package org.eclipse.hono.service.tenant;

import io.opentracing.Span;
import io.opentracing.SpanContext;
import io.vertx.core.Future;
import io.vertx.core.Vertx;
import io.vertx.core.json.DecodeException;
import io.vertx.core.json.JsonObject;
import java.util.Objects;
import javax.security.auth.x500.X500Principal;
import org.apache.qpid.proton.message.Message;
import org.eclipse.hono.auth.HonoUser;
import org.eclipse.hono.client.ClientErrorException;
import org.eclipse.hono.config.ServiceConfigProperties;
import org.eclipse.hono.service.amqp.AbstractDelegatingRequestResponseEndpoint;
import org.eclipse.hono.service.tenant.TenantService;
import org.eclipse.hono.tracing.TracingHelper;
import org.eclipse.hono.util.MessageHelper;
import org.eclipse.hono.util.ResourceIdentifier;
import org.eclipse.hono.util.TenantConstants;

/* loaded from: input_file:org/eclipse/hono/service/tenant/DelegatingTenantAmqpEndpoint.class */
public class DelegatingTenantAmqpEndpoint<S extends TenantService> extends AbstractDelegatingRequestResponseEndpoint<S, ServiceConfigProperties> {
    private static final String SPAN_NAME_GET_TENANT = "get Tenant";
    private static final String TAG_SUBJECT_DN_NAME = "subject_dn_name";

    /* renamed from: org.eclipse.hono.service.tenant.DelegatingTenantAmqpEndpoint$1, reason: invalid class name */
    /* loaded from: input_file:org/eclipse/hono/service/tenant/DelegatingTenantAmqpEndpoint$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$eclipse$hono$util$TenantConstants$TenantAction = new int[TenantConstants.TenantAction.values().length];

        static {
            try {
                $SwitchMap$org$eclipse$hono$util$TenantConstants$TenantAction[TenantConstants.TenantAction.get.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
        }
    }

    public DelegatingTenantAmqpEndpoint(Vertx vertx, S s) {
        super(vertx, s);
    }

    public final String getName() {
        return "tenant";
    }

    protected Future<Message> handleRequestMessage(Message message, ResourceIdentifier resourceIdentifier, SpanContext spanContext) {
        Objects.requireNonNull(message);
        Objects.requireNonNull(resourceIdentifier);
        switch (AnonymousClass1.$SwitchMap$org$eclipse$hono$util$TenantConstants$TenantAction[TenantConstants.TenantAction.from(message.getSubject()).ordinal()]) {
            case 1:
                return processGetRequest(message, spanContext);
            default:
                return processCustomTenantMessage(message, spanContext);
        }
    }

    private Future<Message> processGetRequest(Message message, SpanContext spanContext) {
        Future<Message> processGetByCaRequest;
        String tenantId = MessageHelper.getTenantId(message);
        Span start = TracingHelper.buildServerChildSpan(this.tracer, spanContext, SPAN_NAME_GET_TENANT, getClass().getSimpleName()).start();
        try {
            JsonObject jsonPayload = MessageHelper.getJsonPayload(message);
            if (tenantId == null && jsonPayload == null) {
                TracingHelper.logError(start, "request does not contain any query parameters");
                this.log.debug("request does not contain any query parameters");
                processGetByCaRequest = Future.failedFuture(new ClientErrorException(400));
            } else if (tenantId != null) {
                this.log.debug("retrieving tenant [{}] using deprecated variant of get tenant request", tenantId);
                TracingHelper.TAG_TENANT_ID.set(start, tenantId);
                start.log("using deprecated variant of get tenant request");
                processGetByCaRequest = processGetByIdRequest(message, tenantId, start);
            } else {
                String str = (String) getTypesafeValueForField(String.class, jsonPayload, "tenant-id");
                String str2 = (String) getTypesafeValueForField(String.class, jsonPayload, "subject-dn");
                if (str == null && str2 == null) {
                    TracingHelper.logError(start, "request does not contain any query parameters");
                    this.log.debug("payload does not contain any query parameters");
                    processGetByCaRequest = Future.failedFuture(new ClientErrorException(400));
                } else if (str != null) {
                    this.log.debug("retrieving tenant [id: {}]", str);
                    TracingHelper.TAG_TENANT_ID.set(start, str);
                    processGetByCaRequest = processGetByIdRequest(message, str, start);
                } else {
                    start.setTag(TAG_SUBJECT_DN_NAME, str2);
                    processGetByCaRequest = processGetByCaRequest(message, str2, start);
                }
            }
            return finishSpanOnFutureCompletion(start, processGetByCaRequest);
        } catch (DecodeException e) {
            this.logger.debug("failed to decode AMQP request message", e);
            return finishSpanOnFutureCompletion(start, Future.failedFuture(new ClientErrorException(400, "request message body contains malformed JSON")));
        }
    }

