package com.vaadin.flow.server.connect;

import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.PropertyAccessor;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.googlecode.gentyref.GenericTypeReflector;
import com.helger.css.media.CSSMediaList;
import com.vaadin.flow.function.DeploymentConfiguration;
import com.vaadin.flow.server.VaadinService;
import com.vaadin.flow.server.VaadinServletRequest;
import com.vaadin.flow.server.VaadinServletService;
import com.vaadin.flow.server.connect.auth.VaadinConnectAccessChecker;
import com.vaadin.flow.server.connect.exception.EndpointException;
import com.vaadin.flow.server.connect.exception.EndpointValidationException;
import com.vaadin.flow.server.startup.ServletDeployer;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.validation.ConstraintViolation;
import javax.validation.Validation;
import javax.validation.Validator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.jackson.JacksonProperties;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
import org.springframework.util.ClassUtils;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;

@ConditionalOnBean(annotation = {Endpoint.class})
@RestController
@Import({VaadinConnectControllerConfiguration.class, VaadinEndpointProperties.class})
/* loaded from: input_file:WEB-INF/lib/flow-server-4.0-SNAPSHOT.jar:com/vaadin/flow/server/connect/VaadinConnectController.class */
public class VaadinConnectController {
    public static final String VAADIN_ENDPOINT_MAPPER_BEAN_QUALIFIER = "vaadinEndpointMapper";
    private final ObjectMapper vaadinEndpointMapper;
    private final VaadinConnectAccessChecker accessChecker;
    private final ExplicitNullableTypeChecker explicitNullableTypeChecker;
    final Map<String, VaadinEndpointData> vaadinEndpoints = new HashMap();
    private final Validator validator = Validation.buildDefaultValidatorFactory().getValidator();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/flow-server-4.0-SNAPSHOT.jar:com/vaadin/flow/server/connect/VaadinConnectController$VaadinEndpointData.class */
    public static class VaadinEndpointData {
        final Map<String, Method> methods;
        private final Object vaadinEndpointObject;

        private VaadinEndpointData(Object obj, Method... methodArr) {
            this.methods = new HashMap();
            this.vaadinEndpointObject = obj;
            Stream.of((Object[]) methodArr).filter(method -> {
                return (method.getDeclaringClass() == Object.class || method.isBridge()) ? false : true;
            }).forEach(method2 -> {
                this.methods.put(method2.getName().toLowerCase(Locale.ENGLISH), method2);
            });
        }

        /* JADX INFO: Access modifiers changed from: private */
        public Optional<Method> getMethod(String str) {
            return Optional.ofNullable(this.methods.get(str));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public Object getEndpointObject() {
            return this.vaadinEndpointObject;
        }
    }

    public VaadinConnectController(@Autowired(required = false) @Qualifier("vaadinEndpointMapper") ObjectMapper objectMapper, VaadinConnectAccessChecker vaadinConnectAccessChecker, EndpointNameChecker endpointNameChecker, ExplicitNullableTypeChecker explicitNullableTypeChecker, ApplicationContext applicationContext, ServletContext servletContext) {
        this.vaadinEndpointMapper = objectMapper != null ? objectMapper : createVaadinConnectObjectMapper(applicationContext);
        this.accessChecker = vaadinConnectAccessChecker;
        this.explicitNullableTypeChecker = explicitNullableTypeChecker;
        applicationContext.getBeansWithAnnotation(Endpoint.class).forEach((str, obj) -> {
            validateEndpointBean(endpointNameChecker, str, obj);
        });
        DeploymentConfiguration createDeploymentConfiguration = createDeploymentConfiguration(servletContext);
        if (createDeploymentConfiguration != null) {
            vaadinConnectAccessChecker.enableCsrf(createDeploymentConfiguration.isXsrfProtectionEnabled());
        }
    }

    private ObjectMapper createVaadinConnectObjectMapper(ApplicationContext applicationContext) {
        ObjectMapper build = ((Jackson2ObjectMapperBuilder) applicationContext.getBean(Jackson2ObjectMapperBuilder.class)).createXmlMapper(false).build();
        if (((JacksonProperties) applicationContext.getBean(JacksonProperties.class)).getVisibility().isEmpty()) {
            build.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.ANY);
        }
        return build;
    }

