package com.centurylink.mdw.services.rest;

import com.centurylink.mdw.app.ApplicationContext;
import com.centurylink.mdw.cache.CachingException;
import com.centurylink.mdw.common.service.AuthorizationException;
import com.centurylink.mdw.common.service.Query;
import com.centurylink.mdw.common.service.ServiceException;
import com.centurylink.mdw.config.PropertyManager;
import com.centurylink.mdw.dataaccess.DataAccessException;
import com.centurylink.mdw.model.JsonObject;
import com.centurylink.mdw.model.user.User;
import com.centurylink.mdw.model.user.UserAction;
import com.centurylink.mdw.model.user.Workgroup;
import com.centurylink.mdw.service.data.task.UserGroupCache;
import com.centurylink.mdw.services.ServiceLocator;
import com.centurylink.mdw.util.HttpHelper;
import com.centurylink.mdw.util.StringHelper;
import com.centurylink.mdw.util.log.LoggerUtil;
import com.centurylink.mdw.util.log.StandardLogger;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/centurylink/mdw/services/rest/RestService.class */
public abstract class RestService {
    public static final int HTTP_200_OK = 200;
    public static final int HTTP_201_CREATED = 201;
    public static final int HTTP_202_ACCEPTED = 202;
    public static final int HTTP_400_BAD_REQUEST = 400;
    public static final int HTTP_401_UNAUTHORIZED = 401;
    public static final int HTTP_403_FORBIDDEN = 403;
    public static final int HTTP_404_NOT_FOUND = 404;
    public static final int HTTP_405_METHOD_NOT_ALLOWED = 405;
    public static final int HTTP_409_CONFLICT = 409;
    public static final int HTTP_500_INTERNAL_ERROR = 500;
    public static final int HTTP_501_NOT_IMPLEMENTED = 501;
    private static StandardLogger logger = LoggerUtil.getStandardLogger();

    /* JADX INFO: Access modifiers changed from: protected */
    public User authorize(String str, JSONObject jSONObject, Map<String, String> map) throws AuthorizationException {
        String str2 = map.get("AuthenticatedUser");
        if (str2 == null) {
            throw new AuthorizationException(HTTP_401_UNAUTHORIZED, "Service " + getClass().getSimpleName() + " requires authenticated user");
        }
        try {
            User user = UserGroupCache.getUser(str2);
            if (user == null) {
                throw new AuthorizationException(HTTP_401_UNAUTHORIZED, "Cannot find user: " + str2);
            }
            String str3 = map.get("AuthorizationWorkgroup");
            List<String> roles = getRoles(str);
            if (roles != null) {
                if (roles.contains("Any")) {
                    return user;
                }
                for (String str4 : roles) {
                    if ((str3 == null && user.hasRole(str4)) || (str3 != null && user.hasRole(str3, str4))) {
                        List<Workgroup> requiredWorkgroups = getRequiredWorkgroups(jSONObject);
                        if (requiredWorkgroups == null || userInGroups(user, requiredWorkgroups)) {
                            return user;
                        }
                        throw new AuthorizationException(HTTP_401_UNAUTHORIZED, "User: " + str2 + " not authorized for groups " + requiredWorkgroups + " for: " + str);
                    }
                }
            }
            throw new AuthorizationException(HTTP_401_UNAUTHORIZED, "User: " + str2 + " not authorized for: " + str);
        } catch (CachingException e) {
            throw new AuthorizationException(e.getMessage(), e);
        } catch (JSONException e2) {
            throw new AuthorizationException(e2.getMessage(), e2);
        } catch (DataAccessException e3) {
            throw new AuthorizationException(e3.getMessage(), e3);
        }
    }

    private boolean userInGroups(User user, List<Workgroup> list) {
        Iterator<Workgroup> it = list.iterator();
        while (it.hasNext()) {
            if (user.belongsToGroup(it.next().getName())) {
                return true;
            }
        }
        return false;
    }

    protected List<Workgroup> getRequiredWorkgroups(JSONObject jSONObject) throws JSONException, DataAccessException {
        return null;
    }

