package org.forgerock.openam.rest;

import com.google.common.collect.Lists;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.idm.IdRepoException;
import java.net.URI;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import org.forgerock.http.Filter;
import org.forgerock.http.Handler;
import org.forgerock.http.protocol.Form;
import org.forgerock.http.protocol.Request;
import org.forgerock.http.protocol.Response;
import org.forgerock.http.protocol.Status;
import org.forgerock.http.routing.UriRouterContext;
import org.forgerock.http.util.Paths;
import org.forgerock.json.resource.ActionRequest;
import org.forgerock.json.resource.ActionResponse;
import org.forgerock.json.resource.BadRequestException;
import org.forgerock.json.resource.CreateRequest;
import org.forgerock.json.resource.DeleteRequest;
import org.forgerock.json.resource.InternalServerErrorException;
import org.forgerock.json.resource.PatchRequest;
import org.forgerock.json.resource.QueryRequest;
import org.forgerock.json.resource.QueryResourceHandler;
import org.forgerock.json.resource.QueryResponse;
import org.forgerock.json.resource.ReadRequest;
import org.forgerock.json.resource.RequestHandler;
import org.forgerock.json.resource.Requests;
import org.forgerock.json.resource.ResourceException;
import org.forgerock.json.resource.ResourceResponse;
import org.forgerock.json.resource.UpdateRequest;
import org.forgerock.json.resource.http.HttpContext;
import org.forgerock.openam.core.CoreWrapper;
import org.forgerock.openam.core.realms.Realm;
import org.forgerock.openam.core.realms.RealmLookupException;
import org.forgerock.openam.rest.router.RestRealmValidator;
import org.forgerock.openam.utils.RealmUtils;
import org.forgerock.services.context.Context;
import org.forgerock.util.promise.NeverThrowsException;
import org.forgerock.util.promise.Promise;
import org.forgerock.util.promise.Promises;

@Deprecated
/* loaded from: input_file:org/forgerock/openam/rest/RealmContextFilter.class */
public class RealmContextFilter implements Filter, org.forgerock.json.resource.Filter {
    private final CoreWrapper coreWrapper;
    private final RestRealmValidator realmValidator;

    @Inject
    public RealmContextFilter(CoreWrapper coreWrapper, RestRealmValidator restRealmValidator) {
        this.coreWrapper = coreWrapper;
        this.realmValidator = restRealmValidator;
    }

    public Promise<Response, NeverThrowsException> filter(Context context, Request request, Handler handler) {
        try {
            return handler.handle(evaluate(context, request), request);
        } catch (BadRequestException e) {
            return Promises.newResultPromise(new Response(Status.BAD_REQUEST).setEntity(e.toJsonValue().getObject()));
        } catch (ResourceException e2) {
            return Promises.newResultPromise(new Response(Status.INTERNAL_SERVER_ERROR).setEntity(e2.toJsonValue().getObject()));
        }
    }

    public Promise<ActionResponse, ResourceException> filterAction(Context context, ActionRequest actionRequest, RequestHandler requestHandler) {
        try {
            Context evaluate = evaluate(context, (org.forgerock.json.resource.Request) actionRequest);
            return requestHandler.handleAction(evaluate(context, (org.forgerock.json.resource.Request) actionRequest), wasEvaluated(context, evaluate) ? Requests.copyOfActionRequest(actionRequest).setResourcePath(evaluate.asContext(UriRouterContext.class).getRemainingUri()) : actionRequest);
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    public Promise<ResourceResponse, ResourceException> filterCreate(Context context, CreateRequest createRequest, RequestHandler requestHandler) {
        try {
            Context evaluate = evaluate(context, (org.forgerock.json.resource.Request) createRequest);
            return requestHandler.handleCreate(evaluate(context, (org.forgerock.json.resource.Request) createRequest), wasEvaluated(context, evaluate) ? Requests.copyOfCreateRequest(createRequest).setResourcePath(evaluate.asContext(UriRouterContext.class).getRemainingUri()) : createRequest);
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    public Promise<ResourceResponse, ResourceException> filterDelete(Context context, DeleteRequest deleteRequest, RequestHandler requestHandler) {
        try {
            Context evaluate = evaluate(context, (org.forgerock.json.resource.Request) deleteRequest);
            return requestHandler.handleDelete(evaluate(context, (org.forgerock.json.resource.Request) deleteRequest), wasEvaluated(context, evaluate) ? Requests.copyOfDeleteRequest(deleteRequest).setResourcePath(evaluate.asContext(UriRouterContext.class).getRemainingUri()) : deleteRequest);
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    public Promise<ResourceResponse, ResourceException> filterPatch(Context context, PatchRequest patchRequest, RequestHandler requestHandler) {
        try {
            Context evaluate = evaluate(context, (org.forgerock.json.resource.Request) patchRequest);
            return requestHandler.handlePatch(evaluate(context, (org.forgerock.json.resource.Request) patchRequest), wasEvaluated(context, evaluate) ? Requests.copyOfPatchRequest(patchRequest).setResourcePath(evaluate.asContext(UriRouterContext.class).getRemainingUri()) : patchRequest);
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    public Promise<QueryResponse, ResourceException> filterQuery(Context context, QueryRequest queryRequest, QueryResourceHandler queryResourceHandler, RequestHandler requestHandler) {
        try {
            Context evaluate = evaluate(context, (org.forgerock.json.resource.Request) queryRequest);
            return requestHandler.handleQuery(evaluate(context, (org.forgerock.json.resource.Request) queryRequest), wasEvaluated(context, evaluate) ? Requests.copyOfQueryRequest(queryRequest).setResourcePath(evaluate.asContext(UriRouterContext.class).getRemainingUri()) : queryRequest, queryResourceHandler);
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    public Promise<ResourceResponse, ResourceException> filterRead(Context context, ReadRequest readRequest, RequestHandler requestHandler) {
        try {
            Context evaluate = evaluate(context, (org.forgerock.json.resource.Request) readRequest);
            return requestHandler.handleRead(evaluate, wasEvaluated(context, evaluate) ? Requests.copyOfReadRequest(readRequest).setResourcePath(evaluate.asContext(UriRouterContext.class).getRemainingUri()) : readRequest);
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    public Promise<ResourceResponse, ResourceException> filterUpdate(Context context, UpdateRequest updateRequest, RequestHandler requestHandler) {
        try {
            Context evaluate = evaluate(context, (org.forgerock.json.resource.Request) updateRequest);
            return requestHandler.handleUpdate(evaluate, wasEvaluated(context, evaluate) ? Requests.copyOfUpdateRequest(updateRequest).setResourcePath(evaluate.asContext(UriRouterContext.class).getRemainingUri()) : updateRequest);
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    private boolean wasEvaluated(Context context, Context context2) {
        RealmContext asContext = context2.asContext(RealmContext.class);
        return (asContext == null || (context.containsContext(RealmContext.class) && asContext.getRealm().equals(context.asContext(RealmContext.class).getRealm()))) ? false : true;
    }

