package software.amazon.cloudformation;

import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.lambda.runtime.Context;
import com.amazonaws.services.lambda.runtime.LambdaLogger;
import com.amazonaws.services.lambda.runtime.RequestStreamHandler;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.exc.MismatchedInputException;
import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException;
import com.google.common.annotations.VisibleForTesting;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.time.Instant;
import java.util.Arrays;
import java.util.Date;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.json.JSONObject;
import org.json.JSONTokener;
import software.amazon.awssdk.http.SdkHttpClient;
import software.amazon.awssdk.http.apache.ApacheHttpClient;
import software.amazon.awssdk.utils.StringUtils;
import software.amazon.cloudformation.exceptions.BaseHandlerException;
import software.amazon.cloudformation.exceptions.FileScrubberException;
import software.amazon.cloudformation.exceptions.TerminalException;
import software.amazon.cloudformation.injection.CloudWatchLogsProvider;
import software.amazon.cloudformation.injection.CloudWatchProvider;
import software.amazon.cloudformation.injection.CredentialsProvider;
import software.amazon.cloudformation.injection.SessionCredentialsProvider;
import software.amazon.cloudformation.loggers.CloudWatchLogHelper;
import software.amazon.cloudformation.loggers.CloudWatchLogPublisher;
import software.amazon.cloudformation.loggers.LambdaLogPublisher;
import software.amazon.cloudformation.loggers.LogFilter;
import software.amazon.cloudformation.loggers.LogPublisher;
import software.amazon.cloudformation.metrics.MetricsPublisher;
import software.amazon.cloudformation.metrics.MetricsPublisherImpl;
import software.amazon.cloudformation.proxy.AmazonWebServicesClientProxy;
import software.amazon.cloudformation.proxy.Credentials;
import software.amazon.cloudformation.proxy.DelayFactory;
import software.amazon.cloudformation.proxy.HandlerErrorCode;
import software.amazon.cloudformation.proxy.HandlerRequest;
import software.amazon.cloudformation.proxy.LoggerProxy;
import software.amazon.cloudformation.proxy.MetricsPublisherProxy;
import software.amazon.cloudformation.proxy.OperationStatus;
import software.amazon.cloudformation.proxy.ProgressEvent;
import software.amazon.cloudformation.proxy.ResourceHandlerRequest;
import software.amazon.cloudformation.proxy.WaitStrategy;
import software.amazon.cloudformation.resource.ResourceTypeSchema;
import software.amazon.cloudformation.resource.SchemaValidator;
import software.amazon.cloudformation.resource.Serializer;
import software.amazon.cloudformation.resource.Validator;
import software.amazon.cloudformation.resource.exceptions.ValidationException;

/* loaded from: input_file:software/amazon/cloudformation/LambdaWrapper.class */
public abstract class LambdaWrapper<ResourceT, CallbackT> implements RequestStreamHandler {
    public static final SdkHttpClient HTTP_CLIENT;
    private static final List<Action> MUTATING_ACTIONS;
    protected final Serializer serializer;
    protected LoggerProxy loggerProxy;
    protected MetricsPublisherProxy metricsPublisherProxy;
    protected LambdaLogger lambdaLogger;
    final CredentialsProvider providerCredentialsProvider;
    final CloudWatchProvider providerCloudWatchProvider;
    final CloudWatchLogsProvider cloudWatchLogsProvider;
    final SchemaValidator validator;
    final TypeReference<HandlerRequest<ResourceT, CallbackT>> typeReference;
    private MetricsPublisher providerMetricsPublisher;
    private LogPublisher platformLambdaLogger;
    private CloudWatchLogHelper cloudWatchLogHelper;
    private CloudWatchLogPublisher providerEventsLogger;
    static final /* synthetic */ boolean $assertionsDisabled;

    protected LambdaWrapper() {
        this.providerCredentialsProvider = new SessionCredentialsProvider();
        this.providerCloudWatchProvider = new CloudWatchProvider(this.providerCredentialsProvider, HTTP_CLIENT);
        this.cloudWatchLogsProvider = new CloudWatchLogsProvider(this.providerCredentialsProvider, HTTP_CLIENT);
        this.serializer = new Serializer();
        this.validator = new Validator();
        this.typeReference = getTypeReference();
    }

