package com.appiancorp.webapi;

import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.core.data.ImmutableDictionary;
import com.appiancorp.core.data.Record;
import com.appiancorp.core.evaluationstatus.EvaluationStatusService;
import com.appiancorp.core.evaluationstatus.SailEndpointData;
import com.appiancorp.core.expr.AppianScriptContext;
import com.appiancorp.core.expr.AppianScriptContextBuilder;
import com.appiancorp.core.expr.AppianScriptContextTop;
import com.appiancorp.core.expr.AppianScriptEngine;
import com.appiancorp.core.expr.Domain;
import com.appiancorp.core.expr.EvalPath;
import com.appiancorp.core.expr.Id;
import com.appiancorp.core.expr.SaveCompleted;
import com.appiancorp.core.expr.exceptions.ExpressionRuntimeException;
import com.appiancorp.core.expr.exceptions.ScriptException;
import com.appiancorp.core.expr.portable.Type;
import com.appiancorp.core.expr.portable.Value;
import com.appiancorp.core.expr.portable.cdt.HttpMethod;
import com.appiancorp.core.expr.portable.cdt.WebApiResponseConstants;
import com.appiancorp.core.expr.portable.environment.EvaluationEnvironment;
import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.core.expr.reaction.ReactionTree;
import com.appiancorp.core.monitoring.ReevaluationMetrics;
import com.appiancorp.expr.server.environment.epex.services.ActorRequestService;
import com.appiancorp.sail.ExternalSideEffectRecorder;
import com.appiancorp.services.ServiceContext;
import com.appiancorp.services.ServiceContextFactory;
import com.appiancorp.suite.cfg.FeatureToggleConfiguration;
import com.appiancorp.suiteapi.common.exceptions.AppianRuntimeException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.tracing.CloseableSpan;
import com.appiancorp.tracing.SafeTracer;
import com.appiancorp.tracing.allow.AllowedStringTags;
import com.appiancorp.type.ExtendedTypeService;
import com.appiancorp.type.cdt.HttpHeader;
import com.appiancorp.type.cdt.WebApiDto;
import com.appiancorp.type.cdt.WebApiRequest;
import com.appiancorp.type.cdt.WebApiResponse;
import com.appiancorp.type.refs.DocumentRef;
import com.appiancorp.type.refs.DocumentRefImpl;
import com.appiancorp.util.ImmutableTimeZone;
import com.appiancorp.webapi.errorhandling.WebApiExceptionMapper;
import com.appiancorp.webapi.openapi.ExportWebApiAsOpenApiReaction;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Stopwatch;
import com.google.common.collect.ImmutableSet;
import java.io.IOException;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import javax.validation.constraints.NotNull;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpStatus;

/* loaded from: input_file:com/appiancorp/webapi/WebApiEvaluator.class */
public class WebApiEvaluator {
    private static final String EXEC_WEB_API_KEY = "webApi.execution";
    public static final String WEB_API_EVALUATOR_OPERATION_NAME = "webApiEvaluator";
    private static final String IS_WEB_API = "isWebApi";

    @VisibleForTesting
    public static final String ACTORS_INVOKED = "actorsInvoked";

    @VisibleForTesting
    public static final String NUMBER_INVOKED = "numberInvoked";

    @VisibleForTesting
    public static final String ACTOR_UUID = "actorUuid";
    private static final String MS_TO_QUEUE_ACTORS = "timeToQueueActorsMs";
    private final ExtendedTypeService extendedTypeService;
    private final WebApiAppianBindingFactory webApiAppianBindingFactory;
    private final WebApiExceptionMapper webApiExceptionMapper;
    private final SafeTracer safeTracer;
    private FeatureToggleConfiguration featureToggleConfiguration;
    private Stopwatch actorRequestTracker = null;
    public static final Set<String> BLACKLISTED_WEBAPI_RESPONSE_HEADERS_IN_LOWERCASE = ImmutableSet.of("set-cookie");
    private static final Set<HttpMethod> HTTP_METHODS_THAT_SUPPORT_REACTIONS = ImmutableSet.builder().add(HttpMethod.POST).add(HttpMethod.PUT).add(HttpMethod.DELETE).add(HttpMethod.PATCH).build();
    private static boolean EVAL_AS_SYSTEM = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/appiancorp/webapi/WebApiEvaluator$WebApiEndpointData.class */
    public static class WebApiEndpointData implements SailEndpointData {
        private final SailEndpointData.EndpointType endpointType;
        private Integer hashCode = null;
        private final String webApiUuid;
        private final String portalName;

