package org.eclipse.hono.deviceregistry;

import io.opentracing.Span;
import io.vertx.core.AbstractVerticle;
import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.json.DecodeException;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import java.time.Instant;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import org.eclipse.hono.service.management.Id;
import org.eclipse.hono.service.management.OperationResult;
import org.eclipse.hono.service.management.Result;
import org.eclipse.hono.service.management.tenant.Tenant;
import org.eclipse.hono.service.management.tenant.TenantManagementService;
import org.eclipse.hono.service.tenant.TenantService;
import org.eclipse.hono.tracing.TracingHelper;
import org.eclipse.hono.util.CacheDirective;
import org.eclipse.hono.util.TenantObject;
import org.eclipse.hono.util.TenantResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;

@ConditionalOnProperty(name = {"hono.app.type"}, havingValue = "file", matchIfMissing = true)
@Component
@Qualifier("serviceImpl")
/* loaded from: input_file:org/eclipse/hono/deviceregistry/FileBasedTenantService.class */
public final class FileBasedTenantService extends AbstractVerticle implements TenantService, TenantManagementService {
    private static final Logger log = LoggerFactory.getLogger(FileBasedTenantService.class);
    private final Map<String, Versioned<Tenant>> tenants = new HashMap();
    private boolean running = false;
    private boolean dirty = false;
    private FileBasedTenantsConfigProperties config;

    @Autowired
    public void setConfig(FileBasedTenantsConfigProperties fileBasedTenantsConfigProperties) {
        this.config = fileBasedTenantsConfigProperties;
    }

    protected FileBasedTenantsConfigProperties getConfig() {
        return this.config;
    }

    public void start(Future<Void> future) {
        if (this.running) {
            future.complete();
            return;
        }
        if (!getConfig().isModificationEnabled()) {
            log.info("modification of registered tenants has been disabled");
        }
        if (getConfig().getFilename() != null) {
            checkFileExists(getConfig().isSaveToFile()).compose(r3 -> {
                return loadTenantData();
            }).compose(r7 -> {
                if (getConfig().isSaveToFile()) {
                    log.info("saving tenants to file every 3 seconds");
                    this.vertx.setPeriodic(3000L, l -> {
                        saveToFile();
                    });
                } else {
                    log.info("persistence is disabled, will not save tenants to file");
                }
                this.running = true;
                future.complete();
            }, future);
            return;
        }
        log.debug("tenant file name is not set, tenant information will not be loaded");
        this.running = true;
        future.complete();
    }

    Future<Void> loadTenantData() {
        if (getConfig().getFilename() == null || getConfig().isStartEmpty()) {
            log.info("Either filename is null or empty start is set, won't load any tenants");
            return Future.succeededFuture();
        }
        Future future = Future.future();
        this.vertx.fileSystem().readFile(getConfig().getFilename(), future);
        return future.compose(buffer -> {
            return addAll(buffer);
        }).recover(th -> {
            log.debug("cannot load tenants from file [{}]: {}", getConfig().getFilename(), th.getMessage());
            return Future.succeededFuture();
        });
    }

    private Future<Void> checkFileExists(boolean z) {
        Future<Void> future = Future.future();
        if (getConfig().getFilename() == null) {
            future.fail("no filename set");
        } else if (this.vertx.fileSystem().existsBlocking(getConfig().getFilename())) {
            future.complete();
        } else if (z) {
            this.vertx.fileSystem().createFile(getConfig().getFilename(), future);
        } else {
            log.debug("no such file [{}]", getConfig().getFilename());
            future.complete();
        }
        return future;
    }

    private Future<Void> addAll(Buffer buffer) {
        Future<Void> future = Future.future();
        try {
            if (buffer.length() > 0) {
                int i = 0;
                Iterator it = buffer.toJsonArray().iterator();
                while (it.hasNext()) {
                    Object next = it.next();
                    if (JsonObject.class.isInstance(next)) {
                        i++;
                        addTenant((JsonObject) next);
                    }
                }
                log.info("successfully loaded {} tenants from file [{}]", Integer.valueOf(i), getConfig().getFilename());
            }
            future.complete();
        } catch (DecodeException e) {
            log.warn("cannot read malformed JSON from tenants file [{}]", getConfig().getFilename());
            future.fail(e);
        }
        return future;
    }

