package com.tokera.ate.delegates;

import com.tokera.ate.common.LoggerHook;
import com.tokera.ate.common.MapTools;
import com.tokera.ate.dto.msg.MessagePublicKeyDto;
import com.tokera.ate.events.RegisterPublicTopicEvent;
import com.tokera.ate.io.api.IPartitionKey;
import com.tokera.ate.providers.PartitionKeySerializer;
import com.tokera.ate.scopes.Startup;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import javax.ws.rs.WebApplicationException;
import org.apache.commons.codec.binary.Base64;
import org.xbill.DNS.AAAARecord;
import org.xbill.DNS.ARecord;
import org.xbill.DNS.Cache;
import org.xbill.DNS.Lookup;
import org.xbill.DNS.SimpleResolver;
import org.xbill.DNS.TXTRecord;
import org.xbill.DNS.TextParseException;

@ApplicationScoped
@Startup
/* loaded from: input_file:com/tokera/ate/delegates/ImplicitSecurityDelegate.class */
public class ImplicitSecurityDelegate {

    @Inject
    private LoggerHook LOG;
    private SimpleResolver m_resolver;
    private static final Cache g_dnsCache = new Cache();
    private static Set<String> g_publicPartitions = new HashSet();
    private AteDelegate d = AteDelegate.get();
    private ConcurrentHashMap<String, String> enquireOverride = new ConcurrentHashMap<>();

    @PostConstruct
    public void init() {
        try {
            this.m_resolver = new SimpleResolver();
            this.m_resolver.setTCP(true);
            this.m_resolver.setTimeout(4);
            this.m_resolver.setAddress(InetAddress.getByName("8.8.8.8"));
        } catch (UnknownHostException e) {
            this.LOG.error(e);
        }
    }

    public void onRegisterPublicPartition(@Observes RegisterPublicTopicEvent registerPublicTopicEvent) {
        g_publicPartitions.add(registerPublicTopicEvent.getName());
    }

    public boolean checkPartitionIsPublic(String str) {
        return g_publicPartitions.contains(str);
    }

    public MessagePublicKeyDto enquireDomainKey(String str, boolean z) {
        return enquireDomainKey(this.d.bootstrapConfig.getImplicitAuthorityAlias(), str, z);
    }

    public MessagePublicKeyDto enquireDomainKey(String str, String str2, boolean z) {
        return enquireDomainKey(str, str2, z, str2);
    }

    public MessagePublicKeyDto enquireDomainKey(String str, String str2, boolean z, String str3) {
        String enquireDomainString = enquireDomainString(str + "." + str2, z);
        if (enquireDomainString == null) {
            if (z) {
                throw new RuntimeException("No implicit authority found at domain name [" + str + "." + str2 + "] (missing TXT record).");
            }
            return null;
        }
        MessagePublicKeyDto publicKeyOrNull = this.d.headIO.publicKeyOrNull(enquireDomainString);
        if (publicKeyOrNull == null) {
            publicKeyOrNull = this.d.currentRights.getRightsWrite().stream().filter(messagePrivateKeyDto -> {
                return enquireDomainString.equals(messagePrivateKeyDto.getPublicKeyHash());
            }).findFirst().orElse(null);
        }
        if (z && publicKeyOrNull == null) {
            throw new RuntimeException("No implicit authority found at domain name [" + str + "." + str2 + "] (missing public key record for [" + enquireDomainString + "]).");
        }
        if (publicKeyOrNull != null && str3 != null) {
            publicKeyOrNull.setAlias(str3);
        }
        return publicKeyOrNull;
    }

    public String generateDnsTxtRecord(MessagePublicKeyDto messagePublicKeyDto) {
        return generateDnsTxtRecord(messagePublicKeyDto, this.d.requestContext.getPartitionKeyScopeOrNull());
    }

