package com.axway.apim.apiimport;

import com.axway.apim.adapter.APIManagerAdapter;
import com.axway.apim.api.API;
import com.axway.apim.api.definition.APISpecification;
import com.axway.apim.api.definition.APISpecificationFactory;
import com.axway.apim.api.model.APIQuota;
import com.axway.apim.api.model.AuthType;
import com.axway.apim.api.model.AuthenticationProfile;
import com.axway.apim.api.model.CaCert;
import com.axway.apim.api.model.CorsProfile;
import com.axway.apim.api.model.CustomProperties;
import com.axway.apim.api.model.DeviceType;
import com.axway.apim.api.model.InboundProfile;
import com.axway.apim.api.model.OAuthClientProfile;
import com.axway.apim.api.model.Organization;
import com.axway.apim.api.model.OutboundProfile;
import com.axway.apim.api.model.QuotaRestriction;
import com.axway.apim.api.model.QuotaRestrictionDeserializer;
import com.axway.apim.api.model.SecurityDevice;
import com.axway.apim.api.model.SecurityProfile;
import com.axway.apim.api.model.apps.ClientApplication;
import com.axway.apim.apiimport.lib.params.APIImportParams;
import com.axway.apim.lib.APIPropertiesExport;
import com.axway.apim.lib.errorHandling.AppException;
import com.axway.apim.lib.errorHandling.ErrorCode;
import com.axway.apim.lib.utils.URLParser;
import com.axway.apim.lib.utils.Utils;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.module.SimpleModule;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustAllStrategy;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/axway/apim/apiimport/APIImportConfigAdapter.class */
public class APIImportConfigAdapter {
    private static Logger LOG = LoggerFactory.getLogger(APIImportConfigAdapter.class);
    private ObjectMapper mapper;
    private String pathToAPIDefinition;
    private File apiConfigFile;
    private API apiConfig;
    private boolean usingOrgAdmin;

    public APIImportConfigAdapter(API api, File file) throws AppException {
        this.mapper = new ObjectMapper();
        this.apiConfig = api;
        this.apiConfigFile = file;
    }

    public APIImportConfigAdapter(APIImportParams aPIImportParams) throws AppException {
        this(aPIImportParams.getConfig(), aPIImportParams.getStage(), aPIImportParams.getApiDefintion(), APIManagerAdapter.hasOrgAdmin(), aPIImportParams.getStageConfig());
    }

    public APIImportConfigAdapter(String str, String str2, String str3, boolean z, String str4) throws AppException {
        this.mapper = new ObjectMapper();
        SimpleModule simpleModule = new SimpleModule();
        simpleModule.addDeserializer(QuotaRestriction.class, new QuotaRestrictionDeserializer());
        this.mapper.disable(DeserializationFeature.WRAP_EXCEPTIONS);
        this.mapper.registerModule(simpleModule);
        try {
            this.pathToAPIDefinition = str3;
            this.usingOrgAdmin = z;
            this.apiConfigFile = Utils.locateConfigFile(str);
            File stageConfig = Utils.getStageConfig(str2, str4, this.apiConfigFile);
            API api = (API) this.mapper.reader().withAttribute("validateOrganization", Boolean.valueOf(stageConfig == null)).forType(DesiredAPI.class).readValue(Utils.substitueVariables(this.apiConfigFile));
            if (stageConfig != null) {
                try {
                    this.apiConfig = (API) this.mapper.readerForUpdating(api).withAttribute("validateOrganization", Boolean.valueOf(api.getOrganization() == null)).withAttribute("validateOrganization", true).readValue(Utils.substitueVariables(stageConfig));
                    LOG.info("Loaded stage API-Config from file: " + stageConfig);
                } catch (FileNotFoundException e) {
                    LOG.warn("No config file found for stage: '" + str2 + "'");
                    this.apiConfig = api;
                }
            } else {
                this.apiConfig = api;
            }
        } catch (Exception e2) {
            throw new AppException("Cant parse JSON-Config file(s)", ErrorCode.CANT_READ_CONFIG_FILE, e2);
        }
    }

