package com.networknt.openapi;

import com.networknt.body.BodyHandler;
import com.networknt.jsonoverlay.Overlay;
import com.networknt.oas.model.Parameter;
import com.networknt.oas.model.RequestBody;
import com.networknt.oas.model.impl.RequestBodyImpl;
import com.networknt.oas.model.impl.SchemaImpl;
import com.networknt.openapi.parameter.ParameterType;
import com.networknt.schema.SchemaValidatorsConfig;
import com.networknt.status.Status;
import com.networknt.utility.StringUtils;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.HeaderValues;
import io.undertow.util.Headers;
import io.undertow.util.HttpString;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Deque;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/openapi/RequestValidator.class */
public class RequestValidator {
    static final Logger logger = LoggerFactory.getLogger((Class<?>) RequestValidator.class);
    static final String VALIDATOR_REQUEST_BODY_UNEXPECTED = "ERR11013";
    static final String VALIDATOR_REQUEST_BODY_MISSING = "ERR11014";
    static final String VALIDATOR_REQUEST_PARAMETER_HEADER_MISSING = "ERR11017";
    static final String VALIDATOR_REQUEST_PARAMETER_QUERY_MISSING = "ERR11000";
    private final SchemaValidator schemaValidator;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/networknt/openapi/RequestValidator$ValidationResult.class */
    public class ValidationResult {
        private Set<Parameter> skippedParameters = new HashSet();
        private List<Status> statuses = new ArrayList();

        ValidationResult() {
        }

        public void addSkipped(Parameter parameter) {
            this.skippedParameters.add(parameter);
        }

        public void addStatus(Status status) {
            if (null != status) {
                this.statuses.add(status);
            }
        }

        public Set<Parameter> getSkippedParameters() {
            return Collections.unmodifiableSet(this.skippedParameters);
        }

        public Status getStatus() {
            if (this.statuses.isEmpty()) {
                return null;
            }
            return this.statuses.get(0);
        }

        public List<Status> getAllStatueses() {
            return Collections.unmodifiableList(this.statuses);
        }
    }

    public RequestValidator(SchemaValidator schemaValidator) {
        this.schemaValidator = (SchemaValidator) Objects.requireNonNull(schemaValidator, "A schema validator is required");
    }

    public Status validateRequest(NormalisedPath normalisedPath, HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        Objects.requireNonNull(normalisedPath, "A request path is required");
        Objects.requireNonNull(httpServerExchange, "An exchange is required");
        Objects.requireNonNull(openApiOperation, "An OpenAPI operation is required");
        Status validateRequestParameters = validateRequestParameters(httpServerExchange, normalisedPath, openApiOperation);
        if (validateRequestParameters != null) {
            return validateRequestParameters;
        }
        String first = httpServerExchange.getRequestHeaders().getFirst(Headers.CONTENT_TYPE);
        if (first == null || first.startsWith("application/json")) {
            Object attachment = httpServerExchange.getAttachment(BodyHandler.REQUEST_BODY);
            if (attachment == null && ValidatorHandler.config.skipBodyValidation) {
                return null;
            }
            validateRequestParameters = validateRequestBody(attachment, openApiOperation);
        }
        return validateRequestParameters;
    }

    private Status validateRequestBody(Object obj, OpenApiOperation openApiOperation) {
        RequestBody requestBody = openApiOperation.getOperation().getRequestBody();
        if (obj != null && requestBody == null) {
            return new Status(VALIDATOR_REQUEST_BODY_UNEXPECTED, openApiOperation.getMethod(), openApiOperation.getPathString().original());
        }
        if (requestBody == null || !Overlay.isPresent((RequestBodyImpl) requestBody)) {
            return null;
        }
        if (obj != null) {
            SchemaValidatorsConfig schemaValidatorsConfig = new SchemaValidatorsConfig();
            schemaValidatorsConfig.setTypeLoose(false);
            schemaValidatorsConfig.setHandleNullableField(ValidatorHandler.config.isHandleNullableField());
            return this.schemaValidator.validate(obj, Overlay.toJson((SchemaImpl) requestBody.getContentMediaType("application/json").getSchema()), schemaValidatorsConfig);
        }
        if (requestBody.getRequired() == null || !requestBody.getRequired().booleanValue()) {
            return null;
        }
        if (BodyHandler.config.isEnabled()) {
            return new Status(VALIDATOR_REQUEST_BODY_MISSING, openApiOperation.getMethod(), openApiOperation.getPathString().original());
        }
        logger.warn("Body object doesn't exist in exchange attachment. Most likely the BodyHandler is not in the request chain before RequestValidator or reqeust misses application/json content type header");
        return null;
    }

