package com.dynfi.services;

import com.dynfi.exceptions.AlreadyExistsException;
import com.dynfi.exceptions.CannotCreateException;
import com.dynfi.exceptions.IncorrectValueException;
import com.dynfi.storage.entities.Device;
import com.dynfi.storage.entities.LogEntry;
import com.dynfi.storage.entities.MessageCode;
import com.dynfi.storage.entities.Permission;
import com.dynfi.storage.entities.SystemSettings;
import com.dynfi.storage.entities.User;
import com.google.common.base.Charsets;
import com.google.common.collect.ImmutableMap;
import com.google.common.util.concurrent.AbstractScheduledService;
import dev.morphia.Datastore;
import dev.morphia.query.FindOptions;
import dev.morphia.query.Sort;
import dev.morphia.query.filters.Filters;
import io.crnk.core.engine.internal.jackson.ErrorDataSerializer;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.time.Instant;
import java.time.ZonedDateTime;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Random;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.stream.Collectors;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.mutable.MutableBoolean;
import org.apache.commons.lang3.tuple.Pair;
import org.bouncycastle.i18n.ErrorBundle;
import org.bouncycastle.openpgp.PGPException;
import org.bson.Document;
import org.c02e.jpgpj.Decryptor;
import org.c02e.jpgpj.Key;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/dynfi/services/PermissionsServiceImpl.class */
public class PermissionsServiceImpl extends AbstractScheduledService implements PermissionsService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) PermissionsServiceImpl.class);
    private static final String signerPublicKey = "-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1\n\nmQINBFnCffgBEACqOcw9XKm4SL5+WU0733KLnpgKfUdWXkXPO7Gml+Xj4XJO06ak\nSALjZ+i9+s+zbhgk7/pyGNjWt2uIXDLRjaxqaYtTdD4sidos1raVRwQiLhL2qP0o\nCe/93e1A2dIEdgeZUoD83s37VRSZJAt1XUw+xFlAcnKKDboZtsGwcq4H8eh4DH/F\nr/hFZLNH/DpxzqFHJpisJwul65Flb9zvg6UTtaDmALB/3ChuvJJpnot3Zyxqua/F\nazeOJYcCbyT3ACbIMRbmtR0FEpLOqjRJd9ioTf2Vuqh8G4Gn1abefhyv2dSeT7ix\nKTQgImSPbBxh7H4a8+u78Kln4XycNPaQ3BbSOqJeTWx0/F0LCbMx4f4UjE0G5K2k\nmO1MWLRJYpbbns/08K0BOk/esxmU96HNU+dmth4k5NqmlUkZqZc4sGsYlqES7m0Q\nwLsMV6jbarYBWCiFr+J//jhgYnHSe93SZmCqWmd2Wg1h1gAzxNEDdfRTDIQeCDfK\n2Awvq0Noka3S6VF+XQzbjJApT2M4Ov25lY/ai0pIl4HZnJpowcMuncQ0zj4JLWld\nwyIzzqqjq0duReGy3E+O3s2L9hml22rbluWR22f9uAHc5a6t9V+XMktOOLbFhYpv\nGQvKNmbhsmpMao7l+mIawScaq8APdoICrMjHYHdoMh7g95g9KTq+pwHxAwARAQAB\ntClEeW5GaSBMaWNlbnNlIEdlbmVyYXRvciA8ZHluZmlAZHluZmkuY29tPokCOAQT\nAQIAIgUCWcJ9+AIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQtbeZeIDC\nTlrzoBAAmhsstFHTBd9FQq5UsmrAYACHYPqwU48gD/bW783EhBt+X0wjx/BhpmGI\nkmRs72+arSJ54Vv5hDhiXbMAckUl6vLqitpyU73v0AMlxxOAtrZfyu5Lne4EY+Hv\nHoF0P9gQgKgp7jmSe1o6NPL4vrdl83WB9kho+5VZrPBWuRa7cpCFj0DbvL1l+h7/\nOKopTW7DJ5WuKDpvGIatbLqshmeuFg4bpuLvA7EYcLp40I+fa7/K2xzo/WXitVY2\nBp5CyjCdMJBbiZBEFe1hcINN4c25V0uDb+n2WYnqTY5vre8JAT4orRNgVXl6vAtW\nFXuVL4eDK2eWtkvKPGUVjllrizcGU7bTS+iN+T2qp3w3szFhhfPF1ikq+g1bO9Ec\n2hREL2a/u8mpyWqnGb9WVsC4eb0F8O4HKQY3ChEujylK/q3CDBEq0Im4ueC03Hhn\n2vGAdyXtEf209OX9q87/S6gb7IewPcLf3vc1XTiI668/g8373BTm8c4i4SEHCbs1\nXBaEkyo9namttffW4SatCpoH19xuD5sx/nhhYOdM6zwoLlVKbDwdFEuv/Aslg/33\nIcgZodLOR+xVXbpjUKWv0yetbg+NRNiJ3r1/LJjzo5VVtslLqN2zCe6ybeWCoklI\noM9ExpXvi/RETyprR7X44KJiy+GEEkLBF8c/iRcbOvLm7YWeCDy5Ag0EWcJ9+AEQ\nAKHdEje9WP4HE8Vx0/SLTFkuG1HdkVCI4DbDvz/zyXZT/vap5sXuHRUVzR18v+J2\ny1A8C0F8Dqs2u/suUZxC/IM85dpDzC1Jf0MDxvtAg4I+atXxNwR4MEIwxFCSPUKe\n2SOiqGFv58axuPm/yieTMDXRQJOndJVxdSr2Q00hEA4IeERjgrW2JtPdoC4FpOon\nqzEj8EUwU4+l8CgUP0LJ+TRLrAX1nqkr6n5bWFNrdh1pHsUYXXdQTi1YECWbdUGs\njGc8rfSofGB94OkfDPmR+iEVbaGpGo4nCValAIN9JovwDcdVwWLxHj6rE5ZnDneW\n3BJ6YeQiaq9fVBWd0vGOEbreBhWmwDyxZ9OMLFPR3Xj44H9CYInBGfjRgzZsByEP\nt2EDwX3MJYBBjoyITGVIK3BDsU3KtAYhUIN7NdF52o2kVtmyTjnsgpcCxu1zsJ1y\n3Ze7TjhxcyMGuyAASidCzKcSyCwkHVqDwuksEIVXd+bgQGj49RbyVk10AuBVq68V\n4eSJzf7Ig0qO7hGZ2QvBMLFJcL3ztAbGa1Hscz96oYVZiZyMbWVbzPThz3GUulT2\nsMZAR+MFmB7NTh7hTQuE/Z9mCIeY/QsDfHP9OUxdnt/nwbpdMCEmcAe+3ibcRSeg\niiIQLQKclJ6FbIbCWZjLGDzHNgTVaXYRlsoJtttMZbYPABEBAAGJAh8EGAECAAkF\nAlnCffgCGwwACgkQtbeZeIDCTlrnJw//WytvbdpvxYqRBUGWrAsXBv1UvvvC9uWg\noQxoJ9ybAop60ATCs/1Q4GNkG0zEaYyBSY+yktgEOona3vErHuPJzvv36H4vT/o+\nF3VD/j6RMwrtpQMvUFjMZdOm4kzDvLfHymvrhTTbjGJd5MQ2mSW4Q/1QAhxuuE5G\nlC9gXaV6uXsxsvqUc5IKxrefGTP6kdktf7cZxrfjSQMl7yNMY2ipm/oUoi272mRR\nJ2vsZfQtxTIoeZsRlpvn7W33AviwNSkA+nliIy9W7aNU4ESoRh0gKKGMLKwCGTRF\nlwN+by2suXsYLwNCDGXUeQHlp2ZpkQfpvu4KBrE4j2rI6TljeBTe3wsEbqsQ2IxG\nDMSirvsVIPYDSpve77IkP3Ff+TWaZKRgGzejjWxaRSJU8Cm0QxyLNQhLTvIBhoVU\nQ3CTrfkgNq/eOLn8jKR6LeAuAgxT5z6gmMBuNIpy577GU6sFCwI6Hm2aV6yAD+8/\nAZeAg8pjy+3ArZ0rJ/8t11/ZXncA/XB54MO4rJMmQxFOvtxRpDmFS3oO0y4A3Cp4\nBqc05KIkROGXHimPy1pwAa9pbDJXgq+fdmUDXt9oyj7JZPVR1jnp50ye7pKrkssb\nS/bBC2ffcn2PNovkMeFxtNU6e8GoNEhuQtptjnYjkZEyx/HuNtFcoUhzjRZLfJH/\nBVot2ksFBnY=\n=ebSB\n-----END PGP PUBLIC KEY BLOCK-----\n";
