package se.arkalix.core.plugin;

import java.net.InetSocketAddress;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.arkalix.ArService;
import se.arkalix.ArSystem;
import se.arkalix.core.plugin.or.HttpJsonOrchestrationService;
import se.arkalix.core.plugin.or.OrchestrationPattern;
import se.arkalix.core.plugin.or.OrchestrationStrategy;
import se.arkalix.core.plugin.sr.HttpJsonServiceDiscoveryService;
import se.arkalix.core.plugin.sr.ServiceQueryBuilder;
import se.arkalix.core.plugin.sr.ServiceQueryResultDto;
import se.arkalix.core.plugin.sr.ServiceRegistration;
import se.arkalix.core.plugin.sr.ServiceRegistrationDto;
import se.arkalix.description.ServiceDescription;
import se.arkalix.description.SystemDescription;
import se.arkalix.descriptor.EncodingDescriptor;
import se.arkalix.descriptor.InterfaceDescriptor;
import se.arkalix.descriptor.SecurityDescriptor;
import se.arkalix.descriptor.TransportDescriptor;
import se.arkalix.internal.security.identity.X509Keys;
import se.arkalix.net.http.client.HttpClient;
import se.arkalix.net.http.client.HttpClientConnection;
import se.arkalix.net.http.consumer.HttpConsumer;
import se.arkalix.plugin.Plugin;
import se.arkalix.plugin.PluginAttached;
import se.arkalix.plugin.PluginFacade;
import se.arkalix.query.ServiceQuery;
import se.arkalix.security.access.AccessByToken;
import se.arkalix.security.identity.SystemIdentity;
import se.arkalix.security.identity.UnsupportedKeyAlgorithm;
import se.arkalix.util.Result;
import se.arkalix.util.concurrent.Future;
import se.arkalix.util.concurrent.FutureAnnouncement;
import se.arkalix.util.concurrent.Futures;

/* loaded from: input_file:se/arkalix/core/plugin/HttpJsonCloudPlugin.class */
public class HttpJsonCloudPlugin implements Plugin {
    private static final Logger logger = LoggerFactory.getLogger(HttpJsonCloudPlugin.class);
    private final Predicate<ServiceDescription> serviceRegistrationPredicate;
    private final InetSocketAddress serviceRegistrySocketAddress;
    private final String serviceDiscoveryBasePath;
    private final OrchestrationStrategy orchestrationStrategy;

    /* loaded from: input_file:se/arkalix/core/plugin/HttpJsonCloudPlugin$Attached.class */
    private class Attached implements PluginAttached {
        private final ArSystem system;
        private final SystemDetailsDto systemDetails;
        private final HttpClient client;
        private FutureAnnouncement<PublicKey> authorizationKeyAnnouncement = null;
        private FutureAnnouncement<HttpJsonOrchestrationService> orchestrationAnnouncement = null;
        private FutureAnnouncement<Collection<ServiceDescription>> orchestrationPlainStoreQueryAnnouncement = null;
        private FutureAnnouncement<HttpJsonServiceDiscoveryService> serviceDiscoveryAnnouncement = null;

        Attached(ArSystem arSystem) {
            this.system = (ArSystem) Objects.requireNonNull(arSystem, "Expected system");
            this.systemDetails = SystemDetails.from(arSystem);
            this.client = HttpClient.from(arSystem);
            if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin attached to \"{}\"", arSystem.name());
            }
        }

        public void onDetach() {
            if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin detached from \"{}\"", this.system.name());
            }
        }

        public void onDetach(Throwable th) {
            if (HttpJsonCloudPlugin.logger.isErrorEnabled()) {
                HttpJsonCloudPlugin.logger.error("HTTP/JSON cloud plugin forcibly detached from \"" + this.system.name() + "\"", th);
            }
        }

