package org.sonatype.nexus.rest.global;

import com.thoughtworks.xstream.XStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import org.apache.commons.lang.StringUtils;
import org.codehaus.enunciate.contract.jaxrs.ResourceMethodSignature;
import org.restlet.Context;
import org.restlet.data.Reference;
import org.restlet.data.Request;
import org.restlet.data.Response;
import org.restlet.data.Status;
import org.restlet.resource.ResourceException;
import org.restlet.resource.Variant;
import org.sonatype.configuration.ConfigurationException;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.micromailer.Address;
import org.sonatype.nexus.configuration.application.DefaultGlobalRemoteConnectionSettings;
import org.sonatype.nexus.configuration.application.DefaultGlobalRemoteProxySettings;
import org.sonatype.nexus.configuration.application.GlobalRemoteProxySettings;
import org.sonatype.nexus.configuration.model.CRemoteConnectionSettings;
import org.sonatype.nexus.configuration.model.CRemoteProxySettings;
import org.sonatype.nexus.configuration.model.CRestApiSettings;
import org.sonatype.nexus.configuration.model.CSmtpConfiguration;
import org.sonatype.nexus.configuration.source.ApplicationConfigurationSource;
import org.sonatype.nexus.notification.NotificationCheat;
import org.sonatype.nexus.notification.NotificationManager;
import org.sonatype.nexus.notification.NotificationTarget;
import org.sonatype.nexus.proxy.repository.UsernamePasswordRemoteAuthenticationSettings;
import org.sonatype.nexus.rest.AbstractNexusPlexusResource;
import org.sonatype.nexus.rest.model.GlobalConfigurationResource;
import org.sonatype.nexus.rest.model.GlobalConfigurationResourceResponse;
import org.sonatype.nexus.rest.model.HtmlUnescapeStringConverter;
import org.sonatype.nexus.rest.model.RemoteConnectionSettings;
import org.sonatype.nexus.rest.model.RemoteProxySettingsDTO;
import org.sonatype.nexus.rest.model.RestApiSettings;
import org.sonatype.nexus.rest.model.SmtpSettings;
import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
import org.sonatype.plexus.rest.resource.PlexusResourceException;
import org.sonatype.security.configuration.source.SecurityConfigurationSource;

@Path(GlobalConfigurationPlexusResource.RESOURCE_URI)
@Consumes({"application/xml", MediaType.APPLICATION_JSON})
@Named
@Singleton
@Produces({"application/xml", MediaType.APPLICATION_JSON})
/* loaded from: input_file:WEB-INF/plugin-repository/nexus-restlet1x-plugin-2.14.20-02/nexus-restlet1x-plugin-2.14.20-02.jar:org/sonatype/nexus/rest/global/GlobalConfigurationPlexusResource.class */
public class GlobalConfigurationPlexusResource extends AbstractGlobalConfigurationPlexusResource {
    public static final String CONFIG_NAME_KEY = "configName";
    public static final String RESOURCE_URI = "/global_settings/{configName}";
    public static final String CURRENT_CONFIG_NAME = "current";
    public static final String DEFAULT_CONFIG_NAME = "default";
    private final NotificationManager notificationManager;
    private final SecurityConfigurationSource defaultSecurityConfigurationSource;
    private final ApplicationConfigurationSource configurationSource;

    @Inject
    public GlobalConfigurationPlexusResource(NotificationManager notificationManager, @Named("static") SecurityConfigurationSource securityConfigurationSource, @Named("static") ApplicationConfigurationSource applicationConfigurationSource) {
        this.notificationManager = notificationManager;
        this.defaultSecurityConfigurationSource = securityConfigurationSource;
        this.configurationSource = applicationConfigurationSource;
        setModifiable(true);
    }

    public boolean isDefaultAnonymousAccessEnabled() {
        return this.defaultSecurityConfigurationSource.getConfiguration().isAnonymousAccessEnabled();
    }

    public String getDefaultAnonymousUsername() {
        return this.defaultSecurityConfigurationSource.getConfiguration().getAnonymousUsername();
    }

    public String getDefaultAnonymousPassword() {
        return this.defaultSecurityConfigurationSource.getConfiguration().getAnonymousPassword();
    }

    public List<String> getDefaultRealms() {
        return this.defaultSecurityConfigurationSource.getConfiguration().getRealms();
    }

    public CRemoteConnectionSettings readDefaultGlobalRemoteConnectionSettings() {
        return this.configurationSource.getConfiguration().getGlobalConnectionSettings();
    }

    public CRemoteProxySettings readDefaultRemoteProxySettings() {
        return this.configurationSource.getConfiguration().getRemoteProxySettings();
    }

