package io.mangoo.admin;

import com.google.inject.Inject;
import com.google.re2j.Pattern;
import io.mangoo.cache.Cache;
import io.mangoo.cache.CacheImpl;
import io.mangoo.cache.CacheProvider;
import io.mangoo.core.Application;
import io.mangoo.core.Config;
import io.mangoo.crypto.Crypto;
import io.mangoo.enums.CacheName;
import io.mangoo.enums.Default;
import io.mangoo.enums.HmacShaAlgorithm;
import io.mangoo.enums.Key;
import io.mangoo.enums.Required;
import io.mangoo.enums.Template;
import io.mangoo.exceptions.MangooEncryptionException;
import io.mangoo.exceptions.MangooTokenException;
import io.mangoo.models.Metrics;
import io.mangoo.routing.Response;
import io.mangoo.routing.annotations.FilterWith;
import io.mangoo.routing.bindings.Form;
import io.mangoo.routing.bindings.Request;
import io.mangoo.services.EventBusService;
import io.mangoo.utils.MangooUtils;
import io.mangoo.utils.token.TokenBuilder;
import io.mangoo.utils.totp.TotpUtils;
import io.undertow.server.handlers.Cookie;
import io.undertow.server.handlers.CookieImpl;
import java.lang.management.ManagementFactory;
import java.lang.management.MemoryMXBean;
import java.security.KeyPair;
import java.time.Instant;
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.LongAdder;
import javax.management.Attribute;
import javax.management.ObjectName;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:io/mangoo/admin/AdminController.class */
public class AdminController {
    private static final Logger LOG = LogManager.getLogger(AdminController.class);
    private static final Pattern PATTERN = Pattern.compile("[^a-zA-Z0-9]");
    private static final String ENABLED = "enabled";
    private static final String ADMIN_INDEX = "/@admin";
    private static final String MANGOOIO_ADMIN_LOCK_COUNT = "mangooio-admin-lock-count";
    private static final String MANGOOIO_ADMIN_LOCKED_UNTIL = "mangooio-admin-locked-until";
    private static final String PERIOD = "30";
    private static final String DIGITS = "6";
    private static final String METRICS = "metrics";
    private static final double HUNDRED_PERCENT = 100.0d;
    private static final int ADMIN_LOGIN_MAX_RETRIES = 10;
    private static final long MEGABYTE = 1048576;
    private final Cache cache;
    private final CacheProvider cacheProvider;
    private final Config config;
    private final Crypto crypto;

    @Inject
    public AdminController(Crypto crypto, Config config, Cache cache, CacheProvider cacheProvider) {
        this.config = (Config) Objects.requireNonNull(config, Required.CONFIG.toString());
        this.crypto = (Crypto) Objects.requireNonNull(crypto, Required.CRYPTO.toString());
        this.cache = cacheProvider.getCache(CacheName.APPLICATION);
        this.cacheProvider = (CacheProvider) Objects.requireNonNull(cacheProvider, Required.CACHE_PROVIDER.toString());
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.time.ZonedDateTime] */
    @FilterWith({AdminFilter.class})
    public Response index() {
        Instant instant = Application.getStart().atZone(ZoneId.systemDefault()).toInstant();
        boolean isMetricsEnable = this.config.isMetricsEnable();
        EventBusService eventBusService = (EventBusService) Application.getInstance(EventBusService.class);
        if (!isMetricsEnable) {
            return Response.withOk().andContent(ENABLED, Boolean.FALSE).andContent("uptime", Date.from(instant)).andContent("events", Long.valueOf(eventBusService.getNumEvents())).andContent("listeners", Long.valueOf(eventBusService.getNumListeners())).andContent("warnings", this.cache.get(Key.MANGOOIO_WARNINGS.toString())).andTemplate(Template.DEFAULT.adminPath());
        }
        Metrics metrics = (Metrics) Application.getInstance(Metrics.class);
        long j = 0;
        long j2 = 0;
        for (Map.Entry<Integer, LongAdder> entry : metrics.getResponseMetrics().entrySet()) {
            if (String.valueOf(entry.getKey()).charAt(0) == '5') {
                j2 += entry.getValue().longValue();
            }
            j += entry.getValue().longValue();
        }
        return Response.withOk().andContent(ENABLED, Boolean.TRUE).andContent(METRICS, metrics.getResponseMetrics()).andContent("uptime", Date.from(instant)).andContent("warnings", this.cache.get(Key.MANGOOIO_WARNINGS.toString())).andContent("dataSend", MangooUtils.readableFileSize(metrics.getDataSend())).andContent("totalRequests", Long.valueOf(j)).andContent("minRequestTime", Integer.valueOf(metrics.getMinRequestTime())).andContent("avgRequestTime", Long.valueOf(metrics.getAvgRequestTime())).andContent("maxRequestTime", Integer.valueOf(metrics.getMaxRequestTime())).andContent("errorRate", Double.valueOf(j2 > 0 ? (HUNDRED_PERCENT / j) * j2 : 0.0d)).andContent("events", Long.valueOf(eventBusService.getNumEvents())).andContent("listeners", Long.valueOf(eventBusService.getNumListeners())).andTemplate(Template.DEFAULT.adminPath());
    }