        public WebApiEndpointData(String str, String str2) {
            this.webApiUuid = Strings.isNullOrEmpty(str) ? "" : str;
            this.endpointType = str2 != null ? SailEndpointData.EndpointType.PORTALS_WEB_API : SailEndpointData.EndpointType.WEB_API;
            this.portalName = str2;
        }

        public SailEndpointData.EndpointType getEndpointType() {
            return this.endpointType;
        }

        public String getWebApiUuid() {
            return this.webApiUuid;
        }

        public String getPortalName() {
            return this.portalName;
        }

        public int hashCode() {
            if (this.hashCode == null) {
                this.hashCode = Integer.valueOf(this.endpointType.hashCode());
                this.hashCode = Integer.valueOf((11 * this.hashCode.intValue()) + this.webApiUuid.hashCode());
            }
            return this.hashCode.intValue();
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof WebApiEndpointData)) {
                return false;
            }
            WebApiEndpointData webApiEndpointData = (WebApiEndpointData) obj;
            return this.endpointType.equals(webApiEndpointData.endpointType) && this.webApiUuid.equals(webApiEndpointData.webApiUuid);
        }

        public String toString() {
            return "WebApiEndpointData ID: [endpointType: " + this.endpointType + "; webApiUuid: " + this.webApiUuid + (this.portalName != null ? "; portalName:" + this.portalName + "]" : "]");
        }
    }

    @VisibleForTesting
    public static boolean setupForWebApiTests(boolean z) {
        boolean z2 = EVAL_AS_SYSTEM;
        EVAL_AS_SYSTEM = z;
        return z2;
    }

    public WebApiEvaluator(ExtendedTypeService extendedTypeService, WebApiAppianBindingFactory webApiAppianBindingFactory, WebApiExceptionMapper webApiExceptionMapper, SafeTracer safeTracer, FeatureToggleConfiguration featureToggleConfiguration) {
        this.extendedTypeService = (ExtendedTypeService) Objects.requireNonNull(extendedTypeService);
        this.webApiAppianBindingFactory = webApiAppianBindingFactory;
        this.webApiExceptionMapper = webApiExceptionMapper;
        this.safeTracer = safeTracer;
        this.featureToggleConfiguration = featureToggleConfiguration;
    }

    public WebApiResponseResults evalToWebApiResponseWithUsername(String str, @NotNull HttpServletRequest httpServletRequest, WebApi webApi, boolean z) throws IOException, ScriptException {
        ServiceContext serviceContext = ServiceContextFactory.getServiceContext(str);
        serviceContext.setTimeZone(ImmutableTimeZone.GMT);
        ServiceContextFactory.populateServiceContextI18nSettings(serviceContext);
        try {
            return eval(serviceContext, this.webApiAppianBindingFactory.fromServletRequest(httpServletRequest, webApi), webApi.getExpression(), HttpMethod.valueOf(httpServletRequest.getMethod()), false, webApi.getUuid(), z, httpServletRequest.getHeader(WebApiAppianHeader.PORTAL_NAME.getHeaderName()));
        } catch (RuntimeException e) {
            return this.webApiExceptionMapper.mapException(e, new ArrayList(), null);
        }
    }

    public WebApiResponseResults evalToWebApiResponseWithRequestContext(ServiceContext serviceContext, @NotNull WebApiRequest webApiRequest, @NotNull WebApiDto webApiDto, boolean z, boolean z2) throws ScriptException {
        try {
            return eval(serviceContext, this.webApiAppianBindingFactory.fromWebApiRequest(webApiRequest, webApiDto), webApiDto.getExpression(), webApiDto.getHttpMethod(), z, webApiDto.getUuid(), z2, getPortalsNameFromHeaders(webApiRequest.getHeaders()));
        } catch (RuntimeException e) {
            return this.webApiExceptionMapper.mapException(e, new ArrayList(), null);
        }
    }

    public static String getPortalsNameFromHeaders(List<HttpHeader> list) {
        for (HttpHeader httpHeader : list) {
            if (httpHeader.getName().equals(WebApiAppianHeader.PORTAL_NAME.getHeaderName())) {
                return httpHeader.getValue();
            }
        }
        return null;
    }