        public Future<?> onServicePrepared(ArService arService) {
            AccessByToken accessPolicy = arService.accessPolicy();
            if (!(accessPolicy instanceof AccessByToken)) {
                return Future.done();
            }
            Future<PublicKey> requestAuthorizationKey = requestAuthorizationKey();
            AccessByToken accessByToken = accessPolicy;
            Objects.requireNonNull(accessByToken);
            return requestAuthorizationKey.ifSuccess(accessByToken::authorizationKey);
        }

        public Future<?> onServiceProvided(ServiceDescription serviceDescription) {
            if (!HttpJsonCloudPlugin.this.serviceRegistrationPredicate.test(serviceDescription)) {
                if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                    HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud ignoring to register \"{}\" provided by \"{}\"; the service failed to pass the service registration predicate ", serviceDescription.name(), this.system.name());
                }
                return Future.done();
            }
            if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin registering \"{}\" provided by \"{}\" ...", serviceDescription.name(), this.system.name());
            }
            SystemDescription provider = serviceDescription.provider();
            InetSocketAddress socketAddress = provider.socketAddress();
            ServiceRegistrationDto from = ServiceRegistration.from(serviceDescription);
            return requestServiceDiscovery().flatMap(httpJsonServiceDiscoveryService -> {
                return httpJsonServiceDiscoveryService.register(from).flatMapCatch(ErrorResponseException.class, errorResponseException -> {
                    return "INVALID_PARAMETER".equals(errorResponseException.error().type()) ? httpJsonServiceDiscoveryService.unregister(serviceDescription.name(), provider.name(), socketAddress.getHostString(), socketAddress.getPort()).flatMap(obj -> {
                        return httpJsonServiceDiscoveryService.register(from).pass((Object) null);
                    }) : Future.failure(errorResponseException);
                }).mapResult(result -> {
                    if (result.isSuccess()) {
                        if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                            HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin registered the \"{}\" service provided by the \"{}\" system", serviceDescription.name(), this.system.name());
                        }
                    } else if (HttpJsonCloudPlugin.logger.isErrorEnabled()) {
                        HttpJsonCloudPlugin.logger.error("HTTP/JSON cloud plugin failed to register the \"" + serviceDescription.name() + "\" service provided by the \"" + this.system.name() + "\" system", result.fault());
                    }
                    return result;
                });
            });
        }

        public void onServiceDismissed(ServiceDescription serviceDescription) {
            if (!HttpJsonCloudPlugin.this.serviceRegistrationPredicate.test(serviceDescription)) {
                if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                    HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud ignoring to unregister \"{}\" provided by \"{}\"; the service failed to pass the service registration predicate ", serviceDescription.name(), this.system.name());
                }
            } else {
                if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                    HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin unregistering the \"{}\"service provided by the \"{}\" system ...", serviceDescription.name(), this.system.name());
                }
                SystemDescription provider = serviceDescription.provider();
                InetSocketAddress socketAddress = provider.socketAddress();
                requestServiceDiscovery().flatMap(httpJsonServiceDiscoveryService -> {
                    return httpJsonServiceDiscoveryService.unregister(serviceDescription.name(), provider.name(), socketAddress.getHostString(), socketAddress.getPort());
                }).onResult(result -> {
                    if (result.isSuccess()) {
                        if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                            HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin unregistered the \"{}\" service provided by the \"{}\" system", serviceDescription.name(), this.system.name());
                        }
                    } else if (HttpJsonCloudPlugin.logger.isWarnEnabled()) {
                        HttpJsonCloudPlugin.logger.warn("HTTP/JSON cloud plugin failed to unregister the \"" + serviceDescription.name() + "\" service provided by the \"" + this.system.name() + "\" system", result.fault());
                    }
                });
            }
        }