    public API getApiConfig() {
        return this.apiConfig;
    }

    public API getDesiredAPI() throws AppException {
        try {
            validateExposurePath(this.apiConfig);
            validateOrganization(this.apiConfig);
            checkForAPIDefinitionInConfiguration(this.apiConfig);
            addDefaultPassthroughSecurityProfile(this.apiConfig);
            addDefaultAuthenticationProfile(this.apiConfig);
            validateOutboundProfile(this.apiConfig);
            validateInboundProfile(this.apiConfig);
            APISpecification aPISpecification = APISpecificationFactory.getAPISpecification(getAPIDefinitionContent(), this.pathToAPIDefinition, this.apiConfig.getName());
            aPISpecification.configureBasepath(((DesiredAPI) this.apiConfig).getBackendBasepath());
            this.apiConfig.setApiDefinition(aPISpecification);
            addImageContent(this.apiConfig);
            Utils.validateCustomProperties(this.apiConfig.getCustomProperties(), CustomProperties.Type.api);
            validateDescription(this.apiConfig);
            validateOutboundAuthN(this.apiConfig);
            addDefaultCorsProfile(this.apiConfig);
            validateHasQueryStringKey(this.apiConfig);
            completeCaCerts(this.apiConfig);
            addQuotaConfiguration(this.apiConfig);
            handleAllOrganizations(this.apiConfig);
            completeClientApplications(this.apiConfig);
            handleVhost(this.apiConfig);
            return this.apiConfig;
        } catch (Exception e) {
            if (e.getCause() instanceof AppException) {
                throw e.getCause();
            }
            throw new AppException("Cannot validate/fulfill configuration file.", ErrorCode.CANT_READ_CONFIG_FILE, e);
        }
    }

    private void validateExposurePath(API api) throws AppException {
        if (api.getPath() == null) {
            throw new AppException("Config-Parameter: 'path' is not given", ErrorCode.CANT_READ_CONFIG_FILE);
        }
        if (!api.getPath().startsWith("/")) {
            throw new AppException("Config-Parameter: 'path' must start with a \"/\" following by a valid API-Path (e.g. /api/v1/customer).", ErrorCode.CANT_READ_CONFIG_FILE);
        }
    }

    private void validateOrganization(API api) throws AppException {
        if (api instanceof DesiredTestOnlyAPI) {
            return;
        }
        if (api.getOrganization() == null || !api.getOrganization().isDevelopment()) {
            throw new AppException("The given organization: '" + api.getOrganization() + "' is either unknown or hasn't the Development flag.", ErrorCode.UNKNOWN_ORGANIZATION);
        }
        if (this.usingOrgAdmin) {
            api.getOrganization().setId(APIManagerAdapter.getCurrentUser(false).getOrganization().getId());
        }
    }

    private void checkForAPIDefinitionInConfiguration(API api) throws AppException {
        LOG.debug("Current path={}", getCurrentPath());
        if (StringUtils.isEmpty(this.pathToAPIDefinition)) {
            if (!StringUtils.isNotEmpty(api.getApiDefinitionImport())) {
                throw new AppException("No API Definition configured", ErrorCode.NO_API_DEFINITION_CONFIGURED);
            }
            this.pathToAPIDefinition = api.getApiDefinitionImport();
            LOG.debug("Reading API Definition from configuration file");
        }
    }

    private String getCurrentPath() {
        return Paths.get("", new String[0]).toAbsolutePath().toString();
    }

    private void handleAllOrganizations(API api) throws AppException {
        if (api.getClientOrganizations() == null) {
            return;
        }
        if (api.getState().equals("unpublished")) {
            api.setClientOrganizations((List) null);
            return;
        }
        if (api.getClientOrganizations().contains(new Organization.Builder().hasName("ALL").build())) {
            List allOrgs = APIManagerAdapter.getInstance().orgAdapter.getAllOrgs();
            api.getClientOrganizations().clear();
            api.getClientOrganizations().addAll(allOrgs);
            ((DesiredAPI) api).setRequestForAllOrgs(true);
            return;
        }
        if (!api.getClientOrganizations().contains(api.getOrganization())) {
            api.getClientOrganizations().add(api.getOrganization());
        }
        Iterator it = api.getClientOrganizations().iterator();
        String str = null;
        ArrayList arrayList = new ArrayList();
        while (it.hasNext()) {
            Organization organization = (Organization) it.next();
            Organization orgForName = APIManagerAdapter.getInstance().orgAdapter.getOrgForName(organization.getName());
            if (orgForName == null) {
                LOG.warn("Unknown organization with name: '" + organization.getName() + "' configured. Ignoring this organization.");
                str = str == null ? organization.getName() : str + ", " + organization.getName();
                APIPropertiesExport.getInstance().setProperty(ErrorCode.INVALID_CLIENT_ORGANIZATIONS.name(), str);
                it.remove();
            } else {
                it.remove();
                arrayList.add(orgForName);
            }
        }
        api.getClientOrganizations().addAll(arrayList);
    }

