package org.eclipse.hono.adapter.lora;

import io.micrometer.core.instrument.Timer;
import io.opentracing.Span;
import io.opentracing.SpanContext;
import io.opentracing.tag.StringTag;
import io.opentracing.tag.Tag;
import io.opentracing.tag.Tags;
import io.vertx.core.CompositeFuture;
import io.vertx.core.Future;
import io.vertx.core.Promise;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.eventbus.Message;
import io.vertx.core.http.HttpClient;
import io.vertx.core.http.HttpClientRequest;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.json.Json;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.Router;
import io.vertx.ext.web.RoutingContext;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import org.eclipse.hono.adapter.auth.device.DeviceCredentialsAuthProvider;
import org.eclipse.hono.adapter.auth.device.SubjectDnCredentials;
import org.eclipse.hono.adapter.auth.device.TenantServiceBasedX509Authentication;
import org.eclipse.hono.adapter.auth.device.UsernamePasswordAuthProvider;
import org.eclipse.hono.adapter.auth.device.UsernamePasswordCredentials;
import org.eclipse.hono.adapter.auth.device.X509AuthProvider;
import org.eclipse.hono.adapter.http.AbstractVertxBasedHttpProtocolAdapter;
import org.eclipse.hono.adapter.http.HonoBasicAuthHandler;
import org.eclipse.hono.adapter.http.HonoChainAuthHandler;
import org.eclipse.hono.adapter.http.X509AuthHandler;
import org.eclipse.hono.adapter.lora.providers.LoraProvider;
import org.eclipse.hono.adapter.lora.providers.LoraProviderMalformedPayloadException;
import org.eclipse.hono.auth.Device;
import org.eclipse.hono.client.ClientErrorException;
import org.eclipse.hono.client.ServerErrorException;
import org.eclipse.hono.client.StatusCodeMapper;
import org.eclipse.hono.client.command.Command;
import org.eclipse.hono.client.command.CommandConsumer;
import org.eclipse.hono.client.command.CommandContext;
import org.eclipse.hono.client.registry.TenantDisabledOrNotRegisteredException;
import org.eclipse.hono.service.http.HttpContext;
import org.eclipse.hono.service.http.HttpUtils;
import org.eclipse.hono.service.http.TracingHandler;
import org.eclipse.hono.service.metric.MetricsTags;
import org.eclipse.hono.tracing.TracingHelper;
import org.eclipse.hono.util.CommandEndpoint;
import org.eclipse.hono.util.Pair;
import org.eclipse.hono.util.TenantObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/hono/adapter/lora/LoraProtocolAdapter.class */
public final class LoraProtocolAdapter extends AbstractVertxBasedHttpProtocolAdapter<LoraProtocolAdapterProperties> {
    static final String SPAN_NAME_PROCESS_MESSAGE = "process message";
    private static final String ERROR_MSG_MISSING_OR_UNSUPPORTED_CONTENT_TYPE = "missing or unsupported content-type";
    private static final String ERROR_MSG_INVALID_PAYLOAD = "invalid payload";
    private DeviceCredentialsAuthProvider<UsernamePasswordCredentials> usernamePasswordAuthProvider;
    private DeviceCredentialsAuthProvider<SubjectDnCredentials> clientCertAuthProvider;
    private static final Logger LOG = LoggerFactory.getLogger(LoraProtocolAdapter.class);
    private static final Tag<String> TAG_LORA_DEVICE_ID = new StringTag("lora_device_id");
    private static final Tag<String> TAG_LORA_PROVIDER = new StringTag("lora_provider");
    private final List<LoraProvider> loraProviders = new ArrayList();
    private final Map<SubscriptionKey, Pair<CommandConsumer, LoraProvider>> commandSubscriptions = new ConcurrentHashMap();
    private HttpClient httpClient = null;

    public void setLoraProviders(List<LoraProvider> list) {
        Objects.requireNonNull(list);
        this.loraProviders.clear();
        this.loraProviders.addAll(list);
    }

    public void setUsernamePasswordAuthProvider(DeviceCredentialsAuthProvider<UsernamePasswordCredentials> deviceCredentialsAuthProvider) {
        this.usernamePasswordAuthProvider = (DeviceCredentialsAuthProvider) Objects.requireNonNull(deviceCredentialsAuthProvider);
    }

