package com.day.cq.dam.asset.sourcing.impl;

import com.adobe.cq.dam.bp.cloudconfig.BPTokenProvider;
import com.adobe.cq.dam.bp.cloudconfig.MediaPortalCloudConfigResolver;
import com.adobe.cq.dam.bp.cloudconfig.MediaPortalCloudConfiguration;
import com.adobe.granite.auth.oauth.AccessTokenProvider;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyStore;
import java.util.Collections;
import java.util.Map;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import org.apache.commons.httpclient.HostConfiguration;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.lang.StringUtils;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.RequestBuilder;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.osgi.services.HttpClientBuilderFactory;
import org.apache.sling.api.resource.LoginException;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.jcr.api.SlingRepository;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(service = {AssetImportHelper.class})
/* loaded from: input_file:com/day/cq/dam/asset/sourcing/impl/AssetImportHelper.class */
public class AssetImportHelper {
    private static final Logger log = LoggerFactory.getLogger(AssetImportHelper.class);
    private static final String BEARER_AUTHENTICATION_FORMAT = "Bearer %s";
    private static final String AUTHORIZATION_HEADER = "Authorization";
    private static final int HTTP_CONNECTION_POOL_SIZE = 10;
    private static final String SUBSERVICE_NAME = "assetimportservice";
    private static final String BRAND_PORTAL_IMS_SERVICE = "bp-imsconfig-service";
    private PoolingHttpClientConnectionManager connectionManager;
    private CloseableHttpClient httpClient;

    @Reference
    private SlingRepository slingRepository;

    @Reference
    private ResourceResolverFactory rrf;

    @Reference
    private MediaPortalCloudConfigResolver cloudConfigResolver;

    @Reference
    private BPTokenProvider bpTokenProvider;

    @Reference
    private HttpClientBuilderFactory httpClientBuilderFactory;
    private final ReentrantReadWriteLock rwl = new ReentrantReadWriteLock();
    private final Map<String, Object> RESOURCE_RESOLVER_PROPERTIES = Collections.singletonMap("sling.service.subservice", SUBSERVICE_NAME);

    /* loaded from: input_file:com/day/cq/dam/asset/sourcing/impl/AssetImportHelper$AccessTokenProviderInfo.class */
    static final class AccessTokenProviderInfo {
        public final AccessTokenProvider provider;
        public final Map<String, Object> properties;

        public AccessTokenProviderInfo(AccessTokenProvider accessTokenProvider, Map<String, Object> map) {
            this.properties = map;
            this.provider = accessTokenProvider;
        }
    }

    public CloseableHttpResponse request(String str) throws LoginException, ClientProtocolException, IOException {
        log.debug("Request received to send HTTP request to Brand Portal at path {}", str);
        RequestBuilder.get();
        ResourceResolver serviceResourceResolver = this.rrf.getServiceResourceResolver(this.RESOURCE_RESOLVER_PROPERTIES);
        try {
            MediaPortalCloudConfiguration defaultConfig = this.cloudConfigResolver.getDefaultConfig(serviceResourceResolver);
            if (defaultConfig == null) {
                log.error("No tenant config found.");
                throw new RuntimeException("No tenant config found.");
            }
            checkAndCreateHttpClient();
            RequestBuilder createRequest = createRequest(defaultConfig, str);
            if (serviceResourceResolver != null) {
                serviceResourceResolver.close();
            }
            return this.httpClient.execute(createRequest.build());
        } catch (Throwable th) {
            if (serviceResourceResolver != null) {
                try {
                    serviceResourceResolver.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public String getAuthorizationHeader(AccessTokenProvider accessTokenProvider) {
        ResourceResolver resourceResolver = null;
        log.debug("* OAuth 2.0 User: {}", BRAND_PORTAL_IMS_SERVICE);
        try {
            try {
                resourceResolver = newAgentResolver(BRAND_PORTAL_IMS_SERVICE);
                String format = String.format(BEARER_AUTHENTICATION_FORMAT, accessTokenProvider.getAccessToken(resourceResolver, BRAND_PORTAL_IMS_SERVICE, (Map) null));
                Session session = (Session) resourceResolver.adaptTo(Session.class);
                if (resourceResolver != null) {
                    resourceResolver.close();
                }
                if (session != null) {
                    session.logout();
                }
                return format;
            } catch (Exception e) {
                log.error("Failed to get an access token for user: {} msg: {}", BRAND_PORTAL_IMS_SERVICE, e.getMessage());
                Session session2 = (Session) resourceResolver.adaptTo(Session.class);
                if (resourceResolver != null) {
                    resourceResolver.close();
                }
                if (session2 == null) {
                    return null;
                }
                session2.logout();
                return null;
            }
        } catch (Throwable th) {
            Session session3 = (Session) resourceResolver.adaptTo(Session.class);
            if (resourceResolver != null) {
                resourceResolver.close();
            }
            if (session3 != null) {
                session3.logout();
            }
            throw th;
        }
    }

