package com.axway.apim.apiimport;

import com.axway.apim.adapter.APIManagerAdapter;
import com.axway.apim.api.API;
import com.axway.apim.api.IAPI;
import com.axway.apim.api.definition.APISpecificationFactory;
import com.axway.apim.api.model.APIQuota;
import com.axway.apim.api.model.AuthType;
import com.axway.apim.api.model.AuthenticationProfile;
import com.axway.apim.api.model.CaCert;
import com.axway.apim.api.model.ClientApplication;
import com.axway.apim.api.model.CorsProfile;
import com.axway.apim.api.model.DeviceType;
import com.axway.apim.api.model.InboundProfile;
import com.axway.apim.api.model.Organization;
import com.axway.apim.api.model.OutboundProfile;
import com.axway.apim.api.model.QuotaRestriction;
import com.axway.apim.api.model.QuotaRestrictionDeserializer;
import com.axway.apim.api.model.SecurityDevice;
import com.axway.apim.api.model.SecurityProfile;
import com.axway.apim.lib.APIPropertiesExport;
import com.axway.apim.lib.CommandParameters;
import com.axway.apim.lib.errorHandling.AppException;
import com.axway.apim.lib.errorHandling.ErrorCode;
import com.axway.apim.lib.errorHandling.ErrorState;
import com.axway.apim.lib.utils.URLParser;
import com.axway.apim.lib.utils.Utils;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.module.SimpleModule;
import com.fasterxml.jackson.databind.node.MissingNode;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.text.StringSubstitutor;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustAllStrategy;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/axway/apim/apiimport/APIImportConfigAdapter.class */
public class APIImportConfigAdapter {
    private static Logger LOG = LoggerFactory.getLogger(APIImportConfigAdapter.class);
    private String pathToAPIDefinition;
    private String apiConfigFile;
    private IAPI apiConfig;
    private boolean usingOrgAdmin;
    private ObjectMapper mapper = new ObjectMapper();
    private ErrorState error = ErrorState.getInstance();

    public APIImportConfigAdapter(IAPI iapi, String str) {
        this.apiConfig = iapi;
        this.apiConfigFile = str;
    }

    public APIImportConfigAdapter(String str, String str2, String str3, boolean z) throws AppException {
        SimpleModule simpleModule = new SimpleModule();
        simpleModule.addDeserializer(QuotaRestriction.class, new QuotaRestrictionDeserializer());
        this.mapper.registerModule(simpleModule);
        try {
            this.pathToAPIDefinition = str3;
            this.usingOrgAdmin = z;
            this.apiConfigFile = locateAPIConfigFile(str);
            IAPI iapi = (IAPI) this.mapper.readValue(substitueVariables(new File(this.apiConfigFile)), DesiredAPI.class);
            if (getStageConfig(str2, this.apiConfigFile) != null) {
                try {
                    this.apiConfig = (IAPI) this.mapper.readerForUpdating(iapi).readValue(substitueVariables(new File(getStageConfig(str2, this.apiConfigFile))));
                    LOG.info("Loaded stage API-Config from file: " + getStageConfig(str2, this.apiConfigFile));
                } catch (FileNotFoundException e) {
                    LOG.warn("No config file found for stage: '" + str2 + "'");
                    this.apiConfig = iapi;
                }
            } else {
                this.apiConfig = iapi;
            }
        } catch (Exception e2) {
            this.error.setError("Cant parse JSON-Config file(s)", ErrorCode.CANT_READ_CONFIG_FILE);
            throw new AppException("Cant parse JSON-Config file(s)", ErrorCode.CANT_READ_CONFIG_FILE, e2);
        }
    }

    private static String locateAPIConfigFile(String str) throws AppException {
        try {
            String decode = URLDecoder.decode(str, "UTF-8");
            File file = new File(decode);
            if (file.exists()) {
                return file.getCanonicalPath();
            }
            File file2 = new File(new File(APIImportConfigAdapter.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath()).getParentFile().getParent() + File.separator + decode);
            if (file2.exists()) {
                return file2.getCanonicalPath();
            }
            throw new AppException("Unable to find given Config-File: '" + decode + "'", ErrorCode.CANT_READ_CONFIG_FILE);
        } catch (Exception e) {
            throw new AppException("Unable to find given Config-File: '" + str + "'", ErrorCode.CANT_READ_CONFIG_FILE);
        }
    }

    private String substitueVariables(File file) throws IOException {
        return new StringSubstitutor(CommandParameters.getInstance().getEnvironmentProperties()).replace(StringSubstitutor.replace(new String(Files.readAllBytes(file.toPath()), StandardCharsets.UTF_8), System.getenv()));
    }

