package com.atlassian.bamboo.buildqueue.manager;

import com.atlassian.bamboo.buildqueue.ImmutableRemoteAgentAuthentication;
import com.atlassian.bamboo.buildqueue.RemoteAgentAuthentication;
import com.atlassian.bamboo.buildqueue.RemoteAgentAuthenticationEntity;
import com.atlassian.bamboo.buildqueue.RemoteAgentAuthenticationImpl_;
import com.atlassian.bamboo.buildqueue.RemoteAgentAuthentications;
import com.atlassian.bamboo.buildqueue.dao.RemoteAgentAuthenticationDao;
import com.atlassian.bamboo.configuration.AdministrationConfiguration;
import com.atlassian.bamboo.configuration.AdministrationConfigurationAccessor;
import com.atlassian.bamboo.configuration.AdministrationConfigurationPersister;
import com.atlassian.bamboo.event.agent.AgentAuthorisationEvent;
import com.atlassian.collectors.CollectorsUtil;
import com.atlassian.event.api.EventPublisher;
import com.atlassian.fugue.Pair;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.common.collect.Collections2;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Iterables;
import com.google.common.collect.Ordering;
import com.google.common.net.InetAddresses;
import io.atlassian.util.concurrent.ResettableLazyReference;
import java.net.InetAddress;
import java.time.Duration;
import java.util.Collection;
import java.util.UUID;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import java.util.stream.Stream;
import org.apache.log4j.Logger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/bamboo/buildqueue/manager/RemoteAgentAuthenticationManagerImpl.class */
public class RemoteAgentAuthenticationManagerImpl implements RemoteAgentAuthenticationManager {
    private static final Logger log = Logger.getLogger(RemoteAgentAuthenticationManagerImpl.class);
    private final AdministrationConfigurationAccessor administrationConfigurationAccessor;
    private final AdministrationConfigurationPersister administrationConfigurationPersister;
    private final RemoteAgentAuthenticationDao agentAuthenticationDao;
    private final EventPublisher eventPublisher;
    private final ReadWriteLock lock;
    private final Cache<UUID, ImmutableRemoteAgentAuthentication> pendingAuthentications;
    private final ResettableLazyReference<Collection<ImmutableRemoteAgentAuthentication>> approvedAuthentications;
    private final ApprovedAuthenticationIpsCache approvedAuthenticationIpsCache;

    @VisibleForTesting
    RemoteAgentAuthenticationManagerImpl(AdministrationConfigurationAccessor administrationConfigurationAccessor, AdministrationConfigurationPersister administrationConfigurationPersister, final RemoteAgentAuthenticationDao remoteAgentAuthenticationDao, EventPublisher eventPublisher, Duration duration, Duration duration2) {
        this.lock = new ReentrantReadWriteLock();
        this.administrationConfigurationAccessor = administrationConfigurationAccessor;
        this.administrationConfigurationPersister = administrationConfigurationPersister;
        this.agentAuthenticationDao = remoteAgentAuthenticationDao;
        this.eventPublisher = eventPublisher;
        this.pendingAuthentications = CacheBuilder.newBuilder().expireAfterWrite(duration2.toNanos(), TimeUnit.NANOSECONDS).maximumSize(500L).build();
        this.approvedAuthentications = new ResettableLazyReference<Collection<ImmutableRemoteAgentAuthentication>>() { // from class: com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManagerImpl.1
            /* JADX INFO: Access modifiers changed from: protected */
            /* renamed from: create, reason: merged with bridge method [inline-methods] */
            public Collection<ImmutableRemoteAgentAuthentication> m174create() throws Exception {
                return new ConcurrentLinkedQueue((Collection) remoteAgentAuthenticationDao.getAllAuthentications().stream().map(RemoteAgentAuthentications.fromEntityJdk()).collect(CollectorsUtil.toImmutableList()));
            }
        };
        ResettableLazyReference<Collection<ImmutableRemoteAgentAuthentication>> resettableLazyReference = this.approvedAuthentications;
        resettableLazyReference.getClass();
        this.approvedAuthenticationIpsCache = new ApprovedAuthenticationIpsCache(resettableLazyReference::get, duration);
    }