    public void setClientCertAuthProvider(DeviceCredentialsAuthProvider<SubjectDnCredentials> deviceCredentialsAuthProvider) {
        this.clientCertAuthProvider = (DeviceCredentialsAuthProvider) Objects.requireNonNull(deviceCredentialsAuthProvider);
    }

    protected void onStartupSuccess() {
        this.vertx.eventBus().consumer("tenant.timeout", this::handleTenantTimeout);
    }

    private void handleTenantTimeout(Message<String> message) {
        String str = (String) message.body();
        this.log.debug("check command subscriptions on timeout of tenant [{}]", str);
        Span start = TracingHelper.buildSpan(this.tracer, (SpanContext) null, "check command subscriptions on tenant timeout", getClass().getSimpleName()).withTag(Tags.SPAN_KIND.getKey(), "client").start();
        TracingHelper.setDeviceTags(start, str, (String) null);
        getTenantConfiguration(str, start.context()).recover(th -> {
            if (!(th instanceof TenantDisabledOrNotRegisteredException)) {
                return Future.failedFuture(th);
            }
            this.log.debug("tenant [{}] disabled or removed, removing corresponding command consumers", str);
            start.log("tenant disabled or removed, corresponding command consumers will be closed");
            LinkedList linkedList = new LinkedList();
            Iterator<Map.Entry<SubscriptionKey, Pair<CommandConsumer, LoraProvider>>> it = this.commandSubscriptions.entrySet().iterator();
            while (it.hasNext()) {
                Map.Entry<SubscriptionKey, Pair<CommandConsumer, LoraProvider>> next = it.next();
                if (next.getKey().getTenant().equals(str)) {
                    linkedList.add(((CommandConsumer) next.getValue().one()).close(start.context()));
                    it.remove();
                }
            }
            return CompositeFuture.join(linkedList).mapEmpty();
        }).onFailure(th2 -> {
            TracingHelper.logError(start, th2);
        }).onComplete(asyncResult -> {
            start.finish();
        });
    }

    public String getTypeName() {
        return "hono-lora";
    }

    protected void addRoutes(Router router) {
        setupAuthorization(router);
        for (LoraProvider loraProvider : this.loraProviders) {
            for (String str : loraProvider.pathPrefixes()) {
                router.route(HttpMethod.OPTIONS, str).handler(this::handleOptionsRoute);
                router.route(loraProvider.acceptedHttpMethod(), str).consumes(loraProvider.acceptedContentType()).handler(routingContext -> {
                    handleProviderRoute(HttpContext.from(routingContext), loraProvider);
                });
                router.route(loraProvider.acceptedHttpMethod(), str).handler(routingContext2 -> {
                    LOG.debug("request does not contain content-type header, will return 400 ...");
                    handle400(routingContext2, ERROR_MSG_MISSING_OR_UNSUPPORTED_CONTENT_TYPE);
                });
            }
        }
    }

    private void setupAuthorization(Router router) {
        HonoChainAuthHandler honoChainAuthHandler = new HonoChainAuthHandler(this::handleBeforeCredentialsValidation);
        honoChainAuthHandler.append(new X509AuthHandler(new TenantServiceBasedX509Authentication(getTenantClient(), this.tracer), (DeviceCredentialsAuthProvider) Optional.ofNullable(this.clientCertAuthProvider).orElseGet(() -> {
            return new X509AuthProvider(getCredentialsClient(), this.tracer);
        })));
        honoChainAuthHandler.append(new HonoBasicAuthHandler((DeviceCredentialsAuthProvider) Optional.ofNullable(this.usernamePasswordAuthProvider).orElseGet(() -> {
            return new UsernamePasswordAuthProvider(getCredentialsClient(), this.tracer);
        }), ((LoraProtocolAdapterProperties) getConfig()).getRealm()));
        router.route().handler(honoChainAuthHandler);
    }

