package org.wso2.carbon.appfactory.common.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Stack;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.util.AXIOMUtil;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.ServiceClient;
import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.appfactory.common.AppFactoryConfiguration;
import org.wso2.carbon.appfactory.common.AppFactoryConstants;
import org.wso2.carbon.appfactory.common.AppFactoryException;
import org.wso2.carbon.appfactory.common.RoleBean;
import org.wso2.carbon.appfactory.common.internal.AppFactoryCommonServiceComponent;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.securevault.SecretManagerInitializer;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.Permission;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.securevault.SecretResolver;
import org.wso2.securevault.SecretResolverFactory;

/* loaded from: input_file:org/wso2/carbon/appfactory/common/util/AppFactoryUtil.class */
public class AppFactoryUtil {
    private static SecretResolver secretResolver;
    private static final Log log = LogFactory.getLog(AppFactoryUtil.class);
    private static Map<String, List<String>> configurationMap = new HashMap();
    private static AppFactoryConfiguration appFactoryConfig = null;

    private AppFactoryUtil() throws AppFactoryException {
        loadAppFactoryConfiguration();
    }

    public static File getApplicationWorkDirectory(String str, String str2, String str3) throws AppFactoryException {
        return new File(CarbonUtils.getTmpDir() + File.separator + str);
    }

    public static AppFactoryConfiguration getAppfactoryConfiguration() throws AppFactoryException {
        if (appFactoryConfig == null) {
            loadAppFactoryConfiguration();
        }
        return appFactoryConfig;
    }

    private static void loadAppFactoryConfiguration() throws AppFactoryException {
        OMElement loadAppFactoryXML = loadAppFactoryXML();
        new SecretManagerInitializer().init();
        secretResolver = SecretResolverFactory.create(loadAppFactoryXML, true);
        if (AppFactoryConstants.CONFIG_NAMESPACE.equals(loadAppFactoryXML.getNamespace().getNamespaceURI())) {
            readChildElements(loadAppFactoryXML, new Stack());
            appFactoryConfig = new AppFactoryConfiguration(configurationMap);
        } else {
            String str = "AppFactory namespace is invalid. Expected [http://www.wso2.org/appfactory/], received [" + loadAppFactoryXML.getNamespace() + "]";
            log.error(str);
            throw new AppFactoryException(str);
        }
    }

    public static void sendNotification(String str, String str2, String str3, final String str4, final OMElement oMElement) {
        new Thread(new Runnable() { // from class: org.wso2.carbon.appfactory.common.util.AppFactoryUtil.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    Thread.sleep(5000L);
                } catch (InterruptedException e) {
                }
                try {
                    ServiceClient serviceClient = new ServiceClient();
                    serviceClient.getOptions().setTo(new EndpointReference(str4));
                    CarbonUtils.setBasicAccessSecurityHeaders(AppFactoryUtil.getAdminUsername(), AppFactoryUtil.getAdminPassword(), serviceClient);
                    serviceClient.sendRobust(oMElement);
                } catch (AxisFault e2) {
                    AppFactoryUtil.log.error(e2);
                    e2.printStackTrace();
                }
            }
        }).start();
    }

    private static OMElement loadAppFactoryXML() throws AppFactoryException {
        String str = CarbonUtils.getCarbonConfigDirPath() + File.separator + AppFactoryConstants.CONFIG_FOLDER + File.separator + AppFactoryConstants.CONFIG_FILE_NAME;
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(new File(str));
                OMElement stringToOM = AXIOMUtil.stringToOM(IOUtils.toString(fileInputStream));
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        log.error("Error in closing stream ", e);
                    }
                }
                return stringToOM;
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                        log.error("Error in closing stream ", e2);
                        throw th;
                    }
                }
                throw th;
            }
        } catch (IOException e3) {
            String str2 = "Unable to read the file appfactory.xml at " + str;
            log.error(str2, e3);
            throw new AppFactoryException(str2, e3);
        } catch (XMLStreamException e4) {
            log.error("Error in parsing appfactory.xml", e4);
            throw new AppFactoryException("Error in parsing appfactory.xml", e4);
        }
    }