    public LambdaWrapper(CredentialsProvider credentialsProvider, LogPublisher logPublisher, CloudWatchLogPublisher cloudWatchLogPublisher, MetricsPublisher metricsPublisher, SchemaValidator schemaValidator, Serializer serializer, SdkHttpClient sdkHttpClient) {
        this.providerCredentialsProvider = credentialsProvider;
        this.providerCloudWatchProvider = new CloudWatchProvider(this.providerCredentialsProvider, sdkHttpClient);
        this.cloudWatchLogsProvider = new CloudWatchLogsProvider(this.providerCredentialsProvider, sdkHttpClient);
        this.providerEventsLogger = cloudWatchLogPublisher;
        this.platformLambdaLogger = logPublisher;
        this.providerMetricsPublisher = metricsPublisher;
        this.serializer = serializer;
        this.validator = schemaValidator;
        this.typeReference = getTypeReference();
    }

    private void initialiseRuntime(String str, Credentials credentials, String str2, Context context) {
        this.loggerProxy = new LoggerProxy();
        this.metricsPublisherProxy = new MetricsPublisherProxy();
        this.platformLambdaLogger = new LambdaLogPublisher(context.getLogger(), new LogFilter[0]);
        this.loggerProxy.addLogPublisher(this.platformLambdaLogger);
        if (credentials != null) {
            if (this.providerCredentialsProvider != null) {
                this.providerCredentialsProvider.setCredentials(credentials);
            }
            if (this.providerMetricsPublisher == null) {
                this.providerMetricsPublisher = new MetricsPublisherImpl(this.providerCloudWatchProvider, this.loggerProxy, str);
            }
            this.metricsPublisherProxy.addMetricsPublisher(this.providerMetricsPublisher);
            this.providerMetricsPublisher.refreshClient();
            if (this.providerEventsLogger == null) {
                this.cloudWatchLogHelper = new CloudWatchLogHelper(this.cloudWatchLogsProvider, str2, context.getLogger(), this.metricsPublisherProxy);
                this.cloudWatchLogHelper.refreshClient();
                this.providerEventsLogger = new CloudWatchLogPublisher(this.cloudWatchLogsProvider, str2, this.cloudWatchLogHelper.prepareLogStream(), context.getLogger(), this.metricsPublisherProxy, new LogFilter[0]);
            }
            this.loggerProxy.addLogPublisher(this.providerEventsLogger);
            this.providerEventsLogger.refreshClient();
        }
    }

    public void handleRequest(InputStream inputStream, OutputStream outputStream, Context context) throws IOException, TerminalException {
        this.lambdaLogger = context.getLogger();
        ProgressEvent progressEvent = null;
        HandlerRequest<ResourceT, CallbackT> handlerRequest = null;
        scrubFiles();
        try {
            try {
                try {
                    if (inputStream == null) {
                        throw new TerminalException("No request object received");
                    }
                    String decompress = this.serializer.decompress(IOUtils.toString(inputStream, StandardCharsets.UTF_8));
                    JSONObject jSONObject = new JSONObject(new JSONTokener(decompress));
                    try {
                        handlerRequest = (HandlerRequest) this.serializer.deserialize(decompress, this.typeReference);
                    } catch (MismatchedInputException e) {
                        this.validator.validateObject(jSONObject.getJSONObject("requestData").getJSONObject("resourceProperties"), provideResourceSchemaJSONObject());
                    }
                    ProgressEvent<ResourceT, CallbackT> processInvocation = processInvocation(jSONObject, handlerRequest, context);
                    if (processInvocation != null) {
                        publishExceptionCodeAndCountMetric(handlerRequest == null ? null : handlerRequest.getAction(), processInvocation.getErrorCode(), processInvocation.getStatus() == OperationStatus.FAILED);
                    }
                    writeResponse(outputStream, processInvocation);
                } catch (Throwable th) {
                    th.printStackTrace();
                    ProgressEvent<ResourceT, CallbackT> defaultFailureHandler = ProgressEvent.defaultFailureHandler(th, HandlerErrorCode.InternalFailure);
                    if (0 != 0 && handlerRequest.getRequestData() != null && MUTATING_ACTIONS.contains(handlerRequest.getAction())) {
                        defaultFailureHandler.setResourceModel(handlerRequest.getRequestData().getResourceProperties());
                    }
                    if (0 != 0) {
                        publishExceptionMetric(handlerRequest.getAction(), th, HandlerErrorCode.InternalFailure);
                    }
                    if (defaultFailureHandler != null) {
                        publishExceptionCodeAndCountMetric(0 == 0 ? null : handlerRequest.getAction(), defaultFailureHandler.getErrorCode(), defaultFailureHandler.getStatus() == OperationStatus.FAILED);
                    }
                    writeResponse(outputStream, defaultFailureHandler);
                }
            } catch (ValidationException e2) {
                String buildFullExceptionMessage = ValidationException.buildFullExceptionMessage(e2);
                String format = !StringUtils.isEmpty(buildFullExceptionMessage) ? String.format("Model validation failed (%s)", buildFullExceptionMessage) : "Model validation failed with unknown cause.";
                publishExceptionMetric(0 == 0 ? null : handlerRequest.getAction(), e2, HandlerErrorCode.InvalidRequest);
                ProgressEvent<ResourceT, CallbackT> defaultFailureHandler2 = ProgressEvent.defaultFailureHandler(new TerminalException(format, e2), HandlerErrorCode.InvalidRequest);
                if (defaultFailureHandler2 != null) {
                    publishExceptionCodeAndCountMetric(0 == 0 ? null : handlerRequest.getAction(), defaultFailureHandler2.getErrorCode(), defaultFailureHandler2.getStatus() == OperationStatus.FAILED);
                }
                writeResponse(outputStream, defaultFailureHandler2);
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                publishExceptionCodeAndCountMetric(0 == 0 ? null : handlerRequest.getAction(), progressEvent.getErrorCode(), progressEvent.getStatus() == OperationStatus.FAILED);
            }
            writeResponse(outputStream, null);
            throw th2;
        }
    }

