package org.eclipse.hono.service;

import io.opentracing.SpanContext;
import io.vertx.core.Future;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Objects;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.security.auth.x500.X500Principal;
import org.eclipse.hono.client.TenantClientFactory;
import org.eclipse.hono.config.ProtocolAdapterProperties;
import org.eclipse.hono.util.ExecutionContext;
import org.eclipse.hono.util.ExecutionContextTenantAndAuthIdProvider;
import org.eclipse.hono.util.TenantObjectWithAuthId;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/hono/service/BaseExecutionContextTenantAndAuthIdProvider.class */
public abstract class BaseExecutionContextTenantAndAuthIdProvider<T extends ExecutionContext> implements ExecutionContextTenantAndAuthIdProvider<T> {
    private static final Logger LOG = LoggerFactory.getLogger(BaseExecutionContextTenantAndAuthIdProvider.class);
    protected final ProtocolAdapterProperties config;
    protected final TenantClientFactory tenantClientFactory;

    public BaseExecutionContextTenantAndAuthIdProvider(ProtocolAdapterProperties protocolAdapterProperties, TenantClientFactory tenantClientFactory) {
        this.config = (ProtocolAdapterProperties) Objects.requireNonNull(protocolAdapterProperties);
        this.tenantClientFactory = (TenantClientFactory) Objects.requireNonNull(tenantClientFactory);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final Future<TenantObjectWithAuthId> getFromClientCertificate(SSLSession sSLSession, SpanContext spanContext) {
        Objects.requireNonNull(sSLSession);
        X509Certificate x509Cert = getX509Cert(sSLSession);
        return x509Cert == null ? Future.failedFuture("no cert found") : getFromClientCertificate(x509Cert, spanContext);
    }

    protected final Future<TenantObjectWithAuthId> getFromClientCertificate(X509Certificate x509Certificate, SpanContext spanContext) {
        Objects.requireNonNull(x509Certificate);
        return get(x509Certificate.getIssuerX500Principal(), x509Certificate.getSubjectX500Principal().getName(), spanContext);
    }

    private X509Certificate getX509Cert(SSLSession sSLSession) {
        try {
            Certificate[] peerCertificates = sSLSession.getPeerCertificates();
            if (peerCertificates.length <= 0 || !(peerCertificates[0] instanceof X509Certificate)) {
                return null;
            }
            return (X509Certificate) peerCertificates[0];
        } catch (SSLPeerUnverifiedException e) {
            LOG.debug("certificate chain cannot be read: {}", e.getMessage());
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final Future<TenantObjectWithAuthId> getFromUserName(String str, SpanContext spanContext) {
        String str2;
        String str3;
        if (str == null) {
            return Future.failedFuture("user name not set");
        }
        if (this.config.isSingleTenant()) {
            str2 = "DEFAULT_TENANT";
            str3 = str;
        } else {
            String[] split = str.split("@", 2);
            if (split.length == 2) {
                str2 = split[1];
                str3 = split[0];
            } else {
                str2 = null;
                str3 = null;
            }
        }
        return str2 == null ? Future.failedFuture("unsupported user name format") : get(str2, str3, spanContext);
    }

    private Future<TenantObjectWithAuthId> get(X500Principal x500Principal, String str, SpanContext spanContext) {
        return this.tenantClientFactory.getOrCreateTenantClient().compose(tenantClient -> {
            return tenantClient.get(x500Principal, spanContext);
        }).map(tenantObject -> {
            return new TenantObjectWithAuthId(tenantObject, str);
        });
    }

    protected final Future<TenantObjectWithAuthId> get(String str, String str2, SpanContext spanContext) {
        return str == null ? Future.failedFuture("tenant id not set") : str2 == null ? Future.failedFuture("auth id not set") : this.tenantClientFactory.getOrCreateTenantClient().compose(tenantClient -> {
            return tenantClient.get(str, spanContext);
        }).map(tenantObject -> {
            return new TenantObjectWithAuthId(tenantObject, str2);
        });
    }

    public abstract Future<TenantObjectWithAuthId> get(T t, SpanContext spanContext);
}
