package com.networknt.rpc.router;

import com.fasterxml.jackson.core.type.TypeReference;
import com.networknt.config.Config;
import com.networknt.exception.ExpiredTokenException;
import com.networknt.rpc.Handler;
import com.networknt.security.JwtHelper;
import com.networknt.status.Status;
import io.undertow.io.Receiver;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.HeaderMap;
import io.undertow.util.Headers;
import io.undertow.util.HttpString;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.MalformedClaimException;
import org.jose4j.jwt.consumer.InvalidJwtException;
import org.slf4j.ext.XLogger;
import org.slf4j.ext.XLoggerFactory;

/* loaded from: input_file:com/networknt/rpc/router/JsonHandler.class */
public class JsonHandler extends AbstractRpcHandler {
    static final String SCHEMA = "schema";
    static final String ENABLE_VERIFY_JWT = "enableVerifyJwt";
    static final String ENABLE_VERIFY_SCOPE = "enableVerifyScope";
    static final String STATUS_HANDLER_NOT_FOUND = "ERR11200";
    static final String STATUS_INVALID_AUTH_TOKEN = "ERR10000";
    static final String STATUS_AUTH_TOKEN_EXPIRED = "ERR10001";
    static final String STATUS_MISSING_AUTH_TOKEN = "ERR10002";
    static final String STATUS_INVALID_SCOPE_TOKEN = "ERR10003";
    static final String STATUS_SCOPE_TOKEN_EXPIRED = "ERR10004";
    static final String STATUS_AUTH_TOKEN_SCOPE_MISMATCH = "ERR10005";
    static final String STATUS_SCOPE_TOKEN_SCOPE_MISMATCH = "ERR10006";
    static final String STATUS_INVALID_REQUEST_PATH = "ERR10007";
    static final String STATUS_METHOD_NOT_ALLOWED = "ERR10008";
    static final Map<String, Object> config = Config.getInstance().getJsonMapConfig("security");
    static final Map<String, Object> schema = Config.getInstance().getJsonMapConfig("schema");
    private static final XLogger logger = XLoggerFactory.getXLogger(JsonHandler.class);

