package org.wso2.carbon.apimgt.gateway.handlers.security.basicauth;

import io.swagger.v3.oas.models.OpenAPI;
import java.net.MalformedURLException;
import java.net.URL;
import java.rmi.RemoteException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import javax.cache.Cache;
import javax.cache.Caching;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
import org.wso2.carbon.apimgt.gateway.MethodStats;
import org.wso2.carbon.apimgt.gateway.MethodTimeLogger;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityConstants;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException;
import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.gateway.threatprotection.utils.ThreatProtectorConstants;
import org.wso2.carbon.apimgt.gateway.throttling.util.ThrottleConstants;
import org.wso2.carbon.apimgt.gateway.utils.OpenAPIUtils;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.authenticator.stub.AuthenticationAdminStub;
import org.wso2.carbon.authenticator.stub.LoginAuthenticationExceptionException;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceStub;
import org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceUserStoreExceptionException;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator.class */
public class BasicAuthCredentialValidator {
    private static boolean gatewayUsernameCacheInit;
    private static boolean gatewayBasicAuthResourceCacheInit;
    private AuthenticationAdminStub authAdminStub;
    private RemoteUserStoreManagerServiceStub remoteUserStoreManagerServiceStub;
    private String host;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;
    private static final JoinPoint.StaticPart ajc$tjp_5 = null;
    private static final JoinPoint.StaticPart ajc$tjp_6 = null;
    private static final JoinPoint.StaticPart ajc$tjp_7 = null;
    private static final JoinPoint.StaticPart ajc$tjp_8 = null;
    private static final JoinPoint.StaticPart ajc$tjp_9 = null;
    private static final JoinPoint.StaticPart ajc$tjp_10 = null;
    private static final JoinPoint.StaticPart ajc$tjp_11 = null;
    protected Log log = LogFactory.getLog(getClass());
    private boolean gatewayKeyCacheEnabled = isGatewayTokenCacheEnabled();

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(BasicAuthCredentialValidator.validate_aroundBody0((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (String) objArr2[2], (JoinPoint) objArr2[3]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure11.class */
    public class AjcClosure11 extends AroundClosure {
        public AjcClosure11(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getGatewayUsernameCache_aroundBody10((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure13.class */
    public class AjcClosure13 extends AroundClosure {
        public AjcClosure13(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getInvalidUsernameCache_aroundBody12((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure15.class */
    public class AjcClosure15 extends AroundClosure {
        public AjcClosure15(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.createCache_aroundBody14((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], Conversions.longValue(objArr2[2]), Conversions.longValue(objArr2[3]), (JoinPoint) objArr2[4]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure17.class */
    public class AjcClosure17 extends AroundClosure {
        public AjcClosure17(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getApiManagerConfiguration_aroundBody16((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure19.class */
    public class AjcClosure19 extends AroundClosure {
        public AjcClosure19(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getCacheFromCacheManager_aroundBody18((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure21.class */
    public class AjcClosure21 extends AroundClosure {
        public AjcClosure21(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.longObject(BasicAuthCredentialValidator.getDefaultCacheTimeout_aroundBody20((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure23.class */
    public class AjcClosure23 extends AroundClosure {
        public AjcClosure23(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(BasicAuthCredentialValidator.isGatewayTokenCacheEnabled_aroundBody22((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(BasicAuthCredentialValidator.validateScopes_aroundBody2((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (OpenAPI) objArr2[2], (MessageContext) objArr2[3], (JoinPoint) objArr2[4]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getUserRoles_aroundBody4((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.hashString_aroundBody6((BasicAuthCredentialValidator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthCredentialValidator$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthCredentialValidator.getGatewayBasicAuthResourceCache_aroundBody8((BasicAuthCredentialValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    static {
        ajc$preClinit();
        gatewayUsernameCacheInit = false;
        gatewayBasicAuthResourceCacheInit = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BasicAuthCredentialValidator() throws APISecurityException {
        getGatewayUsernameCache();
        ConfigurationContext axis2ConfigurationContext = ServiceReferenceHolder.getInstance().getAxis2ConfigurationContext();
        APIManagerConfiguration aPIManagerConfiguration = ServiceReferenceHolder.getInstance().getAPIManagerConfiguration();
        String firstProperty = aPIManagerConfiguration.getFirstProperty("APIKeyValidator.ServerURL");
        if (firstProperty == null) {
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, "API key manager URL unspecified");
        }
        try {
            this.authAdminStub = new AuthenticationAdminStub(axis2ConfigurationContext, String.valueOf(firstProperty) + "AuthenticationAdmin");
            try {
                this.remoteUserStoreManagerServiceStub = new RemoteUserStoreManagerServiceStub(axis2ConfigurationContext, String.valueOf(firstProperty) + "RemoteUserStoreManagerService");
                CarbonUtils.setBasicAccessSecurityHeaders(aPIManagerConfiguration.getFirstProperty("AuthManager.Username"), aPIManagerConfiguration.getFirstProperty("AuthManager.Password"), this.remoteUserStoreManagerServiceStub._getServiceClient());
                try {
                    this.host = new URL(firstProperty).getHost();
                } catch (MalformedURLException e) {
                    throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e.getMessage(), e);
                }
            } catch (AxisFault e2) {
                throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e2.getMessage(), e2);
            }
        } catch (AxisFault e3) {
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e3.getMessage(), e3);
        }
    }

