package net.bluemind.ysnp.impl;

import com.netflix.spectator.api.Registry;
import com.netflix.spectator.api.Timer;
import io.netty.buffer.ByteBuf;
import io.vertx.core.AbstractVerticle;
import io.vertx.core.Context;
import io.vertx.core.Promise;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.net.NetSocket;
import io.vertx.core.net.SocketAddress;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Supplier;
import net.bluemind.hornetq.client.MQ;
import net.bluemind.lib.vertx.ContextNetSocket;
import net.bluemind.lib.vertx.VertxContext;
import net.bluemind.lib.vertx.utils.PasswordDecoder;
import net.bluemind.metrics.registry.IdFactory;
import net.bluemind.metrics.registry.MetricsRegistry;
import net.bluemind.system.api.SysConfKeys;
import net.bluemind.ysnp.AuthConfig;
import net.bluemind.ysnp.YSNPConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/ysnp/impl/SaslAuthdVerticle.class */
public class SaslAuthdVerticle extends AbstractVerticle {
    private Supplier<Optional<String>> defaultDomain;
    private final String socketPath;
    private final AuthConfig authConfig;
    private static final Logger logger = LoggerFactory.getLogger(SaslAuthdVerticle.class);
    private static final Registry registry = MetricsRegistry.get();
    private static final IdFactory idFactory = new IdFactory(MetricsRegistry.get(), SaslAuthdVerticle.class);
    private static final byte[] SASL_OK = {0, 2, 79, 75};
    private static final byte[] SASL_FAILED = {0, 2, 78, 79};
    private static final ValidationPolicy POLICY = new ValidationPolicy(YSNPConfiguration.INSTANCE);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/bluemind/ysnp/impl/SaslAuthdVerticle$Creds.class */
    public static class Creds {
        String login;
        String password;
        String service;
        String realm;

        public Creds(String str, String str2, String str3, String str4) {
            this.login = str;
            this.password = str2;
            this.service = str3;
            this.realm = str4;
        }
    }

    public SaslAuthdVerticle(String str) {
        this(str, AuthConfig.defaultConfig());
    }

    public SaslAuthdVerticle(String str, AuthConfig authConfig) {
        this.authConfig = authConfig;
        this.socketPath = str;
    }

    public void start(Promise<Void> promise) {
        AtomicReference atomicReference = new AtomicReference();
        MQ.init().thenAccept(r4 -> {
            atomicReference.set(MQ.sharedMap("system.configuration"));
        });
        this.defaultDomain = () -> {
            return (Optional) Optional.ofNullable((MQ.SharedMap) atomicReference.get()).map(sharedMap -> {
                return Optional.ofNullable((sharedMap.get(SysConfKeys.default_domain.name()) == null || ((String) sharedMap.get(SysConfKeys.default_domain.name())).isEmpty()) ? null : (String) sharedMap.get(SysConfKeys.default_domain.name()));
            }).orElse(Optional.empty());
        };
        this.vertx.createNetServer().connectHandler(netSocket -> {
            Context orCreateDuplicatedContext = VertxContext.getOrCreateDuplicatedContext();
            orCreateDuplicatedContext.runOnContext(r9 -> {
                handleNetSock(new ContextNetSocket(orCreateDuplicatedContext, netSocket), POLICY);
            });
        }).listen(SocketAddress.domainSocketAddress(this.socketPath), asyncResult -> {
            if (asyncResult.failed()) {
                logger.error(asyncResult.cause().getMessage(), asyncResult.cause());
                promise.fail(asyncResult.cause());
            } else {
                logger.info("Listening on {}", this.socketPath);
                promise.complete();
            }
        });
    }

    protected void handleNetSock(NetSocket netSocket, ValidationPolicy validationPolicy) {
        netSocket.exceptionHandler(th -> {
            logger.error(th.getMessage(), th);
        });
        netSocket.handler(buffer -> {
            Creds parse = parse(buffer.getByteBuf());
            Timer timer = registry.timer(idFactory.name("validationTime"));
            long monotonicTime = registry.clock().monotonicTime();
            this.vertx.executeBlocking(() -> {
                return Boolean.valueOf(validationPolicy.validate(parse.login, parse.password, parse.service, parse.realm, this.authConfig));
            }).andThen(asyncResult -> {
                timer.record(registry.clock().monotonicTime() - monotonicTime, TimeUnit.NANOSECONDS);
                if (asyncResult.succeeded() && ((Boolean) asyncResult.result()).booleanValue()) {
                    registry.counter(idFactory.name("authCount", new String[]{"status", "ok", "service", parse.service})).increment();
                    netSocket.write(Buffer.buffer(SASL_OK));
                } else {
                    registry.counter(idFactory.name("authCount", new String[]{"status", "failed", "service", parse.service})).increment();
                    netSocket.write(Buffer.buffer(SASL_FAILED));
                }
            });
        });
    }

    private Creds parse(ByteBuf byteBuf) {
        byte[] bArr = new byte[byteBuf.readShort()];
        byteBuf.readBytes(bArr);
        String str = new String(bArr);
        byte[] bArr2 = new byte[byteBuf.readShort()];
        byteBuf.readBytes(bArr2);
        String password = PasswordDecoder.getPassword(str, bArr2);
        byte[] bArr3 = new byte[byteBuf.readShort()];
        byteBuf.readBytes(bArr3);
        String str2 = new String(bArr3);
        byte[] bArr4 = new byte[byteBuf.readShort()];
        byteBuf.readBytes(bArr4);
        String str3 = new String(bArr4);
        if (!"admin0".equals(str) && str3.isEmpty() && this.defaultDomain.get().isPresent()) {
            str3 = this.defaultDomain.get().get();
        }
        return new Creds(str, password, str2, str3);
    }
}
