package org.opencadc.tap.tmp;

import ca.nrc.cadc.auth.AuthMethod;
import ca.nrc.cadc.auth.RunnableAction;
import ca.nrc.cadc.auth.SSLUtil;
import ca.nrc.cadc.cred.client.CredUtil;
import ca.nrc.cadc.dali.tables.TableWriter;
import ca.nrc.cadc.io.ByteLimitExceededException;
import ca.nrc.cadc.net.FileContent;
import ca.nrc.cadc.net.HttpGet;
import ca.nrc.cadc.net.HttpPost;
import ca.nrc.cadc.net.HttpUpload;
import ca.nrc.cadc.net.ResourceAlreadyExistsException;
import ca.nrc.cadc.net.ResourceNotFoundException;
import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.reg.Standards;
import ca.nrc.cadc.reg.client.RegistryClient;
import ca.nrc.cadc.rest.InlineContentException;
import ca.nrc.cadc.rest.InlineContentHandler;
import ca.nrc.cadc.util.InvalidConfigException;
import ca.nrc.cadc.util.MultiValuedProperties;
import ca.nrc.cadc.util.PropertiesReader;
import ca.nrc.cadc.uws.Job;
import ca.nrc.cadc.uws.ParameterUtil;
import ca.nrc.cadc.uws.server.RandomStringGenerator;
import ca.nrc.cadc.uws.web.UWSInlineContentHandler;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.AccessControlException;
import java.security.PrivilegedAction;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.sql.ResultSet;
import javax.security.auth.Subject;
import org.apache.log4j.Logger;
import org.opencadc.vospace.VOS;
import org.opencadc.vospace.VOSURI;
import org.opencadc.vospace.transfer.Direction;
import org.opencadc.vospace.transfer.Protocol;
import org.opencadc.vospace.transfer.Transfer;
import org.opencadc.vospace.transfer.TransferParsingException;
import org.opencadc.vospace.transfer.TransferReader;
import org.opencadc.vospace.transfer.TransferWriter;

/* loaded from: input_file:org/opencadc/tap/tmp/HttpStorageManager.class */
public class HttpStorageManager implements StorageManager {
    private static final Logger log = Logger.getLogger(HttpStorageManager.class);
    private static final String BASE_URL_KEY = HttpStorageManager.class.getName() + ".baseURL";
    private static final String CERT_KEY = HttpStorageManager.class.getName() + ".certificate";
    private Job job;
    private String contentType;
    private String filename;
    private URL baseURL;
    private File certFile;

    public HttpStorageManager() throws InvalidConfigException {
        init(new PropertiesReader(StorageManager.CONFIG).getAllProperties());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpStorageManager(MultiValuedProperties multiValuedProperties) {
        init(multiValuedProperties);
    }

    private void init(MultiValuedProperties multiValuedProperties) {
        String firstPropertyValue = multiValuedProperties.getFirstPropertyValue(BASE_URL_KEY);
        try {
            this.baseURL = new URL(firstPropertyValue);
            String str = System.getProperty("user.home") + "/.ssl/" + multiValuedProperties.getFirstPropertyValue(CERT_KEY);
            log.debug("cert file: " + str);
            this.certFile = new File(str);
        } catch (MalformedURLException e) {
            throw new InvalidConfigException("invalid " + BASE_URL_KEY + " = " + firstPropertyValue, e);
        }
    }

    @Override // org.opencadc.tap.tmp.StorageManager
    public void check() throws Exception {
        SSLUtil.readPemCertificateAndKey(this.certFile).getChain()[0].checkValidity();
    }

    public void setJob(Job job) {
        this.job = job;
    }

    public void setContentType(String str) {
        this.contentType = str;
    }

    public void setFilename(String str) {
        this.filename = str;
    }

    public URL put(ResultSet resultSet, TableWriter<ResultSet> tableWriter) throws IOException {
        return put(new StreamingTableWriter(resultSet, tableWriter, null));
    }

    public URL put(ResultSet resultSet, TableWriter<ResultSet> tableWriter, Integer num) throws IOException {
        return put(new StreamingTableWriter(resultSet, tableWriter, num));
    }

    public URL put(Throwable th, TableWriter tableWriter) throws IOException {
        return put(new StreamingTableWriter(th, tableWriter));
    }

    private URL put(StreamingTableWriter streamingTableWriter) throws IOException {
        if (this.contentType == null) {
            throw new IllegalArgumentException("ContentType can not be null");
        }
        if (this.filename == null) {
            throw new IllegalArgumentException("filename can not be null");
        }
        URL url = new URL(this.baseURL + "/" + this.filename);
        URL url2 = url;
        String findParameterValue = ParameterUtil.findParameterValue("DEST", this.job.getParameterList());
        if (findParameterValue != null) {
            try {
                if (!CredUtil.checkCredentials()) {
                    throw new AccessControlException("no credentials to use with DEST=" + findParameterValue);
                }
                URL[] userDestination = getUserDestination(findParameterValue);
                url = userDestination[0];
                url2 = userDestination[1];
            } catch (CertificateExpiredException | CertificateNotYetValidException e) {
                throw new AccessControlException("delegated certificate is not valid: " + e);
            }
        }
        log.debug("put: " + url);
        log.debug("contentType: " + this.contentType);
        HttpUpload httpUpload = new HttpUpload(streamingTableWriter, url);
        httpUpload.setRequestProperty("content-type", this.contentType);
        if (findParameterValue != null) {
            httpUpload.run();
        } else {
            Subject.doAs(SSLUtil.createSubject(this.certFile), (PrivilegedAction) new RunnableAction(httpUpload));
        }
        if (httpUpload.getThrowable() != null) {
            throw new RuntimeException("failed to store file " + this.filename, httpUpload.getThrowable());
        }
        log.debug("result: " + url2);
        return url2;
    }