    @MethodStats
    public boolean validate(String str, String str2) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, str, str2);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) || MethodTimeLogger.isConfigEnabled()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, str, str2, makeJP}).linkClosureAndJoinPoint(69648))) : validate_aroundBody0(this, str, str2, makeJP);
    }

    @MethodStats
    public boolean validateScopes(String str, OpenAPI openAPI, MessageContext messageContext) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, new Object[]{str, openAPI, messageContext});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) || MethodTimeLogger.isConfigEnabled()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, str, openAPI, messageContext, makeJP}).linkClosureAndJoinPoint(69648))) : validateScopes_aroundBody2(this, str, openAPI, messageContext, makeJP);
    }

    private String[] getUserRoles(String str) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String[]) MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : getUserRoles_aroundBody4(this, str, makeJP);
    }

    private String hashString(String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : hashString_aroundBody6(this, str, makeJP);
    }

    private Cache getGatewayBasicAuthResourceCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_4, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure9(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getGatewayBasicAuthResourceCache_aroundBody8(this, makeJP);
    }

    private Cache getGatewayUsernameCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_5, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure11(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getGatewayUsernameCache_aroundBody10(this, makeJP);
    }

    private Cache getInvalidUsernameCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_6, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure13(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getInvalidUsernameCache_aroundBody12(this, makeJP);
    }

    private Cache createCache(String str, long j, long j2) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_7, this, this, new Object[]{str, Conversions.longObject(j), Conversions.longObject(j2)});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure15(new Object[]{this, str, Conversions.longObject(j), Conversions.longObject(j2), makeJP}).linkClosureAndJoinPoint(69648)) : createCache_aroundBody14(this, str, j, j2, makeJP);
    }

    private APIManagerConfiguration getApiManagerConfiguration() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_8, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (APIManagerConfiguration) MethodTimeLogger.aspectOf().log(new AjcClosure17(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getApiManagerConfiguration_aroundBody16(this, makeJP);
    }

    private Cache getCacheFromCacheManager(String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_9, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure19(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : getCacheFromCacheManager_aroundBody18(this, str, makeJP);
    }

    private long getDefaultCacheTimeout() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_10, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? Conversions.longValue(MethodTimeLogger.aspectOf().log(new AjcClosure21(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648))) : getDefaultCacheTimeout_aroundBody20(this, makeJP);
    }

