package org.squashtest.tm.service.internal.servers;

import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonTypeInfo;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.Arrays;
import java.util.Map;
import javax.annotation.PostConstruct;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
import javax.persistence.PersistenceContext;
import javax.transaction.Transactional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
import org.squashtest.csp.core.bugtracker.domain.BugTracker;
import org.squashtest.tm.domain.servers.AuthenticationProtocol;
import org.squashtest.tm.domain.servers.Credentials;
import org.squashtest.tm.domain.servers.StoredCredentials;
import org.squashtest.tm.service.internal.repository.ParameterNames;
import org.squashtest.tm.service.internal.servers.Crypto;
import org.squashtest.tm.service.servers.EncryptionKeyChangedException;
import org.squashtest.tm.service.servers.MissingEncryptionKeyException;
import org.squashtest.tm.service.servers.StoredCredentialsManager;

@Transactional
@Service
/* loaded from: input_file:org/squashtest/tm/service/internal/servers/StoredCredentialsManagerImpl.class */
public class StoredCredentialsManagerImpl implements StoredCredentialsManager {
    private static final String JACKSON_TYPE_ID_ATTR = "@class";
    private static final Logger LOGGER = LoggerFactory.getLogger(StoredCredentialsManagerImpl.class);

    @PersistenceContext
    private EntityManager em;

    @Value("${squash.crypto.secret}")
    private char[] secret = new char[0];
    private ObjectMapper objectMapper;

    @JsonTypeInfo(include = JsonTypeInfo.As.PROPERTY, use = JsonTypeInfo.Id.CLASS)
    @JsonInclude
    /* loaded from: input_file:org/squashtest/tm/service/internal/servers/StoredCredentialsManagerImpl$CredentialsMixin.class */
    abstract class CredentialsMixin {
        CredentialsMixin() {
        }

        @JsonIgnore
        abstract AuthenticationProtocol getImplementedProtocol();
    }

    public boolean isSecretConfigured() {
        if (this.secret.length == 0) {
            return false;
        }
        for (int i = 0; i < this.secret.length; i++) {
            char c = this.secret[i];
            if (c != ' ' && c != '\t') {
                return true;
            }
        }
        return false;
    }

    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public void storeCredentials(long j, Credentials credentials) {
        if (!isSecretConfigured()) {
            throw new MissingEncryptionKeyException();
        }
        try {
            String writeValueAsString = this.objectMapper.writeValueAsString(credentials);
            Crypto crypto = new Crypto(Arrays.copyOf(this.secret, this.secret.length));
            Crypto.EncryptionOutcome encrypt = crypto.encrypt(writeValueAsString);
            try {
                ((StoredCredentials) this.em.createNamedQuery("StoredCredentials.findByServerId").setParameter(ParameterNames.SERVER_ID, Long.valueOf(j)).getSingleResult()).setEncryptedCredentials(encrypt.getEncryptedText());
            } catch (NoResultException unused) {
                BugTracker bugTracker = (BugTracker) this.em.find(BugTracker.class, Long.valueOf(j));
                StoredCredentials storedCredentials = new StoredCredentials();
                storedCredentials.setAuthenticatedServer(bugTracker);
                storedCredentials.setEncryptedCredentials(encrypt.getEncryptedText());
                storedCredentials.setEncryptionVersion(encrypt.getVersion());
                this.em.persist(storedCredentials);
            } finally {
                crypto.dispose();
            }
        } catch (JsonProcessingException e) {
            LOGGER.error("an error occured while storing the credentials for server {} due to serialization error ", Long.valueOf(j), e);
            throw new RuntimeException((Throwable) e);
        }
    }

    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public Credentials findCredentials(long j) {
        return unsecuredFindCredentials(j);
    }

    public Credentials unsecuredFindCredentials(long j) {
        if (!isSecretConfigured()) {
            throw new MissingEncryptionKeyException();
        }
        Crypto crypto = new Crypto(Arrays.copyOf(this.secret, this.secret.length));
        String str = null;
        try {
            try {
                try {
                    str = crypto.decrypt(((StoredCredentials) this.em.createNamedQuery("StoredCredentials.findByServerId").setParameter(ParameterNames.SERVER_ID, Long.valueOf(j)).getSingleResult()).getEncryptedCredentials());
                    return (Credentials) this.objectMapper.readValue(str, Credentials.class);
                } catch (IOException e) {
                    LOGGER.debug(e.getMessage(), e);
                    throw investigateDeserializationError(str);
                }
            } catch (NoResultException e2) {
                LOGGER.debug("No Result on retrieving credentials.", e2);
                crypto.dispose();
                return null;
            }
        } finally {
            crypto.dispose();
        }
    }

    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public void deleteCredentials(long j) {
        try {
            this.em.remove((StoredCredentials) this.em.createNamedQuery("StoredCredentials.findByServerId").setParameter(ParameterNames.SERVER_ID, Long.valueOf(j)).getSingleResult());
        } catch (NoResultException unused) {
        }
    }

    private RuntimeException investigateDeserializationError(String str) {
        try {
            return new RuntimeException("missing implementation for credential type '" + ((String) ((Map) this.objectMapper.readValue(str, Map.class)).get(JACKSON_TYPE_ID_ATTR)) + "', or that type does not implement '" + Credentials.class.getName() + "'");
        } catch (IOException unused) {
            return new EncryptionKeyChangedException();
        }
    }

    @PostConstruct
    void initialize() {
        ObjectMapper objectMapper = new ObjectMapper();
        objectMapper.addMixIn(Credentials.class, CredentialsMixin.class);
        this.objectMapper = objectMapper;
    }
}
