package com.huawei.bigdata.om.web.api.util;

import com.huawei.bigdata.om.common.utils.ConcurrentDateUtil;
import com.huawei.bigdata.om.common.utils.JsonUtil;
import com.huawei.bigdata.om.controller.api.common.data.ValueData;
import com.huawei.bigdata.om.controller.api.model.IPModel;
import com.huawei.bigdata.om.web.api.model.auth.ApiAdIntegrationConfig;
import com.huawei.bigdata.om.web.api.model.ui.APIMutualTrustConfig;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/huawei/bigdata/om/web/api/util/ValidateUtils.class */
public class ValidateUtils {
    private static final int MAX_BASEDN_NUM = 8;
    private static final int MAX_PEER_NUM = 501;
    private static final Logger LOG = LoggerFactory.getLogger(ValidateUtils.class);
    private static final String REGEX_IPV4 = "^(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}:\\d{1,5})$";
    private static final Pattern PATTERN_IPV4 = Pattern.compile(REGEX_IPV4);
    private static final String REGEX_IPV6 = "^(\\[(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))\\]:\\d{1,5})$";
    private static final Pattern PATTERN_IPV6 = Pattern.compile(REGEX_IPV6);

    public static boolean isStartEndTimeValid(String str, String str2) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            LOG.error("Start time or end time is empty, begin time: {}, end time: {}.");
            return false;
        }
        try {
            if (ConcurrentDateUtil.parse(str).compareTo(ConcurrentDateUtil.parse(str2)) <= 0) {
                return true;
            }
            LOG.error("Start time is less than end time, begin time: {}, end time: {}.");
            return false;
        } catch (ParseException e) {
            LOG.error("Start time or end time parse error, begin time: {}, end time: {}.");
            return false;
        }
    }

    public static List<String> getPeerRealms(APIMutualTrustConfig aPIMutualTrustConfig, List<String> list) {
        ValueData[] valueDataArr;
        ArrayList arrayList = new ArrayList();
        if (StringUtils.isNotEmpty(aPIMutualTrustConfig.getPeerRealms()) && (valueDataArr = (ValueData[]) JsonUtil.json2Object(aPIMutualTrustConfig.getPeerRealms(), ValueData[].class)) != null) {
            for (ValueData valueData : valueDataArr) {
                String name = valueData.getName();
                if (StringUtils.isNotEmpty(name)) {
                    arrayList.add(name);
                }
                String data = valueData.getData();
                if (StringUtils.isNotEmpty(data)) {
                    for (String str : data.split(",")) {
                        list.add(str);
                    }
                }
            }
        }
        return arrayList;
    }

    public static boolean isValidApiAdIntegrationConfig(ApiAdIntegrationConfig apiAdIntegrationConfig, APIMutualTrustConfig aPIMutualTrustConfig) {
        if (!apiAdIntegrationConfig.isEnable()) {
            return true;
        }
        if (StringUtils.isEmpty(apiAdIntegrationConfig.getAdRealm()) || StringUtils.isEmpty(apiAdIntegrationConfig.getTrustpasswd()) || StringUtils.isEmpty(apiAdIntegrationConfig.getAdip())) {
            LOG.error("ad realm or trustpassord or id ip parameter is null.");
            return false;
        }
        if (StringUtils.isEmpty(apiAdIntegrationConfig.getKdcport()) || StringUtils.isEmpty(apiAdIntegrationConfig.getLdapport()) || apiAdIntegrationConfig.getBaseDns() == null) {
            LOG.error("kdcport or ldapport or basedns parameter is null.");
            return false;
        }
        if (StringUtils.isEmpty(apiAdIntegrationConfig.getBindDn()) || StringUtils.isEmpty(apiAdIntegrationConfig.getAdPasswd()) || StringUtils.isEmpty(apiAdIntegrationConfig.getSyncPeriod()) || StringUtils.isEmpty(apiAdIntegrationConfig.getSyncMode())) {
            LOG.error("binddn or ad password or syncperiod or syncmode parameter is null.");
            return false;
        }
        if (apiAdIntegrationConfig.isEnableSsl() && StringUtils.isEmpty(apiAdIntegrationConfig.getAdCertName())) {
            LOG.error("certname parameter is null");
            return false;
        }
        List baseDns = apiAdIntegrationConfig.getBaseDns();
        if (baseDns.size() > 8) {
            LOG.error("baseDns num {} is more than limit 8", Integer.valueOf(baseDns.size()));
            return false;
        }
        if (apiAdIntegrationConfig.getAdRealm().equals(aPIMutualTrustConfig.getDefaultRealm())) {
            LOG.error("ad Realm {} cannot equal to default realm {}", apiAdIntegrationConfig.getAdRealm(), aPIMutualTrustConfig.getDefaultRealm());
            return false;
        }
        if (apiAdIntegrationConfig.getAdRealm().equals(aPIMutualTrustConfig.getPeerRealm())) {
            LOG.error("ad Realm {} cannot equal to peer realm {}", apiAdIntegrationConfig.getAdRealm(), aPIMutualTrustConfig.getPeerRealm());
            return false;
        }
        for (String str : getPeerRealms(aPIMutualTrustConfig, new ArrayList())) {
            if (apiAdIntegrationConfig.getAdRealm().equals(str)) {
                LOG.error("ad Realm {} cannot equal to peer realm {}", apiAdIntegrationConfig.getAdRealm(), str);
                return false;
            }
        }
        return true;
    }

