package com.networknt.rpc.router;

import com.fasterxml.jackson.core.type.TypeReference;
import com.networknt.colfer.ColferRpc;
import com.networknt.config.Config;
import com.networknt.exception.ExpiredTokenException;
import com.networknt.handler.LightHttpHandler;
import com.networknt.httpstring.AttachmentConstants;
import com.networknt.httpstring.HttpStringConstants;
import com.networknt.rpc.Handler;
import com.networknt.rpc.security.JwtVerifyHandler;
import com.networknt.security.JwtVerifier;
import com.networknt.status.Status;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.form.FormData;
import io.undertow.util.Headers;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.MalformedClaimException;
import org.jose4j.jwt.consumer.InvalidJwtException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/rpc/router/AbstractRpcHandler.class */
public abstract class AbstractRpcHandler implements LightHttpHandler {
    private static final String SCHEMA = "schema.json";
    private static final String ENABLE_VERIFY_JWT = "enableVerifyJwt";
    private static final String ENABLE_VERIFY_SCOPE = "enableVerifyScope";
    private static final String STATUS_INVALID_SCOPE_TOKEN = "ERR10003";
    private static final String STATUS_SCOPE_TOKEN_EXPIRED = "ERR10004";
    private static final String STATUS_AUTH_TOKEN_SCOPE_MISMATCH = "ERR10005";
    private static final String STATUS_SCOPE_TOKEN_SCOPE_MISMATCH = "ERR10006";
    private static final Logger logger = LoggerFactory.getLogger(AbstractRpcHandler.class);
    public static Map<String, Object> schema = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    public void completeExchange(ByteBuffer byteBuffer, HttpServerExchange httpServerExchange) {
        if (byteBuffer != null) {
            httpServerExchange.getResponseSender().send(byteBuffer);
        } else {
            httpServerExchange.setStatusCode(200);
            httpServerExchange.endExchange();
        }
    }

    public String getServiceId(Map<String, Object> map) {
        return (map.get("host") == null ? "" : map.get("host") + "/") + (map.get("service") == null ? "" : map.get("service") + "/") + (map.get("action") == null ? "" : map.get("action") + "/") + (map.get("version") == null ? "" : map.get("version"));
    }

    public String getServiceId(ColferRpc colferRpc) {
        return (colferRpc.host == null ? "" : colferRpc.host + "/") + (colferRpc.service == null ? "" : colferRpc.service + "/") + (colferRpc.action == null ? "" : colferRpc.action + "/") + (colferRpc.version == null ? "" : colferRpc.version);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getServiceId(FormData formData) {
        return (formData.contains("host") ? ((FormData.FormValue) formData.get("host").peek()).getValue() + "/" : "") + (formData.contains("service") ? ((FormData.FormValue) formData.get("service").peek()).getValue() + "/" : "") + (formData.contains("action") ? ((FormData.FormValue) formData.get("action").peek()).getValue() + "/" : "") + (formData.contains("version") ? ((FormData.FormValue) formData.get("version").peek()).getValue() : "");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void verifyJwt(Map<String, Object> map, String str, HttpServerExchange httpServerExchange) {
        Status verifyScope;
        if (map == null || !((Boolean) map.get(ENABLE_VERIFY_JWT)).booleanValue() || !((Boolean) map.get(ENABLE_VERIFY_SCOPE)).booleanValue() || (verifyScope = verifyScope(httpServerExchange, (String) ((Map) schema.get(str)).get("scope"))) == null) {
            return;
        }
        httpServerExchange.setStatusCode(verifyScope.getStatusCode());
        httpServerExchange.getResponseHeaders().put(Headers.CONTENT_TYPE, "application/json");
        httpServerExchange.getResponseSender().send(verifyScope.toString());
    }

