package li.strolch.websocket;

import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.websocket.CloseReason;
import javax.websocket.EndpointConfig;
import javax.websocket.MessageHandler;
import javax.websocket.Session;
import li.strolch.agent.api.ObserverHandler;
import li.strolch.agent.api.StrolchAgent;
import li.strolch.exception.StrolchNotAuthenticatedException;
import li.strolch.privilege.model.Certificate;
import li.strolch.rest.StrolchSessionHandler;
import li.strolch.utils.helper.ExceptionHelper;
import li.strolch.utils.helper.StringHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:li/strolch/websocket/WebSocketClient.class */
public class WebSocketClient implements MessageHandler.Whole<String> {
    public static final Logger logger = LoggerFactory.getLogger(WebSocketClient.class);
    protected final StrolchSessionHandler sessionHandler;
    protected final StrolchAgent agent;
    protected final Session session;
    protected final EndpointConfig config;
    protected final String remoteIp = WebSocketRemoteIp.get();
    protected final Map<String, WebSocketObserverHandler> observerHandlersByRealm = new HashMap(1);
    protected Certificate certificate;

    public WebSocketClient(StrolchAgent strolchAgent, Session session, EndpointConfig endpointConfig) {
        this.agent = strolchAgent;
        this.sessionHandler = (StrolchSessionHandler) strolchAgent.getComponent(StrolchSessionHandler.class);
        this.session = session;
        this.config = endpointConfig;
    }

    public String toString() {
        return "WebSocket " + this.certificate.getUsername() + "@" + this.remoteIp;
    }

    public void onMessage(String str) {
        JsonObject asJsonObject = JsonParser.parseString(str).getAsJsonObject();
        String asString = asJsonObject.get("msgType").getAsString();
        logger.info("Handling message " + asString);
        boolean z = -1;
        switch (asString.hashCode()) {
            case -689935406:
                if (asString.equals("ObserverUnregister")) {
                    z = 2;
                    break;
                }
                break;
            case -486214727:
                if (asString.equals("ObserverRegister")) {
                    z = true;
                    break;
                }
                break;
            case 1885436661:
                if (asString.equals("Authenticate")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                handleAuthenticate(asJsonObject);
                return;
            case true:
                assertAuthenticated(asString);
                handleRegister(asJsonObject);
                return;
            case true:
                assertAuthenticated(asString);
                handleUnregister(asJsonObject);
                return;
            default:
                logger.error("Unhandled Event msgType: " + asString);
                return;
        }
    }

    public void assertAuthenticated(String str) {
        if (this.certificate == null) {
            logger.error("Received " + str + " request, but not yet authed!");
            close(CloseReason.CloseCodes.PROTOCOL_ERROR, "Not yet authed!");
            return;
        }
        try {
            this.sessionHandler.validate(this.certificate, this.remoteIp);
        } catch (RuntimeException e) {
            logger.error("Received " + str + " request, but authentication is not valid anymore: " + ExceptionHelper.getExceptionMessage(e));
            close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Not yet authed!");
        }
    }

    private void handleRegister(JsonObject jsonObject) {
        String realm;
        if (jsonObject.has("realm") && StringHelper.isNotEmpty(jsonObject.get("realm").getAsString())) {
            realm = jsonObject.get("realm").getAsString();
            if (StringHelper.isEmpty(this.certificate.getRealm()) && !this.certificate.hasRole("StrolchAdmin")) {
                throw new IllegalStateException("User is missing realm configuration!");
            }
            if (!this.certificate.hasRole("StrolchAdmin") && !realm.equals(this.certificate.getRealm())) {
                throw new IllegalStateException("User does not have access to realm " + realm);
            }
        } else {
            realm = StringHelper.isNotEmpty(this.certificate.getRealm()) ? this.certificate.getRealm() : "defaultRealm";
        }
        String str = realm;
        String asString = jsonObject.get("objectType").getAsString();
        String asString2 = jsonObject.get("type").getAsString();
        JsonObject asJsonObject = jsonObject.get("params").getAsJsonObject();
        this.observerHandlersByRealm.computeIfAbsent(asString, str2 -> {
            return getWebSocketObserverHandler(str, this.agent.getRealm(str).getObserverHandler());
        }).register(asString, asString2, asJsonObject);
        logger.info(this.certificate.getUsername() + " registered for " + asString + " " + asString2 + " params: " + asJsonObject);
    }

