package org.ligoj.app.plugin.vm.azure;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.microsoft.aad.adal4j.AuthenticationCallback;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.ClientCredential;
import java.io.IOException;
import java.io.Serializable;
import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.EnumMap;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.function.BiFunction;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.cache.annotation.CacheKey;
import javax.cache.annotation.CacheResult;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import org.apache.commons.lang3.StringUtils;
import org.ligoj.app.api.SubscriptionStatusWithData;
import org.ligoj.app.dao.NodeRepository;
import org.ligoj.app.plugin.vm.Vm;
import org.ligoj.app.plugin.vm.VmNetwork;
import org.ligoj.app.plugin.vm.VmServicePlugin;
import org.ligoj.app.plugin.vm.azure.AzureVmList;
import org.ligoj.app.plugin.vm.dao.VmScheduleRepository;
import org.ligoj.app.plugin.vm.model.VmOperation;
import org.ligoj.app.plugin.vm.model.VmStatus;
import org.ligoj.app.resource.plugin.AbstractXmlApiToolPluginResource;
import org.ligoj.app.resource.plugin.CurlCacheToken;
import org.ligoj.app.resource.plugin.CurlProcessor;
import org.ligoj.app.resource.plugin.CurlRequest;
import org.ligoj.bootstrap.core.SpringUtils;
import org.ligoj.bootstrap.core.resource.BusinessException;
import org.ligoj.bootstrap.core.security.SecurityHelper;
import org.ligoj.bootstrap.core.validation.ValidationJsonException;
import org.ligoj.bootstrap.resource.system.configuration.ConfigurationResource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

@Produces({"application/json"})
@Path(VmAzurePluginResource.URL)
@Service
/* loaded from: input_file:org/ligoj/app/plugin/vm/azure/VmAzurePluginResource.class */
public class VmAzurePluginResource extends AbstractXmlApiToolPluginResource implements VmServicePlugin {
    public static final String DEFAULT_API_VERSION = "2017-03-30";
    public static final String DEFAULT_AUTHORITY = "https://login.windows.net/";
    private static final String DEFAULT_MANAGEMENT_URL = "https://management.azure.com/";
    private static final String COMPUTE_URL = "subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines";
    private static final String SIZES_URL = "subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/vmSizes?api-version={apiVersion}";
    private static final String VM_URL = "subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{vm}?$expand=instanceView&api-version={apiVersion}";
    private static final String FIND_VM_URL = "subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines?api-version={apiVersion}";
    private static final String OPERATION_VM = "subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{vm}/{operation}?api-version={apiVersion}";
    private static final Map<VmStatus, Map<VmOperation, VmOperation>> FAILSAFE_OPERATIONS;
    private static final String BUSY_CODE = "ing";
    private static final String UNDEPLOYED_CODE = "PowerState/deallocated";
    private static final Map<String, VmStatus> CODE_TO_STATUS;

    @Autowired
    private CurlCacheToken curlCacheToken;

    @Autowired
    private VmScheduleRepository vmScheduleRepository;

    @Autowired
    private SecurityHelper securityHelper;

    @Autowired
    private ConfigurationResource configuration;

    @Autowired
    private NodeRepository nodeRepository;

    @Autowired
    private ObjectMapper objectMapper;

    @Value("${saas.service-vm-azure-auth-retries:2}")
    private int retries;
    private static final Logger log = LoggerFactory.getLogger(VmAzurePluginResource.class);
    public static final String URL = "/service/vm/azure";
    public static final String KEY = URL.replace('/', ':').substring(1);
    public static final String PARAMETER_SUBSCRIPTION = KEY + ":subscription";
    public static final String PARAMETER_APPID = KEY + ":application";
    public static final String PARAMETER_KEY = KEY + ":key";
    public static final String PARAMETER_TENANT = KEY + ":tenant";
    public static final String PARAMETER_RESOURCE_GROUP = KEY + ":resource-group";
    public static final String PARAMETER_VM = KEY + ":name";
    public static final String CONF_API_VERSION = KEY + ":api";
    private static final String CONF_AUTHORITY = KEY + ":authority";
    private static final String CONF_MANAGEMENT_URL = KEY + ":management";
    private static final Map<VmOperation, String> OPERATION_TO_AZURE = new EnumMap(VmOperation.class);

