package org.apereo.cas.mgmt;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.PrintWriter;
import java.net.URI;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpHost;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.CasManagementConfigurationProperties;
import org.apereo.cas.configuration.model.CasServer;
import org.apereo.cas.mgmt.authentication.CasUserProfile;
import org.apereo.cas.mgmt.domain.Attributes;
import org.apereo.cas.mgmt.domain.AuditLog;
import org.apereo.cas.mgmt.domain.Cache;
import org.apereo.cas.mgmt.domain.Server;
import org.apereo.cas.mgmt.util.HttpComponentsClientHttpRequestFactoryBasicAuth;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.support.BasicAuthenticationInterceptor;
import org.springframework.messaging.simp.stomp.StompHeaders;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;

@RequestMapping(path = {"api/dashboard"}, produces = {"application/json"})
@RestController
/* loaded from: input_file:WEB-INF/lib/cas-mgmt-support-dashboard-6.6.3.jar:org/apereo/cas/mgmt/DashboardController.class */
public class DashboardController {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DashboardController.class);
    private final CasManagementConfigurationProperties mgmtProperties;
    private final CasConfigurationProperties casProperties;

    private static String toCSV(AuditLog auditLog) {
        return auditLog.getWhenActionWasPerformed() + '|' + auditLog.getClientIpAddress() + '|' + auditLog.getServerIpAddress() + '|' + auditLog.getPrincipal() + '|' + auditLog.getActionPerformed() + '|' + auditLog.getResourceOperatedUpon() + '|' + auditLog.getApplicationCode();
    }

    private static void isAdmin(Authentication authentication) throws IllegalAccessException {
        if (!CasUserProfile.from(authentication).isAdministrator()) {
            throw new IllegalAccessException("Permission Denied");
        }
    }

    @GetMapping
    public List<Server> status(Authentication authentication) throws IllegalAccessException {
        isAdmin(authentication);
        return (List) this.mgmtProperties.getCasServers().stream().map(this::getServer).collect(Collectors.toList());
    }

    @GetMapping({"{index}"})
    public Server update(Authentication authentication, @PathVariable int i) throws IllegalAccessException {
        isAdmin(authentication);
        if (i < 0 || i > this.mgmtProperties.getCasServers().size()) {
            throw new IllegalAccessException("Invalid server entry");
        }
        return getServer(this.mgmtProperties.getCasServers().get(i));
    }

    @GetMapping({"/cache"})
    public Cache cache(Authentication authentication) throws IllegalAccessException {
        isAdmin(authentication);
        return (Cache) callCasServer("/actuator/health/" + this.mgmtProperties.getCacheHealthIndicator(), new ParameterizedTypeReference<Cache>() { // from class: org.apereo.cas.mgmt.DashboardController.1
        });
    }

    @GetMapping({"/resolve/{id}"})
    public Map<String, List<String>> resolve(Authentication authentication, @PathVariable String str) throws IllegalAccessException {
        isAdmin(authentication);
        return ((Attributes) callCasServer("/actuator/resolveAttributes/" + str, new ParameterizedTypeReference<Attributes>() { // from class: org.apereo.cas.mgmt.DashboardController.2
        })).getAttributes();
    }

    @PostMapping(value = {"/release"}, consumes = {"application/json"})
    public Map<String, List<String>> release(Authentication authentication, @RequestBody Map<String, String> map) throws IllegalAccessException {
        isAdmin(authentication);
        return ((Attributes) callCasServer("/actuator/releaseAttributes", map, new ParameterizedTypeReference<Attributes>() { // from class: org.apereo.cas.mgmt.DashboardController.3
        })).getAttributes();
    }

    @PostMapping({"/response"})
    public String response(Authentication authentication, @RequestBody Map<String, String> map) throws IllegalAccessException {
        isAdmin(authentication);
        return (String) callCasServer("/actuator/samlPostProfileResponse", map, new ParameterizedTypeReference<String>() { // from class: org.apereo.cas.mgmt.DashboardController.4
        });
    }

    @GetMapping({"/info"})
    public Map<String, Object> info(Authentication authentication) throws IllegalAccessException {
        isAdmin(authentication);
        return (Map) callCasServer("/actuator/info", new ParameterizedTypeReference<Map<String, Object>>() { // from class: org.apereo.cas.mgmt.DashboardController.5
        });
    }

    @GetMapping({"/webflow"})
    public Map webflow(Authentication authentication, @RequestParam(name = "flowId", required = false) String str) throws IllegalAccessException {
        String str2;
        isAdmin(authentication);
        str2 = "/actuator/springWebflow";
        return (Map) callCasServer(StringUtils.isNotBlank(str) ? str2 + "?flowId=" + str : "/actuator/springWebflow", new ParameterizedTypeReference<Map<String, Object>>() { // from class: org.apereo.cas.mgmt.DashboardController.6
        });
    }

    @GetMapping({"/loggers"})
    public Map<String, Map<String, Object>> loggers(Authentication authentication) throws IllegalAccessException {
        isAdmin(authentication);
        HashMap hashMap = new HashMap();
        this.mgmtProperties.getCasServers().forEach(casServer -> {
            hashMap.put(casServer.getName(), (Map) ((Map) callCasServer("/actuator/loggers", new ParameterizedTypeReference<Map<String, Object>>() { // from class: org.apereo.cas.mgmt.DashboardController.7
            })).get("loggers"));
        });
        return hashMap;
    }

