package com.dynfi.services.remoteAgent.commands;

import com.dynfi.di.Assisted;
import com.dynfi.exceptions.CannotCreateException;
import com.dynfi.exceptions.CannotPerformException;
import com.dynfi.services.DeviceService;
import com.dynfi.services.SshFormatKeyUtils;
import com.dynfi.services.UserService;
import com.dynfi.services.ValidationService;
import com.dynfi.services.dto.DeviceCreateDto;
import com.dynfi.services.remoteAgent.ConnectionAgentReservedPortsService;
import com.dynfi.services.remoteAgent.TokenService;
import com.dynfi.services.remoteAgent.requests.AddMeRequest;
import com.dynfi.storage.entities.ConnectionAddress;
import com.dynfi.storage.entities.ConnectionAgentToken;
import com.dynfi.storage.entities.Device;
import com.dynfi.storage.entities.RemoteConfiguration;
import com.dynfi.storage.entities.ReservedPorts;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.inject.Inject;
import java.io.IOException;
import java.security.PublicKey;
import javax.annotation.Nullable;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.support.DelegatingSubject;
import org.apache.shiro.util.ThreadContext;
import org.apache.sshd.common.util.net.SshdSocketAddress;
import org.apache.sshd.common.util.threads.CloseableExecutorService;
import org.apache.sshd.server.command.AbstractCommandSupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/dynfi/services/remoteAgent/commands/AddMeCommand.class */
public class AddMeCommand extends AbstractCommandSupport implements CommandClosingSession, CommandReadingRequest, CommandWritingResponse {
    private static final Object ADD_LOCK = new Object();
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AddMeCommand.class);
    private final PublicKey key;
    private final UserService userService;
    private final DeviceService deviceService;
    private final ObjectMapper objectMapper;
    private final ConnectionAgentReservedPortsService reservedPortsService;
    private final TokenService tokenService;
    private final ValidationService validationService;

    @Inject
    public AddMeCommand(@Assisted String str, @Assisted @Nullable CloseableExecutorService closeableExecutorService, @Assisted ObjectMapper objectMapper, @Assisted PublicKey publicKey, UserService userService, DeviceService deviceService, ConnectionAgentReservedPortsService connectionAgentReservedPortsService, TokenService tokenService, ValidationService validationService) {
        super(str, closeableExecutorService);
        this.key = publicKey;
        this.userService = userService;
        this.deviceService = deviceService;
        this.objectMapper = objectMapper;
        this.reservedPortsService = connectionAgentReservedPortsService;
        this.tokenService = tokenService;
        this.validationService = validationService;
    }

    @Override // java.lang.Runnable
    public void run() {
        CommandCommons.handleExceptions(getErrorStream(), this.objectMapper, this, logger);
    }

    @Override // com.dynfi.services.remoteAgent.commands.CommandClosingSession
    public RunnableWithExceptions commandAction() {
        return this::addDevice;
    }

    private void addDevice() {
        String username;
        Device create;
        AddMeRequest addMeRequest = (AddMeRequest) readRequestFromInputStream(AddMeRequest.class, getInputStream(), this.objectMapper);
        ConnectionAgentToken connectionAgentToken = null;
        synchronized (ADD_LOCK) {
            if (addMeRequest.tokenDefined()) {
                connectionAgentToken = this.tokenService.getByContentIgnoringDeviceGroup(addMeRequest.getToken());
                if (!connectionAgentToken.canBeUsed()) {
                    throw new CannotPerformException("Token incorrect or outdated.");
                }
                if (GetAddOptionsCommand.tokenIssuedForDeviceGroupTheUserNoLongerHasAccessTo(connectionAgentToken)) {
                    throw new CannotPerformException("Token no longer valid for issuing user.");
                }
                if (!connectionAgentToken.getDeviceGroup().getId().equals(addMeRequest.getDeviceGroup())) {
                    throw new CannotPerformException("Incorrect device group selected.");
                }
                username = connectionAgentToken.getCreatedBy().getLogin();
            } else {
                if (!CommandCommons.usernameAndPasswordCorrect(addMeRequest, this.userService)) {
                    throw new CannotPerformException("Username or password not correct.");
                }
                username = addMeRequest.getUsername();
            }
            try {
                bindUserToThreadContext(username);
                this.validationService.validate(addMeRequest, new Class[0]);
                ReservedPorts reservationForKey = this.reservedPortsService.getReservationForKey(this.key);
                if (reservationForKey == null) {
                    throw new CannotCreateException("No valid port reservation detected.\n");
                }
                create = this.deviceService.create(new DeviceCreateDto(new ConnectionAddress(SshdSocketAddress.LOCALHOST_NAME, reservationForKey.getMainTunnelPort()), addMeRequest.getSshConfig(), addMeRequest.getLocation(), addMeRequest.getDisabled(), addMeRequest.getIntervals(), addMeRequest.getDeviceGroup(), null, addMeRequest.getTags()), new RemoteConfiguration(SshFormatKeyUtils.toOpenSSHFormat(this.key), reservationForKey.getMainTunnelPort(), reservationForKey.getDvTunnelPort()), addMeRequest.getOsVersion(), addMeRequest.getPlainConfig());
                this.reservedPortsService.finishReservation(reservationForKey);
                if (connectionAgentToken != null) {
                    connectionAgentToken.deviceAdded(create.getId());
                    this.tokenService.save(connectionAgentToken);
                }
                ThreadContext.unbindSubject();
            } catch (Throwable th) {
                ThreadContext.unbindSubject();
                throw th;
            }
        }
        writeResponseToStream(CommandCommons.deviceToJson(create, this.objectMapper), getOutputStream(), this.objectMapper);
        onExit(0);
        closeSession();
    }

    private void closeSession() {
        try {
            getServerSession().close();
        } catch (IOException e) {
            logger.debug("Cannot close server session.", (Throwable) e);
        }
    }

    private void bindUserToThreadContext(String str) {
        ThreadContext.bind(new DelegatingSubject(new SimplePrincipalCollection(str, "ConnectionAgentService"), true, SshdSocketAddress.LOCALHOST_NAME, null, new DefaultSecurityManager()));
    }
}