    private Status validateRequestParameters(HttpServerExchange httpServerExchange, NormalisedPath normalisedPath, OpenApiOperation openApiOperation) {
        Status validatePathParameters = validatePathParameters(httpServerExchange, normalisedPath, openApiOperation);
        if (validatePathParameters != null) {
            return validatePathParameters;
        }
        Status validateQueryParameters = validateQueryParameters(httpServerExchange, openApiOperation);
        if (validateQueryParameters != null) {
            return validateQueryParameters;
        }
        Status validateHeaderParameters = validateHeaderParameters(httpServerExchange, openApiOperation);
        if (validateHeaderParameters != null) {
            return validateHeaderParameters;
        }
        Status validateCookieParameters = validateCookieParameters(httpServerExchange, openApiOperation);
        if (validateCookieParameters != null) {
            return validateCookieParameters;
        }
        return null;
    }

    private Status validatePathParameters(HttpServerExchange httpServerExchange, NormalisedPath normalisedPath, OpenApiOperation openApiOperation) {
        ValidationResult validateDeserializedValues = validateDeserializedValues(httpServerExchange, openApiOperation.getOperation().getParameters(), ParameterType.PATH);
        if (null != validateDeserializedValues.getStatus() || validateDeserializedValues.getSkippedParameters().isEmpty()) {
            return validateDeserializedValues.getStatus();
        }
        for (int i = 0; i < openApiOperation.getPathString().parts().size(); i++) {
            if (openApiOperation.getPathString().isParam(i)) {
                String paramName = openApiOperation.getPathString().paramName(i);
                Optional<Parameter> findFirst = validateDeserializedValues.getSkippedParameters().stream().filter(parameter -> {
                    return parameter.getName().equalsIgnoreCase(paramName);
                }).findFirst();
                if (findFirst.isPresent()) {
                    String part = normalisedPath.part(i);
                    try {
                        part = URLDecoder.decode(normalisedPath.part(i), "UTF-8");
                    } catch (Exception e) {
                        logger.info("Path parameter cannot be decoded, it will be used directly");
                    }
                    return this.schemaValidator.validate(part, Overlay.toJson((SchemaImpl) findFirst.get().getSchema()));
                }
            }
        }
        return null;
    }

    private Status validateQueryParameters(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        ValidationResult validateDeserializedValues = validateDeserializedValues(httpServerExchange, openApiOperation.getOperation().getParameters(), ParameterType.QUERY);
        return (null != validateDeserializedValues.getStatus() || validateDeserializedValues.getSkippedParameters().isEmpty()) ? validateDeserializedValues.getStatus() : (Status) validateDeserializedValues.getSkippedParameters().stream().map(parameter -> {
            return validateQueryParameter(httpServerExchange, openApiOperation, parameter);
        }).filter(status -> {
            return status != null;
        }).findFirst().orElse(null);
    }

    private Status validateQueryParameter(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation, Parameter parameter) {
        Deque<String> deque = httpServerExchange.getQueryParameters().get(parameter.getName());
        if (deque != null && !deque.isEmpty()) {
            return deque.size() < 2 ? (Status) deque.stream().map(str -> {
                return this.schemaValidator.validate(str, Overlay.toJson((SchemaImpl) parameter.getSchema()));
            }).filter(status -> {
                return status != null;
            }).findFirst().orElse(null) : this.schemaValidator.validate(deque, Overlay.toJson((SchemaImpl) parameter.getSchema()));
        }
        if (parameter.getRequired() == null || !parameter.getRequired().booleanValue()) {
            return null;
        }
        return new Status(VALIDATOR_REQUEST_PARAMETER_QUERY_MISSING, parameter.getName(), openApiOperation.getPathString().original());
    }

    private Status validateHeaderParameters(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        Optional<Status> validatePathLevelHeaders = validatePathLevelHeaders(httpServerExchange, openApiOperation);
        return validatePathLevelHeaders.isPresent() ? validatePathLevelHeaders.get() : validateOperationLevelHeaders(httpServerExchange, openApiOperation).orElse(null);
    }

    private Optional<Status> validatePathLevelHeaders(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        ValidationResult validateDeserializedValues = validateDeserializedValues(httpServerExchange, openApiOperation.getPathObject().getParameters(), ParameterType.HEADER);
        return (null != validateDeserializedValues.getStatus() || validateDeserializedValues.getSkippedParameters().isEmpty()) ? Optional.ofNullable(validateDeserializedValues.getStatus()) : validateDeserializedValues.getSkippedParameters().stream().map(parameter -> {
            return validateHeader(httpServerExchange, openApiOperation, parameter);
        }).filter(status -> {
            return status != null;
        }).findFirst();
    }

