package net.shibboleth.idp.admin.impl;

import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonToken;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.jasminb.jsonapi.JSONAPISpecConstants;
import com.github.jasminb.jsonapi.models.errors.Error;
import com.github.jasminb.jsonapi.models.errors.Errors;
import com.google.common.base.Strings;
import com.sun.mail.imap.IMAPStore;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.profile.AbstractProfileAction;
import net.shibboleth.idp.profile.context.SpringRequestContext;
import net.shibboleth.shared.annotation.constraint.NonnullAfterInit;
import net.shibboleth.shared.annotation.constraint.NonnullBeforeExec;
import net.shibboleth.shared.annotation.constraint.NotEmpty;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.logic.Constraint;
import net.shibboleth.shared.primitive.LoggerFactory;
import org.apache.hc.core5.http.HttpStatus;
import org.opensaml.profile.action.ActionSupport;
import org.opensaml.profile.action.EventIds;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.storage.StorageRecord;
import org.opensaml.storage.StorageService;
import org.opensaml.storage.VersionMismatchException;
import org.slf4j.Logger;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/idp-admin-impl-5.1.0.jar:net/shibboleth/idp/admin/impl/DoStorageOperation.class */
public class DoStorageOperation extends AbstractProfileAction {

    @Nonnull
    @NotEmpty
    public static final String SERVICE_ID = "storageServiceId";

    @Nonnull
    @NotEmpty
    public static final String CONTEXT = "context";

    @Nonnull
    @NotEmpty
    public static final String KEY = "key";

    @Nonnull
    private Logger log = LoggerFactory.getLogger((Class<?>) DoStorageOperation.class);

    @NonnullAfterInit
    private ObjectMapper objectMapper;

    @NonnullBeforeExec
    private StorageService storageService;

    @NonnullBeforeExec
    @NotEmpty
    private String context;

    @NonnullBeforeExec
    @NotEmpty
    private String key;
    static final /* synthetic */ boolean $assertionsDisabled;

    public void setObjectMapper(@Nonnull ObjectMapper objectMapper) {
        checkSetterPreconditions();
        this.objectMapper = (ObjectMapper) Constraint.isNotNull(objectMapper, "ObjectMapper cannot be null");
    }

    public void setStorageService(@Nullable StorageService storageService) {
        checkSetterPreconditions();
        this.storageService = storageService;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.shared.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.objectMapper == null) {
            throw new ComponentInitializationException("ObjectMapper cannot be null");
        }
    }

    @Nonnull
    private String getKey() {
        if ($assertionsDisabled || isPreExecuteCalled()) {
            return this.key;
        }
        throw new AssertionError();
    }

    @Nonnull
    private String getContext() {
        if ($assertionsDisabled || isPreExecuteCalled()) {
            return this.context;
        }
        throw new AssertionError();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.profile.action.AbstractConditionalProfileAction, org.opensaml.profile.action.AbstractProfileAction
    public boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext) {
        if (!super.doPreExecute(profileRequestContext)) {
            return false;
        }
        if (getHttpServletRequest() == null || getHttpServletResponse() == null) {
            this.log.warn("{} No HttpServletRequest or HttpServletResponse available", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
            return false;
        }
        try {
            SpringRequestContext springRequestContext = (SpringRequestContext) profileRequestContext.getSubcontext(SpringRequestContext.class);
            if (springRequestContext == null) {
                this.log.warn("{} Spring request context not found in profile request context", getLogPrefix());
                sendError(500, "Internal Server Error", "System misconfiguration.");
                return false;
            }
            RequestContext requestContext = springRequestContext.getRequestContext();
            if (requestContext == null) {
                this.log.warn("{} Web Flow request context not found in Spring request context", getLogPrefix());
                sendError(500, "Internal Server Error", "System misconfiguration.");
                return false;
            }
            if (this.storageService == null) {
                this.storageService = getStorageService(requestContext);
                if (this.storageService == null) {
                    sendError(HttpStatus.SC_NOT_FOUND, "Invalid Storage Service", "Invalid storage service identifier in path.");
                    return false;
                }
            }
            this.context = (String) requestContext.getFlowScope().get("context");
            this.key = (String) requestContext.getFlowScope().get("key");
            if (!Strings.isNullOrEmpty(this.context) && !Strings.isNullOrEmpty(this.key)) {
                return true;
            }
            sendError(HttpStatus.SC_NOT_FOUND, "Missing Context or Key", "No context or key specified.");
            return false;
        } catch (IOException e) {
            this.log.error("{} I/O error issuing API response", getLogPrefix(), e);
            ActionSupport.buildEvent(profileRequestContext, EventIds.IO_ERROR);
            return false;
        }
    }

