package alpine.resources;

import alpine.logging.Logger;
import alpine.model.ApiKey;
import alpine.model.LdapUser;
import alpine.model.ManagedUser;
import alpine.model.UserPrincipal;
import alpine.persistence.AlpineQueryManager;
import alpine.resources.Pagination;
import alpine.validation.RegexSequence;
import alpine.validation.ValidationException;
import alpine.validation.ValidationTask;
import io.jsonwebtoken.lang.Collections;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.validation.ConstraintViolation;
import javax.validation.Path;
import javax.validation.Validation;
import javax.validation.Validator;
import javax.validation.ValidatorFactory;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.lang3.StringUtils;
import org.glassfish.jersey.server.validation.ValidationError;
import org.owasp.security.logging.SecurityMarkers;
import org.slf4j.Marker;

/* loaded from: input_file:alpine/resources/AlpineResource.class */
public abstract class AlpineResource {
    private static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory();
    protected static final String TOTAL_COUNT_HEADER = "X-Total-Count";

    @Context
    private ContainerRequestContext requestContext;

    @Context
    private HttpServletRequest request;

    @Context
    private UriInfo uriInfo;
    private AlpineRequest alpineRequest;

    protected ContainerRequestContext getRequestContext() {
        return this.requestContext;
    }

    protected UriInfo getUriInfo() {
        return this.uriInfo;
    }

    protected AlpineRequest getAlpineRequest() {
        return this.alpineRequest;
    }

    protected String getRemoteAddress() {
        return this.request.getRemoteAddr();
    }

    protected String getRemoteHost() {
        return this.request.getRemoteHost();
    }

    protected String getUserAgent() {
        return this.requestContext.getHeaderString("User-Agent");
    }

    protected Validator getValidator() {
        return VALIDATOR_FACTORY.getValidator();
    }

    @SafeVarargs
    protected final List<ValidationError> contOnValidationError(Set<ConstraintViolation<Object>>... setArr) {
        ArrayList arrayList = new ArrayList();
        for (Set<ConstraintViolation<Object>> set : setArr) {
            for (ConstraintViolation<Object> constraintViolation : set) {
                if (((Path.Node) constraintViolation.getPropertyPath().iterator().next()).getName() != null) {
                    String path = constraintViolation.getPropertyPath() != null ? constraintViolation.getPropertyPath().toString() : null;
                    arrayList.add(new ValidationError(constraintViolation.getMessage() != null ? StringUtils.removeStart(constraintViolation.getMessage(), path + ".") : null, constraintViolation.getMessageTemplate(), path, constraintViolation.getInvalidValue() != null ? constraintViolation.getInvalidValue().toString() : null));
                }
            }
        }
        return arrayList;
    }

    @SafeVarargs
    protected final void failOnValidationError(Set<ConstraintViolation<Object>>... setArr) {
        List<ValidationError> contOnValidationError = contOnValidationError(setArr);
        if (!Collections.isEmpty(contOnValidationError)) {
            throw new BadRequestException(Response.status(Response.Status.BAD_REQUEST).entity(contOnValidationError).build());
        }
    }

    protected final List<ValidationException> contOnValidationError(ValidationTask... validationTaskArr) {
        ArrayList arrayList = new ArrayList();
        for (ValidationTask validationTask : validationTaskArr) {
            if ((validationTask.isRequired() || validationTask.getInput() != null) && !validationTask.getPattern().matcher(validationTask.getInput()).matches()) {
                arrayList.add(new ValidationException(validationTask.getInput(), validationTask.getErrorMessage()));
            }
        }
        return arrayList;
    }

    protected final void failOnValidationError(ValidationTask... validationTaskArr) {
        List<ValidationException> contOnValidationError = contOnValidationError(validationTaskArr);
        if (!Collections.isEmpty(contOnValidationError)) {
            throw new BadRequestException(Response.status(Response.Status.BAD_REQUEST).entity(contOnValidationError).build());
        }
    }

    @PostConstruct
    private void initialize() {
        MultivaluedMap<String, String> queryParameters = this.uriInfo.getQueryParameters();
        String multiParam = multiParam(queryParameters, "offset");
        String multiParam2 = multiParam(queryParameters, "page", "pageNumber");
        String multiParam3 = multiParam(queryParameters, "size", "pageSize", "limit");
        String multiParam4 = multiParam(queryParameters, "filter", "searchText");
        String multiParam5 = multiParam(queryParameters, "sort", "sortOrder");
        String multiParam6 = multiParam(queryParameters, "orderBy", "sortName");
        if (StringUtils.isBlank(multiParam6) || !RegexSequence.Pattern.STRING_IDENTIFIER.matcher(multiParam6).matches()) {
            multiParam6 = null;
        }
        this.alpineRequest = new AlpineRequest(getPrincipal(), StringUtils.isNotBlank(multiParam) ? new Pagination(Pagination.Strategy.OFFSET, multiParam, multiParam3) : (StringUtils.isNotBlank(multiParam2) && StringUtils.isNotBlank(multiParam3)) ? new Pagination(Pagination.Strategy.PAGES, multiParam2, multiParam3) : new Pagination(Pagination.Strategy.OFFSET, 0, 100), multiParam4, multiParam6, "asc".equalsIgnoreCase(multiParam5) ? OrderDirection.ASCENDING : "desc".equalsIgnoreCase(multiParam5) ? OrderDirection.DESCENDING : OrderDirection.UNSPECIFIED);
    }

    private String multiParam(MultivaluedMap<String, String> multivaluedMap, String... strArr) {
        for (String str : strArr) {
            String str2 = (String) multivaluedMap.getFirst(str);
            if (StringUtils.isNotBlank(str2)) {
                return str2;
            }
        }
        return null;
    }

    protected Principal getPrincipal() {
        Object property = this.requestContext.getProperty("Principal");
        if (property != null) {
            return (Principal) property;
        }
        return null;
    }

    protected boolean isLdapUser() {
        return getPrincipal() instanceof LdapUser;
    }

    protected boolean isManagedUser() {
        return getPrincipal() instanceof ManagedUser;
    }

    protected boolean isApiKey() {
        return getPrincipal() instanceof ApiKey;
    }

    protected boolean hasPermission(String str) {
        if (getPrincipal() == null) {
            return false;
        }
        AlpineQueryManager alpineQueryManager = new AlpineQueryManager();
        Throwable th = null;
        try {
            boolean z = false;
            if (getPrincipal() instanceof ApiKey) {
                z = alpineQueryManager.hasPermission((ApiKey) getPrincipal(), str);
            } else if (getPrincipal() instanceof UserPrincipal) {
                z = alpineQueryManager.hasPermission((UserPrincipal) getPrincipal(), str, true);
            }
            return z;
        } finally {
            if (alpineQueryManager != null) {
                if (0 != 0) {
                    try {
                        alpineQueryManager.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    alpineQueryManager.close();
                }
            }
        }
    }

    protected void logSecurityEvent(Logger logger, Marker marker, String str) {
        if (SecurityMarkers.SECURITY_AUDIT == marker || SecurityMarkers.SECURITY_SUCCESS == marker || SecurityMarkers.SECURITY_FAILURE == marker) {
            StringBuilder sb = new StringBuilder();
            sb.append(str).append(" ");
            if (getPrincipal() != null) {
                sb.append("by: ").append(getPrincipal().getName()).append(" ");
            }
            sb.append("/ IP Address: ").append(getRemoteAddress()).append(" ");
            sb.append("/ User Agent: ").append(getUserAgent());
            logger.info(marker, sb.toString());
        }
    }
}