    private void addTenant(JsonObject jsonObject) {
        try {
            Object value = jsonObject.getValue("trusted-ca");
            if (value instanceof JsonObject) {
                jsonObject.put("trusted-ca", new JsonArray().add(value));
            }
            String string = jsonObject.getString("tenant-id");
            Versioned<Tenant> versioned = new Versioned<>((Tenant) jsonObject.mapTo(Tenant.class));
            log.debug("loading tenant [{}]", string);
            this.tenants.put(string, versioned);
        } catch (ClassCastException | IllegalArgumentException e) {
            log.warn("cannot deserialize tenant", e);
        }
    }

    public void stop(Future<Void> future) {
        if (this.running) {
            saveToFile().compose(r5 -> {
                this.running = false;
                future.complete();
            }, future);
        } else {
            future.complete();
        }
    }

    Future<Void> saveToFile() {
        if (!getConfig().isSaveToFile()) {
            return Future.succeededFuture();
        }
        if (this.dirty) {
            return checkFileExists(true).compose(r6 -> {
                JsonArray jsonArray = new JsonArray();
                this.tenants.forEach((str, versioned) -> {
                    JsonObject mapFrom = JsonObject.mapFrom(versioned.getValue());
                    mapFrom.put("tenant-id", str);
                    jsonArray.add(mapFrom);
                });
                Future future = Future.future();
                this.vertx.fileSystem().writeFile(getConfig().getFilename(), Buffer.factory.buffer(jsonArray.encodePrettily()), future);
                return future.map(r7 -> {
                    this.dirty = false;
                    log.trace("successfully wrote {} tenants to file {}", Integer.valueOf(jsonArray.size()), getConfig().getFilename());
                    return (Void) null;
                }).otherwise(th -> {
                    log.warn("could not write tenants to file {}", getConfig().getFilename(), th);
                    return (Void) null;
                });
            });
        }
        log.trace("tenants registry does not need to be persisted");
        return Future.succeededFuture();
    }

    public void get(String str, Handler<AsyncResult<TenantResult<JsonObject>>> handler) {
        get(str, (Span) null, handler);
    }

    public void get(String str, Span span, Handler<AsyncResult<TenantResult<JsonObject>>> handler) {
        handler.handle(Future.succeededFuture(getTenantObjectResult(str, span)));
    }

    public void get(X500Principal x500Principal, Handler<AsyncResult<TenantResult<JsonObject>>> handler) {
        Objects.requireNonNull(x500Principal);
        Objects.requireNonNull(handler);
        handler.handle(Future.succeededFuture(getForCertificateAuthority(x500Principal, null)));
    }

    public void read(String str, Span span, Handler<AsyncResult<OperationResult<Tenant>>> handler) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(handler);
        handler.handle(Future.succeededFuture(getTenantResult(str, span)));
    }

    OperationResult<Tenant> getTenantResult(String str, Span span) {
        Versioned<Tenant> versioned = this.tenants.get(str);
        if (versioned != null) {
            return OperationResult.ok(200, versioned.getValue(), Optional.ofNullable(getCacheDirective()), Optional.ofNullable(versioned.getVersion()));
        }
        TracingHelper.logError(span, "Tenant not found");
        return OperationResult.empty(404);
    }

    TenantResult<JsonObject> getTenantObjectResult(String str, Span span) {
        Versioned<Tenant> versioned = this.tenants.get(str);
        if (versioned != null) {
            return TenantResult.from(200, convertTenant(str, versioned.getValue(), true), getCacheDirective());
        }
        TracingHelper.logError(span, "tenant not found");
        return TenantResult.from(404);
    }

    public void get(X500Principal x500Principal, Span span, Handler<AsyncResult<TenantResult<JsonObject>>> handler) {
        Objects.requireNonNull(x500Principal);
        Objects.requireNonNull(handler);
        handler.handle(Future.succeededFuture(getForCertificateAuthority(x500Principal, span)));
    }

    private TenantResult<JsonObject> getForCertificateAuthority(X500Principal x500Principal, Span span) {
        if (x500Principal == null) {
            TracingHelper.logError(span, "missing subject DN");
            return TenantResult.from(400);
        }
        Map.Entry<String, Versioned<Tenant>> byCa = getByCa(x500Principal);
        if (byCa != null) {
            return TenantResult.from(200, convertTenant(byCa.getKey(), byCa.getValue().getValue(), true), getCacheDirective());
        }
        TracingHelper.logError(span, "no tenant found for subject DN");
        return TenantResult.from(404);
    }

    public void remove(String str, Optional<String> optional, Span span, Handler<AsyncResult<Result<Void>>> handler) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(handler);
        Objects.requireNonNull(optional);
        handler.handle(Future.succeededFuture(removeTenant(str, optional, span)));
    }