    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        System.out.println("JsonHandler is called");
        httpServerExchange.getRequestReceiver().receiveFullString(new Receiver.FullStringCallback() { // from class: com.networknt.rpc.router.JsonHandler.1
            public void handle(HttpServerExchange httpServerExchange2, String str) {
                Status verifyJwt;
                JsonHandler.logger.entry(new Object[]{str});
                httpServerExchange2.getResponseHeaders().add(new HttpString("Content-Type"), "application/json");
                Map<String, Object> map = null;
                try {
                    map = (Map) Config.getInstance().getMapper().readValue(str, new TypeReference<Map<String, Object>>() { // from class: com.networknt.rpc.router.JsonHandler.1.1
                    });
                } catch (Exception e) {
                    e.printStackTrace();
                }
                String serviceId = JsonHandler.this.getServiceId(map);
                System.out.println("serviceId = " + serviceId);
                Handler handler = RpcStartupHookProvider.serviceMap.get(serviceId);
                if (handler == null) {
                    httpServerExchange2.getResponseSender().send(new Status(JsonHandler.STATUS_HANDLER_NOT_FOUND, new Object[]{serviceId}).toString());
                    return;
                }
                if (JsonHandler.config != null && ((Boolean) JsonHandler.config.get(JsonHandler.ENABLE_VERIFY_JWT)).booleanValue() && (verifyJwt = JsonHandler.this.verifyJwt(httpServerExchange2, (String) ((Map) JsonHandler.schema.get(serviceId)).get("scope"))) != null) {
                    httpServerExchange2.getResponseSender().send(verifyJwt.toString());
                    return;
                }
                ByteBuffer validate = handler.validate(serviceId, map);
                if (validate != null) {
                    httpServerExchange2.getResponseSender().send(validate);
                    return;
                }
                ByteBuffer handle = handler.handle(map);
                JsonHandler.logger.exit(handle);
                if (handle == null) {
                    httpServerExchange2.endExchange();
                } else {
                    httpServerExchange2.getResponseSender().send(handle);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Status verifyJwt(HttpServerExchange httpServerExchange, String str) {
        HeaderMap requestHeaders = httpServerExchange.getRequestHeaders();
        String jwtFromAuthorization = JwtHelper.getJwtFromAuthorization(requestHeaders.getFirst(Headers.AUTHORIZATION));
        if (jwtFromAuthorization == null) {
            return new Status(STATUS_MISSING_AUTH_TOKEN, new Object[0]);
        }
        try {
            try {
                JwtClaims verifyJwt = JwtHelper.verifyJwt(jwtFromAuthorization);
                requestHeaders.add(new HttpString("client_id"), verifyJwt.getStringClaimValue("client_id"));
                requestHeaders.add(new HttpString("user_id"), verifyJwt.getStringClaimValue("user_id"));
                requestHeaders.add(new HttpString("scope"), verifyJwt.getStringListClaimValue("scope").toString());
                if (config == null || !((Boolean) config.get(ENABLE_VERIFY_SCOPE)).booleanValue()) {
                    return null;
                }
                String first = requestHeaders.getFirst("X-Scope-Token");
                String jwtFromAuthorization2 = JwtHelper.getJwtFromAuthorization(first);
                List<String> list = null;
                if (jwtFromAuthorization2 != null) {
                    try {
                        JwtClaims verifyJwt2 = JwtHelper.verifyJwt(jwtFromAuthorization2);
                        list = verifyJwt2.getStringListClaimValue("scope");
                        requestHeaders.add(new HttpString("scope_client_id"), verifyJwt2.getStringClaimValue("client_id"));
                    } catch (ExpiredTokenException e) {
                        return new Status(STATUS_SCOPE_TOKEN_EXPIRED, new Object[0]);
                    } catch (InvalidJwtException | MalformedClaimException e2) {
                        logger.error("InvalidJwtException", e2);
                        return new Status(STATUS_INVALID_SCOPE_TOKEN, new Object[0]);
                    }
                }
                List<String> asList = str == null ? null : Arrays.asList(str.split("\\s+"));
                if (first != null) {
                    if (list != null && matchedScopes(list, asList)) {
                        return null;
                    }
                    if (logger.isDebugEnabled()) {
                        logger.debug("Scopes " + list + " and specificatio token " + asList + " are not matched in scope token");
                    }
                    return new Status(STATUS_SCOPE_TOKEN_SCOPE_MISMATCH, new Object[]{list, asList});
                }
                try {
                    List<String> stringListClaimValue = verifyJwt.getStringListClaimValue("scope");
                    if (matchedScopes(stringListClaimValue, asList)) {
                        return null;
                    }
                    if (logger.isDebugEnabled()) {
                        logger.debug("Authorization jwt token scope " + stringListClaimValue + " is not matched with " + asList);
                    }
                    return new Status(STATUS_AUTH_TOKEN_SCOPE_MISMATCH, new Object[]{stringListClaimValue, asList});
                } catch (MalformedClaimException e3) {
                    logger.error("MalformedClaimException", e3);
                    return new Status(STATUS_INVALID_AUTH_TOKEN, new Object[0]);
                }
            } catch (ExpiredTokenException e4) {
                return new Status(STATUS_AUTH_TOKEN_EXPIRED, new Object[0]);
            }
        } catch (MalformedClaimException | InvalidJwtException e5) {
            logger.error("Exception: ", e5);
            return new Status(STATUS_INVALID_AUTH_TOKEN, new Object[0]);
        }
    }

    protected boolean matchedScopes(List<String> list, List<String> list2) {
        boolean z = false;
        if (list2 == null || list2.size() <= 0) {
            z = true;
        } else if (list != null && list.size() > 0) {
            Iterator<String> it = list2.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (list.contains(it.next())) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }
}