    private static final String readerPrivateKey = "-----BEGIN PGP PRIVATE KEY BLOCK-----\nVersion: GnuPG v1\n\nlQdGBFnCfjoBEAC2ux1CUowViFeU9JivqbQ7V/BN5gzXzMAzzjgbcGF7Kwrtxami\n7F7qjLYOnO7UHajpcHac+t//njEua4GCpaF6JfjVV904bTIuFQILkwL4wghzoGko\nmlXv+Bs523Zvt6SkDw+SEXM4VFSMIK4FVYGxmRYxT4M/9xaupicnUXE7ILQQGNtI\n425Nv4nP8DTsCOi8aON0g8liJkkWj/6CDF7S6VDAHkMEtXy8jenhk0Ilzi3XeSXs\nEWCDIjUyL75t4uXesGnJS/ipbaxdDonnqz3Yp1TV9GqlUYM9/YZ0L325vmMqSbRr\n2fFZYzAhgPa15+9uUopZtqDY/exOUtH2K/3jIiIlfBSTbx7AtaA6BX4IYSElN56H\nVUv2t0PSHZTZ8Z1UEQvPL0mvzBXbSoarSod24+dhjFeqOzepDBR6g8wN/HWAeTMQ\nIHO0O8occWxFlqyWeHPBZCV9QnooGSvOX5bRyGSPCMtzeCXUofxJ+ngVfsqFRuRd\n1cfNKu5fa7CktfVTEP0PJXaXlivHQJpUx3GqlRndUcONQTCv6iA1DJDS1+DFVnZ0\nt5/6AS8WoMvobQJjyq1obU0i7wgvx8B5TGF4cECYWOGp5s7h080yCXeFG/+VN17c\nBnjWqt9pd+Da+9oDIAvLfmw4P6CU99I20Ie8Nuh8NN2OFgnV/xnYO2RkrQARAQAB\n/gcDAk6j3mqHbE27YJGs5L3tbWtzNpG1fDsELpAd8ziQUbWSn4rGdbVJX/eHs5jr\nE7bzysdAwJJWYKVsPoWu5qjFyk91G2Vk3GMrNFrVufU+8VT+peQG64vU6+9mWpgH\ngN59AmWDvxkKDmwnOsOSfTCbfBq1MbLDcjVYJ0+x1RInmU09MpQHeEFJNDMgLGCt\nz4D5lXkuGryRMLiAiQVuuGohyxTfUe3WMmbo6iLLGCAvraIPKQk14C+rSbXVfl6n\nArZhN9NdRxYPvedILp1iMXJ5oxrI7wjDLZ1VlGgxg4HpqNuJqnqgtMfPKoAX4EaC\nZEcvqjF9GKL4tL1W5RQyY0mtQebkXMJXDvo9P6VhyJpaAtMbLMP1wxsc1ie5GWe9\nkqrm3iocU/C8oI3yuNdXA88pxXAR8P9HMfxv29uHeI5GlYVj87nWM8eUYB3ZL6hu\nb33dy+smgjgWBoIdEW2mc9+pKtLeJB0rgGsPIR3+88/R2uxpadMO/mzigAfpV5ZY\n9WchCOHhm588k1yj1/4O4FaTR4RAwz8krz4KwvTymYMIzKXDrPQ5iwlKRllxRIax\nWIIaU+MwFFAjzeoD6kebhO9AwrkNGwmjlRvymFkWFCS26tdqO1RcJkN3ZZTox+fK\nJ4ZLZJuRGJp+AeDuGO00xQ4A1I8S+8oEteancQ9Oajh0VMScPOLXeFDjjmOLcbA/\n2f+9ZsDK/XaaMsKTgDGFnEUK4Kur2RJyd1/TDz3PQfbS/YK5bn/tSB4oBNDfamnM\nETE9wCt3Jqq/MG6mLFN9qCx+kOrODF3KGq5/DcRFl8lBxx4uVgej6/LtfPVSsWGb\nijNPxekUyNgjiDRhcHya+Ua+bRBjKuxXU8XVEA+RreW0M698U4l9yRcv9HtMYjX/\nc4TaUmatK7a+JT/fgXBdUo3aFqlb/+Vq9TFSpXBwl9V5tO2PQP23CZ5uwE1HI1Sx\nIxFuFLBObuffgCTFraWbu+27/qcWbrTEpSO1YkRUims/Dy+dRZj8rJrAO4U6tOce\nUKJveCDMQ+t+99FD/O6BxT/DW97Htw+/0cgqb3ZCmEgvo9raE6WWh0cUklJicdA6\nGAwIPaHynwvwb+iQGV8nUOgHxpyCcTrZDveiLJprNSenc4T2fNbhcaR0kSzA90Nb\nSpyBQsNsJFV64YIyZkWPakk8oSVC/khQbvOi+SCbkb7AXqOozkGNm4umyPoZhohD\nmDLXubX0JYQVC8I/L4RadTCNu+pi6qut/91ait0/pol+1YKuEuztzplYpFRVmFTR\nuNd+dVGtgMFat9m5FEzFiqVE+xWbwHsPp9rPKLi3IHX3AnLpm4yO7hF421Abv4QE\nb7Ri1DCxdXVELOURo+lFBeb7YJ2lbtYQRWyuGAJh8MkluexhDeSm6M4JoQ1wqoaU\nJ+9r5NK6x4BKI+mRVtf+sAKDGcmUhJq76NudOrPEC3ZyMJ151Zdc4D7JWMnP9jdp\nR7zUt6hmHDhVm4OFJ1TjgwhXXqH2ZutgKurTpQ61aB9EYMRFK/FVKsKQ1Czpe5Gy\nDoak0WFquhO0fncmqbN4crL9+gi33oyBCJj5P1bnb0U/SHcoF9Zrk7KmYET57wAc\n6YusG7bgSTVrhuFvdtvswTGUT62LEmrD47JY6U56pk2dmXl1/5Ft6BwcldnNBaho\nOlT6Cjl2XeTedNwhM7ffytxgB+vb++PDydcZR5s/R+/ZP0rm/zkU/CeCuUHX+2v1\n0q7Bj87gSD7aQi61FYsfGChhSVS1/VnrzA4qtCGWkBqd7ldnNDlBsRC0JkR5bkZp\nIExpY2Vuc2UgUmVhZGVyIDxkeW5maUBkeW5maS5jb20+iQI4BBMBAgAiBQJZwn46\nAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRD+oeKa/EGBuRkCD/9k4V8q\nXBJBxaVIrgEIHNY8OHK3593k43s/Nf5xeRwwAX49xJxVzL5Ub2CLoQUP5rTuygKI\nkBrnakriAgCTlF9qmhp6sULiaM/BJpo816CWPyT7U0XPZp/HPNdsMfjfahXdq6S/\nQDWG5cTe5/nWw3RKtfvWkEsFaPExmSLGbkoU/3mRUxiZ4BaMpUkOMf+sPP4p+fxk\nt/iymPkqDR5z38UVSRlaL3LdL0gdxfyTuggeoVNl6XEvk8Rb6QoD1nistJtTRg8P\nwkvUxvRxCblRrewZVe9OOZg1B5D22l8bnddIbI/H5DY7KPSaYCcHsiYCU8KMIR+4\n2/ZG4lNK7PUW3QYkVzjOX7Ha9Vs2gniDGkhdXXKCiDUhQ3HsLSg7pGsMGkyzHuhp\n6yVLKSkud4DOGpGrF0hXLUrvqw60EAsUBSbrndeYiV3yaO6aLGCcwcqlxpuqYCYT\nzSgJFH+5hLUCqsxBnoT3yFPK8MqBUY1WH57YOor0wiKPkNOUkcAPbt6RzWw1Zeda\nSVOoCKyBCIDdAhAr8zL+jMbc/1GHjzHuFNdIKNAHRUv0ZmD7dE5F5G6kc0fcPf08\n/Xo3oTrVrgktAvnvdzYYqztThzujiaOIz+EXru56nb1HR4pVLjusjkyPzo9sGzcM\n6j1EUhBbr313mfxX9hB3YW4rWaGRhHy/P3GoDp0HRgRZwn46ARAA0du7FoD79gKC\nPFJxchzKeplpJq2gsyfglK//KhAPxzcnjNgQ2EGnZfO/d3qQj4BhHK0xI+Vkklld\ntENeBS2IV4Tjoy8fluzJ2kyIRtxf8O77Lf7QsSOx3G07Tv2rPUn782PzLrnz7eGZ\nv/4hCwRs3cRmzlfs2ryCfOly2LkshjOTTfwxfxLJYtbmxHxKxQkBcP9dFqCXDfRL\njU7sGXXJ8idh7Fx6qrZMIQ81lrvoey46S8U6FT+YcqQ0qvHzIao2Yrq1vjebWoAG\noP6jL2d/BmyIDIrrFauRwuA5jAx3H23VsT7dwn2YjR6JHrUnZ1pWki5OegCWppwb\nUTdg1AenlvNWSFIlF4RVCDevBaBBAdtpJiqwbbzUIVjA2e44p85vuTMQmaasY61I\no9OSVhhef+vfQVTzbfQTVDY8CpVGVxKO3acEAJ4B/e6aIpSAZGawbcZWT947c9pZ\nnxadsPhPlL/UH4kTIx11N7DAjQlIeukuh77CciD4Np2EUyjzI8VjiqvGcKFfl9/Y\njvA8N2BY+l4Y3dJTTXRCDoCow706RPPHPpUoZA2kKCSYPRCu+zAnmgtJWaDqP7At\nzEkRrwhQAJRwwBeKZ3pZF0hvt8XLjALTbObjkMRVV2wCqGKHjJBQ0Z3kuh94GChQ\ncCARvvEWO/jGiohpixsW/LSrCLu/vIsAEQEAAf4HAwJOo95qh2xNu2DpxO9cPp6o\nC0L9KePssnPsD8Meuxi5SFvjiCOyxE8/ADP8tKBpD1Qo+PQdFS4HdVkkLK3Bi1EM\nWRjLqazDV2tbY+mbERSkaJT4/rk5vl+gBCDqlVRXY/FXhp78zl51N8y17uZ5ndpn\nFYLHnlrQ0gzJGQRzBqM9iqZ2Ki01ErGJqAI+huxnmRv8bUbqPP0XlBgg/rogKWQi\nRNDQgVVjLi/Oqbt9p6BxvRgc8Jg3TdgCBhXO4+yiqcOVMbQ0B4aZJtPWSHbmpcKV\nTVVw+NMEmtGzZ+Q0W62yjWsUrApg81+O4RT0pLt/WAMy1Dhm6/5zJCIzar96cmjq\nB1VbmavI7VD8BtfeCbMNZWnddDa8ML/eZJh+7IF218RLK2m4/0gntqyZG0tmE7Ae\nx/t9QkepPIABF2h4SvKvJNQxcpNb/eMlZye/fUqO8ZeJpKBl5yT5feYu5HyL9rN0\nSD9gQEipUKp1MHSe/18NfEV2ofP4q2YJUxNoCHuFhl7aMwnf4AsrP83sMgwY/D9I\nXnJH9kKBoAnsMT4iloQtQwoXCk2FswrtSpvc2c9h4IRN4sl/d7trPWl+KG+sjRMj\nkJJVh6B7cOg6miNsA+20vDZ2DOGO4SbFLoNYLFvrY6xeRzdptc7ztI6aDXQ8htrF\nIMBFnZ24oSj5vZxDGDFrB3aVAbXEeOeMMH9lAsS2enuq9QgZrTS9VDSVpA1sVk+Z\nc7jLh7whB/NgEQiQL2WBmhCruziX6UFW8Y73RS0O0Tgk8aPyOJA6aA09oipgiobc\n33WVYpaO9CATnlntP1XgEblmDIfE+66U18fF8e+XuyO9/WOvUmD2T6j08s4qLyNg\nCAJcLAxB4VKapqAekeO2RbMyDskgmmDSScz+2Ue9jJDXuAcfh7yqYOc08XpduWMq\nwjNBXnhWqZj/w0qUTQysVV7ETifByX9Mf7x7iBHhwKEv1Y/u9HzNasusPhT7Jola\n29gGyCXaaN9tnQTLNgzsZ7XGw7/dMJ3MIp7yXOBzZKsGgzzyu6vp1lJfP+1CqogE\n3x5KP0NEp7hRawKTLP+tHhU5VJu8S92HkH6W+QdLVo40Tw0muju/1Ybylt6o5EKS\n7uMYQkEbOUEYnL7zJ8DC8qqFpH5GVQmHD4/O6+KUUqbdGjltHe4WkmO/UWhRD4Sz\nPhAeC71UcGIL1RvRh1bFHYybN+2IgYaZ1CoHYSJ71qPPkF2UtpZsuELOA84OyYT2\nj/inuL2fZvU8qgBf3+WXvfECTg1Up661xW32Uo4b3BdG/9rVaQNeV4IS+KXhX063\nvjH6iyxa8OCTwt/JwMYE70EihOiknqcDXbTM5genWFqhykWiiMRzLkbZ3sadcujQ\nT0V+ADlfHLZGDIWCBkESOnRqmz/iMHmywVYbkduIWPprHivvdOIPu2kn3Bd6jesB\nWUlDT9PofutKvKTLIJV4PTXFgpp45b0ywsOh0NW9tV8UnyqS3LJDhmL+iSRx+aBx\nagePGno4AhITD4zYR3KcdQX/fddnQSir2bFNNkHC6eFxjmdjDCIfvmO32465IooC\nOkkaDePlJmS59BRdThFTXfhwHTdzkqseELa7FGdsxHpT7F3j0wrofDbyZmr07H80\nfmxTBSP/xtTBq2ZYMgmobnnsy6gzoL/MXHpVevrQaHF2KkfDOqgtPfKHIZ/oqoXe\nEUtgeQUHND5jmsYDieEnCVX4iM0PN278cnX6nsc+rCFBF8GlbO4Nx+uIh2M/U8YI\nrRthcypl+6AErlrx7anV36+ZBl2CiQIfBBgBAgAJBQJZwn46AhsMAAoJEP6h4pr8\nQYG5EHoQAJ0fxessOZ11BQUPUvOAQXiv2ZCu30MSMlP00H/OeU7JkmEPVaP8QFzU\njNRUnofkHL7u5JfJEMD3oTY1pwh05W5Lx+scshzGUnU1yHzZzTFPRA4qFv4vWUzk\n3Xz6gVc2+TIpmjNm4n2hLHFwBJnJGwr/eblNeOW2ALsLFsPsEa/Ni/zV+va6QoMC\nzXpgD97HCQNYx2l0kcTNVmEkKm16K3zZiP6AQWLY2VFvqmyoAEiEMze+U/m+NOFF\nFBg7OMLD15J8Pdm+/pzQ/FCQHmutH544Q35ZNAHHRkc4VpCFOGbDflCR8jNJzzOn\nRB1eZSIaEGq9IhtaGaKnBH8Y6lAt0LH6xYWaAA3Ck5D6nHcOxVBM8eRKMxdiuNgt\nFwIZ+pbFoKv3+PTR26ricxEjRMsRiaQQair2NSll+DbljnmnjwLFSFTE7k5T3V//\n8IBfJppNMwisaqyWPqKR1dSgE8z8iCXzJ8Ji09gQBfpbw5Sx6M44lM/gBJXGZ77x\nXUEF1/GG8ZP2jE2GUId6o5x9TYsP6ngb0lKONAjCi8Z3TadU7xP7mOZ/6zjMrNhE\n4IXgA5d1QaBQ514DrXeOTfY3661TLZEdYnOb+b/5m5iZjIxnGxsdA2apoQ1CfzPp\nlsN0A9tuTpVxd0gRXTjQGAU3t7UuJQLe6JWAUWPDDcMcTQRV9PmO\n=9o5d\n-----END PGP PRIVATE KEY BLOCK-----\n";
    private static final String RENEW_URL = "https://license.dynfi.com/license/check";
    private final Datastore datastore;
    private final SystemSettingsService systemSettingsService;
    private final UserService userService;
    private final UUID systemSettings;
    private final LogService logService;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/dynfi/services/PermissionsServiceImpl$EstimatedLicensePeriod.class */
    public enum EstimatedLicensePeriod {
        MONTH(4),
        QUARTER(14),
        YEAR(21);

