package software.netcore.tcp_application.server;

import java.util.Objects;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import lombok.NonNull;
import org.apache.commons.configuration2.tree.DefaultExpressionEngineSymbols;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.integration.ip.tcp.connection.TcpConnectionInterceptorSupport;
import org.springframework.integration.ip.tcp.connection.TcpConnectionSupport;
import org.springframework.messaging.Message;
import org.springframework.messaging.support.MessageBuilder;
import software.netcore.crypto.StringCryptor;
import software.netcore.crypto.StringCryptorFactory;
import software.netcore.tcp.JsonObject;
import software.netcore.tcp.security.AccessKeyHolder;
import software.netcore.tcp.security.ValidationStringUtils;
import software.netcore.tcp.server.connection.serializer.ServerJsonSerializer;
import software.netcore.tcp_application.CancellableScheduledTask;
import software.netcore.tcp_application.data.InitialNegotiationRequest;
import software.netcore.tcp_application.data.InitialNegotiationResponse;
import software.netcore.tcp_application.data.ProtocolType;
import software.netcore.tcp_application.server.event.ServerProtocolFailedEvent;
import software.netcore.tcp_application.server.event.ServerProtocolNegotiatedEvent;

/* loaded from: input_file:BOOT-INF/lib/common-tcp-application-3.30.1-STAGE.jar:software/netcore/tcp_application/server/ServerInitialNegotiationInterceptor.class */
final class ServerInitialNegotiationInterceptor extends TcpConnectionInterceptorSupport {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ServerInitialNegotiationInterceptor.class);
    private final AccessKeyProvider accessKeyProvider;
    private final ProtocolExchangeValidator versionExchangeValidator;
    private final CancellableScheduledTask negotiationTimeoutMonitor;
    private final AtomicReference<RequestResult> requestResultRef;
    private final AtomicReference<State> state;
    private final Object lock;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/common-tcp-application-3.30.1-STAGE.jar:software/netcore/tcp_application/server/ServerInitialNegotiationInterceptor$RequestResult.class */
    public static class RequestResult {

        @NonNull
        private final String id;

        @NonNull
        private final ProtocolType protocol;

        @NonNull
        private final String coreId;

        @NonNull
        private final String coreVersion;

        @NonNull
        private final String coreApiVersion;
        private final boolean deviceCliDisabled;
        private final AccessKeyHolder accessKeyHolder;
        private final StringCryptor stringCryptor;

        /* loaded from: input_file:BOOT-INF/lib/common-tcp-application-3.30.1-STAGE.jar:software/netcore/tcp_application/server/ServerInitialNegotiationInterceptor$RequestResult$Builder.class */
        public static class Builder {
            private String id;
            private ProtocolType protocol;
            private String coreId;
            private String coreVersion;
            private String coreApiVersion;
            private boolean deviceCliDisabled;
            private AccessKeyHolder accessKeyHolder;
            private StringCryptor stringCryptor;

            Builder() {
            }

            public Builder id(@NonNull String str) {
                if (str == null) {
                    throw new NullPointerException("id is marked non-null but is null");
                }
                this.id = str;
                return this;
            }

            public Builder protocol(@NonNull ProtocolType protocolType) {
                if (protocolType == null) {
                    throw new NullPointerException("protocol is marked non-null but is null");
                }
                this.protocol = protocolType;
                return this;
            }

            public Builder coreId(@NonNull String str) {
                if (str == null) {
                    throw new NullPointerException("coreId is marked non-null but is null");
                }
                this.coreId = str;
                return this;
            }

            public Builder coreVersion(@NonNull String str) {
                if (str == null) {
                    throw new NullPointerException("coreVersion is marked non-null but is null");
                }
                this.coreVersion = str;
                return this;
            }

            public Builder coreApiVersion(@NonNull String str) {
                if (str == null) {
                    throw new NullPointerException("coreApiVersion is marked non-null but is null");
                }
                this.coreApiVersion = str;
                return this;
            }