    public IAPI getApiConfig() {
        return this.apiConfig;
    }

    public IAPI getDesiredAPI() throws AppException {
        try {
            validateExposurePath(this.apiConfig);
            validateOrganization(this.apiConfig);
            checkForAPIDefinitionInConfiguration(this.apiConfig);
            addDefaultPassthroughSecurityProfile(this.apiConfig);
            addDefaultCorsProfile(this.apiConfig);
            addDefaultAuthenticationProfile(this.apiConfig);
            addDefaultOutboundProfile(this.apiConfig);
            addDefaultInboundProfile(this.apiConfig);
            this.apiConfig.setAPIDefinition(APISpecificationFactory.getAPISpecification(getAPIDefinitionContent(), this.pathToAPIDefinition, ((DesiredAPI) this.apiConfig).getBackendBasepath()));
            addImageContent(this.apiConfig);
            validateCustomProperties(this.apiConfig);
            validateDescription(this.apiConfig);
            validateOutboundAuthN(this.apiConfig);
            validateHasQueryStringKey(this.apiConfig);
            completeCaCerts(this.apiConfig);
            addQuotaConfiguration(this.apiConfig);
            handleAllOrganizations(this.apiConfig);
            completeClientApplications(this.apiConfig);
            return this.apiConfig;
        } catch (Exception e) {
            if (e.getCause() instanceof AppException) {
                throw ((AppException) e.getCause());
            }
            throw new AppException("Cannot validate/fulfill configuration file.", ErrorCode.CANT_READ_CONFIG_FILE, e);
        }
    }

    public IAPI completeDesiredAPI(IAPI iapi, IAPI iapi2) throws AppException {
        if (!iapi2.isValid()) {
            return iapi;
        }
        APIManagerAdapter aPIManagerAdapter = APIManagerAdapter.getInstance();
        ((DesiredAPI) iapi).setOriginalInboundProfiles(iapi.getInboundProfiles());
        ((DesiredAPI) iapi).setOriginalOutboundProfiles(iapi.getOutboundProfiles());
        aPIManagerAdapter.translateMethodIds(iapi.getInboundProfiles(), iapi2);
        aPIManagerAdapter.translateMethodIds(iapi.getOutboundProfiles(), iapi2);
        return iapi;
    }

    private void validateExposurePath(IAPI iapi) throws AppException {
        if (iapi.getPath() == null) {
            ErrorState.getInstance().setError("Config-Parameter: 'path' is not given", ErrorCode.CANT_READ_CONFIG_FILE, false);
            throw new AppException("Path is invalid.", ErrorCode.CANT_READ_CONFIG_FILE);
        }
        if (iapi.getPath().startsWith("/")) {
            return;
        }
        ErrorState.getInstance().setError("Config-Parameter: 'path' must start with a \"/\" following by a valid API-Path (e.g. /api/v1/customer).", ErrorCode.CANT_READ_CONFIG_FILE, false);
        throw new AppException("Path is invalid.", ErrorCode.CANT_READ_CONFIG_FILE);
    }

    private void validateOrganization(IAPI iapi) throws AppException {
        if (iapi instanceof DesiredTestOnlyAPI) {
            return;
        }
        if (this.usingOrgAdmin) {
            iapi.setOrganizationId(APIManagerAdapter.getCurrentUser(false).getOrganizationId());
            return;
        }
        String orgId = APIManagerAdapter.getInstance().getOrgId(iapi.getOrganization(), true);
        if (orgId == null) {
            this.error.setError("The given organization: '" + iapi.getOrganization() + "' is either unknown or hasn't the Development flag.", ErrorCode.UNKNOWN_ORGANIZATION, false);
            throw new AppException("The given organization: '" + iapi.getOrganization() + "' is either unknown or hasn't the Development flag.", ErrorCode.UNKNOWN_ORGANIZATION);
        }
        iapi.setOrganizationId(orgId);
    }

    private void checkForAPIDefinitionInConfiguration(IAPI iapi) throws AppException {
        LOG.debug("Current path={}", getCurrentPath());
        if (StringUtils.isEmpty(this.pathToAPIDefinition)) {
            if (!StringUtils.isNotEmpty(iapi.getApiDefinitionImport())) {
                ErrorState.getInstance().setError("No API Definition configured", ErrorCode.NO_API_DEFINITION_CONFIGURED, false);
                throw new AppException("No API Definition configured", ErrorCode.NO_API_DEFINITION_CONFIGURED);
            }
            this.pathToAPIDefinition = iapi.getApiDefinitionImport();
            LOG.debug("Reading API Definition from configuration file");
        }
    }

    private String getCurrentPath() {
        return Paths.get("", new String[0]).toAbsolutePath().toString();
    }