    @VisibleForTesting
    public WebApiResponseResults eval(ServiceContext serviceContext, WebApiAppianBindings webApiAppianBindings, String str, HttpMethod httpMethod, boolean z, String str2, boolean z2, String str3) throws ScriptException {
        ExternalSideEffectRecorder externalSideEffectRecorder = new ExternalSideEffectRecorder();
        addEnvBindings(serviceContext, webApiAppianBindings);
        AppianScriptContextTop buildTop = AppianScriptContextBuilder.init().bindings(webApiAppianBindings).serviceContext(serviceContext).addExternalSideEffectListener(externalSideEffectRecorder).enableEPEx(this.featureToggleConfiguration.isEPExRuntimeEnabled()).buildTop();
        EvaluationStatusService evaluationStatusService = EvaluationEnvironment.getEvaluationStatusService();
        String startEvaluation = evaluationStatusService.startEvaluation(buildTop.getAppianTopParent(), new WebApiEndpointData(str2, str3));
        try {
            try {
                CloseableSpan createCloseableSpanIfParent = this.safeTracer.createCloseableSpanIfParent(WEB_API_EVALUATOR_OPERATION_NAME);
                Throwable th = null;
                try {
                    try {
                        Value evaluateExpression = evaluateExpression(buildTop, httpMethod, str, z2);
                        WebApiResponseResults webApiResponseResults = new WebApiResponseResults(convertToWebApiResponse(evaluateExpression), externalSideEffectRecorder.getExternalSideEffectList(), (Exception) null);
                        setTagsOnTheSpan(httpMethod, str2, evaluateExpression, createCloseableSpanIfParent, webApiAppianBindings.size(), str3);
                        if (createCloseableSpanIfParent != null) {
                            if (0 != 0) {
                                try {
                                    createCloseableSpanIfParent.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                createCloseableSpanIfParent.close();
                            }
                        }
                        evaluationStatusService.stopEvaluation(startEvaluation);
                        return webApiResponseResults;
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (createCloseableSpanIfParent != null) {
                        if (th != null) {
                            try {
                                createCloseableSpanIfParent.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            createCloseableSpanIfParent.close();
                        }
                    }
                    throw th3;
                }
            } catch (RuntimeException e) {
                WebApiResponseResults mapException = this.webApiExceptionMapper.mapException(e, externalSideEffectRecorder.getExternalSideEffectList(), evaluationStatusService.getMemorySnapshot(startEvaluation));
                evaluationStatusService.stopEvaluation(startEvaluation);
                return mapException;
            }
        } catch (Throwable th5) {
            evaluationStatusService.stopEvaluation(startEvaluation);
            throw th5;
        }
    }

    private void addEnvBindings(ServiceContext serviceContext, WebApiAppianBindings webApiAppianBindings) {
        webApiAppianBindings.set(new Id(Domain.ENVIRONMENT, "locale"), Type.STRING.valueOf(serviceContext.getLocale().toLanguageTag()));
    }

    private void setTagsOnTheSpan(HttpMethod httpMethod, String str, Value value, CloseableSpan closeableSpan, int i, String str2) {
        if (closeableSpan == null || closeableSpan.isNoOp()) {
            return;
        }
        if (httpMethod != null) {
            this.safeTracer.setTag(AllowedStringTags.webApiMethod, httpMethod.toString());
        } else {
            this.safeTracer.setTag(AllowedStringTags.webApiMethod, "Null");
        }
        if (!Value.isNull(value)) {
            this.safeTracer.setTag("memory weight", Long.valueOf(value.getMemoryWeight()));
        }
        if (str2 != null) {
            this.safeTracer.setTag(AllowedStringTags.portalName, str2);
        }
        this.safeTracer.setTag(AllowedStringTags.webApiUuid, str);
        this.safeTracer.setTag("bindings count", Integer.valueOf(i));
    }