    @Override // org.opensaml.profile.action.AbstractProfileAction
    protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext) {
        try {
            HttpServletRequest ensureHttpServletRequest = ensureHttpServletRequest();
            HttpServletResponse ensureHttpServletResponse = ensureHttpServletResponse();
            ensureHttpServletResponse.setContentType("application/json");
            ensureHttpServletResponse.setHeader("Cache-Control", "must-revalidate,no-cache,no-store");
            if ("GET".equals(ensureHttpServletRequest.getMethod())) {
                doRead();
            } else if ("PUT".equals(ensureHttpServletRequest.getMethod())) {
                doCreate();
            } else if ("POST".equals(ensureHttpServletRequest.getMethod())) {
                doUpdate();
            } else if ("DELETE".equals(ensureHttpServletRequest.getMethod())) {
                doDelete();
            } else {
                this.log.warn("{} Invalid method: {}", getLogPrefix(), ensureHttpServletRequest.getMethod());
                sendError(HttpStatus.SC_METHOD_NOT_ALLOWED, "Unknown Operation", "GET, PUT, POST, DELETE are supported.");
            }
        } catch (IOException e) {
            this.log.error("{} I/O error responding to request", getLogPrefix(), e);
            ActionSupport.buildEvent(profileRequestContext, EventIds.IO_ERROR);
        }
    }

    @Nullable
    private StorageService getStorageService(@Nonnull RequestContext requestContext) {
        String str = (String) requestContext.getFlowScope().get(SERVICE_ID);
        if (str != null) {
            return (StorageService) getBean(requestContext, str, StorageService.class);
        }
        this.log.warn("{} No {} flow variable found in request", getLogPrefix(), SERVICE_ID);
        return null;
    }

    private void doRead() throws IOException {
        try {
            StorageService storageService = (StorageService) Constraint.isNotNull(this.storageService, "Null storge service not detected in preExecute");
            HttpServletResponse httpServletResponse = (HttpServletResponse) Constraint.isNotNull(getHttpServletResponse(), "No Servlet response present");
            StorageRecord read = storageService.read(getContext(), getKey());
            if (read != null) {
                httpServletResponse.setStatus(200);
                JsonGenerator useDefaultPrettyPrinter = new JsonFactory().createGenerator((OutputStream) httpServletResponse.getOutputStream()).useDefaultPrettyPrinter();
                try {
                    useDefaultPrettyPrinter.setCodec(this.objectMapper);
                    useDefaultPrettyPrinter.writeStartObject();
                    useDefaultPrettyPrinter.writeObjectFieldStart(JSONAPISpecConstants.DATA);
                    useDefaultPrettyPrinter.writeStringField("type", "records");
                    useDefaultPrettyPrinter.writeStringField("id", storageService.getId() + "/" + this.context + "/" + this.key);
                    useDefaultPrettyPrinter.writeObjectFieldStart("attributes");
                    useDefaultPrettyPrinter.writeStringField("value", read.getValue());
                    useDefaultPrettyPrinter.writeNumberField(IMAPStore.ID_VERSION, read.getVersion());
                    if (read.getExpiration() != null) {
                        useDefaultPrettyPrinter.writeFieldName("expiration");
                        useDefaultPrettyPrinter.writeObject(read.getExpiration());
                    }
                    if (useDefaultPrettyPrinter != null) {
                        useDefaultPrettyPrinter.close();
                    }
                } finally {
                }
            } else {
                sendError(HttpStatus.SC_NOT_FOUND, "Record Not Found", "The specified record was not present or has expired.");
            }
        } catch (IOException e) {
            sendError(500, "Internal Server Error", "Storage error.");
        }
    }

