package org.dasein.cloud.cloudsigma.network.firewall;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.Locale;
import javax.annotation.Nonnegative;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.log4j.Logger;
import org.dasein.cloud.CloudException;
import org.dasein.cloud.InternalException;
import org.dasein.cloud.OperationNotSupportedException;
import org.dasein.cloud.ProviderContext;
import org.dasein.cloud.Requirement;
import org.dasein.cloud.ResourceStatus;
import org.dasein.cloud.Tag;
import org.dasein.cloud.cloudsigma.CloudSigma;
import org.dasein.cloud.cloudsigma.CloudSigmaConfigurationException;
import org.dasein.cloud.cloudsigma.CloudSigmaMethod;
import org.dasein.cloud.cloudsigma.NoContextException;
import org.dasein.cloud.identity.ServiceAction;
import org.dasein.cloud.network.AbstractFirewallSupport;
import org.dasein.cloud.network.Direction;
import org.dasein.cloud.network.Firewall;
import org.dasein.cloud.network.FirewallCreateOptions;
import org.dasein.cloud.network.FirewallRule;
import org.dasein.cloud.network.Permission;
import org.dasein.cloud.network.Protocol;
import org.dasein.cloud.network.RuleTarget;
import org.dasein.cloud.network.RuleTargetType;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:org/dasein/cloud/cloudsigma/network/firewall/ServerFirewallSupport.class */
public class ServerFirewallSupport extends AbstractFirewallSupport {
    private static final Logger logger = CloudSigma.getLogger(ServerFirewallSupport.class);
    private CloudSigma provider;

    public ServerFirewallSupport(@Nonnull CloudSigma cloudSigma) {
        super(cloudSigma);
        this.provider = cloudSigma;
    }

    @Nonnull
    public String authorize(@Nonnull String str, @Nonnull Direction direction, @Nonnull Permission permission, @Nonnull RuleTarget ruleTarget, @Nonnull Protocol protocol, @Nonnull RuleTarget ruleTarget2, int i, int i2, @Nonnegative int i3) throws CloudException, InternalException {
        if (ruleTarget.getRuleTargetType().equals(RuleTargetType.GLOBAL)) {
            ruleTarget = null;
        } else if (ruleTarget.getRuleTargetType() != RuleTargetType.CIDR) {
            throw new OperationNotSupportedException("Target type " + ruleTarget.getRuleTargetType() + " for sourceEndpoint not supported in CloudSigma");
        }
        if (ruleTarget2.getRuleTargetType().equals(RuleTargetType.GLOBAL)) {
            ruleTarget2 = null;
        } else if (ruleTarget2.getRuleTargetType() != RuleTargetType.CIDR) {
            throw new OperationNotSupportedException("Target type " + ruleTarget2.getRuleTargetType() + " for destinationEndpoint not supported in CloudSigma");
        }
        CloudSigmaMethod cloudSigmaMethod = new CloudSigmaMethod(this.provider);
        try {
            JSONObject jSONObject = new JSONObject(cloudSigmaMethod.getString(toFirewallURL(str, "")));
            JSONArray jSONArray = jSONObject.getJSONArray("rules");
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("action", permission == Permission.ALLOW ? "accept" : "drop");
            jSONObject2.put("direction", direction == Direction.INGRESS ? "in" : "out");
            if (ruleTarget2 != null) {
                jSONObject2.put("dst_ip", ruleTarget2.getCidr());
            }
            jSONObject2.put("dst_port", String.valueOf(i) + ((i2 < 0 || i2 == i) ? "" : ":" + String.valueOf(i2)));
            jSONObject2.put("ip_proto", protocol == Protocol.TCP ? "tcp" : "udp");
            if (ruleTarget != null) {
                jSONObject2.put("src_ip", ruleTarget.getCidr());
            }
            jSONArray.put(jSONObject2);
            if (cloudSigmaMethod.putString(toFirewallURL(str, ""), jSONObject.toString()) != null) {
                return FirewallRule.getInstance((String) null, str, ruleTarget, direction, protocol, permission, ruleTarget2, i, i2).getProviderRuleId();
            }
            throw new CloudException("Firewall rule created but not found in response");
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    @Nonnull
    public String create(@Nonnull FirewallCreateOptions firewallCreateOptions) throws InternalException, CloudException {
        if (firewallCreateOptions.getProviderVlanId() != null) {
            throw new OperationNotSupportedException("Vlan firewall creation not supported");
        }
        CloudSigmaMethod cloudSigmaMethod = new CloudSigmaMethod(this.provider);
        try {
            JSONObject jSONObject = new JSONObject();
            JSONObject jSONObject2 = new JSONObject();
            JSONArray jSONArray = new JSONArray();
            jSONObject2.put("name", firewallCreateOptions.getName());
            jSONArray.put(jSONObject2);
            jSONObject.put("objects", jSONArray);
            JSONObject jSONObject3 = new JSONObject(cloudSigmaMethod.postString("/fwpolicies/", jSONObject.toString()));
            Firewall firewall = null;
            if (jSONObject3 != null) {
                firewall = toFirewall(jSONObject3.getJSONArray("objects").getJSONObject(0));
            }
            if (firewall == null) {
                throw new CloudException("Firewall created but no information was provided");
            }
            return firewall.getProviderFirewallId();
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    public void delete(@Nonnull String str) throws InternalException, CloudException {
        throw new OperationNotSupportedException("Deleting firewalls is not supported in CloudSigma api");
    }