    private Value evaluateExpression(AppianScriptContext appianScriptContext, HttpMethod httpMethod, String str, boolean z) throws ScriptException {
        if (httpMethod != null) {
            ProductMetricsAggregatedDataCollector.recordData("webApi.execution." + httpMethod.toString());
        } else {
            ProductMetricsAggregatedDataCollector.recordData("webApi.execution.NULL");
        }
        AppianScriptEngine appianScriptEngine = AppianScriptEngine.get();
        appianScriptContext.getBindings().set(Domain.ENVIRONMENT, IS_WEB_API, Type.getBooleanValue(true));
        Value eval = appianScriptEngine.eval(str, EvalPath.init().insideSystemRule(EVAL_AS_SYSTEM || z), appianScriptContext, true, false);
        if (!this.featureToggleConfiguration.isEPExRuntimeEnabled() || (!Type.ACTOR_REQUEST.equals(eval.getType()) && !Type.LIST_OF_ACTOR_REQUEST.equals(eval.getType()))) {
            Object value = eval.getValue();
            if (!(value instanceof ReactionTree)) {
                return eval;
            }
            if (HTTP_METHODS_THAT_SUPPORT_REACTIONS.contains(httpMethod)) {
                return evaluateReactionExpression((ReactionTree) value);
            }
            throw new AppianRuntimeException(ErrorCode.WEBAPI_METHOD_DOES_NOT_SUPPORT_REACTIONS, new Object[0]);
        }
        this.actorRequestTracker = Stopwatch.createStarted();
        try {
            try {
                if (((ActorRequestService) ApplicationContextHolder.getBean(ActorRequestService.class)).request(eval, appianScriptContext.getServiceContext()) == 0) {
                    throw new AppianRuntimeException(ErrorCode.EPEX_FAILED_ACTOR_REQUEST_ENQUEUE, new Object[0]);
                }
                return eval;
            } catch (IllegalArgumentException e) {
                throw new AppianRuntimeException(ErrorCode.EPEX_INVALID_ACTOR_REQUEST_UUID, new Object[0]);
            }
        } finally {
            this.actorRequestTracker.stop();
        }
    }

    private Value evaluateReactionExpression(ReactionTree reactionTree) {
        EvalPath lexicalEvalPath = reactionTree.getLexicalEvalPath();
        try {
            return reactionTree.activate(lexicalEvalPath.getCurrentSaveRequestNotNull(), lexicalEvalPath.getLocalSideEffectListener(), lexicalEvalPath.getSaveRequest()).getValue();
        } catch (SaveCompleted | AppianRuntimeException e) {
            throw e;
        } catch (Throwable th) {
            throw new ExpressionRuntimeException(th);
        }
    }

    public Value<ImmutableDictionary> profile(ServiceContext serviceContext, WebApiRequest webApiRequest, WebApiDto webApiDto) throws ScriptException {
        AppianScriptContext build = AppianScriptContextBuilder.init().bindings(this.webApiAppianBindingFactory.fromWebApiRequest(webApiRequest, webApiDto)).serviceContext(serviceContext).addExternalSideEffectListener(new ExternalSideEffectRecorder()).enableEPEx(this.featureToggleConfiguration.isEPExRuntimeEnabled()).build();
        ReevaluationMetrics reevaluationMetrics = EvaluationEnvironment.getReevaluationMetrics();
        try {
            boolean booleanValue = webApiDto.isSystem() == null ? false : webApiDto.isSystem().booleanValue();
            reevaluationMetrics.onReevaluationStart("webapi");
            evaluateExpression(build, webApiDto.getHttpMethod(), webApiDto.getExpression(), booleanValue);
            Value<ImmutableDictionary> value = reevaluationMetrics.getSnapshot().toValue();
            reevaluationMetrics.onReevaluationEnd("webapi");
            return value;
        } catch (Throwable th) {
            reevaluationMetrics.onReevaluationEnd("webapi");
            throw th;
        }
    }

    public static List<String> getInvalidResponseHeaderNames(List<HttpHeader> list) {
        ArrayList arrayList = new ArrayList();
        if (list != null && !list.isEmpty()) {
            for (HttpHeader httpHeader : list) {
                if (httpHeader == null) {
                    arrayList.add(null);
                } else if (BLACKLISTED_WEBAPI_RESPONSE_HEADERS_IN_LOWERCASE.contains(httpHeader.getName().toLowerCase())) {
                    arrayList.add(httpHeader.getName());
                }
            }
        }
        return arrayList;
    }

