package com.ibm.ws.rest.handler.validator.internal;

import com.ibm.json.java.JSONArray;
import com.ibm.json.java.JSONArtifact;
import com.ibm.json.java.JSONObject;
import com.ibm.json.java.OrderedJSONObject;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.wsspi.kernel.service.location.VariableRegistry;
import com.ibm.wsspi.kernel.service.utils.FilterUtils;
import com.ibm.wsspi.rest.config.ConfigBasedRESTHandler;
import com.ibm.wsspi.rest.handler.RESTHandler;
import com.ibm.wsspi.rest.handler.RESTRequest;
import com.ibm.wsspi.rest.handler.RESTResponse;
import com.ibm.wsspi.validator.Validator;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URLDecoder;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Collection;
import java.util.Collections;
import java.util.Dictionary;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.util.stream.Collectors;
import org.osgi.framework.BundleContext;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(name = "com.ibm.ws.rest.handler.validator", configurationPolicy = ConfigurationPolicy.IGNORE, service = {RESTHandler.class}, property = {"com.ibm.wsspi.rest.handler.root=/validation/{element}", "com.ibm.wsspi.rest.handler.custom.security=true"})
@TraceOptions
/* loaded from: input_file:com/ibm/ws/rest/handler/validator/internal/ValidatorRESTHandler.class */
public class ValidatorRESTHandler extends ConfigBasedRESTHandler {
    private static final TraceComponent tc = Tr.register(ValidatorRESTHandler.class, "rest.validation", "com.ibm.ws.rest.handler.validator.resources.CWWKOMessages");
    private ComponentContext context;

    @Reference
    VariableRegistry variableRegistry;
    static final long serialVersionUID = 1992297430800432704L;

    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    @TraceOptions
    /* loaded from: input_file:com/ibm/ws/rest/handler/validator/internal/ValidatorRESTHandler$HttpErrorInfo.class */
    private static class HttpErrorInfo {
        private final int code;
        private final String message;
        static final long serialVersionUID = 8507035945452966654L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler$HttpErrorInfo", HttpErrorInfo.class, "rest.validation", "com.ibm.ws.rest.handler.validator.resources.CWWKOMessages");

        private HttpErrorInfo(int i, String str) {
            this.code = i;
            this.message = str;
        }
    }

    @Activate
    protected void activate(ComponentContext componentContext) {
        this.context = componentContext;
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) {
        this.context = null;
    }

    public final String getAPIRoot() {
        return "/validation";
    }

    public Object handleError(RESTRequest rESTRequest, String str, String str2) {
        JSONObject jSONObject = toJSONObject("message", str2);
        return str == null ? toJSONObject("successful", false, Validator.FAILURE, jSONObject) : toJSONObject("uid", str, "successful", false, Validator.FAILURE, jSONObject);
    }

    @FFDCIgnore({PrivilegedActionException.class})
    public static <S> Collection<ServiceReference<S>> getServiceReferences(final BundleContext bundleContext, final Class<S> cls, final String str) throws InvalidSyntaxException {
        if (System.getSecurityManager() == null) {
            return bundleContext.getServiceReferences(cls, str);
        }
        try {
            return (Collection) AccessController.doPrivileged(new PrivilegedExceptionAction<Collection<ServiceReference<S>>>() { // from class: com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler.1
                static final long serialVersionUID = -3415297815278533801L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler$1", AnonymousClass1.class, "rest.validation", "com.ibm.ws.rest.handler.validator.resources.CWWKOMessages");

                @Override // java.security.PrivilegedExceptionAction
                public Collection<ServiceReference<S>> run() throws InvalidSyntaxException {
                    return bundleContext.getServiceReferences(cls, str);
                }
            });
        } catch (PrivilegedActionException e) {
            if (e.getCause() instanceof InvalidSyntaxException) {
                throw e.getCause();
            }
            throw new RuntimeException(e);
        }
    }

    @FFDCIgnore({PrivilegedActionException.class})
    public static ServiceReference<?>[] getServiceReferences(final BundleContext bundleContext, final String str, final String str2) throws InvalidSyntaxException {
        if (System.getSecurityManager() == null) {
            return bundleContext.getServiceReferences(str, str2);
        }
        try {
            return (ServiceReference[]) AccessController.doPrivileged(new PrivilegedExceptionAction<ServiceReference<?>[]>() { // from class: com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler.2
                static final long serialVersionUID = 7121508785282884859L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler$2", AnonymousClass2.class, "rest.validation", "com.ibm.ws.rest.handler.validator.resources.CWWKOMessages");