    private void addQuotaConfiguration(API api) throws AppException {
        if (api.getState() == "unpublished") {
            return;
        }
        initQuota(api.getSystemQuota());
        initQuota(api.getApplicationQuota());
    }

    private void initQuota(APIQuota aPIQuota) {
        if (aPIQuota == null) {
            return;
        }
        if (aPIQuota.getType().equals("APPLICATION")) {
            aPIQuota.setName("Application Default");
            aPIQuota.setDescription("Maximum message rates per application. Applied to each application unless an Application-Specific quota is configured");
        } else {
            aPIQuota.setName("System Default");
            aPIQuota.setDescription(".....");
        }
    }

    private void validateDescription(API api) throws AppException {
        if (api.getDescriptionType() == null || api.getDescriptionType().equals("original")) {
            return;
        }
        String descriptionType = api.getDescriptionType();
        if (descriptionType.equals("manual")) {
            if (api.getDescriptionManual() == null) {
                throw new AppException("descriptionManual can't be null with descriptionType set to 'manual'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
            return;
        }
        if (descriptionType.equals("url")) {
            if (api.getDescriptionUrl() == null) {
                throw new AppException("descriptionUrl can't be null with descriptionType set to 'url'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
            return;
        }
        if (descriptionType.equals("markdown")) {
            if (api.getDescriptionMarkdown() == null) {
                throw new AppException("descriptionMarkdown can't be null with descriptionType set to 'markdown'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
            if (!api.getDescriptionMarkdown().startsWith("${env.")) {
                throw new AppException("descriptionMarkdown must start with an environment variable", ErrorCode.CANT_READ_CONFIG_FILE);
            }
            return;
        }
        if (!descriptionType.equals("markdownLocal")) {
            if (!descriptionType.equals("original")) {
                throw new AppException("Unknown descriptionType: '" + descriptionType + "'", ErrorCode.CANT_READ_CONFIG_FILE);
            }
            return;
        }
        if (api.getMarkdownLocal() == null) {
            throw new AppException("markdownLocal can't be null with descriptionType set to 'markdownLocal'", ErrorCode.CANT_READ_CONFIG_FILE);
        }
        try {
            File file = new File(api.getMarkdownLocal());
            if (!file.exists()) {
                LOG.trace("Error reading markdown description file (absolute): '" + file.getCanonicalPath() + "'");
                file = new File(this.apiConfigFile.getCanonicalFile().getParent() + "/" + api.getMarkdownLocal());
            }
            if (!file.exists()) {
                LOG.trace("Error reading markdown description file (relative): '" + file.getCanonicalPath() + "'");
                throw new AppException("Error reading markdown description file: " + api.getMarkdownLocal(), ErrorCode.CANT_READ_CONFIG_FILE);
            }
            LOG.debug("Reading local markdown description file: " + file.getPath());
            api.setDescriptionManual(new String(Files.readAllBytes(file.toPath()), StandardCharsets.UTF_8));
            api.setDescriptionType("manual");
        } catch (IOException e) {
            throw new AppException("Error reading markdown description file: " + api.getMarkdownLocal(), ErrorCode.CANT_READ_CONFIG_FILE, e);
        }
    }

    private void addDefaultCorsProfile(API api) throws AppException {
        if (api.getCorsProfiles() == null) {
            api.setCorsProfiles(new ArrayList());
        }
        boolean z = false;
        Iterator it = api.getCorsProfiles().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (((CorsProfile) it.next()).getName().equals("_default")) {
                z = true;
                break;
            }
        }
        if (api.getCorsProfiles().size() == 1) {
            ((InboundProfile) api.getInboundProfiles().get("_default")).setCorsProfile(((CorsProfile) api.getCorsProfiles().get(0)).getName());
        }
        if (z) {
            return;
        }
        api.getCorsProfiles().add(CorsProfile.getDefaultCorsProfile());
    }

    /* JADX WARN: Removed duplicated region for block: B:33:0x0188  */
    /* JADX WARN: Removed duplicated region for block: B:41:0x01c5 A[ADDED_TO_REGION, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void completeClientApplications(com.axway.apim.api.API r5) throws com.axway.apim.lib.errorHandling.AppException {
        /*
            Method dump skipped, instructions count: 465
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.axway.apim.apiimport.APIImportConfigAdapter.completeClientApplications(com.axway.apim.api.API):void");
    }

    private static ClientApplication getAppForCredential(String str, String str2) throws AppException {
        LOG.debug("Searching application with configured credential (Type: " + str2 + "): '" + str + "'");
        ClientApplication appIdForCredential = APIManagerAdapter.getInstance().getAppIdForCredential(str, str2);
        if (appIdForCredential != null) {
            return appIdForCredential;
        }
        LOG.warn("Unknown application with (" + str2 + "): '" + str + "' configured. Ignoring this application.");
        return null;
    }