        final int daysAhead;

        EstimatedLicensePeriod(int i) {
            this.daysAhead = i;
        }

        Duration daysDuration() {
            return Duration.ofDays(this.daysAhead);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/dynfi/services/PermissionsServiceImpl$LatestLicense.class */
    public static class LatestLicense {
        private final UUID id;
        private final Instant validTo;
        private final Instant createdAt;

        LatestLicense(UUID uuid, Instant instant, Instant instant2) {
            this.id = uuid;
            this.validTo = instant;
            this.createdAt = instant2;
        }
    }

    @Inject
    public PermissionsServiceImpl(Datastore datastore, SystemSettingsService systemSettingsService, UserService userService, LogService logService) {
        this.datastore = datastore;
        this.systemSettingsService = systemSettingsService;
        this.userService = userService;
        this.systemSettings = fetchSystemSetting(datastore);
        this.logService = logService;
    }

    private static String decodeToString(String str) {
        try {
            java.util.logging.Logger.getLogger(Decryptor.class.getName()).setLevel(Level.OFF);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes(Charsets.UTF_8));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(4096);
            new Decryptor(new Key(signerPublicKey), new Key(readerPrivateKey, "p@ssw0rd")).decrypt(byteArrayInputStream, byteArrayOutputStream);
            return byteArrayOutputStream.toString(Charsets.UTF_8.name());
        } catch (IOException | PGPException e) {
            throw new RuntimeException(e);
        }
    }

    private static Map<String, Object> sanitizeParsed(Document document, String str) {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        builder.put("validSince", readDate((String) document.get("validSince", String.class)));
        builder.put("validTo", readDate((String) document.get("validTo", String.class)));
        builder.put("limit", document.get("limit", Integer.class));
        builder.put("instance", UUID.fromString((String) document.get("instance", String.class)));
        builder.put("license", UUID.fromString((String) document.get("license", String.class)));
        builder.put("imported", str);
        return builder.build();
    }

    private static Date readDate(String str) {
        Instant instant;
        try {
            instant = Instant.parse(str);
        } catch (Exception e) {
            instant = ZonedDateTime.parse(str).toInstant();
        }
        return Date.from(instant);
    }

    public static Document createPermissionsEntry(String str) {
        return new Document(sanitizeParsed(Document.parse(decodeToString(str)), str));
    }

    public static String clearInputToImport(String str) {
        if (str.contains("-----BEGIN PGP MESSAGE-----") && str.contains("-----END PGP MESSAGE-----")) {
            return "-----BEGIN PGP MESSAGE-----" + StringUtils.substringBetween(str, "-----BEGIN PGP MESSAGE-----", "-----END PGP MESSAGE-----") + "-----END PGP MESSAGE-----";
        }
        throw new IncorrectValueException("Malformed key detected. Make sure the key begins with " + "-----BEGIN PGP MESSAGE-----" + " and ends with " + "-----END PGP MESSAGE-----");
    }

    @Override // com.dynfi.services.PermissionsService
    public boolean isAllowedToRunForDevices(int i) {
        if (i <= 3) {
            return true;
        }
        Instant now = Instant.now();
        List<T> list = this.datastore.find(Permission.class).filter(Filters.lte("validSince", now), Filters.gte("validTo", now), Filters.gte("limit", Integer.valueOf(i))).iterator().toList();
        try {
            MutableBoolean mutableBoolean = new MutableBoolean(false);
            list.forEach(permission -> {
                Document createPermissionsEntry = createPermissionsEntry(permission.getImported());
                if (!createPermissionsEntry.getInteger("limit").equals(Integer.valueOf(permission.getLimit())) || !createPermissionsEntry.getDate("validSince").equals(Date.from(permission.getValidSince())) || !createPermissionsEntry.getDate("validTo").equals(Date.from(permission.getValidTo())) || !((UUID) createPermissionsEntry.get((Object) "license", UUID.class)).equals(permission.getLicense()) || !this.systemSettings.equals(createPermissionsEntry.get("instance"))) {
                    System.exit(1);
                }
                mutableBoolean.setValue(true);
            });
            return mutableBoolean.getValue2().booleanValue();
        } catch (Exception e) {
            System.exit(1);
            return false;
        }
    }

    private UUID fetchSystemSetting(Datastore datastore) {
        SystemSettings systemSettings = (SystemSettings) datastore.find(SystemSettings.class).first(new FindOptions().sort(Sort.ascending("createdAt")));
        if (systemSettings == null) {
            System.exit(1);
        }
        return systemSettings.getId();
    }

    @Override // com.dynfi.services.PermissionsService
    public int getMaxAllowedDevicesNow() {
        Permission currentPermissionIfExists = getCurrentPermissionIfExists();
        if (currentPermissionIfExists == null || currentPermissionIfExists.getLimit() < 3) {
            return 3;
        }
        return currentPermissionIfExists.getLimit();
    }

    @Override // com.dynfi.services.PermissionsService
    public Permission getMaxPermission() {
        return (Permission) getIdAndValidToOfLatestAcceptableLicense().map(latestLicense -> {
            return (Permission) this.datastore.find(Permission.class).filter(Filters.eq(ErrorDataSerializer.ID, latestLicense.id)).first();
        }).orElse(null);
    }

    @Override // com.dynfi.services.PermissionsService
    public List<Permission> getAll() {
        return this.datastore.find(Permission.class).iterator().toList();
    }