    private void checkAndCreateHttpClient() {
        this.rwl.readLock().lock();
        if (this.httpClient == null) {
            this.rwl.readLock().unlock();
            this.rwl.writeLock().lock();
            try {
                if (this.httpClient == null) {
                    this.httpClient = createHttpClient();
                }
                this.rwl.readLock().lock();
            } finally {
                this.rwl.writeLock().unlock();
            }
        }
        this.rwl.readLock().unlock();
    }

    protected CloseableHttpClient createHttpClient() {
        return this.httpClientBuilderFactory.newBuilder().setConnectionManager(this.connectionManager).build();
    }

    protected RequestBuilder createRequest(MediaPortalCloudConfiguration mediaPortalCloudConfiguration, String str) {
        String authorizationHeader;
        RequestBuilder requestBuilder = RequestBuilder.get();
        RequestConfig.Builder custom = RequestConfig.custom();
        AccessTokenProvider accessTokenProvider = this.bpTokenProvider.getAccessTokenProvider();
        if (accessTokenProvider != null && (authorizationHeader = getAuthorizationHeader(accessTokenProvider)) != null) {
            requestBuilder.addHeader(AUTHORIZATION_HEADER, authorizationHeader);
        }
        try {
            URI uri = new URI(mediaPortalCloudConfiguration.getServiceUrl());
            HostConfiguration hostConfiguration = new HostConfiguration();
            hostConfiguration.setHost(uri.getHost(), uri.getPort(), Protocol.getProtocol(uri.getScheme()));
            requestBuilder.setUri(new URI(hostConfiguration.getHostURL() + str));
        } catch (URISyntaxException e) {
            log.error("Transport uri not valid: ", e);
        }
        requestBuilder.setConfig(custom.build());
        return requestBuilder;
    }

    private ResourceResolver newAgentResolver(String str) throws RepositoryException, LoginException {
        return StringUtils.isNotEmpty(str) ? buildAgentResolver(str) : buildAgentResolver();
    }

    private ResourceResolver buildAgentResolver(String str) throws RepositoryException, LoginException {
        Session impersonateFromService = this.slingRepository.impersonateFromService(SUBSERVICE_NAME, new SimpleCredentials(str, new char[0]), (String) null);
        try {
            return this.rrf.getResourceResolver(Collections.singletonMap("user.jcr.session", impersonateFromService));
        } catch (LoginException e) {
            if (impersonateFromService != null && impersonateFromService.isLive()) {
                impersonateFromService.logout();
            }
            throw e;
        }
    }

    private ResourceResolver buildAgentResolver() throws LoginException {
        return this.rrf.getServiceResourceResolver(Collections.singletonMap("sling.service.subservice", SUBSERVICE_NAME));
    }

    @Activate
    protected void activate() throws Exception {
        try {
            log.info("Activating asset import helper..");
            this.connectionManager = new PoolingHttpClientConnectionManager(RegistryBuilder.create().register("https", log.isDebugEnabled() ? new SSLConnectionSocketFactory(SSLContexts.custom().loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy()).build(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER) : SSLConnectionSocketFactory.getSocketFactory()).register("http", PlainConnectionSocketFactory.getSocketFactory()).build());
            this.connectionManager.setDefaultMaxPerRoute(HTTP_CONNECTION_POOL_SIZE);
            this.connectionManager.setMaxTotal(HTTP_CONNECTION_POOL_SIZE);
        } catch (Exception e) {
            log.error("Could not create http client pool for asset import functions {}", e);
        }
    }

    @Deactivate
    protected void deactivate() {
        log.info("Deactivating asset import helper..");
        try {
            if (this.httpClient != null) {
                this.httpClient.close();
            }
            this.connectionManager.shutdown();
        } catch (IOException e) {
            log.error("Unable to close the http client {}", e);
        }
    }
}
