package org.nhindirect.config.resources;

import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import org.apache.commons.lang3.StringUtils;
import org.nhindirect.config.model.TrustBundle;
import org.nhindirect.config.model.TrustBundleDomainReltn;
import org.nhindirect.config.model.exceptions.CertificateConversionException;
import org.nhindirect.config.model.utils.CertUtils;
import org.nhindirect.config.processor.BundleRefreshProcessor;
import org.nhindirect.config.repository.AddressRepository;
import org.nhindirect.config.repository.DomainRepository;
import org.nhindirect.config.repository.TrustBundleAnchorRepository;
import org.nhindirect.config.repository.TrustBundleDomainReltnRepository;
import org.nhindirect.config.repository.TrustBundleRepository;
import org.nhindirect.config.resources.util.EntityModelConversion;
import org.nhindirect.config.store.Domain;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.server.ResponseStatusException;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@RequestMapping({"trustbundle"})
@RestController
/* loaded from: input_file:org/nhindirect/config/resources/TrustBundleResource.class */
public class TrustBundleResource extends ProtectedResource {
    private static final Logger log = LoggerFactory.getLogger(TrustBundleResource.class);
    protected TrustBundleRepository bundleRepo;
    protected TrustBundleAnchorRepository bundleAnchorRepo;
    protected TrustBundleDomainReltnRepository reltnRepo;
    protected DomainRepository domainRepo;
    protected AddressRepository addRepo;
    protected BundleRefreshProcessor bundleRefreshProcessor;

    @Autowired
    public void setTrustBundleRepository(TrustBundleRepository trustBundleRepository) {
        this.bundleRepo = trustBundleRepository;
    }

    @Autowired
    public void setTrustBundleRepository(TrustBundleAnchorRepository trustBundleAnchorRepository) {
        this.bundleAnchorRepo = trustBundleAnchorRepository;
    }

    @Autowired
    public void setTrustBundleDomainReltnRepository(TrustBundleDomainReltnRepository trustBundleDomainReltnRepository) {
        this.reltnRepo = trustBundleDomainReltnRepository;
    }

    @Autowired
    public void setDomainRepository(DomainRepository domainRepository) {
        this.domainRepo = domainRepository;
    }

    @Autowired
    public void setAddressRepository(AddressRepository addressRepository) {
        this.addRepo = addressRepository;
    }

    @Autowired
    public void setBunldeRefreshProcessor(BundleRefreshProcessor bundleRefreshProcessor) {
        this.bundleRefreshProcessor = bundleRefreshProcessor;
    }

    @GetMapping(produces = {"application/json"})
    public Flux<TrustBundle> getTrustBundles(@RequestParam(name = "fetchAnchors", defaultValue = "true") boolean z) {
        return this.bundleRepo.findAll().flatMap(trustBundle -> {
            return (!z ? Flux.fromIterable(new ArrayList()) : this.bundleAnchorRepo.findByTrustBundleId(trustBundle.getId())).collectList().map(list -> {
                return EntityModelConversion.toModelTrustBundle(trustBundle, list);
            });
        }).onErrorResume(th -> {
            log.error("Error looking up trust bundles", th);
            return Flux.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
        });
    }

    @GetMapping(value = {"domains/bundles/reltns"}, produces = {"application/json"})
    public Flux<TrustBundleDomainReltn> getAllTrustBundleDomainRelts(@RequestParam(name = "fetchAnchors", defaultValue = "true") boolean z) {
        return this.reltnRepo.findAll().flatMap(trustBundleDomainReltn -> {
            return this.bundleRepo.findById(trustBundleDomainReltn.getTrustBundleId()).flatMap(trustBundle -> {
                return (!z ? Flux.fromIterable(new ArrayList()) : this.bundleAnchorRepo.findByTrustBundleId(trustBundle.getId())).collectList().map(list -> {
                    return EntityModelConversion.toModelTrustBundle(trustBundle, list);
                });
            }).flatMap(trustBundle2 -> {
                return this.domainRepo.findById(trustBundleDomainReltn.getDomainId()).map(domain -> {
                    TrustBundleDomainReltn trustBundleDomainReltn = new TrustBundleDomainReltn();
                    trustBundleDomainReltn.setIncoming(trustBundleDomainReltn.isIncoming());
                    trustBundleDomainReltn.setOutgoing(trustBundleDomainReltn.isOutgoing());
                    trustBundleDomainReltn.setDomain(EntityModelConversion.toModelDomain(domain, Collections.emptyList()));
                    trustBundleDomainReltn.setTrustBundle(trustBundle2);
                    return trustBundleDomainReltn;
                });
            });
        }).onErrorResume(th -> {
            log.error("Error looking up trust bundles", th);
            return Flux.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
        });
    }