    @FilterWith({AdminFilter.class})
    public Response logger() {
        return Response.withOk().andContent("loggers", LogManager.getContext(false).getLoggers()).andTemplate(Template.DEFAULT.loggerPath());
    }

    @FilterWith({AdminFilter.class})
    public Response cache() {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, Cache> entry : this.cacheProvider.getCaches().entrySet()) {
            hashMap.put(entry.getKey(), ((CacheImpl) entry.getValue()).getStats());
        }
        return Response.withOk().andContent("statistics", hashMap).andTemplate(Template.DEFAULT.cachePath());
    }

    public Response login() {
        return Response.withOk().andTemplate(Template.DEFAULT.loginPath());
    }

    public Response logout() {
        return Response.withRedirect(ADMIN_INDEX).andCookie(new CookieImpl(Default.ADMIN_COOKIE_NAME.toString()).setValue("").setHttpOnly(true).setSecure(Application.inProdMode()).setPath("/").setDiscard(true).setExpires(new Date()).setSameSite(true).setSameSiteMode("Strict"));
    }

    public Response authenticate(Form form) {
        form.expectValue("username");
        form.expectValue("password");
        if (isNotLocked() && form.isValid()) {
            if (isValidAuthentication(form)) {
                this.cache.resetCounter(MANGOOIO_ADMIN_LOCK_COUNT);
                return Response.withRedirect(ADMIN_INDEX).andCookie(getAdminCookie(true));
            }
            invalidAuthentication();
        }
        form.invalidate();
        form.keep();
        return Response.withRedirect("/@admin/login");
    }

    public Response verify(Form form) {
        form.expectValue("code");
        if (isNotLocked() && form.isValid()) {
            if (TotpUtils.verifiedTotp(this.config.getApplicationAdminSecret(), form.get("code"))) {
                return Response.withRedirect(ADMIN_INDEX).andCookie(getAdminCookie(false));
            }
            invalidAuthentication();
        }
        form.invalidate();
        form.keep();
        return Response.withRedirect("/@admin/twofactor");
    }

    public Response twofactor() {
        return Response.withOk().andTemplate(Template.DEFAULT.twofactorPath());
    }

    @FilterWith({AdminFilter.class})
    public Response loggerajax(Request request) {
        Map<String, Object> bodyAsJsonMap = request.getBodyAsJsonMap();
        if (bodyAsJsonMap != null && bodyAsJsonMap.size() > 0) {
            String obj = bodyAsJsonMap.get("class").toString();
            String obj2 = bodyAsJsonMap.get("level").toString();
            if (StringUtils.isNotBlank(obj) && StringUtils.isNotBlank(obj2)) {
                LogManager.getContext(false).getLoggers().stream().filter(logger -> {
                    return obj.equals(logger.getName());
                }).forEach(logger2 -> {
                    logger2.setLevel(Level.getLevel(obj2));
                });
            }
        }
        return Response.withOk().andEmptyBody();
    }

    @FilterWith({AdminFilter.class})
    public Response tools() {
        String applicationAdminSecret = this.config.getApplicationAdminSecret();
        String str = null;
        if (StringUtils.isBlank(applicationAdminSecret)) {
            applicationAdminSecret = TotpUtils.createSecret();
            str = TotpUtils.getQRCode("mangoo_IO_Admin", PATTERN.matcher(this.config.getApplicationName()).replaceAll(""), applicationAdminSecret, HmacShaAlgorithm.HMAC_SHA_512, DIGITS, PERIOD);
        }
        return Response.withOk().andContent("qrcode", str).andContent("secret", applicationAdminSecret).andTemplate(Template.DEFAULT.toolsPath());
    }

    @FilterWith({AdminFilter.class})
    public Response toolsajax(Request request) {
        Map<String, Object> bodyAsJsonMap = request.getBodyAsJsonMap();
        String str = "";
        if (bodyAsJsonMap != null && bodyAsJsonMap.size() > 0) {
            String obj = bodyAsJsonMap.get("function").toString();
            if ("keypair".equalsIgnoreCase(obj)) {
                KeyPair generateKeyPair = this.crypto.generateKeyPair();
                str = "{\"publickey\" : \"" + this.crypto.getKeyAsString(generateKeyPair.getPublic()) + "\", \"privatekey\" : \"" + this.crypto.getKeyAsString(generateKeyPair.getPrivate()) + "\"}";
            } else if ("encrypt".equalsIgnoreCase(obj)) {
                String obj2 = bodyAsJsonMap.get("cleartext").toString();
                try {
                    str = this.crypto.encrypt(obj2, this.crypto.getPublicKeyFromString(bodyAsJsonMap.get("key").toString()));
                } catch (MangooEncryptionException e) {
                    LOG.error("Failed to encrypt cleartext.", e);
                }
            } else {
                LOG.warn("Invalid or no function selected for AJAX request.");
            }
        }
        return Response.withOk().andJsonBody(str);
    }

