package com.vmware.vapi.security;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.vmware.vapi.internal.util.Validate;
import com.vmware.vapi.internal.util.io.IoUtil;
import com.vmware.vapi.security.AuthenticationConfig;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/vmware/vapi/security/JsonAuthenticationConfig.class */
public class JsonAuthenticationConfig implements AuthenticationConfig {
    private static final Logger logger;
    private static final String AUTHENTICATION_SECTION_NAME = "authentication";
    private static final String PRODUCT_SECTION_NAME = "product";
    private static final String COMPONENT_SECTION_NAME = "component";
    private static final String SERVICES_SECTION_NAME = "services";
    private static final String PACKAGES_SECTION_NAME = "packages";
    private static final String OPERATIONS_SECTION_NAME = "operations";
    private static final String AUTHENTICATION_SCHEME_KEY = "authenticationScheme";
    private static final String SESSION_AWARE_TYPE_VALUE = "SessionAware";
    private static final String SCHEME_TYPE_KEY = "type";
    private static final String SCHEMES_SECTION = "schemes";
    private static final String LOAD_CONFIG_ERR_MSG = "Cannot load authentication config";
    private static final String FIND_CONFIG_ERR_MSG = "Cannot find authentication config file %s on the classpath";
    private Map<String, List<AuthenticationConfig.AuthnScheme>> ifaceRulesTable;
    private Map<String, List<AuthenticationConfig.AuthnScheme>> packageRulesTable;
    private Map<String, List<AuthenticationConfig.AuthnScheme>> operationRulesTable;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/vmware/vapi/security/JsonAuthenticationConfig$Rules.class */
    public final class Rules {
        private Map<String, List<AuthenticationConfig.AuthnScheme>> ifaceTable;
        private Map<String, List<AuthenticationConfig.AuthnScheme>> packageTable;
        private Map<String, List<AuthenticationConfig.AuthnScheme>> operationTable;

        private Rules() {
            this.ifaceTable = new HashMap();
            this.packageTable = new HashMap();
            this.operationTable = new HashMap();
        }

        public void mergeConfigs(Rules rules) {
            mergeRules(this.ifaceTable, rules.ifaceTable);
            mergeRules(this.operationTable, rules.operationTable);
            mergeRules(this.packageTable, rules.packageTable);
        }

        private void mergeRules(Map<String, List<AuthenticationConfig.AuthnScheme>> map, Map<String, List<AuthenticationConfig.AuthnScheme>> map2) {
            for (String str : map2.keySet()) {
                if (map.containsKey(str) && !map.get(str).equals(map2.get(str))) {
                    String format = String.format("Merge conflict for entity %s", str);
                    JsonAuthenticationConfig.logger.warn(format);
                    throw new RuntimeException(format);
                }
                map.put(str, map2.get(str));
            }
        }
    }

    public JsonAuthenticationConfig(String... strArr) {
        Validate.notNull(strArr);
        initRules(loadAndMergeConfig(strArr));
    }

    public JsonAuthenticationConfig(Reader... readerArr) {
        Validate.notNull(readerArr);
        initRules(loadAndMergeConfig(readerArr));
    }

    @Override // com.vmware.vapi.security.AuthenticationConfig
    public Map<String, List<AuthenticationConfig.AuthnScheme>> getPackageAuthenticationRules() {
        return this.packageRulesTable;
    }

    @Override // com.vmware.vapi.security.AuthenticationConfig
    public Map<String, List<AuthenticationConfig.AuthnScheme>> getIFaceAuthenticationRules() {
        return this.ifaceRulesTable;
    }

    @Override // com.vmware.vapi.security.AuthenticationConfig
    public Map<String, List<AuthenticationConfig.AuthnScheme>> getOperationAuthenticationRules() {
        return this.operationRulesTable;
    }

    private void initRules(Rules rules) {
        this.ifaceRulesTable = Collections.unmodifiableMap(rules.ifaceTable);
        this.operationRulesTable = Collections.unmodifiableMap(rules.operationTable);
        this.packageRulesTable = Collections.unmodifiableMap(rules.packageTable);
    }

    private Rules loadAndMergeConfig(String[] strArr) {
        Rules rules = new Rules();
        for (String str : strArr) {
            Validate.notNull(str);
            rules.mergeConfigs(loadConfig(str));
        }
        return rules;
    }

    private Rules loadAndMergeConfig(Reader[] readerArr) {
        Rules rules = new Rules();
        for (Reader reader : readerArr) {
            Validate.notNull(reader);
            rules.mergeConfigs(loadConfig(reader));
        }
        return rules;
    }

    private Rules loadConfig(Reader reader) {
        try {
            return constructAuthnMap(new ObjectMapper().readTree(reader));
        } catch (IOException e) {
            throw new RuntimeException(LOAD_CONFIG_ERR_MSG, e);
        }
    }

