package com.networknt.token.limit;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.type.TypeReference;
import com.networknt.config.Config;
import com.networknt.config.ConfigException;
import com.networknt.config.schema.ArrayField;
import com.networknt.config.schema.BooleanField;
import com.networknt.config.schema.ConfigSchema;
import com.networknt.config.schema.IntegerField;
import com.networknt.config.schema.OutputFormat;
import com.networknt.config.schema.StringField;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ConfigSchema(configName = TokenLimitConfig.CONFIG_NAME, configKey = TokenLimitConfig.CONFIG_NAME, outputFormats = {OutputFormat.JSON_SCHEMA, OutputFormat.YAML})
/* loaded from: input_file:com/networknt/token/limit/TokenLimitConfig.class */
public class TokenLimitConfig {
    private static final Logger logger = LoggerFactory.getLogger(TokenLimitConfig.class);
    public static final String CONFIG_NAME = "token-limit";
    private static final String ENABLED = "enabled";
    private static final String ERROR_ON_LIMIT = "errorOnLimit";
    private static final String DUPLICATE_LIMIT = "duplicateLimit";
    private static final String TOKEN_PATH_TEMPLATES = "tokenPathTemplates";
    private static final String LEGACY_CLIENT = "legacyClient";
    private static final String EXPIRE_KEY = "expireKey";

    @JsonProperty(ENABLED)
    @BooleanField(configFieldName = ENABLED, externalizedKeyName = ENABLED, externalized = true, description = "indicate if the handler is enabled or not. By default, it is enabled", defaultValue = "true")
    Boolean enabled;

    @JsonProperty(ERROR_ON_LIMIT)
    @BooleanField(configFieldName = ERROR_ON_LIMIT, externalizedKeyName = ERROR_ON_LIMIT, externalized = true, description = "return an error if limit is reached. It should be the default behavior on dev/sit/stg. For production,\na warning message should be logged. Also, this handler can be disabled on production for performance.", defaultValue = "true")
    Boolean errorOnLimit;

    @JsonProperty(DUPLICATE_LIMIT)
    @IntegerField(configFieldName = DUPLICATE_LIMIT, externalizedKeyName = DUPLICATE_LIMIT, externalized = true, description = "The max number of duplicated token requests. Once this number is passed, the limit is triggered. This\nnumber is set based on the number of client instances as each instance might get its token if there\nis no distributed cache. The duplicated tokens are calculated based on the local in memory cache per\nlight-gateway or oauth-kafka instance. Note: cache.yml needs to be configured.", defaultValue = "2")
    Integer duplicateLimit;

    @JsonProperty(TOKEN_PATH_TEMPLATES)
    @ArrayField(configFieldName = TOKEN_PATH_TEMPLATES, externalizedKeyName = TOKEN_PATH_TEMPLATES, externalized = true, description = "Different OAuth 2.0 providers have different token request path. To make sure that this handler only\napplied to the token endpoint, we define a list of path templates here to ensure request path is matched.\nThe following is an example with two different OAuth 2.0 providers in values.yml file.\ntoken-limit.tokenPathTemplates:\n  - /oauth2/(?<instanceId>[^/]+)/v1/token\n  - /oauth2/(?<instanceId>[^/]+)/token", items = String.class)
    List<String> tokenPathTemplates;

    @ArrayField(configFieldName = LEGACY_CLIENT, externalizedKeyName = LEGACY_CLIENT, externalized = true, description = "List of ClientID that should be treated as Legacy and thus excluded from the token limit rules.\nThis should only be used by approved legacy clients. The client ID is case insensitive.\ntoken-limit.legacyClient:\n  - 5oa66u56irXiekTUF1d6\n  - 6oa66u56irXiekABC1d4", items = String.class)
    List<String> legacyClient;

    @JsonProperty(EXPIRE_KEY)
    @StringField(configFieldName = EXPIRE_KEY, externalizedKeyName = EXPIRE_KEY, defaultValue = "expires_in", externalized = true, description = "Expire key field name for the token limit cache feature. This is used to parse the response from\nthe Auth Server, extract the expire time of the token and update to account for the time drift.\nThe default value is \"expires_in\" and unit is seconds. If there's no such field in the response,\nset this property as empty (\"\") so the handler will skip the parsing and return the unmodified\nresponse payload as it was cached.")
    String expireKey;
    private Map<String, Object> mappedConfig;
    private final Config config;

    private TokenLimitConfig() {
        this(CONFIG_NAME);
    }

    private TokenLimitConfig(String str) {
        this.enabled = true;
        this.errorOnLimit = true;
        this.duplicateLimit = 2;
        this.tokenPathTemplates = null;
        this.legacyClient = null;
        this.expireKey = "expires_in";
        this.config = Config.getInstance();
        this.mappedConfig = this.config.getJsonMapConfigNoCache(str);
        setConfigData();
        setTokenPathTemplatesList();
        setLegacyClientList();
    }

