package com.predic8.membrane.core.sslinterceptor;

import com.bornium.security.oauth2openid.Constants;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.common.collect.ImmutableMap;
import com.predic8.membrane.annot.MCAttribute;
import com.predic8.membrane.annot.MCChildElement;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.core.Router;
import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.http.Request;
import com.predic8.membrane.core.interceptor.Outcome;
import com.predic8.membrane.core.interceptor.statistics.util.JDBCUtil;
import com.predic8.membrane.core.transport.http.HttpClient;
import com.predic8.membrane.core.transport.http.client.HttpClientConfiguration;
import com.predic8.membrane.core.transport.ssl.SSLExchange;
import com.predic8.membrane.core.transport.ssl.TLSError;
import java.util.Map;
import java.util.concurrent.TimeUnit;

@MCElement(id = "sslProxy-gatekeeper", name = "gatekeeper", topLevel = false)
/* loaded from: input_file:lib/service-proxy-core-4.8.4.jar:com/predic8/membrane/core/sslinterceptor/GateKeeperClientInterceptor.class */
public class GateKeeperClientInterceptor implements SSLInterceptor {
    protected String name;
    private String url;
    private HttpClientConfiguration httpClientConfiguration;
    private HttpClient httpClient;
    private ObjectMapper om = new ObjectMapper();
    Cache<String, Map> cache = CacheBuilder.newBuilder().expireAfterWrite(1, TimeUnit.MINUTES).build();

    public GateKeeperClientInterceptor() {
        this.name = "";
        this.name = "gatekeeper";
    }

    @Override // com.predic8.membrane.core.sslinterceptor.SSLInterceptor
    public void init(Router router) throws Exception {
        if (this.httpClientConfiguration == null) {
            this.httpClientConfiguration = new HttpClientConfiguration();
        }
        this.httpClient = new HttpClient(this.httpClientConfiguration);
    }

    @Override // com.predic8.membrane.core.sslinterceptor.SSLInterceptor
    public Outcome handleRequest(SSLExchange sSLExchange) throws Exception {
        String name = sSLExchange.getRule().getName();
        String writeValueAsString = this.om.writeValueAsString(ImmutableMap.builder().put(JDBCUtil.RULE, name).put("clientIP", sSLExchange.getRemoteAddrIp()).build());
        Map map = (Map) this.cache.getIfPresent(writeValueAsString);
        if (map == null) {
            map = getResult(writeValueAsString);
        }
        if (map.get(Constants.PARAMETER_ERROR) == null && ((Boolean) map.get("gate")).booleanValue()) {
            this.cache.put(writeValueAsString, map);
            return Outcome.CONTINUE;
        }
        return createResponse(sSLExchange);
    }

    private Map getResult(String str) throws Exception {
        Exchange call = this.httpClient.call(new Request.Builder().post(this.url).header("Content-Type", "application/json").body(str).buildExchange());
        return call.getResponse().getStatusCode() != 200 ? ImmutableMap.of(Constants.PARAMETER_ERROR, "status " + call.getResponse().getStatusCode()) : ImmutableMap.copyOf((Map) this.om.readValue(call.getResponse().getBodyAsStreamDecoded(), Map.class));
    }

    private Outcome createResponse(SSLExchange sSLExchange) {
        sSLExchange.setError(TLSError.access_denied);
        return Outcome.RETURN;
    }

    public String getUrl() {
        return this.url;
    }

    @MCAttribute
    public void setUrl(String str) {
        this.url = str;
    }

    public HttpClientConfiguration getHttpClientConfiguration() {
        return this.httpClientConfiguration;
    }

    @MCChildElement(order = 10)
    public void setHttpClientConfiguration(HttpClientConfiguration httpClientConfiguration) {
        this.httpClientConfiguration = httpClientConfiguration;
    }
}
