package com.axway.apim.actions.tasks;

import com.axway.apim.actions.rest.DELRequest;
import com.axway.apim.actions.rest.POSTRequest;
import com.axway.apim.actions.rest.Transaction;
import com.axway.apim.lib.AppException;
import com.axway.apim.lib.CommandParameters;
import com.axway.apim.lib.ErrorCode;
import com.axway.apim.swagger.APIManagerAdapter;
import com.axway.apim.swagger.api.properties.apiAccess.APIAccess;
import com.axway.apim.swagger.api.properties.applications.ClientApplication;
import com.axway.apim.swagger.api.state.ActualAPI;
import com.axway.apim.swagger.api.state.IAPI;
import com.fasterxml.jackson.databind.JsonNode;
import java.util.ArrayList;
import java.util.List;
import java.util.ListIterator;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.StringEntity;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:com/axway/apim/actions/tasks/ManageClientApps.class */
public class ManageClientApps extends AbstractAPIMTask implements IResponseParser {
    private static String MODE = "MODE";
    private static String MODE_CREATE_API_ACCESS = "MODE_CREATE_API_ACCESS";
    private static String MODE_REMOVE_API_ACCESS = "MODE_REMOVE_API_ACCESS";
    private static boolean hasAdminAccount;
    IAPI oldAPI;

    public ManageClientApps(IAPI iapi, IAPI iapi2, IAPI iapi3) throws AppException {
        super(iapi, iapi2);
        hasAdminAccount = APIManagerAdapter.hasAdminAccount();
        this.oldAPI = iapi3;
    }

    public void execute(boolean z) throws AppException {
        if (this.desiredState.getApplications() != null || z) {
            if (CommandParameters.getInstance().isIgnoreClientApps()) {
                LOG.info("Configured client applications are ignored, as flag ignoreClientApps has been set.");
                return;
            }
            if (this.desiredState.getApplications() != null) {
                removeNonGrantedClientApps(this.desiredState.getApplications());
            }
            if (z && this.actualState.getState().equals(IAPI.STATE_UNPUBLISHED) && CommandParameters.getInstance().getClientAppsMode().equals(CommandParameters.MODE_ADD)) {
                removeNonGrantedClientApps(this.oldAPI.getApplications());
                List<ClientApplication> missingApps = getMissingApps(this.oldAPI.getApplications(), this.actualState.getApplications());
                createAppSubscription(missingApps, this.actualState.getId());
                this.actualState.setApplications(missingApps);
            }
            List<ClientApplication> missingApps2 = getMissingApps(this.desiredState.getApplications(), this.actualState.getApplications());
            List<ClientApplication> missingApps3 = getMissingApps(this.actualState.getApplications(), this.desiredState.getApplications());
            if (missingApps2.size() != 0 || this.desiredState.getApplications() == null) {
                createAppSubscription(missingApps2, this.actualState.getId());
            } else {
                LOG.info("All desired applications: " + this.desiredState.getApplications() + " have already a subscription. Nothing to do.");
            }
            if (missingApps3.size() > 0) {
                if (!CommandParameters.getInstance().getClientAppsMode().equals(CommandParameters.MODE_REPLACE)) {
                    LOG.info("NOT removing access for appplications: " + missingApps3 + " from API: " + this.actualState.getName() + " as clientAppsMode NOT set to replace.");
                } else {
                    LOG.info("Removing access for appplications: " + missingApps3 + " from API: " + this.actualState.getName());
                    removeAppSubscription(missingApps3, this.actualState.getId());
                }
            }
        }
    }

    private void removeNonGrantedClientApps(List<ClientApplication> list) throws AppException {
        if (list == null) {
            return;
        }
        ListIterator<ClientApplication> listIterator = list.listIterator();
        while (listIterator.hasNext()) {
            ClientApplication next = listIterator.next();
            if (!hasClientAppPermission(next)) {
                LOG.error("Organization of configured application: '" + next.getName() + "' has NO permission to this API. Ignoring this application.");
                listIterator.remove();
            }
        }
    }

    private boolean hasClientAppPermission(ClientApplication clientApplication) throws AppException {
        String name = APIManagerAdapter.getInstance().getOrg(clientApplication.getOrganizationId()).getName();
        if (name == null) {
            return false;
        }
        if (clientApplication.getOrganizationId().equals(((ActualAPI) this.actualState).getOrganizationId())) {
            return true;
        }
        if (this.actualState.getClientOrganizations() != null) {
            return this.actualState.getClientOrganizations().contains(name);
        }
        LOG.debug("No Client-Orgs configured for this API, therefore other app has NO permission.");
        return false;
    }