        public Future<Collection<ServiceDescription>> onServiceQueried(ServiceQuery serviceQuery) {
            return Futures.flatReducePlain(new ArrayList(), (collection, orchestrationPattern) -> {
                Future subscribe;
                if (!orchestrationPattern.isPlainStorePattern()) {
                    Stream stream = collection.stream();
                    Objects.requireNonNull(serviceQuery);
                    return stream.anyMatch(serviceQuery::matches) ? Future.success(collection) : executeOrchestrationQueryUsing(serviceQuery, orchestrationPattern);
                }
                synchronized (this) {
                    if (this.orchestrationPlainStoreQueryAnnouncement == null) {
                        this.orchestrationPlainStoreQueryAnnouncement = executeOrchestrationQueryUsing(null, orchestrationPattern).always(result -> {
                            synchronized (this) {
                                this.orchestrationPlainStoreQueryAnnouncement = null;
                            }
                        }).toAnnouncement();
                    }
                    subscribe = this.orchestrationPlainStoreQueryAnnouncement.subscribe();
                }
                return subscribe;
            }, HttpJsonCloudPlugin.this.orchestrationStrategy.patterns());
        }

        private Future<Collection<ServiceDescription>> executeOrchestrationQueryUsing(ServiceQuery serviceQuery, OrchestrationPattern orchestrationPattern) {
            Objects.requireNonNull(orchestrationPattern, "Expected pattern");
            return requestOrchestration().ifSuccess(httpJsonOrchestrationService -> {
                if (HttpJsonCloudPlugin.logger.isTraceEnabled()) {
                    HttpJsonCloudPlugin.logger.trace("HTTP/JSON cloud plugin is about to execute {} ...", serviceQuery);
                }
            }).flatMap(httpJsonOrchestrationService2 -> {
                return httpJsonOrchestrationService2.query(orchestrationPattern.toQuery(this.systemDetails, serviceQuery));
            }).map(orchestrationQueryResultDto -> {
                List list = (List) orchestrationQueryResultDto.services().stream().map((v0) -> {
                    return v0.toServiceDescription();
                }).collect(Collectors.toUnmodifiableList());
                if (HttpJsonCloudPlugin.logger.isTraceEnabled()) {
                    HttpJsonCloudPlugin.logger.trace("HTTP/JSON cloud plugin received {}", list);
                }
                return list;
            });
        }

        private synchronized Future<HttpJsonServiceDiscoveryService> requestServiceDiscovery() {
            if (this.serviceDiscoveryAnnouncement == null) {
                if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                    HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin connecting to \"service_registry\" system at {} ...", HttpJsonCloudPlugin.this.serviceRegistrySocketAddress);
                }
                this.serviceDiscoveryAnnouncement = this.client.connect(HttpJsonCloudPlugin.this.serviceRegistrySocketAddress).mapResult(result -> {
                    SystemDescription from;
                    if (result.isFailure()) {
                        return Result.failure(result.fault());
                    }
                    HttpClientConnection httpClientConnection = (HttpClientConnection) result.value();
                    boolean isSecure = httpClientConnection.isSecure();
                    if (isSecure != this.system.isSecure()) {
                        return Result.failure(new CloudException("HTTP/JSON cloud plugin connected to system at " + HttpJsonCloudPlugin.this.serviceRegistrySocketAddress + " and found that it is " + (isSecure ? "running in secure mode, while this system is not" : "not running in secure mode, while this system is") + "; failed to resolve service discovery service "));
                    }
                    if (isSecure) {
                        SystemIdentity systemIdentity = new SystemIdentity(httpClientConnection.remoteCertificateChain());
                        String name = systemIdentity.name();
                        if (!Objects.equals(name, "service_registry")) {
                            return Result.failure(new CloudException("HTTP/JSON cloud plugin connected to system at " + HttpJsonCloudPlugin.this.serviceRegistrySocketAddress + " and found that its certificate name is \"" + name + "\" while expecting it to be \"service_registry\"; failed to resolve service discovery service "));
                        }
                        from = SystemDescription.from(name, systemIdentity.publicKey(), HttpJsonCloudPlugin.this.serviceRegistrySocketAddress);
                    } else {
                        from = SystemDescription.from("service_registry", HttpJsonCloudPlugin.this.serviceRegistrySocketAddress);
                    }
                    HttpJsonServiceDiscoveryService httpJsonServiceDiscoveryService = new HttpJsonServiceDiscoveryService(this.system, new ServiceDescription.Builder().name("service-discovery").provider(from).uri(HttpJsonCloudPlugin.this.serviceDiscoveryBasePath).security(isSecure ? SecurityDescriptor.CERTIFICATE : SecurityDescriptor.NOT_SECURE).interfaces(new InterfaceDescriptor[]{InterfaceDescriptor.getOrCreate(TransportDescriptor.HTTP, isSecure, EncodingDescriptor.JSON)}).build());
                    httpClientConnection.close();
                    if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                        HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin connected to \"service_registry\" system at {}", HttpJsonCloudPlugin.this.serviceRegistrySocketAddress);
                    }
                    return Result.success(httpJsonServiceDiscoveryService);
                }).ifFailure(Throwable.class, th -> {
                    if (HttpJsonCloudPlugin.logger.isErrorEnabled()) {
                        HttpJsonCloudPlugin.logger.error("HTTP/JSON cloud plugin failed to connect to \"service_registry\" system at " + HttpJsonCloudPlugin.this.serviceRegistrySocketAddress, th);
                    }
                }).toAnnouncement();
            }
            return this.serviceDiscoveryAnnouncement.subscribe();
        }

