package com.networknt.security;

import com.fasterxml.jackson.core.type.TypeReference;
import com.networknt.config.Config;
import com.networknt.config.ConfigException;
import com.networknt.config.schema.ArrayField;
import com.networknt.config.schema.BooleanField;
import com.networknt.config.schema.ConfigSchema;
import com.networknt.config.schema.OutputFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.codehaus.plexus.util.SelectorUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ConfigSchema(configKey = UnifiedSecurityConfig.CONFIG_NAME, configName = UnifiedSecurityConfig.CONFIG_NAME, outputFormats = {OutputFormat.JSON_SCHEMA, OutputFormat.YAML})
/* loaded from: input_file:com/networknt/security/UnifiedSecurityConfig.class */
public class UnifiedSecurityConfig {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) UnifiedSecurityConfig.class);
    public static final String CONFIG_NAME = "unified-security";
    public static final String ENABLED = "enabled";
    public static final String ANONYMOUS_PREFIXES = "anonymousPrefixes";
    public static final String PATH_PREFIX_AUTHS = "pathPrefixAuths";
    public static final String PREFIX = "prefix";
    public static final String BASIC = "basic";
    public static final String JWT = "jwt";
    public static final String SJWT = "sjwt";
    public static final String SWT = "swt";
    public static final String APIKEY = "apikey";
    public static final String JWK_SERVICE_IDS = "jwkServiceIds";
    public static final String SJWK_SERVICE_IDS = "sjwkServiceIds";
    public static final String SWT_SERVICE_IDS = "swtServiceIds";

    @BooleanField(configFieldName = "enabled", externalizedKeyName = "enabled", defaultValue = "true", externalized = true, description = "indicate if this handler is enabled. By default, it will be enabled if it is injected into the\nrequest/response chain in the handler.yml configuration.")
    boolean enabled;

    @ArrayField(configFieldName = ANONYMOUS_PREFIXES, externalizedKeyName = ANONYMOUS_PREFIXES, items = String.class, externalized = true, description = "Anonymous prefixes configuration. A list of request path prefixes. The anonymous prefixes will be checked\nfirst, and if any path is matched, all other security checks will be bypassed, and the request goes to\nthe next handler in the chain. You can use json array or string separated by comma or YAML format.")
    List<String> anonymousPrefixes;

    @ArrayField(configFieldName = "pathPrefixAuths", externalizedKeyName = "pathPrefixAuths", items = UnifiedPathPrefixAuth.class, externalized = true, description = "path prefix security configuration.")
    List<UnifiedPathPrefixAuth> pathPrefixAuths;
    private final Config config;
    private Map<String, Object> mappedConfig;

    private UnifiedSecurityConfig() {
        this(CONFIG_NAME);
    }

    private UnifiedSecurityConfig(String str) {
        this.config = Config.getInstance();
        this.mappedConfig = this.config.getJsonMapConfigNoCache(str);
        setConfigData();
        setConfigList();
    }

    public static UnifiedSecurityConfig load() {
        return new UnifiedSecurityConfig();
    }

    public static UnifiedSecurityConfig load(String str) {
        return new UnifiedSecurityConfig(str);
    }

    public void reload() {
        this.mappedConfig = this.config.getJsonMapConfigNoCache(CONFIG_NAME);
        setConfigData();
        setConfigList();
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setEnabled(boolean z) {
        this.enabled = z;
    }

    public List<String> getAnonymousPrefixes() {
        return this.anonymousPrefixes;
    }

    public void setAnonymousPrefixes(List<String> list) {
        this.anonymousPrefixes = list;
    }

    public List<UnifiedPathPrefixAuth> getPathPrefixAuths() {
        return this.pathPrefixAuths;
    }

    public void setPathPrefixAuths(List<UnifiedPathPrefixAuth> list) {
        this.pathPrefixAuths = list;
    }

    private void setConfigData() {
        Object obj = this.mappedConfig.get("enabled");
        if (obj != null) {
            if (obj instanceof String) {
                this.enabled = Boolean.parseBoolean((String) obj);
            } else {
                if (!(obj instanceof Boolean)) {
                    throw new ConfigException("enabled must be a boolean value.");
                }
                this.enabled = ((Boolean) obj).booleanValue();
            }
        }
    }

    private void setConfigList() {
        if (this.mappedConfig != null && this.mappedConfig.get(ANONYMOUS_PREFIXES) != null) {
            Object obj = this.mappedConfig.get(ANONYMOUS_PREFIXES);
            this.anonymousPrefixes = new ArrayList();
            if (obj instanceof String) {
                String trim = ((String) obj).trim();
                if (logger.isTraceEnabled()) {
                    logger.trace("s = " + trim);
                }
                if (trim.startsWith(SelectorUtils.PATTERN_HANDLER_PREFIX)) {
                    try {
                        this.anonymousPrefixes = (List) Config.getInstance().getMapper().readValue(trim, new TypeReference<List<String>>(this) { // from class: com.networknt.security.UnifiedSecurityConfig.1
                        });
                    } catch (Exception e) {
                        logger.error("could not parse the anonymousPrefixes json with a list of strings.", (Throwable) e);
                        throw new ConfigException("could not parse the anonymousPrefixes json with a list of strings.");
                    }
                } else {
                    this.anonymousPrefixes = Arrays.asList(trim.split("\\s*,\\s*"));
                }
            } else {
                if (!(obj instanceof List)) {
                    throw new ConfigException("anonymousPrefixes must be a string or a list of strings.");
                }
                ((List) obj).forEach(obj2 -> {
                    this.anonymousPrefixes.add((String) obj2);
                });
            }
        }
        if (this.mappedConfig.get("pathPrefixAuths") != null) {
            Object obj3 = this.mappedConfig.get("pathPrefixAuths");
            this.pathPrefixAuths = new ArrayList();
            if (!(obj3 instanceof String)) {
                if (!(obj3 instanceof List)) {
                    throw new ConfigException("pathPrefixAuth must be a list of string object map.");
                }
                this.pathPrefixAuths = populatePathPrefixAuths((List) obj3);
                return;
            }
            String trim2 = ((String) obj3).trim();
            if (logger.isTraceEnabled()) {
                logger.trace("pathPrefixAuth s = " + trim2);
            }
            if (!trim2.startsWith(SelectorUtils.PATTERN_HANDLER_PREFIX)) {
                throw new ConfigException("pathPrefixAuths must be a list of string object map.");
            }
            try {
                this.pathPrefixAuths = populatePathPrefixAuths((List) Config.getInstance().getMapper().readValue(trim2, new TypeReference<List<Map<String, Object>>>(this) { // from class: com.networknt.security.UnifiedSecurityConfig.2
                }));
            } catch (Exception e2) {
                logger.error("could not parse the pathPrefixAuths json with a list of string and object.", (Throwable) e2);
                throw new ConfigException("could not parse the pathPrefixAuths json with a list of string and object.");
            }
        }
    }