    private void completeCaCerts(API api) throws AppException {
        if (api.getCaCerts() != null) {
            ArrayList arrayList = new ArrayList();
            for (CaCert caCert : api.getCaCerts()) {
                if (caCert.getCertBlob() == null) {
                    try {
                        InputStream inputStreamForCertFile = getInputStreamForCertFile(caCert);
                        try {
                            arrayList.add((CaCert) this.mapper.readValue(APIManagerAdapter.getCertInfo(inputStreamForCertFile, "", caCert).get(0).toString(), CaCert.class));
                            if (inputStreamForCertFile != null) {
                                inputStreamForCertFile.close();
                            }
                        } catch (Throwable th) {
                            if (inputStreamForCertFile != null) {
                                try {
                                    inputStreamForCertFile.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    } catch (Exception e) {
                        throw new AppException("Can't initialize given certificate.", ErrorCode.CANT_READ_CONFIG_FILE, e);
                    }
                }
            }
            api.getCaCerts().clear();
            api.getCaCerts().addAll(arrayList);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v23, types: [java.io.InputStream] */
    private InputStream getInputStreamForCertFile(CaCert caCert) throws AppException {
        FileInputStream fileInputStream;
        File file = new File(caCert.getCertFile());
        if (file.exists()) {
            try {
                return new FileInputStream(file);
            } catch (FileNotFoundException e) {
                throw new AppException("Cant read given certificate file", ErrorCode.CANT_READ_CONFIG_FILE);
            }
        }
        try {
            File file2 = new File(this.apiConfigFile.getCanonicalFile().getParent() + File.separator + caCert.getCertFile());
            if (file2.exists()) {
                try {
                    fileInputStream = new FileInputStream(file2);
                } catch (FileNotFoundException e2) {
                    throw new AppException("Cant read given certificate file", ErrorCode.CANT_READ_CONFIG_FILE);
                }
            } else {
                LOG.debug("Can't read certifiate from file-location: " + file2.toString() + ". Now trying to read it from the classpath.");
                fileInputStream = APIManagerAdapter.class.getResourceAsStream(caCert.getCertFile());
            }
            if (fileInputStream != null) {
                return fileInputStream;
            }
            LOG.error("Can't read certificate: " + caCert.getCertFile() + " from file or classpath.");
            LOG.error("Certificates in filesystem are either expected relative to the API-Config-File or as an absolute path.");
            LOG.error("In the same directory. \t\tExample: \"myCertFile.crt\"");
            LOG.error("Relative to it.         \t\tExample: \"../../allMyCertsAreHere/myCertFile.crt\"");
            LOG.error("With an absolute path   \t\tExample: \"/another/location/with/allMyCerts/myCertFile.crt\"");
            throw new AppException("Can't read certificate: " + caCert.getCertFile() + " from file or classpath.", ErrorCode.CANT_READ_CONFIG_FILE);
        } catch (IOException e3) {
            throw new AppException("Can't read certificate file.", ErrorCode.CANT_READ_CONFIG_FILE, e3);
        }
    }

    private byte[] getAPIDefinitionContent() throws AppException {
        try {
            InputStream aPIDefinitionAsStream = getAPIDefinitionAsStream();
            try {
                byte[] byteArray = IOUtils.toByteArray(new InputStreamReader(aPIDefinitionAsStream, StandardCharsets.UTF_8), StandardCharsets.UTF_8);
                if (aPIDefinitionAsStream != null) {
                    aPIDefinitionAsStream.close();
                }
                return byteArray;
            } finally {
            }
        } catch (IOException e) {
            throw new AppException("Can't read API-Definition from file", ErrorCode.CANT_READ_API_DEFINITION_FILE, e);
        }
    }