    private ProgressEvent<ResourceT, CallbackT> processInvocation(JSONObject jSONObject, HandlerRequest<ResourceT, CallbackT> handlerRequest, Context context) throws IOException, TerminalException {
        if (!$assertionsDisabled && handlerRequest == null) {
            throw new AssertionError("Invalid request object received");
        }
        if (handlerRequest.getRequestData() == null) {
            throw new TerminalException("Invalid request object received");
        }
        if (MUTATING_ACTIONS.contains(handlerRequest.getAction()) && handlerRequest.getRequestData().getResourceProperties() == null) {
            throw new TerminalException("Invalid resource properties object received");
        }
        initialiseRuntime(handlerRequest.getResourceType(), handlerRequest.getRequestData().getProviderCredentials(), handlerRequest.getRequestData().getProviderLogGroupName(), context);
        ResourceHandlerRequest<ResourceT> transform = transform(handlerRequest);
        if (transform != null) {
            transform.setPreviousResourceTags(getPreviousResourceTags(handlerRequest));
        }
        this.metricsPublisherProxy.publishInvocationMetric(Instant.now(), handlerRequest.getAction());
        boolean contains = MUTATING_ACTIONS.contains(handlerRequest.getAction());
        if (contains) {
            try {
                validateModel(jSONObject.getJSONObject("requestData").getJSONObject("resourceProperties"));
            } catch (ValidationException e) {
                StringBuilder sb = new StringBuilder();
                if (StringUtils.isEmpty(e.getMessage())) {
                    sb.append("Model validation failed with unknown cause.");
                } else {
                    sb.append(String.format("Model validation failed (%s)", e.getMessage()));
                }
                List<ValidationException> causingExceptions = e.getCausingExceptions();
                if (CollectionUtils.isNotEmpty(causingExceptions)) {
                    for (ValidationException validationException : causingExceptions) {
                        if (validationException instanceof ValidationException) {
                            sb.append(String.format("%n%s (%s)", validationException.getMessage(), validationException.getSchemaPointer()));
                        }
                    }
                }
                publishExceptionMetric(handlerRequest.getAction(), e, HandlerErrorCode.InvalidRequest);
                return ProgressEvent.defaultFailureHandler(new TerminalException(sb.toString(), e), HandlerErrorCode.InvalidRequest);
            }
        }
        CallbackT callbackContext = handlerRequest.getCallbackContext();
        ProgressEvent<ResourceT, CallbackT> wrapInvocationAndHandleErrors = wrapInvocationAndHandleErrors(handlerRequest.getRequestData().getCallerCredentials() != null ? new AmazonWebServicesClientProxy(this.loggerProxy, handlerRequest.getRequestData().getCallerCredentials(), DelayFactory.CONSTANT_DEFAULT_DELAY_FACTORY, WaitStrategy.scheduleForCallbackStrategy()) : null, transform, handlerRequest, callbackContext);
        if (wrapInvocationAndHandleErrors.getStatus() != OperationStatus.IN_PROGRESS || contains) {
            return wrapInvocationAndHandleErrors;
        }
        throw new TerminalException("READ and LIST handlers must return synchronously.");
    }