    @GetMapping(value = {"domains/{domainName}"}, produces = {"application/json"})
    public Flux<TrustBundleDomainReltn> getTrustBundlesByDomain(@PathVariable("domainName") String str, @RequestParam(name = "fetchAnchors", defaultValue = "true") boolean z) {
        return this.domainRepo.findByDomainNameIgnoreCase(str).switchIfEmpty(Mono.just(new Domain())).flatMapMany(domain -> {
            return domain.getDomainName() == null ? Flux.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.reltnRepo.findByDomainId(domain.getId()).flatMap(trustBundleDomainReltn -> {
                return this.bundleRepo.findById(trustBundleDomainReltn.getTrustBundleId()).flatMap(trustBundle -> {
                    return (!z ? Flux.fromIterable(new ArrayList()) : this.bundleAnchorRepo.findByTrustBundleId(trustBundle.getId())).collectList().map(list -> {
                        return EntityModelConversion.toModelTrustBundle(trustBundle, list);
                    });
                }).map(trustBundle2 -> {
                    TrustBundleDomainReltn trustBundleDomainReltn = new TrustBundleDomainReltn();
                    trustBundleDomainReltn.setIncoming(trustBundleDomainReltn.isIncoming());
                    trustBundleDomainReltn.setOutgoing(trustBundleDomainReltn.isOutgoing());
                    trustBundleDomainReltn.setDomain(EntityModelConversion.toModelDomain(domain, Collections.emptyList()));
                    trustBundleDomainReltn.setTrustBundle(trustBundle2);
                    return trustBundleDomainReltn;
                });
            }).onErrorResume(th -> {
                log.error("Error looking up trust bundles", th);
                return Flux.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            });
        });
    }

    @GetMapping(value = {"{bundleName}"}, produces = {"application/json"})
    public Mono<TrustBundle> getTrustBundleByName(@PathVariable("bundleName") String str) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle -> {
            return trustBundle.getBundleName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.bundleAnchorRepo.findByTrustBundleId(trustBundle.getId()).collectList().map(list -> {
                return EntityModelConversion.toModelTrustBundle(trustBundle, list);
            }).onErrorResume(th -> {
                log.error("Error looking up trust bundles", th);
                return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            });
        });
    }

    @PutMapping(consumes = {"application/json"})
    @ResponseStatus(HttpStatus.CREATED)
    public Mono<Void> addTrustBundle(@RequestBody TrustBundle trustBundle) {
        return this.bundleRepo.findByBundleNameIgnoreCase(trustBundle.getBundleName()).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle2 -> {
            if (trustBundle2.getBundleName() != null) {
                return Mono.error(new ResponseStatusException(HttpStatus.CONFLICT));
            }
            org.nhindirect.config.store.TrustBundle key = EntityModelConversion.toEntityTrustBundle(trustBundle).getKey();
            key.setId((Long) null);
            return this.bundleRepo.save(key).flatMap(trustBundle2 -> {
                return this.bundleRefreshProcessor.refreshBundle(trustBundle2).then();
            }).onErrorResume(th -> {
                log.error("Error adding trust bundle", th);
                return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            });
        });
    }

    @PostMapping({"{bundle}/refreshBundle"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public Mono<Void> refreshTrustBundle(@PathVariable("bundle") String str) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle -> {
            return trustBundle.getBundleName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.bundleRefreshProcessor.refreshBundle(trustBundle).then();
        });
    }

    @DeleteMapping({"{bundle}"})
    public Mono<Void> deleteBundle(@PathVariable("bundle") String str) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle -> {
            return trustBundle.getBundleName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.bundleAnchorRepo.deleteByTrustBundleId(trustBundle.getId()).then(this.reltnRepo.deleteByTrustBundleId(trustBundle.getId()).then(this.bundleRepo.deleteById(trustBundle.getId()))).onErrorResume(th -> {
                log.error("Error deleting bundle", th);
                return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            });
        });
    }

    @PostMapping(value = {"{bundle}/signingCert"}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public Mono<Void> updateSigningCert(@PathVariable("bundle") String str, @RequestBody(required = false) byte[] bArr) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle -> {
            if (trustBundle.getBundleName() == null) {
                return Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND));
            }
            try {
                trustBundle.setSigningCertificateData((byte[]) null);
                if (bArr != null && bArr.length > 0) {
                    try {
                        trustBundle.setSigningCertificateData(CertUtils.toX509Certificate(bArr).getEncoded());
                    } catch (CertificateConversionException e) {
                        log.error("Signing certificate is not in a valid format " + str, e);
                        return Mono.error(new ResponseStatusException(HttpStatus.BAD_REQUEST));
                    }
                }
                return this.bundleRepo.save(trustBundle).then().onErrorResume(th -> {
                    log.error("Error updating trust bundle signing certificate.", th);
                    return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
                });
            } catch (Exception e2) {
                log.error("Error geting encoded signing certificate ", e2);
                return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            }
        });
    }

