package org.apache.kerby.has.server.web.rest;

import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.kerby.has.common.HasConfig;
import org.apache.kerby.has.common.HasException;
import org.apache.kerby.has.common.util.HasUtil;
import org.apache.kerby.has.server.HasServer;
import org.apache.kerby.has.server.web.WebServer;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.identity.backend.BackendConfig;
import org.apache.kerby.kerberos.kerb.server.KdcUtil;

@Path("/conf")
/* loaded from: input_file:org/apache/kerby/has/server/web/rest/ConfigApi.class */
public class ConfigApi {

    @Context
    private ServletContext context;

    @Context
    private HttpServletRequest httpRequest;

    @Path("/setplugin")
    @Consumes({"application/json"})
    @Produces({"text/plain"})
    @PUT
    public Response setPlugin(@QueryParam("plugin") String str) {
        if (!this.httpRequest.isSecure()) {
            return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
        }
        HasServer hasServerFromContext = WebServer.getHasServerFromContext(this.context);
        WebServer.LOG.info("Set HAS plugin...");
        try {
            HashMap hashMap = new HashMap();
            HasConfig hasConfig = HasUtil.getHasConfig(new File(hasServerFromContext.getConfDir(), "has-server.conf"));
            if (hasConfig == null) {
                WebServer.LOG.error("has-server.conf not found.");
                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("has-server.conf not found.").build();
            }
            hashMap.put(hasConfig.getPluginName(), str);
            hasServerFromContext.updateConfFile("has-server.conf", hashMap);
            WebServer.LOG.info("HAS plugin set successfully.");
            return Response.ok("HAS plugin set successfully.").build();
        } catch (IOException | HasException e) {
            String str2 = "Failed to set HAS plugin, because: " + e.getMessage();
            WebServer.LOG.error(str2);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(str2).build();
        }
    }

    @Path("/configbackend")
    @Consumes({"application/json"})
    @Produces({"text/plain"})
    @PUT
    public Response configBackend(@QueryParam("backendType") String str, @QueryParam("dir") @DefaultValue("/tmp/has/jsonbackend") String str2, @QueryParam("driver") @DefaultValue("org.drizzle.jdbc.DrizzleDriver") String str3, @QueryParam("url") @DefaultValue("jdbc:mysql:thin://127.0.0.1:3306/mysqlbackend") String str4, @QueryParam("user") @DefaultValue("root") String str5, @QueryParam("password") @DefaultValue("passwd") String str6) {
        if (!this.httpRequest.isSecure()) {
            return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
        }
        HasServer hasServerFromContext = WebServer.getHasServerFromContext(this.context);
        if ("json".equals(str)) {
            WebServer.LOG.info("Set Json backend...");
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("_JAR_", "org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend");
                hashMap.put("#_JSON_DIR_", "backend.json.dir = " + str2);
                hashMap.put("#_MYSQL_\n", "");
                hasServerFromContext.updateConfFile("backend.conf", hashMap);
                WebServer.LOG.info("Json backend set successfully.");
                return Response.ok("Json backend set successfully.").build();
            } catch (IOException | HasException e) {
                String str7 = "Failed to set Json backend, because: " + e.getMessage();
                WebServer.LOG.error(str7);
                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(str7).build();
            }
        }
        if (!"mysql".equals(str)) {
            String str8 = str + " is not supported.";
            WebServer.LOG.info(str8);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(str8).build();
        }
        WebServer.LOG.info("Set MySQL backend...");
        try {
            String str9 = "mysql_driver = " + str3 + "\nmysql_url = " + str4.replace("jdbc:mysql:", "jdbc:mysql:thin:") + "\nmysql_user = " + str5 + "\nmysql_password = " + str6;
            HashMap hashMap2 = new HashMap();
            hashMap2.put("_JAR_", "org.apache.kerby.kerberos.kdc.identitybackend.MySQLIdentityBackend");
            hashMap2.put("#_JSON_DIR_\n", "");
            hashMap2.put("#_MYSQL_", str9);
            hasServerFromContext.updateConfFile("backend.conf", hashMap2);
            WebServer.LOG.info("MySQL backend set successfully.");
            return Response.ok("MySQL backend set successfully.").build();
        } catch (IOException | HasException e2) {
            String str10 = "Failed to set MySQL backend, because: " + e2.getMessage();
            WebServer.LOG.error(str10);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(str10).build();
        }
    }