    public static TokenLimitConfig load() {
        return new TokenLimitConfig();
    }

    public static TokenLimitConfig load(String str) {
        return new TokenLimitConfig(str);
    }

    public void reload() {
        this.mappedConfig = this.config.getJsonMapConfigNoCache(CONFIG_NAME);
        setConfigData();
    }

    public Boolean isEnabled() {
        return this.enabled;
    }

    public void setEnabled(boolean z) {
        this.enabled = Boolean.valueOf(z);
    }

    public Boolean isErrorOnLimit() {
        return this.errorOnLimit;
    }

    public void setErrorOnLimit(boolean z) {
        this.errorOnLimit = Boolean.valueOf(z);
    }

    public Integer getDuplicateLimit() {
        return this.duplicateLimit;
    }

    public void setDuplicateLimit(int i) {
        this.duplicateLimit = Integer.valueOf(i);
    }

    public List<String> getTokenPathTemplates() {
        return this.tokenPathTemplates;
    }

    public void setTokenPathTemplates(List<String> list) {
        this.tokenPathTemplates = list;
    }

    public List<String> getLegacyClient() {
        return this.legacyClient;
    }

    public void setLegacyClient(List<String> list) {
        this.legacyClient = list;
    }

    Map<String, Object> getMappedConfig() {
        return this.mappedConfig;
    }

    public String getExpireKey() {
        return this.expireKey;
    }

    public void setExpireKey(String str) {
        this.expireKey = str;
    }

    private void setConfigData() {
        Object obj = getMappedConfig().get(ENABLED);
        if (obj != null) {
            this.enabled = Config.loadBooleanValue(ENABLED, obj);
        }
        Object obj2 = getMappedConfig().get(ERROR_ON_LIMIT);
        if (obj2 != null) {
            this.errorOnLimit = Config.loadBooleanValue(ERROR_ON_LIMIT, obj2);
        }
        Object obj3 = this.mappedConfig.get(DUPLICATE_LIMIT);
        if (obj3 != null) {
            this.duplicateLimit = Config.loadIntegerValue(DUPLICATE_LIMIT, obj3);
        }
        Object obj4 = getMappedConfig().get(EXPIRE_KEY);
        if (obj4 != null) {
            this.expireKey = (String) obj4;
        }
    }

    private void setTokenPathTemplatesList() {
        if (this.mappedConfig == null || this.mappedConfig.get(TOKEN_PATH_TEMPLATES) == null) {
            return;
        }
        Object obj = this.mappedConfig.get(TOKEN_PATH_TEMPLATES);
        this.tokenPathTemplates = new ArrayList();
        if (!(obj instanceof String)) {
            if (!(obj instanceof List)) {
                throw new ConfigException("tokenPathTemplates must be a string or a list of strings.");
            }
            this.tokenPathTemplates = (List) getMappedConfig().get(TOKEN_PATH_TEMPLATES);
            return;
        }
        String trim = ((String) obj).trim();
        if (logger.isTraceEnabled()) {
            logger.trace("s = {}", trim);
        }
        if (!trim.startsWith("[")) {
            this.tokenPathTemplates = Arrays.asList(trim.split("\\s*,\\s*"));
        } else {
            try {
                this.tokenPathTemplates = (List) Config.getInstance().getMapper().readValue(trim, new TypeReference<List<String>>(this) { // from class: com.networknt.token.limit.TokenLimitConfig.1
                });
            } catch (Exception e) {
                throw new ConfigException("could not parse the tokenPathTemplates json with a list of strings.");
            }
        }
    }

    private void setLegacyClientList() {
        if (this.mappedConfig == null || this.mappedConfig.get(LEGACY_CLIENT) == null) {
            return;
        }
        Object obj = this.mappedConfig.get(LEGACY_CLIENT);
        this.legacyClient = new ArrayList();
        if (!(obj instanceof String)) {
            if (!(obj instanceof List)) {
                throw new ConfigException("legacyClient must be a string or a list of strings.");
            }
            this.legacyClient = (List) getMappedConfig().get(LEGACY_CLIENT);
            return;
        }
        String trim = ((String) obj).trim();
        if (logger.isTraceEnabled()) {
            logger.trace("s = {}", trim);
        }
        if (!trim.startsWith("[")) {
            this.legacyClient = Arrays.asList(trim.split("\\s*,\\s*"));
        } else {
            try {
                this.legacyClient = (List) Config.getInstance().getMapper().readValue(trim, new TypeReference<List<String>>(this) { // from class: com.networknt.token.limit.TokenLimitConfig.2
                });
            } catch (Exception e) {
                throw new ConfigException("could not parse the Legacy Client json with a list of strings.");
            }
        }
    }
}