    private boolean isGatewayTokenCacheEnabled() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_11, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure23(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648))) : isGatewayTokenCacheEnabled_aroundBody22(this, makeJP);
    }

    static final boolean validate_aroundBody0(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, String str2, JoinPoint joinPoint) {
        String str3 = null;
        if (basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
            str3 = basicAuthCredentialValidator.hashString(str2);
            String str4 = (String) basicAuthCredentialValidator.getGatewayUsernameCache().get(str);
            if (str4 != null && str4.equals(str3)) {
                basicAuthCredentialValidator.log.debug("Basic Authentication: <Valid Username Cache> Username & password authenticated");
                return true;
            }
            String str5 = (String) basicAuthCredentialValidator.getInvalidUsernameCache().get(str);
            if (str5 != null && str5.equals(str3)) {
                basicAuthCredentialValidator.log.debug("Basic Authentication: <Invalid Username Cache> Username & password authentication failed");
                return false;
            }
        }
        try {
            boolean login = basicAuthCredentialValidator.authAdminStub.login(str, str2, basicAuthCredentialValidator.host);
            if (basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                if (login) {
                    basicAuthCredentialValidator.getGatewayUsernameCache().put(str, str3);
                } else {
                    basicAuthCredentialValidator.getInvalidUsernameCache().put(str, str3);
                }
            }
            return login;
        } catch (RemoteException | LoginAuthenticationExceptionException e) {
            basicAuthCredentialValidator.log.debug("Basic Authentication: Username and Password authentication failure");
            throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e.getMessage(), e);
        }
    }

    static final boolean validateScopes_aroundBody2(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, OpenAPI openAPI, MessageContext messageContext, JoinPoint joinPoint) {
        ArrayList<LinkedHashMap> scopeToRoleMappingOfApi;
        String str2 = (String) messageContext.getProperty("REST_API_CONTEXT");
        String str3 = (String) messageContext.getProperty("SYNAPSE_REST_API_VERSION");
        String str4 = (String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE);
        Object[] objArr = null;
        String str5 = String.valueOf(str2) + ":" + str3 + ":" + str4 + ":" + ((String) ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(ThreatProtectorConstants.HTTP_METHOD));
        String str6 = String.valueOf(str5) + ":" + str;
        if (basicAuthCredentialValidator.gatewayKeyCacheEnabled && basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().get(str6) != null) {
            return true;
        }
        if (openAPI != null) {
            String str7 = null;
            String scopesOfResource = OpenAPIUtils.getScopesOfResource(openAPI, messageContext);
            if (scopesOfResource != null && (scopeToRoleMappingOfApi = OpenAPIUtils.getScopeToRoleMappingOfApi(openAPI, messageContext)) != null) {
                Iterator<LinkedHashMap> it = scopeToRoleMappingOfApi.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    LinkedHashMap next = it.next();
                    if (scopesOfResource.equals(next.get("key"))) {
                        str7 = (String) next.get("roles");
                        break;
                    }
                }
            }
            if (!StringUtils.isNotBlank(str7)) {
                if (basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                    basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                }
                if (!basicAuthCredentialValidator.log.isDebugEnabled()) {
                    return true;
                }
                basicAuthCredentialValidator.log.debug("Basic Authentication: No scopes for the API resource: ".concat(str5));
                return true;
            }
            for (String str8 : basicAuthCredentialValidator.getUserRoles(str)) {
                if (str7.contains(str8)) {
                    if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
                        return true;
                    }
                    basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
                    return true;
                }
            }
            if (basicAuthCredentialValidator.log.isDebugEnabled()) {
                basicAuthCredentialValidator.log.debug("Basic Authentication: Scope validation failed for the API resource: ".concat(str4));
            }
            throw new APISecurityException(APISecurityConstants.INVALID_SCOPE, "Scope validation failed");
        }
        if (!"GRAPHQL".equals(messageContext.getProperty("API_TYPE"))) {
            if (!basicAuthCredentialValidator.log.isDebugEnabled()) {
                return true;
            }
            basicAuthCredentialValidator.log.debug("Basic Authentication: No OpenAPI found in the gateway for the API: ".concat(str2).concat(":").concat(str3));
            return true;
        }
        HashMap hashMap = (HashMap) messageContext.getProperty("ScopeOperationMapping");
        HashMap hashMap2 = (HashMap) messageContext.getProperty("ScopeRoleMapping");
        for (String str9 : ((String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE)).split(",")) {
            String str10 = (String) hashMap.get(str9);
            if (str10 != null) {
                ArrayList arrayList = (ArrayList) hashMap2.get(str10);
                boolean z = false;
                for (Object obj : objArr) {
                    Iterator it2 = arrayList.iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        if (((String) it2.next()).equals(obj)) {
                            z = true;
                            break;
                        }
                    }
                    if (z) {
                        break;
                    }
                }
                if (!z) {
                    throw new APISecurityException(APISecurityConstants.INVALID_SCOPE, "Scope validation failed");
                }
            }
        }
        if (!basicAuthCredentialValidator.gatewayKeyCacheEnabled) {
            return true;
        }
        basicAuthCredentialValidator.getGatewayBasicAuthResourceCache().put(str6, str5);
        return true;
    }