    private void handleAllOrganizations(IAPI iapi) throws AppException {
        if (iapi.getClientOrganizations() == null) {
            return;
        }
        if (iapi.getState().equals(IAPI.STATE_UNPUBLISHED)) {
            iapi.setClientOrganizations(null);
            return;
        }
        ArrayList arrayList = new ArrayList();
        List<Organization> allOrgs = APIManagerAdapter.getInstance().getAllOrgs();
        if (iapi.getClientOrganizations().contains("ALL")) {
            Iterator<Organization> it = allOrgs.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().getName());
            }
            iapi.getClientOrganizations().clear();
            iapi.getClientOrganizations().addAll(arrayList);
            ((DesiredAPI) iapi).setRequestForAllOrgs(true);
            return;
        }
        if (!iapi.getClientOrganizations().contains(iapi.getOrganization())) {
            iapi.getClientOrganizations().add(iapi.getOrganization());
        }
        Iterator<String> it2 = iapi.getClientOrganizations().iterator();
        String str = null;
        while (it2.hasNext()) {
            String next = it2.next();
            Organization organization = new Organization();
            organization.setName(next);
            if (!allOrgs.contains(organization)) {
                LOG.warn("Unknown organization with name: '" + organization.getName() + "' configured. Ignoring this organization.");
                str = str == null ? next : str + ", " + next;
                APIPropertiesExport.getInstance().setProperty(ErrorCode.INVALID_CLIENT_ORGANIZATIONS.name(), str);
                it2.remove();
            }
        }
    }

    private void addQuotaConfiguration(IAPI iapi) throws AppException {
        if (iapi.getState() == IAPI.STATE_UNPUBLISHED) {
            return;
        }
        DesiredAPI desiredAPI = (DesiredAPI) iapi;
        initQuota(desiredAPI.getSystemQuota());
        initQuota(desiredAPI.getApplicationQuota());
    }

    private void initQuota(APIQuota aPIQuota) {
        if (aPIQuota == null) {
            return;
        }
        if (aPIQuota.getType().equals("APPLICATION")) {
            aPIQuota.setName("Application Default");
            aPIQuota.setDescription("Maximum message rates per application. Applied to each application unless an Application-Specific quota is configured");
        } else {
            aPIQuota.setName("System Default");
            aPIQuota.setDescription(".....");
        }
    }

    private void validateDescription(IAPI iapi) throws AppException {
        if (iapi.getDescriptionType() == null || iapi.getDescriptionType().equals("original")) {
            return;
        }
        String descriptionType = iapi.getDescriptionType();
        if (descriptionType.equals("manual")) {
            if (iapi.getDescriptionManual() == null) {
                throw new AppException("descriptionManual can't be null with descriptionType set to 'manual'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
            return;
        }
        if (descriptionType.equals("url")) {
            if (iapi.getDescriptionUrl() == null) {
                throw new AppException("descriptionUrl can't be null with descriptionType set to 'url'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
        } else if (!descriptionType.equals("markdown")) {
            if (!descriptionType.equals("original")) {
                throw new AppException("Unknown descriptionType: '" + descriptionType.equals("manual") + "'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
        } else {
            if (iapi.getDescriptionMarkdown() == null) {
                throw new AppException("descriptionMarkdown can't be null with descriptionType set to 'markdown'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
            if (!iapi.getDescriptionMarkdown().startsWith("${env.")) {
                throw new AppException("descriptionMarkdown must start with an environment variable", ErrorCode.CANT_READ_CONFIG_FILE);
            }
        }
    }

    private void addDefaultCorsProfile(IAPI iapi) throws AppException {
        if (iapi.getCorsProfiles() == null) {
            ((API) iapi).setCorsProfiles(new ArrayList());
        }
        boolean z = false;
        Iterator<CorsProfile> it = iapi.getCorsProfiles().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (it.next().getName().equals("_default")) {
                z = true;
                break;
            }
        }
        if (z) {
            return;
        }
        iapi.getCorsProfiles().add(CorsProfile.getDefaultCorsProfile());
    }

    /* JADX WARN: Removed duplicated region for block: B:33:0x0172  */
    /* JADX WARN: Removed duplicated region for block: B:41:0x01af A[ADDED_TO_REGION, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void completeClientApplications(com.axway.apim.api.IAPI r5) throws com.axway.apim.lib.errorHandling.AppException {
        /*
            Method dump skipped, instructions count: 443
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.axway.apim.apiimport.APIImportConfigAdapter.completeClientApplications(com.axway.apim.api.IAPI):void");
    }

    private static ClientApplication getAppForCredential(String str, String str2) throws AppException {
        LOG.debug("Searching application with configured credential (Type: " + str2 + "): '" + str + "'");
        ClientApplication appIdForCredential = APIManagerAdapter.getInstance().getAppIdForCredential(str, str2);
        if (appIdForCredential != null) {
            return appIdForCredential;
        }
        LOG.warn("Unknown application with (" + str2 + "): '" + str + "' configured. Ignoring this application.");
        return null;
    }