    public InputStream getAPIDefinitionAsStream() throws AppException {
        InputStream fileInputStream;
        if (this.pathToAPIDefinition.endsWith(".url")) {
            return getAPIDefinitionFromURL(Utils.getAPIDefinitionUriFromFile(this.pathToAPIDefinition));
        }
        if (isHttpUri(this.pathToAPIDefinition)) {
            return getAPIDefinitionFromURL(this.pathToAPIDefinition);
        }
        try {
            if (new File(this.pathToAPIDefinition).exists()) {
                LOG.info("Reading API-Definition (Swagger/WSDL) from file: '" + this.pathToAPIDefinition + "' (relative path)");
                fileInputStream = new FileInputStream(this.pathToAPIDefinition);
            } else {
                File file = new File(this.apiConfigFile.getCanonicalFile().getParent() + File.separator + this.pathToAPIDefinition);
                LOG.info("Reading API-Definition (Swagger/WSDL) from file: '" + file.getCanonicalFile() + "' (absolute path)");
                fileInputStream = file.exists() ? new FileInputStream(file) : getClass().getResourceAsStream(this.pathToAPIDefinition);
            }
            if (fileInputStream == null) {
                throw new AppException("Unable to read Swagger/WSDL file from: " + this.pathToAPIDefinition, ErrorCode.CANT_READ_API_DEFINITION_FILE);
            }
            return fileInputStream;
        } catch (Exception e) {
            throw new AppException("Unable to read Swagger/WSDL file from: " + this.pathToAPIDefinition, ErrorCode.CANT_READ_API_DEFINITION_FILE, e);
        }
    }

    private InputStream getAPIDefinitionFromURL(String str) throws AppException {
        URLParser uRLParser = new URLParser(str);
        String uri = uRLParser.getUri();
        CloseableHttpClient createHttpClient = createHttpClient(uri, uRLParser.getUsername(), uRLParser.getPassword());
        try {
            try {
                RequestConfig build = RequestConfig.custom().setRelativeRedirectsAllowed(true).setCircularRedirectsAllowed(true).build();
                HttpGet httpGet = new HttpGet(uri);
                httpGet.setConfig(build);
                return new ByteArrayInputStream(((String) createHttpClient.execute(httpGet, new ResponseHandler<String>() { // from class: com.axway.apim.apiimport.APIImportConfigAdapter.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // org.apache.http.client.ResponseHandler
                    public String handleResponse(HttpResponse httpResponse) throws ClientProtocolException, IOException {
                        int statusCode = httpResponse.getStatusLine().getStatusCode();
                        if (statusCode < 200 || statusCode >= 300) {
                            throw new ClientProtocolException("Unexpected response status: " + statusCode);
                        }
                        HttpEntity entity = httpResponse.getEntity();
                        if (entity != null) {
                            return EntityUtils.toString(entity, StandardCharsets.UTF_8);
                        }
                        return null;
                    }
                })).getBytes(StandardCharsets.UTF_8));
            } catch (Exception e) {
                throw new AppException("Cannot load API-Definition from URI: " + uri, ErrorCode.CANT_READ_API_DEFINITION_FILE, e);
            }
        } finally {
            try {
                createHttpClient.close();
            } catch (Exception e2) {
            }
        }
    }

    private CloseableHttpClient createHttpClient(String str, String str2, String str3) throws AppException {
        HttpClientBuilder custom = HttpClients.custom();
        try {
            addBasicAuthCredential(str, str2, str3, custom);
            addSSLContext(str, custom);
            return custom.build();
        } catch (Exception e) {
            throw new AppException("Error during create http client for retrieving ...", ErrorCode.CANT_CREATE_HTTP_CLIENT);
        }
    }

    private void addSSLContext(String str, HttpClientBuilder httpClientBuilder) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException {
        SSLConnectionSocketFactory createSSLContext;
        if (!isHttpsUri(str) || (createSSLContext = createSSLContext()) == null) {
            return;
        }
        httpClientBuilder.setSSLSocketFactory(createSSLContext);
    }

    private void addBasicAuthCredential(String str, String str2, String str3, HttpClientBuilder httpClientBuilder) {
        if (this.apiConfig instanceof DesiredTestOnlyAPI) {
            return;
        }
        if (str2 == null) {
            LOG.info("Loading API-Definition from: " + str);
            return;
        }
        LOG.info("Loading API-Definition from: " + str + " (" + str2 + ")");
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(new AuthScope(AuthScope.ANY), new UsernamePasswordCredentials(str2, str3));
        httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
    }

    public static boolean isHttpUri(String str) {
        String substring = str.substring(str.indexOf("@") + 1);
        return substring.startsWith("http://") || substring.startsWith("https://");
    }

    public static boolean isHttpsUri(String str) {
        return str.startsWith("https://");
    }