    static final String[] getUserRoles_aroundBody4(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, JoinPoint joinPoint) {
        String[] roleListOfUser;
        String tenantDomain = MultitenantUtils.getTenantDomain(str);
        if ("carbon.super".equals(tenantDomain)) {
            try {
                roleListOfUser = basicAuthCredentialValidator.remoteUserStoreManagerServiceStub.getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(str));
            } catch (RemoteException | RemoteUserStoreManagerServiceUserStoreExceptionException e) {
                throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e.getMessage(), e);
            }
        } else {
            try {
                roleListOfUser = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain)).getUserStoreManager().getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(str));
            } catch (UserStoreException e2) {
                throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR, e2.getMessage(), e2);
            }
        }
        return roleListOfUser;
    }

    static final String hashString_aroundBody6(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, JoinPoint joinPoint) {
        String str2 = null;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            StringBuilder sb = new StringBuilder();
            for (byte b : digest) {
                sb.append(Integer.toString((b & 255) + 256, 16).substring(1));
            }
            str2 = sb.toString();
        } catch (NoSuchAlgorithmException e) {
            basicAuthCredentialValidator.log.error(e.getMessage());
        }
        return str2;
    }

    static final Cache getGatewayBasicAuthResourceCache_aroundBody8(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        String firstProperty = basicAuthCredentialValidator.getApiManagerConfiguration().getFirstProperty("CacheConfigurations.TokenCacheExpiry");
        if (gatewayBasicAuthResourceCacheInit) {
            return basicAuthCredentialValidator.getCacheFromCacheManager("gatewayBasicAuthResourceCache");
        }
        gatewayBasicAuthResourceCacheInit = true;
        if (firstProperty != null) {
            return basicAuthCredentialValidator.createCache("gatewayBasicAuthResourceCache", Long.parseLong(firstProperty), Long.parseLong(firstProperty));
        }
        long defaultCacheTimeout = basicAuthCredentialValidator.getDefaultCacheTimeout();
        return basicAuthCredentialValidator.createCache("gatewayBasicAuthResourceCache", defaultCacheTimeout, defaultCacheTimeout);
    }

    static final Cache getGatewayUsernameCache_aroundBody10(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        String firstProperty = basicAuthCredentialValidator.getApiManagerConfiguration().getFirstProperty("CacheConfigurations.TokenCacheExpiry");
        if (gatewayUsernameCacheInit) {
            return basicAuthCredentialValidator.getCacheFromCacheManager("gatewayUsernameCache");
        }
        gatewayUsernameCacheInit = true;
        if (firstProperty != null) {
            return basicAuthCredentialValidator.createCache("gatewayUsernameCache", Long.parseLong(firstProperty), Long.parseLong(firstProperty));
        }
        long defaultCacheTimeout = basicAuthCredentialValidator.getDefaultCacheTimeout();
        return basicAuthCredentialValidator.createCache("gatewayUsernameCache", defaultCacheTimeout, defaultCacheTimeout);
    }

