package org.opendaylight.netconf.topology.spi;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.util.concurrent.FutureCallback;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.ListeningExecutorService;
import com.google.common.util.concurrent.MoreExecutors;
import io.netty.util.concurrent.EventExecutor;
import java.math.BigDecimal;
import java.net.InetSocketAddress;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
import org.opendaylight.controller.config.threadpool.ThreadPool;
import org.opendaylight.mdsal.binding.api.DataBroker;
import org.opendaylight.mdsal.dom.api.DOMMountPointService;
import org.opendaylight.netconf.client.NetconfClientDispatcher;
import org.opendaylight.netconf.client.NetconfClientSessionListener;
import org.opendaylight.netconf.client.conf.NetconfClientConfiguration;
import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfiguration;
import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfigurationBuilder;
import org.opendaylight.netconf.nettyutil.TimedReconnectStrategyFactory;
import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.AuthenticationHandler;
import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.LoginPasswordHandler;
import org.opendaylight.netconf.sal.connect.api.DeviceActionFactory;
import org.opendaylight.netconf.sal.connect.api.RemoteDeviceHandler;
import org.opendaylight.netconf.sal.connect.api.SchemaResourceManager;
import org.opendaylight.netconf.sal.connect.netconf.LibraryModulesSchemas;
import org.opendaylight.netconf.sal.connect.netconf.NetconfDevice;
import org.opendaylight.netconf.sal.connect.netconf.NetconfDeviceBuilder;
import org.opendaylight.netconf.sal.connect.netconf.SchemalessNetconfDevice;
import org.opendaylight.netconf.sal.connect.netconf.auth.DatastoreBackedPublicKeyAuth;
import org.opendaylight.netconf.sal.connect.netconf.listener.NetconfDeviceCapabilities;
import org.opendaylight.netconf.sal.connect.netconf.listener.NetconfDeviceCommunicator;
import org.opendaylight.netconf.sal.connect.netconf.listener.NetconfSessionPreferences;
import org.opendaylight.netconf.sal.connect.netconf.listener.UserPreferences;
import org.opendaylight.netconf.sal.connect.netconf.sal.KeepaliveSalFacade;
import org.opendaylight.netconf.sal.connect.netconf.sal.NetconfKeystoreAdapter;
import org.opendaylight.netconf.sal.connect.netconf.schema.YangLibrarySchemaYangSourceProvider;
import org.opendaylight.netconf.sal.connect.netconf.schema.mapping.BaseNetconfSchemas;
import org.opendaylight.netconf.sal.connect.util.RemoteDeviceId;
import org.opendaylight.netconf.sal.connect.util.SslHandlerFactoryImpl;
import org.opendaylight.netconf.topology.api.NetconfTopology;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Uri;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.optional.rev190614.NetconfNodeAugmentedOptional;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNode;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.status.available.capabilities.AvailableCapability;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.Credentials;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.KeyAuth;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPassword;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPw;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPwUnencrypted;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.key.auth.KeyBased;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.login.pw.unencrypted.LoginPasswordUnencrypted;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.schema.storage.YangLibrary;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
import org.opendaylight.yangtools.yang.model.repo.api.SourceIdentifier;
import org.opendaylight.yangtools.yang.model.repo.api.YangTextSchemaSource;
import org.opendaylight.yangtools.yang.model.repo.spi.PotentialSchemaSource;
import org.opendaylight.yangtools.yang.model.repo.spi.SchemaSourceRegistration;
import org.opendaylight.yangtools.yang.model.repo.spi.SchemaSourceRegistry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/netconf/topology/spi/AbstractNetconfTopology.class */
public abstract class AbstractNetconfTopology implements NetconfTopology {
    protected static final long DEFAULT_REQUEST_TIMEOUT_MILLIS = 60000;
    protected static final int DEFAULT_KEEPALIVE_DELAY = 0;
    protected static final boolean DEFAULT_RECONNECT_ON_CHANGED_SCHEMA = false;
    protected static final int DEFAULT_CONCURRENT_RPC_LIMIT = 0;
    private static final boolean DEFAULT_IS_TCP_ONLY = false;
    private static final int DEFAULT_MAX_CONNECTION_ATTEMPTS = 0;
    private static final int DEFAULT_BETWEEN_ATTEMPTS_TIMEOUT_MILLIS = 2000;
    private static final long DEFAULT_CONNECTION_TIMEOUT_MILLIS = 20000;
    private final NetconfClientDispatcher clientDispatcher;
    private final EventExecutor eventExecutor;
    private final DeviceActionFactory deviceActionFactory;
    private final NetconfKeystoreAdapter keystoreAdapter;
    private final SchemaResourceManager schemaManager;
    private final BaseNetconfSchemas baseSchemas;
    protected final ScheduledThreadPool keepaliveExecutor;
    protected final ListeningExecutorService processingExecutor;
    protected final DataBroker dataBroker;
    protected final DOMMountPointService mountPointService;
    protected final String topologyId;
    protected String privateKeyPath;
    protected String privateKeyPassphrase;
    protected final AAAEncryptionService encryptionService;
    protected final HashMap<NodeId, NetconfConnectorDTO> activeConnectors = new HashMap<>();
    private static final Logger LOG = LoggerFactory.getLogger(AbstractNetconfTopology.class);
    private static final BigDecimal DEFAULT_SLEEP_FACTOR = new BigDecimal(1.5d);