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                @Trivial
                public ServiceReference<?>[] run() throws InvalidSyntaxException {
                    return bundleContext.getServiceReferences(str, str2);
                }
            });
        } catch (PrivilegedActionException e) {
            if (e.getCause() instanceof InvalidSyntaxException) {
                throw e.getCause();
            }
            throw new RuntimeException(e);
        }
    }

    private static <S> S getService(final ComponentContext componentContext, final ServiceReference<S> serviceReference) {
        if (System.getSecurityManager() != null) {
            return (S) AccessController.doPrivileged(new PrivilegedAction<S>() { // from class: com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler.3
                static final long serialVersionUID = -7273318755773875648L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler$3", AnonymousClass3.class, "rest.validation", "com.ibm.ws.rest.handler.validator.resources.CWWKOMessages");

                @Override // java.security.PrivilegedAction
                @Trivial
                public S run() {
                    BundleContext bundleContext = componentContext.getBundleContext();
                    if (bundleContext == null) {
                        return null;
                    }
                    return (S) bundleContext.getService(serviceReference);
                }
            });
        }
        BundleContext bundleContext = componentContext.getBundleContext();
        if (bundleContext == null) {
            return null;
        }
        return (S) bundleContext.getService(serviceReference);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v175, types: [java.util.Collection] */
    public Object handleSingleInstance(RESTRequest rESTRequest, String str, String str2, Dictionary<String, Object> dictionary) throws IOException {
        Set emptySet;
        ServiceReference<?>[] serviceReferenceArr;
        Map<String, ?> singletonMap;
        OrderedJSONObject orderedJSONObject = new OrderedJSONObject();
        orderedJSONObject.put("uid", str);
        if (str2 != null) {
            orderedJSONObject.put("id", str2);
        }
        String str3 = (String) dictionary.get("jndiName");
        if (str3 != null) {
            orderedJSONObject.put("jndiName", str3);
        }
        Object obj = dictionary.get(Validator.AUTH_APPLICATION);
        if (obj != null) {
            orderedJSONObject.put(Validator.AUTH_APPLICATION, obj);
            Object obj2 = dictionary.get("module");
            if (obj2 != null) {
                orderedJSONObject.put("module", obj2);
                Object obj3 = dictionary.get("component");
                if (obj3 != null) {
                    orderedJSONObject.put("component", obj3);
                }
            }
        }
        String str4 = (String) dictionary.get("service.factoryPid");
        if (str4 == null) {
            str4 = (String) dictionary.get("service.pid");
        }
        try {
            emptySet = getServiceReferences(this.context.getBundleContext(), Validator.class, FilterUtils.createPropertyFilter("com.ibm.wsspi.rest.handler.config.pid", str4));
        } catch (InvalidSyntaxException e) {
            FFDCFilter.processException(e, "com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler", "198", this, new Object[]{rESTRequest, str, str2, dictionary});
            emptySet = Collections.emptySet();
        }
        try {
            serviceReferenceArr = getServiceReferences(this.context.getBundleContext(), (String) null, "(|" + FilterUtils.createPropertyFilter("service.pid", (String) dictionary.get("service.pid")) + FilterUtils.createPropertyFilter("ibm.extends.subtype.pid", (String) dictionary.get("service.pid")) + ")");
        } catch (InvalidSyntaxException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler", "209", this, new Object[]{rESTRequest, str, str2, dictionary});
            serviceReferenceArr = null;
        }
        ServiceReference<?> serviceReference = null;
        if (serviceReferenceArr != null) {
            for (ServiceReference<?> serviceReference2 : serviceReferenceArr) {
                if (serviceReference == null || serviceReference2.getProperty("creates.objectClass") != null) {
                    serviceReference = serviceReference2;
                }
            }
        }
        Object service = (emptySet.isEmpty() || serviceReference == null) ? null : getService(this.context, serviceReference);
        if (service == null) {
            orderedJSONObject.put("successful", false);
            orderedJSONObject.put(Validator.FAILURE, toJSONObject("message", Tr.formatMessage(tc, rESTRequest.getLocale(), "CWWKO1551_CANNOT_VALIDATE", new Object[0])));
        } else {
            HashMap hashMap = new HashMap();
            boolean z = false;
            for (String str5 : rESTRequest.getParameterMap().keySet()) {
                if ("headerParamsURLEncoded".equals(str5)) {
                    z = Boolean.parseBoolean(rESTRequest.getParameter(str5));
                } else {
                    if (!isParameter(str5)) {
                        return new HttpErrorInfo(400, "unrecognized query parameter: " + str5);
                    }
                    hashMap.put(str5, resolvePotentialVariable(rESTRequest.getParameter(str5)));
                }
            }
            String header = rESTRequest.getHeader("X-Validation-User");
            if (header != null) {
                if (z) {
                    header = URLDecoder.decode(header, "UTF-8");
                }
                hashMap.put(Validator.USER, resolvePotentialVariable(header));
            }
            String header2 = rESTRequest.getHeader("X-Validation-Password");
            if (header2 != null) {
                if (z) {
                    header2 = URLDecoder.decode(header2, "UTF-8");
                }
                hashMap.put(Validator.PASSWORD, this.variableRegistry.resolveRawString(header2));
            }
            String header3 = rESTRequest.getHeader("X-Login-Config-Props");
            if (header3 != null) {
                TreeMap treeMap = new TreeMap();
                for (String str6 : header3.split(",")) {
                    int indexOf = str6.indexOf("=");
                    if (indexOf > 0) {
                        String substring = str6.substring(0, indexOf);
                        String substring2 = str6.substring(indexOf + 1);
                        if (z) {
                            substring = URLDecoder.decode(substring, "UTF-8");
                            substring2 = URLDecoder.decode(substring2, "UTF-8");
                        }
                        treeMap.put(resolvePotentialVariable(substring), resolvePotentialVariable(substring2));
                    } else {
                        orderedJSONObject.put("successful", false);
                        orderedJSONObject.put(Validator.FAILURE, toJSONObject("message", Tr.formatMessage(tc, rESTRequest.getLocale(), "CWWKO1552_MISSING_DELIMITER", new Object[0])));
                    }
                }
                hashMap.put(Validator.LOGIN_CONFIG_PROPS, treeMap);
            }
            Validator validator = (Validator) getService(this.context, (ServiceReference) emptySet.iterator().next());
            if (validator == null) {
                orderedJSONObject.put("successful", false);
                orderedJSONObject.put(Validator.FAILURE, toJSONObject("message", Tr.formatMessage(tc, rESTRequest.getLocale(), "CWWKO1550_VALIDATOR_NOT_FOUND", new Object[]{str4})));
            } else if (!orderedJSONObject.containsKey("successful")) {
                try {
                    singletonMap = validator.validate(service, hashMap, rESTRequest.getLocale());
                } catch (Throwable th) {
                    FFDCFilter.processException(th, "com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler", "283", this, new Object[]{rESTRequest, str, str2, dictionary});
                    singletonMap = Collections.singletonMap(Validator.FAILURE, th);
                }
                Object obj4 = singletonMap.get(Validator.FAILURE);
                if (obj4 instanceof Throwable) {
                    orderedJSONObject.put("successful", false);
                    orderedJSONObject.put(Validator.FAILURE, toJSONObjectForThrowable(singletonMap, (Throwable) obj4));
                } else if (obj4 instanceof String) {
                    orderedJSONObject.put("successful", false);
                    orderedJSONObject.put(Validator.FAILURE, toJSONObject("message", obj4));
                } else {
                    orderedJSONObject.put("successful", true);
                    OrderedJSONObject orderedJSONObject2 = new OrderedJSONObject();
                    for (Map.Entry<String, ?> entry : singletonMap.entrySet()) {
                        orderedJSONObject2.put(entry.getKey(), entry.getValue());
                    }
                    orderedJSONObject.put("info", orderedJSONObject2);
                }
            }
        }
        return orderedJSONObject;
    }

