package com.atlassian.applinks.core.rest.ui;

import com.atlassian.applinks.analytics.ApplinksCreatedEventFactory;
import com.atlassian.applinks.api.ApplicationLink;
import com.atlassian.applinks.api.TypeNotInstalledException;
import com.atlassian.applinks.core.InternalTypeAccessor;
import com.atlassian.applinks.core.auth.OrphanedTrustAwareAuthenticatorProviderPluginModule;
import com.atlassian.applinks.core.auth.OrphanedTrustCertificate;
import com.atlassian.applinks.core.auth.OrphanedTrustDetector;
import com.atlassian.applinks.core.manifest.AppLinksManifestDownloader;
import com.atlassian.applinks.core.plugin.AuthenticationProviderModuleDescriptor;
import com.atlassian.applinks.core.rest.AbstractResource;
import com.atlassian.applinks.core.rest.ManifestResource;
import com.atlassian.applinks.core.rest.auth.AdminApplicationLinksInterceptor;
import com.atlassian.applinks.core.rest.context.ContextInterceptor;
import com.atlassian.applinks.core.rest.model.ApplicationLinkEntity;
import com.atlassian.applinks.core.rest.model.CreateApplicationLinkRequestEntity;
import com.atlassian.applinks.core.rest.model.CreatedApplicationLinkEntity;
import com.atlassian.applinks.core.rest.model.ManifestEntity;
import com.atlassian.applinks.core.rest.model.OrphanedTrust;
import com.atlassian.applinks.core.rest.model.ResponseInfoEntity;
import com.atlassian.applinks.core.rest.model.VerifyTwoWayLinkDetailsRequestEntity;
import com.atlassian.applinks.core.rest.util.RestUtil;
import com.atlassian.applinks.core.util.Holder;
import com.atlassian.applinks.core.util.URIUtil;
import com.atlassian.applinks.host.spi.InternalHostApplication;
import com.atlassian.applinks.internal.common.net.BasicHttpAuthRequestFactory;
import com.atlassian.applinks.internal.rest.interceptor.NoCacheHeaderInterceptor;
import com.atlassian.applinks.spi.Manifest;
import com.atlassian.applinks.spi.application.StaticUrlApplicationType;
import com.atlassian.applinks.spi.auth.AuthenticationConfigurationException;
import com.atlassian.applinks.spi.auth.AuthenticationScenario;
import com.atlassian.applinks.spi.auth.AutoConfiguringAuthenticatorProviderPluginModule;
import com.atlassian.applinks.spi.link.ApplicationLinkDetails;
import com.atlassian.applinks.spi.link.AuthenticationResponseException;
import com.atlassian.applinks.spi.link.LinkCreationResponseException;
import com.atlassian.applinks.spi.link.MutableApplicationLink;
import com.atlassian.applinks.spi.link.MutatingApplicationLinkService;
import com.atlassian.applinks.spi.link.NotAdministratorException;
import com.atlassian.applinks.spi.link.ReciprocalActionException;
import com.atlassian.applinks.spi.link.RemoteErrorListException;
import com.atlassian.applinks.spi.manifest.ManifestNotFoundException;
import com.atlassian.applinks.spi.manifest.ManifestRetriever;
import com.atlassian.event.api.EventPublisher;
import com.atlassian.plugin.PluginAccessor;
import com.atlassian.plugins.rest.common.interceptor.InterceptorChain;
import com.atlassian.plugins.rest.common.util.RestUrlBuilder;
import com.atlassian.sal.api.message.I18nResolver;
import com.atlassian.sal.api.net.Request;
import com.atlassian.sal.api.net.RequestFactory;
import com.atlassian.sal.api.net.ResponseException;
import com.atlassian.sal.api.net.ResponseHandler;
import com.atlassian.sal.api.user.UserManager;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.sun.jersey.spi.resource.Singleton;
import java.io.IOException;
import java.io.Serializable;
import java.net.URI;
import java.net.URL;
import java.util.ArrayList;
import java.util.regex.Pattern;
import java.util.stream.StreamSupport;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;