    private API validateInboundProfile(API api) throws AppException {
        if (api.getInboundProfiles() == null || api.getInboundProfiles().size() == 0) {
            HashMap hashMap = new HashMap();
            hashMap.put("_default", InboundProfile.getDefaultInboundProfile());
            api.setInboundProfiles(hashMap);
            return api;
        }
        boolean z = false;
        for (String str : api.getInboundProfiles().keySet()) {
            if (str.equals("_default")) {
                z = true;
            } else {
                InboundProfile inboundProfile = (InboundProfile) api.getInboundProfiles().get(str);
                if (inboundProfile.getCorsProfile() != null && getCorsProfile(api, inboundProfile.getCorsProfile()) == null) {
                    throw new AppException("Inbound profile is referencing a unknown CorsProfile: '" + inboundProfile.getCorsProfile() + "'", ErrorCode.REFERENCED_PROFILE_INVALID);
                }
                if (inboundProfile.getSecurityProfile() != null && getSecurityProfile(api, inboundProfile.getSecurityProfile()) == null) {
                    throw new AppException("Inbound profile is referencing a unknown SecurityProfile: '" + inboundProfile.getSecurityProfile() + "'", ErrorCode.REFERENCED_PROFILE_INVALID);
                }
            }
        }
        if (!z) {
            InboundProfile inboundProfile2 = new InboundProfile();
            inboundProfile2.setSecurityProfile("_default");
            inboundProfile2.setCorsProfile("_default");
            inboundProfile2.setMonitorAPI(true);
            inboundProfile2.setMonitorSubject("authentication.subject.id");
            api.getInboundProfiles().put("_default", inboundProfile2);
        }
        return api;
    }

    private API addDefaultPassthroughSecurityProfile(API api) throws AppException {
        boolean z = false;
        if (api.getSecurityProfiles() == null) {
            api.setSecurityProfiles(new ArrayList());
        }
        List securityProfiles = api.getSecurityProfiles();
        for (SecurityProfile securityProfile : api.getSecurityProfiles()) {
            if (securityProfile.getIsDefault() || securityProfile.getName().equals("_default")) {
                if (z) {
                    throw new AppException("You can have only one _default SecurityProfile.", ErrorCode.CANT_READ_CONFIG_FILE);
                }
                z = true;
                securityProfile.setName("_default");
                securityProfile.setIsDefault(true);
            }
        }
        if (securityProfiles == null || securityProfiles.size() == 0 || !z) {
            SecurityProfile securityProfile2 = new SecurityProfile();
            securityProfile2.setName("_default");
            securityProfile2.setIsDefault(true);
            SecurityDevice securityDevice = new SecurityDevice();
            securityDevice.setName("Pass Through");
            securityDevice.setType(DeviceType.passThrough);
            securityDevice.setOrder(0);
            securityDevice.getProperties().put("subjectIdFieldName", "Pass Through");
            securityDevice.getProperties().put("removeCredentialsOnSuccess", "true");
            securityProfile2.getDevices().add(securityDevice);
            securityProfiles.add(securityProfile2);
        }
        return api;
    }

    private API addDefaultAuthenticationProfile(API api) throws AppException {
        if (api.getAuthenticationProfiles() == null) {
            return api;
        }
        boolean z = false;
        List<AuthenticationProfile> authenticationProfiles = api.getAuthenticationProfiles();
        for (AuthenticationProfile authenticationProfile : authenticationProfiles) {
            if (authenticationProfile.getIsDefault() || authenticationProfile.getName().equals("_default")) {
                if (z) {
                    throw new AppException("You can have only one AuthenticationProfile configured as default", ErrorCode.CANT_READ_CONFIG_FILE);
                }
                z = true;
                authenticationProfile.setName("_default");
                authenticationProfile.setIsDefault(true);
            }
        }
        if (!z) {
            LOG.warn("THERE IS NO DEFAULT authenticationProfile CONFIGURED. Auto-Creating a No-Authentication outbound profile as default!");
            AuthenticationProfile authenticationProfile2 = new AuthenticationProfile();
            authenticationProfile2.setName("_default");
            authenticationProfile2.setIsDefault(true);
            authenticationProfile2.setType(AuthType.none);
            authenticationProfiles.add(authenticationProfile2);
        }
        return api;
    }