    public boolean isParameter(String str) {
        return Validator.AUTH.equals(str) || Validator.AUTH_ALIAS.equals(str) || Validator.LOGIN_CONFIG.equals(str);
    }

    @Trivial
    public void populateResponse(RESTResponse rESTResponse, Object obj) throws IOException {
        JSONArtifact jSONArtifact;
        if (obj instanceof JSONArtifact) {
            jSONArtifact = (JSONArtifact) obj;
        } else {
            if (!(obj instanceof List)) {
                if (!(obj instanceof HttpErrorInfo)) {
                    throw new IllegalArgumentException(obj.toString());
                }
                HttpErrorInfo httpErrorInfo = (HttpErrorInfo) obj;
                rESTResponse.sendError(httpErrorInfo.code, httpErrorInfo.message);
                return;
            }
            JSONArtifact jSONArray = new JSONArray();
            for (Object obj2 : (List) obj) {
                if (!(obj2 instanceof JSONArtifact)) {
                    if (!(obj2 instanceof HttpErrorInfo)) {
                        throw new IllegalArgumentException(obj2.toString());
                    }
                    HttpErrorInfo httpErrorInfo2 = (HttpErrorInfo) obj2;
                    rESTResponse.sendError(httpErrorInfo2.code, httpErrorInfo2.message);
                    return;
                }
                jSONArray.add(obj2);
            }
            jSONArtifact = jSONArray;
        }
        String replaceAll = jSONArtifact.serialize(true).replaceAll("\\\\/", "/");
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(this, tc, "populateResponse", new Object[]{replaceAll});
        }
        rESTResponse.setContentType("application/json");
        rESTResponse.setCharacterEncoding("UTF-8");
        rESTResponse.getOutputStream().write(replaceAll.getBytes("UTF-8"));
    }