    @Override // com.dynfi.services.PermissionsService
    public Permission importNew(String str) {
        String clearInputToImport = clearInputToImport(str);
        try {
            Document createPermissionsEntry = createPermissionsEntry(clearInputToImport);
            if (this.datastore.find(Permission.class).filter(Filters.eq("imported", clearInputToImport)).count() > 0) {
                throw new AlreadyExistsException("License already exists.");
            }
            if (!this.systemSettings.equals(createPermissionsEntry.get("instance"))) {
                throw new CannotCreateException("Cannot import license for this DynFi® Manager.", "INCORRECT_INSTANCE");
            }
            User currentUser = this.userService.getCurrentUser();
            String uuid = currentUser != null ? currentUser.getId().toString() : "AUTORENEW";
            Permission.PermissionBuilder builder = Permission.builder();
            builder.limit(createPermissionsEntry.getInteger("limit").intValue());
            builder.validSince(createPermissionsEntry.getDate("validSince").toInstant());
            builder.validTo(createPermissionsEntry.getDate("validTo").toInstant());
            builder.license((UUID) createPermissionsEntry.get((Object) "license", UUID.class));
            builder.imported(createPermissionsEntry.getString("imported"));
            builder.createdBy(uuid);
            Permission build = builder.build();
            this.datastore.save((Datastore) build);
            logger.info("Imported new license {}.", build);
            this.logService.addLogEntry(MessageCode.NEW_LICENSE_IMPORTED, LogEntry.Severity.INFO, ImmutableMap.of("validTo", build.getValidTo().toString()));
            return build;
        } catch (Exception e) {
            logger.debug("Cannot decode license.", (Throwable) e);
            throw new IncorrectValueException("Cannot decode license.");
        }
    }

    @Override // com.dynfi.services.PermissionsService
    public Permission importOnline(UUID uuid) {
        Pair<Optional<Permission>, String> tryDownloadLicenseRenewal = tryDownloadLicenseRenewal(uuid, null);
        if (tryDownloadLicenseRenewal.getLeft().isPresent()) {
            return tryDownloadLicenseRenewal.getLeft().get();
        }
        throw new CannotCreateException(tryDownloadLicenseRenewal.getRight(), "IMPORT_ERROR");
    }

    @Override // com.dynfi.services.PermissionsService
    public String decode(String str) {
        return decodeToString(str);
    }

    @Override // com.dynfi.services.PermissionsService
    public List<Permission> forceCheckOnline() {
        ArrayList arrayList = new ArrayList();
        if (this.systemSettingsService.getLatest().isDownloadLicenseRenewals()) {
            getAllLicenses().forEach(uuid -> {
                logger.debug("Checking license updates for " + uuid.toString());
                try {
                    Pair<Optional<Permission>, String> tryDownloadLicenseRenewal = tryDownloadLicenseRenewal(uuid, null);
                    if (tryDownloadLicenseRenewal.getLeft().isPresent()) {
                        arrayList.add(tryDownloadLicenseRenewal.getLeft().get());
                    }
                } catch (AlreadyExistsException e) {
                    logger.debug("No renewed license key detected.");
                } catch (CannotCreateException e2) {
                    logger.debug("Incorrect instance for license download.");
                }
            });
        }
        return arrayList;
    }

    @Override // com.google.common.util.concurrent.AbstractScheduledService
    protected void runOneIteration() throws Exception {
        Optional<LatestLicense> idAndValidToOfLatestAcceptableLicense = getIdAndValidToOfLatestAcceptableLicense();
        if (idAndValidToOfLatestAcceptableLicense.isPresent() && timeToCheckForRenewal(idAndValidToOfLatestAcceptableLicense.get())) {
            Permission permission = (Permission) this.datastore.find(Permission.class).filter(Filters.eq(ErrorDataSerializer.ID, idAndValidToOfLatestAcceptableLicense.get().id)).first();
            if (this.systemSettingsService.getLatest().isDownloadLicenseRenewals()) {
                try {
                    tryDownloadLicenseRenewal(permission.getLicense(), permission.getValidTo());
                } catch (AlreadyExistsException e) {
                    logger.debug("No renewed license key detected.");
                    addLogEntryForFailedRenewalFetch(permission.getLicense(), permission.getValidTo(), "No renewed license key detected.");
                } catch (CannotCreateException e2) {
                    logger.debug("Incorrect instance for license download.");
                }
            } else {
                addLicenseExpirationWarning(permission);
            }
        }
        ensureAllowedToRun();
    }

    @Override // com.dynfi.services.PermissionsService
    public Permission getCurrentPermissionIfExists() {
        Instant now = Instant.now();
        return (Permission) this.datastore.find(Permission.class).filter(Filters.lte("validSince", now), Filters.gte("validTo", now)).first(new FindOptions().sort(Sort.descending("limit")));
    }

    private boolean timeToCheckForRenewal(LatestLicense latestLicense) {
        return latestLicense.validTo.minus((TemporalAmount) estimateLicensePeriod(latestLicense).daysDuration()).isBefore(Instant.now());
    }

    private EstimatedLicensePeriod estimateLicensePeriod(LatestLicense latestLicense) {
        Duration between = Duration.between(latestLicense.createdAt, latestLicense.validTo);
        return between.isNegative() ? EstimatedLicensePeriod.YEAR : between.compareTo(Duration.ofDays((long) (31 + EstimatedLicensePeriod.MONTH.daysAhead))) < 0 ? EstimatedLicensePeriod.MONTH : between.compareTo(Duration.ofDays((long) (92 + EstimatedLicensePeriod.QUARTER.daysAhead))) < 0 ? EstimatedLicensePeriod.QUARTER : EstimatedLicensePeriod.YEAR;
    }

    private void addLicenseExpirationWarning(Permission permission) {
        this.logService.addLogEntry(MessageCode.LICENSE_EXPIRES_SOON, LogEntry.Severity.ERROR, ImmutableMap.of("license", permission.getLicense().toString(), "validTo", permission.getValidTo().toString(), ErrorDataSerializer.ID, permission.getId().toString()));
    }