    protected WebSocketObserverHandler getWebSocketObserverHandler(String str, ObserverHandler observerHandler) {
        return new WebSocketObserverHandler(this.agent, str, observerHandler, this);
    }

    private void handleUnregister(JsonObject jsonObject) {
        String asString = jsonObject.get("realm").getAsString();
        String asString2 = jsonObject.get("objectType").getAsString();
        String asString3 = jsonObject.get("type").getAsString();
        WebSocketObserverHandler webSocketObserverHandler = this.observerHandlersByRealm.get(asString);
        if (webSocketObserverHandler == null) {
            logger.error("Client " + this.session.getId() + " for " + this.certificate.getUsername() + " not registered for " + asString + " " + asString2 + " " + asString3);
        } else {
            webSocketObserverHandler.unregister(asString2, asString3);
        }
    }

    private void handleAuthenticate(JsonObject jsonObject) {
        if (!jsonObject.has("authToken") || jsonObject.get("authToken").isJsonNull() || !jsonObject.has("username") || jsonObject.get("username").isJsonNull()) {
            logger.error("Received invalid authentication request: " + jsonObject);
            close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Invalid authentication");
            return;
        }
        String asString = jsonObject.get("authToken").getAsString();
        String asString2 = jsonObject.get("username").getAsString();
        if (asString.isEmpty() || asString2.isEmpty()) {
            logger.error("Received invalid authentication request: " + jsonObject);
            close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Invalid authentication");
            return;
        }
        try {
            this.certificate = this.sessionHandler.validate(asString, this.remoteIp);
            if (!this.certificate.getUsername().equals(asString2)) {
                logger.error("Invalid authentication for " + asString2);
                close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Invalid authentication");
                return;
            }
            logger.info("User " + this.certificate.getUsername() + " authenticated on WebSocket with remote IP " + this.remoteIp);
            jsonObject.addProperty("msg", "-");
            try {
                sendMessage(jsonObject.toString());
            } catch (Exception e) {
                logger.error("Failed to send authentication response to client " + this, e);
                close(new CloseReason(CloseReason.CloseCodes.CLOSED_ABNORMALLY, ExceptionHelper.getExceptionMessage(e)));
            }
        } catch (Exception e2) {
            if (e2 instanceof StrolchNotAuthenticatedException) {
                logger.error("Failed to authenticate user " + asString2 + ": " + e2.getMessage());
            } else {
                logger.error("Failed to authenticate user " + asString2, e2);
            }
            close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Invalid authentication");
        }
    }

    private void close(CloseReason.CloseCode closeCode, String str) {
        close(new CloseReason(closeCode, str));
    }

    public void close(CloseReason closeReason) {
        if (this.observerHandlersByRealm == null || this.observerHandlersByRealm.isEmpty()) {
            return;
        }
        try {
            this.session.close(new CloseReason(closeReason.getCloseCode(), closeReason.getReasonPhrase()));
        } catch (IOException e) {
            logger.error("Failed to close client after invalid authentication!", e);
        }
        this.observerHandlersByRealm.keySet().forEach(str -> {
            this.observerHandlersByRealm.get(str).unregisterAll();
        });
    }

    public void onError(Throwable th) {
        logger.error("Socket error: " + th.getMessage(), th);
    }

    public synchronized void sendMessage(String str) throws Exception {
        assertAuthenticated("sendMessage");
        this.session.getBasicRemote().sendText(str);
    }
}