    @PostMapping(value = {"{bundle}/bundleAttributes"}, consumes = {"application/json"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public Mono<Void> updateBundleAttributes(@PathVariable("bundle") String str, @RequestBody TrustBundle trustBundle) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle2 -> {
            if (trustBundle2.getBundleName() == null) {
                return Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND));
            }
            if (trustBundle2.getBundleName().equals(trustBundle.getBundleName()) && trustBundle2.getBundleURL().equals(trustBundle.getBundleURL()) && trustBundle2.getRefreshInterval() == trustBundle.getRefreshInterval()) {
                if (trustBundle.getSigningCertificateData() == null && trustBundle2.getSigningCertificateData() == null) {
                    return Mono.empty();
                }
                if (trustBundle.getSigningCertificateData() != null && trustBundle2.getSigningCertificateData() != null && Arrays.equals(trustBundle.getSigningCertificateData(), trustBundle2.getSigningCertificateData())) {
                    return Mono.empty();
                }
            }
            String bundleURL = trustBundle2.getBundleURL();
            X509Certificate x509Certificate = null;
            if (trustBundle.getSigningCertificateData() != null) {
                try {
                    x509Certificate = CertUtils.toX509Certificate(trustBundle.getSigningCertificateData());
                } catch (CertificateConversionException e) {
                    log.error("Signing certificate is not in a valid format " + str, e);
                    return Mono.error(new ResponseStatusException(HttpStatus.BAD_REQUEST));
                }
            }
            try {
                if (x509Certificate == null) {
                    trustBundle2.setSigningCertificateData((byte[]) null);
                } else {
                    trustBundle2.setSigningCertificateData(x509Certificate.getEncoded());
                }
                if (!StringUtils.isEmpty(trustBundle.getBundleName())) {
                    trustBundle2.setBundleName(trustBundle.getBundleName());
                }
                trustBundle2.setRefreshInterval(trustBundle.getRefreshInterval());
                if (!StringUtils.isEmpty(trustBundle.getBundleURL())) {
                    trustBundle2.setBundleURL(trustBundle.getBundleURL());
                }
                return this.bundleRepo.save(trustBundle2).doOnSuccess(trustBundle2 -> {
                    if (trustBundle.getBundleURL() == null || trustBundle.getBundleURL().isEmpty() || bundleURL.equals(trustBundle.getBundleURL())) {
                        return;
                    }
                    this.bundleRefreshProcessor.refreshBundle(trustBundle2);
                }).then().onErrorResume(th -> {
                    log.error("Error updating bundle attributes", th);
                    return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
                });
            } catch (Exception e2) {
                log.error("Setting signing certificate encoded data", e2);
                return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            }
        });
    }

    @PostMapping({"{bundle}/{domain}"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public Mono<Void> associateTrustBundleToDomain(@PathVariable("bundle") String str, @PathVariable("domain") String str2, @RequestParam(name = "incoming", defaultValue = "true") boolean z, @RequestParam(name = "outgoing", defaultValue = "true") boolean z2) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle -> {
            return trustBundle.getBundleName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.domainRepo.findByDomainNameIgnoreCase(str2).switchIfEmpty(Mono.just(new Domain())).flatMap(domain -> {
                if (domain.getDomainName() == null) {
                    return Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND));
                }
                org.nhindirect.config.store.TrustBundleDomainReltn trustBundleDomainReltn = new org.nhindirect.config.store.TrustBundleDomainReltn();
                trustBundleDomainReltn.setDomainId(domain.getId());
                trustBundleDomainReltn.setTrustBundleId(trustBundle.getId());
                trustBundleDomainReltn.setIncoming(z);
                trustBundleDomainReltn.setOutgoing(z2);
                return this.reltnRepo.save(trustBundleDomainReltn).then().onErrorResume(th -> {
                    log.error("Error associating trust bundle to domain.", th);
                    return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
                });
            });
        });
    }

    @DeleteMapping({"{bundle}/{domain}"})
    public Mono<Void> disassociateTrustBundleFromDomain(@PathVariable("bundle") String str, @PathVariable("domain") String str2) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle -> {
            return trustBundle.getBundleName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.domainRepo.findByDomainNameIgnoreCase(str2).switchIfEmpty(Mono.just(new Domain())).flatMap(domain -> {
                return domain.getDomainName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.reltnRepo.deleteByDomainIdAndTrustBundleId(domain.getId(), trustBundle.getId()).then().onErrorResume(th -> {
                    log.error("Error disassociating trust bundle from domain.", th);
                    return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
                });
            });
        });
    }

    @DeleteMapping({"{domain}/deleteFromDomain"})
    public Mono<Void> disassociateTrustBundlesFromDomain(@PathVariable("domain") String str) {
        return this.domainRepo.findByDomainNameIgnoreCase(str).switchIfEmpty(Mono.just(new Domain())).flatMap(domain -> {
            return domain.getDomainName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.reltnRepo.deleteByDomainId(domain.getId()).then().onErrorResume(th -> {
                log.error("Error disassociating trust bundle from domain.", th);
                return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            });
        });
    }

    @DeleteMapping({"{bundle}/deleteFromBundle"})
    public Mono<Void> disassociateTrustBundleFromDomains(@PathVariable("bundle") String str) {
        return this.bundleRepo.findByBundleNameIgnoreCase(str).switchIfEmpty(Mono.just(new org.nhindirect.config.store.TrustBundle())).flatMap(trustBundle -> {
            return trustBundle.getBundleName() == null ? Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)) : this.reltnRepo.deleteByTrustBundleId(trustBundle.getId()).then().onErrorResume(th -> {
                log.error("Error disassociating trust bundle from domains.", th);
                return Mono.error(new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR));
            });
        });
    }
}