@Singleton
@Path("applicationlinkForm")
@Consumes({"application/xml", "application/json"})
@Produces({"application/xml", "application/json"})
@InterceptorChain({ContextInterceptor.class, AdminApplicationLinksInterceptor.class, NoCacheHeaderInterceptor.class})
/* loaded from: input_file:com/atlassian/applinks/core/rest/ui/CreateApplicationLinkUIResource.class */
public class CreateApplicationLinkUIResource extends AbstractResource {
    protected final MutatingApplicationLinkService applicationLinkService;
    protected final ManifestRetriever manifestRetriever;
    protected final InternalHostApplication internalHostApplication;
    protected final I18nResolver i18nResolver;
    protected static final Logger LOG = LoggerFactory.getLogger(CreateApplicationLinkUIResource.class);
    protected final OrphanedTrustDetector orphanedTrustDetector;
    protected final PluginAccessor pluginAccessor;
    protected final UserManager userManager;
    private final ApplinksCreatedEventFactory applinksCreatedEventFactory;
    private final EventPublisher eventPublisher;

    public CreateApplicationLinkUIResource(MutatingApplicationLinkService mutatingApplicationLinkService, RequestFactory requestFactory, InternalHostApplication internalHostApplication, I18nResolver i18nResolver, InternalTypeAccessor internalTypeAccessor, ManifestRetriever manifestRetriever, RestUrlBuilder restUrlBuilder, @Qualifier("delegatingOrphanedTrustDetector") OrphanedTrustDetector orphanedTrustDetector, PluginAccessor pluginAccessor, UserManager userManager, ApplinksCreatedEventFactory applinksCreatedEventFactory, EventPublisher eventPublisher) {
        super(restUrlBuilder, internalTypeAccessor, requestFactory, mutatingApplicationLinkService);
        this.i18nResolver = i18nResolver;
        this.internalHostApplication = internalHostApplication;
        this.applicationLinkService = mutatingApplicationLinkService;
        this.manifestRetriever = manifestRetriever;
        this.orphanedTrustDetector = orphanedTrustDetector;
        this.pluginAccessor = pluginAccessor;
        this.userManager = userManager;
        this.applinksCreatedEventFactory = applinksCreatedEventFactory;
        this.eventPublisher = eventPublisher;
    }

    private void sendFailureEvent(ApplinksCreatedEventFactory.FAILURE_REASON failure_reason) {
        this.eventPublisher.publish(this.applinksCreatedEventFactory.createFailEvent(failure_reason));
    }

    private void sendWarningEvent(ApplinksCreatedEventFactory.FAILURE_REASON failure_reason) {
        this.eventPublisher.publish(this.applinksCreatedEventFactory.createWarningEvent(failure_reason));
    }

    private void sendSuccessEvent() {
        this.eventPublisher.publish(this.applinksCreatedEventFactory.createSuccessEvent());
    }