    private void doCreate() throws IOException {
        StorageService storageService = (StorageService) Constraint.isNotNull(this.storageService, "Null storge service not detected in preExecute");
        HttpServletRequest ensureHttpServletRequest = ensureHttpServletRequest();
        HttpServletResponse ensureHttpServletResponse = ensureHttpServletResponse();
        JsonParser createParser = new JsonFactory().createParser((InputStream) ensureHttpServletRequest.getInputStream());
        if (createParser.nextToken() != JsonToken.START_OBJECT) {
            throw new IOException("Expected data to start with an Object");
        }
        String str = null;
        Long l = null;
        while (createParser.nextToken() != JsonToken.END_OBJECT) {
            String currentName = createParser.getCurrentName();
            createParser.nextToken();
            if ("value".equals(currentName)) {
                str = createParser.getText();
            } else if ("expiration".equals(currentName)) {
                l = Long.valueOf(createParser.getLongValue());
            }
        }
        if (str == null) {
            throw new IOException("Input missing 'val' field");
        }
        if (storageService.create(getContext(), getKey(), str, l)) {
            ensureHttpServletResponse.setStatus(201);
        } else {
            sendError(HttpStatus.SC_CONFLICT, "Duplicate Record", "Context and key matched an existing record.");
        }
    }

    private void doUpdate() throws IOException {
        JsonFactory jsonFactory = new JsonFactory();
        StorageService storageService = (StorageService) Constraint.isNotNull(this.storageService, "Null storge service not detected in preExecute");
        HttpServletRequest ensureHttpServletRequest = ensureHttpServletRequest();
        HttpServletResponse ensureHttpServletResponse = ensureHttpServletResponse();
        JsonParser createParser = jsonFactory.createParser((InputStream) ensureHttpServletRequest.getInputStream());
        if (createParser.nextToken() != JsonToken.START_OBJECT) {
            throw new IOException("Expected data to start with an Object");
        }
        String str = null;
        Long l = null;
        Long l2 = null;
        while (createParser.nextToken() != JsonToken.END_OBJECT) {
            String currentName = createParser.getCurrentName();
            createParser.nextToken();
            if ("value".equals(currentName)) {
                str = createParser.getText();
            } else if ("expiration".equals(currentName)) {
                l2 = Long.valueOf(createParser.getLongValue());
            } else if (IMAPStore.ID_VERSION.equals(currentName)) {
                l = Long.valueOf(createParser.getLongValue());
            }
        }
        if (str == null) {
            throw new IOException("Input missing 'value' field");
        }
        if (l != null) {
            try {
                if (storageService.updateWithVersion(l.longValue(), getContext(), getKey(), str, l2) != null) {
                    ensureHttpServletResponse.setStatus(200);
                } else {
                    sendError(HttpStatus.SC_NOT_FOUND, "Not Found", "Record to update was absent.");
                }
                return;
            } catch (VersionMismatchException e) {
                sendError(HttpStatus.SC_CONFLICT, "Version Mismatch", "Record version did not match.");
                return;
            }
        }
        if (storageService.update(getContext(), getKey(), str, l2)) {
            ensureHttpServletResponse.setStatus(200);
        } else if (storageService.create(getContext(), getKey(), str, l2)) {
            ensureHttpServletResponse.setStatus(201);
        } else {
            sendError(500, "Internal Server Error", "Record to update was absent and create attempt failed.");
        }
    }

    private void doDelete() throws IOException {
        try {
            StorageService storageService = (StorageService) Constraint.isNotNull(this.storageService, "Null storge service not detected in preExecute");
            HttpServletResponse ensureHttpServletResponse = ensureHttpServletResponse();
            if (storageService.delete(getContext(), getKey())) {
                ensureHttpServletResponse.setStatus(HttpStatus.SC_NO_CONTENT);
            } else {
                sendError(HttpStatus.SC_NOT_FOUND, "Record Not Found", "The specified record was not present or has expired.");
            }
        } catch (IOException e) {
            sendError(500, "Internal Server Error", "Storage error.");
        }
    }

    private void sendError(int i, @Nonnull @NotEmpty String str, @Nonnull @NotEmpty String str2) throws IOException {
        HttpServletResponse ensureHttpServletResponse = ensureHttpServletResponse();
        ensureHttpServletResponse.setContentType("application/json");
        ensureHttpServletResponse.setHeader("Cache-Control", "must-revalidate,no-cache,no-store");
        ensureHttpServletResponse.setStatus(i);
        Error error = new Error();
        Errors errors = new Errors();
        errors.setErrors(CollectionSupport.singletonList(error));
        error.setStatus(Integer.toString(i));
        error.setTitle(str);
        error.setDetail(str2);
        this.objectMapper.writer().withDefaultPrettyPrinter().writeValue((OutputStream) ensureHttpServletResponse.getOutputStream(), (Object) errors);
    }

    static {
        $assertionsDisabled = !DoStorageOperation.class.desiredAssertionStatus();
    }
}