    protected void customizeDownstreamMessageProperties(Map<String, Object> map, HttpContext httpContext) {
        map.put(LoraConstants.APP_PROPERTY_ORIG_LORA_PROVIDER, httpContext.get(LoraConstants.APP_PROPERTY_ORIG_LORA_PROVIDER));
        Optional ofNullable = Optional.ofNullable(httpContext.get(LoraConstants.APP_PROPERTY_META_DATA));
        Class<LoraMetaData> cls = LoraMetaData.class;
        Objects.requireNonNull(LoraMetaData.class);
        ofNullable.map(cls::cast).ifPresent(loraMetaData -> {
            Optional.ofNullable(loraMetaData.getFunctionPort()).ifPresent(num -> {
                map.put(LoraConstants.APP_PROPERTY_FUNCTION_PORT, num);
            });
            map.put(LoraConstants.APP_PROPERTY_META_DATA, Json.encode(loraMetaData));
        });
        Optional ofNullable2 = Optional.ofNullable(httpContext.get(LoraConstants.APP_PROPERTY_ADDITIONAL_DATA));
        Class<JsonObject> cls2 = JsonObject.class;
        Objects.requireNonNull(JsonObject.class);
        ofNullable2.map(cls2::cast).ifPresent(jsonObject -> {
            map.put(LoraConstants.APP_PROPERTY_ADDITIONAL_DATA, jsonObject.encode());
        });
    }

    void handleProviderRoute(HttpContext httpContext, LoraProvider loraProvider) {
        LOG.debug("processing request from provider [name: {}, URI: {}]", loraProvider.getProviderName(), httpContext.getRoutingContext().normalisedPath());
        Span start = TracingHelper.buildServerChildSpan(this.tracer, TracingHandler.serverSpanContext(httpContext.getRoutingContext()), SPAN_NAME_PROCESS_MESSAGE, getClass().getSimpleName()).start();
        TAG_LORA_PROVIDER.set(start, loraProvider.getProviderName());
        httpContext.put(LoraConstants.APP_PROPERTY_ORIG_LORA_PROVIDER, loraProvider.getProviderName());
        if (!httpContext.isDeviceAuthenticated()) {
            logUnsupportedUserType(httpContext.getRoutingContext(), start);
            start.finish();
            handle401(httpContext.getRoutingContext());
            return;
        }
        Device authenticatedDevice = httpContext.getAuthenticatedDevice();
        TracingHelper.setDeviceTags(start, authenticatedDevice.getTenantId(), authenticatedDevice.getDeviceId());
        try {
            LoraMessage message = loraProvider.getMessage(httpContext.getRoutingContext());
            LoraMessageType type = message.getType();
            start.log(Map.of("message type", type));
            String devEUIAsString = message.getDevEUIAsString();
            start.setTag(TAG_LORA_DEVICE_ID, devEUIAsString);
            switch (type) {
                case UPLINK:
                    UplinkLoraMessage uplinkLoraMessage = (UplinkLoraMessage) message;
                    Buffer payload = uplinkLoraMessage.getPayload();
                    Optional.ofNullable(uplinkLoraMessage.getMetaData()).ifPresent(loraMetaData -> {
                        httpContext.put(LoraConstants.APP_PROPERTY_META_DATA, loraMetaData);
                    });
                    Optional.ofNullable(uplinkLoraMessage.getAdditionalData()).ifPresent(jsonObject -> {
                        httpContext.put(LoraConstants.APP_PROPERTY_ADDITIONAL_DATA, jsonObject);
                    });
                    String str = payload.length() > 0 ? "application/vnd.eclipse-hono.lora." + loraProvider.getProviderName() : "application/vnd.eclipse-hono-empty-notification";
                    start.finish();
                    uploadTelemetryMessage(httpContext, authenticatedDevice.getTenantId(), devEUIAsString, payload, str);
                    registerCommandConsumerIfNeeded(loraProvider, authenticatedDevice, start.context());
                    break;
                default:
                    LOG.debug("discarding message of unsupported type [tenant: {}, device-id: {}, type: {}]", new Object[]{authenticatedDevice.getTenantId(), devEUIAsString, type});
                    start.log("discarding message of unsupported type");
                    start.finish();
                    handle202(httpContext.getRoutingContext());
                    break;
            }
        } catch (LoraProviderMalformedPayloadException e) {
            LOG.debug("error processing request from provider [name: {}]", loraProvider.getProviderName(), e);
            TracingHelper.logError(start, "error processing request", e);
            start.finish();
            handle400(httpContext.getRoutingContext(), ERROR_MSG_INVALID_PAYLOAD);
        }
    }