    public Response health(Request request) {
        if (!isValidHeaderToken(request)) {
            return Response.withNotFound().andEmptyBody();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("cpu", getCpu());
        hashMap.put("memoty", getMemory());
        return Response.withOk().andJsonBody(hashMap);
    }

    private boolean isValidHeaderToken(Request request) {
        boolean z = false;
        String applicationAdminHealthToken = this.config.getApplicationAdminHealthToken();
        String header = request.getHeader(Default.APPLICATION_ADMIN_HEALTH_HEADER.toString());
        if (StringUtils.isNotBlank(applicationAdminHealthToken) && StringUtils.isNotBlank(header) && applicationAdminHealthToken.equals(header)) {
            z = true;
        }
        return z;
    }

    private boolean isValidAuthentication(Form form) {
        boolean z = false;
        if (checkAuthentication(form, this.config.getApplicationAdminUsername(), this.config.getApplicationAdminPassword())) {
            z = true;
        }
        return z;
    }

    private boolean checkAuthentication(Form form, String str, String str2) {
        return StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2) && str.equals(form.get("username")) && str2.equals(form.get("password"));
    }

    private Cookie getAdminCookie(boolean z) {
        TokenBuilder withClaim = TokenBuilder.create().withSharedSecret(this.config.getApplicationSecret()).withExpires(LocalDateTime.now().plusMinutes(30L)).withClaim("uuid", MangooUtils.randomString(32));
        if (z && StringUtils.isNotBlank(this.config.getApplicationAdminSecret())) {
            withClaim.withClaim("twofactor", Boolean.TRUE);
        }
        String str = "";
        try {
            str = withClaim.build();
        } catch (MangooTokenException e) {
            LOG.error("Failed to create admin cookie", e);
        }
        return new CookieImpl(Default.ADMIN_COOKIE_NAME.toString()).setValue(str).setHttpOnly(true).setSecure(Application.inProdMode()).setPath("/").setSameSite(true).setSameSiteMode("Strict");
    }

    private void invalidAuthentication() {
        AtomicInteger andIncrementCounter = this.cache.getAndIncrementCounter(MANGOOIO_ADMIN_LOCK_COUNT);
        if (andIncrementCounter.intValue() >= ADMIN_LOGIN_MAX_RETRIES) {
            this.cache.put(MANGOOIO_ADMIN_LOCKED_UNTIL, LocalDateTime.now().plusMinutes(60L));
        }
        this.cache.put(MANGOOIO_ADMIN_LOCK_COUNT, andIncrementCounter);
    }

    private boolean isNotLocked() {
        LocalDateTime localDateTime = (LocalDateTime) this.cache.get(MANGOOIO_ADMIN_LOCKED_UNTIL);
        return localDateTime == null || localDateTime.isBefore(LocalDateTime.now());
    }

    private Map<String, Double> getMemory() {
        MemoryMXBean memoryMXBean = ManagementFactory.getMemoryMXBean();
        return Map.of("initialMemory", Double.valueOf(memoryMXBean.getHeapMemoryUsage().getInit() / 1048576.0d), "usedMemory", Double.valueOf(memoryMXBean.getHeapMemoryUsage().getUsed() / 1048576.0d), "maxHeapMemory", Double.valueOf(memoryMXBean.getHeapMemoryUsage().getMax() / 1048576.0d), "committedMemory", Double.valueOf(memoryMXBean.getHeapMemoryUsage().getCommitted() / 1048576.0d));
    }

    private Double getCpu() {
        try {
            Optional map = Optional.ofNullable(ManagementFactory.getPlatformMBeanServer().getAttributes(ObjectName.getInstance("java.lang:type=OperatingSystem"), new String[]{"ProcessCpuLoad"})).map(attributeList -> {
                if (attributeList.isEmpty()) {
                    return null;
                }
                return attributeList;
            }).map((v0) -> {
                return v0.iterator();
            }).map((v0) -> {
                return v0.next();
            });
            Class<Attribute> cls = Attribute.class;
            Objects.requireNonNull(Attribute.class);
            Optional map2 = map.map(cls::cast).map((v0) -> {
                return v0.getValue();
            });
            Class<Double> cls2 = Double.class;
            Objects.requireNonNull(Double.class);
            return (Double) map2.map(cls2::cast).orElse(null);
        } catch (Exception e) {
            LOG.error("Failed to get process CPU load", e);
            return Double.valueOf(0.0d);
        }
    }
}