    private WebApiResponse convertToWebApiResponse(Value value) {
        WebApiResponse webApiResponse = new WebApiResponse(this.extendedTypeService);
        if (Value.isNull(value) || value.getValue().equals("")) {
            throw new AppianRuntimeException(ErrorCode.WEBAPI_RETURNED_EMPTY_RESPONSE, new Object[0]);
        }
        if (Type.ACTOR_REQUEST.equals(value.getType())) {
            return convertActorToWebApiResponse((Record) value.getValue());
        }
        if (Type.LIST_OF_ACTOR_REQUEST.equals(value.getType())) {
            return convertActorToWebApiResponse((Record[]) value.getValue());
        }
        if (!value.getType().isType(Type.getType(WebApiResponseConstants.QNAME))) {
            throw new AppianRuntimeException(ErrorCode.WEBAPI_MUST_RETURN_WEB_API_RESPONSE, new Object[]{value.getValue()});
        }
        Record record = (Record) value.getValue();
        webApiResponse.setStatusCode(record.isNull("statusCode") ? HttpStatus.OK.value() : ((Integer) record.get("statusCode")).intValue());
        webApiResponse.setBody((String) record.get("body"));
        Integer num = (Integer) record.get("document");
        if (num == null || num.intValue() == Integer.MIN_VALUE) {
            webApiResponse.setDocument((DocumentRef) null);
        } else {
            webApiResponse.setDocument(new DocumentRefImpl(Long.valueOf(num.intValue()), ""));
        }
        if (!com.google.common.base.Strings.isNullOrEmpty(webApiResponse.getBody()) && webApiResponse.getDocument() != null) {
            throw new AppianRuntimeException(ErrorCode.WEBAPI_RESPONSE_WITH_DOCUMENT_AND_BODY, new Object[0]);
        }
        webApiResponse.setHeaders(convertValidHeaders(record));
        return webApiResponse;
    }

    private WebApiResponse convertActorToWebApiResponse(Record... recordArr) {
        if (recordArr == null) {
            throw new AppianRuntimeException(ErrorCode.WEBAPI_RETURNED_EMPTY_RESPONSE, new Object[0]);
        }
        WebApiResponse webApiResponse = new WebApiResponse(this.extendedTypeService);
        webApiResponse.setStatusCode(HttpStatus.OK.value());
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(MS_TO_QUEUE_ACTORS, Type.STRING.valueOf(this.actorRequestTracker == null ? "-1" : String.valueOf(this.actorRequestTracker.elapsed(TimeUnit.MILLISECONDS))));
        final LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        for (Record record : recordArr) {
            String value = record.getValue("uuid").toString();
            Long l = (Long) linkedHashMap2.get(value);
            linkedHashMap2.put(value, Long.valueOf(l != null ? l.longValue() + 1 : 1L));
        }
        ArrayList arrayList = new ArrayList();
        for (final String str : linkedHashMap2.keySet()) {
            arrayList.add(new LinkedHashMap<String, Value>() { // from class: com.appiancorp.webapi.WebApiEvaluator.1
                {
                    put(WebApiEvaluator.ACTOR_UUID, Type.STRING.valueOf(str));
                    put(WebApiEvaluator.NUMBER_INVOKED, Type.STRING.valueOf(((Long) linkedHashMap2.get(str)).toString()));
                }
            });
        }
        linkedHashMap.put(ACTORS_INVOKED, Type.LIST_OF_MAP.valueOf((ImmutableDictionary[]) arrayList.stream().map(map -> {
            return ImmutableDictionary.of(map);
        }).toArray(i -> {
            return new ImmutableDictionary[i];
        })));
        webApiResponse.setBody(Type.MAP.valueOf(ImmutableDictionary.of(linkedHashMap)).toJson());
        webApiResponse.setDocument((DocumentRef) null);
        webApiResponse.setHeaders(new ArrayList(0));
        return webApiResponse;
    }

    private List<HttpHeader> convertValidHeaders(Record record) {
        ArrayList arrayList = new ArrayList(0);
        Record[] recordArr = (Record[]) record.get("headers");
        if (recordArr != null) {
            for (Record record2 : recordArr) {
                HttpHeader httpHeader = new HttpHeader(this.extendedTypeService);
                httpHeader.setName((String) record2.get(ExportWebApiAsOpenApiReaction.FILE_NAME));
                httpHeader.setValue((String) record2.get("value"));
                arrayList.add(httpHeader);
            }
            List<String> invalidResponseHeaderNames = getInvalidResponseHeaderNames(arrayList);
            if (!invalidResponseHeaderNames.isEmpty()) {
                throw new AppianRuntimeException(ErrorCode.WEBAPI_INVALID_HEADER_SET, new Object[]{StringUtils.join(invalidResponseHeaderNames, "; ")});
            }
        }
        return arrayList;
    }
}
