package com.smn.service.impl;

import com.smn.common.ClientConfiguration;
import com.smn.common.HttpMethod;
import com.smn.common.HttpResponse;
import com.smn.common.SmnConfiguration;
import com.smn.common.SmnConstants;
import com.smn.common.utils.DateUtil;
import com.smn.common.utils.HttpUtil;
import com.smn.common.utils.JsonUtil;
import com.smn.model.AuthenticationBean;
import com.smn.model.request.iam.GetProjectIdsRequest;
import com.smn.service.IAMService;
import com.smn.signer.AkskSigner;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/smn/service/impl/IAMServiceImpl.class */
public class IAMServiceImpl implements IAMService {
    private static Logger LOGGER = LoggerFactory.getLogger(IAMServiceImpl.class);
    private long expiredInterval = 1800000;
    private String requestMessage;
    private AuthenticationBean authenticationBean;
    private ClientConfiguration clientConfiguration;
    private SmnConfiguration smnConfiguration;
    private String iamTokenUrl;
    private String projectId;
    private AkskSigner signer;

    public IAMServiceImpl(SmnConfiguration smnConfiguration, ClientConfiguration clientConfiguration) {
        this.requestMessage = null;
        this.smnConfiguration = smnConfiguration;
        this.clientConfiguration = clientConfiguration;
        this.requestMessage = "{    \"auth\": {        \"identity\": {            \"methods\": [                \"password\"            ],            \"password\": {                \"user\": {                    \"name\": \"" + smnConfiguration.getUserName() + "\",                    \"password\": \"" + smnConfiguration.getPassword() + "\",                    \"domain\": {                        \"name\": \"" + smnConfiguration.getDomainName() + "\"                    }                }            }        },        \"scope\": {            \"project\": {                \"name\": \"" + smnConfiguration.getRegionId() + "\"            }        }    }}";
        this.iamTokenUrl = SmnConstants.HTTPS_PREFFIX + smnConfiguration.getIamEndpoint() + SmnConstants.URL_DELIMITER + IAMService.IAM_TOKEN_URI;
        this.signer = new AkskSigner(smnConfiguration, SmnConstants.IAM_SERVICE_NAME);
        LOGGER.info("Iam token url is{}.", this.iamTokenUrl);
    }

    @Override // com.smn.service.IAMService
    public AuthenticationBean getAuthenticationBean() {
        if (null == this.authenticationBean || this.authenticationBean.isExpired()) {
            synchronized (this) {
                if (this.authenticationBean == null || this.authenticationBean.isExpired()) {
                    this.authenticationBean = getAuthentication();
                }
            }
        }
        return this.authenticationBean;
    }

    @Override // com.smn.service.IAMService
    public String getProjectId() {
        if (StringUtils.isEmpty(this.projectId)) {
            synchronized (this) {
                if (StringUtils.isEmpty(this.projectId)) {
                    if (SmnConfiguration.AKSK_AUTH_TYPE.equals(this.smnConfiguration.getAuthType())) {
                        this.projectId = postForProjectId();
                    } else {
                        this.projectId = getAuthenticationBean().getProjectId();
                    }
                }
            }
        }
        return this.projectId;
    }

    private AuthenticationBean getAuthentication() throws RuntimeException {
        try {
            AuthenticationBean postForIamToken = postForIamToken(this.iamTokenUrl, this.requestMessage, this.clientConfiguration);
            postForIamToken.setExpiresTime(DateUtil.parseUTCDate(postForIamToken.getExpiresAt()).getTime() - this.expiredInterval);
            return postForIamToken;
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            LOGGER.error("Faied to get token from iam.e:{}", e2);
            throw new RuntimeException("Failed to get token from iam.", e2);
        }
    }

    private String buildRequestUrl(String str) {
        StringBuilder sb = new StringBuilder();
        sb.append(SmnConstants.HTTPS_PREFFIX).append(this.smnConfiguration.getIamEndpoint()).append(str);
        return sb.toString();
    }