    public static boolean isValidApiMutualTrustConfig(ApiAdIntegrationConfig apiAdIntegrationConfig, APIMutualTrustConfig aPIMutualTrustConfig, IPModel iPModel) {
        String peerKdcServices = aPIMutualTrustConfig.getPeerKdcServices();
        if (StringUtils.isEmpty(aPIMutualTrustConfig.getDefaultRealm())) {
            LOG.error("default realm cannot be null.");
            return false;
        }
        ArrayList<String> arrayList = new ArrayList();
        if (StringUtils.isNotEmpty(peerKdcServices)) {
            for (String str : peerKdcServices.split(",")) {
                arrayList.add(str);
            }
        }
        List<String> peerRealms = getPeerRealms(aPIMutualTrustConfig, arrayList);
        LOG.info("peerKdcServices is {}", arrayList);
        for (String str2 : arrayList) {
            if (iPModel.equals(IPModel.IPV4) && !PATTERN_IPV4.matcher(str2).matches()) {
                LOG.error("kdcServiceTemp {} is not match ipv4 pattern ", str2);
                return false;
            }
            if (iPModel.equals(IPModel.IPV6) && !PATTERN_IPV6.matcher(str2).matches()) {
                LOG.error("kdcServiceTemp {} is not match ipv6 pattern ", str2);
                return false;
            }
        }
        peerRealms.add(aPIMutualTrustConfig.getDefaultRealm());
        if (StringUtils.isNotEmpty(aPIMutualTrustConfig.getPeerRealm())) {
            peerRealms.add(aPIMutualTrustConfig.getPeerRealm());
        }
        LOG.info("allRealms is {}", Integer.valueOf(peerRealms.size()));
        if (apiAdIntegrationConfig.getAdRealm() != null) {
            for (String str3 : peerRealms) {
                if (apiAdIntegrationConfig.getAdRealm().equals(str3)) {
                    LOG.error("ad Realm {} cannot equal to realm {}", apiAdIntegrationConfig.getAdRealm(), str3);
                    return false;
                }
            }
        }
        HashSet hashSet = new HashSet(peerRealms);
        if (hashSet.size() != peerRealms.size()) {
            LOG.error("peer Realm {} cannot equal to peer realms {}", aPIMutualTrustConfig.getPeerRealm(), peerRealms);
            return false;
        }
        if (hashSet.size() <= MAX_PEER_NUM) {
            return true;
        }
        LOG.error("peer Realm num {} exceed max limit {}", Integer.valueOf(hashSet.size()), Integer.valueOf(MAX_PEER_NUM));
        return false;
    }

    public static boolean isValidRealmConfig(ApiAdIntegrationConfig apiAdIntegrationConfig, APIMutualTrustConfig aPIMutualTrustConfig, boolean z, IPModel iPModel) {
        return z ? isValidApiAdIntegrationConfig(apiAdIntegrationConfig, aPIMutualTrustConfig) : isValidApiMutualTrustConfig(apiAdIntegrationConfig, aPIMutualTrustConfig, iPModel);
    }
}