    static final Cache getInvalidUsernameCache_aroundBody12(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        String firstProperty = basicAuthCredentialValidator.getApiManagerConfiguration().getFirstProperty("CacheConfigurations.TokenCacheExpiry");
        if (gatewayUsernameCacheInit) {
            return basicAuthCredentialValidator.getCacheFromCacheManager("gatewayInvalidUsernameCache");
        }
        gatewayUsernameCacheInit = true;
        if (firstProperty != null) {
            return basicAuthCredentialValidator.createCache("gatewayInvalidUsernameCache", Long.parseLong(firstProperty), Long.parseLong(firstProperty));
        }
        long defaultCacheTimeout = basicAuthCredentialValidator.getDefaultCacheTimeout();
        return basicAuthCredentialValidator.createCache("gatewayInvalidUsernameCache", defaultCacheTimeout, defaultCacheTimeout);
    }

    static final Cache createCache_aroundBody14(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, long j, long j2, JoinPoint joinPoint) {
        return APIUtil.getCache("API_MANAGER_CACHE", str, j, j2);
    }

    static final APIManagerConfiguration getApiManagerConfiguration_aroundBody16(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        return ServiceReferenceHolder.getInstance().getAPIManagerConfiguration();
    }

    static final Cache getCacheFromCacheManager_aroundBody18(BasicAuthCredentialValidator basicAuthCredentialValidator, String str, JoinPoint joinPoint) {
        return Caching.getCacheManager("API_MANAGER_CACHE").getCache(str);
    }

    static final long getDefaultCacheTimeout_aroundBody20(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        return Long.valueOf(ServerConfiguration.getInstance().getFirstProperty("Cache.DefaultCacheTimeout")).longValue() * 60;
    }

    static final boolean isGatewayTokenCacheEnabled_aroundBody22(BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
        try {
            return Boolean.parseBoolean(basicAuthCredentialValidator.getApiManagerConfiguration().getFirstProperty("CacheConfigurations.EnableGatewayTokenCache"));
        } catch (Exception e) {
            basicAuthCredentialValidator.log.error("Did not found valid API Validation Information cache configuration. Use default configuration " + e, e);
            return true;
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("BasicAuthCredentialValidator.java", BasicAuthCredentialValidator.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "validate", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String:java.lang.String", "username:password", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "boolean"), 123);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "validateScopes", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String:io.swagger.v3.oas.models.OpenAPI:org.apache.synapse.MessageContext", "username:openAPI:synCtx", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "boolean"), 171);
        ajc$tjp_10 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getDefaultCacheTimeout", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "long"), 430);
        ajc$tjp_11 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "isGatewayTokenCacheEnabled", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "boolean"), 440);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getUserRoles", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String", ThrottleConstants.USERNAME, "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "[Ljava.lang.String;"), 269);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "hashString", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String", "str", APIMgtGatewayConstants.EMPTY, "java.lang.String"), 302);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getGatewayBasicAuthResourceCache", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 330);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getGatewayUsernameCache", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 352);
        ajc$tjp_6 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getInvalidUsernameCache", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 374);
        ajc$tjp_7 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "createCache", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String:long:long", "cacheName:modifiedExp:accessExp", APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 400);
        ajc$tjp_8 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getApiManagerConfiguration", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "org.wso2.carbon.apimgt.impl.APIManagerConfiguration"), 410);
        ajc$tjp_9 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getCacheFromCacheManager", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "java.lang.String", "cacheName", APIMgtGatewayConstants.EMPTY, "javax.cache.Cache"), 420);
    }
}