    private static void readChildElements(OMElement oMElement, Stack<String> stack) {
        Iterator childElements = oMElement.getChildElements();
        while (childElements.hasNext()) {
            OMElement oMElement2 = (OMElement) childElements.next();
            stack.push(oMElement2.getLocalName());
            secureVaultResolve(oMElement2);
            String attributeValue = oMElement2.getAttributeValue(new QName("name"));
            if (attributeValue != null && attributeValue.trim().length() != 0) {
                addToConfiguration(getKey(stack), attributeValue.trim());
                stack.push(attributeValue.trim());
            }
            String attributeValue2 = oMElement2.getAttributeValue(new QName("enabled"));
            if (attributeValue2 != null && attributeValue2.trim().length() != 0) {
                addToConfiguration(getKey(stack) + ".Enabled", attributeValue2.trim());
            }
            String text = oMElement2.getText();
            if (text != null && text.trim().length() != 0) {
                String key = getKey(stack);
                String replaceSystemProperty = replaceSystemProperty(text.trim());
                if (isProtectedToken(key)) {
                    replaceSystemProperty = getProtectedValue(key);
                }
                addToConfiguration(key, replaceSystemProperty);
            }
            readChildElements(oMElement2, stack);
            if (attributeValue != null && attributeValue.trim().length() != 0) {
                stack.pop();
            }
            stack.pop();
        }
    }

    private static String getKey(Stack<String> stack) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < stack.size(); i++) {
            stringBuffer.append(stack.elementAt(i)).append(AppFactoryConstants.FULLSTOP);
        }
        stringBuffer.deleteCharAt(stringBuffer.lastIndexOf(AppFactoryConstants.FULLSTOP));
        return stringBuffer.toString();
    }

    private static String replaceSystemProperty(String str) {
        int indexOf;
        int i = -1;
        while (i < str.indexOf("${")) {
            int indexOf2 = str.indexOf("${");
            i = indexOf2;
            if (indexOf2 == -1 || (indexOf = str.indexOf(125)) == -1) {
                break;
            }
            String substring = str.substring(i + 2, indexOf);
            String property = System.getProperty(substring);
            if (substring.equals("carbon.home") && property != null && property.equals(AppFactoryConstants.FULLSTOP)) {
                property = new File(AppFactoryConstants.FULLSTOP).getAbsolutePath() + File.separator;
            }
            if (property != null) {
                str = str.substring(0, i) + property + str.substring(indexOf + 1);
            }
        }
        return str;
    }

    private static boolean isProtectedToken(String str) {
        return secretResolver != null && secretResolver.isInitialized() && secretResolver.isTokenProtected(new StringBuilder().append("Carbon.").append(str).toString());
    }

    private static String getProtectedValue(String str) {
        return secretResolver.resolve("Carbon." + str);
    }

    private static void addToConfiguration(String str, String str2) {
        List<String> list = configurationMap.get(str);
        if (list == null) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(str2);
            configurationMap.put(str, arrayList);
        } else {
            if (list.contains(str2)) {
                return;
            }
            list.add(str2);
        }
    }

    public static String getAdminUsername() {
        return appFactoryConfig.getFirstProperty(AppFactoryConstants.SERVER_ADMIN_NAME);
    }

    public static String getAdminPassword() {
        return appFactoryConfig.getFirstProperty(AppFactoryConstants.SERVER_ADMIN_PASSWORD);
    }

    public static String getAdminEmail() {
        return appFactoryConfig.getFirstProperty(AppFactoryConstants.SERVER_ADMIN_EMAIL);
    }

    public static String getMessageBrokerConnectionURL() {
        return appFactoryConfig.getFirstProperty(AppFactoryConstants.MESSAGE_BROKER_CONNECTION_URL);
    }

    private static void secureVaultResolve(OMElement oMElement) {
        String attributeValue = oMElement.getAttributeValue(new QName(AppFactoryConstants.SECURE_VAULT_NS, AppFactoryConstants.SECRET_ALIAS_ATTR_NAME));
        if (attributeValue != null) {
            oMElement.setText(loadFromSecureVault(attributeValue));
        }
    }

    public static synchronized String loadFromSecureVault(String str) {
        if (secretResolver == null) {
            secretResolver = SecretResolverFactory.create((OMElement) null, false);
            secretResolver.init(AppFactoryCommonServiceComponent.getSecretCallbackHandlerService().getSecretCallbackHandler());
        }
        return secretResolver.resolve(str);
    }