    private Optional<Status> validateOperationLevelHeaders(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        ValidationResult validateDeserializedValues = validateDeserializedValues(httpServerExchange, openApiOperation.getOperation().getParameters(), ParameterType.HEADER);
        return (null != validateDeserializedValues.getStatus() || validateDeserializedValues.getSkippedParameters().isEmpty()) ? Optional.ofNullable(validateDeserializedValues.getStatus()) : validateDeserializedValues.getSkippedParameters().stream().map(parameter -> {
            return validateHeader(httpServerExchange, openApiOperation, parameter);
        }).filter(status -> {
            return status != null;
        }).findFirst();
    }

    private Status validateCookieParameters(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        Optional<Status> validatePathLevelCookies = validatePathLevelCookies(httpServerExchange, openApiOperation);
        return validatePathLevelCookies.isPresent() ? validatePathLevelCookies.get() : validateOperationLevelCookies(httpServerExchange, openApiOperation).orElse(null);
    }

    private Optional<Status> validatePathLevelCookies(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        ValidationResult validateDeserializedValues = validateDeserializedValues(httpServerExchange, openApiOperation.getPathObject().getParameters(), ParameterType.COOKIE);
        return (null != validateDeserializedValues.getStatus() || validateDeserializedValues.getSkippedParameters().isEmpty()) ? Optional.ofNullable(validateDeserializedValues.getStatus()) : validateDeserializedValues.getSkippedParameters().stream().map(parameter -> {
            return validateHeader(httpServerExchange, openApiOperation, parameter);
        }).filter(status -> {
            return status != null;
        }).findFirst();
    }

    private Optional<Status> validateOperationLevelCookies(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation) {
        ValidationResult validateDeserializedValues = validateDeserializedValues(httpServerExchange, openApiOperation.getOperation().getParameters(), ParameterType.COOKIE);
        return (null != validateDeserializedValues.getStatus() || validateDeserializedValues.getSkippedParameters().isEmpty()) ? Optional.ofNullable(validateDeserializedValues.getStatus()) : validateDeserializedValues.getSkippedParameters().stream().map(parameter -> {
            return validateHeader(httpServerExchange, openApiOperation, parameter);
        }).filter(status -> {
            return status != null;
        }).findFirst();
    }

    private Status validateHeader(HttpServerExchange httpServerExchange, OpenApiOperation openApiOperation, Parameter parameter) {
        HeaderValues headerValues = httpServerExchange.getRequestHeaders().get(new HttpString(parameter.getName()));
        if (headerValues != null && !headerValues.isEmpty()) {
            return (Status) headerValues.stream().map(str -> {
                return this.schemaValidator.validate(str, Overlay.toJson((SchemaImpl) parameter.getSchema()));
            }).filter(status -> {
                return status != null;
            }).findFirst().orElse(null);
        }
        if (parameter.getRequired().booleanValue()) {
            return new Status(VALIDATOR_REQUEST_PARAMETER_HEADER_MISSING, parameter.getName(), openApiOperation.getPathString().original());
        }
        return null;
    }

    private ValidationResult validateDeserializedValues(HttpServerExchange httpServerExchange, Collection<Parameter> collection, ParameterType parameterType) {
        ValidationResult validationResult = new ValidationResult();
        collection.stream().filter(parameter -> {
            return ParameterType.is(parameter.getIn(), parameterType);
        }).forEach(parameter2 -> {
            Object deserializedValue = getDeserializedValue(httpServerExchange, parameter2.getName(), parameterType);
            if (null == deserializedValue) {
                validationResult.addSkipped(parameter2);
            } else {
                validationResult.addStatus(this.schemaValidator.validate(deserializedValue, Overlay.toJson((SchemaImpl) parameter2.getSchema())));
            }
        });
        return validationResult;
    }

    private Object getDeserializedValue(HttpServerExchange httpServerExchange, String str, ParameterType parameterType) {
        if (null == parameterType || !StringUtils.isNotBlank(str)) {
            return null;
        }
        switch (parameterType) {
            case QUERY:
                return OpenApiHandler.getQueryParameters(httpServerExchange, true).get(str);
            case PATH:
                return OpenApiHandler.getPathParameters(httpServerExchange, true).get(str);
            case HEADER:
                return OpenApiHandler.getHeaderParameters(httpServerExchange, true).get(str);
            case COOKIE:
                return OpenApiHandler.getCookieParameters(httpServerExchange, true).get(str);
            default:
                return null;
        }
    }
}