    protected AbstractNetconfTopology(String str, NetconfClientDispatcher netconfClientDispatcher, EventExecutor eventExecutor, ScheduledThreadPool scheduledThreadPool, ThreadPool threadPool, SchemaResourceManager schemaResourceManager, DataBroker dataBroker, DOMMountPointService dOMMountPointService, AAAEncryptionService aAAEncryptionService, DeviceActionFactory deviceActionFactory, BaseNetconfSchemas baseNetconfSchemas) {
        this.topologyId = str;
        this.clientDispatcher = netconfClientDispatcher;
        this.eventExecutor = eventExecutor;
        this.keepaliveExecutor = scheduledThreadPool;
        this.processingExecutor = MoreExecutors.listeningDecorator(threadPool.getExecutor());
        this.schemaManager = (SchemaResourceManager) Objects.requireNonNull(schemaResourceManager);
        this.deviceActionFactory = deviceActionFactory;
        this.dataBroker = dataBroker;
        this.mountPointService = dOMMountPointService;
        this.encryptionService = aAAEncryptionService;
        this.baseSchemas = (BaseNetconfSchemas) Objects.requireNonNull(baseNetconfSchemas);
        this.keystoreAdapter = new NetconfKeystoreAdapter(dataBroker);
    }

    @Override // org.opendaylight.netconf.topology.api.NetconfTopology
    public ListenableFuture<NetconfDeviceCapabilities> connectNode(NodeId nodeId, Node node) {
        LOG.info("Connecting RemoteDevice{{}} , with config {}", nodeId, hideCredentials(node));
        return setupConnection(nodeId, node);
    }

    @VisibleForTesting
    public static String hideCredentials(Node node) {
        return node.toString().replace(node.augmentation(NetconfNode.class).getCredentials().toString(), "***");
    }

    @Override // org.opendaylight.netconf.topology.api.NetconfTopology
    public ListenableFuture<Void> disconnectNode(NodeId nodeId) {
        LOG.debug("Disconnecting RemoteDevice{{}}", nodeId.getValue());
        NetconfConnectorDTO remove = this.activeConnectors.remove(nodeId);
        if (remove == null) {
            return Futures.immediateFailedFuture(new IllegalStateException("Unable to disconnect device that is not connected"));
        }
        remove.close();
        return Futures.immediateFuture((Object) null);
    }

    protected ListenableFuture<NetconfDeviceCapabilities> setupConnection(final NodeId nodeId, Node node) {
        NetconfNode netconfNode = (NetconfNode) node.augmentation(NetconfNode.class);
        NetconfNodeAugmentedOptional netconfNodeAugmentedOptional = (NetconfNodeAugmentedOptional) node.augmentation(NetconfNodeAugmentedOptional.class);
        Objects.requireNonNull(netconfNode.getHost());
        Objects.requireNonNull(netconfNode.getPort());
        NetconfConnectorDTO createDeviceCommunicator = createDeviceCommunicator(nodeId, netconfNode, netconfNodeAugmentedOptional);
        ListenableFuture<NetconfDeviceCapabilities> initializeRemoteConnection = createDeviceCommunicator.getCommunicator().initializeRemoteConnection(this.clientDispatcher, getClientConfig(createDeviceCommunicator.getSessionListener(), netconfNode));
        this.activeConnectors.put(nodeId, createDeviceCommunicator);
        Futures.addCallback(initializeRemoteConnection, new FutureCallback<NetconfDeviceCapabilities>() { // from class: org.opendaylight.netconf.topology.spi.AbstractNetconfTopology.1
            public void onSuccess(NetconfDeviceCapabilities netconfDeviceCapabilities) {
                AbstractNetconfTopology.LOG.debug("Connector for {} started succesfully", nodeId.getValue());
            }