    public CRestApiSettings readDefaultRestApiSettings() {
        return this.configurationSource.getConfiguration().getRestApi();
    }

    public CSmtpConfiguration readDefaultSmtpConfiguration() {
        return this.configurationSource.getConfiguration().getSmtpConfiguration();
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public Object getPayloadInstance() {
        return new GlobalConfigurationResourceResponse();
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public String getResourceUri() {
        return RESOURCE_URI;
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public PathProtectionDescriptor getResourceProtection() {
        return new PathProtectionDescriptor("/global_settings/*", "authcBasic,perms[nexus:settings]");
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    @GET
    @ResourceMethodSignature(pathParams = {@PathParam("configName")}, output = GlobalConfigurationResourceResponse.class)
    public Object get(Context context, Request request, Response response, Variant variant) throws ResourceException {
        String obj = request.getAttributes().get("configName").toString();
        if (!"default".equals(obj) && !CURRENT_CONFIG_NAME.equals(obj)) {
            throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND);
        }
        GlobalConfigurationResource globalConfigurationResource = new GlobalConfigurationResource();
        if ("default".equals(obj)) {
            fillDefaultConfiguration(request, globalConfigurationResource);
        } else {
            fillCurrentConfiguration(request, globalConfigurationResource);
        }
        GlobalConfigurationResourceResponse globalConfigurationResourceResponse = new GlobalConfigurationResourceResponse();
        globalConfigurationResourceResponse.setData(globalConfigurationResource);
        return globalConfigurationResourceResponse;
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    @ResourceMethodSignature(pathParams = {@PathParam("configName")}, input = GlobalConfigurationResourceResponse.class)
    @PUT
    public Object put(Context context, Request request, Response response, Object obj) throws ResourceException {
        String obj2 = request.getAttributes().get("configName").toString();
        if (!"default".equals(obj2) && !CURRENT_CONFIG_NAME.equals(obj2)) {
            throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND);
        }
        if (!CURRENT_CONFIG_NAME.equals(obj2)) {
            throw new ResourceException(Status.CLIENT_ERROR_METHOD_NOT_ALLOWED);
        }
        GlobalConfigurationResourceResponse globalConfigurationResourceResponse = (GlobalConfigurationResourceResponse) obj;
        if (globalConfigurationResourceResponse != null) {
            GlobalConfigurationResource data = globalConfigurationResourceResponse.getData();
            try {
                if (data.getSmtpSettings() != null) {
                    SmtpSettings smtpSettings = data.getSmtpSettings();
                    getNexusEmailer().setSMTPHostname(smtpSettings.getHost());
                    String sMTPPassword = getNexusEmailer().getSMTPPassword();
                    if (smtpSettings.getPassword() == null) {
                        smtpSettings.setPassword("");
                    }
                    getNexusEmailer().setSMTPPassword(getActualPassword(smtpSettings.getPassword(), sMTPPassword));
                    getNexusEmailer().setSMTPPort(smtpSettings.getPort());
                    getNexusEmailer().setSMTPSslEnabled(smtpSettings.isSslEnabled());
                    getNexusEmailer().setSMTPTlsEnabled(smtpSettings.isTlsEnabled());
                    if (smtpSettings.getUsername() == null) {
                        smtpSettings.setUsername("");
                    }
                    getNexusEmailer().setSMTPUsername(smtpSettings.getUsername());
                    getNexusEmailer().setSMTPSystemEmailAddress(new Address(smtpSettings.getSystemEmailAddress().trim()));
                }
                if (data.getGlobalConnectionSettings() != null) {
                    RemoteConnectionSettings globalConnectionSettings = data.getGlobalConnectionSettings();
                    getGlobalRemoteConnectionSettings().setConnectionTimeout(globalConnectionSettings.getConnectionTimeout() * 1000);
                    getGlobalRemoteConnectionSettings().setRetrievalRetryCount(globalConnectionSettings.getRetrievalRetryCount());
                    getGlobalRemoteConnectionSettings().setQueryString(globalConnectionSettings.getQueryString());
                    getGlobalRemoteConnectionSettings().setUserAgentCustomizationString(globalConnectionSettings.getUserAgentString());
                }
                setGlobalProxySettings(data.getRemoteProxySettings(), getGlobalRemoteProxySettings());
                getNexusConfiguration().setRealms(data.getSecurityRealms());
                String securityAnonymousUsername = data.getSecurityAnonymousUsername();
                String actualPassword = getActualPassword(data.getSecurityAnonymousPassword(), getNexusConfiguration().getAnonymousPassword());
                if (data.isSecurityAnonymousAccessEnabled() && !StringUtils.isEmpty(securityAnonymousUsername) && !StringUtils.isEmpty(actualPassword)) {
                    getNexusConfiguration().setAnonymousAccess(true, securityAnonymousUsername, actualPassword);
                } else {
                    if (data.isSecurityAnonymousAccessEnabled()) {
                        getLogger().warn("Nexus refused to apply configuration, the supplied anonymous username/pwd information is empty.");
                        throw new PlexusResourceException(Status.CLIENT_ERROR_BAD_REQUEST, getNexusErrorResponse("securityAnonymousUsername", "Cannot be empty when Anonynous access is enabled"));
                    }
                    getNexusConfiguration().setAnonymousAccess(false, null, null);
                }
                if (data.getGlobalRestApiSettings() != null) {
                    RestApiSettings globalRestApiSettings = data.getGlobalRestApiSettings();
                    getGlobalRestApiSettings().setForceBaseUrl(globalRestApiSettings.isForceBaseUrl());
                    if (StringUtils.isEmpty(data.getGlobalRestApiSettings().getBaseUrl())) {
                        getGlobalRestApiSettings().setBaseUrl(null);
                    } else {
                        getGlobalRestApiSettings().setBaseUrl(new Reference(globalRestApiSettings.getBaseUrl()).getTargetRef().toString());
                    }
                    getGlobalRestApiSettings().setUITimeout(globalRestApiSettings.getUiTimeout() * 1000);
                } else {
                    getGlobalRestApiSettings().disable();
                }
                if (data.getSystemNotificationSettings() != null) {
                    this.notificationManager.setEnabled(data.getSystemNotificationSettings().isEnabled());
                    NotificationTarget readNotificationTarget = this.notificationManager.readNotificationTarget(NotificationCheat.AUTO_BLOCK_NOTIFICATION_GROUP_ID);
                    if (readNotificationTarget == null) {
                        readNotificationTarget = new NotificationTarget();
                        readNotificationTarget.setTargetId(NotificationCheat.AUTO_BLOCK_NOTIFICATION_GROUP_ID);
                    }
                    readNotificationTarget.getTargetRoles().clear();
                    readNotificationTarget.getTargetRoles().addAll(data.getSystemNotificationSettings().getRoles());
                    readNotificationTarget.getExternalTargets().clear();
                    if (StringUtils.isNotEmpty(data.getSystemNotificationSettings().getEmailAddresses())) {
                        readNotificationTarget.getExternalTargets().addAll(Arrays.asList(data.getSystemNotificationSettings().getEmailAddresses().split(",")));
                    }
                    readNotificationTarget.getTargetUsers().clear();
                    this.notificationManager.updateNotificationTarget(readNotificationTarget);
                }
                boolean isDirty = ((DefaultGlobalRemoteConnectionSettings) getGlobalRemoteConnectionSettings()).isDirty();
                boolean isDirty2 = ((DefaultGlobalRemoteProxySettings) getGlobalRemoteProxySettings()).isDirty();
                getNexusConfiguration().saveConfiguration();
                if (isDirty) {
                    getNexusConfiguration().getGlobalRemoteStorageContext().setRemoteConnectionSettings(getGlobalRemoteConnectionSettings());
                }
                if (isDirty2) {
                    getNexusConfiguration().getGlobalRemoteStorageContext().setRemoteProxySettings(getGlobalRemoteProxySettings());
                }
            } catch (IOException e) {
                getLogger().warn("Got IO Exception during update of Nexus configuration.", (Throwable) e);
                throw new ResourceException(Status.SERVER_ERROR_INTERNAL);
            } catch (InvalidConfigurationException e2) {
                getLogger().debug("Configuraiton Exception while setting security values", (Throwable) e2);
                handleInvalidConfigurationException(e2);
            } catch (ConfigurationException e3) {
                getLogger().warn("Nexus refused to apply configuration.", (Throwable) e3);
                throw new PlexusResourceException(Status.CLIENT_ERROR_BAD_REQUEST, e3.getMessage(), getNexusErrorResponse("*", e3.getMessage()));
            }
        }
        response.setStatus(Status.SUCCESS_NO_CONTENT);
        return null;
    }