    private void completeCaCerts(IAPI iapi) throws AppException {
        if (iapi.getCaCerts() != null) {
            ArrayList arrayList = new ArrayList();
            for (CaCert caCert : iapi.getCaCerts()) {
                if (caCert.getCertBlob() == null) {
                    try {
                        arrayList.add((CaCert) this.mapper.readValue(APIManagerAdapter.getCertInfo(getInputStreamForCertFile(caCert), caCert).get(0).toString(), CaCert.class));
                    } catch (Exception e) {
                        throw new AppException("Can't initialize given certificate.", ErrorCode.CANT_READ_CONFIG_FILE, e);
                    }
                }
            }
            iapi.getCaCerts().clear();
            iapi.getCaCerts().addAll(arrayList);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v24, types: [java.io.InputStream] */
    private InputStream getInputStreamForCertFile(CaCert caCert) throws AppException {
        FileInputStream fileInputStream;
        File file = new File(caCert.getCertFile());
        if (file.exists()) {
            try {
                return new FileInputStream(file);
            } catch (FileNotFoundException e) {
                throw new AppException("Cant read given certificate file", ErrorCode.CANT_READ_CONFIG_FILE);
            }
        }
        try {
            File file2 = new File(new File(this.apiConfigFile).getCanonicalFile().getParent() + File.separator + caCert.getCertFile());
            if (file2.exists()) {
                try {
                    fileInputStream = new FileInputStream(file2);
                } catch (FileNotFoundException e2) {
                    throw new AppException("Cant read given certificate file", ErrorCode.CANT_READ_CONFIG_FILE);
                }
            } else {
                LOG.debug("Can't read certifiate from file-location: " + file2.toString() + ". Now trying to read it from the classpath.");
                fileInputStream = APIManagerAdapter.class.getResourceAsStream(caCert.getCertFile());
            }
            if (fileInputStream != null) {
                return fileInputStream;
            }
            LOG.error("Can't read certificate: " + caCert.getCertFile() + " from file or classpath.");
            LOG.error("Certificates in filesystem are either expected relative to the API-Config-File or as an absolute path.");
            LOG.error("In the same directory. \t\tExample: \"myCertFile.crt\"");
            LOG.error("Relative to it.         \t\tExample: \"../../allMyCertsAreHere/myCertFile.crt\"");
            LOG.error("With an absolute path   \t\tExample: \"/another/location/with/allMyCerts/myCertFile.crt\"");
            throw new AppException("Can't read certificate: " + caCert.getCertFile() + " from file or classpath.", ErrorCode.CANT_READ_CONFIG_FILE);
        } catch (IOException e3) {
            this.error.setError("Can't read certificate file.", ErrorCode.CANT_READ_CONFIG_FILE);
            throw new AppException("Can't read certificate file.", ErrorCode.CANT_READ_CONFIG_FILE, e3);
        }
    }

    private void validateCustomProperties(IAPI iapi) throws AppException {
        if (iapi.getCustomProperties() != null) {
            JsonNode customPropertiesConfig = APIManagerAdapter.getCustomPropertiesConfig();
            for (String str : iapi.getCustomProperties().keySet()) {
                String str2 = iapi.getCustomProperties().get(str);
                JsonNode at = customPropertiesConfig.at("/api/" + str);
                if (at instanceof MissingNode) {
                    ErrorState.getInstance().setError("The custom-property: '" + str + "' is not configured in API-Manager.", ErrorCode.CANT_READ_CONFIG_FILE, false);
                    throw new AppException("The custom-property: '" + str + "' is not configured in API-Manager.", ErrorCode.CANT_READ_CONFIG_FILE);
                }
                JsonNode jsonNode = at.get("type");
                if (jsonNode != null && (jsonNode.asText().equals("select") || jsonNode.asText().equals("switch"))) {
                    boolean z = false;
                    Iterator it = at.get("options").iterator();
                    while (true) {
                        if (it.hasNext()) {
                            if (((JsonNode) it.next()).at("/value").asText().equals(str2)) {
                                z = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                    if (!z) {
                        ErrorState.getInstance().setError("The value: '" + str2 + "' isn't configured for custom property: '" + str + "'", ErrorCode.CANT_READ_CONFIG_FILE, false);
                        throw new AppException("The value: '" + str2 + "' isn't configured for custom property: '" + str + "'", ErrorCode.CANT_READ_CONFIG_FILE);
                    }
                }
            }
        }
    }

    private byte[] getAPIDefinitionContent() throws AppException {
        try {
            return IOUtils.toByteArray(new InputStreamReader(getAPIDefinitionAsStream(), StandardCharsets.UTF_8), StandardCharsets.UTF_8);
        } catch (IOException e) {
            throw new AppException("Can't read API-Definition from file", ErrorCode.CANT_READ_API_DEFINITION_FILE, e);
        }
    }