    public RemoteAgentAuthenticationManagerImpl(AdministrationConfigurationAccessor administrationConfigurationAccessor, AdministrationConfigurationPersister administrationConfigurationPersister, RemoteAgentAuthenticationDao remoteAgentAuthenticationDao, EventPublisher eventPublisher, int i) {
        this(administrationConfigurationAccessor, administrationConfigurationPersister, remoteAgentAuthenticationDao, eventPublisher, Duration.ofSeconds(i), Duration.ofDays(1L));
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public boolean isRemoteAgentAuthenticationEnabled() {
        return this.administrationConfigurationAccessor.getAdministrationConfiguration().isRemoteAgentAuthenticationEnabled();
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public void setRemoteAgentAuthenticationEnabled(boolean z) throws Exception {
        AdministrationConfiguration administrationConfiguration = this.administrationConfigurationAccessor.getAdministrationConfiguration();
        if (administrationConfiguration.isRemoteAgentAuthenticationEnabled() != z) {
            this.lock.writeLock().lock();
            try {
                administrationConfiguration.setRemoteAgentAuthenticationEnabled(z);
                this.administrationConfigurationPersister.saveAdministrationConfiguration(administrationConfiguration);
                this.pendingAuthentications.invalidateAll();
                this.approvedAuthentications.reset();
                this.approvedAuthenticationIpsCache.reset();
            } finally {
                this.lock.writeLock().unlock();
            }
        }
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    @NotNull
    public Iterable<RemoteAgentAuthentication> getAllAuthentications() {
        return allAsList();
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    @NotNull
    public Iterable<RemoteAgentAuthentication> getAuthentications(Predicate<RemoteAgentAuthentication> predicate) {
        return Iterables.filter(getAllAuthentications(), predicate);
    }