    private DeploymentConfiguration createDeploymentConfiguration(ServletContext servletContext) {
        if (servletContext.getServletRegistrations().isEmpty()) {
            return null;
        }
        return ServletDeployer.StubServletConfig.createDeploymentConfiguration(servletContext, servletContext.getServletRegistrations().entrySet().iterator().next().getValue(), VaadinConnectController.class);
    }

    private static Logger getLogger() {
        return LoggerFactory.getLogger((Class<?>) VaadinConnectController.class);
    }

    void validateEndpointBean(EndpointNameChecker endpointNameChecker, String str, Object obj) {
        Class userClass = ClassUtils.getUserClass(obj.getClass());
        String str2 = (String) Optional.ofNullable(userClass.getAnnotation(Endpoint.class)).map((v0) -> {
            return v0.value();
        }).filter(str3 -> {
            return !str3.isEmpty();
        }).orElse(userClass.getSimpleName());
        if (str2.isEmpty()) {
            throw new IllegalStateException(String.format("A bean with name '%s' and type '%s' is annotated with '%s' annotation but is an anonymous class hence has no name. ", str, userClass, Endpoint.class) + String.format("Either modify the bean declaration so that it is not an anonymous class or specify an endpoint name in the '%s' annotation", Endpoint.class));
        }
        String check = endpointNameChecker.check(str2);
        if (check != null) {
            throw new IllegalStateException(String.format("Endpoint name '%s' is invalid, reason: '%s'", str2, check));
        }
        this.vaadinEndpoints.put(str2.toLowerCase(Locale.ENGLISH), new VaadinEndpointData(obj, userClass.getMethods()));
    }

    @PostMapping(path = {"/{endpoint}/{method}"}, produces = {"application/json;charset=UTF-8"})
    public ResponseEntity<String> serveEndpoint(@PathVariable("endpoint") String str, @PathVariable("method") String str2, @RequestBody(required = false) ObjectNode objectNode, HttpServletRequest httpServletRequest) {
        getLogger().debug("Endpoint: {}, method: {}, request body: {}", str, str2, objectNode);
        VaadinEndpointData vaadinEndpointData = this.vaadinEndpoints.get(str.toLowerCase(Locale.ENGLISH));
        if (vaadinEndpointData == null) {
            getLogger().debug("Endpoint '{}' not found", str);
            return ResponseEntity.notFound().build();
        }
        Method method = (Method) vaadinEndpointData.getMethod(str2.toLowerCase(Locale.ENGLISH)).orElse(null);
        if (method == null) {
            getLogger().debug("Method '{}' not found in endpoint '{}'", str2, str);
            return ResponseEntity.notFound().build();
        }
        try {
            VaadinServletService vaadinServletService = (VaadinServletService) VaadinService.getCurrent();
            if (vaadinServletService != null) {
                vaadinServletService.setCurrentInstances(new VaadinServletRequest(httpServletRequest, vaadinServletService), null);
            }
            return invokeVaadinEndpointMethod(str, str2, method, objectNode, vaadinEndpointData, httpServletRequest);
        } catch (JsonProcessingException e) {
            String format = String.format("Failed to serialize endpoint '%s' method '%s' response. Double check method's return type or specify a custom mapper bean with qualifier '%s'", str, str2, VAADIN_ENDPOINT_MAPPER_BEAN_QUALIFIER);
            getLogger().error(format, (Throwable) e);
            try {
                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(createResponseErrorObject(format));
            } catch (JsonProcessingException e2) {
                throw new IllegalStateException(String.format("Unexpected: Failed to serialize a plain Java string '%s' into a JSON. Double check the provided mapper's configuration.", format), e2);
            }
        }
    }