    @GET
    @Path(ManifestResource.CONTEXT)
    public Response tryToFetchManifest(@QueryParam("url") String str) {
        Manifest manifest;
        if (StringUtils.isBlank(str)) {
            return RestUtil.badRequest(this.i18nResolver.getText("applinks.error.rpcurl"));
        }
        try {
            LOG.debug("URL received '" + str + "'");
            manifest = this.manifestRetriever.getManifest(new URL(str).toURI());
        } catch (Exception e) {
            LOG.error("Exception thrown while retrieving manifest", e);
            if (Pattern.compile("http(s)?:/[^/].*").matcher(str).matches()) {
                LOG.warn("The url '" + str + "' is missing the double slashes after the protocol. Is there a proxy server in the middle that has replaced the '//' with a single '/'?");
                sendFailureEvent(ApplinksCreatedEventFactory.FAILURE_REASON.NO_DOUBLE_SLASHES);
            } else {
                sendFailureEvent(ApplinksCreatedEventFactory.FAILURE_REASON.INVALID_URL);
            }
            LOG.debug("Invalid URL url='" + str + "'", e);
            return RestUtil.badRequest(this.i18nResolver.getText("applinks.error.url.invalid", new Serializable[]{str}));
        } catch (ManifestNotFoundException e2) {
            LOG.error("ManifestNotFoundException thrown while retrieving manifest", e2);
            manifest = null;
            Throwable cause = e2.getCause();
            if (cause != null) {
                if (cause instanceof AppLinksManifestDownloader.ManifestGotRedirectedException) {
                    AppLinksManifestDownloader.ManifestGotRedirectedException manifestGotRedirectedException = (AppLinksManifestDownloader.ManifestGotRedirectedException) cause;
                    ImmutableMap of = ImmutableMap.of("redirectedUrl", manifestGotRedirectedException.getNewLocation());
                    sendWarningEvent(ApplinksCreatedEventFactory.FAILURE_REASON.REDIRECT);
                    return RestUtil.ok(new ResponseInfoEntity("applinks.warning.redirected.host", getRedirectionWarning(manifestGotRedirectedException), of));
                }
                if (cause instanceof IOException) {
                    sendWarningEvent(ApplinksCreatedEventFactory.FAILURE_REASON.NO_RESPONSE);
                    return RestUtil.ok(new ResponseInfoEntity("applinks.warning.unknown.host", getNonResponsiveHostWarning()));
                }
            }
        }
        if (manifest == null) {
            LOG.error("Null manifest retrieved");
            sendWarningEvent(ApplinksCreatedEventFactory.FAILURE_REASON.NULL_MANIFEST);
            return RestUtil.ok(new ResponseInfoEntity());
        }
        LOG.debug("Manifest retrieved successfully");
        try {
            if (this.typeAccessor.loadApplicationType(manifest.getTypeId()) == null) {
                throw new TypeNotInstalledException(manifest.getTypeId().get(), manifest.getName(), manifest.getUrl());
            }
            MutableApplicationLink applicationLink = this.applicationLinkService.getApplicationLink(manifest.getId());
            if (applicationLink != null) {
                if (applicationLink.getDisplayUrl().equals(manifest.getUrl())) {
                    sendFailureEvent(ApplinksCreatedEventFactory.FAILURE_REASON.ALREADY_CONFIGURED);
                    return RestUtil.conflict(this.i18nResolver.getText("applinks.error.applink.exists", new Serializable[]{manifest.getUrl()}));
                }
                sendFailureEvent(ApplinksCreatedEventFactory.FAILURE_REASON.ALREADY_CONFIGURED_UNDER_DIFFERENT_URL);
                return RestUtil.conflict(this.i18nResolver.getText("applinks.error.applink.exists.with.different.url"));
            }
            if (manifest.getId().equals(this.internalHostApplication.getId())) {
                sendFailureEvent(ApplinksCreatedEventFactory.FAILURE_REASON.LINK_TO_SELF);
                return RestUtil.conflict(this.i18nResolver.getText("applinks.error.applink.itsme"));
            }
            sendSuccessEvent();
            return RestUtil.ok(new ManifestEntity(manifest));
        } catch (TypeNotInstalledException e3) {
            LOG.error("TypeNotInstalledException thrown", e3);
            sendFailureEvent(ApplinksCreatedEventFactory.FAILURE_REASON.TYPE_NOT_INSTALLED);
            return RestUtil.badRequest(String.format(this.i18nResolver.getText("applinks.error.remote.type.not.installed", new Serializable[]{e3.getType()}), new Object[0]));
        }
    }

    private String getRedirectionWarning(AppLinksManifestDownloader.ManifestGotRedirectedException manifestGotRedirectedException) {
        return this.i18nResolver.getText("applinks.warning.redirected.host.new", new Serializable[]{StringEscapeUtils.escapeHtml(manifestGotRedirectedException.newLocationBaseUrl())});
    }

    private String getNonResponsiveHostWarning() {
        return this.i18nResolver.getText("applinks.warning.unknown.host.new");
    }