            public Builder deviceCliDisabled(boolean z) {
                this.deviceCliDisabled = z;
                return this;
            }

            public Builder accessKeyHolder(AccessKeyHolder accessKeyHolder) {
                this.accessKeyHolder = accessKeyHolder;
                return this;
            }

            public Builder stringCryptor(StringCryptor stringCryptor) {
                this.stringCryptor = stringCryptor;
                return this;
            }

            public RequestResult build() {
                return new RequestResult(this.id, this.protocol, this.coreId, this.coreVersion, this.coreApiVersion, this.deviceCliDisabled, this.accessKeyHolder, this.stringCryptor);
            }

            public String toString() {
                return "ServerInitialNegotiationInterceptor.RequestResult.Builder(id=" + this.id + ", protocol=" + this.protocol + ", coreId=" + this.coreId + ", coreVersion=" + this.coreVersion + ", coreApiVersion=" + this.coreApiVersion + ", deviceCliDisabled=" + this.deviceCliDisabled + ", accessKeyHolder=" + this.accessKeyHolder + ", stringCryptor=" + this.stringCryptor + DefaultExpressionEngineSymbols.DEFAULT_INDEX_END;
            }
        }

        public static Builder builder() {
            return new Builder();
        }

        @NonNull
        public String getId() {
            return this.id;
        }

        @NonNull
        public ProtocolType getProtocol() {
            return this.protocol;
        }

        @NonNull
        public String getCoreId() {
            return this.coreId;
        }

        @NonNull
        public String getCoreVersion() {
            return this.coreVersion;
        }

        @NonNull
        public String getCoreApiVersion() {
            return this.coreApiVersion;
        }

        public boolean isDeviceCliDisabled() {
            return this.deviceCliDisabled;
        }

        public AccessKeyHolder getAccessKeyHolder() {
            return this.accessKeyHolder;
        }

        public StringCryptor getStringCryptor() {
            return this.stringCryptor;
        }

        public RequestResult(@NonNull String str, @NonNull ProtocolType protocolType, @NonNull String str2, @NonNull String str3, @NonNull String str4, boolean z, AccessKeyHolder accessKeyHolder, StringCryptor stringCryptor) {
            if (str == null) {
                throw new NullPointerException("id is marked non-null but is null");
            }
            if (protocolType == null) {
                throw new NullPointerException("protocol is marked non-null but is null");
            }
            if (str2 == null) {
                throw new NullPointerException("coreId is marked non-null but is null");
            }
            if (str3 == null) {
                throw new NullPointerException("coreVersion is marked non-null but is null");
            }
            if (str4 == null) {
                throw new NullPointerException("coreApiVersion is marked non-null but is null");
            }
            this.id = str;
            this.protocol = protocolType;
            this.coreId = str2;
            this.coreVersion = str3;
            this.coreApiVersion = str4;
            this.deviceCliDisabled = z;
            this.accessKeyHolder = accessKeyHolder;
            this.stringCryptor = stringCryptor;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/common-tcp-application-3.30.1-STAGE.jar:software/netcore/tcp_application/server/ServerInitialNegotiationInterceptor$State.class */
    public enum State {
        EXCEPTING_INIT_REQUEST,
        DONE,
        TIMED_OUT,
        INITIAL_MESSAGE_ERROR,
        ERROR,
        CLOSED
    }