    private Status verifyScope(HttpServerExchange httpServerExchange, String str) {
        String first = httpServerExchange.getRequestHeaders().getFirst(HttpStringConstants.SCOPE_TOKEN);
        JwtVerifier jwtVerifier = JwtVerifyHandler.jwtVerifier;
        String jwtFromAuthorization = JwtVerifier.getJwtFromAuthorization(first);
        List<String> list = null;
        Map map = (Map) httpServerExchange.getAttachment(AttachmentConstants.AUDIT_INFO);
        if (jwtFromAuthorization != null) {
            try {
                JwtClaims verifyJwt = JwtVerifyHandler.jwtVerifier.verifyJwt(jwtFromAuthorization, false, true);
                list = verifyJwt.getStringListClaimValue("scope");
                map.put("scope_client_id", verifyJwt.getStringClaimValue("client_id"));
                map.put("access_claims", verifyJwt);
            } catch (InvalidJwtException | MalformedClaimException e) {
                logger.error("InvalidJwtException", e);
                return new Status(STATUS_INVALID_SCOPE_TOKEN, new Object[0]);
            } catch (ExpiredTokenException e2) {
                logger.error("ExpiredTokenException", e2);
                return new Status(STATUS_SCOPE_TOKEN_EXPIRED, new Object[0]);
            }
        }
        List<String> asList = str == null ? null : Arrays.asList(str.split("\\s+"));
        if (first != null) {
            if (list != null && matchedScopes(list, asList)) {
                return null;
            }
            if (logger.isDebugEnabled()) {
                logger.debug("Scopes " + list + " and specification token " + asList + " are not matched in scope token");
            }
            return new Status(STATUS_SCOPE_TOKEN_SCOPE_MISMATCH, new Object[]{list, asList});
        }
        String str2 = (String) map.get("scope");
        List<String> asList2 = str2 == null ? null : Arrays.asList(str2.substring(1, str2.length() - 1).split(","));
        if (matchedScopes(asList2, asList)) {
            return null;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Authorization jwt token scope " + asList2 + " is not matched with " + asList);
        }
        return new Status(STATUS_AUTH_TOKEN_SCOPE_MISMATCH, new Object[]{asList2, asList});
    }

    private boolean matchedScopes(List<String> list, List<String> list2) {
        boolean z = false;
        if (list2 == null || list2.size() <= 0) {
            z = true;
        } else if (list != null && list.size() > 0) {
            Iterator<String> it = list2.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (list.contains(it.next())) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Handler getHandlerOrPopulateExchange(String str, HttpServerExchange httpServerExchange) {
        Handler handler = RpcStartupHookProvider.serviceMap.get(str);
        if (handler != null) {
            return handler;
        }
        setExchangeStatus(httpServerExchange, "ERR11200", new Object[]{str});
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void handleFormDataRequest(Handler handler, FormData formData, HttpServerExchange httpServerExchange) {
        completeExchange(handler.handle(httpServerExchange, formData), httpServerExchange);
    }

    static {
        try {
            Enumeration<URL> resources = JsonHandler.class.getClassLoader().getResources(SCHEMA);
            while (resources.hasMoreElements()) {
                URL nextElement = resources.nextElement();
                if (logger.isDebugEnabled()) {
                    logger.debug("schema file = " + nextElement);
                }
                InputStream openStream = nextElement.openStream();
                Throwable th = null;
                try {
                    try {
                        schema.putAll((Map) Config.getInstance().getMapper().readValue(openStream, new TypeReference<Map<String, Object>>() { // from class: com.networknt.rpc.router.AbstractRpcHandler.1
                        }));
                        if (openStream != null) {
                            if (0 != 0) {
                                try {
                                    openStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                openStream.close();
                            }
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } finally {
                }
            }
            if (logger.isDebugEnabled()) {
                logger.debug("schema = " + Config.getInstance().getMapper().writeValueAsString(schema));
            }
        } catch (IOException e) {
            logger.error("Error loading schema.json files from service jars", e);
        }
    }
}
