package com.nimbusframework.nimbusawslocal.aws.apigateway;

import com.amazonaws.services.lambda.runtime.Context;
import com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent;
import com.amazonaws.services.lambda.runtime.events.IamPolicyResponse;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.nimbusframework.nimbusaws.wrappers.customRuntimeEntry.CustomContext;
import com.nimbusframework.nimbuslocal.deployment.function.FunctionIdentifier;
import com.nimbusframework.nimbuslocal.deployment.function.ServerlessFunction;
import com.nimbusframework.nimbuslocal.deployment.http.HttpRequest;
import com.nimbusframework.nimbuslocal.deployment.http.authentication.AuthenticationResponse;
import com.nimbusframework.nimbuslocal.deployment.http.authentication.HttpMethodAuthenticator;
import com.nimbusframework.nimbuslocal.deployment.services.LocalResourceHolder;
import java.time.Duration;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;

/* compiled from: LambdaHttpMethodAuthenticator.kt */
@Metadata(mv = {1, 5, 1}, k = 1, xi = 48, d1 = {"��D\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0010\b\n��\n\u0002\u0018\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n\u0002\b\u0004\u0018��2\u00020\u0001B%\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nJ\u0010\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u0017H\u0016J\u0018\u0010\u0018\u001a\u00020\u00192\u0006\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u001a\u001a\u00020\u0005H\u0002J\u0018\u0010\u001b\u001a\u00020\u00192\u0006\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u001c\u001a\u00020\u0013H\u0002R\u000e\u0010\u000b\u001a\u00020\u0005X\u0082D¢\u0006\u0002\n��R\u000e\u0010\f\u001a\u00020\u0005X\u0082D¢\u0006\u0002\n��R\u000e\u0010\r\u001a\u00020\u0005X\u0082D¢\u0006\u0002\n��R\u000e\u0010\u000e\u001a\u00020\u0005X\u0082D¢\u0006\u0002\n��R\u000e\u0010\u000f\u001a\u00020\u0005X\u0082D¢\u0006\u0002\n��RN\u0010\u0010\u001aB\u0012\f\u0012\n \u0012*\u0004\u0018\u00010\u00050\u0005\u0012\f\u0012\n \u0012*\u0004\u0018\u00010\u00130\u0013 \u0012* \u0012\f\u0012\n \u0012*\u0004\u0018\u00010\u00050\u0005\u0012\f\u0012\n \u0012*\u0004\u0018\u00010\u00130\u0013\u0018\u00010\u00110\u0011X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n��¨\u0006\u001d"}, d2 = {"Lcom/nimbusframework/nimbusawslocal/aws/apigateway/LambdaHttpMethodAuthenticator;", "Lcom/nimbusframework/nimbuslocal/deployment/http/authentication/HttpMethodAuthenticator;", "functionIdentifier", "Lcom/nimbusframework/nimbuslocal/deployment/function/FunctionIdentifier;", "headerName", "", "ttl", "", "resourceHolder", "Lcom/nimbusframework/nimbuslocal/deployment/services/LocalResourceHolder;", "(Lcom/nimbusframework/nimbuslocal/deployment/function/FunctionIdentifier;Ljava/lang/String;ILcom/nimbusframework/nimbuslocal/deployment/services/LocalResourceHolder;)V", "ACCOUNT_ID", "API_ID", "ARN_PREFIX", "LOCAL_REGION", "LOCAL_STAGE", "cache", "Lcom/google/common/cache/Cache;", "kotlin.jvm.PlatformType", "Lcom/amazonaws/services/lambda/runtime/events/IamPolicyResponse;", "allow", "Lcom/nimbusframework/nimbuslocal/deployment/http/authentication/AuthenticationResponse;", "httpRequest", "Lcom/nimbusframework/nimbuslocal/deployment/http/HttpRequest;", "matches", "", "resource", "validatePolicy", "policyResponse", "nimbus-aws-local"})
/* loaded from: input_file:com/nimbusframework/nimbusawslocal/aws/apigateway/LambdaHttpMethodAuthenticator.class */
public final class LambdaHttpMethodAuthenticator implements HttpMethodAuthenticator {

    @NotNull
    private final FunctionIdentifier functionIdentifier;

    @NotNull
    private final String headerName;

    @NotNull
    private final LocalResourceHolder resourceHolder;

    @NotNull
    private final String ARN_PREFIX;

    @NotNull
    private final String LOCAL_REGION;

    @NotNull
    private final String ACCOUNT_ID;

    @NotNull
    private final String API_ID;

    @NotNull
    private final String LOCAL_STAGE;
    private final Cache<String, IamPolicyResponse> cache;

    public LambdaHttpMethodAuthenticator(@NotNull FunctionIdentifier functionIdentifier, @NotNull String str, int i, @NotNull LocalResourceHolder localResourceHolder) {
        Intrinsics.checkNotNullParameter(functionIdentifier, "functionIdentifier");
        Intrinsics.checkNotNullParameter(str, "headerName");
        Intrinsics.checkNotNullParameter(localResourceHolder, "resourceHolder");
        this.functionIdentifier = functionIdentifier;
        this.headerName = str;
        this.resourceHolder = localResourceHolder;
        this.ARN_PREFIX = "arn:aws:execute-api:";
        this.LOCAL_REGION = "local-here-1";
        this.ACCOUNT_ID = "000000000";
        this.API_ID = "111111111";
        this.LOCAL_STAGE = "local";
        this.cache = CacheBuilder.newBuilder().expireAfterWrite(Duration.ofSeconds(i)).build();
    }