    public ServerInitialNegotiationInterceptor(int i, @NonNull ApplicationEventPublisher applicationEventPublisher, @NonNull AccessKeyProvider accessKeyProvider, @NonNull ProtocolExchangeValidator protocolExchangeValidator) {
        super(applicationEventPublisher);
        this.requestResultRef = new AtomicReference<>(null);
        this.state = new AtomicReference<>(State.EXCEPTING_INIT_REQUEST);
        this.lock = new Object();
        if (applicationEventPublisher == null) {
            throw new NullPointerException("applicationEventPublisher is marked non-null but is null");
        }
        if (accessKeyProvider == null) {
            throw new NullPointerException("accessKeyProvider is marked non-null but is null");
        }
        if (protocolExchangeValidator == null) {
            throw new NullPointerException("versionExchangeValidator is marked non-null but is null");
        }
        this.versionExchangeValidator = protocolExchangeValidator;
        this.accessKeyProvider = accessKeyProvider;
        log.debug("Scheduling INTERNAL negotiation timeout which fires after '{}'ms", Integer.valueOf(i));
        this.negotiationTimeoutMonitor = new CancellableScheduledTask(() -> {
            synchronized (this.lock) {
                if (getState() == State.EXCEPTING_INIT_REQUEST) {
                    log.warn("INTERNAL negotiation failed on connection '{}', timed out after '{}'ms", getConnectionId(), Integer.valueOf(i));
                    setState(State.TIMED_OUT);
                    publishNegotiationFailureEventByTimeout();
                }
            }
        }, i, TimeUnit.MILLISECONDS);
    }

    @Override // org.springframework.integration.ip.tcp.connection.TcpConnectionInterceptorSupport
    public void setTheConnection(@NonNull TcpConnectionSupport tcpConnectionSupport) {
        if (tcpConnectionSupport == null) {
            throw new NullPointerException("theConnection is marked non-null but is null");
        }
        super.setTheConnection(tcpConnectionSupport);
        log.debug("Starting INTERNAL negotiation for connection '{}'", getConnectionId());
    }

    @Override // org.springframework.integration.ip.tcp.connection.TcpConnectionInterceptorSupport, org.springframework.integration.ip.tcp.connection.TcpListener
    public boolean onMessage(@NonNull Message<?> message) {
        boolean stateFunction;
        if (message == null) {
            throw new NullPointerException("message is marked non-null but is null");
        }
        State state = getState();
        synchronized (this.lock) {
            stateFunction = stateFunction(message);
        }
        if (!stateFunction) {
            return super.onMessage(message);
        }
        if (state == getState()) {
            return true;
        }
        switch (this.state.get()) {
            case INITIAL_MESSAGE_ERROR:
                publishNegotiationFailureEventByIllegalInitialMessage();
                return true;
            case ERROR:
                publishNegotiationFailureEventByProtocolError(this.requestResultRef.get());
                return true;
            case DONE:
                publishNegotiationSuccessfulEvent(this.requestResultRef.get());
                return true;
            default:
                return true;
        }
    }

    private boolean stateFunction(@NonNull Message<?> message) {
        if (message == null) {
            throw new NullPointerException("message is marked non-null but is null");
        }
        switch (this.state.get()) {
            case INITIAL_MESSAGE_ERROR:
            case ERROR:
            case TIMED_OUT:
            case CLOSED:
                return true;
            case DONE:
                return false;
            case EXCEPTING_INIT_REQUEST:
                if (!(message.getPayload() instanceof InitialNegotiationRequest)) {
                    log.warn("INTERNAL negotiation failed on connection '{}', expected '{}' but received '{}'", getConnectionId(), InitialNegotiationRequest.class.getSimpleName(), message.getPayload());
                    setState(State.INITIAL_MESSAGE_ERROR);
                    return true;
                }
                RequestResult.Builder builder = RequestResult.builder();
                boolean handleRequest = handleRequest((InitialNegotiationRequest) message.getPayload(), builder);
                RequestResult build = builder.build();
                if (!handleRequest) {
                    setState(State.ERROR, build);
                    return true;
                }
                if (!this.negotiationTimeoutMonitor.cancel()) {
                    log.debug("Tried to cancel timeout monitor in moment when it was running (negotiation timeout passed)");
                    setState(State.TIMED_OUT);
                    return true;
                }
                if (!sendResponse(build)) {
                    setState(State.ERROR, build);
                    return true;
                }
                setState(State.DONE, build);
                log.debug("Successful INTERNAL negotiation for connection '{}'", getConnectionId());
                return true;
            default:
                throw new IllegalStateException("Unexpected state: " + this.state);
        }
    }