    private AuthenticationBean postForIamToken(String str, String str2, ClientConfiguration clientConfiguration) throws Exception {
        LOGGER.debug("Start to get iam token. IamUrl is {}.", str);
        CloseableHttpClient httpClient = HttpUtil.getHttpClient(clientConfiguration);
        try {
            HttpPost httpPost = new HttpPost(str);
            httpPost.setConfig(HttpUtil.getRequestConfig(clientConfiguration));
            httpPost.addHeader(SmnConstants.CONTENT_TYPE_TAG, "application/json");
            httpPost.setEntity(new StringEntity(str2, ContentType.APPLICATION_JSON));
            CloseableHttpResponse execute = httpClient.execute(httpPost);
            try {
                int statusCode = execute.getStatusLine().getStatusCode();
                HttpEntity entity = execute.getEntity();
                String entityUtils = entity != null ? EntityUtils.toString(entity) : null;
                if (statusCode < 200 || statusCode >= 300) {
                    LOGGER.error("Unexpected response status: {}.  ErrorMessage is {}.", Integer.valueOf(statusCode), entityUtils);
                    throw new RuntimeException("Unexpected response status: " + statusCode + ", ErrorMessage is " + entityUtils);
                }
                AuthenticationBean authenticationBean = new AuthenticationBean();
                authenticationBean.setAuthToken(execute.getFirstHeader(IAMService.X_SUBJECT_TOKEN).getValue());
                Map<String, Object> parseJsonMessage = JsonUtil.parseJsonMessage(entityUtils);
                authenticationBean.setProjectId(parseProjectId(parseJsonMessage));
                authenticationBean.setExpiresAt(((Map) parseJsonMessage.get("token")).get(IAMService.EXPIRES_AT).toString());
                LOGGER.debug("End to get iam token. Status is {}. AuthBean is {}.", Integer.valueOf(statusCode), authenticationBean);
                execute.close();
                httpClient.close();
                return authenticationBean;
            } catch (Throwable th) {
                execute.close();
                throw th;
            }
        } catch (Throwable th2) {
            httpClient.close();
            throw th2;
        }
    }

    private String parseProjectId(Map<String, Object> map) {
        try {
            return ((Map) ((Map) map.get("token")).get(IAMService.PROJECT)).get(IAMService.ID).toString();
        } catch (Exception e) {
            return null;
        }
    }

    private String postForProjectId() {
        try {
            GetProjectIdsRequest getProjectIdsRequest = new GetProjectIdsRequest();
            getProjectIdsRequest.setName(this.smnConfiguration.getRegionId());
            String buildRequestUrl = buildRequestUrl(getProjectIdsRequest.getRequestUri());
            this.signer.get(getProjectIdsRequest, new URL(buildRequestUrl));
            HttpResponse sendRequest = HttpUtil.sendRequest(getProjectIdsRequest.getRequestHeaderMap(), JsonUtil.getJsonStringByMap(getProjectIdsRequest.getRequestParameterMap()), buildRequestUrl, HttpMethod.GET, this.clientConfiguration);
            if (!sendRequest.isSuccessed()) {
                LOGGER.error("Fail to get project id by aksk auth. http response status: {}", Integer.valueOf(sendRequest.getHttpCode()));
                throw new RuntimeException("Fail to get project id by aksk auth. http response status: " + sendRequest.getHttpCode());
            }
            ArrayList arrayList = (ArrayList) sendRequest.getBody().get("projects");
            if (arrayList == null || arrayList.size() == 0) {
                LOGGER.error("Fail to get project id by aksk auth. projects is empty.");
                throw new RuntimeException("Fail to get project id by aksk auth. projects is empty.");
            }
            String str = (String) ((HashMap) arrayList.get(0)).get(IAMService.ID);
            if (!StringUtils.isEmpty(str)) {
                return str;
            }
            LOGGER.error("Fail to get project id by aksk auth. project id is null");
            throw new RuntimeException("Fail to get project id by aksk auth. project id is null");
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            LOGGER.error("Failed to get project id from iam by aksk auth.", e2);
            throw new RuntimeException("Failed to get project id from iam by aksk auth.", e2);
        }
    }
}