    public InputStream getAPIDefinitionAsStream() throws AppException {
        InputStream fileInputStream;
        if (this.pathToAPIDefinition.endsWith(".url")) {
            return getAPIDefinitionFromURL(Utils.getAPIDefinitionUriFromFile(this.pathToAPIDefinition));
        }
        if (isHttpUri(this.pathToAPIDefinition)) {
            return getAPIDefinitionFromURL(this.pathToAPIDefinition);
        }
        try {
            if (new File(this.pathToAPIDefinition).exists()) {
                LOG.info("Reading API-Definition (Swagger/WSDL) from file: '" + this.pathToAPIDefinition + "' (relative path)");
                fileInputStream = new FileInputStream(this.pathToAPIDefinition);
            } else {
                File file = new File(new File(this.apiConfigFile).getCanonicalFile().getParent() + File.separator + this.pathToAPIDefinition);
                LOG.info("Reading API-Definition (Swagger/WSDL) from file: '" + file.getCanonicalFile() + "' (absolute path)");
                fileInputStream = file.exists() ? new FileInputStream(file) : getClass().getResourceAsStream(this.pathToAPIDefinition);
            }
            if (fileInputStream == null) {
                throw new AppException("Unable to read Swagger/WSDL file from: " + this.pathToAPIDefinition, ErrorCode.CANT_READ_API_DEFINITION_FILE);
            }
            return fileInputStream;
        } catch (Exception e) {
            throw new AppException("Unable to read Swagger/WSDL file from: " + this.pathToAPIDefinition, ErrorCode.CANT_READ_API_DEFINITION_FILE, e);
        }
    }

    private InputStream getAPIDefinitionFromURL(String str) throws AppException {
        URLParser uRLParser = new URLParser(str);
        String uri = uRLParser.getUri();
        CloseableHttpClient createHttpClient = createHttpClient(uri, uRLParser.getUsername(), uRLParser.getPassword());
        try {
            try {
                RequestConfig build = RequestConfig.custom().setRelativeRedirectsAllowed(true).setCircularRedirectsAllowed(true).build();
                HttpGet httpGet = new HttpGet(uri);
                httpGet.setConfig(build);
                return new ByteArrayInputStream(((String) createHttpClient.execute(httpGet, new ResponseHandler<String>() { // from class: com.axway.apim.apiimport.APIImportConfigAdapter.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // org.apache.http.client.ResponseHandler
                    public String handleResponse(HttpResponse httpResponse) throws ClientProtocolException, IOException {
                        int statusCode = httpResponse.getStatusLine().getStatusCode();
                        if (statusCode < 200 || statusCode >= 300) {
                            throw new ClientProtocolException("Unexpected response status: " + statusCode);
                        }
                        HttpEntity entity = httpResponse.getEntity();
                        if (entity != null) {
                            return EntityUtils.toString(entity, StandardCharsets.UTF_8);
                        }
                        return null;
                    }
                })).getBytes(StandardCharsets.UTF_8));
            } catch (Exception e) {
                throw new AppException("Cannot load API-Definition from URI: " + uri, ErrorCode.CANT_READ_API_DEFINITION_FILE, e);
            }
        } finally {
            try {
                createHttpClient.close();
            } catch (Exception e2) {
            }
        }
    }

    private CloseableHttpClient createHttpClient(String str, String str2, String str3) throws AppException {
        HttpClientBuilder custom = HttpClients.custom();
        try {
            addBasicAuthCredential(str, str2, str3, custom);
            addSSLContext(str, custom);
            return custom.build();
        } catch (Exception e) {
            throw new AppException("Error during create http client for retrieving ...", ErrorCode.CANT_CREATE_HTTP_CLIENT);
        }
    }

    private void addSSLContext(String str, HttpClientBuilder httpClientBuilder) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException {
        SSLConnectionSocketFactory createSSLContext;
        if (!isHttpsUri(str) || (createSSLContext = createSSLContext()) == null) {
            return;
        }
        httpClientBuilder.setSSLSocketFactory(createSSLContext);
    }

    private void addBasicAuthCredential(String str, String str2, String str3, HttpClientBuilder httpClientBuilder) {
        if (this.apiConfig instanceof DesiredTestOnlyAPI) {
            return;
        }
        if (str2 == null) {
            LOG.info("Loading API-Definition from: " + str);
            return;
        }
        LOG.info("Loading API-Definition from: " + str + " (" + str2 + ")");
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(new AuthScope(AuthScope.ANY), new UsernamePasswordCredentials(str2, str3));
        httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
    }

    public static boolean isHttpUri(String str) {
        String substring = str.substring(str.indexOf("@") + 1);
        return substring.startsWith("http://") || substring.startsWith("https://");
    }

    public static boolean isHttpsUri(String str) {
        return str.startsWith("https://");
    }