    private static void registerOperation(VmStatus vmStatus, VmOperation vmOperation, VmOperation vmOperation2) {
        FAILSAFE_OPERATIONS.computeIfAbsent(vmStatus, vmStatus2 -> {
            return new EnumMap(VmOperation.class);
        });
        FAILSAFE_OPERATIONS.get(vmStatus).put(vmOperation, vmOperation2);
    }

    protected String authenticate(String str, String str2, String str3) {
        return this.curlCacheToken.getTokenCache(VmAzurePluginResource.class, str + "##" + str2 + "/" + str3, str4 -> {
            return getAccessTokenFromUserCredentials(str, str2, str3);
        }, this.retries, () -> {
            return new ValidationJsonException(PARAMETER_KEY, "azure-login", new Serializable[0]);
        });
    }

    private String getAccessTokenFromUserCredentials(String str, String str2, String str3) {
        ExecutorService newExecutorService = newExecutorService();
        try {
            try {
                String accessToken = newAuthenticationContext(str, newExecutorService).acquireToken(getManagementUrl(), new ClientCredential(str2, str3), (AuthenticationCallback) null).get().getAccessToken();
                newExecutorService.shutdown();
                return accessToken;
            } catch (InterruptedException | MalformedURLException | ExecutionException e) {
                log.info("Azure authentication failed for tenant {} and principal {}", new Object[]{str, str2, e});
                newExecutorService.shutdown();
                return null;
            }
        } catch (Throwable th) {
            newExecutorService.shutdown();
            throw th;
        }
    }

    protected ExecutorService newExecutorService() {
        return Executors.newFixedThreadPool(1);
    }

    protected AuthenticationContext newAuthenticationContext(String str, ExecutorService executorService) throws MalformedURLException {
        return new AuthenticationContext(getAuthority() + str, true, executorService);
    }

    private String getAuthority() {
        return this.configuration.get(CONF_AUTHORITY, DEFAULT_AUTHORITY);
    }

    private String getManagementUrl() {
        return this.configuration.get(CONF_MANAGEMENT_URL, DEFAULT_MANAGEMENT_URL);
    }

    private String getApiVersion() {
        return this.configuration.get(CONF_API_VERSION, DEFAULT_API_VERSION);
    }

    protected void authenticate(Map<String, String> map, AzureCurlProcessor azureCurlProcessor) {
        azureCurlProcessor.setToken(authenticate(StringUtils.trimToEmpty(map.get(PARAMETER_TENANT)), map.get(PARAMETER_APPID), StringUtils.trimToEmpty(map.get(PARAMETER_KEY))));
    }

    public void link(int i) throws Exception {
        getAzureVm(this.subscriptionResource.getParameters(i));
    }

    @GET
    @Path("{node:[a-z].*}/{criteria}")
    @Consumes({"application/json"})
    public List<AzureVm> findAllByName(@PathParam("node") String str, @PathParam("criteria") String str2) throws IOException {
        if (this.nodeRepository.findOneVisible(str, this.securityHelper.getLogin()) == null) {
            return Collections.emptyList();
        }
        return (List) ((AzureVmList) this.objectMapper.readValue(StringUtils.defaultString(getAzureResource(this.pvResource.getNodeParameters(str), FIND_VM_URL), "{\"value\":[]}"), AzureVmList.class)).getValue().stream().filter(azureVmEntry -> {
            return StringUtils.containsIgnoreCase(azureVmEntry.getName(), str2);
        }).map(azureVmEntry2 -> {
            return toVm(azureVmEntry2, null);
        }).sorted().collect(Collectors.toList());
    }

    private VmSize toVmSize(Map<String, String> map, String str, VmAzurePluginResource vmAzurePluginResource, String str2, String str3) {
        try {
            return vmAzurePluginResource.getInstanceSizes(str, str3, map).getOrDefault(str2, new VmSize(str2));
        } catch (IOException e) {
            return new VmSize(str2);
        }
    }