            public void onFailure(Throwable th) {
                AbstractNetconfTopology.LOG.error("Connector for {} failed", nodeId.getValue(), th);
            }
        }, MoreExecutors.directExecutor());
        return initializeRemoteConnection;
    }

    protected NetconfConnectorDTO createDeviceCommunicator(NodeId nodeId, NetconfNode netconfNode) {
        return createDeviceCommunicator(nodeId, netconfNode, null);
    }

    protected NetconfConnectorDTO createDeviceCommunicator(NodeId nodeId, NetconfNode netconfNode, NetconfNodeAugmentedOptional netconfNodeAugmentedOptional) {
        SchemalessNetconfDevice build;
        List<SchemaSourceRegistration<?>> registerDeviceSchemaSources;
        long java = netconfNode.getDefaultRequestTimeoutMillis() == null ? DEFAULT_REQUEST_TIMEOUT_MILLIS : netconfNode.getDefaultRequestTimeoutMillis().toJava();
        long java2 = netconfNode.getKeepaliveDelay() == null ? 0L : netconfNode.getKeepaliveDelay().toJava();
        Host host = netconfNode.getHost();
        IpAddress ipAddress = host.getIpAddress();
        RemoteDeviceId remoteDeviceId = new RemoteDeviceId(nodeId.getValue(), ipAddress != null ? new InetSocketAddress(IetfInetUtil.INSTANCE.inetAddressFor(ipAddress), netconfNode.getPort().getValue().toJava()) : new InetSocketAddress(host.getDomainName().getValue(), netconfNode.getPort().getValue().toJava()));
        RemoteDeviceHandler createSalFacade = createSalFacade(remoteDeviceId);
        if (java2 > 0) {
            LOG.warn("Adding keepalive facade, for device {}", nodeId);
            createSalFacade = new KeepaliveSalFacade(remoteDeviceId, createSalFacade, this.keepaliveExecutor.getExecutor(), java2, java);
        }
        if (netconfNode.isSchemaless().booleanValue()) {
            build = new SchemalessNetconfDevice(this.baseSchemas, remoteDeviceId, createSalFacade);
            registerDeviceSchemaSources = List.of();
        } else {
            boolean booleanValue = netconfNode.isReconnectOnChangedSchema() == null ? false : netconfNode.isReconnectOnChangedSchema().booleanValue();
            NetconfDevice.SchemaResourcesDTO schemaResources = this.schemaManager.getSchemaResources(netconfNode, nodeId.getValue());
            build = new NetconfDeviceBuilder().setReconnectOnSchemasChange(booleanValue).setSchemaResourcesDTO(schemaResources).setGlobalProcessingExecutor(this.processingExecutor).setId(remoteDeviceId).setSalFacade(createSalFacade).setNode(netconfNode).setEventExecutor(this.eventExecutor).setNodeOptional(netconfNodeAugmentedOptional).setDeviceActionFactory(this.deviceActionFactory).setBaseSchemas(this.baseSchemas).build();
            registerDeviceSchemaSources = registerDeviceSchemaSources(remoteDeviceId, nodeId, netconfNode, schemaResources);
        }
        Optional<UserPreferences> userCapabilities = getUserCapabilities(netconfNode);
        int java3 = netconfNode.getConcurrentRpcLimit() == null ? 0 : netconfNode.getConcurrentRpcLimit().toJava();
        if (java3 < 1) {
            LOG.info("Concurrent rpc limit is smaller than 1, no limit will be enforced for device {}", remoteDeviceId);
        }
        NetconfDeviceCommunicator netconfDeviceCommunicator = userCapabilities.isPresent() ? new NetconfDeviceCommunicator(remoteDeviceId, build, userCapabilities.get(), java3) : new NetconfDeviceCommunicator(remoteDeviceId, build, java3);
        if (createSalFacade instanceof KeepaliveSalFacade) {
            ((KeepaliveSalFacade) createSalFacade).setListener(netconfDeviceCommunicator);
        }
        return new NetconfConnectorDTO(netconfDeviceCommunicator, createSalFacade, registerDeviceSchemaSources);
    }