    private ResponseEntity<String> invokeVaadinEndpointMethod(String str, String str2, Method method, ObjectNode objectNode, VaadinEndpointData vaadinEndpointData, HttpServletRequest httpServletRequest) throws JsonProcessingException {
        String check = this.accessChecker.check(method, httpServletRequest);
        if (check != null) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(createResponseErrorObject(String.format("Endpoint '%s' method '%s' request cannot be accessed, reason: '%s'", str, str2, check)));
        }
        Map<String, JsonNode> requestParameters = getRequestParameters(objectNode);
        Type[] javaParameters = getJavaParameters(method, ClassUtils.getUserClass(vaadinEndpointData.vaadinEndpointObject));
        if (javaParameters.length != requestParameters.size()) {
            return ResponseEntity.badRequest().body(createResponseErrorObject(String.format("Incorrect number of parameters for endpoint '%s' method '%s', expected: %s, got: %s", str, str2, Integer.valueOf(javaParameters.length), Integer.valueOf(requestParameters.size()))));
        }
        try {
            Object[] vaadinEndpointParameters = getVaadinEndpointParameters(requestParameters, javaParameters, str2, str);
            Set validateParameters = this.validator.forExecutables().validateParameters(vaadinEndpointData.getEndpointObject(), method, vaadinEndpointParameters, new Class[0]);
            if (!validateParameters.isEmpty()) {
                return ResponseEntity.badRequest().body(this.vaadinEndpointMapper.writeValueAsString(new EndpointValidationException(String.format("Validation error in endpoint '%s' method '%s'", str, str2), createMethodValidationErrors(validateParameters)).getSerializationData()));
            }
            try {
                Object invoke = method.invoke(vaadinEndpointData.getEndpointObject(), vaadinEndpointParameters);
                String checkValueForAnnotatedElement = this.explicitNullableTypeChecker.checkValueForAnnotatedElement(invoke, method);
                if (checkValueForAnnotatedElement != null) {
                    EndpointException endpointException = new EndpointException(String.format("Unexpected return value in endpoint '%s' method '%s'. %s", str, str2, checkValueForAnnotatedElement));
                    getLogger().error(endpointException.getMessage());
                    return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(this.vaadinEndpointMapper.writeValueAsString(endpointException.getSerializationData()));
                }
                Set validateReturnValue = this.validator.forExecutables().validateReturnValue(vaadinEndpointData.getEndpointObject(), method, invoke, new Class[0]);
                if (!validateReturnValue.isEmpty()) {
                    getLogger().error("Endpoint '{}' method '{}' had returned a value that has validation errors: '{}', this might cause bugs on the client side. Fix the method implementation.", str, str2, validateReturnValue);
                }
                return ResponseEntity.ok(this.vaadinEndpointMapper.writeValueAsString(invoke));
            } catch (IllegalAccessException e) {
                String format = String.format("Endpoint '%s' method '%s' access failure", str, str2);
                getLogger().error(format, (Throwable) e);
                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(createResponseErrorObject(format));
            } catch (IllegalArgumentException e2) {
                String format2 = String.format("Received incorrect arguments for endpoint '%s' method '%s'. Expected parameter types (and their order) are: '[%s]'", str, str2, listMethodParameterTypes(javaParameters));
                getLogger().debug(format2, (Throwable) e2);
                return ResponseEntity.badRequest().body(createResponseErrorObject(format2));
            } catch (InvocationTargetException e3) {
                return handleMethodExecutionError(str, str2, e3);
            }
        } catch (EndpointValidationException e4) {
            getLogger().debug("Endpoint '{}' method '{}' received invalid response", str, str2, e4);
            return ResponseEntity.badRequest().body(this.vaadinEndpointMapper.writeValueAsString(e4.getSerializationData()));
        }
    }

    private Type[] getJavaParameters(Method method, Type type) {
        return (Type[]) Stream.of((Object[]) GenericTypeReflector.getExactParameterTypes(method, type)).toArray(i -> {
            return new Type[i];
        });
    }

    private ResponseEntity<String> handleMethodExecutionError(String str, String str2, InvocationTargetException invocationTargetException) throws JsonProcessingException {
        if (EndpointException.class.isAssignableFrom(invocationTargetException.getCause().getClass())) {
            EndpointException endpointException = (EndpointException) invocationTargetException.getCause();
            getLogger().debug("Endpoint '{}' method '{}' aborted the execution", str, str2, endpointException);
            return ResponseEntity.badRequest().body(this.vaadinEndpointMapper.writeValueAsString(endpointException.getSerializationData()));
        }
        String format = String.format("Endpoint '%s' method '%s' execution failure", str, str2);
        getLogger().error(format, (Throwable) invocationTargetException);
        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(createResponseErrorObject(format));
    }

