package org.hspconsortium.platform.messaging;

import ca.uhn.fhir.context.FhirContext;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.text.ParseException;
import java.util.Hashtable;
import java.util.UUID;
import javax.inject.Inject;
import javax.naming.NamingException;
import org.apache.commons.io.IOUtils;
import org.apache.commons.validator.UrlValidator;
import org.hspconsortium.client.auth.Scopes;
import org.hspconsortium.client.auth.SimpleScope;
import org.hspconsortium.client.auth.access.AccessTokenProvider;
import org.hspconsortium.client.auth.access.JsonAccessTokenProvider;
import org.hspconsortium.client.auth.credentials.ClientSecretCredentials;
import org.hspconsortium.client.auth.credentials.Credentials;
import org.hspconsortium.client.auth.credentials.JWTCredentials;
import org.hspconsortium.client.controller.FhirEndpointsProvider;
import org.hspconsortium.client.session.clientcredentials.ClientCredentialsSessionFactory;
import org.hspconsortium.platform.messaging.drools.service.DroolsSubscriptionManagerService;
import org.hspconsortium.platform.messaging.service.SandboxUserRegistrationService;
import org.hspconsortium.platform.messaging.service.SubscriptionManagerService;
import org.hspconsortium.platform.messaging.service.ldap.UserService;
import org.kie.internal.KnowledgeBase;
import org.kie.internal.KnowledgeBaseFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.config.http.PortMappingsBeanDefinitionParser;

@ImportResource({"classpath*:/META-INF/spring/spring-integration-config.xml"})
@Configuration
@PropertySource({"classpath:application.properties"})
/* loaded from: input_file:WEB-INF/classes/org/hspconsortium/platform/messaging/AppConfig.class */
public class AppConfig {

    @Autowired
    Environment env;

    @Bean
    public SubscriptionManagerService subscriptionManagerService() {
        return new DroolsSubscriptionManagerService();
    }

    @Bean
    public SandboxUserRegistrationService sandboxUserRegistrationService() {
        return new SandboxUserRegistrationService.Impl();
    }

    @Bean
    public KnowledgeBase knowledgeBase() {
        return KnowledgeBaseFactory.newKnowledgeBase();
    }

    @Bean
    public String fhirServicesUrl() {
        return this.env.getProperty("hspc.reference.api.url");
    }

    @Bean
    public String clientId() {
        return this.env.getProperty("hspc.reference.messaging.app.clientId");
    }

    @Bean
    public String scope() {
        return this.env.getProperty("hspc.reference.messaging.app.scopes");
    }

    @Bean
    public String clientSecret() {
        return this.env.getProperty("sandbox.messaging.clientSecret");
    }

    @Bean
    public String jsonWebKeySetLocation() {
        return this.env.getProperty("hspc.reference.messaging.app.jsonWebKeySetLocation");
    }

    @Bean
    public Integer httpConnectionTimeOut() {
        return Integer.valueOf(Integer.parseInt(this.env.getProperty("sandbox.messaging.httpConnectionTimeoutMilliSeconds", "10000")));
    }

    @Bean
    public Integer httpReadTimeOut() {
        return Integer.valueOf(Integer.parseInt(this.env.getProperty("sandbox.messaging.httpReadTimeoutMilliSeconds", "10000")));
    }

    @Bean
    public String proxyPassword() {
        return System.getProperty("http.proxyPassword", System.getProperty("https.proxyPassword"));
    }

    @Bean
    public String proxyUser() {
        return System.getProperty("http.proxyUser", System.getProperty("https.proxyUser"));
    }

    @Bean
    public Integer proxyPort() {
        return Integer.valueOf(Integer.parseInt(System.getProperty("http.proxyPort", System.getProperty("https.proxyPort", "8080"))));
    }

    @Bean
    public String proxyHost() {
        return System.getProperty("http.proxyHost", System.getProperty("https.proxyHost"));
    }

    @Bean
    public Integer jsonWebKeySetSizeLimitBytes() {
        return Integer.valueOf(Integer.parseInt(this.env.getProperty("sandbox.messaging.jsonWebKeySetSizeLimitBytes", "10000")));
    }

    @Bean
    public Long jsonTokenDuration() {
        return Long.valueOf(Long.parseLong(this.env.getProperty("sandbox.messaging.tokenDuration", "900")));
    }