    @POST
    @Path("createStaticUrlAppLink")
    public Response createStaticUrlAppLink(@QueryParam("typeId") String str) throws Exception {
        StaticUrlApplicationType loadApplicationType = this.typeAccessor.loadApplicationType(str);
        Manifest manifest = this.manifestRetriever.getManifest(loadApplicationType.getStaticUrl(), loadApplicationType);
        return RestUtil.ok(new CreatedApplicationLinkEntity(toApplicationLinkEntity(this.applicationLinkService.addApplicationLink(manifest.getId(), loadApplicationType, ApplicationLinkDetails.builder().name(loadApplicationType.getI18nKey()).displayUrl(loadApplicationType.getStaticUrl()).rpcUrl(loadApplicationType.getStaticUrl()).isPrimary(true).build())), true));
    }

    @POST
    @Path("createAppLink")
    public Response createApplicationLink(CreateApplicationLinkRequestEntity createApplicationLinkRequestEntity) {
        ApplicationLinkEntity applicationLink = createApplicationLinkRequestEntity.getApplicationLink();
        URI rpcUrl = applicationLink.getRpcUrl();
        if (StringUtils.isEmpty(applicationLink.getName().trim())) {
            return RestUtil.badFormRequest(Lists.newArrayList(new String[]{this.i18nResolver.getText("applinks.error.appname")}), Lists.newArrayList(new String[]{"application-name"}));
        }
        if (StringUtils.isEmpty(applicationLink.getTypeId().get()) || this.typeAccessor.loadApplicationType(applicationLink.getTypeId()) == null) {
            return RestUtil.badFormRequest(Lists.newArrayList(new String[]{this.i18nResolver.getText("applinks.error.apptype")}), Lists.newArrayList(new String[]{"application-types"}));
        }
        final boolean shareUserbase = createApplicationLinkRequestEntity.getConfigFormValues().shareUserbase();
        final boolean trustEachOther = createApplicationLinkRequestEntity.getConfigFormValues().trustEachOther();
        if (!this.userManager.isSystemAdmin(this.userManager.getRemoteUsername()) && shareUserbase) {
            return RestUtil.badFormRequest(Lists.newArrayList(new String[]{this.i18nResolver.getText("applinks.error.only.sysadmin.operation")}), Lists.newArrayList(new String[]{"same-userbase"}));
        }
        if (applicationLinkWithRpcUrlAlreadyExists(applicationLink.getRpcUrl())) {
            return RestUtil.badRequest(this.i18nResolver.getText("applinks.error.rpcurl.exists"));
        }
        if (createApplicationLinkRequestEntity.createTwoWayLink()) {
            try {
                this.applicationLinkService.createReciprocalLink(rpcUrl, createApplicationLinkRequestEntity.isCustomRpcURL() ? createApplicationLinkRequestEntity.getRpcUrl() : null, createApplicationLinkRequestEntity.getUsername(), createApplicationLinkRequestEntity.getPassword());
            } catch (ReciprocalActionException e) {
                return RestUtil.serverError(this.i18nResolver.getText("applinks.error.general"));
            } catch (NotAdministratorException e2) {
                return RestUtil.badFormRequest(Lists.newArrayList(new String[]{this.i18nResolver.getText("applinks.error.unauthorized")}), Lists.newArrayList(new String[]{"authorization"}));
            } catch (LinkCreationResponseException e3) {
                return RestUtil.serverError(this.i18nResolver.getText("applinks.error.response"));
            } catch (RemoteErrorListException e4) {
                ArrayList newArrayList = Lists.newArrayList(new String[]{this.i18nResolver.getText("applinks.error.general")});
                newArrayList.addAll(e4.getErrors());
                return RestUtil.badRequest((String[]) newArrayList.toArray(new String[0]));
            } catch (AuthenticationResponseException e5) {
                return RestUtil.serverError(this.i18nResolver.getText("applinks.error.authorization.response"));
            }
        }
        try {
            ApplicationLink createApplicationLink = this.applicationLinkService.createApplicationLink(this.typeAccessor.loadApplicationType(applicationLink.getTypeId().get()), applicationLink.getDetails());
            boolean z = true;
            if (createApplicationLinkRequestEntity.createTwoWayLink()) {
                try {
                    this.applicationLinkService.configureAuthenticationForApplicationLink(createApplicationLink, new AuthenticationScenario() { // from class: com.atlassian.applinks.core.rest.ui.CreateApplicationLinkUIResource.1
                        public boolean isCommonUserBase() {
                            return shareUserbase;
                        }