    private AzureVm toVm(AzureVmList.AzureVmEntry azureVmEntry, BiFunction<String, String, VmSize> biFunction) {
        AzureVm azureVm = new AzureVm();
        AzureVmList.AzureVmDetails properties = azureVmEntry.getProperties();
        azureVm.setId(azureVmEntry.getName());
        azureVm.setInternalId(properties.getVmId());
        azureVm.setName(azureVmEntry.getName());
        azureVm.setLocation(azureVmEntry.getLocation());
        if (biFunction != null) {
            VmSize apply = biFunction.apply(properties.getHardwareProfile().get("vmSize"), azureVmEntry.getLocation());
            azureVm.setCpu(apply.getNumberOfCores());
            azureVm.setRam(apply.getMemoryInMB());
        }
        AzureVmList.AzureVmOs imageReference = properties.getStorageProfile().getImageReference();
        if (imageReference.getOffer() == null) {
            azureVm.setOs(properties.getStorageProfile().getOsDisk().getOsType() + " (" + StringUtils.substringAfterLast(imageReference.getId(), "/") + ")");
        } else {
            azureVm.setOs(imageReference.getOffer() + " " + imageReference.getSku() + " " + imageReference.getPublisher());
        }
        azureVm.setDisk(properties.getStorageProfile().getOsDisk().getDiskSizeGB());
        return azureVm;
    }

    public AzureVm getVmDetails(Map<String, String> map) {
        String str = map.get(PARAMETER_VM);
        AzureCurlProcessor azureCurlProcessor = new AzureCurlProcessor();
        try {
            authenticate(map, azureCurlProcessor);
            AzureVmList.AzureVmEntry azureVmEntry = (AzureVmList.AzureVmEntry) readValue(getVmResource(str, map, azureCurlProcessor, VM_URL.replace("{vm}", str)), AzureVmList.AzureVmEntry.class);
            String str2 = map.get(PARAMETER_SUBSCRIPTION);
            VmAzurePluginResource vmAzurePluginResource = (VmAzurePluginResource) SpringUtils.getBean(VmAzurePluginResource.class);
            AzureVm vmStatus = toVmStatus(azureVmEntry, (str3, str4) -> {
                return toVmSize(map, str2, vmAzurePluginResource, str3, str4);
            });
            vmStatus.setNetworks(new ArrayList());
            getNetworkDetails(str, map, azureCurlProcessor, azureVmEntry.getProperties().getNetworkProfile().getNetworkInterfaces(), vmStatus.getNetworks());
            azureCurlProcessor.close();
            return vmStatus;
        } catch (Throwable th) {
            azureCurlProcessor.close();
            throw th;
        }
    }

    private String checkResponse(String str, String str2) {
        if (str2 == null) {
            throw new ValidationJsonException(PARAMETER_VM, "azure-vm", new Serializable[]{str});
        }
        return str2;
    }

    private void getNetworkDetails(String str, Map<String, String> map, AzureCurlProcessor azureCurlProcessor, Collection<AzureVmList.AzureVmNicRef> collection, Collection<VmNetwork> collection2) {
        collection.stream().map(azureVmNicRef -> {
            return getVmResource(str, map, azureCurlProcessor, azureVmNicRef.getId() + "?api-version=2017-09-01");
        }).forEach(str2 -> {
            getNicDetails(str, map, azureCurlProcessor, (AzureNic) readValue(str2, AzureNic.class), collection2);
        });
    }

    private String getVmResource(String str, Map<String, String> map, AzureCurlProcessor azureCurlProcessor, String str2) {
        return checkResponse(str, execute(azureCurlProcessor, "GET", buildUrl(map, str2), ""));
    }

    private void getNicDetails(String str, Map<String, String> map, AzureCurlProcessor azureCurlProcessor, AzureNic azureNic, Collection<VmNetwork> collection) {
        azureNic.getProperties().getIpConfigurations().stream().map((v0) -> {
            return v0.getProperties();
        }).peek(azureIpConfigurationProperties -> {
            collection.add(new VmNetwork("private", azureIpConfigurationProperties.getPrivateIPAddress(), (String) null));
        }).map((v0) -> {
            return v0.getPublicIPAddress();
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).map(azurePublicIpRef -> {
            return getVmResource(str, map, azureCurlProcessor, azurePublicIpRef.getId() + "?api-version=2017-09-01");
        }).map(str2 -> {
            return (AzurePublicIp) readValue(str2, AzurePublicIp.class);
        }).map((v0) -> {
            return v0.getProperties();
        }).forEach(azurePipProperties -> {
            collection.add(new VmNetwork("public", azurePipProperties.getIpAddress(), (String) Optional.ofNullable(azurePipProperties.getDnsSettings()).map((v0) -> {
                return v0.getFqdn();
            }).orElse(null)));
        });
    }

