package com.appiancorp.portaldesigner.functions.publish;

import com.appiancorp.ag.ExtendedUserService;
import com.appiancorp.apikey.config.ApiKeyService;
import com.appiancorp.apikey.config.TokenCreateResult;
import com.appiancorp.apikey.exceptions.ApiKeyException;
import com.appiancorp.apikey.persistence.ApiKeyEntity;
import com.appiancorp.apikey.persistence.ApiKeyOwner;
import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.security.auth.SecurityEscalator;
import com.appiancorp.security.user.service.UserService;
import java.text.SimpleDateFormat;
import java.util.concurrent.atomic.AtomicReference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/appiancorp/portaldesigner/functions/publish/PortalApiKeyManager.class */
public class PortalApiKeyManager {
    private final UserService userService;
    private final ExtendedUserService extendedUserService;
    private final ApiKeyService apiKeyService;
    private final SecurityEscalator securityEscalator;
    private final Logger LOG = LoggerFactory.getLogger(PortalApiKeyManager.class);
    private String generatedApiKey;
    private Long generatedApiKeyId;
    private Long idOfApiKeyToRevoke;
    private boolean wasPublishSuccess;
    private boolean wasSetupCalled;

    public PortalApiKeyManager(UserService userService, ExtendedUserService extendedUserService, ApiKeyService apiKeyService, SecurityEscalator securityEscalator) {
        this.extendedUserService = extendedUserService;
        this.userService = userService;
        this.apiKeyService = apiKeyService;
        this.securityEscalator = securityEscalator;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getGeneratedApiKey() {
        return this.generatedApiKey;
    }

    Long getIdOfApiKeyToRevoke() {
        return this.idOfApiKeyToRevoke;
    }

    Long getGeneratedApiKeyId() {
        return this.generatedApiKeyId;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setupForPublish(String str, String str2, String str3) throws ApiKeyException {
        this.wasSetupCalled = true;
        ApiKeyEntity apiKeyFromUrlStub = getApiKeyFromUrlStub(str);
        Long serviceAccountId = apiKeyFromUrlStub == null ? null : apiKeyFromUrlStub.getServiceAccountId();
        Long serviceAccountUserId = Strings.isNullOrEmpty(str2) ? null : getServiceAccountUserId(str2);
        boolean z = apiKeyFromUrlStub != null && apiKeyFromUrlStub.isActive() && objectsAreNotNullAndEqual(str, str3) && objectsAreNotNullAndEqual(serviceAccountId, serviceAccountUserId);
        this.idOfApiKeyToRevoke = apiKeyFromUrlStub != null && !z ? apiKeyFromUrlStub.getId() : null;
        AtomicReference atomicReference = new AtomicReference();
        if ((serviceAccountUserId == null || z) ? false : true) {
            this.securityEscalator.runAsAdmin(() -> {
                try {
                    String generateAlias = generateAlias(str3);
                    TokenCreateResult createToken = this.apiKeyService.createToken();
                    this.generatedApiKey = createToken.getToken();
                    this.generatedApiKeyId = this.apiKeyService.persistTokenMetadata(createToken.getUuid(), generateAlias, serviceAccountUserId, ApiKeyOwner.APPIAN_PORTALS, str3);
                } catch (ApiKeyException e) {
                    atomicReference.set(e);
                }
            });
            if (atomicReference.get() != null) {
                throw ((ApiKeyException) atomicReference.get());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onPublishFinish() {
        if (!this.wasSetupCalled || this.wasPublishSuccess) {
            return;
        }
        onPublishFailure();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onPublishSuccess() {
        this.wasPublishSuccess = true;
        this.securityEscalator.runAsAdmin(() -> {
            if (this.idOfApiKeyToRevoke != null) {
                try {
                    this.apiKeyService.revokeToken(this.idOfApiKeyToRevoke.longValue());
                } catch (ApiKeyException e) {
                    this.LOG.error("Failed to revoke old api key with id {} after publish success", this.idOfApiKeyToRevoke, e);
                }
            }
        });
    }

    private void onPublishFailure() {
        this.securityEscalator.runAsAdmin(() -> {
            if (this.generatedApiKeyId != null) {
                try {
                    this.apiKeyService.revokeToken(this.generatedApiKeyId.longValue());
                } catch (ApiKeyException e) {
                    this.LOG.error("Failed to revoke newly generated api key with id {} after publish failure", this.generatedApiKeyId, e);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onUnpublishSuccess(String str) {
        this.securityEscalator.runAsAdmin(() -> {
            ApiKeyEntity apiKeyFromUrlStub = getApiKeyFromUrlStub(str);
            if (apiKeyFromUrlStub != null) {
                try {
                    this.apiKeyService.revokeToken(apiKeyFromUrlStub.getId().longValue());
                } catch (ApiKeyException e) {
                    this.LOG.error("Failed to revoke the api key with id {} for the unpublished portal", apiKeyFromUrlStub.getId(), e);
                }
            }
        });
    }

    private static String generateAlias(String str) {
        return String.format("Portal API Key for %s (%s)", str, new SimpleDateFormat("yyyyMMddHHmmss").format(Long.valueOf(System.currentTimeMillis())));
    }

    private Long getServiceAccountUserId(String str) {
        return (Long) this.userService.getUserRef(this.extendedUserService.getUserByUuid(str).getUsername()).getId();
    }

    private ApiKeyEntity getApiKeyFromUrlStub(String str) {
        return (ApiKeyEntity) this.securityEscalator.runAsAdmin(() -> {
            try {
                if (Strings.isNullOrEmpty(str)) {
                    return null;
                }
                return this.apiKeyService.getToken(ApiKeyOwner.APPIAN_PORTALS, str);
            } catch (ApiKeyException e) {
                this.LOG.info("The api key associated with portal url stub {} no longer exists", str);
                return null;
            }
        });
    }

    private static boolean objectsAreNotNullAndEqual(Object obj, Object obj2) {
        return obj != null && obj.equals(obj2);
    }
}