                        public boolean isTrusted() {
                            return trustEachOther;
                        }
                    }, createApplicationLinkRequestEntity.getUsername(), createApplicationLinkRequestEntity.getPassword());
                } catch (AuthenticationConfigurationException e6) {
                    LOG.warn("Error during auto-configuration of authentication providers for application link '" + createApplicationLink + "'", e6);
                    z = false;
                }
            }
            if (createApplicationLinkRequestEntity.getOrphanedTrust() != null) {
                OrphanedTrust orphanedTrust = createApplicationLinkRequestEntity.getOrphanedTrust();
                try {
                    OrphanedTrustCertificate.Type valueOf = OrphanedTrustCertificate.Type.valueOf(orphanedTrust.getType());
                    this.orphanedTrustDetector.addOrphanedTrustToApplicationLink(orphanedTrust.getId(), valueOf, createApplicationLink.getId());
                    if (createApplicationLinkRequestEntity.createTwoWayLink()) {
                        AutoConfiguringAuthenticatorProviderPluginModule autoConfigurationPluginModule = getAutoConfigurationPluginModule(valueOf);
                        if (autoConfigurationPluginModule != null) {
                            autoConfigurationPluginModule.enable(getAuthenticatedRequestFactory(createApplicationLinkRequestEntity), createApplicationLink);
                        } else {
                            LOG.warn("Failed to find an authentication type for the orphaned trust certificate type='" + orphanedTrust.getType() + "' and id='" + orphanedTrust.getId() + "' that supports auto-configuration");
                        }
                    }
                } catch (Exception e7) {
                    LOG.error("Failed to add orphaned trust certificate with type='" + orphanedTrust.getType() + "' and id='" + orphanedTrust.getId() + "'", e7);
                }
            }
            return RestUtil.ok(new CreatedApplicationLinkEntity(toApplicationLinkEntity(createApplicationLink), z));
        } catch (ManifestNotFoundException e8) {
            return RestUtil.serverError(this.i18nResolver.getText("applinks.error.incorrect.application.type"));
        }
    }

    private boolean applicationLinkWithRpcUrlAlreadyExists(URI uri) {
        return StreamSupport.stream(this.applicationLinkService.getApplicationLinks().spliterator(), false).anyMatch(applicationLink -> {
            return applicationLink.getRpcUrl().equals(uri);
        });
    }

    private AutoConfiguringAuthenticatorProviderPluginModule getAutoConfigurationPluginModule(OrphanedTrustCertificate.Type type) {
        return findAutoConfiguringAuthenticationProviderModule(type);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private AutoConfiguringAuthenticatorProviderPluginModule findAutoConfiguringAuthenticationProviderModule(OrphanedTrustCertificate.Type type) {
        for (AuthenticationProviderModuleDescriptor authenticationProviderModuleDescriptor : this.pluginAccessor.getEnabledModuleDescriptorsByClass(AuthenticationProviderModuleDescriptor.class)) {
            if (authenticationProviderModuleDescriptor instanceof OrphanedTrustAwareAuthenticatorProviderPluginModule) {
                if (((OrphanedTrustAwareAuthenticatorProviderPluginModule) authenticationProviderModuleDescriptor).isApplicable(type.name())) {
                }
                return authenticationProviderModuleDescriptor.m78getModule();
            }
        }
        return null;
    }