    Result<Void> removeTenant(String str, Optional<String> optional, Span span) {
        Objects.requireNonNull(str);
        if (!getConfig().isModificationEnabled()) {
            TracingHelper.logError(span, "Modification is disabled for Tenant Service");
            return Result.from(403);
        }
        if (!this.tenants.containsKey(str)) {
            TracingHelper.logError(span, "Tenant not found.");
            return Result.from(404);
        }
        if (!checkResourceVersion(optional, this.tenants.get(str).getVersion())) {
            TracingHelper.logError(span, "Resource Version mismatch.");
            return Result.from(412);
        }
        this.tenants.remove(str);
        this.dirty = true;
        return Result.from(204);
    }

    public void add(Optional<String> optional, JsonObject jsonObject, Span span, Handler<AsyncResult<OperationResult<Id>>> handler) {
        Objects.requireNonNull(optional);
        Objects.requireNonNull(jsonObject);
        Objects.requireNonNull(handler);
        handler.handle(Future.succeededFuture(add(optional.orElseGet(this::generateTenantId), jsonObject, span)));
    }

    private OperationResult<Id> add(String str, JsonObject jsonObject, Span span) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(jsonObject);
        if (this.tenants.containsKey(str)) {
            TracingHelper.logError(span, "Conflict : tenantId already exists.");
            return OperationResult.empty(409);
        }
        try {
            if (log.isTraceEnabled()) {
                log.trace("adding tenant [id: {}]: {}", str, jsonObject.encodePrettily());
            }
            Tenant tenant = (Tenant) jsonObject.mapTo(Tenant.class);
            if (tenant.getTrustedCertificateAuthoritySubjectDNs().stream().anyMatch(x500Principal -> {
                return getByCa(x500Principal) != null;
            })) {
                TracingHelper.logError(span, "Conflict : CA already used by an existing tenant.");
                return OperationResult.empty(409);
            }
            Versioned<Tenant> versioned = new Versioned<>(tenant);
            this.tenants.put(str, versioned);
            this.dirty = true;
            return OperationResult.ok(201, Id.of(str), Optional.empty(), Optional.of(versioned.getVersion()));
        } catch (IllegalArgumentException e) {
            log.debug("error parsing payload of add tenant request", e);
            TracingHelper.logError(span, e);
            return OperationResult.empty(400);
        }
    }

    public void update(String str, JsonObject jsonObject, Optional<String> optional, Span span, Handler<AsyncResult<OperationResult<Void>>> handler) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(jsonObject);
        Objects.requireNonNull(handler);
        handler.handle(Future.succeededFuture(update(str, jsonObject, optional, span)));
    }

    public OperationResult<Void> update(String str, JsonObject jsonObject, Optional<String> optional, Span span) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(jsonObject);
        if (!getConfig().isModificationEnabled()) {
            TracingHelper.logError(span, "Modification disabled for Tenant Service.");
            return OperationResult.empty(403);
        }
        if (!this.tenants.containsKey(str)) {
            TracingHelper.logError(span, "Tenant not found.");
            return OperationResult.empty(404);
        }
        try {
            Tenant tenant = (Tenant) jsonObject.mapTo(Tenant.class);
            Map.Entry entry = (Map.Entry) tenant.getTrustedCertificateAuthoritySubjectDNs().stream().map(x500Principal -> {
                return getByCa(x500Principal);
            }).filter(entry2 -> {
                return entry2 != null;
            }).findFirst().orElse(null);
            if (entry != null && !str.equals(entry.getKey())) {
                TracingHelper.logError(span, "Conflict : CA already used by an existing tenant.");
                return OperationResult.empty(409);
            }
            Versioned<Tenant> update = this.tenants.get(str).update(optional, () -> {
                return tenant;
            });
            if (update == null) {
                TracingHelper.logError(span, "Resource Version mismatch.");
                return OperationResult.empty(412);
            }
            this.tenants.put(str, update);
            this.dirty = true;
            return OperationResult.ok(204, (Object) null, Optional.empty(), Optional.of(update.getVersion()));
        } catch (IllegalArgumentException e) {
            TracingHelper.logError(span, e);
            return OperationResult.empty(400);
        }
    }