        private synchronized Future<PublicKey> requestAuthorizationKey() {
            if (this.authorizationKeyAnnouncement == null) {
                if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                    HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin requesting authorization key ...");
                }
                this.authorizationKeyAnnouncement = requestServiceDiscovery().flatMap(httpJsonServiceDiscoveryService -> {
                    return httpJsonServiceDiscoveryService.query(new ServiceQueryBuilder().name("auth-public-key").build());
                }).mapResult(result -> {
                    if (result.isFailure()) {
                        return Result.failure(result.fault());
                    }
                    List<ServiceDetails> services = ((ServiceQueryResultDto) result.value()).services();
                    if (services.size() == 0) {
                        return Result.failure(new CloudException("No \"auth-public-key\" service seems to be available via the service registry at: " + HttpJsonCloudPlugin.this.serviceRegistrySocketAddress + "; token authorization not possible"));
                    }
                    String str = null;
                    Iterator<ServiceDetails> it = services.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        Optional<String> publicKeyBase64 = it.next().provider().publicKeyBase64();
                        if (publicKeyBase64.isPresent()) {
                            str = publicKeyBase64.get();
                            break;
                        }
                    }
                    if (str == null) {
                        return Result.failure(new CloudException("Even though the service registry provided descriptions for " + services.size() + " \"auth-public-key\" service(s), none of them contains an authorization system public key; token authorization not possible"));
                    }
                    try {
                        PublicKey parsePublicKey = X509Keys.parsePublicKey(str);
                        if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                            HttpJsonCloudPlugin.logger.info("Authorization key retrieved: {}", str);
                        }
                        return Result.success(parsePublicKey);
                    } catch (UnsupportedKeyAlgorithm e) {
                        return Result.failure(new CloudException("The \"auth-public-key\" service provider public key seems to use an unsupported key algorithm; token authorization not possible", e));
                    }
                }).ifFailure(Throwable.class, th -> {
                    if (HttpJsonCloudPlugin.logger.isWarnEnabled()) {
                        HttpJsonCloudPlugin.logger.warn("Failed to retrieve authorization key", th);
                    }
                }).toAnnouncement();
            }
            return this.authorizationKeyAnnouncement.subscribe();
        }

