package io.bdeploy.jersey.cli;

import com.j256.simplemagic.entries.MagicEntryParser;
import io.bdeploy.common.security.ApiAccessToken;
import io.bdeploy.common.security.RemoteService;
import io.bdeploy.common.security.SecurityHelper;
import io.bdeploy.common.util.JacksonHelper;
import io.bdeploy.common.util.StringHelper;
import io.bdeploy.jersey.TrustAllServersTrustManager;
import jakarta.ws.rs.client.ClientBuilder;
import jakarta.ws.rs.client.Entity;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.UriBuilder;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/bdeploy/jersey/cli/LocalLoginManager.class */
public class LocalLoginManager {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) LocalLoginManager.class);
    private final Path home;

    /* loaded from: input_file:io/bdeploy/jersey/cli/LocalLoginManager$AuthDto.class */
    private static final class AuthDto {
        public String user;
        public String password;

        private AuthDto() {
        }
    }

    public LocalLoginManager(String str) {
        this.home = StringHelper.isNullOrBlank(str) ? Path.of(System.getProperty("user.home"), new String[0]).resolve(".bdeploy") : Path.of(str, new String[0]);
    }

    private Path getDataFile() {
        return this.home.resolve(".bdeploy_login");
    }

    private void write(LocalLoginData localLoginData) {
        try {
            if (!Files.isRegularFile(getDataFile(), new LinkOption[0])) {
                Files.createDirectories(getDataFile().getParent(), new FileAttribute[0]);
                Files.createFile(getDataFile(), new FileAttribute[0]);
            }
            OutputStream newOutputStream = Files.newOutputStream(getDataFile(), StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.SYNC);
            try {
                JacksonHelper.getDefaultJsonObjectMapper().writeValue(newOutputStream, localLoginData);
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
            } finally {
            }
        } catch (IOException e) {
            log.error("Cannot write local login data to {}", getDataFile(), e);
        }
    }

    public LocalLoginData read() {
        try {
            if (!Files.isRegularFile(getDataFile(), new LinkOption[0])) {
                return new LocalLoginData();
            }
            InputStream newInputStream = Files.newInputStream(getDataFile(), new OpenOption[0]);
            try {
                LocalLoginData localLoginData = (LocalLoginData) JacksonHelper.getDefaultJsonObjectMapper().readValue(newInputStream, LocalLoginData.class);
                if (newInputStream != null) {
                    newInputStream.close();
                }
                return localLoginData;
            } finally {
            }
        } catch (IOException e) {
            log.error("Cannot read local login data from {}", getDataFile(), e);
            return new LocalLoginData();
        }
    }

    public void login(boolean z, String str, String str2, String str3, char[] cArr) {
        LocalLoginData read = read();
        if (!z && read.servers.containsKey(str)) {
            throw new IllegalStateException("Server with name " + str + " already exists.");
        }
        AuthDto authDto = new AuthDto();
        authDto.user = str3;
        authDto.password = new String(cArr);
        Response post = ClientBuilder.newBuilder().hostnameVerifier((str4, sSLSession) -> {
            return true;
        }).sslContext(createTrustAllContext()).build().target(str2).path("/auth/packed").request().post(Entity.entity(authDto, MediaType.APPLICATION_JSON));
        if (post.getStatusInfo().getFamily() != Response.Status.Family.SUCCESSFUL) {
            throw new IllegalStateException("Failed to login: " + post.getStatusInfo().getReasonPhrase());
        }
        LocalLoginServer localLoginServer = new LocalLoginServer();
        localLoginServer.url = str2;
        localLoginServer.token = (String) post.readEntity(String.class);
        localLoginServer.user = str3;
        read.servers.put(str, localLoginServer);
        read.current = str;
        write(read);
    }

    public void loginWithService(String str, RemoteService remoteService) {
        LocalLoginData read = read();
        if (read.servers.containsKey(str)) {
            throw new IllegalStateException("Server with name " + str + " already exists.");
        }
        LocalLoginServer localLoginServer = new LocalLoginServer();
        localLoginServer.url = remoteService.getUri().toString();
        localLoginServer.token = remoteService.getAuthPack();
        try {
            localLoginServer.user = ((ApiAccessToken) SecurityHelper.getInstance().getSelfVerifiedPayloadFromPack(localLoginServer.token, ApiAccessToken.class)).getIssuedTo();
        } catch (Exception e) {
            log.warn("Cannot extract user from token", (Throwable) e);
            localLoginServer.user = MagicEntryParser.UNKNOWN_NAME;
        }
        read.servers.put(str, localLoginServer);
        read.current = str;
        write(read);
    }

    public void remove(String str) {
        LocalLoginData read = read();
        read.servers.remove(str);
        if (str.equals(read.current)) {
            read.current = null;
        }
        write(read);
    }

    public void setCurrent(String str) {
        LocalLoginData read = read();
        if (!read.servers.containsKey(str)) {
            throw new IllegalStateException("Unknown server: " + str);
        }
        read.current = str;
        write(read);
    }

    public String getCurrent() {
        return read().current;
    }

    public RemoteService getCurrentService() {
        LocalLoginData read = read();
        if (read.current == null) {
            return null;
        }
        return getNamedService(read.current);
    }

    public RemoteService getNamedService(String str) {
        LocalLoginData read = read();
        if (!read.servers.containsKey(str)) {
            return null;
        }
        LocalLoginServer localLoginServer = read.servers.get(str);
        return new RemoteService(UriBuilder.fromUri(localLoginServer.url).build(new Object[0]), localLoginServer.token);
    }

    private SSLContext createTrustAllContext() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{new TrustAllServersTrustManager()}, new SecureRandom());
            return sSLContext;
        } catch (GeneralSecurityException e) {
            log.warn("Cannot create SSL context", (Throwable) e);
            return null;
        }
    }
}