    @NotNull
    private ImmutableList<RemoteAgentAuthentication> allAsList() {
        this.lock.readLock().lock();
        try {
            return ImmutableList.builder().addAll(Ordering.natural().immutableSortedCopy(this.pendingAuthentications.asMap().values())).addAll(Ordering.natural().immutableSortedCopy((Iterable) this.approvedAuthentications.get())).build();
        } finally {
            this.lock.readLock().unlock();
        }
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    @Nullable
    public RemoteAgentAuthentication getAuthentication(UUID uuid, String str) {
        Stream stream = allAsList().reverse().stream();
        Predicate<RemoteAgentAuthentication> matching = RemoteAgentAuthentications.matching(uuid, str);
        matching.getClass();
        return (RemoteAgentAuthentication) stream.filter((v1) -> {
            return r1.apply(v1);
        }).findFirst().orElse(null);
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public RemoteAgentAuthentication getAuthentication(UUID uuid) {
        Stream stream = allAsList().reverse().stream();
        Predicate<RemoteAgentAuthentication> matching = RemoteAgentAuthentications.matching(uuid);
        matching.getClass();
        return (RemoteAgentAuthentication) stream.filter((v1) -> {
            return r1.apply(v1);
        }).findFirst().orElse(null);
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    @NotNull
    public Pair<RemoteAgentAuthentication, Boolean> getOrCreatePendingAuthentication(@NotNull UUID uuid, @NotNull String str) {
        Preconditions.checkNotNull(str, RemoteAgentAuthenticationImpl_.IP);
        Preconditions.checkNotNull(uuid, RemoteAgentAuthenticationImpl_.UUID);
        this.lock.writeLock().lock();
        try {
            Stream stream = ((Collection) this.approvedAuthentications.get()).stream();
            Predicate<RemoteAgentAuthentication> matching = RemoteAgentAuthentications.matching(uuid, str);
            matching.getClass();
            RemoteAgentAuthentication remoteAgentAuthentication = (RemoteAgentAuthentication) stream.filter((v1) -> {
                return r1.apply(v1);
            }).findFirst().orElse(null);
            if (remoteAgentAuthentication != null) {
                Pair<RemoteAgentAuthentication, Boolean> pair = Pair.pair(remoteAgentAuthentication, true);
                this.lock.writeLock().unlock();
                return pair;
            }
            ImmutableRemoteAgentAuthentication immutableRemoteAgentAuthentication = (ImmutableRemoteAgentAuthentication) this.pendingAuthentications.getIfPresent(uuid);
            if (immutableRemoteAgentAuthentication != null && immutableRemoteAgentAuthentication.matches(str)) {
                Pair<RemoteAgentAuthentication, Boolean> pair2 = Pair.pair(immutableRemoteAgentAuthentication, true);
                this.lock.writeLock().unlock();
                return pair2;
            }
            ImmutableRemoteAgentAuthentication immutableRemoteAgentAuthentication2 = new ImmutableRemoteAgentAuthentication(uuid, str);
            this.pendingAuthentications.put(uuid, immutableRemoteAgentAuthentication2);
            Pair<RemoteAgentAuthentication, Boolean> pair3 = Pair.pair(immutableRemoteAgentAuthentication2, false);
            this.lock.writeLock().unlock();
            return pair3;
        } catch (Throwable th) {
            this.lock.writeLock().unlock();
            throw th;
        }
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public void approveAuthentications(@NotNull Iterable<RemoteAgentAuthentication> iterable) {
        this.lock.writeLock().lock();
        try {
            this.pendingAuthentications.invalidateAll(Iterables.transform(iterable, (v0) -> {
                return v0.getUuid();
            }));
            ImmutableList copyOf = ImmutableList.copyOf(Iterables.transform(iterable, RemoteAgentAuthentications.toEntity(this.agentAuthenticationDao)));
            this.agentAuthenticationDao.approve(copyOf);
            this.approvedAuthentications.reset();
            this.approvedAuthenticationIpsCache.reset();
            for (int i = 0; i < copyOf.size(); i++) {
                this.eventPublisher.publish(new AgentAuthorisationEvent(this, true));
            }
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public void revokeAgentAuthentications(@NotNull Iterable<RemoteAgentAuthentication> iterable) {
        ImmutableList copyOf = ImmutableList.copyOf(Iterables.filter(iterable, RemoteAgentAuthentications.isApproved()));
        if (copyOf.isEmpty()) {
            return;
        }
        this.lock.writeLock().lock();
        try {
            this.agentAuthenticationDao.deleteAll(Collections2.transform(copyOf, RemoteAgentAuthentications.toEntity(this.agentAuthenticationDao)));
            ((Collection) this.approvedAuthentications.get()).removeAll(Collections2.filter((Collection) this.approvedAuthentications.get(), RemoteAgentAuthentications.matchingUuidOf(copyOf)));
            this.approvedAuthenticationIpsCache.reset();
            for (int i = 0; i < copyOf.size(); i++) {
                this.eventPublisher.publish(new AgentAuthorisationEvent(this, false));
            }
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public void updateIp(@NotNull UUID uuid, @NotNull String str) {
        Preconditions.checkNotNull(uuid, RemoteAgentAuthenticationImpl_.UUID);
        Preconditions.checkNotNull(str, "newIp");
        this.lock.writeLock().lock();
        try {
            ImmutableRemoteAgentAuthentication immutableRemoteAgentAuthentication = (ImmutableRemoteAgentAuthentication) Iterables.find((Iterable) this.approvedAuthentications.get(), RemoteAgentAuthentications.matching(uuid), (Object) null);
            if (immutableRemoteAgentAuthentication == null || str.equals(immutableRemoteAgentAuthentication.getIp())) {
                return;
            }
            RemoteAgentAuthenticationEntity remoteAgentAuthenticationEntity = (RemoteAgentAuthenticationEntity) RemoteAgentAuthentications.toEntity(this.agentAuthenticationDao).apply(immutableRemoteAgentAuthentication);
            remoteAgentAuthenticationEntity.setIp(str);
            this.agentAuthenticationDao.save(remoteAgentAuthenticationEntity);
            ((Collection) this.approvedAuthentications.get()).remove(immutableRemoteAgentAuthentication);
            ((Collection) this.approvedAuthentications.get()).add(new ImmutableRemoteAgentAuthentication(remoteAgentAuthenticationEntity));
            this.approvedAuthenticationIpsCache.reset();
            this.lock.writeLock().unlock();
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public boolean isAuthenticatedAgentIp(@NotNull String str) {
        try {
            return isAuthenticatedAgentIp(InetAddresses.forString(str));
        } catch (IllegalArgumentException e) {
            log.debug("Invalid IP address: " + str);
            return false;
        }
    }

    @Override // com.atlassian.bamboo.buildqueue.manager.RemoteAgentAuthenticationManager
    public boolean isAuthenticatedAgentIp(@NotNull InetAddress inetAddress) {
        return this.approvedAuthenticationIpsCache.isAuthenticatedAgentIp(inetAddress);
    }
}