    private <T> T readValue(String str, Class<T> cls) {
        try {
            return (T) this.objectMapper.readValue(str, cls);
        } catch (IOException e) {
            throw new IllegalArgumentException(e);
        }
    }

    protected AzureVmList.AzureVmEntry getAzureVm(Map<String, String> map) throws IOException {
        String str = map.get(PARAMETER_VM);
        return (AzureVmList.AzureVmEntry) this.objectMapper.readValue(checkResponse(str, getAzureResource(map, VM_URL.replace("{vm}", str))), AzureVmList.AzureVmEntry.class);
    }

    private AzureVm toVmStatus(AzureVmList.AzureVmEntry azureVmEntry, BiFunction<String, String, VmSize> biFunction) {
        AzureVm vm = toVm(azureVmEntry, biFunction);
        List<AzureVmList.VmStatus> statuses = azureVmEntry.getProperties().getInstanceView().getStatuses();
        vm.setStatus(getStatus(statuses));
        vm.setBusy(isBusy(statuses));
        vm.setDeployed(isDeployed(statuses));
        return vm;
    }

    private VmStatus getStatus(List<AzureVmList.VmStatus> list) {
        Stream<R> map = list.stream().map((v0) -> {
            return v0.getCode();
        });
        Map<String, VmStatus> map2 = CODE_TO_STATUS;
        map2.getClass();
        return (VmStatus) map.map((v1) -> {
            return r1.get(v1);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).findFirst().orElse(null);
    }

    private boolean isBusy(List<AzureVmList.VmStatus> list) {
        return list.stream().map((v0) -> {
            return v0.getCode();
        }).filter(str -> {
            return str.startsWith("ProvisioningState");
        }).anyMatch(str2 -> {
            return str2.endsWith(BUSY_CODE);
        });
    }

    private boolean isDeployed(List<AzureVmList.VmStatus> list) {
        Stream<R> map = list.stream().map((v0) -> {
            return v0.getCode();
        });
        String str = UNDEPLOYED_CODE;
        return map.anyMatch((v1) -> {
            return r1.equals(v1);
        });
    }

    protected String getAzureResource(Map<String, String> map, String str) {
        return authenticateAndExecute(map, "GET", str);
    }

    protected String authenticateAndExecute(Map<String, String> map, String str, String str2) {
        AzureCurlProcessor azureCurlProcessor = new AzureCurlProcessor();
        authenticate(map, azureCurlProcessor);
        String execute = execute(azureCurlProcessor, str, buildUrl(map, str2), "");
        azureCurlProcessor.close();
        return execute;
    }

    private String buildUrl(Map<String, String> map, String str) {
        return getManagementUrl() + str.replace("{apiVersion}", getApiVersion()).replace("{resourceGroup}", map.getOrDefault(PARAMETER_RESOURCE_GROUP, "-")).replace("{subscriptionId}", map.getOrDefault(PARAMETER_SUBSCRIPTION, "-")).replace("{vm}", map.getOrDefault(PARAMETER_VM, "-"));
    }

    protected String execute(CurlProcessor curlProcessor, String str, String str2, String str3) {
        CurlRequest curlRequest = new CurlRequest(str, StringUtils.removeEnd(StringUtils.appendIfMissing(str2, "/", new CharSequence[0]) + StringUtils.removeStart(str3, "/"), "/"), (String) null, new String[0]);
        curlRequest.setSaveResponse(true);
        curlProcessor.process(new CurlRequest[]{curlRequest});
        return curlRequest.getResponse();
    }

    public String getKey() {
        return KEY;
    }

    private void validateAdminAccess(Map<String, String> map) {
        if (getAzureResource(map, FIND_VM_URL) == null) {
            throw new ValidationJsonException(PARAMETER_SUBSCRIPTION, "azure-admin", new Serializable[0]);
        }
    }

    public String getVersion(Map<String, String> map) {
        return getApiVersion();
    }

    public boolean checkStatus(Map<String, String> map) throws Exception {
        validateAdminAccess(map);
        return true;
    }