    private boolean handleRequest(@NonNull InitialNegotiationRequest initialNegotiationRequest, @NonNull RequestResult.Builder builder) {
        if (initialNegotiationRequest == null) {
            throw new NullPointerException("request is marked non-null but is null");
        }
        if (builder == null) {
            throw new NullPointerException("requestResultBuilder is marked non-null but is null");
        }
        log.debug("Received initial negotiation request for connection '{}'", getConnectionId());
        String id = initialNegotiationRequest.getId();
        ProtocolType protocol = initialNegotiationRequest.getProtocol();
        String coreId = initialNegotiationRequest.getCoreId();
        String coreVersion = initialNegotiationRequest.getCoreVersion();
        String coreApiVersion = initialNegotiationRequest.getCoreApiVersion();
        boolean isDeviceCliDisabled = initialNegotiationRequest.isDeviceCliDisabled();
        builder.id(id);
        builder.protocol(protocol);
        builder.coreId(coreId);
        builder.coreVersion(coreVersion);
        builder.coreApiVersion(coreApiVersion);
        builder.deviceCliDisabled(isDeviceCliDisabled);
        if (!this.versionExchangeValidator.shouldAcceptClient(protocol, id, coreId, coreVersion, coreApiVersion)) {
            log.debug("INTERNAL negotiation failed on connection '{}', version exchange validator denied client", getConnectionId());
            return false;
        }
        try {
            AccessKeyHolder provideAccessKey = this.accessKeyProvider.provideAccessKey(coreId);
            builder.accessKeyHolder(provideAccessKey);
            String communicationEncryptionKey = provideAccessKey.getCommunicationEncryptionKey();
            String validationString = initialNegotiationRequest.getValidationString();
            log.debug("Creating string cryptor using communication encryption key len: '{}'", Integer.valueOf(communicationEncryptionKey.length()));
            StringCryptor of = StringCryptorFactory.of(communicationEncryptionKey);
            builder.stringCryptor(of);
            log.debug("Decrypting validation string from request, len: '{}'", Integer.valueOf(validationString.length()));
            try {
                String decrypt = of.decrypt(initialNegotiationRequest.getValidationString());
                log.debug("Removing suffix");
                String removeSuffix = ValidationStringUtils.removeSuffix(decrypt);
                log.debug("Comparing validation strings, local len: '{}', remote len: '{}'", Integer.valueOf(provideAccessKey.getValidationString().length()), Integer.valueOf(removeSuffix.length()));
                if (!Objects.equals(provideAccessKey.getValidationString(), removeSuffix)) {
                    log.warn("INTERNAL negotiation failed on connection '{}', validation strings are not equal", getConnectionId());
                    return false;
                }
                log.debug("Configuring serializer / deserializer");
                ((ServerJsonSerializer) getSerializer()).setStringCryptor(of);
                ((ServerJsonSerializer) getDeserializer()).setStringCryptor(of);
                log.debug("Request successfully handled on connection '{}'", getConnectionId());
                return true;
            } catch (Exception e) {
                log.warn("INTERNAL negotiation failed on connection '{}', decryption of validation string failed", getConnectionId());
                return false;
            }
        } catch (AccessKeyProviderException e2) {
            log.warn("INTERNAL negotiation failed on connection '{}', could not get access key from access key provider: '{}'", getConnectionId(), e2.getMessage());
            return false;
        }
    }