    public List<String> getRoles(String str) {
        ArrayList arrayList = new ArrayList();
        arrayList.add("Site Admin");
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getRequiredProperty(String str) throws ServiceException {
        String property = PropertyManager.getProperty(str);
        if (property == null) {
            throw new ServiceException(HTTP_404_NOT_FOUND, "Missing property: " + str);
        }
        return property;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void propagate(String str, String str2, Map<String, String> map) throws ServiceException, IOException {
        String str3 = map.get("RequestURL");
        String str4 = StringHelper.isEmpty(map.get("RequestQueryString")) ? "" : "?" + map.get("RequestQueryString");
        if (str3 == null) {
            throw new ServiceException("Missing header: RequestURL");
        }
        Iterator<URL> it = getOtherServerUrls(str3).iterator();
        while (it.hasNext()) {
            HttpHelper httpHelper = new HttpHelper(new URL(it.next() + str4));
            httpHelper.setHeaders(map);
            if (str.equals("post")) {
                validateResponse(httpHelper.post(str2));
            } else if (str.equals("put")) {
                validateResponse(httpHelper.put(str2));
            }
        }
    }

    protected List<URL> getOtherServerUrls(String str) throws IOException {
        return ApplicationContext.getOtherServerUrls(new URL(str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void auditLog(UserAction userAction) {
        try {
            ServiceLocator.getUserServices().auditLog(userAction);
        } catch (Exception e) {
            logger.severeException(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserAction getUserAction(User user, String str, Object obj, Map<String, String> map) {
        UserAction.Action action = getAction(str, obj, map);
        UserAction.Entity entity = getEntity(str, obj, map);
        Long entityId = getEntityId(str, obj, map);
        String entityDescription = getEntityDescription(str, obj, map);
        if (entityDescription.length() > 1000) {
            entityDescription = entityDescription.substring(0, 999);
        }
        UserAction userAction = new UserAction(user.getCuid(), action, entity, entityId, entityDescription);
        userAction.setSource(getSource());
        return userAction;
    }

    protected String getSource() {
        return getClass().getSimpleName() + " Action Service";
    }

    protected Long getEntityId(String str, Object obj, Map<String, String> map) {
        return 0L;
    }

    protected String getEntityDescription(String str, Object obj, Map<String, String> map) {
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserAction.Action getAction(String str, Object obj, Map<String, String> map) {
        String str2 = map.get("HttpMethod");
        return "POST".equals(str2) ? UserAction.Action.Create : "PUT".equals(str2) ? UserAction.Action.Change : "DELETE".equals(str2) ? UserAction.Action.Delete : UserAction.Action.Other;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, String> getParameters(Map<String, String> map) {
        HashMap hashMap = new HashMap();
        String str = map.get("RequestQueryString");
        if (str != null && !str.isEmpty()) {
            for (String str2 : str.split("&")) {
                int indexOf = str2.indexOf("=");
                try {
                    hashMap.put(URLDecoder.decode(str2.substring(0, indexOf), "UTF-8"), URLDecoder.decode(str2.substring(indexOf + 1), "UTF-8"));
                } catch (UnsupportedEncodingException e) {
                    logger.severeException(e.getMessage(), e);
                }
            }
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Query getQuery(String str, Map<String, String> map) {
        return new Query(str, getParameters(map));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSegment(String str, int i) {
        String[] segments = getSegments(str);
        if (segments.length < i + 1) {
            return null;
        }
        return segments[i];
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSub(String str) {
        int indexOf = str.indexOf(47);
        if (indexOf <= 0 || indexOf >= str.length() - 1) {
            return null;
        }
        return str.substring(indexOf + 1);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String[] getSegments(String str) {
        return str.split("/");
    }

    protected UserAction.Entity getEntity(String str, Object obj, Map<String, String> map) {
        return UserAction.Entity.Other;
    }

    protected abstract void validateResponse(String str) throws ServiceException;

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAuthUser(Map<String, String> map) {
        return map.get("AuthenticatedUser");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void authorizeExport(Map<String, String> map) throws AuthorizationException {
        String str = map.get("RequestPath");
        User authorize = authorize(str, new JsonObject(), map);
        UserAction.Action action = UserAction.Action.Export;
        UserAction.Entity entity = getEntity(str, null, map);
        Long l = new Long(0L);
        String str2 = str;
        if (str2.length() > 1000) {
            str2 = str2.substring(0, 999);
        }
        UserAction userAction = new UserAction(authorize.getName(), action, entity, l, str2);
        userAction.setSource(getSource());
        auditLog(userAction);
    }
}