    public SubscriptionStatusWithData checkSubscriptionStatus(int i, String str, Map<String, String> map) throws Exception {
        SubscriptionStatusWithData subscriptionStatusWithData = new SubscriptionStatusWithData();
        subscriptionStatusWithData.put("vm", getVmDetails(map));
        subscriptionStatusWithData.put("schedules", Integer.valueOf(this.vmScheduleRepository.countBySubscription(i)));
        return subscriptionStatusWithData;
    }

    public void execute(int i, VmOperation vmOperation) throws Exception {
        Map<String, String> parametersNoCheck = this.subscriptionResource.getParametersNoCheck(i);
        VmStatus status = getVmDetails(parametersNoCheck).getStatus();
        VmOperation failSafeOperation = failSafeOperation(status, vmOperation);
        if (failSafeOperation == null) {
            log.info("Requested operation {} is marked as useless considering the status {} of vm {}", new Object[]{vmOperation, status, parametersNoCheck.get(PARAMETER_VM)});
        } else {
            checkSchedulerResponse(authenticateAndExecute(parametersNoCheck, "POST", OPERATION_VM.replace("{operation}", OPERATION_TO_AZURE.get(failSafeOperation))));
        }
    }

    private void checkSchedulerResponse(String str) {
        if (str == null) {
            throw new BusinessException("vm-operation-execute", new Serializable[0]);
        }
    }

    protected VmOperation failSafeOperation(VmStatus vmStatus, VmOperation vmOperation) {
        return (VmOperation) Optional.ofNullable(FAILSAFE_OPERATIONS.get(vmStatus)).map(map -> {
            return (VmOperation) map.get(vmOperation);
        }).orElse(null);
    }

    @CacheResult(cacheName = "azure-sizes")
    public Map<String, VmSize> getInstanceSizes(@CacheKey String str, @CacheKey String str2, Map<String, String> map) throws IOException {
        return (Map) ((VmSizes) this.objectMapper.readValue(StringUtils.defaultString(getAzureResource(map, SIZES_URL.replace("{subscriptionId}", str).replace("{location}", str2)), "{\"value\":[]}"), VmSizes.class)).getValue().stream().collect(Collectors.toMap((v0) -> {
            return v0.getName();
        }, Function.identity()));
    }

    /* renamed from: getVmDetails, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ Vm m168getVmDetails(Map map) throws Exception {
        return getVmDetails((Map<String, String>) map);
    }

    static {
        OPERATION_TO_AZURE.put(VmOperation.OFF, "powerOff");
        OPERATION_TO_AZURE.put(VmOperation.SHUTDOWN, "powerOff");
        OPERATION_TO_AZURE.put(VmOperation.ON, "start");
        OPERATION_TO_AZURE.put(VmOperation.REBOOT, "restart");
        OPERATION_TO_AZURE.put(VmOperation.RESET, "restart");
        FAILSAFE_OPERATIONS = new EnumMap(VmStatus.class);
        CODE_TO_STATUS = new HashMap();
        CODE_TO_STATUS.put("PowerState/running", VmStatus.POWERED_ON);
        CODE_TO_STATUS.put("PowerState/starting", VmStatus.POWERED_ON);
        CODE_TO_STATUS.put("PowerState/stopped", VmStatus.POWERED_OFF);
        CODE_TO_STATUS.put(UNDEPLOYED_CODE, VmStatus.POWERED_OFF);
        CODE_TO_STATUS.put("PowerState/deallocating", VmStatus.POWERED_OFF);
        CODE_TO_STATUS.put("PowerState/stopping", VmStatus.POWERED_OFF);
        registerOperation(VmStatus.POWERED_OFF, VmOperation.ON, VmOperation.ON);
        registerOperation(VmStatus.POWERED_OFF, VmOperation.RESET, VmOperation.ON);
        registerOperation(VmStatus.POWERED_OFF, VmOperation.REBOOT, VmOperation.ON);
        registerOperation(VmStatus.POWERED_ON, VmOperation.SHUTDOWN, VmOperation.SHUTDOWN);
        registerOperation(VmStatus.POWERED_ON, VmOperation.OFF, VmOperation.OFF);
        registerOperation(VmStatus.POWERED_ON, VmOperation.RESET, VmOperation.RESET);
        registerOperation(VmStatus.POWERED_ON, VmOperation.REBOOT, VmOperation.REBOOT);
    }
}