    public static List<UnifiedPathPrefixAuth> populatePathPrefixAuths(List<Map<String, Object>> list) {
        ArrayList arrayList = new ArrayList();
        for (Map<String, Object> map : list) {
            UnifiedPathPrefixAuth unifiedPathPrefixAuth = new UnifiedPathPrefixAuth();
            unifiedPathPrefixAuth.setPrefix((String) map.get("prefix"));
            unifiedPathPrefixAuth.setBasic(map.get(BASIC) == null ? false : ((Boolean) map.get(BASIC)).booleanValue());
            unifiedPathPrefixAuth.setJwt(map.get("jwt") == null ? false : ((Boolean) map.get("jwt")).booleanValue());
            unifiedPathPrefixAuth.setSjwt(map.get(SJWT) == null ? false : ((Boolean) map.get(SJWT)).booleanValue());
            unifiedPathPrefixAuth.setSwt(map.get(SWT) == null ? false : ((Boolean) map.get(SWT)).booleanValue());
            unifiedPathPrefixAuth.setApikey(map.get("apikey") == null ? false : ((Boolean) map.get("apikey")).booleanValue());
            Object obj = map.get(JWK_SERVICE_IDS);
            if (obj instanceof String) {
                String str = (String) map.get(JWK_SERVICE_IDS);
                if (str.startsWith(SelectorUtils.PATTERN_HANDLER_PREFIX)) {
                    try {
                        unifiedPathPrefixAuth.setJwkServiceIds((List) Config.getInstance().getMapper().readValue(str, new TypeReference<List<String>>() { // from class: com.networknt.security.UnifiedSecurityConfig.3
                        }));
                    } catch (Exception e) {
                        logger.error("could not parse the jwkServiceIds json with a list of strings.", (Throwable) e);
                        throw new ConfigException("could not parse the jwkServiceIds json with a list of strings.");
                    }
                } else {
                    unifiedPathPrefixAuth.setJwkServiceIds(Arrays.asList(str.split("\\s*,\\s*")));
                }
            } else if (obj instanceof List) {
                unifiedPathPrefixAuth.setJwkServiceIds((List) obj);
            }
            Object obj2 = map.get(SJWK_SERVICE_IDS);
            if (obj2 instanceof String) {
                String str2 = (String) map.get(SJWK_SERVICE_IDS);
                if (str2.startsWith(SelectorUtils.PATTERN_HANDLER_PREFIX)) {
                    try {
                        unifiedPathPrefixAuth.setSjwkServiceIds((List) Config.getInstance().getMapper().readValue(str2, new TypeReference<List<String>>() { // from class: com.networknt.security.UnifiedSecurityConfig.4
                        }));
                    } catch (Exception e2) {
                        logger.error("could not parse the sjwkServiceIds json with a list of strings.", (Throwable) e2);
                        throw new ConfigException("could not parse the sjwkServiceIds json with a list of strings.");
                    }
                } else {
                    unifiedPathPrefixAuth.setSjwkServiceIds(Arrays.asList(str2.split("\\s*,\\s*")));
                }
            } else if (obj instanceof List) {
                unifiedPathPrefixAuth.setSjwkServiceIds((List) obj2);
            }
            Object obj3 = map.get(SWT_SERVICE_IDS);
            if (obj3 instanceof String) {
                String str3 = (String) map.get(SWT_SERVICE_IDS);
                if (str3.startsWith(SelectorUtils.PATTERN_HANDLER_PREFIX)) {
                    try {
                        unifiedPathPrefixAuth.setSwtServiceIds((List) Config.getInstance().getMapper().readValue(str3, new TypeReference<List<String>>() { // from class: com.networknt.security.UnifiedSecurityConfig.5
                        }));
                    } catch (Exception e3) {
                        logger.error("could not parse the swtServiceIds json with a list of strings.", (Throwable) e3);
                        throw new ConfigException("could not parse the swtServiceIds json with a list of strings.");
                    }
                } else {
                    unifiedPathPrefixAuth.setSwtServiceIds(Arrays.asList(str3.split("\\s*,\\s*")));
                }
            } else if (obj3 instanceof List) {
                unifiedPathPrefixAuth.setSwtServiceIds((List) obj3);
            }
            arrayList.add(unifiedPathPrefixAuth);
        }
        return arrayList;
    }
}