    public static boolean isBuildable(String str) throws AppFactoryException {
        String firstProperty = appFactoryConfig.getFirstProperty("ApplicationType." + str + ".Property.Buildable");
        if (firstProperty == null || firstProperty.equals("")) {
            throw new AppFactoryException("Buildable Parameter not defined or blank for " + str + " application type");
        }
        if (firstProperty.equalsIgnoreCase("true") || firstProperty.equalsIgnoreCase("yes")) {
            return true;
        }
        if (firstProperty.equalsIgnoreCase("false") || firstProperty.equalsIgnoreCase("no")) {
            return false;
        }
        throw new AppFactoryException("Invalid parameter value in appfactory.xml for buildable status of " + str + " application type");
    }

    public static boolean isBuildServerRequiredProject(String str) throws AppFactoryException {
        return isBuildable(str) || isFreestyleNonBuilableProject(str);
    }

    public static boolean isFreestyleNonBuilableProject(String str) throws AppFactoryException {
        String firstProperty = appFactoryConfig.getFirstProperty("ApplicationType." + str + ".Property.BuildJobTemplate");
        return firstProperty != null && firstProperty.equals("freestyle");
    }

    public static Set<RoleBean> getRolePermissionConfigurations(String str, String str2) throws AppFactoryException {
        HashSet hashSet = new HashSet();
        AppFactoryConfiguration appfactoryConfiguration = getAppfactoryConfiguration();
        String[] properties = appfactoryConfiguration.getProperties(str);
        if (properties == null || properties.length == 0) {
            log.warn("No roles permissions are configured for " + str + " path in appfactory.xml");
        } else {
            for (String str3 : properties) {
                String[] split = appfactoryConfiguration.getFirstProperty(str + AppFactoryConstants.FULLSTOP + str3 + ".Permission").split(",");
                RoleBean roleBean = new RoleBean(str3.trim());
                roleBean.addUser(str2);
                for (String str4 : split) {
                    String trim = str4.trim();
                    boolean startsWith = trim.startsWith(AppFactoryConstants.DENY);
                    if (startsWith) {
                        trim = trim.substring(AppFactoryConstants.DENY.length(), trim.length());
                    }
                    String[] split2 = trim.split(":");
                    if (split2.length == 2) {
                        roleBean.addPermission(new Permission(split2[0], replaceRegistryPermissionAction(split2[1])), !startsWith);
                    } else if (split2.length == 1) {
                        roleBean.addPermission(new Permission(split2[0], "ui.execute"), !startsWith);
                    }
                }
                hashSet.add(roleBean);
            }
        }
        return hashSet;
    }

    private static String replaceRegistryPermissionAction(String str) {
        return AppFactoryConstants.REGISTRY_GET.equals(str) ? "http://www.wso2.org/projects/registry/actions/get" : AppFactoryConstants.REGISTRY_PUT.equals(str) ? "http://www.wso2.org/projects/registry/actions/add" : AppFactoryConstants.REGISTRY_DELETE.equals(str) ? "http://www.wso2.org/projects/registry/actions/delete" : str;
    }

    public static void addRolePermissions(UserStoreManager userStoreManager, AuthorizationManager authorizationManager, Set<RoleBean> set) throws UserStoreException {
        for (RoleBean roleBean : set) {
            if (userStoreManager.isExistingRole(roleBean.getRoleName())) {
                for (Permission permission : roleBean.getPermissions(true)) {
                    if (!authorizationManager.isRoleAuthorized(roleBean.getRoleName(), permission.getResourceId(), permission.getAction())) {
                        authorizationManager.authorizeRole(roleBean.getRoleName(), permission.getResourceId(), permission.getAction());
                        if (log.isDebugEnabled()) {
                            StringBuilder sb = new StringBuilder("Role:" + roleBean.getRoleName() + " is authorized with permission;\n");
                            sb.append("resource:").append(permission.getResourceId()).append(" action:").append(permission.getAction()).append("\n");
                            log.debug(sb.toString());
                        }
                    }
                }
            } else {
                userStoreManager.addRole(roleBean.getRoleName(), (String[]) roleBean.getUsers().toArray(new String[roleBean.getUsers().size()]), (org.wso2.carbon.user.api.Permission[]) roleBean.getPermissions(true).toArray(new Permission[roleBean.getPermissions(true).size()]));
                if (log.isDebugEnabled()) {
                    StringBuilder sb2 = new StringBuilder("Role:" + roleBean.getRoleName() + " is added with below permissions;");
                    for (Permission permission2 : roleBean.getPermissions(true)) {
                        sb2.append("resource:").append(permission2.getResourceId()).append(" action:").append(permission2.getAction()).append("\n");
                    }
                    log.debug(sb2.toString());
                }
            }
            for (Permission permission3 : roleBean.getPermissions(false)) {
                authorizationManager.denyRole(roleBean.getRoleName(), permission3.getResourceId(), permission3.getAction());
                if (log.isDebugEnabled()) {
                    StringBuilder sb3 = new StringBuilder("Role:" + roleBean.getRoleName() + " is denied with permissions;\n");
                    sb3.append("resource:").append(permission3.getResourceId()).append(" action:").append(permission3.getAction()).append("\n");
                    log.debug(sb3.toString());
                }
            }
        }
    }