    private void logUnhandledError(String str, HandlerRequest<ResourceT, CallbackT> handlerRequest, Throwable th) {
        log(String.format("%s in a %s action on a %s: %s%n%s", str, handlerRequest.getAction(), handlerRequest.getResourceType(), th.toString(), ExceptionUtils.getStackTrace(th)));
    }

    private ProgressEvent<ResourceT, CallbackT> wrapInvocationAndHandleErrors(AmazonWebServicesClientProxy amazonWebServicesClientProxy, ResourceHandlerRequest<ResourceT> resourceHandlerRequest, HandlerRequest<ResourceT, CallbackT> handlerRequest, CallbackT callbackt) {
        Date from = Date.from(Instant.now());
        try {
            try {
                try {
                    try {
                        ProgressEvent<ResourceT, CallbackT> invokeHandler = invokeHandler(amazonWebServicesClientProxy, resourceHandlerRequest, handlerRequest.getAction(), callbackt);
                        if (invokeHandler == null) {
                            log("Handler returned null");
                            throw new TerminalException("Handler failed to provide a response.");
                        }
                        log(String.format("Handler returned %s", invokeHandler.getStatus()));
                        this.metricsPublisherProxy.publishDurationMetric(Instant.now(), handlerRequest.getAction(), Date.from(Instant.now()).getTime() - from.getTime());
                        return invokeHandler;
                    } catch (BaseHandlerException e) {
                        publishExceptionMetric(handlerRequest.getAction(), e, e.getErrorCode());
                        logUnhandledError(e.getMessage(), handlerRequest, e);
                        ProgressEvent<ResourceT, CallbackT> defaultFailureHandler = ProgressEvent.defaultFailureHandler(e, e.getErrorCode());
                        this.metricsPublisherProxy.publishDurationMetric(Instant.now(), handlerRequest.getAction(), Date.from(Instant.now()).getTime() - from.getTime());
                        return defaultFailureHandler;
                    }
                } catch (Throwable th) {
                    publishExceptionMetric(handlerRequest.getAction(), th, HandlerErrorCode.InternalFailure);
                    logUnhandledError("An unknown error occurred ", handlerRequest, th);
                    ProgressEvent<ResourceT, CallbackT> defaultFailureHandler2 = ProgressEvent.defaultFailureHandler(th, HandlerErrorCode.InternalFailure);
                    this.metricsPublisherProxy.publishDurationMetric(Instant.now(), handlerRequest.getAction(), Date.from(Instant.now()).getTime() - from.getTime());
                    return defaultFailureHandler2;
                }
            } catch (AmazonServiceException e2) {
                publishExceptionMetric(handlerRequest.getAction(), e2, HandlerErrorCode.GeneralServiceException);
                logUnhandledError("A downstream service error occurred", handlerRequest, e2);
                ProgressEvent<ResourceT, CallbackT> defaultFailureHandler3 = ProgressEvent.defaultFailureHandler(e2, HandlerErrorCode.GeneralServiceException);
                this.metricsPublisherProxy.publishDurationMetric(Instant.now(), handlerRequest.getAction(), Date.from(Instant.now()).getTime() - from.getTime());
                return defaultFailureHandler3;
            }
        } catch (Throwable th2) {
            this.metricsPublisherProxy.publishDurationMetric(Instant.now(), handlerRequest.getAction(), Date.from(Instant.now()).getTime() - from.getTime());
            throw th2;
        }
    }

    protected void writeResponse(OutputStream outputStream, ProgressEvent<ResourceT, CallbackT> progressEvent) throws IOException {
        if (progressEvent.getResourceModel() != null && progressEvent.getStatus() != OperationStatus.IN_PROGRESS) {
            progressEvent.setResourceModel(sanitizeModel(progressEvent.getResourceModel()));
        }
        outputStream.write(this.serializer.serialize(progressEvent).getBytes(StandardCharsets.UTF_8));
        outputStream.close();
    }

    protected ResourceT sanitizeModel(ResourceT resourcet) throws IOException {
        JSONObject jSONObject = new JSONObject(this.serializer.serialize(resourcet));
        ResourceTypeSchema.load(provideResourceSchemaJSONObject()).removeWriteOnlyProperties(jSONObject);
        return (ResourceT) this.serializer.deserializeStrict(jSONObject.toString(), getModelTypeReference());
    }