    private String createResponseErrorObject(String str) throws JsonProcessingException {
        return this.vaadinEndpointMapper.writeValueAsString(Collections.singletonMap(EndpointException.ERROR_MESSAGE_FIELD, str));
    }

    private String listMethodParameterTypes(Type[] typeArr) {
        return (String) Stream.of((Object[]) typeArr).map((v0) -> {
            return v0.getTypeName();
        }).collect(Collectors.joining(CSSMediaList.DEFAULT_MEDIA_STRING_SEPARATOR));
    }

    private Object[] getVaadinEndpointParameters(Map<String, JsonNode> map, Type[] typeArr, String str, String str2) {
        Object[] objArr = new Object[typeArr.length];
        String[] strArr = new String[map.size()];
        map.keySet().toArray(strArr);
        HashMap hashMap = new HashMap();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (int i = 0; i < typeArr.length; i++) {
            Type type = typeArr[i];
            try {
                Object readValue = this.vaadinEndpointMapper.readerFor(this.vaadinEndpointMapper.getTypeFactory().constructType(type)).readValue(map.get(strArr[i]));
                objArr[i] = readValue;
                if (readValue != null) {
                    linkedHashSet.addAll(this.validator.validate(readValue, new Class[0]));
                }
            } catch (IOException e) {
                String typeName = type.getTypeName();
                getLogger().error("Unable to deserialize an endpoint '{}' method '{}' parameter '{}' with type '{}'", str2, str, strArr[i], typeName, e);
                hashMap.put(strArr[i], typeName);
            }
        }
        if (hashMap.isEmpty() && linkedHashSet.isEmpty()) {
            return objArr;
        }
        throw getInvalidEndpointParametersException(str, str2, hashMap, linkedHashSet);
    }

    private EndpointValidationException getInvalidEndpointParametersException(String str, String str2, Map<String, String> map, Set<ConstraintViolation<Object>> set) {
        ArrayList arrayList = new ArrayList(map.size() + set.size());
        for (Map.Entry<String, String> entry : map.entrySet()) {
            arrayList.add(new EndpointValidationException.ValidationErrorData(String.format("Unable to deserialize an endpoint method parameter into type '%s'", entry.getValue()), entry.getKey()));
        }
        arrayList.addAll(createBeanValidationErrors(set));
        return new EndpointValidationException(String.format("Validation error in endpoint '%s' method '%s'", str2, str), arrayList);
    }

    private List<EndpointValidationException.ValidationErrorData> createBeanValidationErrors(Collection<ConstraintViolation<Object>> collection) {
        return (List) collection.stream().map(constraintViolation -> {
            return new EndpointValidationException.ValidationErrorData(String.format("Object of type '%s' has invalid property '%s' with value '%s', validation error: '%s'", constraintViolation.getRootBeanClass(), constraintViolation.getPropertyPath().toString(), constraintViolation.getInvalidValue(), constraintViolation.getMessage()), constraintViolation.getPropertyPath().toString());
        }).collect(Collectors.toList());
    }

    private List<EndpointValidationException.ValidationErrorData> createMethodValidationErrors(Collection<ConstraintViolation<Object>> collection) {
        return (List) collection.stream().map(constraintViolation -> {
            String path = constraintViolation.getPropertyPath().toString();
            return new EndpointValidationException.ValidationErrorData(String.format("Method '%s' of the object '%s' received invalid parameter '%s' with value '%s', validation error: '%s'", path.split("\\.")[0], constraintViolation.getRootBeanClass(), path, constraintViolation.getInvalidValue(), constraintViolation.getMessage()), path);
        }).collect(Collectors.toList());
    }

    private Map<String, JsonNode> getRequestParameters(ObjectNode objectNode) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (objectNode != null) {
            objectNode.fields().forEachRemaining(entry -> {
            });
        }
        return linkedHashMap;
    }
}