    private List<SchemaSourceRegistration<?>> registerDeviceSchemaSources(RemoteDeviceId remoteDeviceId, NodeId nodeId, NetconfNode netconfNode, NetconfDevice.SchemaResourcesDTO schemaResourcesDTO) {
        Uri yangLibraryUrl;
        YangLibrary yangLibrary = netconfNode.getYangLibrary();
        if (yangLibrary == null || (yangLibraryUrl = yangLibrary.getYangLibraryUrl()) == null) {
            return List.of();
        }
        ArrayList arrayList = new ArrayList();
        String value = yangLibraryUrl.getValue();
        SchemaSourceRegistry schemaRegistry = schemaResourcesDTO.getSchemaRegistry();
        String username = yangLibrary.getUsername();
        String password = yangLibrary.getPassword();
        LibraryModulesSchemas create = (username == null || password == null) ? LibraryModulesSchemas.create(value) : LibraryModulesSchemas.create(value, username, password);
        Iterator it = create.getAvailableModels().entrySet().iterator();
        while (it.hasNext()) {
            arrayList.add(schemaRegistry.registerSchemaSource(new YangLibrarySchemaYangSourceProvider(remoteDeviceId, create.getAvailableModels()), PotentialSchemaSource.create((SourceIdentifier) ((Map.Entry) it.next()).getKey(), YangTextSchemaSource.class, PotentialSchemaSource.Costs.REMOTE_IO.getValue())));
        }
        return List.copyOf(arrayList);
    }

    public void setPrivateKeyPath(String str) {
        this.privateKeyPath = str;
    }

    public void setPrivateKeyPassphrase(String str) {
        this.privateKeyPassphrase = str;
    }

    public NetconfReconnectingClientConfiguration getClientConfig(NetconfClientSessionListener netconfClientSessionListener, NetconfNode netconfNode) {
        NetconfReconnectingClientConfigurationBuilder withAuthHandler;
        long java = netconfNode.getConnectionTimeoutMillis() == null ? DEFAULT_CONNECTION_TIMEOUT_MILLIS : netconfNode.getConnectionTimeoutMillis().toJava();
        long java2 = netconfNode.getMaxConnectionAttempts() == null ? 0L : netconfNode.getMaxConnectionAttempts().toJava();
        int java3 = netconfNode.getBetweenAttemptsTimeoutMillis() == null ? DEFAULT_BETWEEN_ATTEMPTS_TIMEOUT_MILLIS : netconfNode.getBetweenAttemptsTimeoutMillis().toJava();
        boolean booleanValue = netconfNode.isTcpOnly() == null ? false : netconfNode.isTcpOnly().booleanValue();
        BigDecimal sleepFactor = netconfNode.getSleepFactor() == null ? DEFAULT_SLEEP_FACTOR : netconfNode.getSleepFactor();
        InetSocketAddress socketAddress = getSocketAddress(netconfNode.getHost(), netconfNode.getPort().getValue().toJava());
        TimedReconnectStrategyFactory timedReconnectStrategyFactory = new TimedReconnectStrategyFactory(this.eventExecutor, Long.valueOf(java2), java3, sleepFactor);
        Protocol protocol = netconfNode.getProtocol();
        if (booleanValue) {
            withAuthHandler = NetconfReconnectingClientConfigurationBuilder.create().withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TCP).withAuthHandler(getHandlerFromCredentials(netconfNode.getCredentials()));
        } else if (protocol == null || protocol.getName() == Protocol.Name.SSH) {
            withAuthHandler = NetconfReconnectingClientConfigurationBuilder.create().withProtocol(NetconfClientConfiguration.NetconfClientProtocol.SSH).withAuthHandler(getHandlerFromCredentials(netconfNode.getCredentials()));
        } else {
            if (protocol.getName() != Protocol.Name.TLS) {
                throw new IllegalStateException("Unsupported protocol type: " + protocol.getName());
            }
            withAuthHandler = NetconfReconnectingClientConfigurationBuilder.create().withSslHandlerFactory(new SslHandlerFactoryImpl(this.keystoreAdapter, protocol.getSpecification())).withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TLS);
        }
        if (netconfNode.getOdlHelloMessageCapabilities() != null) {
            withAuthHandler.withOdlHelloCapabilities(netconfNode.getOdlHelloMessageCapabilities().getCapability());
        }
        return withAuthHandler.withAddress(socketAddress).withConnectionTimeoutMillis(java).withReconnectStrategy(timedReconnectStrategyFactory.createReconnectStrategy()).withConnectStrategyFactory(timedReconnectStrategyFactory).withSessionListener(netconfClientSessionListener).build();
    }