    private String getStageConfig(String str, String str2) {
        if (str == null) {
            return null;
        }
        File file = new File(str);
        if (file.exists()) {
            return file.getAbsolutePath();
        }
        if (str.equals("NOT_SET")) {
            LOG.debug("No stage provided");
            return null;
        }
        File file2 = new File(str2.substring(0, str2.lastIndexOf(".") + 1) + str + str2.substring(str2.lastIndexOf(".")));
        File file3 = new File(file2.getParentFile() + "/" + str + "/" + file2.getName());
        if (file2.exists()) {
            return file2.getAbsolutePath();
        }
        if (file3.exists()) {
            return file3.getAbsolutePath();
        }
        return null;
    }

    private IAPI addDefaultInboundProfile(IAPI iapi) throws AppException {
        if (iapi.getInboundProfiles() == null || iapi.getInboundProfiles().size() == 0) {
            return iapi;
        }
        Iterator<String> it = iapi.getInboundProfiles().keySet().iterator();
        while (it.hasNext()) {
            if (it.next().equals("_default")) {
                return iapi;
            }
        }
        InboundProfile inboundProfile = new InboundProfile();
        inboundProfile.setSecurityProfile("_default");
        inboundProfile.setCorsProfile("_default");
        inboundProfile.setMonitorAPI(true);
        inboundProfile.setMonitorSubject("authentication.subject.id");
        iapi.getInboundProfiles().put("_default", inboundProfile);
        return iapi;
    }

    private IAPI addDefaultPassthroughSecurityProfile(IAPI iapi) throws AppException {
        boolean z = false;
        if (iapi.getSecurityProfiles() == null) {
            iapi.setSecurityProfiles(new ArrayList());
        }
        List<SecurityProfile> securityProfiles = iapi.getSecurityProfiles();
        for (SecurityProfile securityProfile : iapi.getSecurityProfiles()) {
            if (securityProfile.getIsDefault() || securityProfile.getName().equals("_default")) {
                if (z) {
                    ErrorState.getInstance().setError("You can have only one _default SecurityProfile.", ErrorCode.CANT_READ_CONFIG_FILE, false);
                    throw new AppException("You can have only one _default SecurityProfile.", ErrorCode.CANT_READ_CONFIG_FILE);
                }
                z = true;
                securityProfile.setName("_default");
                securityProfile.setIsDefault(true);
            }
        }
        if (securityProfiles == null || securityProfiles.size() == 0 || !z) {
            SecurityProfile securityProfile2 = new SecurityProfile();
            securityProfile2.setName("_default");
            securityProfile2.setIsDefault(true);
            SecurityDevice securityDevice = new SecurityDevice();
            securityDevice.setName("Pass Through");
            securityDevice.setType(DeviceType.passThrough);
            securityDevice.setOrder(0);
            securityDevice.getProperties().put("subjectIdFieldName", "Pass Through");
            securityDevice.getProperties().put("removeCredentialsOnSuccess", "true");
            securityProfile2.getDevices().add(securityDevice);
            securityProfiles.add(securityProfile2);
        }
        return iapi;
    }

    private IAPI addDefaultAuthenticationProfile(IAPI iapi) throws AppException {
        if (iapi.getAuthenticationProfiles() == null) {
            return iapi;
        }
        boolean z = false;
        List<AuthenticationProfile> authenticationProfiles = iapi.getAuthenticationProfiles();
        for (AuthenticationProfile authenticationProfile : authenticationProfiles) {
            if (authenticationProfile.getIsDefault() || authenticationProfile.getName().equals("_default")) {
                if (z) {
                    ErrorState.getInstance().setError("You can have only one AuthenticationProfile configured as default", ErrorCode.CANT_READ_CONFIG_FILE, false);
                    throw new AppException("You can have only one AuthenticationProfile configured as default", ErrorCode.CANT_READ_CONFIG_FILE);
                }
                z = true;
                authenticationProfile.setName("_default");
                authenticationProfile.setIsDefault(true);
            }
        }
        if (!z) {
            LOG.warn("THERE IS NO DEFAULT authenticationProfile CONFIGURED. Auto-Creating a No-Authentication outbound profile as default!");
            AuthenticationProfile authenticationProfile2 = new AuthenticationProfile();
            authenticationProfile2.setName("_default");
            authenticationProfile2.setIsDefault(true);
            authenticationProfile2.setType(AuthType.none);
            authenticationProfiles.add(authenticationProfile2);
        }
        return iapi;
    }

    private IAPI addDefaultOutboundProfile(IAPI iapi) throws AppException {
        if (iapi.getOutboundProfiles() == null || iapi.getOutboundProfiles().size() == 0) {
            return iapi;
        }
        Iterator<String> it = iapi.getOutboundProfiles().keySet().iterator();
        if (!it.hasNext()) {
            OutboundProfile outboundProfile = new OutboundProfile();
            outboundProfile.setAuthenticationProfile("_default");
            outboundProfile.setRouteType("proxy");
            iapi.getOutboundProfiles().put("_default", outboundProfile);
            return iapi;
        }
        String next = it.next();
        if (next.equals("_default")) {
            OutboundProfile outboundProfile2 = iapi.getOutboundProfiles().get(next);
            if (outboundProfile2.getAuthenticationProfile() == null) {
                LOG.warn("Provided default outboundProfile doesn't contain AuthN-Profile - Setting it to default");
                outboundProfile2.setAuthenticationProfile("_default");
            }
        }
        return iapi;
    }