    @Inject
    @Bean
    public ClientSecretCredentials clientSecretCredentials(String str) {
        return new ClientSecretCredentials(str);
    }

    @Bean
    public AccessTokenProvider tokenProvider(FhirContext fhirContext) {
        return new JsonAccessTokenProvider(fhirContext);
    }

    @Bean
    public FhirEndpointsProvider fhirEndpointsProvider(FhirContext fhirContext) {
        return new FhirEndpointsProvider.Impl(fhirContext);
    }

    @Inject
    @Bean
    public Credentials credentials(String str, String str2) {
        if (str != null) {
            return clientSecretCredentials(str);
        }
        if (str2 != null) {
            return jwtCredentials(jwkSet(jsonWebKeySetLocation(), httpConnectionTimeOut(), httpReadTimeOut(), jsonWebKeySetSizeLimitBytes()), clientId(), null, jsonTokenDuration());
        }
        throw new RuntimeException("Credentials not specified");
    }

    @Bean
    public FhirContext fhirContext(Integer num, Integer num2, String str, Integer num3, String str2, String str3) {
        FhirContext forDstu2 = FhirContext.forDstu2();
        forDstu2.getRestfulClientFactory().setConnectTimeout(num.intValue());
        forDstu2.getRestfulClientFactory().setSocketTimeout(num2.intValue());
        if (str != null) {
            forDstu2.getRestfulClientFactory().setProxy(str, num3);
            forDstu2.getRestfulClientFactory().setProxyCredentials(str2, str3);
        }
        return forDstu2;
    }

    @Inject
    @Bean
    public ClientCredentialsSessionFactory<? extends Credentials> ehrSessionFactory(FhirContext fhirContext, AccessTokenProvider accessTokenProvider, FhirEndpointsProvider fhirEndpointsProvider, String str, String str2, Credentials credentials, String str3) {
        Scopes scopes = new Scopes();
        scopes.add(new SimpleScope(str3));
        return new ClientCredentialsSessionFactory<>(fhirContext, accessTokenProvider, fhirEndpointsProvider, str, str2, credentials, scopes);
    }

    private JWKSet jwkSet(String str, Integer num, Integer num2, Integer num3) {
        JWKSet load;
        try {
            if (isUrl(str)) {
                load = JWKSet.load(new URL(str), num.intValue(), num2.intValue(), num3.intValue());
            } else {
                ClassPathResource classPathResource = new ClassPathResource(str);
                File createTempFile = File.createTempFile("jwkSet", ".tmp");
                createTempFile.deleteOnExit();
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                Throwable th = null;
                try {
                    try {
                        IOUtils.copy(classPathResource.getInputStream(), fileOutputStream);
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        load = JWKSet.load(createTempFile);
                    } finally {
                    }
                } finally {
                }
            }
            return load;
        } catch (IOException | ParseException e) {
            throw new RuntimeException(e);
        }
    }

    private JWTCredentials jwtCredentials(JWKSet jWKSet, String str, String str2, Long l) {
        try {
            JWTCredentials jWTCredentials = new JWTCredentials(((RSAKey) jWKSet.getKeys().get(0)).toRSAPrivateKey());
            jWTCredentials.setIssuer(str);
            jWTCredentials.setSubject(str);
            jWTCredentials.setAudience(str2);
            jWTCredentials.setTokenReference(UUID.randomUUID().toString());
            jWTCredentials.setDuration(l);
            return jWTCredentials;
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    @Bean
    public UserService ldapUserService() throws NamingException {
        Hashtable hashtable = new Hashtable(5);
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.env.getProperty("ldap.server"));
        hashtable.put("java.naming.security.authentication", BeanDefinitionParserDelegate.DEPENDENCY_CHECK_SIMPLE_ATTRIBUTE_VALUE);
        hashtable.put("java.naming.security.principal", this.env.getProperty("ldap.userDn"));
        hashtable.put("java.naming.security.credentials", this.env.getProperty("ldap.password"));
        return new UserService(hashtable);
    }

    private boolean isUrl(String str) {
        return new UrlValidator(new String[]{"http", PortMappingsBeanDefinitionParser.ATT_HTTPS_PORT}).isValid(str);
    }
}