    private AuthenticationHandler getHandlerFromCredentials(Credentials credentials) {
        if (credentials instanceof LoginPassword) {
            LoginPassword loginPassword = (LoginPassword) credentials;
            return new LoginPasswordHandler(loginPassword.getUsername(), loginPassword.getPassword());
        }
        if (credentials instanceof LoginPwUnencrypted) {
            LoginPasswordUnencrypted loginPasswordUnencrypted = ((LoginPwUnencrypted) credentials).getLoginPasswordUnencrypted();
            return new LoginPasswordHandler(loginPasswordUnencrypted.getUsername(), loginPasswordUnencrypted.getPassword());
        }
        if (credentials instanceof LoginPw) {
            org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.login.pw.LoginPassword loginPassword2 = ((LoginPw) credentials).getLoginPassword();
            return new LoginPasswordHandler(loginPassword2.getUsername(), this.encryptionService.decrypt(loginPassword2.getPassword()));
        }
        if (!(credentials instanceof KeyAuth)) {
            throw new IllegalStateException("Unsupported credential type: " + credentials.getClass());
        }
        KeyBased keyBased = ((KeyAuth) credentials).getKeyBased();
        return new DatastoreBackedPublicKeyAuth(keyBased.getUsername(), keyBased.getKeyId(), this.keystoreAdapter, this.encryptionService);
    }

    protected abstract RemoteDeviceHandler<NetconfSessionPreferences> createSalFacade(RemoteDeviceId remoteDeviceId);

    private static InetSocketAddress getSocketAddress(Host host, int i) {
        if (host.getDomainName() != null) {
            return new InetSocketAddress(host.getDomainName().getValue(), i);
        }
        IpAddress ipAddress = host.getIpAddress();
        return new InetSocketAddress(ipAddress.getIpv4Address() != null ? ipAddress.getIpv4Address().getValue() : ipAddress.getIpv6Address().getValue(), i);
    }

    private static Optional<UserPreferences> getUserCapabilities(NetconfNode netconfNode) {
        if (netconfNode.getYangModuleCapabilities() == null && netconfNode.getNonModuleCapabilities() == null) {
            return Optional.empty();
        }
        ArrayList arrayList = new ArrayList();
        boolean z = false;
        if (netconfNode.getYangModuleCapabilities() != null) {
            arrayList.addAll(netconfNode.getYangModuleCapabilities().getCapability());
            z = netconfNode.getYangModuleCapabilities().isOverride().booleanValue();
        }
        NetconfSessionPreferences fromStrings = NetconfSessionPreferences.fromStrings(arrayList);
        Preconditions.checkState(fromStrings.getNonModuleCaps().isEmpty(), "List yang-module-capabilities/capability should contain only module based capabilities. Non-module capabilities used: " + fromStrings.getNonModuleCaps());
        boolean z2 = false;
        if (netconfNode.getNonModuleCapabilities() != null) {
            arrayList.addAll(netconfNode.getNonModuleCapabilities().getCapability());
            z2 = netconfNode.getNonModuleCapabilities().isOverride().booleanValue();
        }
        return Optional.of(new UserPreferences(NetconfSessionPreferences.fromStrings(arrayList, AvailableCapability.CapabilityOrigin.UserDefined), z, z2));
    }
}