    public static boolean checkAuthorizationForUser(String str, String str2) {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        if (username == null) {
            username = CarbonContext.getCurrentContext().getUsername();
        }
        if (username == null) {
            return false;
        }
        try {
            return CarbonContext.getThreadLocalCarbonContext().getUserRealm().getAuthorizationManager().isUserAuthorized(username, str, str2);
        } catch (UserStoreException e) {
            log.warn("Error occurred when checking authorization", e);
            return false;
        }
    }

    public static boolean isAppRole(String str) {
        return str.startsWith(AppFactoryConstants.APP_ROLE_PREFIX);
    }

    public static String getRoleNameForApplication(String str) {
        return AppFactoryConstants.APP_ROLE_PREFIX + str;
    }

    public static String getAppkeyFromPerAppRoleName(String str) throws AppFactoryException {
        if (str != null && isAppRole(str)) {
            return str.replaceFirst(AppFactoryConstants.APP_ROLE_PREFIX, "");
        }
        String str2 = "Given role:" + str + " is not an unique application role given for each application.";
        log.error(str2);
        throw new AppFactoryException(str2);
    }

    public static String getPreviousLifeCycleStage(String str) throws AppFactoryException {
        return getAppfactoryConfiguration().getFirstProperty("ApplicationDeployment.DeploymentStage." + str + ".Demote.TargetStage");
    }

    public static String getNextLifeCycleStage(String str) throws AppFactoryException {
        return getAppfactoryConfiguration().getFirstProperty("ApplicationDeployment.DeploymentStage." + str + ".Promote.TargetStage");
    }

    public static boolean isInitialLifeCycleStage(String str) throws AppFactoryException {
        return getPreviousLifeCycleStage(str) == null;
    }

    public static String[] getInitialLifeCycleStages() throws AppFactoryException {
        String[] properties = getAppfactoryConfiguration().getProperties(AppFactoryConstants.DEPLOYMENT_STAGES);
        ArrayList arrayList = new ArrayList(properties.length);
        for (String str : properties) {
            if (isInitialLifeCycleStage(str)) {
                arrayList.add(str);
            }
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public static boolean isUplodableAppType(String str) throws AppFactoryException {
        return Boolean.parseBoolean(getAppfactoryConfiguration().getFirstProperty("ApplicationType." + str + ".Property.isUploadableAppType"));
    }

    public static void setMutualAuthHeader(ServiceClient serviceClient, String str) throws AppFactoryException {
        String str2 = "<tns:UserName xmlns:tns=\"http://mutualssl.carbon.wso2.org\">" + str + "</tns:UserName> ";
        try {
            serviceClient.addHeader(org.apache.axiom.om.impl.llom.util.AXIOMUtil.stringToOM(str2));
            if (log.isDebugEnabled()) {
                log.debug("Mutual auth header for service client:" + serviceClient.getTargetEPR() + " ,header:" + str2);
            }
        } catch (XMLStreamException e) {
            log.error("Failed to set mutualAuth Header", e);
            throw new AppFactoryException("Failed to set mutualAuth Header", e);
        }
    }

    public static Map<String, String> getBaseAccessURLs() throws AppFactoryException {
        HashMap hashMap = new HashMap();
        try {
            AppFactoryConfiguration appfactoryConfiguration = getAppfactoryConfiguration();
            String[] properties = appfactoryConfiguration.getProperties(AppFactoryConstants.DEPLOYMENT_STAGES);
            if (properties != null) {
                for (String str : properties) {
                    hashMap.put(str, appfactoryConfiguration.getFirstProperty("ApplicationDeployment.DeploymentStage." + str + ".TenantMgtUrl"));
                }
            }
            return hashMap;
        } catch (AppFactoryException e) {
            log.error("Failed to get runtime environmental details.", e);
            throw new AppFactoryException("Failed to get runtime environmental details.", e);
        }
    }
}