    private void validateOutboundAuthN(IAPI iapi) throws AppException {
        if (iapi.getAuthenticationProfiles() == null || iapi.getAuthenticationProfiles().size() == 0 || !iapi.getAuthenticationProfiles().get(0).getType().equals(AuthType.ssl)) {
            return;
        }
        handleOutboundSSLAuthN(iapi.getAuthenticationProfiles().get(0));
    }

    private void handleOutboundSSLAuthN(AuthenticationProfile authenticationProfile) throws AppException {
        if (authenticationProfile.getType().equals(AuthType.ssl)) {
            String str = (String) authenticationProfile.getParameters().get("certFile");
            String str2 = (String) authenticationProfile.getParameters().get("password");
            String[] extractKeystoreTypeFromCertFile = extractKeystoreTypeFromCertFile(str);
            String str3 = extractKeystoreTypeFromCertFile[0];
            String str4 = extractKeystoreTypeFromCertFile[1];
            File file = new File(str3);
            String str5 = null;
            try {
                if (!file.exists()) {
                    file = new File(new File(this.apiConfigFile).getCanonicalFile().getParent() + "/" + str3);
                }
                if (!file.exists()) {
                    LOG.debug("Trying to load Client-Certificate from classpath");
                    if (getClass().getResource(str3) == null) {
                        throw new AppException("Can't read Client-Certificate-Keystore: " + str3 + " from filesystem or classpath.", ErrorCode.UNXPECTED_ERROR);
                    }
                    str5 = str3;
                }
                KeyStore loadKeystore = loadKeystore(file, str5, str4, str2);
                if (loadKeystore == null) {
                    ErrorState.getInstance().setError("Unable to configure Outbound SSL-Config. Can't load keystore: '" + file + "' for any reason. Turn on debug to see log messages.", ErrorCode.WRONG_KEYSTORE_PASSWORD, false);
                    throw new AppException("Unable to configure Outbound SSL-Config. Can't load keystore: '" + file + "' for any reason.", ErrorCode.WRONG_KEYSTORE_PASSWORD);
                }
                X509Certificate x509Certificate = null;
                Enumeration<String> aliases = loadKeystore.aliases();
                while (aliases.hasMoreElements()) {
                    x509Certificate = (X509Certificate) loadKeystore.getCertificate(aliases.nextElement());
                    x509Certificate.getEncoded();
                }
                if (this.apiConfig instanceof DesiredTestOnlyAPI) {
                    return;
                }
                authenticationProfile.getParameters().put("pfx", APIManagerAdapter.getFileData(x509Certificate.getEncoded(), str3).get("data").asText());
                authenticationProfile.getParameters().remove("certFile");
            } catch (Exception e) {
                throw new AppException("Can't read Client-Cert-File: " + str3 + " from filesystem or classpath.", ErrorCode.UNXPECTED_ERROR, e);
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    private KeyStore loadKeystore(File file, String str, String str2, String str3) throws IOException {
        KeyStore keyStore;
        InputStream inputStream = null;
        try {
            if (str2 != null) {
                try {
                    inputStream = str == null ? new BufferedInputStream(new FileInputStream(file)) : getClass().getResourceAsStream(str);
                    LOG.debug("Loading keystore: '" + file + "' using keystore type: '" + str2 + "'");
                    KeyStore keyStore2 = KeyStore.getInstance(str2);
                    keyStore2.load(inputStream, str3.toCharArray());
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    return keyStore2;
                } catch (IOException e) {
                    if (e.getMessage() == null || !e.getMessage().toLowerCase().contains("keystore password was incorrect")) {
                        LOG.debug("Error message using type: " + str2 + " Error-Message: " + e.getMessage());
                        throw e;
                    }
                    ErrorState.getInstance().setError("Unable to configure Outbound SSL-Config as password for keystore: is incorrect.", ErrorCode.WRONG_KEYSTORE_PASSWORD, false);
                    throw e;
                } catch (Exception e2) {
                    LOG.debug("Error message using type: " + str2 + " Error-Message: " + e2.getMessage());
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    return null;
                }
            }
            LOG.debug("Loading keystore: '" + file + "' trying the following types: " + Security.getAlgorithms("KeyStore"));
            for (String str4 : Security.getAlgorithms("KeyStore")) {
                try {
                    try {
                        try {
                            LOG.debug("Trying to load keystore: '" + file + "' using type: '" + str4 + "'");
                            inputStream = str == null ? new BufferedInputStream(new FileInputStream(file)) : getClass().getResourceAsStream(str);
                            keyStore = KeyStore.getInstance(str4);
                            keyStore.load(inputStream, str3.toCharArray());
                        } catch (IOException e3) {
                            if (e3.getMessage() != null && e3.getMessage().toLowerCase().contains("keystore password was incorrect")) {
                                ErrorState.getInstance().setError("Unable to configure Outbound SSL-Config as password for keystore: is incorrect.", ErrorCode.WRONG_KEYSTORE_PASSWORD, false);
                                throw e3;
                            }
                            LOG.debug("Error message using type: " + str2 + " Error-Message: " + e3.getMessage(), e3);
                            if (inputStream != null) {
                                inputStream.close();
                            }
                        }
                    } catch (Exception e4) {
                        LOG.debug("Error message using type: " + str2 + " Error-Message: " + e4.getMessage(), e4);
                        if (inputStream != null) {
                            inputStream.close();
                        }
                    }
                    if (keyStore != null) {
                        LOG.debug("Successfully loaded keystore: '" + file + "' with type: " + str4);
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        return keyStore;
                    }
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } catch (Throwable th) {
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    throw th;
                }
            }
            return null;
        } catch (Throwable th2) {
            if (inputStream != null) {
                inputStream.close();
            }
            throw th2;
        }
    }