    private Rules loadConfig(String str) {
        InputStreamReader inputStreamReader = new InputStreamReader(getInputStream(str));
        try {
            Rules loadConfig = loadConfig(inputStreamReader);
            IoUtil.silentClose(inputStreamReader);
            return loadConfig;
        } catch (Throwable th) {
            IoUtil.silentClose(inputStreamReader);
            throw th;
        }
    }

    private Rules constructAuthnMap(JsonNode jsonNode) {
        if (!$assertionsDisabled && jsonNode == null) {
            throw new AssertionError();
        }
        JsonNode jsonNode2 = jsonNode.get(AUTHENTICATION_SECTION_NAME);
        JsonNode jsonNode3 = jsonNode2.get(COMPONENT_SECTION_NAME);
        if (jsonNode3 == null) {
            jsonNode3 = jsonNode2.get(PRODUCT_SECTION_NAME);
        }
        if (!$assertionsDisabled && jsonNode3 == null) {
            throw new AssertionError();
        }
        Map<String, AuthenticationConfig.AuthnScheme> loadSchemes = loadSchemes(jsonNode3);
        Rules rules = new Rules();
        rules.packageTable = loadConfigSection(jsonNode3.get(PACKAGES_SECTION_NAME), loadSchemes);
        rules.ifaceTable = loadConfigSection(jsonNode3.get(SERVICES_SECTION_NAME), loadSchemes);
        rules.operationTable = loadConfigSection(jsonNode3.get("operations"), loadSchemes);
        return rules;
    }

    private Map<String, AuthenticationConfig.AuthnScheme> loadSchemes(JsonNode jsonNode) {
        HashMap hashMap = new HashMap();
        JsonNode jsonNode2 = jsonNode.get(SCHEMES_SECTION);
        if (jsonNode2 == null) {
            logger.debug("No 'schemes' node found");
            return hashMap;
        }
        Iterator fields = jsonNode2.fields();
        while (fields.hasNext()) {
            Map.Entry entry = (Map.Entry) fields.next();
            logger.debug("Parsing authentication scheme: {}", entry.getKey());
            hashMap.put(entry.getKey(), createAuthnScheme((JsonNode) entry.getValue()));
        }
        return hashMap;
    }

    private AuthenticationConfig.AuthnScheme createAuthnScheme(JsonNode jsonNode) {
        if (!$assertionsDisabled && jsonNode == null) {
            throw new AssertionError();
        }
        ArrayList arrayList = new ArrayList();
        JsonNode findValue = jsonNode.findValue("type");
        Validate.notNull(findValue);
        if (findValue.textValue().equalsIgnoreCase(SESSION_AWARE_TYPE_VALUE)) {
            arrayList.add("com.vmware.vapi.std.security.session_id");
        }
        JsonNode jsonNode2 = jsonNode.get(AUTHENTICATION_SCHEME_KEY);
        Validate.notNull(jsonNode2);
        if (!jsonNode2.textValue().trim().isEmpty()) {
            arrayList.add(jsonNode2.textValue());
        }
        return new AuthenticationConfig.AuthnScheme(arrayList);
    }

    private Map<String, List<AuthenticationConfig.AuthnScheme>> loadConfigSection(JsonNode jsonNode, Map<String, AuthenticationConfig.AuthnScheme> map) {
        if (!$assertionsDisabled && (jsonNode == null || map == null)) {
            throw new AssertionError();
        }
        HashMap hashMap = new HashMap();
        Iterator fields = jsonNode.fields();
        while (fields.hasNext()) {
            Map.Entry entry = (Map.Entry) fields.next();
            JsonNode jsonNode2 = (JsonNode) entry.getValue();
            Validate.isTrue(jsonNode2.isArray());
            ArrayList arrayList = new ArrayList();
            Iterator it = jsonNode2.iterator();
            while (it.hasNext()) {
                JsonNode jsonNode3 = (JsonNode) it.next();
                AuthenticationConfig.AuthnScheme authnScheme = map.get(jsonNode3.asText());
                if (authnScheme == null) {
                    throw new RuntimeException("Unknown scheme name found " + jsonNode3);
                }
                arrayList.add(authnScheme);
            }
            hashMap.put(entry.getKey(), arrayList);
        }
        return hashMap;
    }

    private InputStream getInputStream(String str) {
        InputStream inputStream = getInputStream(str, Thread.currentThread().getContextClassLoader());
        if (inputStream != null) {
            return inputStream;
        }
        InputStream inputStream2 = getInputStream(str, getClass().getClassLoader());
        if (inputStream2 != null) {
            return inputStream2;
        }
        InputStream resourceAsStream = getClass().getResourceAsStream(str);
        if (resourceAsStream != null) {
            return resourceAsStream;
        }
        throw new RuntimeException(String.format(FIND_CONFIG_ERR_MSG, str));
    }

    private InputStream getInputStream(String str, ClassLoader classLoader) {
        if (classLoader != null) {
            return classLoader.getResourceAsStream(str);
        }
        return null;
    }

    static {
        $assertionsDisabled = !JsonAuthenticationConfig.class.desiredAssertionStatus();
        logger = LoggerFactory.getLogger(JsonAuthenticationConfig.class);
    }
}
