package org.commonjava.indy.data;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Future;
import java.util.stream.Collectors;
import javax.inject.Inject;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpHead;
import org.apache.http.impl.client.HttpClientBuilder;
import org.commonjava.cdi.util.weft.ExecutorConfig;
import org.commonjava.cdi.util.weft.WeftManaged;
import org.commonjava.indy.conf.SslValidationConfig;
import org.commonjava.indy.data.ArtifactStoreValidateData;
import org.commonjava.indy.model.core.ArtifactStore;
import org.commonjava.indy.model.core.RemoteRepository;
import org.commonjava.indy.model.core.StoreType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/commonjava/indy/data/DefaultStoreValidator.class */
public class DefaultStoreValidator implements StoreValidator {
    private static final Logger LOGGER = LoggerFactory.getLogger(DefaultStoreValidator.class);

    @Inject
    @WeftManaged
    @ExecutorConfig(named = "store-validation", threads = 2, priority = 6)
    private ExecutorService executorService;

    @Inject
    SslValidationConfig configuration;

    public ArtifactStoreValidateData validate(ArtifactStore artifactStore) {
        CountDownLatch countDownLatch = new CountDownLatch(2);
        HashMap hashMap = new HashMap();
        Optional empty = Optional.empty();
        try {
            if (StoreType.remote != artifactStore.getType()) {
                return artifactStore instanceof RemoteRepository ? new ArtifactStoreValidateData.Builder(artifactStore.getKey()).setRepositoryUrl(((RemoteRepository) artifactStore).getUrl()).setErrors(hashMap).build() : new ArtifactStoreValidateData.Builder(artifactStore.getKey()).setValid(true).setErrors(hashMap).build();
            }
            RemoteRepository remoteRepository = (RemoteRepository) artifactStore;
            if (remoteRepository.isDisabled()) {
                LOGGER.warn("=> Remote Repository is disabled: ", remoteRepository.getUrl());
                return disabledRemoteRepositoryData(remoteRepository);
            }
            Optional<URL> of = Optional.of(new URL(remoteRepository.getUrl()));
            LOGGER.debug("Is SSL required for remote repository URLs? {}", Boolean.valueOf(this.configuration.isSSLRequired()));
            if (this.configuration.isSSLRequired() && !of.get().getProtocol().equalsIgnoreCase("https")) {
                LOGGER.warn("\n\t\t\t=> Allowed Remote Repositories by Config File: " + this.configuration.getRemoteNoSSLHosts() + "\n");
                ArtifactStoreValidateData compareRemoteHostToAllowedHostnames = compareRemoteHostToAllowedHostnames(of, remoteRepository);
                if (!compareRemoteHostToAllowedHostnames.isValid()) {
                    LOGGER.info("=> Non-SSL Repository is not allowed!");
                    compareRemoteHostToAllowedHostnames.getErrors().put("NOT_ALLOWED_SSL", compareRemoteHostToAllowedHostnames.getRepositoryUrl());
                    return compareRemoteHostToAllowedHostnames;
                }
            }
            return availableSslRemoteRepository(countDownLatch, of, remoteRepository);
        } catch (MalformedURLException e) {
            hashMap.put("MalformedURLException", e.getMessage());
            return new ArtifactStoreValidateData.Builder(artifactStore.getKey()).setRepositoryUrl(((RemoteRepository) artifactStore).getUrl()).setErrors(hashMap).build();
        } catch (Exception e2) {
            LOGGER.error(" => Not Valid Remote Repository, \n => Exception: " + e2);
            if (e2.getMessage() != null) {
                hashMap.put("Exception", e2.getMessage());
            } else {
                hashMap.put("Exception", "General Exception");
            }
            return new ArtifactStoreValidateData.Builder(artifactStore.getKey()).setRepositoryUrl(((URL) empty.get()).toExternalForm()).setErrors(hashMap).build();
        }
    }

    private boolean allowedNonSSLHostname(String str, String str2) {
        String[] hostnamesTrimed = getHostnamesTrimed(str);
        int length = hostnamesTrimed.length;
        String[] hostnamesTrimed2 = getHostnamesTrimed(str2);
        int length2 = hostnamesTrimed2.length;
        int i = 1;
        for (int i2 = length; i2 > 0; i2--) {
            String str3 = hostnamesTrimed[length - i];
            String str4 = hostnamesTrimed2[length2 - i];
            if (str3.equals("*")) {
                return true;
            }
            if (!str3.equalsIgnoreCase(str4)) {
                return false;
            }
            i++;
        }
        return true;
    }

    private Future<Integer> executeGetHttp(HttpGet httpGet, CountDownLatch countDownLatch) {
        countDownLatch.countDown();
        return this.executorService.submit(() -> {
            try {
                CloseableHttpResponse execute = HttpClientBuilder.create().build().execute(httpGet);
                Throwable th = null;
                try {
                    LOGGER.warn("=> Check HTTP GET Response code: " + execute.getStatusLine().getStatusCode());
                    Integer valueOf = Integer.valueOf(execute.getStatusLine().getStatusCode());
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    return valueOf;
                } finally {
                }
            } catch (IOException e) {
                LOGGER.error(" => Not Successfull HTTP GET request from StoreValidatorRemote, \n => Exception: " + e);
                throw new InvalidArtifactStoreException("Not valid remote Repository", e, new Object[0]);
            } catch (Exception e2) {
                LOGGER.error(" => Not Successfull HTTP GET request from StoreValidatorRemote, \n => Exception: " + e2);
                throw new Exception("=> Not valid remote Repository", e2);
            }
        });
    }

