package org.craftercms.studio.impl.v2.service.cluster;

import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Objects;
import java.util.Properties;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.configuration2.HierarchicalConfiguration;
import org.apache.commons.configuration2.tree.ImmutableNode;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.commons.crypto.CryptoException;
import org.craftercms.commons.crypto.TextEncryptor;
import org.craftercms.studio.api.v1.constant.StudioConstants;
import org.craftercms.studio.api.v1.exception.ServiceLayerException;
import org.craftercms.studio.api.v1.log.Logger;
import org.craftercms.studio.api.v1.log.LoggerFactory;
import org.craftercms.studio.api.v2.dal.ClusterDAO;
import org.craftercms.studio.api.v2.dal.ClusterMember;
import org.craftercms.studio.api.v2.utils.StudioConfiguration;
import org.eclipse.jgit.api.DeleteBranchCommand;
import org.eclipse.jgit.api.Git;
import org.eclipse.jgit.api.ListBranchCommand;
import org.eclipse.jgit.api.RemoteRemoveCommand;
import org.eclipse.jgit.api.TransportCommand;
import org.eclipse.jgit.api.errors.GitAPIException;
import org.eclipse.jgit.lib.Ref;
import org.eclipse.jgit.transport.JschConfigSessionFactory;
import org.eclipse.jgit.transport.OpenSshConfig;
import org.eclipse.jgit.transport.SshTransport;
import org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider;
import org.eclipse.jgit.util.FS;

/* loaded from: input_file:BOOT-INF/lib/crafter-studio-3.1.11E-classes.jar:org/craftercms/studio/impl/v2/service/cluster/StudioClusterUtils.class */
public class StudioClusterUtils {
    private static final Logger logger = LoggerFactory.getLogger(StudioClusterUtils.class);
    private static final String NON_SSH_GIT_URL_REGEX = "(file|https?|git)://.+";
    private static final String PROP_STRICT_HOST_KEY_CHECKING = "StrictHostKeyChecking";
    private static final String PROP_STRICT_HOST_KEY_CHECKING_VALUE = "no";
    private TextEncryptor encryptor;
    private ClusterDAO clusterDao;
    private StudioConfiguration studioConfiguration;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/crafter-studio-3.1.11E-classes.jar:org/craftercms/studio/impl/v2/service/cluster/StudioClusterUtils$StrictHostCheckingOffSshSessionFactory.class */
    public static class StrictHostCheckingOffSshSessionFactory extends JschConfigSessionFactory {
        private StrictHostCheckingOffSshSessionFactory() {
        }

        protected void configure(OpenSshConfig.Host host, Session session) {
            Properties properties = new Properties();
            properties.put(StudioClusterUtils.PROP_STRICT_HOST_KEY_CHECKING, "no");
            session.setConfig(properties);
        }
    }

    public StudioClusterUtils(ClusterDAO clusterDAO, StudioConfiguration studioConfiguration, TextEncryptor textEncryptor) {
        this.clusterDao = clusterDAO;
        this.studioConfiguration = studioConfiguration;
        this.encryptor = textEncryptor;
    }

    public HierarchicalConfiguration<ImmutableNode> getClusterConfiguration() {
        return this.studioConfiguration.getSubConfig(StudioConfiguration.CLUSTERING_NODE_REGISTRATION);
    }

    public String getClusterNodeLocalAddress() {
        HierarchicalConfiguration<ImmutableNode> clusterConfiguration = getClusterConfiguration();
        String str = "";
        if (clusterConfiguration != null && !clusterConfiguration.isEmpty()) {
            str = clusterConfiguration.getString("localAddress");
        }
        return str;
    }

    public List<ClusterMember> getClusterNodes(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("localAddress", str);
        hashMap.put("state", ClusterMember.State.ACTIVE.toString());
        return this.clusterDao.getOtherMembers(hashMap);
    }

    public void removeRemote(Git git, String str) throws GitAPIException {
        RemoteRemoveCommand remoteRemove = git.remoteRemove();
        remoteRemove.setRemoteName(str);
        remoteRemove.call();
        List<Ref> call = git.branchList().setListMode(ListBranchCommand.ListMode.REMOTE).call();
        ArrayList arrayList = new ArrayList();
        for (Ref ref : call) {
            if (ref.getName().startsWith("refs/remotes/" + str)) {
                arrayList.add(ref.getName());
            }
        }
        if (CollectionUtils.isNotEmpty(arrayList)) {
            DeleteBranchCommand branchDelete = git.branchDelete();
            branchDelete.setBranchNames((String[]) arrayList.toArray(new String[arrayList.size()]));
            branchDelete.setForce(true);
            branchDelete.call();
        }
    }

