package io.camunda.connector.sns.inbound;

import com.amazonaws.services.sns.message.SnsMessage;
import com.amazonaws.services.sns.message.SnsNotification;
import com.amazonaws.services.sns.message.SnsSubscriptionConfirmation;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.camunda.connector.api.annotation.InboundConnector;
import io.camunda.connector.api.inbound.Activity;
import io.camunda.connector.api.inbound.Health;
import io.camunda.connector.api.inbound.InboundConnectorContext;
import io.camunda.connector.api.inbound.Severity;
import io.camunda.connector.api.inbound.webhook.MappedHttpRequest;
import io.camunda.connector.api.inbound.webhook.WebhookConnectorExecutable;
import io.camunda.connector.api.inbound.webhook.WebhookProcessingPayload;
import io.camunda.connector.api.inbound.webhook.WebhookResult;
import io.camunda.connector.aws.ObjectMapperSupplier;
import io.camunda.connector.generator.dsl.BpmnType;
import io.camunda.connector.generator.java.annotation.ElementTemplate;
import io.camunda.connector.sns.inbound.model.SnsWebhookConnectorProperties;
import io.camunda.connector.sns.inbound.model.SnsWebhookProcessingResult;
import io.camunda.connector.sns.inbound.model.SubscriptionAllowListFlag;
import io.camunda.connector.sns.suppliers.SnsClientSupplier;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.Map;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InboundConnector(name = "AWS SNS Inbound", type = "io.camunda:aws-sns-webhook:1")
@ElementTemplate(id = "io.camunda.connectors.AWSSNS.inbound.v1", name = "SNS HTTPS Connectorr", icon = "icon.svg", version = 4, inputDataClass = SnsWebhookConnectorProperties.SnsWebhookConnectorPropertiesWrapper.class, description = "Receive events from AWS SNS", documentationRef = "https://docs.camunda.io/docs/components/connectors/out-of-the-box-connectors/amazon-sns/?amazonsns=inbound", propertyGroups = {@ElementTemplate.PropertyGroup(id = "subscription", label = "Subscription Configuration")}, elementTypes = {@ElementTemplate.ConnectorElementType(appliesTo = {BpmnType.START_EVENT}, elementType = BpmnType.START_EVENT, templateIdOverride = "io.camunda.connectors.inbound.AWSSNS.StartEvent.v1", templateNameOverride = "SNS HTTPS Start Event Connector"), @ElementTemplate.ConnectorElementType(appliesTo = {BpmnType.START_EVENT}, elementType = BpmnType.MESSAGE_START_EVENT, templateIdOverride = "io.camunda.connectors.inbound.AWSSNS.MessageStartEvent.v1", templateNameOverride = "SNS HTTPS Message Start Event Connector Subscription"), @ElementTemplate.ConnectorElementType(appliesTo = {BpmnType.INTERMEDIATE_THROW_EVENT, BpmnType.INTERMEDIATE_CATCH_EVENT}, elementType = BpmnType.INTERMEDIATE_CATCH_EVENT, templateIdOverride = "io.camunda.connectors.inbound.AWSSNS.IntermediateCatchEvent.v1", templateNameOverride = "SNS HTTPS Intermediate Catch Event Connector"), @ElementTemplate.ConnectorElementType(appliesTo = {BpmnType.BOUNDARY_EVENT}, elementType = BpmnType.BOUNDARY_EVENT, templateIdOverride = "io.camunda.connectors.inbound.AWSSNS.Boundary.v1", templateNameOverride = "SNS HTTPS Boundary Event Connector")})
/* loaded from: input_file:io/camunda/connector/sns/inbound/SnsWebhookExecutable.class */
public class SnsWebhookExecutable implements WebhookConnectorExecutable {
    private static final Logger LOGGER = LoggerFactory.getLogger(SnsWebhookExecutable.class);
    protected static final String TOPIC_ARN_HEADER = "x-amz-sns-topic-arn";
    private final ObjectMapper objectMapper;
    private final SnsClientSupplier snsClientSupplier;
    private InboundConnectorContext context;
    private SnsWebhookConnectorProperties props;