    private Future<Integer> executeHeadHttp(HttpHead httpHead, CountDownLatch countDownLatch) {
        countDownLatch.countDown();
        return this.executorService.submit(() -> {
            try {
                CloseableHttpResponse execute = HttpClientBuilder.create().build().execute(httpHead);
                Throwable th = null;
                try {
                    LOGGER.warn("=> Check HTTP HEAD Response code: " + execute.getStatusLine().getStatusCode());
                    Integer valueOf = Integer.valueOf(execute.getStatusLine().getStatusCode());
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    return valueOf;
                } finally {
                }
            } catch (IOException e) {
                LOGGER.error(" => Not Successfull HTTP HEAD request from StoreValidatorRemote, \n => Exception: " + e);
                throw new InvalidArtifactStoreException("Not valid remote Repository", e, new Object[0]);
            } catch (Exception e2) {
                LOGGER.error(" => Not Successfull HTTP HEAD request from StoreValidatorRemote, \n => Exception: " + e2);
                throw new Exception("=> Not valid remote Repository", e2);
            }
        });
    }

    private ArtifactStoreValidateData disabledRemoteRepositoryData(RemoteRepository remoteRepository) {
        HashMap hashMap = new HashMap();
        hashMap.put("disabled", "Disabled Remote Repository");
        try {
            new URL(remoteRepository.getUrl()).toURI();
        } catch (MalformedURLException | URISyntaxException e) {
            hashMap.put("MalformedURLException", e.getMessage());
        }
        return new ArtifactStoreValidateData.Builder(remoteRepository.getKey()).setRepositoryUrl(remoteRepository.getUrl()).setValid(false).setErrors(hashMap).build();
    }

    private ArtifactStoreValidateData compareRemoteHostToAllowedHostnames(Optional<URL> optional, RemoteRepository remoteRepository) {
        List<String> remoteNoSSLHosts = this.configuration.getRemoteNoSSLHosts();
        String host = optional.get().getHost();
        HashMap hashMap = new HashMap();
        for (String str : remoteNoSSLHosts) {
            LOGGER.warn("=> Validating Allowed Remote Hostname: " + str + " For Host: " + host + "\n");
            if (allowedNonSSLHostname(str, host)) {
                hashMap.put("ALLOWED_SSL", optional.get().toString());
                LOGGER.warn("=> NON-SSL RemoteRepository with URL: " + host + " is ALLOWED under RULE: " + str);
                return new ArtifactStoreValidateData.Builder(remoteRepository.getKey()).setRepositoryUrl(optional.get().toExternalForm()).setErrors(hashMap).setValid(true).build();
            }
        }
        return new ArtifactStoreValidateData.Builder(remoteRepository.getKey()).setRepositoryUrl(optional.get().toExternalForm()).setErrors(hashMap).setValid(false).build();
    }

    private ArtifactStoreValidateData availableSslRemoteRepository(CountDownLatch countDownLatch, Optional<URL> optional, RemoteRepository remoteRepository) throws InterruptedException, ExecutionException, URISyntaxException {
        HashMap hashMap = new HashMap();
        Future<Integer> executeGetHttp = executeGetHttp(new HttpGet(optional.get().toURI()), countDownLatch);
        Future<Integer> executeHeadHttp = executeHeadHttp(new HttpHead(optional.get().toURI()), countDownLatch);
        countDownLatch.await();
        if (!optional.get().getProtocol().equalsIgnoreCase("https")) {
            hashMap.put("HTTP_PROTOCOL", optional.get().getProtocol());
        }
        if (executeGetHttp.get().intValue() < 400 || executeHeadHttp.get().intValue() < 400) {
            LOGGER.warn("=> Success HTTP GET and HEAD Response from Remote Repository: " + optional.get());
            hashMap.put("HTTP_GET_STATUS", executeGetHttp.get().toString());
            hashMap.put("HTTP_HEAD_STATUS", executeHeadHttp.get().toString());
            return new ArtifactStoreValidateData.Builder(remoteRepository.getKey()).setRepositoryUrl(optional.get().toExternalForm()).setValid(true).setErrors(hashMap).build();
        }
        LOGGER.warn("=> Failure @ HTTP GET and HEAD Response from Remote Repository: " + optional.get());
        hashMap.put("HTTP_GET_STATUS", executeGetHttp.get().toString());
        hashMap.put("HTTP_HEAD_STATUS", executeHeadHttp.get().toString());
        return new ArtifactStoreValidateData.Builder(remoteRepository.getKey()).setRepositoryUrl(optional.get().toExternalForm()).setValid(false).setErrors(hashMap).build();
    }

    private String[] getHostnamesTrimed(String str) {
        return (String[]) ((List) Arrays.asList(str.split("\\.")).stream().map(str2 -> {
            return str2.trim();
        }).collect(Collectors.toList())).toArray(new String[0]);
    }
}