        private synchronized Future<HttpJsonOrchestrationService> requestOrchestration() {
            if (this.orchestrationAnnouncement == null) {
                if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                    HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin connecting to \"orchestrator\" system ...");
                }
                boolean isSecure = this.client.isSecure();
                this.orchestrationAnnouncement = requestServiceDiscovery().flatMap(httpJsonServiceDiscoveryService -> {
                    ServiceQueryBuilder interfaces = new ServiceQueryBuilder().name("orchestration-service").interfaces(InterfaceDescriptor.getOrCreate(TransportDescriptor.HTTP, isSecure, EncodingDescriptor.JSON));
                    SecurityDescriptor[] securityDescriptorArr = new SecurityDescriptor[1];
                    securityDescriptorArr[0] = isSecure ? SecurityDescriptor.CERTIFICATE : SecurityDescriptor.NOT_SECURE;
                    return httpJsonServiceDiscoveryService.query(interfaces.securityModes(securityDescriptorArr).build());
                }).flatMapResult(result -> {
                    if (result.isFailure()) {
                        return Future.failure(result.fault());
                    }
                    List<ServiceDetails> services = ((ServiceQueryResultDto) result.value()).services();
                    if (services.isEmpty()) {
                        return Future.failure(new CloudException("No orchestration service available; cannot request orchestration rules"));
                    }
                    HttpJsonOrchestrationService httpJsonOrchestrationService = new HttpJsonOrchestrationService(HttpConsumer.create(this.system, services.get(0).toServiceDescription(), Collections.singleton(EncodingDescriptor.JSON)));
                    if (HttpJsonCloudPlugin.logger.isInfoEnabled()) {
                        HttpJsonCloudPlugin.logger.info("HTTP/JSON cloud plugin resolved orchestration service at {}", httpJsonOrchestrationService.service().provider().socketAddress());
                    }
                    return Future.success(httpJsonOrchestrationService);
                }).ifFailure(Throwable.class, th -> {
                    if (HttpJsonCloudPlugin.logger.isErrorEnabled()) {
                        HttpJsonCloudPlugin.logger.error("HTTP/JSON cloud plugin failed to connect to \"orchestrator\" system", th);
                    }
                }).toAnnouncement();
            }
            return this.orchestrationAnnouncement.subscribe();
        }
    }

    /* loaded from: input_file:se/arkalix/core/plugin/HttpJsonCloudPlugin$Builder.class */
    public static class Builder {
        private String serviceDiscoveryBasePath;
        private Predicate<ServiceDescription> serviceRegistrationPredicate;
        private InetSocketAddress serviceRegistrySocketAddress;
        private OrchestrationStrategy orchestrationStrategy;

        public Builder serviceDiscoveryBasePath(String str) {
            this.serviceDiscoveryBasePath = str;
            return this;
        }

        public Builder serviceRegistrationPredicate(Predicate<ServiceDescription> predicate) {
            this.serviceRegistrationPredicate = predicate;
            return this;
        }

        public Builder serviceRegistrySocketAddress(InetSocketAddress inetSocketAddress) {
            this.serviceRegistrySocketAddress = inetSocketAddress;
            return this;
        }

        public Builder orchestrationStrategy(OrchestrationStrategy orchestrationStrategy) {
            this.orchestrationStrategy = orchestrationStrategy;
            return this;
        }

        public HttpJsonCloudPlugin build() {
            return new HttpJsonCloudPlugin(this);
        }
    }

    private HttpJsonCloudPlugin(Builder builder) {
        this.serviceRegistrationPredicate = (Predicate) Objects.requireNonNullElse(builder.serviceRegistrationPredicate, serviceDescription -> {
            return true;
        });
        this.serviceDiscoveryBasePath = (String) Objects.requireNonNullElse(builder.serviceDiscoveryBasePath, "/serviceregistry");
        this.serviceRegistrySocketAddress = (InetSocketAddress) Objects.requireNonNull(builder.serviceRegistrySocketAddress, "Expected serviceRegistrySocketAddress");
        this.orchestrationStrategy = (OrchestrationStrategy) Objects.requireNonNullElse(builder.orchestrationStrategy, OrchestrationStrategy.STORED_ONLY);
    }

    public static HttpJsonCloudPlugin joinViaServiceRegistryAt(InetSocketAddress inetSocketAddress) {
        return new Builder().serviceRegistrySocketAddress(inetSocketAddress).build();
    }

    public int ordinal() {
        return -1000;
    }

    public Future<PluginAttached> attachTo(ArSystem arSystem, Map<Class<? extends Plugin>, PluginFacade> map) {
        return Future.success(new Attached(arSystem));
    }
}