    static JsonObject convertTenant(String str, Tenant tenant) {
        return convertTenant(str, tenant, false);
    }

    static JsonObject convertTenant(String str, Tenant tenant, boolean z) {
        Instant now = Instant.now();
        Objects.requireNonNull(str);
        Objects.requireNonNull(tenant);
        TenantObject from = TenantObject.from(str, (Boolean) Optional.ofNullable(tenant.isEnabled()).orElse(true));
        from.setResourceLimits(tenant.getResourceLimits());
        from.setTracingConfig(tenant.getTracing());
        Optional.ofNullable(tenant.getMinimumMessageSize()).ifPresent(num -> {
            from.setMinimumMessageSize(num.intValue());
        });
        Optional.ofNullable(tenant.getDefaults()).map(JsonObject::new).ifPresent(jsonObject -> {
            from.setDefaults(jsonObject);
        });
        Optional.ofNullable(tenant.getAdapters()).filter(list -> {
            return !list.isEmpty();
        }).map(list2 -> {
            return (JsonArray) list2.stream().map(adapter -> {
                return JsonObject.mapFrom(adapter);
            }).collect(JsonArray::new, (v0, v1) -> {
                v0.add(v1);
            }, (v0, v1) -> {
                v0.add(v1);
            });
        }).ifPresent(jsonArray -> {
            from.setAdapterConfigurations(jsonArray);
        });
        Optional.ofNullable(tenant.getExtensions()).map(JsonObject::new).ifPresent(jsonObject2 -> {
            from.setProperty("ext", jsonObject2);
        });
        Optional.ofNullable(tenant.getTrustedCertificateAuthorities()).map(list3 -> {
            return (JsonArray) list3.stream().filter(trustedCertificateAuthority -> {
                if (z) {
                    return (now.isBefore(trustedCertificateAuthority.getNotBefore()) || now.isAfter(trustedCertificateAuthority.getNotAfter())) ? false : true;
                }
                return true;
            }).map(trustedCertificateAuthority2 -> {
                return JsonObject.mapFrom(trustedCertificateAuthority2);
            }).map(jsonObject3 -> {
                jsonObject3.remove("not-before");
                jsonObject3.remove("not-after");
                return jsonObject3;
            }).collect(JsonArray::new, (v0, v1) -> {
                v0.add(v1);
            }, (v0, v1) -> {
                v0.add(v1);
            });
        }).ifPresent(jsonArray2 -> {
            from.setProperty("trusted-ca", jsonArray2);
        });
        return JsonObject.mapFrom(from);
    }

    private Map.Entry<String, Versioned<Tenant>> getByCa(X500Principal x500Principal) {
        if (x500Principal == null) {
            return null;
        }
        return this.tenants.entrySet().stream().filter(entry -> {
            return ((Tenant) ((Versioned) entry.getValue()).getValue()).hasTrustedCertificateAuthoritySubjectDN(x500Principal);
        }).findFirst().orElse(null);
    }

    private CacheDirective getCacheDirective() {
        return getConfig().getCacheMaxAge() > 0 ? CacheDirective.maxAgeDirective(getConfig().getCacheMaxAge()) : CacheDirective.noCacheDirective();
    }

    public void clear() {
        this.tenants.clear();
        this.dirty = true;
    }

    public String toString() {
        return String.format("%s[filename=%s]", FileBasedTenantService.class.getSimpleName(), getConfig().getFilename());
    }

    private String generateTenantId() {
        String uuid;
        do {
            uuid = UUID.randomUUID().toString();
        } while (this.tenants.containsKey(uuid));
        log.debug("Generated tenantID: {}", uuid);
        return uuid;
    }

    private boolean checkResourceVersion(Optional<String> optional, String str) {
        return str.equals(optional.orElse(str));
    }
}