    private API validateOutboundProfile(API api) throws AppException {
        if (api.getOutboundProfiles() == null || api.getOutboundProfiles().size() == 0) {
            return api;
        }
        boolean z = false;
        for (String str : api.getOutboundProfiles().keySet()) {
            OutboundProfile outboundProfile = (OutboundProfile) api.getOutboundProfiles().get(str);
            if (str.equals("_default")) {
                z = true;
                if (outboundProfile.getAuthenticationProfile() == null) {
                    LOG.warn("Provided default outboundProfile doesn't contain AuthN-Profile - Setting it to default");
                    outboundProfile.setAuthenticationProfile("_default");
                }
            } else if (!outboundProfile.getAuthenticationProfile().equals("_default") && outboundProfile.getAuthenticationProfile() != null && getAuthNProfile(api, outboundProfile.getAuthenticationProfile()) == null) {
                throw new AppException("OutboundProfile is referencing a unknown AuthenticationProfile: '" + outboundProfile.getAuthenticationProfile() + "'", ErrorCode.REFERENCED_PROFILE_INVALID);
            }
        }
        if (!z) {
            OutboundProfile outboundProfile2 = new OutboundProfile();
            outboundProfile2.setAuthenticationProfile("_default");
            outboundProfile2.setRouteType("proxy");
            api.getOutboundProfiles().put("_default", outboundProfile2);
        }
        return api;
    }

    private void validateOutboundAuthN(API api) throws AppException {
        if (api.getAuthenticationProfiles() == null || api.getAuthenticationProfiles().size() == 0) {
            return;
        }
        if (((AuthenticationProfile) api.getAuthenticationProfiles().get(0)).getType().equals(AuthType.ssl)) {
            handleOutboundSSLAuthN((AuthenticationProfile) api.getAuthenticationProfiles().get(0));
        } else if (((AuthenticationProfile) api.getAuthenticationProfiles().get(0)).getType().equals(AuthType.oauth)) {
            handleOutboundOAuthAuthN((AuthenticationProfile) api.getAuthenticationProfiles().get(0));
        }
    }

    private void handleOutboundOAuthAuthN(AuthenticationProfile authenticationProfile) throws AppException {
        if (authenticationProfile.getType().equals(AuthType.oauth)) {
            String str = (String) authenticationProfile.getParameters().get("providerProfile");
            if (str == null || !str.startsWith("<key")) {
                OAuthClientProfile oAuthClientProfile = APIManagerAdapter.getInstance().oauthClientAdapter.getOAuthClientProfile(str);
                if (oAuthClientProfile == null) {
                    throw new AppException("The OAuth provider profile is unkown: '" + str + "'", ErrorCode.REFERENCED_PROFILE_INVALID);
                }
                authenticationProfile.getParameters().put("providerProfile", oAuthClientProfile.getId());
            }
        }
    }

    private void handleOutboundSSLAuthN(AuthenticationProfile authenticationProfile) throws AppException {
        if (authenticationProfile.getType().equals(AuthType.ssl)) {
            String str = (String) authenticationProfile.getParameters().get("certFile");
            String str2 = (String) authenticationProfile.getParameters().get("password");
            if (str.contains(":")) {
                LOG.warn("Keystore format: <keystorename>:<type> is deprecated. Please remove the keystore type.");
                str = str.split(":")[0];
            }
            File file = new File(str);
            try {
                if (!file.exists()) {
                    file = new File(this.apiConfigFile.getCanonicalFile().getParent() + "/" + str);
                }
                if (!file.exists()) {
                    LOG.debug("Trying to load Client-Certificate from classpath");
                    if (getClass().getResource(str) == null) {
                        throw new AppException("Can't read Client-Certificate-Keystore: " + str + " from filesystem or classpath.", ErrorCode.UNXPECTED_ERROR);
                    }
                    file = new File(getClass().getResource(str).getFile());
                }
                if (this.apiConfig instanceof DesiredTestOnlyAPI) {
                    return;
                }
                FileInputStream fileInputStream = new FileInputStream(file);
                try {
                    JsonNode fileData = APIManagerAdapter.getFileData(IOUtils.toByteArray(new FileInputStream(file)), str, ContentType.create("application/x-pkcs12"));
                    fileInputStream.close();
                    CaCert caCert = new CaCert();
                    caCert.setCertFile(file.getName());
                    caCert.setInbound("false");
                    caCert.setOutbound("true");
                    APIManagerAdapter.getCertInfo(new FileInputStream(file), str2, caCert);
                    authenticationProfile.getParameters().put("pfx", fileData.get("data").asText());
                    authenticationProfile.getParameters().remove("certFile");
                } finally {
                }
            } catch (Exception e) {
                throw new AppException("Can't read Client-Cert-File: " + str + " from filesystem or classpath.", ErrorCode.UNXPECTED_ERROR, e);
            }
        }
    }

    private void validateHasQueryStringKey(API api) throws AppException {
        if (api.getApiRoutingKey() == null || (api instanceof DesiredTestOnlyAPI)) {
            return;
        }
        if (!APIManagerAdapter.hasAdminAccount()) {
            LOG.debug("Can't check if QueryString for API is needed without Admin-Account.");
        } else if (!APIManagerAdapter.getInstance().configAdapter.getConfig(true).getApiRoutingKeyEnabled().booleanValue()) {
            throw new AppException("API-Manager Query-String Routing option is disabled. Please turn it on to use apiRoutingKey.", ErrorCode.QUERY_STRING_ROUTING_DISABLED);
        }
    }

