package org.zowe.apiml.zaas.security.service.zosmf;

import lombok.Generated;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import org.zowe.apiml.message.log.ApimlLogger;
import org.zowe.apiml.product.logging.annotations.InjectApimlLogger;
import org.zowe.apiml.security.common.error.ServiceNotAccessibleException;
import org.zowe.apiml.zaas.security.service.zosmf.TokenValidationRequest;
import org.zowe.apiml.zaas.security.service.zosmf.ZosmfService;

/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/zaas/security/service/zosmf/AuthenticatedEndpointStrategy.class */
public class AuthenticatedEndpointStrategy implements TokenValidationStrategy {
    private final RestTemplate restTemplateWithoutKeystore;

    @InjectApimlLogger
    protected ApimlLogger apimlLog = ApimlLogger.empty();
    public final String authenticatedEndpoint;
    private final HttpMethod httpMethod;

    @Override // org.zowe.apiml.zaas.security.service.zosmf.TokenValidationStrategy
    public void validate(TokenValidationRequest tokenValidationRequest) {
        String str = tokenValidationRequest.getZosmfBaseUrl() + this.authenticatedEndpoint;
        String str2 = "Endpoint does not exist";
        if (endpointExists(tokenValidationRequest, this.authenticatedEndpoint)) {
            try {
                HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.add("X-CSRF-ZOSMF-HEADER", "");
                httpHeaders.add("Cookie", ZosmfService.TokenType.JWT.getCookieName() + "=" + tokenValidationRequest.getToken());
                ResponseEntity exchange = this.restTemplateWithoutKeystore.exchange(str, this.httpMethod, new HttpEntity<>(null, httpHeaders), String.class, new Object[0]);
                if (exchange.getStatusCode().is2xxSuccessful()) {
                    tokenValidationRequest.setAuthenticated(TokenValidationRequest.STATUS.AUTHENTICATED);
                    return;
                } else {
                    if (HttpStatus.UNAUTHORIZED.equals(exchange.getStatusCode())) {
                        tokenValidationRequest.setAuthenticated(TokenValidationRequest.STATUS.INVALID);
                        return;
                    }
                    str2 = String.valueOf(exchange.getStatusCode());
                }
            } catch (HttpClientErrorException.Unauthorized e) {
                tokenValidationRequest.setAuthenticated(TokenValidationRequest.STATUS.INVALID);
                return;
            }
        }
        this.apimlLog.log("org.zowe.apiml.security.serviceUnavailable", str, str2);
        throw new ServiceNotAccessibleException("Could not get an access to z/OSMF service.");
    }

    private boolean endpointExists(TokenValidationRequest tokenValidationRequest, String str) {
        if (tokenValidationRequest.getEndpointExistenceMap() == null || tokenValidationRequest.getEndpointExistenceMap().isEmpty()) {
            return true;
        }
        return ((Boolean) tokenValidationRequest.getEndpointExistenceMap().entrySet().stream().filter(entry -> {
            return ((String) entry.getKey()).equalsIgnoreCase(tokenValidationRequest.getZosmfBaseUrl() + str);
        }).findFirst().map((v0) -> {
            return v0.getValue();
        }).orElse(true)).booleanValue();
    }

    public String toString() {
        return "AuthenticatedEndpointStrategy{endpoint=" + this.authenticatedEndpoint + "}";
    }

    @Generated
    public AuthenticatedEndpointStrategy(RestTemplate restTemplate, String str, HttpMethod httpMethod) {
        this.restTemplateWithoutKeystore = restTemplate;
        this.authenticatedEndpoint = str;
        this.httpMethod = httpMethod;
    }
}
