package uk.num.custodian;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Optional;
import java.util.regex.Pattern;
import lombok.NonNull;
import org.apache.commons.io.IOUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import uk.num.custodian.core.Custodian;
import uk.num.custodian.core.CustodianJsonService;
import uk.num.custodian.core.CustodianRecord;
import uk.num.custodian.core.DomainIdentifierPair;
import uk.num.custodian.core.Permission;
import uk.num.net.NumProtocolSupport;
import uk.num.numlib.api.NumAPIImpl;
import uk.num.numlib.dns.DNSServices;
import uk.num.numlib.exc.NumInvalidDNSHostException;

/* loaded from: input_file:uk/num/custodian/CustodianModuleServices.class */
public class CustodianModuleServices {
    public static final String CUSTODIAN_MODULE_ID = "4";
    private final CustodianJsonService jsonService;
    private final NumAPIImpl numApi;
    private static final Logger log = LogManager.getLogger(CustodianModuleServices.class);
    private static final Pattern EMAIL_REGEX = Pattern.compile("^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$");
    public static int timeoutMillis = 1000;

    /* loaded from: input_file:uk/num/custodian/CustodianModuleServices$Builder.class */
    public static class Builder {
        private DNSServices dnsServices;

        public CustodianModuleServices build() {
            try {
                return this.dnsServices == null ? new CustodianModuleServices() : new CustodianModuleServices(this.dnsServices, null);
            } catch (NumInvalidDNSHostException e) {
                return null;
            }
        }

        public Builder setDNS(@NonNull DNSServices dNSServices) {
            if (dNSServices == null) {
                throw new NullPointerException("dnsServices is marked @NonNull but is null");
            }
            this.dnsServices = dNSServices;
            return this;
        }
    }

    private CustodianModuleServices() {
        NumProtocolSupport.init();
        this.jsonService = new CustodianJsonService();
        this.numApi = new NumAPIImpl();
    }

    private CustodianModuleServices(@NonNull DNSServices dNSServices, String str) throws NumInvalidDNSHostException {
        if (dNSServices == null) {
            throw new NullPointerException("dnsServices is marked @NonNull but is null");
        }
        this.jsonService = new CustodianJsonService();
        this.numApi = new NumAPIImpl(dNSServices, str);
    }

    public String createSimpleCustodianRecordWithBranchesAsModl(@NonNull String str, @NonNull String str2, @NonNull String str3) {
        if (str == null) {
            throw new NullPointerException("identifier is marked @NonNull but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("sourceDomain is marked @NonNull but is null");
        }
        if (str3 == null) {
            throw new NullPointerException("targetDomain is marked @NonNull but is null");
        }
        return String.format("@n=1;c[%s:[%s]];b=true", new DomainIdentifierPair(str2, str).getHash(), str3);
    }

    public Optional<CustodianRecord> getCustodianRecord(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("baseDomain is marked @NonNull but is null");
        }
        try {
            String iOUtils = IOUtils.toString(NumProtocolSupport.toUrl(str + ":" + CUSTODIAN_MODULE_ID), StandardCharsets.UTF_8);
            if (iOUtils != null) {
                return Optional.of(this.jsonService.fromJson(iOUtils));
            }
        } catch (IOException e) {
            log.info(String.format("Cannot retrieve Custodian record for %s", str), e);
        }
        return Optional.empty();
    }

    private Optional<Permission> getPermissionRecord(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("branch is marked @NonNull but is null");
        }
        try {
            String iOUtils = IOUtils.toString(NumProtocolSupport.toUrl(str), StandardCharsets.UTF_8);
            if (iOUtils != null) {
                return Optional.of(this.jsonService.fromBranchJson(iOUtils));
            }
        } catch (IOException e) {
            log.info(String.format("Cannot retrieve Custodian record for %s", str), e);
        }
        return Optional.empty();
    }

    public boolean checkAccess(@NonNull String str, @NonNull String str2, @NonNull String str3) {
        if (str == null) {
            throw new NullPointerException("identifier is marked @NonNull but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("sourceDomain is marked @NonNull but is null");
        }
        if (str3 == null) {
            throw new NullPointerException("targetDomain is marked @NonNull but is null");
        }
        return ((Boolean) getCustodianRecord(str2).map(custodianRecord -> {
            return (Boolean) custodianRecord.findCustodian(new DomainIdentifierPair(str2, str)).map(custodian -> {
                return Boolean.valueOf(hasAdminOrDomainPermission(str3, custodian));
            }).orElseGet(() -> {
                if (!isEmailAddress(str)) {
                    return Boolean.valueOf(custodianRecord.hasBranches() && hasAdminOrDomainBranchPermission(str2, str3, str));
                }
                String domainPart = getDomainPart(str);
                return (Boolean) custodianRecord.findCustodian(new DomainIdentifierPair(str2, domainPart)).map(custodian2 -> {
                    return Boolean.valueOf(hasAdminOrDomainPermission(str3, custodian2));
                }).orElseGet(() -> {
                    return Boolean.valueOf(custodianRecord.hasBranches() && (hasAdminOrDomainBranchPermission(str2, str3, str) || hasAdminOrDomainBranchPermission(str2, str3, domainPart)));
                });
            });
        }).orElse(false)).booleanValue();
    }

    public boolean checkAccessForHash(@NonNull String str, @NonNull String str2, @NonNull String str3) {
        if (str == null) {
            throw new NullPointerException("hash is marked @NonNull but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("sourceDomain is marked @NonNull but is null");
        }
        if (str3 == null) {
            throw new NullPointerException("targetDomain is marked @NonNull but is null");
        }
        return ((Boolean) getCustodianRecord(str2).map(custodianRecord -> {
            return (Boolean) custodianRecord.findByHash(str).map(custodian -> {
                return Boolean.valueOf(hasAdminOrDomainPermission(str3, custodian));
            }).orElseGet(() -> {
                return Boolean.valueOf(custodianRecord.hasBranches() && hasAdminOrDomainBranchPermissionFromHash(str2, str3, str));
            });
        }).orElse(false)).booleanValue();
    }

    public String getDomainPart(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("emailAddress is marked @NonNull but is null");
        }
        return str.split("@")[1];
    }

    private boolean isEmailAddress(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("identifier is marked @NonNull but is null");
        }
        return EMAIL_REGEX.matcher(str).matches();
    }

    private boolean hasAdminOrDomainBranchPermission(String str, String str2, String str3) {
        return hasAdminOrDomainBranchPermissionFromHash(str, str2, new DomainIdentifierPair(str, str3).getHash());
    }

    private boolean hasAdminOrDomainBranchPermissionFromHash(String str, String str2, String str3) {
        return ((Boolean) getPermissionRecord(str + ":" + CUSTODIAN_MODULE_ID + "/" + str3).map(permission -> {
            return Boolean.valueOf(permission.hasPermission(Permission.PERMISSION_ADMIN) || permission.hasPermission(str2));
        }).orElse(false)).booleanValue();
    }

    private boolean hasAdminOrDomainPermission(String str, Custodian custodian) {
        return custodian.hasPermission(Permission.PERMISSION_ADMIN) || custodian.hasPermission(str);
    }

    public static void setTimeoutMillis(int i) {
        timeoutMillis = i;
    }
}