    @PostMapping({"/loggers"})
    @ResponseStatus(HttpStatus.OK)
    public void setLogger(Authentication authentication, @RequestBody Map<String, String> map) throws IllegalAccessException {
        isAdmin(authentication);
        callCasServer(this.mgmtProperties.getCasServers().stream().filter(casServer -> {
            return casServer.getName().equals(map.get(StompHeaders.SERVER));
        }).findFirst().get().getUrl(), "/actuator/loggers/" + map.get("key"), Map.of("configuredLevel", map.get("level")), new ParameterizedTypeReference<Void>() { // from class: org.apereo.cas.mgmt.DashboardController.8
        });
    }

    @PostMapping({"/audit"})
    public List<AuditLog> audit(Authentication authentication, HttpServletRequest httpServletRequest, @RequestBody Map<String, String> map) throws IllegalAccessException {
        isAdmin(authentication);
        List<AuditLog> list = (List) this.mgmtProperties.getCasServers().stream().flatMap(casServer -> {
            return ((List) callCasServer(casServer.getUrl(), "/actuator/auditLog", map, new ParameterizedTypeReference<List<AuditLog>>() { // from class: org.apereo.cas.mgmt.DashboardController.9
            })).stream().map(auditLog -> {
                auditLog.setServerIpAddress(casServer.getName());
                return auditLog;
            });
        }).sorted(Comparator.comparing((v0) -> {
            return v0.getWhenActionWasPerformed();
        }).reversed()).collect(Collectors.toList());
        httpServletRequest.getSession().setAttribute("audit", list);
        if ("true".equals(map.get("download"))) {
            return null;
        }
        return list;
    }

    @GetMapping({"/audit/download"})
    public void downloadAudit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        isAdmin(authentication);
        List list = (List) httpServletRequest.getSession().getAttribute("audit");
        if (list != null) {
            PrintWriter writer = httpServletResponse.getWriter();
            httpServletResponse.setHeader("Content-Type", "text/plain");
            httpServletResponse.setHeader("Content-Disposition", "attachment; filename=audit-log-" + new Date().getTime() + ".txt");
            Stream map = list.stream().map(DashboardController::toCSV);
            Objects.requireNonNull(writer);
            map.forEach(writer::println);
            writer.close();
        }
    }

    private Server getServer(CasServer casServer) {
        Server server = new Server();
        server.setName(casServer.getName());
        server.setHealth((Map) callCasServer(casServer.getUrl(), "/actuator/health", (ParameterizedTypeReference) new ParameterizedTypeReference<Map<String, Object>>() { // from class: org.apereo.cas.mgmt.DashboardController.10
        }));
        return server;
    }

    private <T> T callCasServer(String str, String str2, ParameterizedTypeReference<T> parameterizedTypeReference) {
        try {
            ResponseEntity<T> exchange = getRestTemplate(str, str2).exchange(str + str2, HttpMethod.GET, (HttpEntity<?>) null, parameterizedTypeReference, new Object[0]);
            if (exchange.getStatusCode().is2xxSuccessful()) {
                return exchange.getBody();
            }
            return null;
        } catch (RestClientException e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
            return null;
        }
    }

    private <T> T callCasServer(String str, ParameterizedTypeReference<T> parameterizedTypeReference) {
        return (T) callCasServer(this.casProperties.getServer().getPrefix(), str, (ParameterizedTypeReference) parameterizedTypeReference);
    }

    private <T> T callCasServer(String str, Object obj, ParameterizedTypeReference<T> parameterizedTypeReference) {
        return (T) callCasServer(this.casProperties.getServer().getPrefix(), str, obj, parameterizedTypeReference);
    }

    private <T> T callCasServer(String str, String str2, Object obj, ParameterizedTypeReference<T> parameterizedTypeReference) {
        try {
            RestTemplate restTemplate = getRestTemplate(str, str2);
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.setContentType(MediaType.APPLICATION_JSON);
            ResponseEntity<T> exchange = restTemplate.exchange(str + str2, HttpMethod.POST, new HttpEntity<>(new ObjectMapper().writeValueAsString(obj), httpHeaders), parameterizedTypeReference, new Object[0]);
            if (exchange.getStatusCode().is2xxSuccessful()) {
                return exchange.getBody();
            }
            return null;
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
            return null;
        }
    }

    private RestTemplate getRestTemplate(String str, String str2) {
        RestTemplate restTemplate = new RestTemplate(new HttpComponentsClientHttpRequestFactoryBasicAuth(new HttpHost(URI.create(str + str2).getHost())));
        if (StringUtils.isNotBlank(this.mgmtProperties.getActuatorBasicAuthUsername())) {
            restTemplate.getInterceptors().add(new BasicAuthenticationInterceptor(this.mgmtProperties.getActuatorBasicAuthUsername(), this.mgmtProperties.getActuatorBasicAuthPassword()));
        }
        return restTemplate;
    }

    @Generated
    public DashboardController(CasManagementConfigurationProperties casManagementConfigurationProperties, CasConfigurationProperties casConfigurationProperties) {
        this.mgmtProperties = casManagementConfigurationProperties;
        this.casProperties = casConfigurationProperties;
    }
}