    public String generateDnsTxtRecord(MessagePublicKeyDto messagePublicKeyDto, IPartitionKey iPartitionKey) {
        if (iPartitionKey == null) {
            return messagePublicKeyDto.getPublicKeyHash();
        }
        if (this.d.headIO.publicKeyOrNull(iPartitionKey, messagePublicKeyDto.getPublicKeyHash()) == null) {
            this.d.headIO.merge(iPartitionKey, messagePublicKeyDto);
        }
        return Base64.encodeBase64URLSafeString(new PartitionKeySerializer().write(iPartitionKey).getBytes()) + ":" + messagePublicKeyDto.getPublicKeyHash();
    }

    public List<String> enquireDomainAddresses(String str, boolean z) {
        if (str.contains(":")) {
            String[] split = str.split(":");
            if (split.length >= 1) {
                str = split[0];
            }
        }
        if (!str.endsWith(".")) {
            str = str + ".";
        }
        if ("localhost.".equalsIgnoreCase(str)) {
            return Collections.singletonList("127.0.0.1");
        }
        try {
            Lookup lookup = new Lookup(str, 255, 1);
            lookup.setResolver(this.m_resolver);
            lookup.setCache(g_dnsCache);
            ARecord[] run = lookup.run();
            if (lookup.getResult() != 0) {
                if (z && lookup.getResult() == 1) {
                    throw new WebApplicationException("Failed to lookup DNS record on [" + str + "] - " + lookup.getErrorString());
                }
                this.LOG.debug("dns(" + str + ")::" + lookup.getErrorString());
                return null;
            }
            ArrayList arrayList = new ArrayList();
            for (ARecord aRecord : run) {
                if (aRecord instanceof ARecord) {
                    arrayList.add(aRecord.getAddress().toString());
                }
                if (aRecord instanceof AAAARecord) {
                    arrayList.add(((AAAARecord) aRecord).getAddress().toString());
                }
            }
            return arrayList;
        } catch (TextParseException e) {
            if (z) {
                throw new WebApplicationException(e);
            }
            this.LOG.info("dns(" + str + ")::" + e.getMessage());
            return null;
        }
    }

    public String enquireDomainString(String str, boolean z) {
        String str2 = (String) MapTools.getOrNull(this.enquireOverride, str);
        if (str2 != null) {
            return str2;
        }
        Iterator<String> it = g_publicPartitions.iterator();
        while (it.hasNext()) {
            if ((this.d.bootstrapConfig.getImplicitAuthorityAlias() + "." + it.next()).equals(str)) {
                return null;
            }
        }
        try {
            String str3 = str;
            if (!str3.endsWith(".")) {
                str3 = str3 + ".";
            }
            Lookup lookup = new Lookup(str3, 255, 1);
            lookup.setResolver(this.m_resolver);
            lookup.setCache(g_dnsCache);
            TXTRecord[] run = lookup.run();
            if (lookup.getResult() != 0) {
                if (z && lookup.getResult() == 1) {
                    throw new WebApplicationException("Failed to lookup DNS record on [" + str + "] - " + lookup.getErrorString());
                }
                this.LOG.debug("dns(" + str + ")::" + lookup.getErrorString());
                return null;
            }
            for (TXTRecord tXTRecord : run) {
                if (tXTRecord instanceof TXTRecord) {
                    List strings = tXTRecord.getStrings();
                    if (!strings.isEmpty()) {
                        StringBuilder sb = new StringBuilder();
                        for (Object obj : strings) {
                            if (obj != null) {
                                sb.append(obj.toString());
                            }
                        }
                        return sb.toString();
                    }
                }
            }
            return null;
        } catch (TextParseException e) {
            if (z) {
                throw new WebApplicationException(e);
            }
            this.LOG.info("dns(" + str + ")::" + e.getMessage());
            return null;
        }
    }

    public ConcurrentHashMap<String, String> getEnquireOverride() {
        return this.enquireOverride;
    }

    static {
        g_dnsCache.setMaxNCache(300);
        g_dnsCache.setMaxCache(300);
        g_dnsCache.setMaxEntries(20000);
    }
}
