package com.huawei.bigdata.om.web.api.service;

import com.huawei.bigdata.om.client.ClientProviderFactory;
import com.huawei.bigdata.om.common.utils.StringHelper;
import com.huawei.bigdata.om.common.utils.ValidateUtil;
import com.huawei.bigdata.om.controller.api.common.data.State;
import com.huawei.bigdata.om.web.api.exception.InternalServerException;
import com.huawei.bigdata.om.web.api.exception.InvalidParameterException;
import com.huawei.bigdata.om.web.api.util.APIContextUtil;
import com.huawei.bigdata.om.web.client.WebClient;
import com.huawei.bigdata.om.web.client.WebContext;
import com.huawei.bigdata.om.web.model.proto.Response;
import com.huawei.bigdata.om.web.model.proto.maintenance.SsoServerInfoRequest;
import com.huawei.bigdata.om.web.model.proto.maintenance.SsoServerInfoResponse;
import com.huawei.bigdata.om.web.security.CasAuthenticationEntryPointWrapper;
import io.netty.util.internal.StringUtil;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import org.apache.commons.configuration2.Configuration;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/huawei/bigdata/om/web/api/service/SsoResourceService.class */
public class SsoResourceService extends BaseResourceService {
    public static final String URL_RULE_PATTERN = "\\b(https?|ftp|file)://[-a-zA-Z0-9+@#/%?=~_:,.]*[-a-zA-Z0-9+@#/%=~_]";
    private static final Logger LOG = LoggerFactory.getLogger(SsoResourceService.class);
    private static final String CONFIGURATION_BEAN_NAME = "configuration";
    private static final String CLIENT_PROVIDER_FACTORY_BEAN_NAME = "clientProviderFactory";
    private static final String DEFAULT_LOGIN_URL = "/cas/login";
    private static final String DEFAULT_LOGOUT_URL = "/cas/logout";
    private static final String DEFAULT_SSOCONFIG_MODE = "single";

    @Autowired
    private LogoutFilter logoutFilter;

    @Autowired
    private ApplicationContext applicationContext;

    @Autowired
    private CasAuthenticationEntryPointWrapper casAuthenticationEntryPoint;
    private WebClient client = null;

    public void refreshSsoInfo(SsoServerInfoRequest ssoServerInfoRequest) {
        LOG.info("begin to refresh SsoInfo");
        String language = APIContextUtil.getLanguage();
        if (ValidateUtil.isNull(new Object[]{ssoServerInfoRequest, ssoServerInfoRequest.getSsoIp(), ssoServerInfoRequest.getSsoPort()})) {
            LOG.error("The ssoServerInfo is null.");
            throw new InvalidParameterException("26-4000004", "RESID_OM_API_SSO_0004");
        }
        String str = ssoServerInfoRequest.getSsoIp() + ":" + ssoServerInfoRequest.getSsoPort();
        String loginUrl = ssoServerInfoRequest.getLoginUrl();
        String logoutUrl = ssoServerInfoRequest.getLogoutUrl();
        String mode = ssoServerInfoRequest.getMode();
        if (StringUtil.isNullOrEmpty(loginUrl)) {
            loginUrl = "https://" + str + DEFAULT_LOGIN_URL;
        }
        if (StringUtil.isNullOrEmpty(logoutUrl)) {
            logoutUrl = "https://" + str + DEFAULT_LOGOUT_URL;
        }
        if (StringUtil.isNullOrEmpty(mode)) {
            mode = DEFAULT_SSOCONFIG_MODE;
        }
        ssoServerInfoRequest.setLoginUrl(loginUrl);
        ssoServerInfoRequest.setLogoutUrl(logoutUrl);
        ssoServerInfoRequest.setMode(mode);
        String substringAfter = StringUtils.substringAfter(loginUrl, "://");
        String substringAfter2 = StringUtils.substringAfter(logoutUrl, "://");
        LOG.info("Enter refreshSsoInfo ssoServerInfoRequest.ip={},port={},mode={}, loginUrl={}, logoutUrl={}", new Object[]{StringHelper.replaceBlank(ssoServerInfoRequest.getSsoIp()), StringHelper.replaceBlank(ssoServerInfoRequest.getSsoPort()), StringHelper.replaceBlank(ssoServerInfoRequest.getMode()), StringHelper.replaceBlank(loginUrl), StringHelper.replaceBlank(logoutUrl)});
        if (!substringAfter.startsWith(str) || !substringAfter2.startsWith(str)) {
            LOG.error("The loginUrl or logoutUrl is invalid.");
            throw new InvalidParameterException("26-4000001", "RESID_OM_API_SSO_0001");
        }
        if (!ValidateUtil.isMatchRule(loginUrl, URL_RULE_PATTERN) || !ValidateUtil.isMatchRule(logoutUrl, URL_RULE_PATTERN)) {
            LOG.error("The loginUrl or logoutUrl is not match with the url_rule_pattern.");
            throw new InvalidParameterException("26-4000002", "RESID_OM_API_SSO_0002");
        }
        LOG.info("Enter refreshSsoInfo ssoServerInfoRequest.ip={},port={},mode={}", new Object[]{StringHelper.replaceBlank(ssoServerInfoRequest.getSsoIp()), StringHelper.replaceBlank(ssoServerInfoRequest.getSsoPort()), StringHelper.replaceBlank(ssoServerInfoRequest.getMode()), StringHelper.replaceBlank(loginUrl), StringHelper.replaceBlank(logoutUrl)});
        String loginUrl2 = this.casAuthenticationEntryPoint.getLoginUrl();
        String logoutUrl2 = getLogoutUrl();
        if (StringUtils.isEmpty(loginUrl2) || StringUtils.isEmpty(logoutUrl2)) {
            LOG.error("The loginUrl or logoutUrl is not match with the url_rule_pattern.");
            throw new InvalidParameterException("26-4000003", "RESID_OM_API_SSO_0003");
        }
        Response updateSsoConfig = getWebClient().updateSsoConfig(ssoServerInfoRequest, loginUrl2, StringUtils.substringBeforeLast(loginUrl2, "/"), logoutUrl2, language);
        if (updateSsoConfig.getState() == State.FAILED) {
            LOG.error("update SsoConfig faild,the reason is {}", updateSsoConfig.getErrorDescription());
            throw new InternalServerException("26-5000001", "RESID_OM_API_SSO_0005");
        }
    }