    private void registerCommandConsumerIfNeeded(LoraProvider loraProvider, Device device, SpanContext spanContext) {
        String tenantId = device.getTenantId();
        String deviceId = device.getDeviceId();
        SubscriptionKey subscriptionKey = new SubscriptionKey(tenantId, deviceId);
        if (this.commandSubscriptions.containsKey(subscriptionKey)) {
            return;
        }
        Span start = TracingHelper.buildFollowsFromSpan(this.tracer, spanContext, "create command consumer").withTag(Tags.SPAN_KIND.getKey(), "client").start();
        TracingHelper.setDeviceTags(start, tenantId, deviceId);
        TAG_LORA_PROVIDER.set(start, loraProvider.getProviderName());
        getRegistrationClient().assertRegistration(tenantId, deviceId, (String) null, start.context()).onFailure(th -> {
            LOG.debug("error asserting gateway registration, no command consumer will be created [tenant: {}, gateway-id: {}]", tenantId, deviceId);
            TracingHelper.logError(start, "error asserting gateway registration, no command consumer will be created", th);
        }).compose(registrationAssertion -> {
            if (registrationAssertion.getCommandEndpoint() != null) {
                return createCommandConsumer(tenantId, deviceId, this::handleCommand, start.context()).onFailure(th2 -> {
                    TracingHelper.logError(start, th2);
                }).map(commandConsumer -> {
                    return this.commandSubscriptions.put(subscriptionKey, Pair.of(commandConsumer, loraProvider));
                }).mapEmpty();
            }
            LOG.debug("gateway has no command endpoint defined, skipping command consumer creation [tenant: {}, gateway-id: {}]", tenantId, deviceId);
            start.log("gateway has no command endpoint defined, skipping command consumer creation");
            return Future.succeededFuture((Void) null);
        }).onComplete(asyncResult -> {
            start.finish();
        });
    }

    private void handleCommand(CommandContext commandContext) {
        Tags.COMPONENT.set(commandContext.getTracingSpan(), getTypeName());
        Timer.Sample startTimer = this.metrics.startTimer();
        Command command = commandContext.getCommand();
        if (command.getGatewayId() == null) {
            LOG.debug("{} [{}]", "no gateway defined for command", command);
            commandContext.release(new ServerErrorException(503, "no gateway defined for command"));
            return;
        }
        String tenant = command.getTenant();
        String gatewayId = command.getGatewayId();
        LoraProvider loraProvider = (LoraProvider) Optional.ofNullable(this.commandSubscriptions.get(new SubscriptionKey(tenant, gatewayId))).map((v0) -> {
            return v0.two();
        }).orElse(null);
        if (loraProvider != null) {
            Future tenantConfiguration = getTenantConfiguration(tenant, commandContext.getTracingContext());
            tenantConfiguration.compose(tenantObject -> {
                return command.isValid() ? checkMessageLimit(tenantObject, command.getPayloadSize(), commandContext.getTracingContext()) : Future.failedFuture(new ClientErrorException(400, "malformed command message"));
            }).compose(r10 -> {
                return getRegistrationClient().assertRegistration(tenant, gatewayId, (String) null, commandContext.getTracingContext());
            }).compose(registrationAssertion -> {
                return sendCommandToGateway(commandContext, loraProvider, registrationAssertion.getCommandEndpoint());
            }).onSuccess(r14 -> {
                addMicrometerSample(commandContext, startTimer);
                commandContext.accept();
                this.metrics.reportCommand(command.isOneWay() ? MetricsTags.Direction.ONE_WAY : MetricsTags.Direction.REQUEST, tenant, (TenantObject) tenantConfiguration.result(), MetricsTags.ProcessingOutcome.FORWARDED, command.getPayloadSize(), startTimer);
            }).onFailure(th -> {
                LOG.debug("error sending command", th);
                commandContext.release(th);
                this.metrics.reportCommand(command.isOneWay() ? MetricsTags.Direction.ONE_WAY : MetricsTags.Direction.REQUEST, tenant, (TenantObject) tenantConfiguration.result(), MetricsTags.ProcessingOutcome.from(th), command.getPayloadSize(), startTimer);
            });
        } else {
            LOG.debug("received command for unknown gateway [{}] for tenant [{}]", gatewayId, tenant);
            TracingHelper.logError(commandContext.getTracingSpan(), String.format("received command for unknown gateway [%s]", gatewayId));
            commandContext.release(new ServerErrorException(503, "received command for unknown gateway"));
        }
    }