    private Future<Message> processGetByIdRequest(Message message, String str, Span span) {
        return ((TenantService) getService()).get(str, span).map(tenantResult -> {
            return TenantConstants.getAmqpReply("tenant", str, message, tenantResult);
        });
    }

    private Future<Message> processGetByCaRequest(Message message, String str, Span span) {
        try {
            X500Principal x500Principal = new X500Principal(str);
            this.log.debug("retrieving tenant [subject DN: {}]", str);
            return ((TenantService) getService()).get(x500Principal, span).map(tenantResult -> {
                String str2 = null;
                if (tenantResult.isOk() && tenantResult.getPayload() != null) {
                    str2 = (String) getTypesafeValueForField(String.class, (JsonObject) tenantResult.getPayload(), "tenant-id");
                    TracingHelper.TAG_TENANT_ID.set(span, str2);
                }
                return TenantConstants.getAmqpReply("tenant", str2, message, tenantResult);
            });
        } catch (IllegalArgumentException e) {
            TracingHelper.logError(span, "illegal subject DN provided by client: " + str);
            this.log.debug("cannot parse subject DN [{}] provided by client", str);
            return Future.failedFuture(new ClientErrorException(400));
        }
    }

    protected Future<Message> processCustomTenantMessage(Message message, SpanContext spanContext) {
        this.log.debug("invalid operation in request message [{}]", message.getSubject());
        return Future.failedFuture(new ClientErrorException(400));
    }

    protected Future<Message> filterResponse(HonoUser honoUser, Message message, Message message2) {
        Objects.requireNonNull(honoUser);
        Objects.requireNonNull(message2);
        String tenantId = MessageHelper.getTenantId(message2);
        JsonObject jsonPayload = MessageHelper.getJsonPayload(message2);
        if (tenantId == null || jsonPayload == null) {
            return Future.succeededFuture(message2);
        }
        return getAuthorizationService().isAuthorized(honoUser, ResourceIdentifier.from("tenant", tenantId, (String) null), message.getSubject()).map(bool -> {
            if (bool.booleanValue()) {
                return message2;
            }
            throw new ClientErrorException(403);
        });
    }

    protected boolean passesFormalVerification(ResourceIdentifier resourceIdentifier, Message message) {
        return TenantMessageFilter.verify(resourceIdentifier, message);
    }

    protected boolean isValidReplyToAddress(ResourceIdentifier resourceIdentifier) {
        return resourceIdentifier != null && resourceIdentifier.getResourcePath().length >= 2;
    }

    protected Future<Boolean> isAuthorized(HonoUser honoUser, ResourceIdentifier resourceIdentifier, Message message) {
        Objects.requireNonNull(message);
        String tenantId = MessageHelper.getTenantId(message);
        return tenantId == null ? Future.succeededFuture(Boolean.TRUE) : getAuthorizationService().isAuthorized(honoUser, ResourceIdentifier.fromPath(new String[]{resourceIdentifier.getEndpoint(), tenantId}), message.getSubject());
    }
}