    @Trivial
    private JSONObject toJSONObject(Object... objArr) {
        OrderedJSONObject orderedJSONObject = new OrderedJSONObject();
        for (int i = 0; i < objArr.length; i += 2) {
            orderedJSONObject.put(objArr[i], objArr[i + 1]);
        }
        return orderedJSONObject;
    }

    @Trivial
    private JSONObject toJSONObjectForThrowable(Map<String, ?> map, Throwable th) {
        Object obj;
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(this, tc, "toJSONObjectForThrowable", new Object[]{map, th});
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (Map.Entry<String, ?> entry : map.entrySet()) {
            Object value = entry.getValue();
            if (value instanceof List) {
                linkedHashMap.put(entry.getKey(), (List) value);
            }
        }
        JSONObject orderedJSONObject = new OrderedJSONObject();
        int i = 0;
        JSONObject jSONObject = orderedJSONObject;
        HashSet hashSet = new HashSet();
        Throwable th2 = th;
        while (th2 != null && hashSet.add(th2)) {
            for (Map.Entry entry2 : linkedHashMap.entrySet()) {
                List list = (List) entry2.getValue();
                if (list.size() > i && (obj = list.get(i)) != null) {
                    jSONObject.put(entry2.getKey(), obj);
                }
            }
            jSONObject.put("class", th2.getClass().getName());
            jSONObject.put("message", th2.getMessage());
            JSONArray jSONArray = new JSONArray();
            for (StackTraceElement stackTraceElement : th2.getStackTrace()) {
                jSONArray.add(stackTraceElement.toString());
            }
            jSONObject.put("stack", jSONArray);
            Throwable cause = th2.getCause();
            th2 = cause;
            if (cause != null) {
                JSONObject jSONObject2 = jSONObject;
                JSONObject orderedJSONObject2 = new OrderedJSONObject();
                jSONObject = orderedJSONObject2;
                jSONObject2.put("cause", orderedJSONObject2);
            }
            i++;
        }
        return orderedJSONObject;
    }

    @Trivial
    private static String read(InputStream inputStream) throws IOException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        try {
            String str = (String) bufferedReader.lines().collect(Collectors.joining("\n"));
            bufferedReader.close();
            return str;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler", "442", (Object) null, new Object[]{inputStream});
            try {
                bufferedReader.close();
            } catch (Throwable th2) {
                FFDCFilter.processException(th2, "com.ibm.ws.rest.handler.validator.internal.ValidatorRESTHandler", "442", (Object) null, new Object[]{inputStream});
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Trivial
    private String resolvePotentialVariable(String str) {
        if (str == null) {
            return str;
        }
        String resolveRawString = this.variableRegistry.resolveRawString(str);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Was a variable value found for " + str + "?  " + (!str.equals(resolveRawString)), new Object[0]);
        }
        return resolveRawString;
    }

    public final void handleRequest(RESTRequest rESTRequest, RESTResponse rESTResponse) throws IOException {
        if ("GET".equals(rESTRequest.getMethod())) {
            if (rESTRequest.getPath().startsWith("/validation//")) {
                rESTResponse.sendError(404, Tr.formatMessage(tc, rESTRequest.getLocale(), "CWWKO1553_HANDLER_NOT_FOUND", new Object[]{rESTRequest.getContextPath() + rESTRequest.getPath()}));
                return;
            } else {
                super.handleRequest(rESTRequest, rESTResponse);
                return;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(this, tc, "Request method was " + rESTRequest.getMethod() + " but the validation endpoint is restricted to GET requests only.", new Object[0]);
        }
        rESTResponse.setResponseHeader("Accept", "GET");
        rESTResponse.sendError(405);
    }

    public boolean requireAdministratorRole() {
        return true;
    }
}