    private void setGlobalProxySettings(RemoteProxySettingsDTO remoteProxySettingsDTO, GlobalRemoteProxySettings globalRemoteProxySettings) throws ConfigurationException {
        if (remoteProxySettingsDTO == null || remoteProxySettingsDTO.getHttpProxySettings() == null || StringUtils.isEmpty(remoteProxySettingsDTO.getHttpProxySettings().getProxyHostname())) {
            globalRemoteProxySettings.setHttpProxySettings(null);
            globalRemoteProxySettings.setHttpsProxySettings(null);
            globalRemoteProxySettings.setNonProxyHosts(null);
            return;
        }
        String str = null;
        if (globalRemoteProxySettings.getHttpProxySettings() != null && globalRemoteProxySettings.getHttpProxySettings().getProxyAuthentication() != null) {
            str = ((UsernamePasswordRemoteAuthenticationSettings) globalRemoteProxySettings.getHttpProxySettings().getProxyAuthentication()).getPassword();
        }
        String str2 = null;
        if (globalRemoteProxySettings.getHttpsProxySettings() != null && globalRemoteProxySettings.getHttpsProxySettings().getProxyAuthentication() != null) {
            str2 = ((UsernamePasswordRemoteAuthenticationSettings) globalRemoteProxySettings.getHttpsProxySettings().getProxyAuthentication()).getPassword();
        }
        globalRemoteProxySettings.setHttpProxySettings(convert(remoteProxySettingsDTO.getHttpProxySettings(), str));
        globalRemoteProxySettings.setHttpsProxySettings(convert(remoteProxySettingsDTO.getHttpsProxySettings(), str2));
        List<String> nonProxyHosts = remoteProxySettingsDTO.getNonProxyHosts();
        if (nonProxyHosts == null || nonProxyHosts.isEmpty()) {
            globalRemoteProxySettings.setNonProxyHosts(null);
            return;
        }
        HashSet hashSet = new HashSet();
        for (String str3 : nonProxyHosts) {
            if (StringUtils.isNotEmpty(str3)) {
                hashSet.add(str3);
            }
        }
        globalRemoteProxySettings.setNonProxyHosts(hashSet);
    }