    @Nullable
    public Firewall getFirewall(@Nonnull String str) throws InternalException, CloudException {
        if (str.length() <= 0) {
            throw new InternalException("Firewall id is null/empty!");
        }
        try {
            String string = new CloudSigmaMethod(this.provider).getString(toFirewallURL(str, ""));
            if (string != null) {
                return toFirewall(new JSONObject(string));
            }
            return null;
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    @Nonnull
    public String getProviderTermForFirewall(@Nonnull Locale locale) {
        return "firewall policy";
    }

    @Nonnull
    public Collection<FirewallRule> getRules(@Nonnull String str) throws InternalException, CloudException {
        ArrayList arrayList = new ArrayList();
        if (str.length() <= 0) {
            throw new InternalException("Firewall id is null/empty!");
        }
        try {
            String string = new CloudSigmaMethod(this.provider).getString(toFirewallURL(str, ""));
            if (string != null) {
                JSONArray jSONArray = new JSONObject(string).getJSONArray("rules");
                for (int i = 0; i < jSONArray.length(); i++) {
                    FirewallRule firewallRule = toFirewallRule(jSONArray.getJSONObject(i), str);
                    if (firewallRule != null) {
                        arrayList.add(firewallRule);
                    }
                }
            }
            return arrayList;
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    @Nonnull
    public Requirement identifyPrecedenceRequirement(boolean z) throws InternalException, CloudException {
        return Requirement.NONE;
    }

    public boolean isSubscribed() throws CloudException, InternalException {
        return true;
    }

    public boolean isZeroPrecedenceHighest() throws InternalException, CloudException {
        return true;
    }

    @Nonnull
    public Collection<Firewall> list() throws InternalException, CloudException {
        ArrayList arrayList = new ArrayList();
        CloudSigmaMethod cloudSigmaMethod = new CloudSigmaMethod(this.provider);
        boolean z = true;
        String str = "";
        while (z) {
            str = "/fwpolicies/detail/" + str;
            try {
                JSONObject list = cloudSigmaMethod.list(str);
                if (list == null) {
                    throw new CloudException("No firewall endpoint was found");
                }
                JSONArray jSONArray = list.getJSONArray("objects");
                for (int i = 0; i < jSONArray.length(); i++) {
                    Firewall firewall = toFirewall(jSONArray.getJSONObject(i));
                    if (firewall != null) {
                        arrayList.add(firewall);
                    }
                }
                if (list.has("meta")) {
                    JSONObject jSONObject = list.getJSONObject("meta");
                    if (!jSONObject.has("next") || jSONObject.isNull("next") || jSONObject.getString("next").equals("")) {
                        z = false;
                    } else {
                        String string = jSONObject.getString("next");
                        str = string.substring(string.indexOf("?"));
                        z = true;
                    }
                }
            } catch (JSONException e) {
                throw new InternalException(e);
            }
        }
        return arrayList;
    }

    @Nonnull
    public Iterable<ResourceStatus> listFirewallStatus() throws InternalException, CloudException {
        ArrayList arrayList = new ArrayList();
        CloudSigmaMethod cloudSigmaMethod = new CloudSigmaMethod(this.provider);
        boolean z = true;
        String str = "?fields=uuid";
        while (z) {
            str = "/fwpolicies/" + str;
            try {
                JSONObject list = cloudSigmaMethod.list(str);
                if (list == null) {
                    throw new CloudException("No firewall endpoint was found");
                }
                JSONArray jSONArray = list.getJSONArray("objects");
                for (int i = 0; i < jSONArray.length(); i++) {
                    ResourceStatus firewallStatus = toFirewallStatus(jSONArray.getJSONObject(i));
                    if (firewallStatus != null) {
                        arrayList.add(firewallStatus);
                    }
                }
                if (list.has("meta")) {
                    JSONObject jSONObject = list.getJSONObject("meta");
                    if (!jSONObject.has("next") || jSONObject.isNull("next") || jSONObject.getString("next").equals("")) {
                        z = false;
                    } else {
                        String string = jSONObject.getString("next");
                        str = string.substring(string.indexOf("?"));
                        z = true;
                    }
                }
            } catch (JSONException e) {
                throw new InternalException(e);
            }
        }
        return arrayList;
    }