    @Path("/configkdc")
    @Consumes({"application/json"})
    @Produces({"text/plain"})
    @PUT
    public Response configKdc(@QueryParam("port") int i, @QueryParam("realm") String str, @QueryParam("host") String str2) {
        if (!this.httpRequest.isSecure()) {
            return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
        }
        HasServer hasServerFromContext = WebServer.getHasServerFromContext(this.context);
        WebServer.LOG.info("Config HAS server KDC...");
        try {
            BackendConfig backendConfig = KdcUtil.getBackendConfig(hasServerFromContext.getConfDir());
            if (backendConfig.getString("kdc_identity_backend").equals("org.apache.kerby.kerberos.kdc.identitybackend.MySQLIdentityBackend")) {
                hasServerFromContext.configMySQLKdc(backendConfig, str, i, str2, hasServerFromContext);
            } else {
                HashMap hashMap = new HashMap();
                hashMap.put("_HOST_", str2);
                hashMap.put("_PORT_", String.valueOf(i));
                hashMap.put("_REALM_", str);
                hasServerFromContext.updateConfFile("kdc.conf", hashMap);
                hashMap.put("_KDCS_", "\t\tkdc = " + str2 + ":" + i);
                hashMap.put("_UDP_LIMIT_", "4096");
                hasServerFromContext.updateConfFile("krb5.conf", hashMap);
            }
            WebServer.LOG.info("HAS server KDC set successfully.");
            return Response.ok("HAS server KDC set successfully.").build();
        } catch (IOException | HasException | KrbException e) {
            String str3 = "Failed to config HAS KDC, because: " + e.getMessage();
            WebServer.LOG.error(str3);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(str3).build();
        }
    }

    @GET
    @Produces({"text/plain"})
    @Path("/getkrb5conf")
    public Response getKrb5Conf() {
        if (!this.httpRequest.isSecure()) {
            return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
        }
        HasServer hasServerFromContext = WebServer.getHasServerFromContext(this.context);
        try {
            return Response.ok(KdcUtil.getBackendConfig(hasServerFromContext.getConfDir()).getString("kdc_identity_backend").equals("org.apache.kerby.kerberos.kdc.identitybackend.MySQLIdentityBackend") ? hasServerFromContext.generateKrb5Conf() : new File(hasServerFromContext.getConfDir(), "krb5.conf")).header("Content-Disposition", "attachment; filename=krb5.conf").build();
        } catch (KrbException | HasException e) {
            String str = "Failed to get Krb5.conf, because: " + e.getMessage();
            WebServer.LOG.error(str);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(str).build();
        }
    }

    @GET
    @Produces({"text/plain"})
    @Path("/gethasclientconf")
    public Response getHasConf() {
        if (!this.httpRequest.isSecure()) {
            return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
        }
        HasServer hasServerFromContext = WebServer.getHasServerFromContext(this.context);
        try {
            return Response.ok(KdcUtil.getBackendConfig(hasServerFromContext.getConfDir()).getString("kdc_identity_backend").equals("org.apache.kerby.kerberos.kdc.identitybackend.MySQLIdentityBackend") ? hasServerFromContext.generateHasConf() : new File(hasServerFromContext.getConfDir(), "has-server.conf")).header("Content-Disposition", "attachment; filename=has-client.conf").build();
        } catch (IOException | KrbException | HasException e) {
            String str = "Failed to get has-client.conf, because: " + e.getMessage();
            WebServer.LOG.error(str);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(str).build();
        }
    }

    @GET
    @Produces({"text/plain"})
    @Path("/getcert")
    public Response getCert() {
        String str = null;
        File file = null;
        try {
            HasConfig hasConfig = HasUtil.getHasConfig(new File(WebServer.getHasServerFromContext(this.context).getConfDir(), "has-server.conf"));
            if (hasConfig != null) {
                file = new File(hasConfig.getSslClientCert());
                if (!file.exists()) {
                    str = "Cert file not found in HAS server.";
                    WebServer.LOG.error("Cert file not found in HAS server.");
                }
            } else {
                str = "has-server.conf not found.";
                WebServer.LOG.error("has-server.conf not found.");
            }
        } catch (HasException e) {
            str = "Failed to get cert file" + e.getMessage();
            WebServer.LOG.error("Failed to get cert file" + e.getMessage());
        }
        return str == null ? Response.ok(file).header("Content-Disposition", "attachment;filename=" + file.getName()).build() : Response.status(Response.Status.NOT_FOUND).entity(str).build();
    }
}