    private URL[] getUserDestination(String str) {
        URL[] urlArr = new URL[2];
        try {
            if (str.startsWith("https:")) {
                urlArr[0] = new URL(str);
                urlArr[1] = urlArr[0];
                return urlArr;
            }
            try {
                URI uri = new URI(str);
                if (!"vos".equals(uri.getScheme())) {
                    throw new IllegalArgumentException("invalid DEST scheme (expected https|vos): " + str);
                }
                VOSURI vosuri = new VOSURI(uri);
                try {
                    urlArr[0] = new URL(negotiatePUT(vosuri).getEndpoint());
                    urlArr[1] = constructGET(vosuri);
                    return urlArr;
                } catch (InterruptedException e) {
                    throw new RuntimeException("vospace transfer negotiation interrupted", e);
                } catch (MalformedURLException e2) {
                    throw new RuntimeException("vospace service " + vosuri.getServiceURI() + " returned invalid URL: " + e2);
                } catch (ResourceNotFoundException | TransferParsingException | IOException e3) {
                    throw new RuntimeException("failed to negotiate push to vospace: " + str, e3);
                }
            } catch (URISyntaxException e4) {
                throw new IllegalArgumentException("invalid DEST URI: " + str, e4);
            }
        } catch (MalformedURLException e5) {
            throw new IllegalArgumentException("invalid DEST https URL: " + str, e5);
        }
    }

    public InlineContentHandler.Content accept(String str, String str2, InputStream inputStream) throws InlineContentException, IOException, ResourceNotFoundException, TransientException {
        log.debug("name: " + str);
        log.debug("Content-Type: " + str2);
        if (inputStream == null) {
            throw new IOException("InputStream cannot be null");
        }
        URL url = new URL(this.baseURL + "/" + (str + "-" + getRandomString()));
        log.debug("put: " + url);
        log.debug("contentType: " + str2);
        HttpUpload httpUpload = new HttpUpload(inputStream, url);
        if (str2 != null) {
            httpUpload.setRequestProperty("content-type", str2);
        }
        Subject.doAs(SSLUtil.createSubject(this.certFile), (PrivilegedAction) new RunnableAction(httpUpload));
        InlineContentHandler.Content content = new InlineContentHandler.Content();
        content.name = "ParamReplacement";
        content.value = new UWSInlineContentHandler.ParameterReplacement("param:" + str, url.toExternalForm());
        return content;
    }

    private static String getRandomString() {
        return new RandomStringGenerator(16).getID();
    }

    private URL constructGET(VOSURI vosuri) {
        URL serviceURL = new RegistryClient().getServiceURL(vosuri.getServiceURI(), Standards.VOSPACE_FILES, AuthMethod.ANON);
        if (serviceURL == null) {
            throw new RuntimeException("OOPS: faield to find " + Standards.VOSPACE_FILES + " endpoint in " + vosuri.getServiceURI());
        }
        try {
            return new URL(serviceURL.toExternalForm() + vosuri.getPath());
        } catch (MalformedURLException e) {
            throw new RuntimeException("BUG: failed to create vospace files URL for " + vosuri);
        }
    }

    private Transfer negotiatePUT(VOSURI vosuri) throws ResourceNotFoundException, IOException, InterruptedException, TransferParsingException {
        InputStream inputStream;
        Protocol protocol = new Protocol(VOS.PROTOCOL_HTTPS_PUT);
        protocol.setSecurityMethod(Standards.SECURITY_METHOD_CERT);
        Transfer transfer = new Transfer(vosuri.getURI(), Direction.pushToVoSpace);
        transfer.version = 21;
        transfer.getProtocols().add(protocol);
        log.debug("request transfer:" + transfer);
        TransferWriter transferWriter = new TransferWriter();
        StringWriter stringWriter = new StringWriter();
        try {
            transferWriter.write(transfer, stringWriter);
            FileContent fileContent = new FileContent(stringWriter.toString(), "text/xml", Charset.forName("UTF-8"));
            URL serviceURL = new RegistryClient().getServiceURL(vosuri.getServiceURI(), Standards.VOSPACE_SYNC_21, AuthMethod.CERT);
            log.debug("negotiate: " + serviceURL);
            HttpPost httpPost = new HttpPost(serviceURL, fileContent, false);
            try {
                httpPost.prepare();
                if (httpPost.getRedirectURL() != null) {
                    HttpGet httpGet = new HttpGet(httpPost.getRedirectURL(), true);
                    httpGet.prepare();
                    inputStream = httpGet.getInputStream();
                } else {
                    inputStream = httpPost.getInputStream();
                }
                Transfer read = new TransferReader().read(inputStream, (String) null);
                log.debug("Response transfer: " + read);
                return read;
            } catch (ByteLimitExceededException | ResourceAlreadyExistsException e) {
                throw new RuntimeException("BUG: failed to send transfer", e);
            }
        } catch (IOException e2) {
            throw new RuntimeException("BUG: failed to write transfer", e2);
        }
    }
}