    @NotNull
    public AuthenticationResponse allow(@NotNull HttpRequest httpRequest) {
        IamPolicyResponse iamPolicyResponse;
        Intrinsics.checkNotNullParameter(httpRequest, "httpRequest");
        List list = (List) httpRequest.getHeaders().get(this.headerName);
        String str = list == null ? null : (String) CollectionsKt.firstOrNull(list);
        if (str == null) {
            return new AuthenticationResponse(false, (Map) null, 2, (DefaultConstructorMarker) null);
        }
        IamPolicyResponse iamPolicyResponse2 = (IamPolicyResponse) this.cache.getIfPresent(str);
        if (iamPolicyResponse2 != null) {
            iamPolicyResponse = iamPolicyResponse2;
        } else {
            Object obj = this.resourceHolder.getFunctions().get(this.functionIdentifier);
            Intrinsics.checkNotNull(obj);
            AuthorizationFunction authorizationFunction = (AuthorizationFunction) ((ServerlessFunction) obj).getServerlessMethod();
            APIGatewayCustomAuthorizerEvent.APIGatewayCustomAuthorizerEventBuilder withHttpMethod = APIGatewayCustomAuthorizerEvent.builder().withMethodArn(this.ARN_PREFIX + this.LOCAL_REGION + ":" + this.ACCOUNT_ID + ":" + this.API_ID + "/" + this.LOCAL_STAGE + "/" + httpRequest.getMethod().name() + "/" + httpRequest.getPath() + "]").withAuthorizationToken(str).withHttpMethod(httpRequest.getMethod().name());
            Map headers = httpRequest.getHeaders();
            LinkedHashMap linkedHashMap = new LinkedHashMap(MapsKt.mapCapacity(headers.size()));
            for (Object obj2 : headers.entrySet()) {
                linkedHashMap.put(((Map.Entry) obj2).getKey(), CollectionsKt.joinToString$default((Iterable) ((Map.Entry) obj2).getValue(), (CharSequence) null, (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, new Function1<String, CharSequence>() { // from class: com.nimbusframework.nimbusawslocal.aws.apigateway.LambdaHttpMethodAuthenticator$allow$policy$event$1$1
                    @NotNull
                    public final CharSequence invoke(@NotNull String str2) {
                        Intrinsics.checkNotNullParameter(str2, "it");
                        return ",";
                    }
                }, 31, (Object) null));
            }
            APIGatewayCustomAuthorizerEvent build = withHttpMethod.withHeaders(linkedHashMap).withPath(httpRequest.getPath()).build();
            String uuid = UUID.randomUUID().toString();
            Intrinsics.checkNotNullExpressionValue(uuid, "randomUUID().toString()");
            IamPolicyResponse invokeMethod = authorizationFunction.invokeMethod(build, (Context) new CustomContext(uuid));
            this.cache.put(str, invokeMethod);
            iamPolicyResponse = invokeMethod;
        }
        IamPolicyResponse iamPolicyResponse3 = iamPolicyResponse;
        boolean validatePolicy = validatePolicy(httpRequest, iamPolicyResponse3);
        Map context = iamPolicyResponse3.getContext();
        Intrinsics.checkNotNullExpressionValue(context, "policy.context");
        return new AuthenticationResponse(validatePolicy, context);
    }

    private final boolean validatePolicy(HttpRequest httpRequest, IamPolicyResponse iamPolicyResponse) {
        Map map;
        Object obj = iamPolicyResponse.getPolicyDocument().get("Statement");
        Intrinsics.checkNotNull(obj);
        Map[] mapArr = (Map[]) obj;
        int length = mapArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                map = null;
                break;
            }
            Map map2 = mapArr[i];
            Object obj2 = map2.get("Resource");
            Intrinsics.checkNotNull(obj2);
            if (matches(httpRequest, ((String[]) obj2)[0])) {
                map = map2;
                break;
            }
            i++;
        }
        Map map3 = map;
        if (map3 == null) {
            return false;
        }
        return Intrinsics.areEqual(map3.get("Effect"), "Allow");
    }

    /* JADX WARN: Code restructure failed: missing block: B:52:0x01df, code lost:
    
        if (r0.isEmpty() == false) goto L61;
     */
    /* JADX WARN: Code restructure failed: missing block: B:54:0x01e9, code lost:
    
        if (r0.isEmpty() == false) goto L61;
     */
    /* JADX WARN: Code restructure failed: missing block: B:55:0x01ec, code lost:
    
        return true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:56:0x01f0, code lost:
    
        return false;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private final boolean matches(com.nimbusframework.nimbuslocal.deployment.http.HttpRequest r8, java.lang.String r9) {
        /*
            Method dump skipped, instructions count: 500
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nimbusframework.nimbusawslocal.aws.apigateway.LambdaHttpMethodAuthenticator.matches(com.nimbusframework.nimbuslocal.deployment.http.HttpRequest, java.lang.String):boolean");
    }
}