    private Context evaluate(Context context, Request request) throws ResourceException {
        return evaluate(context, request.getUri().getHost(), getRemainingRequestUri(context, request), (List) new Form().fromRequestQuery(request).get("realm"));
    }

    private Context evaluate(Context context, org.forgerock.json.resource.Request request) throws ResourceException {
        return evaluate(context, URI.create(context.asContext(HttpContext.class).getPath()).getHost(), Lists.newArrayList(request.getResourcePathObject()), context.asContext(HttpContext.class).getParameter("realm"));
    }

    private Context evaluate(Context context, String str, List<String> list, List<String> list2) throws ResourceException {
        if (context.containsContext(RealmContext.class)) {
            return context;
        }
        if (!this.coreWrapper.isValidFQDN(str)) {
            throw new BadRequestException("FQDN \"" + str + "\" is not valid.");
        }
        SSOToken adminToken = this.coreWrapper.getAdminToken();
        String cleanRealm = RealmUtils.cleanRealm(getRealmFromAlias(adminToken, str));
        StringBuilder sb = new StringBuilder();
        String str2 = cleanRealm;
        int i = 0;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                String cleanRealm2 = RealmUtils.cleanRealm(it.next());
                str2 = resolveRealm(adminToken, str2, cleanRealm2);
                sb.append(cleanRealm2);
                i++;
            } catch (InternalServerErrorException e) {
            }
        }
        String str3 = null;
        if (list2 != null) {
            try {
                if (!list2.isEmpty()) {
                    str3 = resolveRealm(adminToken, "/", RealmUtils.cleanRealm(list2.get(0)));
                }
            } catch (InternalServerErrorException e2) {
                throw new BadRequestException("Invalid realm, " + list2.get(0), e2);
            }
        }
        List<String> subList = list.subList(i, list.size());
        String substring = sb.length() > 1 ? sb.substring(1) : sb.toString();
        if (str3 != null) {
            try {
                return new RealmContext(new UriRouterContext(context, substring, Paths.joinPath(subList), Collections.emptyMap()), Realm.of(str3));
            } catch (RealmLookupException e3) {
                throw new BadRequestException("Invalid realm, " + list2.get(0), e3);
            }
        }
        try {
            return new RealmContext(new UriRouterContext(context, substring, Paths.joinPath(subList), Collections.emptyMap()), Realm.of(str2));
        } catch (RealmLookupException e4) {
            throw new BadRequestException("Invalid realm, " + e4.getRealm(), e4);
        }
    }

    private String resolveRealm(SSOToken sSOToken, String str, String str2) throws InternalServerErrorException {
        String concatenateRealmPath = RealmUtils.concatenateRealmPath(str, str2);
        return !this.realmValidator.isRealm(concatenateRealmPath) ? getRealmFromAlias(sSOToken, str2.substring(1)) : concatenateRealmPath;
    }

    private String getRealmFromAlias(SSOToken sSOToken, String str) throws InternalServerErrorException {
        try {
            return this.coreWrapper.convertOrgNameToRealmName(this.coreWrapper.getOrganization(sSOToken, str));
        } catch (IdRepoException | SSOException e) {
            throw new InternalServerErrorException(e);
        }
    }

    private List<String> getRemainingRequestUri(Context context, Request request) {
        List<String> pathElements = request.getUri().getPathElements();
        if (context.containsContext(UriRouterContext.class)) {
            pathElements = pathElements.subList(Paths.getPathElements(context.asContext(UriRouterContext.class).getBaseUri()).size(), pathElements.size());
        }
        return pathElements;
    }
}