    private String getLogoutUrl() {
        String str = "";
        try {
            Field declaredField = LogoutFilter.class.getDeclaredField("logoutSuccessHandler");
            declaredField.setAccessible(true);
            SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = (SimpleUrlLogoutSuccessHandler) declaredField.get(this.logoutFilter);
            Method superDeclaredMethod = getWebClient().getSuperDeclaredMethod(simpleUrlLogoutSuccessHandler, "getDefaultTargetUrl");
            superDeclaredMethod.setAccessible(true);
            str = (String) superDeclaredMethod.invoke(simpleUrlLogoutSuccessHandler, new Object[0]);
            LOG.info("get url from LogoutFilter ={}", str);
        } catch (IllegalAccessException e) {
            LOG.info("catch IllegalAccessException +{}", e);
        } catch (IllegalArgumentException e2) {
            LOG.info("catch IllegalArgumentException +{}", e2);
        } catch (NoSuchFieldException e3) {
            LOG.info("catch NoSuchFieldException +{}", e3);
        } catch (SecurityException e4) {
            LOG.info("catch SecurityException +{}", e4);
        } catch (InvocationTargetException e5) {
            LOG.info("catch InvocationTargetException +{}", e5);
        }
        return str;
    }

    public WebClient getWebClient() {
        if (ValidateUtil.isNull(new Object[]{this.client})) {
            initWebClient();
        }
        return this.client;
    }

    private void initWebClient() {
        Configuration configuration = (Configuration) this.applicationContext.getBean(CONFIGURATION_BEAN_NAME, Configuration.class);
        WebContext webContext = new WebContext();
        webContext.setConfiguration(configuration);
        this.client = new WebClient(((ClientProviderFactory) this.applicationContext.getBean(CLIENT_PROVIDER_FACTORY_BEAN_NAME, ClientProviderFactory.class)).newClientProvider(webContext).newClient((String) null), webContext);
    }

    public SsoServerInfoResponse getSsoInfo() {
        LOG.info("Enter getSsoInfo");
        SsoServerInfoResponse ssoServerInfoResponse = new SsoServerInfoResponse();
        String logoutUrl = getLogoutUrl();
        String loginUrl = this.casAuthenticationEntryPoint.getLoginUrl();
        if (org.springframework.util.StringUtils.isEmpty(logoutUrl)) {
            LOG.error("Get logout url failed");
            throw new InternalServerException("26-5000002", "RESID_OM_API_SSO_0006");
        }
        String substringBefore = StringUtils.substringBefore(StringUtils.substringAfter(logoutUrl, "//"), "/");
        String substringBefore2 = StringUtils.substringBefore(substringBefore, ":");
        String substringAfter = StringUtils.substringAfter(substringBefore, ":");
        ssoServerInfoResponse.setSsoIp(substringBefore2);
        ssoServerInfoResponse.setSsoPort(substringAfter);
        ssoServerInfoResponse.setLogoutUrl(logoutUrl);
        ssoServerInfoResponse.setLoginUrl(loginUrl);
        return ssoServerInfoResponse;
    }
}
