package io.jans.lock.service.policy;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.jans.lock.model.config.AppConfiguration;
import io.jans.lock.service.consumer.policy.PolicyConsumer;
import io.jans.lock.service.policy.event.PolicyDownloadEvent;
import io.jans.service.EncryptionService;
import io.jans.service.cdi.async.Asynchronous;
import io.jans.service.cdi.event.Scheduled;
import io.jans.service.net.BaseHttpService;
import io.jans.service.timer.event.TimerEvent;
import io.jans.service.timer.schedule.TimerSchedule;
import io.jans.util.StringHelper;
import jakarta.annotation.PostConstruct;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.enterprise.event.Event;
import jakarta.enterprise.event.Observes;
import jakarta.inject.Inject;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import org.apache.commons.io.IOUtils;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:io/jans/lock/service/policy/PolicyDownloadService.class */
public class PolicyDownloadService {
    private static final int DEFAULT_INTERVAL = 30;

    @Inject
    private Logger log;

    @Inject
    private Event<TimerEvent> timerEvent;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private BaseHttpService httpService;

    @Inject
    private PolicyConsumer policyConsumer;

    @Inject
    private EncryptionService encryptionService;
    private ObjectMapper objectMapper;
    private List<String> loadedPoliciesJsonUris;
    private List<String> loadedPoliciesZipUris;
    private AtomicBoolean isActive;

    @PostConstruct
    public void init() {
        this.log.info("Initializing Policy Download Service ...");
        this.isActive = new AtomicBoolean(false);
        this.objectMapper = new ObjectMapper();
        this.loadedPoliciesJsonUris = new ArrayList();
        this.loadedPoliciesZipUris = new ArrayList();
    }

    public void initTimer() {
        this.log.debug("Initializing Policy Download Service Timer");
        this.timerEvent.fire(new TimerEvent(new TimerSchedule(DEFAULT_INTERVAL, DEFAULT_INTERVAL), new PolicyDownloadEvent(), new Annotation[]{Scheduled.Literal.INSTANCE}));
    }

    @Asynchronous
    public void reloadPoliciesTimerEvent(@Observes @Scheduled PolicyDownloadEvent policyDownloadEvent) {
        if (!this.isActive.get() && this.isActive.compareAndSet(false, true)) {
            try {
                reloadPolicies();
            } catch (Throwable th) {
                this.log.error("Exception happened while reloading policies", th);
            } finally {
                this.isActive.set(false);
            }
        }
    }

    private void reloadPolicies() {
        reloadUrisPolicies();
        reloadZipPolicies();
    }

    private void reloadUrisPolicies() {
        this.log.debug("Starting URIs policies reload");
        String decrypt = this.encryptionService.decrypt(this.appConfiguration.getPoliciesJsonUrisAuthorizationToken(), true);
        List<String> policiesJsonUris = this.appConfiguration.getPoliciesJsonUris();
        if (policiesJsonUris == null) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (String str : policiesJsonUris) {
            if (!StringHelper.isEmpty(str)) {
                ArrayList arrayList2 = new ArrayList();
                HttpGet httpGet = new HttpGet(str);
                if (StringHelper.isNotEmpty(decrypt)) {
                    httpGet.setHeader("Authorization", "Bearer " + decrypt);
                }
                try {
                    CloseableHttpResponse execute = this.httpService.getHttpsClient().execute(httpGet);
                    if (this.httpService.isResponseStastusCodeOk(execute)) {
                        JsonNode readTree = this.objectMapper.readTree(EntityUtils.toString(execute.getEntity(), StandardCharsets.UTF_8));
                        if (readTree.isArray()) {
                            Iterator it = readTree.iterator();
                            while (it.hasNext()) {
                                String downloadPolicy = downloadPolicy(((JsonNode) it.next()).asText(), decrypt);
                                if (StringHelper.isNotEmpty(downloadPolicy)) {
                                    arrayList2.add(downloadPolicy);
                                }
                            }
                        } else {
                            this.log.error(String.format("Policies URI should provides json array. Skipping it...", str));
                        }
                    } else {
                        this.log.error("Get invalid response from URI {}", str);
                    }
                } catch (IOException e) {
                    this.log.error("Failed to execute load policies list from URI {}", str, e);
                }
                this.policyConsumer.putPolicies(str, arrayList2);
                arrayList.add(str);
            }
        }
        this.loadedPoliciesJsonUris.removeAll(arrayList);
        Iterator<String> it2 = this.loadedPoliciesJsonUris.iterator();
        while (it2.hasNext()) {
            this.policyConsumer.removePolicies(it2.next());
        }
        this.loadedPoliciesJsonUris = arrayList;
        this.log.debug("End URIs policies reload");
    }

    private void reloadZipPolicies() {
        this.log.debug("Starting Zip policies reload");
        String decrypt = this.encryptionService.decrypt(this.appConfiguration.getPoliciesZipUrisAuthorizationToken(), true);
        List<String> policiesZipUris = this.appConfiguration.getPoliciesZipUris();
        if (policiesZipUris == null) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (String str : policiesZipUris) {
            if (!StringHelper.isEmpty(str)) {
                ArrayList arrayList2 = new ArrayList();
                HttpGet httpGet = new HttpGet(str);
                if (StringHelper.isNotEmpty(decrypt)) {
                    httpGet.setHeader("Authorization", "Bearer " + decrypt);
                }
                try {
                    CloseableHttpResponse execute = this.httpService.getHttpsClient().execute(httpGet);
                    if (this.httpService.isResponseStastusCodeOk(execute)) {
                        ZipInputStream zipInputStream = new ZipInputStream(execute.getEntity().getContent());
                        while (true) {
                            try {
                                ZipEntry nextEntry = zipInputStream.getNextEntry();
                                if (nextEntry == null) {
                                    break;
                                }
                                String name = nextEntry.getName();
                                if (!nextEntry.isDirectory() && name.endsWith(".rego")) {
                                    String str2 = new String(IOUtils.toByteArray(zipInputStream), StandardCharsets.UTF_8);
                                    zipInputStream.closeEntry();
                                    if (StringHelper.isNotEmpty(str2)) {
                                        arrayList2.add(str2);
                                    }
                                }
                            } catch (Throwable th) {
                                try {
                                    zipInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                                throw th;
                                break;
                            }
                        }
                        zipInputStream.close();
                    } else {
                        this.log.error("Get invalid response from URI {}", str);
                    }
                } catch (IOException e) {
                    this.log.error("Failed to execute load policies list from Zip {}", str, e);
                }
                this.policyConsumer.putPolicies(str, arrayList2);
                arrayList.add(str);
            }
        }
        this.loadedPoliciesZipUris.removeAll(arrayList);
        Iterator<String> it = this.loadedPoliciesZipUris.iterator();
        while (it.hasNext()) {
            this.policyConsumer.removePolicies(it.next());
        }
        this.loadedPoliciesZipUris = arrayList;
        this.log.debug("End Zip policies reload");
    }

    private String downloadPolicy(String str, String str2) {
        HttpGet httpGet = new HttpGet(str);
        if (StringHelper.isNotEmpty(str2)) {
            httpGet.setHeader("Authorization", "Bearer " + str2);
        }
        try {
            CloseableHttpResponse execute = this.httpService.getHttpsClient().execute(httpGet);
            if (this.httpService.isResponseStastusCodeOk(execute)) {
                return EntityUtils.toString(execute.getEntity(), StandardCharsets.UTF_8);
            }
            this.log.error("Get invalid response from policy URI {}", str);
            return null;
        } catch (IOException e) {
            this.log.error("Failed to load policy from URI {}", str, e);
            return null;
        }
    }
}