    private Pair<Optional<Permission>, String> tryDownloadLicenseRenewal(UUID uuid, Instant instant) {
        try {
            byte[] bytes = String.format("license=%s&instance=%s", uuid, this.systemSettings).getBytes(StandardCharsets.UTF_8);
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(RENEW_URL).openConnection();
            httpURLConnection.setRequestMethod("POST");
            httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            httpURLConnection.setFixedLengthStreamingMode(bytes.length);
            httpURLConnection.setConnectTimeout(30000);
            httpURLConnection.setReadTimeout(30000);
            httpURLConnection.setUseCaches(false);
            httpURLConnection.setDoOutput(true);
            OutputStream outputStream = httpURLConnection.getOutputStream();
            try {
                outputStream.write(bytes);
                if (outputStream != null) {
                    outputStream.close();
                }
                int responseCode = httpURLConnection.getResponseCode();
                if (responseCode == 200) {
                    InputStream inputStream = httpURLConnection.getInputStream();
                    try {
                        String str = (String) new BufferedReader(new InputStreamReader(inputStream)).lines().collect(Collectors.joining("\n"));
                        logger.debug("Going to import the following downloaded license \n {}", str);
                        Pair<Optional<Permission>, String> of = Pair.of(Optional.of(importNew(str)), "");
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        return of;
                    } finally {
                    }
                }
                InputStream errorStream = httpURLConnection.getErrorStream();
                try {
                    String str2 = (String) new BufferedReader(new InputStreamReader(errorStream)).lines().collect(Collectors.joining("\n"));
                    logger.error("Not able to read renewed license. Response code [{}] and message [{}].", Integer.valueOf(responseCode), str2);
                    addLogEntryForFailedRenewalFetch(uuid, instant, str2);
                    Pair<Optional<Permission>, String> of2 = Pair.of(Optional.empty(), str2);
                    if (errorStream != null) {
                        errorStream.close();
                    }
                    return of2;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            logger.error("Cannot contact license server and obtain renewed license.", (Throwable) e);
            addLogEntryForFailedRenewalFetch(uuid, instant, "Cannot contact license server and obtain renewed license.");
            return Pair.of(Optional.empty(), "Cannot contact license server and obtain renewed license.");
        }
        logger.error("Cannot contact license server and obtain renewed license.", (Throwable) e);
        addLogEntryForFailedRenewalFetch(uuid, instant, "Cannot contact license server and obtain renewed license.");
        return Pair.of(Optional.empty(), "Cannot contact license server and obtain renewed license.");
    }

    private void addLogEntryForFailedRenewalFetch(UUID uuid, Instant instant, String str) {
        ImmutableMap.Builder builder = new ImmutableMap.Builder();
        builder.put("license", uuid.toString());
        if (instant != null) {
            builder.put("validTo", instant.toString());
        }
        builder.put(ErrorBundle.DETAIL_ENTRY, "Not able to read renewed license. " + str);
        this.logService.addLogEntry(MessageCode.CANNOT_DOWNLOAD_LICENSE, LogEntry.Severity.ERROR, builder.build());
    }

    private void ensureAllowedToRun() {
        if (isAllowedToRunForDevices((int) this.datastore.find(Device.class).count())) {
            return;
        }
        String str = "License has expired thus the system is exiting. Renew license for instance [" + this.systemSettings.toString() + "] at https://dynfi.com";
        System.err.println(str);
        logger.error(str);
        System.exit(3);
    }

    private Optional<LatestLicense> getIdAndValidToOfLatestAcceptableLicense() {
        Document first = this.datastore.getDatabase().getCollection("permissions").aggregate(Arrays.asList(Document.parse(String.format("{'$match': {'limit': {$gte: %d}}}", Long.valueOf(this.datastore.find(Device.class).count()))), Document.parse("{'$sort': {'validTo': -1}}"), Document.parse("{'$group': {\n        '_id':'$license',\n        'validTo': {'$first': '$validTo'},\n        'limit': {'$first': '$limit'},\n        'createdAt': {'$first': '$createdAt'},\n        'id' : {'$first': '$_id'}\n}}"), Document.parse("{'$sort': {'validTo': -1}}"), Document.parse("{'$group': {\n        '_id':null,\n        'validTo': {'$first': '$validTo'},\n        'license': {'$first': '$_id'},\n        'limit': {'$first': '$limit'},\n        'createdAt': {'$first': '$createdAt'},\n        'id' : {'$first': '$id'}\n}}"))).allowDiskUse(true).first();
        return first == null ? Optional.empty() : Optional.of(new LatestLicense((UUID) first.get((Object) ErrorDataSerializer.ID, UUID.class), first.getDate("validTo").toInstant(), first.getDate("createdAt").toInstant()));
    }

    private Set<UUID> getAllLicenses() {
        HashSet hashSet = new HashSet();
        getAll().forEach(permission -> {
            hashSet.add(permission.getLicense());
        });
        return hashSet;
    }

    @Override // com.google.common.util.concurrent.AbstractScheduledService
    protected AbstractScheduledService.Scheduler scheduler() {
        Random random = new Random();
        return AbstractScheduledService.Scheduler.newFixedRateSchedule(1 + random.nextInt(5), 30 + random.nextInt(61), TimeUnit.MINUTES);
    }
}
