package org.eclipse.leshan.server.registration;

import java.net.InetSocketAddress;
import java.security.PublicKey;
import javax.xml.bind.DatatypeConverter;
import org.eclipse.leshan.ResponseCode;
import org.eclipse.leshan.core.request.DeregisterRequest;
import org.eclipse.leshan.core.request.RegisterRequest;
import org.eclipse.leshan.core.request.UpdateRequest;
import org.eclipse.leshan.core.response.LwM2mResponse;
import org.eclipse.leshan.core.response.RegisterResponse;
import org.eclipse.leshan.server.client.Client;
import org.eclipse.leshan.server.client.ClientRegistry;
import org.eclipse.leshan.server.client.ClientUpdate;
import org.eclipse.leshan.server.security.SecurityInfo;
import org.eclipse.leshan.server.security.SecurityStore;
import org.eclipse.leshan.util.RandomStringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/leshan/server/registration/RegistrationHandler.class */
public class RegistrationHandler {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) RegistrationHandler.class);
    private SecurityStore securityStore;
    private ClientRegistry clientRegistry;

    public RegistrationHandler(ClientRegistry clientRegistry, SecurityStore securityStore) {
        this.clientRegistry = clientRegistry;
        this.securityStore = securityStore;
    }

    public RegisterResponse register(RegisterRequest registerRequest) {
        if (registerRequest.getEndpointName() == null || registerRequest.getEndpointName().isEmpty()) {
            return new RegisterResponse(ResponseCode.BAD_REQUEST);
        }
        String createRegistrationId = createRegistrationId();
        SecurityInfo byEndpoint = this.securityStore.getByEndpoint(registerRequest.getEndpointName());
        InetSocketAddress registrationEndpoint = registerRequest.getRegistrationEndpoint();
        if (registerRequest.isSecure()) {
            PublicKey sourcePublicKey = registerRequest.getSourcePublicKey();
            String pskIdentity = registerRequest.getPskIdentity();
            if (byEndpoint == null) {
                LOG.debug("A client {} without security info try to connect through the secure endpont", registerRequest.getEndpointName());
                return new RegisterResponse(ResponseCode.FORBIDDEN);
            }
            if (pskIdentity != null) {
                LOG.debug("Registration request received using the secure endpoint {} with identity {}", registrationEndpoint, pskIdentity);
                if (pskIdentity == null || !pskIdentity.equals(byEndpoint.getIdentity())) {
                    LOG.warn("Invalid identity for client {}: expected '{}' but was '{}'", registerRequest.getEndpointName(), byEndpoint.getIdentity(), pskIdentity);
                    return new RegisterResponse(ResponseCode.FORBIDDEN);
                }
                LOG.debug("authenticated client {} using DTLS PSK", registerRequest.getEndpointName());
            } else {
                if (sourcePublicKey == null) {
                    LOG.warn("Unable to authenticate client {}: unknown authentication mode.", registerRequest.getEndpointName());
                    return new RegisterResponse(ResponseCode.FORBIDDEN);
                }
                LOG.debug("Registration request received using the secure endpoint {} with rpk {}", registrationEndpoint, DatatypeConverter.printHexBinary(sourcePublicKey.getEncoded()));
                if (sourcePublicKey == null || !sourcePublicKey.equals(byEndpoint.getRawPublicKey())) {
                    LOG.warn("Invalid rpk for client {}: expected \n'{}'\n but was \n'{}'", registerRequest.getEndpointName(), DatatypeConverter.printHexBinary(byEndpoint.getRawPublicKey().getEncoded()), DatatypeConverter.printHexBinary(sourcePublicKey.getEncoded()));
                    return new RegisterResponse(ResponseCode.FORBIDDEN);
                }
                LOG.debug("authenticated client {} using DTLS RPK", registerRequest.getEndpointName());
            }
        } else if (byEndpoint != null) {
            LOG.warn("client {} must connect using DTLS ", registerRequest.getEndpointName());
            return new RegisterResponse(ResponseCode.BAD_REQUEST);
        }
        Client client = new Client(createRegistrationId, registerRequest.getEndpointName(), registerRequest.getSourceAddress(), registerRequest.getSourcePort(), registerRequest.getLwVersion(), registerRequest.getLifetime(), registerRequest.getSmsNumber(), registerRequest.getBindingMode(), registerRequest.getObjectLinks(), registrationEndpoint);
        if (!this.clientRegistry.registerClient(client)) {
            return new RegisterResponse(ResponseCode.FORBIDDEN);
        }
        LOG.debug("New registered client: {}", client);
        return new RegisterResponse(ResponseCode.CREATED, client.getRegistrationId());
    }

    public LwM2mResponse update(UpdateRequest updateRequest) {
        return this.clientRegistry.updateClient(new ClientUpdate(updateRequest.getRegistrationId(), updateRequest.getAddress(), updateRequest.getPort(), updateRequest.getLifeTimeInSec(), updateRequest.getSmsNumber(), updateRequest.getBindingMode(), updateRequest.getObjectLinks())) == null ? new LwM2mResponse(ResponseCode.NOT_FOUND) : new LwM2mResponse(ResponseCode.CHANGED);
    }

    public LwM2mResponse deregister(DeregisterRequest deregisterRequest) {
        if (this.clientRegistry.deregisterClient(deregisterRequest.getRegistrationID()) != null) {
            return new LwM2mResponse(ResponseCode.DELETED);
        }
        LOG.debug("Invalid deregistration");
        return new LwM2mResponse(ResponseCode.NOT_FOUND);
    }

    private static String createRegistrationId() {
        return RandomStringUtils.random(10, true, true);
    }
}