    public SnsWebhookExecutable() {
        this(ObjectMapperSupplier.getMapperInstance(), new SnsClientSupplier());
    }

    public SnsWebhookExecutable(ObjectMapper objectMapper, SnsClientSupplier snsClientSupplier) {
        this.objectMapper = objectMapper;
        this.snsClientSupplier = snsClientSupplier;
    }

    public WebhookResult triggerWebhook(WebhookProcessingPayload webhookProcessingPayload) throws Exception {
        LOGGER.trace("Triggered webhook with context {} and payload {}", this.props.context(), webhookProcessingPayload);
        this.context.log(Activity.level(Severity.INFO).tag(webhookProcessingPayload.method()).message("Url: " + webhookProcessingPayload.requestURL()));
        checkMessageAllowListed(webhookProcessingPayload);
        Map map = (Map) this.objectMapper.readValue(webhookProcessingPayload.rawBody(), Map.class);
        SnsMessage parseMessage = this.snsClientSupplier.messageManager(extractRegionFromTopicArnHeader(webhookProcessingPayload.headers())).parseMessage(new ByteArrayInputStream(webhookProcessingPayload.rawBody()));
        if (parseMessage instanceof SnsSubscriptionConfirmation) {
            return tryConfirmSubscription(webhookProcessingPayload, map, (SnsSubscriptionConfirmation) parseMessage);
        }
        if (parseMessage instanceof SnsNotification) {
            return handleNotification(webhookProcessingPayload, map);
        }
        String str = "Operation not supported: " + parseMessage.getClass().getName();
        LOGGER.warn(str);
        this.context.log(Activity.level(Severity.ERROR).tag(webhookProcessingPayload.method()).message("Url: " + webhookProcessingPayload.requestURL() + ". " + str));
        throw new IOException(str);
    }

    private SnsWebhookProcessingResult tryConfirmSubscription(WebhookProcessingPayload webhookProcessingPayload, Map map, SnsSubscriptionConfirmation snsSubscriptionConfirmation) {
        snsSubscriptionConfirmation.confirmSubscription();
        return new SnsWebhookProcessingResult(new MappedHttpRequest(map, webhookProcessingPayload.headers(), webhookProcessingPayload.params()), Map.of("snsEventType", "Subscription"));
    }

    private SnsWebhookProcessingResult handleNotification(WebhookProcessingPayload webhookProcessingPayload, Map map) {
        return new SnsWebhookProcessingResult(new MappedHttpRequest(map, webhookProcessingPayload.headers(), webhookProcessingPayload.params()), Map.of("snsEventType", "Notification"));
    }

    private void checkMessageAllowListed(WebhookProcessingPayload webhookProcessingPayload) throws Exception {
        if (SubscriptionAllowListFlag.specific.equals(this.props.securitySubscriptionAllowedFor()) && !this.props.topicsAllowListParsed().contains(webhookProcessingPayload.headers().get(TOPIC_ARN_HEADER))) {
            throw new Exception("Request didn't match allow list. Allow list: " + String.valueOf(this.props.topicsAllowListParsed()) + ". Request coming from " + ((String) webhookProcessingPayload.headers().get(TOPIC_ARN_HEADER)));
        }
    }

    public void activate(InboundConnectorContext inboundConnectorContext) throws Exception {
        if (inboundConnectorContext == null) {
            throw new Exception("Inbound connector context cannot be null");
        }
        this.context = inboundConnectorContext;
        this.props = new SnsWebhookConnectorProperties((SnsWebhookConnectorProperties.SnsWebhookConnectorPropertiesWrapper) inboundConnectorContext.bindProperties(SnsWebhookConnectorProperties.SnsWebhookConnectorPropertiesWrapper.class));
        inboundConnectorContext.reportHealth(Health.up());
    }

    private String extractRegionFromTopicArnHeader(Map<String, String> map) throws Exception {
        return ((String) Optional.ofNullable(map.get(TOPIC_ARN_HEADER)).orElseThrow(() -> {
            return new Exception("SNS request did not contain header: x-amz-sns-topic-arn");
        })).split(":")[3];
    }

    public void deactivate() throws Exception {
        this.context.reportHealth(Health.down());
    }
}
