package org.nhindirect.config.resources;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import org.apache.commons.lang3.StringUtils;
import org.nhindirect.common.cert.Thumbprint;
import org.nhindirect.common.crypto.KeyStoreProtectionManager;
import org.nhindirect.config.model.Certificate;
import org.nhindirect.config.model.utils.CertUtils;
import org.nhindirect.config.repository.CertificateRepository;
import org.nhindirect.config.resources.util.EntityModelConversion;
import org.nhindirect.config.store.util.CertificateUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.server.ResponseStatusException;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@RequestMapping({"certificate"})
@RestController
/* loaded from: input_file:org/nhindirect/config/resources/CertificateResource.class */
public class CertificateResource extends ProtectedResource {
    private static final Logger log = LoggerFactory.getLogger(CertificateResource.class);
    protected CertificateRepository certRepo;
    private KeyStoreProtectionManager kspMgr;

    @Autowired
    public void setCertificateRepository(CertificateRepository certificateRepository) {
        this.certRepo = certificateRepository;
    }

    @Autowired(required = false)
    public void setKeyStoreProtectionMgr(KeyStoreProtectionManager keyStoreProtectionManager) {
        this.kspMgr = keyStoreProtectionManager;
    }

    @GetMapping(produces = {"application/json"})
    public Flux<Certificate> getAllCertificates() {
        return getCertificatesByOwner(null);
    }

    @GetMapping(value = {"/{owner}"}, produces = {"application/json"})
    public Flux<Certificate> getCertificatesByOwner(@PathVariable("owner") String str) {
        return (StringUtils.isEmpty(str) ? this.certRepo.findAll() : this.certRepo.findByOwnerIgnoreCase(str)).map(certificate -> {
            CertificateUtils.stripP12Protection(certificate, this.kspMgr);
            return EntityModelConversion.toModelCertificate(certificate);
        }).onErrorResume(th -> {
            log.error("Error looking up certificates.", th);
            return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
        });
    }

    @GetMapping(value = {"/{owner}/{thumbprint}"}, produces = {"application/json"})
    public Mono<?> getCertificatesByOwnerAndThumbprint(@PathVariable("owner") String str, @PathVariable("thumbprint") String str2) {
        return ((StringUtils.isEmpty(str) && StringUtils.isEmpty(str2)) ? this.certRepo.findAll().collectList() : (StringUtils.isEmpty(str) || !StringUtils.isEmpty(str2)) ? (!StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) ? this.certRepo.findByThumbprint(str2).filter(certificate -> {
            return certificate.getOwner().equalsIgnoreCase(str);
        }).collectList() : this.certRepo.findByThumbprint(str2).collectList() : this.certRepo.findByOwnerIgnoreCase(str).collectList()).switchIfEmpty(Mono.just(Collections.emptyList())).flatMap(list -> {
            if (list.isEmpty()) {
                return Mono.empty();
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                CertificateUtils.stripP12Protection((org.nhindirect.config.store.Certificate) it.next(), this.kspMgr);
            }
            return Mono.just(EntityModelConversion.toModelCertificate((org.nhindirect.config.store.Certificate) list.iterator().next()));
        }).onErrorResume(th -> {
            log.error("Error looking up certificates.", th);
            return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
        });
    }

    @PutMapping(consumes = {"application/json"})
    @ResponseStatus(HttpStatus.CREATED)
    public Mono<Void> addCertificate(@RequestBody Certificate certificate) {
        String owner;
        CertUtils.CertContainer certContainer = CertUtils.toCertContainer(certificate.getData());
        if ((certificate.getOwner() == null || certificate.getOwner().isEmpty()) && certContainer != null && certContainer.getCert() != null && (owner = CertUtils.getOwner(certContainer.getCert())) != null && !owner.isEmpty()) {
            certificate.setOwner(owner);
        }
        try {
            return this.certRepo.findByOwnerIgnoreCaseAndThumbprint(certificate.getOwner(), Thumbprint.toThumbprint(certContainer.getCert()).toString()).switchIfEmpty(Mono.just(new org.nhindirect.config.store.Certificate())).flatMap(certificate2 -> {
                if (certificate2.getData() != null) {
                    log.error("Certificate already exists");
                    return Mono.error(new ResponseStatusException(HttpStatus.CONFLICT));
                }
                try {
                    org.nhindirect.config.store.Certificate applyCertRepositoryAttributes = CertificateUtils.applyCertRepositoryAttributes(EntityModelConversion.toEntityCertificate(certificate), this.kspMgr);
                    applyCertRepositoryAttributes.setId((Long) null);
                    return this.certRepo.save(applyCertRepositoryAttributes).then().onErrorResume(th -> {
                        log.error("Error adding certificate.", th);
                        return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
                    });
                } catch (Exception e) {
                    log.error("Error adding certificate.", e);
                    return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
                }
            });
        } catch (Exception e) {
            log.error("Error adding certificate.", e);
            return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
        }
    }

    @DeleteMapping({"ids/{ids}"})
    public Mono<Void> removeCertificatesByIds(@PathVariable("ids") String str) {
        String[] split = str.split(",");
        ArrayList arrayList = new ArrayList();
        for (String str2 : split) {
            arrayList.add(Long.valueOf(Long.parseLong(str2)));
        }
        return this.certRepo.deleteByIdIn(arrayList).onErrorResume(th -> {
            log.error("Error removing anchors by ids.", th);
            return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
        });
    }

    @DeleteMapping({"{owner}"})
    public Mono<Void> removeCertificatesByOwner(@PathVariable("owner") String str) {
        return this.certRepo.deleteByOwnerIgnoreCase(str).onErrorResume(th -> {
            log.error("Error removing certificates by owner.", th);
            return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
        });
    }
}