    public <T extends TransportCommand> T configureAuthenticationForCommand(ClusterMember clusterMember, T t, Path path) throws CryptoException, IOException, ServiceLayerException {
        boolean z = !clusterMember.getGitUrl().matches(NON_SSH_GIT_URL_REGEX);
        String gitAuthType = clusterMember.getGitAuthType();
        boolean z2 = -1;
        switch (gitAuthType.hashCode()) {
            case 106079:
                if (gitAuthType.equals("key")) {
                    z2 = 3;
                    break;
                }
                break;
            case 3387192:
                if (gitAuthType.equals("none")) {
                    z2 = false;
                    break;
                }
                break;
            case 93508654:
                if (gitAuthType.equals("basic")) {
                    z2 = true;
                    break;
                }
                break;
            case 110541305:
                if (gitAuthType.equals("token")) {
                    z2 = 2;
                    break;
                }
                break;
        }
        switch (z2) {
            case false:
                logger.debug("No authentication", new Object[0]);
                break;
            case true:
                logger.debug("Basic Authentication", new Object[0]);
                configureBasicAuthentication(clusterMember, t, this.encryptor, z);
                break;
            case true:
                logger.debug("Token based Authentication", new Object[0]);
                configureTokenAuthentication(clusterMember, t, this.encryptor, z);
                break;
            case true:
                if (!z) {
                    throw new ServiceLayerException("Can't do private key authentication with non-ssh URLs");
                }
                logger.debug("Private Key Authentication", new Object[0]);
                configurePrivateKeyAuthentication(clusterMember, t, this.encryptor, path);
                break;
            default:
                throw new ServiceLayerException("Unsupported authentication type " + clusterMember.getGitAuthType());
        }
        return t;
    }

    private <T extends TransportCommand> void configureBasicAuthentication(ClusterMember clusterMember, T t, TextEncryptor textEncryptor, boolean z) throws CryptoException {
        String decrypt = textEncryptor.decrypt(clusterMember.getGitPassword());
        new UsernamePasswordCredentialsProvider(clusterMember.getGitUsername(), decrypt);
        if (z) {
            t.setTransportConfigCallback(transport -> {
                ((SshTransport) transport).setSshSessionFactory(new StrictHostCheckingOffSshSessionFactory() { // from class: org.craftercms.studio.impl.v2.service.cluster.StudioClusterUtils.1
                    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                    {
                        super();
                    }

                    @Override // org.craftercms.studio.impl.v2.service.cluster.StudioClusterUtils.StrictHostCheckingOffSshSessionFactory
                    protected void configure(OpenSshConfig.Host host, Session session) {
                        super.configure(host, session);
                        session.setPassword(decrypt);
                    }
                });
            });
        }
    }

    private <T extends TransportCommand> void configureTokenAuthentication(ClusterMember clusterMember, T t, TextEncryptor textEncryptor, boolean z) throws CryptoException {
        UsernamePasswordCredentialsProvider usernamePasswordCredentialsProvider = new UsernamePasswordCredentialsProvider(textEncryptor.decrypt(clusterMember.getGitToken()), "");
        if (z) {
            t.setTransportConfigCallback(transport -> {
                ((SshTransport) transport).setSshSessionFactory(new StrictHostCheckingOffSshSessionFactory());
            });
        }
        t.setCredentialsProvider(usernamePasswordCredentialsProvider);
    }

    private <T extends TransportCommand> void configurePrivateKeyAuthentication(ClusterMember clusterMember, T t, TextEncryptor textEncryptor, Path path) throws CryptoException, IOException {
        try {
            Files.write(path, textEncryptor.decrypt(clusterMember.getGitPrivateKey()).getBytes(), new OpenOption[0]);
            path.toFile().deleteOnExit();
            t.setTransportConfigCallback(transport -> {
                ((SshTransport) transport).setSshSessionFactory(new StrictHostCheckingOffSshSessionFactory() { // from class: org.craftercms.studio.impl.v2.service.cluster.StudioClusterUtils.2
                    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                    {
                        super();
                    }

                    protected JSch createDefaultJSch(FS fs) throws JSchException {
                        JSch createDefaultJSch = super.createDefaultJSch(fs);
                        createDefaultJSch.addIdentity(path.toAbsolutePath().toString());
                        return createDefaultJSch;
                    }
                });
            });
        } catch (IOException e) {
            throw new IOException("Failed to write private key for SSH connection to temp location", e);
        }
    }

    public String getLockOwnerId() {
        HierarchicalConfiguration<ImmutableNode> subConfig = this.studioConfiguration.getSubConfig(StudioConfiguration.CLUSTERING_NODE_REGISTRATION);
        String string = Objects.nonNull(subConfig) ? subConfig.getString("localAddress") : "";
        if (StringUtils.isEmpty(string)) {
            try {
                string = InetAddress.getLocalHost().toString();
            } catch (UnknownHostException e) {
                string = StudioConstants.DEFAULT_PUBLISHING_LOCK_OWNER_ID;
            }
        }
        return string;
    }

    public int getLockTTL() {
        return ((Integer) this.studioConfiguration.getProperty(StudioConfiguration.PUBLISHING_SITE_LOCK_TTL, Integer.class)).intValue();
    }
}