    private boolean sendResponse(RequestResult requestResult) {
        log.debug("Preparing core connection initial negotiation response");
        AccessKeyHolder accessKeyHolder = requestResult.getAccessKeyHolder();
        StringCryptor stringCryptor = requestResult.getStringCryptor();
        String validationString = accessKeyHolder.getValidationString();
        log.debug("Appending suffix");
        String appendSuffix = ValidationStringUtils.appendSuffix(validationString);
        log.debug("Encrypting local (zone) validation string");
        try {
            String encrypt = stringCryptor.encrypt(appendSuffix);
            log.debug("Local (zone) validation string len: '{}'", Integer.valueOf(encrypt.length()));
            InitialNegotiationResponse initialNegotiationResponse = new InitialNegotiationResponse();
            initialNegotiationResponse.setId(requestResult.getId());
            initialNegotiationResponse.setValidationString(encrypt);
            if (send(initialNegotiationResponse)) {
                log.debug("Response successfully sent on connection '{}'", getConnectionId());
                return true;
            }
            log.warn("INTERNAL negotiation failed on connection '{}', could not send response", getConnectionId());
            return false;
        } catch (Exception e) {
            log.warn("INTERNAL negotiation failed on connection '{}', encryption failed: ", getConnectionId(), e);
            return false;
        }
    }

    void setState(@NonNull State state) {
        if (state == null) {
            throw new NullPointerException("nextState is marked non-null but is null");
        }
        if (getState() == state) {
            return;
        }
        log.debug("Transiting to state: '{}'", state);
        this.state.set(state);
        switch (state) {
            case INITIAL_MESSAGE_ERROR:
            case ERROR:
            case TIMED_OUT:
                this.negotiationTimeoutMonitor.cancel();
                closeConnection(true);
                return;
            case DONE:
            case EXCEPTING_INIT_REQUEST:
            default:
                return;
        }
    }

    void setState(@NonNull State state, @NonNull RequestResult requestResult) {
        if (state == null) {
            throw new NullPointerException("nextState is marked non-null but is null");
        }
        if (requestResult == null) {
            throw new NullPointerException("result is marked non-null but is null");
        }
        this.requestResultRef.set(requestResult);
        setState(state);
    }

    State getState() {
        return this.state.get();
    }

    boolean send(JsonObject jsonObject) {
        log.debug("INTERNAL negotiation - sending data '{}'", jsonObject.getClass().getSimpleName());
        try {
            send(MessageBuilder.withPayload(jsonObject).build());
            return true;
        } catch (Exception e) {
            log.warn("Exception raised when sending data '{}': ", jsonObject.getClass().getSimpleName(), e);
            return false;
        }
    }

    @Override // org.springframework.integration.ip.tcp.connection.TcpConnectionInterceptorSupport, org.springframework.integration.ip.tcp.connection.TcpConnectionSupport, org.springframework.integration.ip.tcp.connection.TcpConnection
    public void close() {
        this.negotiationTimeoutMonitor.cancel();
        switch (this.state.get()) {
            case INITIAL_MESSAGE_ERROR:
            case ERROR:
            case TIMED_OUT:
                break;
            case DONE:
            case EXCEPTING_INIT_REQUEST:
            default:
                setState(State.CLOSED);
                break;
        }
        super.close();
    }

    private void publishNegotiationFailureEventByIllegalInitialMessage() {
        publishEvent(ServerProtocolFailedEvent.initialMessageError(this, getConnectionFactoryName()));
    }

    private void publishNegotiationFailureEventByProtocolError(@NonNull RequestResult requestResult) {
        if (requestResult == null) {
            throw new NullPointerException("result is marked non-null but is null");
        }
        publishEvent(ServerProtocolFailedEvent.exchangeError(this, getConnectionFactoryName(), requestResult.getId(), requestResult.getProtocol()));
    }

    private void publishNegotiationFailureEventByTimeout() {
        publishEvent(ServerProtocolFailedEvent.timeout(this, getConnectionFactoryName()));
    }

    private void publishNegotiationSuccessfulEvent(@NonNull RequestResult requestResult) {
        if (requestResult == null) {
            throw new NullPointerException("requestResult is marked non-null but is null");
        }
        publishEvent(new ServerProtocolNegotiatedEvent(this, getConnectionFactoryName(), requestResult.getId(), requestResult.getProtocol(), requestResult.getCoreId(), requestResult.getCoreVersion(), requestResult.getCoreApiVersion(), requestResult.isDeviceCliDisabled()));
    }
}
