentialsService.updateCredentials(str, str2, list, optional, span);
    }

    public Future<OperationResult<List<CommonCredential>>> readCredentials(String str, String str2, Span span) {
        return this.credentialsService.readCredentials(str, str2, span).compose(operationResult -> {
            return operationResult.getStatus() == 404 ? this.registrationService.readDevice(str, str2, span).map(operationResult -> {
                return operationResult.getStatus() == 200 ? OperationResult.ok(200, Collections.emptyList(), operationResult.getCacheDirective(), operationResult.getResourceVersion()) : operationResult;
            }) : Future.succeededFuture(operationResult);
        });
    }

    Future<?> saveToFile() {
        return CompositeFuture.all(this.registrationService.saveToFile(), this.credentialsService.saveToFile());
    }

    Future<?> loadFromFile() {
        return CompositeFuture.all(this.registrationService.loadRegistrationData(), this.credentialsService.loadCredentials());
    }

    public void clear() {
        this.registrationService.clear();
        this.credentialsService.clear();
    }

    protected MoreObjects.ToStringHelper toStringHelper() {
        return MoreObjects.toStringHelper(this).add("credentialsService", this.credentialsService).add("registrationService", this.registrationService);
    }

    public String toString() {
        return toStringHelper().toString();
    }
}