    private Future<Void> sendCommandToGateway(CommandContext commandContext, LoraProvider loraProvider, CommandEndpoint commandEndpoint) {
        if (commandEndpoint == null) {
            return Future.failedFuture("gateway has no command endpoint defined");
        }
        if (!commandEndpoint.isUriValid()) {
            return Future.failedFuture(String.format("gateway has command endpoint with invalid uri [%s]", commandEndpoint.getUri()));
        }
        Command command = commandContext.getCommand();
        Promise promise = Promise.promise();
        LoraCommand command2 = loraProvider.getCommand(commandEndpoint, command.getDeviceId(), (Buffer) Optional.ofNullable(command.getPayload()).orElseGet(Buffer::buffer));
        commandContext.getTracingSpan().log(String.format("sending loraCommand to LNS [%s]", command2.getUri()));
        LOG.debug("sending loraCommand to LNS [{}]", command2.getUri());
        LOG.trace("command payload: {}", command2.getPayload());
        HttpClientRequest handler = getHttpClient().postAbs(command2.getUri()).handler(httpClientResponse -> {
            Tags.HTTP_STATUS.set(commandContext.getTracingSpan(), Integer.valueOf(httpClientResponse.statusCode()));
            if (StatusCodeMapper.isSuccessful(Integer.valueOf(httpClientResponse.statusCode()))) {
                promise.tryComplete();
            } else {
                promise.tryFail(httpClientResponse.statusMessage());
            }
        });
        Objects.requireNonNull(promise);
        HttpClientRequest exceptionHandler = handler.exceptionHandler(promise::tryFail);
        Map headers = commandEndpoint.getHeaders();
        Objects.requireNonNull(exceptionHandler);
        headers.forEach(exceptionHandler::putHeader);
        Map<String, String> defaultHeaders = loraProvider.getDefaultHeaders();
        Objects.requireNonNull(exceptionHandler);
        defaultHeaders.forEach(exceptionHandler::putHeader);
        exceptionHandler.end(command2.getPayload().encode(), asyncResult -> {
            if (asyncResult.failed()) {
                promise.tryFail(asyncResult.cause());
            }
        });
        return promise.future();
    }

    private HttpClient getHttpClient() {
        if (this.httpClient != null) {
            return this.httpClient;
        }
        this.httpClient = this.vertx.createHttpClient();
        return this.httpClient;
    }

    void handleOptionsRoute(RoutingContext routingContext) {
        Span start = TracingHelper.buildServerChildSpan(this.tracer, TracingHandler.serverSpanContext(routingContext), "process OPTIONS request", getClass().getSimpleName()).start();
        if (routingContext.user() instanceof Device) {
            start.finish();
            handle200(routingContext);
        } else {
            logUnsupportedUserType(routingContext, start);
            start.finish();
            handle401(routingContext);
        }
    }

    private void logUnsupportedUserType(RoutingContext routingContext, Span span) {
        String str = (String) Optional.ofNullable(routingContext.user()).map(user -> {
            return user.getClass().getName();
        }).orElse("null");
        TracingHelper.logError(span, Map.of("message", "request contains unsupported type of user credentials", "type", str));
        LOG.debug("request contains unsupported type of credentials [{}], returning 401", str);
    }

    private void handle200(RoutingContext routingContext) {
        routingContext.response().setStatusCode(200);
        routingContext.response().end();
    }

    private void handle202(RoutingContext routingContext) {
        routingContext.response().setStatusCode(202);
        routingContext.response().end();
    }

    private void handle401(RoutingContext routingContext) {
        HttpUtils.unauthorized(routingContext, "Basic realm=\"" + ((LoraProtocolAdapterProperties) getConfig()).getRealm() + "\"");
    }

    private void handle400(RoutingContext routingContext, String str) {
        HttpUtils.badRequest(routingContext, str);
    }
}