    private API addImageContent(API api) throws AppException {
        if (api.getImage() == null) {
            return api;
        }
        try {
            File file = new File(api.getImage().getFilename());
            if (!file.exists()) {
                file = new File(this.apiConfigFile.getCanonicalFile().getParent() + "/" + api.getImage().getFilename());
            }
            api.getImage().setBaseFilename(file.getName());
            if (file.exists()) {
                LOG.info("Loading image from: '" + file.getCanonicalFile() + "'");
                FileInputStream fileInputStream = new FileInputStream(file);
                try {
                    api.getImage().setImageContent(IOUtils.toByteArray(fileInputStream));
                    fileInputStream.close();
                    return api;
                } finally {
                }
            }
            InputStream resourceAsStream = getClass().getResourceAsStream(api.getImage().getFilename());
            if (resourceAsStream == null) {
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                throw new AppException("Configured image: '" + api.getImage().getFilename() + "' not found in filesystem (Relative/Absolute) or classpath.", ErrorCode.UNXPECTED_ERROR);
            }
            try {
                LOG.debug("Trying to load image from classpath");
                api.getImage().setImageContent(IOUtils.toByteArray(resourceAsStream));
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                return api;
            } finally {
            }
        } catch (Exception e) {
            throw new AppException("Can't read configured image-file: " + api.getImage().getFilename() + " from filesystem or classpath.", ErrorCode.UNXPECTED_ERROR, e);
        }
        throw new AppException("Can't read configured image-file: " + api.getImage().getFilename() + " from filesystem or classpath.", ErrorCode.UNXPECTED_ERROR, e);
    }

    public String getPathToAPIDefinition() {
        return this.pathToAPIDefinition;
    }

    public void setPathToAPIDefinition(String str) {
        this.pathToAPIDefinition = str;
    }

    private SSLConnectionSocketFactory createSSLContext() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException {
        SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
        sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustAllStrategy());
        String property = System.getProperty("javax.net.ssl.keyStore", "");
        if (StringUtils.isNotEmpty(property)) {
            String property2 = System.getProperty("javax.net.ssl.keyStorePassword", "");
            if (StringUtils.isNotEmpty(property2)) {
                String property3 = System.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType());
                LOG.debug("Reading keystore from {}", property);
                KeyStore keyStore = KeyStore.getInstance(property3);
                keyStore.load(new FileInputStream(new File(property)), property2.toCharArray());
                sSLContextBuilder.loadKeyMaterial(keyStore, property2.toCharArray());
            }
        } else {
            LOG.debug("NO javax.net.ssl.keyStore property.");
        }
        return new SSLConnectionSocketFactory(sSLContextBuilder.build(), getAcceptedTLSProtocols(), (String[]) null, new NoopHostnameVerifier());
    }

    private String[] getAcceptedTLSProtocols() {
        String property = System.getProperty("https.protocols", "TLSv1.2");
        LOG.debug("https protocols: {}", property);
        return property.split(",");
    }

    private CorsProfile getCorsProfile(API api, String str) {
        if (api.getCorsProfiles() == null || api.getCorsProfiles().size() == 0) {
            return null;
        }
        for (CorsProfile corsProfile : api.getCorsProfiles()) {
            if (str.equals(corsProfile.getName())) {
                return corsProfile;
            }
        }
        return null;
    }

    private AuthenticationProfile getAuthNProfile(API api, String str) {
        if (api.getAuthenticationProfiles() == null || api.getAuthenticationProfiles().size() == 0) {
            return null;
        }
        for (AuthenticationProfile authenticationProfile : api.getAuthenticationProfiles()) {
            if (str.equals(authenticationProfile.getName())) {
                return authenticationProfile;
            }
        }
        return null;
    }

    private SecurityProfile getSecurityProfile(API api, String str) throws AppException {
        if (api.getSecurityProfiles() == null || api.getSecurityProfiles().size() == 0) {
            return null;
        }
        for (SecurityProfile securityProfile : api.getSecurityProfiles()) {
            if (str.equals(securityProfile.getName())) {
                return securityProfile;
            }
        }
        return null;
    }

    private void handleVhost(API api) {
        if (api.getVhost() != null && "".equals(api.getVhost())) {
            api.setVhost((String) null);
        }
    }
}