    protected void fillDefaultConfiguration(Request request, GlobalConfigurationResource globalConfigurationResource) {
        globalConfigurationResource.setSecurityAnonymousAccessEnabled(isDefaultAnonymousAccessEnabled());
        globalConfigurationResource.setSecurityRealms(getDefaultRealms());
        globalConfigurationResource.setSecurityAnonymousUsername(getDefaultAnonymousUsername());
        globalConfigurationResource.setSecurityAnonymousPassword(AbstractNexusPlexusResource.PASSWORD_PLACE_HOLDER);
        globalConfigurationResource.setGlobalConnectionSettings(convert(readDefaultGlobalRemoteConnectionSettings()));
        globalConfigurationResource.setRemoteProxySettings(convert(readDefaultRemoteProxySettings()));
        RestApiSettings convert = convert(readDefaultRestApiSettings());
        if (convert != null) {
            convert.setBaseUrl(getContextRoot(request).getTargetRef().toString());
        }
        globalConfigurationResource.setGlobalRestApiSettings(convert);
        globalConfigurationResource.setSmtpSettings(convert(readDefaultSmtpConfiguration()));
    }

    protected void fillCurrentConfiguration(Request request, GlobalConfigurationResource globalConfigurationResource) {
        globalConfigurationResource.setSecurityAnonymousAccessEnabled(getNexusConfiguration().isAnonymousAccessEnabled());
        globalConfigurationResource.setSecurityRealms(getNexusConfiguration().getRealms());
        globalConfigurationResource.setSecurityAnonymousUsername(getNexusConfiguration().getAnonymousUsername());
        globalConfigurationResource.setSecurityAnonymousPassword(AbstractNexusPlexusResource.PASSWORD_PLACE_HOLDER);
        globalConfigurationResource.setGlobalConnectionSettings(convert(getGlobalRemoteConnectionSettings()));
        globalConfigurationResource.setRemoteProxySettings(convert(getGlobalRemoteProxySettings()));
        RestApiSettings convert = convert(getGlobalRestApiSettings());
        if (convert != null && StringUtils.isEmpty(convert.getBaseUrl())) {
            convert.setBaseUrl(getContextRoot(request).getTargetRef().toString());
        }
        globalConfigurationResource.setGlobalRestApiSettings(convert);
        globalConfigurationResource.setSmtpSettings(convert(getNexusEmailer()));
        globalConfigurationResource.setSystemNotificationSettings(convert(this.notificationManager));
    }

    protected String getSecurityConfiguration(boolean z, String str) {
        return !z ? "off" : AbstractGlobalConfigurationPlexusResource.SECURITY_SIMPLE.equals(str) ? AbstractGlobalConfigurationPlexusResource.SECURITY_SIMPLE : "custom";
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public void configureXStream(XStream xStream) {
        xStream.registerLocalConverter(SmtpSettings.class, "username", new HtmlUnescapeStringConverter(true));
        xStream.registerLocalConverter(SmtpSettings.class, "password", new HtmlUnescapeStringConverter(true));
    }
}