    private BasicHttpAuthRequestFactory<Request<Request<?, com.atlassian.sal.api.net.Response>, com.atlassian.sal.api.net.Response>> getAuthenticatedRequestFactory(CreateApplicationLinkRequestEntity createApplicationLinkRequestEntity) {
        return new BasicHttpAuthRequestFactory<>(this.requestFactory, createApplicationLinkRequestEntity.getUsername(), createApplicationLinkRequestEntity.getPassword());
    }

    @POST
    @Path("details")
    public Response verifyTwoWayLinkDetails(VerifyTwoWayLinkDetailsRequestEntity verifyTwoWayLinkDetailsRequestEntity) throws TypeNotInstalledException {
        try {
            if (!this.applicationLinkService.isAdminUserInRemoteApplication(verifyTwoWayLinkDetailsRequestEntity.getRemoteUrl(), verifyTwoWayLinkDetailsRequestEntity.getUsername(), verifyTwoWayLinkDetailsRequestEntity.getPassword())) {
                return RestUtil.badFormRequest(Lists.newArrayList(new String[]{this.i18nResolver.getText("applinks.error.unauthorized")}), Lists.newArrayList(new String[]{"reciprocal-link-password"}));
            }
            String text = this.i18nResolver.getText(this.internalHostApplication.getType().getI18nKey());
            try {
                return isRpcUrlValid(verifyTwoWayLinkDetailsRequestEntity.getRemoteUrl(), verifyTwoWayLinkDetailsRequestEntity.getRpcUrl(), verifyTwoWayLinkDetailsRequestEntity.getUsername(), verifyTwoWayLinkDetailsRequestEntity.getPassword()) ? RestUtil.ok() : RestUtil.badRequest(this.i18nResolver.getText("applinks.error.url.reciprocal.rpc.url.invalid", new Serializable[]{this.internalHostApplication.getName(), text, verifyTwoWayLinkDetailsRequestEntity.getRpcUrl()}));
            } catch (ResponseException e) {
                LOG.error("Error occurred while checking reciprocal link.", e);
                return RestUtil.badRequest(this.i18nResolver.getText("applinks.error.url.reciprocal.rpc.url.invalid", new Serializable[]{this.internalHostApplication.getName(), text, verifyTwoWayLinkDetailsRequestEntity.getRpcUrl()}));
            }
        } catch (ResponseException e2) {
            LOG.error("Error occurred while checking credentials.", e2);
            return RestUtil.serverError(this.i18nResolver.getText("applinks.error.authorization.response"));
        }
    }

    private boolean isRpcUrlValid(URI uri, URI uri2, String str, String str2) throws ResponseException {
        Request createRequest = this.requestFactory.createRequest(Request.MethodType.GET, ((AuthenticationResource) getUrlFor(URIUtil.uncheckedConcatenate(uri, RestUtil.REST_APPLINKS_URL), AuthenticationResource.class)).rpcUrlIsReachable(this.internalHostApplication.getId().get(), uri2, null).toString() + "?url=" + URIUtil.utf8Encode(uri2));
        createRequest.addBasicAuthentication(uri.getHost(), str, str2);
        final Holder holder = new Holder(false);
        createRequest.execute(new ResponseHandler<com.atlassian.sal.api.net.Response>() { // from class: com.atlassian.applinks.core.rest.ui.CreateApplicationLinkUIResource.2
            public void handle(com.atlassian.sal.api.net.Response response) throws ResponseException {
                if (response.isSuccessful()) {
                    holder.set(true);
                }
            }
        });
        return ((Boolean) holder.get()).booleanValue();
    }
}