    protected void validateModel(JSONObject jSONObject) throws ValidationException, IOException {
        JSONObject provideResourceSchemaJSONObject = provideResourceSchemaJSONObject();
        if (provideResourceSchemaJSONObject == null) {
            throw new TerminalException("Unable to validate incoming model as no schema was provided.");
        }
        try {
            this.validator.validateObject(new JSONObject(this.serializer.serialize(this.serializer.deserializeStrict(jSONObject.toString(), getModelTypeReference()))), provideResourceSchemaJSONObject);
        } catch (UnrecognizedPropertyException e) {
            throw new ValidationException(String.format("#: extraneous key [%s] is not permitted", e.getPropertyName()), "additionalProperties", "#");
        }
    }

    protected abstract ResourceHandlerRequest<ResourceT> transform(HandlerRequest<ResourceT, CallbackT> handlerRequest) throws IOException;

    protected abstract JSONObject provideResourceSchemaJSONObject();

    protected abstract Map<String, String> provideResourceDefinedTags(ResourceT resourcet);

    public abstract ProgressEvent<ResourceT, CallbackT> invokeHandler(AmazonWebServicesClientProxy amazonWebServicesClientProxy, ResourceHandlerRequest<ResourceT> resourceHandlerRequest, Action action, CallbackT callbackt) throws Exception;

    private void publishExceptionMetric(Action action, Throwable th, HandlerErrorCode handlerErrorCode) {
        if (this.metricsPublisherProxy != null) {
            this.metricsPublisherProxy.publishExceptionMetric(Instant.now(), action, th, handlerErrorCode);
        } else {
            this.lambdaLogger.log(th.toString());
        }
    }

    private void publishExceptionCodeAndCountMetric(Action action, HandlerErrorCode handlerErrorCode, boolean z) {
        if (this.metricsPublisherProxy != null) {
            EnumSet.allOf(HandlerErrorCode.class).forEach(handlerErrorCode2 -> {
                this.metricsPublisherProxy.publishExceptionByErrorCodeMetric(Instant.now(), action, handlerErrorCode2, z && handlerErrorCode2 == handlerErrorCode);
            });
            this.metricsPublisherProxy.publishExceptionCountMetric(Instant.now(), action, z);
        }
    }

    private void log(String str) {
        if (this.loggerProxy != null) {
            this.loggerProxy.log(String.format("%s%n", str));
        } else {
            this.lambdaLogger.log(str);
        }
    }

    protected abstract TypeReference<HandlerRequest<ResourceT, CallbackT>> getTypeReference();

    protected abstract TypeReference<ResourceT> getModelTypeReference();

    protected void scrubFiles() {
        try {
            FileUtils.cleanDirectory(FileUtils.getTempDirectory());
        } catch (IOException e) {
            log(e.getMessage());
            publishExceptionMetric(null, new FileScrubberException(e), HandlerErrorCode.InternalFailure);
        }
    }

    @VisibleForTesting
    protected Map<String, String> getDesiredResourceTags(HandlerRequest<ResourceT, CallbackT> handlerRequest) {
        HashMap hashMap = new HashMap();
        if (handlerRequest != null && handlerRequest.getRequestData() != null) {
            replaceInMap(hashMap, handlerRequest.getRequestData().getStackTags());
            replaceInMap(hashMap, provideResourceDefinedTags(handlerRequest.getRequestData().getResourceProperties()));
        }
        return hashMap;
    }

    @VisibleForTesting
    protected Map<String, String> getPreviousResourceTags(HandlerRequest<ResourceT, CallbackT> handlerRequest) {
        HashMap hashMap = new HashMap();
        if (handlerRequest != null && handlerRequest.getRequestData() != null) {
            replaceInMap(hashMap, handlerRequest.getRequestData().getPreviousStackTags());
            if (handlerRequest.getRequestData().getPreviousResourceProperties() != null) {
                replaceInMap(hashMap, provideResourceDefinedTags(handlerRequest.getRequestData().getPreviousResourceProperties()));
            }
        }
        return hashMap;
    }

    private void replaceInMap(Map<String, String> map, Map<String, String> map2) {
        if (map == null || map2 == null || map2.isEmpty()) {
            return;
        }
        map.putAll(map2);
    }

    static {
        $assertionsDisabled = !LambdaWrapper.class.desiredAssertionStatus();
        HTTP_CLIENT = ApacheHttpClient.builder().build();
        MUTATING_ACTIONS = Arrays.asList(Action.CREATE, Action.DELETE, Action.UPDATE);
    }
}