    @Nonnull
    public Iterable<RuleTargetType> listSupportedDestinationTypes(boolean z) throws InternalException, CloudException {
        if (z) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(RuleTargetType.CIDR);
        return arrayList;
    }

    @Nonnull
    public Iterable<Direction> listSupportedDirections(boolean z) throws InternalException, CloudException {
        if (z) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(Direction.EGRESS);
        arrayList.add(Direction.INGRESS);
        return arrayList;
    }

    @Nonnull
    public Iterable<Permission> listSupportedPermissions(boolean z) throws InternalException, CloudException {
        if (z) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(Permission.ALLOW);
        arrayList.add(Permission.DENY);
        return arrayList;
    }

    @Nonnull
    public Iterable<RuleTargetType> listSupportedSourceTypes(boolean z) throws InternalException, CloudException {
        if (z) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(RuleTargetType.CIDR);
        return arrayList;
    }

    @Nonnull
    public String[] mapServiceAction(@Nonnull ServiceAction serviceAction) {
        return new String[0];
    }

    public void removeTags(@Nonnull String str, @Nonnull Tag... tagArr) throws CloudException, InternalException {
    }

    public void removeTags(@Nonnull String[] strArr, @Nonnull Tag... tagArr) throws CloudException, InternalException {
    }

    public void revoke(@Nonnull String str) throws InternalException, CloudException {
        FirewallRule firewallRule = null;
        Iterator<Firewall> it = list().iterator();
        while (it.hasNext()) {
            String providerFirewallId = it.next().getProviderFirewallId();
            if (providerFirewallId != null) {
                Iterator<FirewallRule> it2 = getRules(providerFirewallId).iterator();
                while (true) {
                    if (it2.hasNext()) {
                        FirewallRule next = it2.next();
                        if (str.equals(next.getProviderRuleId())) {
                            firewallRule = next;
                            break;
                        }
                    }
                }
            }
        }
        if (firewallRule == null) {
            throw new CloudException("Unable to parse rule ID: " + str);
        }
        revoke(str, firewallRule.getFirewallId());
    }

    public void revoke(@Nonnull String str, @Nonnull Direction direction, @Nonnull String str2, @Nonnull Protocol protocol, int i, int i2) throws CloudException, InternalException {
        revoke(str, direction, Permission.ALLOW, str2, protocol, RuleTarget.getGlobal(str), i, i2);
    }

    public void revoke(@Nonnull String str, @Nonnull Direction direction, @Nonnull Permission permission, @Nonnull String str2, @Nonnull Protocol protocol, int i, int i2) throws CloudException, InternalException {
        revoke(str, direction, permission, str2, protocol, RuleTarget.getGlobal(str), i, i2);
    }

    public void revoke(@Nonnull String str, @Nonnull Direction direction, @Nonnull Permission permission, @Nonnull String str2, @Nonnull Protocol protocol, @Nonnull RuleTarget ruleTarget, int i, int i2) throws CloudException, InternalException {
        revoke(FirewallRule.getRuleId(str, RuleTarget.getCIDR(str2), direction, protocol, permission, ruleTarget, i, i2), str);
    }

    private void revoke(@Nonnull String str, @Nonnull String str2) throws CloudException, InternalException {
        CloudSigmaMethod cloudSigmaMethod = new CloudSigmaMethod(this.provider);
        JSONArray jSONArray = new JSONArray();
        try {
            JSONObject jSONObject = new JSONObject(cloudSigmaMethod.getString(toFirewallURL(str2, "")));
            JSONArray jSONArray2 = jSONObject.getJSONArray("rules");
            for (int i = 0; i < jSONArray2.length(); i++) {
                JSONObject jSONObject2 = jSONArray2.getJSONObject(i);
                if (!toFirewallRule(jSONObject2, str2).getProviderRuleId().equalsIgnoreCase(str)) {
                    jSONArray.put(jSONObject2);
                }
            }
            jSONObject.put("rules", jSONArray);
            if (cloudSigmaMethod.putString(toFirewallURL(str2, ""), jSONObject.toString()) == null) {
                throw new CloudException("Unable to locate firewall endpoint in CloudSigma");
            }
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    public boolean supportsRules(@Nonnull Direction direction, @Nonnull Permission permission, boolean z) throws CloudException, InternalException {
        return !z;
    }

    public boolean supportsFirewallCreation(boolean z) throws CloudException, InternalException {
        return !z;
    }

    public boolean supportsFirewallSources() throws CloudException, InternalException {
        return false;
    }

