package org.kuali.kfs.sys.reports;

import io.jsonwebtoken.Header;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.UUID;
import org.apache.commons.lang3.StringUtils;
import org.apache.hc.core5.net.URIBuilder;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.kuali.kfs.core.api.config.property.ConfigurationService;
import org.kuali.kfs.kim.impl.identity.Person;
import org.kuali.kfs.sys.KFSConstants;
import org.kuali.kfs.sys.businessobject.service.exception.NotFoundException;
import org.kuali.kfs.sys.web.WebClientFactory;
import org.springframework.http.HttpStatus;
import org.springframework.web.reactive.function.client.WebClient;
import reactor.core.publisher.Mono;

/* loaded from: input_file:WEB-INF/lib/kfs-core-fini-13275-u-SNAPSHOT.jar:org/kuali/kfs/sys/reports/ReportsService.class */
public class ReportsService {
    static final String REPORT_DASHBOARD_WEB_PATH = "app/main#/dashboards/";
    static final String REPORT_HOME_WEB_PATH = "app/main#/home/";
    static final String DASHBOARDS_API_PATH = "api/v1/dashboards";
    static final String JWT_PATH = "/jwt";
    private ConfigurationService configurationService;
    private static final WebClient WEB_CLIENT = WebClientFactory.create();
    private static final Logger LOG = LogManager.getLogger();

    /* JADX WARN: Type inference failed for: r0v9, types: [org.springframework.web.reactive.function.client.WebClient$RequestHeadersSpec] */
    public List<Object> getReports(String str, Person person) {
        URIBuilder createSSOUriBuilder = createSSOUriBuilder(person);
        if (createSSOUriBuilder == null) {
            return null;
        }
        createSSOUriBuilder.addParameter("return_to", DASHBOARDS_API_PATH);
        try {
            Object block = WEB_CLIENT.get().uri(createSSOUriBuilder.build()).header("Referer", str).exchangeToMono(clientResponse -> {
                if (clientResponse.statusCode() != HttpStatus.FOUND) {
                    if (clientResponse.statusCode() != HttpStatus.OK) {
                        return clientResponse.bodyToMono(String.class).map(str2 -> {
                            return new NotFoundException(String.format("getReports(): Failed authentication request for request: %s. Response %s", DASHBOARDS_API_PATH, str2));
                        });
                    }
                    LOG.debug("Response OK");
                    return clientResponse.bodyToMono(List.class);
                }
                URIBuilder createBaseUriBuilder = createBaseUriBuilder(clientResponse.headers().header("Location").get(0));
                if (createBaseUriBuilder != null) {
                    try {
                        clientResponse.headers().header("Location").set(0, createBaseUriBuilder.addParameter("fields", "title,desc").build().toString());
                    } catch (URISyntaxException e) {
                        return Mono.error(e);
                    }
                }
                return Mono.empty();
            }).block();
            if (block instanceof NotFoundException) {
                throw ((NotFoundException) block);
            }
            return (List) block;
        } catch (URISyntaxException | NotFoundException e) {
            Logger logger = LOG;
            Objects.requireNonNull(e);
            logger.warn(e::getMessage);
            return null;
        }
    }

    public URI getReportLocation(String str, Person person) {
        String str2;
        URIBuilder createSSOUriBuilder = createSSOUriBuilder(person);
        if (createSSOUriBuilder == null) {
            return null;
        }
        if (StringUtils.isBlank(str)) {
            String reportsDefaultDashboardId = getReportsDefaultDashboardId();
            str2 = StringUtils.isBlank(reportsDefaultDashboardId) ? REPORT_HOME_WEB_PATH : REPORT_DASHBOARD_WEB_PATH + reportsDefaultDashboardId;
        } else {
            str2 = REPORT_DASHBOARD_WEB_PATH + str;
        }
        createSSOUriBuilder.addParameter("return_to", str2 + "?h=true&t=true&l=true");
        try {
            return createSSOUriBuilder.build();
        } catch (URISyntaxException e) {
            LOG.error("Invalid URI generated from {}", createSSOUriBuilder);
            return null;
        }
    }

    public boolean isReportsEnabled() {
        return StringUtils.isNotBlank(getReportsBaseUrl());
    }

    private URIBuilder createSSOUriBuilder(Person person) {
        URIBuilder createBaseUriBuilder = createBaseUriBuilder(JWT_PATH);
        if (createBaseUriBuilder == null) {
            return null;
        }
        createBaseUriBuilder.addParameter("jwt", buildJwtToken(person));
        return createBaseUriBuilder;
    }

    private URIBuilder createBaseUriBuilder(String str) {
        String reportsBaseUrl = getReportsBaseUrl();
        if (StringUtils.isBlank(reportsBaseUrl)) {
            LOG.warn("No reports integration url found");
            return null;
        }
        try {
            URIBuilder uRIBuilder = new URIBuilder(reportsBaseUrl);
            uRIBuilder.appendPath(str);
            return uRIBuilder;
        } catch (URISyntaxException e) {
            LOG.error("Invalid reportsBase url {}", reportsBaseUrl);
            return null;
        }
    }

    private String buildJwtToken(Person person) {
        Instant now = Instant.now();
        JwtBuilder headerParam = Jwts.builder().setId(UUID.randomUUID().toString()).setSubject(person.getEmailAddress()).setIssuedAt(Date.from(now)).setExpiration(Date.from(now.plus(3L, (TemporalUnit) ChronoUnit.HOURS))).setHeaderParam(Header.TYPE, Header.JWT_TYPE);
        String propertyValueAsString = this.configurationService.getPropertyValueAsString(KFSConstants.REPORTS_SIGNING_SECRET);
        if (!StringUtils.isBlank(propertyValueAsString)) {
            return headerParam.signWith(Keys.hmacShaKeyFor(propertyValueAsString.getBytes(StandardCharsets.UTF_8)), SignatureAlgorithm.HS256).compact();
        }
        LOG.warn("Reports signing secret is not set. Generated JWTs will not be signed");
        return headerParam.compact();
    }

    private String getReportsBaseUrl() {
        return this.configurationService.getPropertyValueAsString(KFSConstants.REPORTS_URL);
    }

    private String getReportsDefaultDashboardId() {
        return this.configurationService.getPropertyValueAsString(KFSConstants.REPORTS_DEFAULT_DASHBOARD_ID);
    }

    public void setConfigurationService(ConfigurationService configurationService) {
        this.configurationService = configurationService;
    }
}