    private void createAppSubscription(List<ClientApplication> list, String str) throws AppException {
        if (list.size() == 0) {
            return;
        }
        Transaction.getInstance().put(MODE, MODE_CREATE_API_ACCESS);
        LOG.info("Creating API-Access for the following apps: '" + list.toString() + "'");
        try {
            for (ClientApplication clientApplication : list) {
                LOG.debug("Creating API-Access for application '" + clientApplication.getName() + "'");
                Transaction.getInstance().put("appName", clientApplication);
                new POSTRequest(new StringEntity("{\"apiId\":\"" + str + "\",\"enabled\":true}"), new URIBuilder(cmd.getAPIManagerURL()).setPath("/api/portal/v1.3/applications/" + clientApplication.getId() + "/apis").build(), this, hasAdminAccount).execute();
            }
        } catch (Exception e) {
            throw new AppException("Can't create API access requests.", ErrorCode.API_MANAGER_COMMUNICATION, e);
        }
    }

    private void removeAppSubscription(List<ClientApplication> list, String str) throws AppException {
        Transaction.getInstance().put(MODE, MODE_REMOVE_API_ACCESS);
        for (ClientApplication clientApplication : list) {
            if (hasClientAppPermission(clientApplication)) {
                LOG.debug("Removing API-Access for application '" + clientApplication.getName() + "'");
                String str2 = null;
                try {
                    Transaction.getInstance().put("appName", clientApplication);
                    for (APIAccess aPIAccess : clientApplication.getApiAccess()) {
                        if (aPIAccess.getApiId().equals(str)) {
                            str2 = aPIAccess.getId();
                        }
                    }
                    if (str2 == null) {
                        LOG.warn("Application: '" + clientApplication.getName() + "' (" + clientApplication.getId() + ") seems not have access to API: '" + this.actualState.getName() + "' (" + str + "). Continue");
                    } else {
                        new DELRequest(new URIBuilder(cmd.getAPIManagerURL()).setPath("/api/portal/v1.3/applications/" + clientApplication.getId() + "/apis/" + str2).build(), this, hasAdminAccount).execute();
                    }
                } catch (Exception e) {
                    LOG.error("Can't delete API access requests for application.");
                    throw new AppException("Can't delete API access requests for application.", ErrorCode.API_MANAGER_COMMUNICATION, e);
                }
            }
        }
    }

    @Override // com.axway.apim.actions.tasks.IResponseParser
    public JsonNode parseResponse(HttpResponse httpResponse) throws AppException {
        Transaction transaction = Transaction.getInstance();
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        try {
            if (transaction.get(MODE).equals(MODE_CREATE_API_ACCESS) && statusCode == 201) {
                this.actualState.getApplications().add((ClientApplication) transaction.get("appName"));
                LOG.debug("Successfully created API-Access for application: '" + transaction.get("appName") + "'");
            } else {
                if (!transaction.get(MODE).equals(MODE_REMOVE_API_ACCESS) || statusCode != 204) {
                    LOG.error("Received status code: " + httpResponse.getStatusLine().getStatusCode());
                    try {
                        LOG.error("Received response: " + EntityUtils.toString(httpResponse.getEntity()));
                    } catch (Exception e) {
                        LOG.error(e.getMessage(), e);
                    }
                    throw new AppException("Failure creating/deleting API-Access to/from application: '" + transaction.get("appName") + "'. Mode: '" + transaction.get(MODE) + "'", ErrorCode.API_MANAGER_COMMUNICATION);
                }
                this.actualState.getApplications().remove((ClientApplication) transaction.get("appName"));
                LOG.debug("Successfully removed API-Access from application: '" + transaction.get("appName") + "'");
            }
            try {
                return null;
            } catch (Exception e2) {
                return null;
            }
        } finally {
            try {
                ((CloseableHttpResponse) httpResponse).close();
            } catch (Exception e3) {
            }
        }
    }

    private List<ClientApplication> getMissingApps(List<ClientApplication> list, List<ClientApplication> list2) throws AppException {
        ArrayList arrayList = new ArrayList();
        if (list2 == null) {
            list2 = new ArrayList();
        }
        if (list == null) {
            list = new ArrayList();
        }
        for (ClientApplication clientApplication : list) {
            if (!list2.contains(clientApplication)) {
                arrayList.add(clientApplication);
            }
        }
        return arrayList;
    }
}