    private String[] extractKeystoreTypeFromCertFile(String str) throws AppException {
        int lastIndexOf;
        if (str.contains(":") && (lastIndexOf = str.lastIndexOf(":")) >= 3) {
            String substring = str.substring(lastIndexOf + 1);
            if (Security.getAlgorithms("KeyStore").contains(substring)) {
                return new String[]{str.substring(0, lastIndexOf), substring};
            }
            ErrorState.getInstance().setError("Unknown keystore type: '" + substring + "'. Supported: " + Security.getAlgorithms("KeyStore"), ErrorCode.WRONG_KEYSTORE_PASSWORD);
            throw new AppException("Unknown keystore type: '" + substring + "'. Supported: " + Security.getAlgorithms("KeyStore"), ErrorCode.WRONG_KEYSTORE_PASSWORD);
        }
        return new String[]{str, null};
    }

    private void validateHasQueryStringKey(IAPI iapi) throws AppException {
    }

    private IAPI addImageContent(IAPI iapi) throws AppException {
        if (iapi.getImage() == null) {
            return iapi;
        }
        try {
            File file = new File(iapi.getImage().getFilename());
            if (!file.exists()) {
                file = new File(new File(this.apiConfigFile).getCanonicalFile().getParent() + "/" + iapi.getImage().getFilename());
            }
            iapi.getImage().setBaseFilename(file.getName());
            InputStream resourceAsStream = getClass().getResourceAsStream(iapi.getImage().getFilename());
            if (file.exists()) {
                LOG.debug("Loading image from: '" + file.getCanonicalFile() + "'");
                iapi.getImage().setImageContent(IOUtils.toByteArray(new FileInputStream(file)));
                return iapi;
            }
            if (resourceAsStream == null) {
                throw new AppException("Image not found in filesystem ('" + file + "') or Classpath.", ErrorCode.UNXPECTED_ERROR);
            }
            LOG.debug("Trying to load image from classpath");
            iapi.getImage().setImageContent(IOUtils.toByteArray(resourceAsStream));
            return iapi;
        } catch (Exception e) {
            throw new AppException("Can't read image-file: " + iapi.getImage().getFilename() + " from filesystem or classpath.", ErrorCode.UNXPECTED_ERROR, e);
        }
    }

    public String getPathToAPIDefinition() {
        return this.pathToAPIDefinition;
    }

    public void setPathToAPIDefinition(String str) {
        this.pathToAPIDefinition = str;
    }

    private SSLConnectionSocketFactory createSSLContext() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException {
        SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
        sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustAllStrategy());
        String property = System.getProperty("javax.net.ssl.keyStore", "");
        if (StringUtils.isNotEmpty(property)) {
            String property2 = System.getProperty("javax.net.ssl.keyStorePassword", "");
            if (StringUtils.isNotEmpty(property2)) {
                String property3 = System.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType());
                LOG.debug("Reading keystore from {}", property);
                KeyStore keyStore = KeyStore.getInstance(property3);
                keyStore.load(new FileInputStream(new File(property)), property2.toCharArray());
                sSLContextBuilder.loadKeyMaterial(keyStore, property2.toCharArray());
            }
        } else {
            LOG.debug("NO javax.net.ssl.keyStore property.");
        }
        return new SSLConnectionSocketFactory(sSLContextBuilder.build(), getAcceptedTLSProtocols(), (String[]) null, new NoopHostnameVerifier());
    }

    private String[] getAcceptedTLSProtocols() {
        String property = System.getProperty("https.protocols", "TLSv1.2");
        LOG.debug("https protocols: {}", property);
        return property.split(",");
    }
}