    public void updateTags(@Nonnull String str, @Nonnull Tag... tagArr) throws CloudException, InternalException {
    }

    public void updateTags(@Nonnull String[] strArr, @Nonnull Tag... tagArr) throws CloudException, InternalException {
    }

    private Firewall toFirewall(JSONObject jSONObject) throws CloudException, InternalException {
        String string;
        if (jSONObject == null) {
            return null;
        }
        ProviderContext context = this.provider.getContext();
        if (context == null) {
            throw new NoContextException();
        }
        String regionId = context.getRegionId();
        if (regionId == null) {
            throw new CloudSigmaConfigurationException("No region was specified for this request");
        }
        Firewall firewall = new Firewall();
        try {
            firewall.setProviderFirewallId(jSONObject.getString("uuid"));
            if (jSONObject.has("name") && !jSONObject.isNull("name") && (string = jSONObject.getString("name")) != null) {
                firewall.setName(string);
                firewall.setDescription(string);
            }
            firewall.setActive(true);
            firewall.setAvailable(true);
            firewall.setRegionId(regionId);
            return firewall;
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    private ResourceStatus toFirewallStatus(JSONObject jSONObject) throws CloudException, InternalException {
        if (jSONObject == null) {
            return null;
        }
        ProviderContext context = this.provider.getContext();
        if (context == null) {
            throw new NoContextException();
        }
        if (context.getRegionId() == null) {
            throw new CloudSigmaConfigurationException("No region was specified for this request");
        }
        try {
            return new ResourceStatus(jSONObject.getString("uuid"), true);
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    private FirewallRule toFirewallRule(JSONObject jSONObject, String str) throws CloudException, InternalException {
        if (jSONObject == null) {
            return null;
        }
        ProviderContext context = this.provider.getContext();
        if (context == null) {
            throw new NoContextException();
        }
        if (context.getRegionId() == null) {
            throw new CloudSigmaConfigurationException("No region was specified for this request");
        }
        RuleTarget ruleTarget = null;
        Direction direction = null;
        Protocol protocol = null;
        Permission permission = null;
        RuleTarget ruleTarget2 = null;
        int i = -1;
        int i2 = -1;
        try {
            if (jSONObject.has("src_ip") && !jSONObject.isNull("src_ip")) {
                ruleTarget = RuleTarget.getCIDR(jSONObject.getString("src_ip"));
            }
            if (jSONObject.has("direction")) {
                direction = jSONObject.getString("direction").equalsIgnoreCase("in") ? Direction.INGRESS : Direction.EGRESS;
            }
            if (jSONObject.has("ip_proto") && !jSONObject.isNull("ip_proto")) {
                String string = jSONObject.getString("ip_proto");
                if (string.equalsIgnoreCase("tcp")) {
                    protocol = Protocol.TCP;
                } else if (string.equalsIgnoreCase("udp")) {
                    protocol = Protocol.UDP;
                }
            }
            if (jSONObject.has("action")) {
                String string2 = jSONObject.getString("action");
                if (string2.equalsIgnoreCase("accept")) {
                    permission = Permission.ALLOW;
                } else if (string2.equalsIgnoreCase("drop")) {
                    permission = Permission.DENY;
                }
            }
            if (jSONObject.has("dst_ip") && !jSONObject.isNull("dst_ip")) {
                ruleTarget2 = RuleTarget.getCIDR(jSONObject.getString("dst_ip"));
            }
            if (jSONObject.has("dst_port") && !jSONObject.isNull("dst_port")) {
                String string3 = jSONObject.getString("dst_port");
                if (string3.indexOf(":") > -1) {
                    i = Integer.parseInt(string3.substring(0, string3.indexOf(":")));
                    i2 = Integer.parseInt(string3.substring(string3.indexOf(":") + 1, string3.length()));
                } else {
                    i = Integer.parseInt(string3);
                    i2 = i;
                }
            }
            if (ruleTarget == null) {
                ruleTarget = RuleTarget.getGlobal(str);
            }
            if (ruleTarget2 == null) {
                ruleTarget2 = RuleTarget.getGlobal(str);
            }
            return FirewallRule.getInstance((String) null, str, ruleTarget, direction, protocol, permission, ruleTarget2, i, i2);
        } catch (JSONException e) {
            throw new InternalException(e);
        }
    }

    @Nonnull
    private String toFirewallURL(@Nonnull String str, @Nonnull String str2) throws InternalException {
        try {
            return "/fwpolicies/" + URLEncoder.encode(str, "utf-8") + "/" + str2;
        } catch (UnsupportedEncodingException e) {
            logger.error("UTF-8 not supported: " + e.getMessage());
            throw new InternalException(e);
        }
    }
}
