package com.erudika.para.iot;

import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.profile.internal.ProfileKeyConstants;
import com.amazonaws.services.iot.AWSIot;
import com.amazonaws.services.iot.AWSIotClientBuilder;
import com.amazonaws.services.iot.model.AttachPrincipalPolicyRequest;
import com.amazonaws.services.iot.model.AttachThingPrincipalRequest;
import com.amazonaws.services.iot.model.AttributePayload;
import com.amazonaws.services.iot.model.CertificateStatus;
import com.amazonaws.services.iot.model.CreateKeysAndCertificateRequest;
import com.amazonaws.services.iot.model.CreateKeysAndCertificateResult;
import com.amazonaws.services.iot.model.CreatePolicyRequest;
import com.amazonaws.services.iot.model.CreateThingRequest;
import com.amazonaws.services.iot.model.CreateThingResult;
import com.amazonaws.services.iot.model.DeleteCertificateRequest;
import com.amazonaws.services.iot.model.DeletePolicyRequest;
import com.amazonaws.services.iot.model.DeletePolicyVersionRequest;
import com.amazonaws.services.iot.model.DeleteThingRequest;
import com.amazonaws.services.iot.model.DescribeEndpointRequest;
import com.amazonaws.services.iot.model.DescribeThingRequest;
import com.amazonaws.services.iot.model.DetachPrincipalPolicyRequest;
import com.amazonaws.services.iot.model.DetachThingPrincipalRequest;
import com.amazonaws.services.iot.model.ListPolicyVersionsRequest;
import com.amazonaws.services.iot.model.PolicyVersion;
import com.amazonaws.services.iot.model.UpdateCertificateRequest;
import com.amazonaws.services.iotdata.AWSIotData;
import com.amazonaws.services.iotdata.AWSIotDataClientBuilder;
import com.amazonaws.services.iotdata.model.DeleteThingShadowRequest;
import com.amazonaws.services.iotdata.model.GetThingShadowRequest;
import com.amazonaws.services.iotdata.model.UpdateThingShadowRequest;
import com.erudika.para.DestroyListener;
import com.erudika.para.Para;
import com.erudika.para.core.Thing;
import com.erudika.para.core.utils.ParaObjectUtils;
import com.erudika.para.utils.Config;
import com.erudika.para.utils.Utils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.util.Collections;
import java.util.Map;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/para-server-1.28.2.jar:com/erudika/para/iot/AWSIoTService.class */
public class AWSIoTService implements IoTService {
    private static AWSIot iotClient;
    private static AWSIotData iotDataClient;
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AWSIoTService.class);

    /* JADX WARN: Multi-variable type inference failed */
    protected AWSIot getClient() {
        if (iotClient != null) {
            return iotClient;
        }
        iotClient = ((AWSIotClientBuilder) ((AWSIotClientBuilder) AWSIotClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(new BasicAWSCredentials(Config.AWS_ACCESSKEY, Config.AWS_SECRETKEY)))).withRegion(Config.AWS_REGION)).build();
        Para.addDestroyListener(new DestroyListener() { // from class: com.erudika.para.iot.AWSIoTService.1
            @Override // com.erudika.para.DestroyListener
            public void onDestroy() {
                AWSIoTService.this.shutdownClient();
            }
        });
        return iotClient;
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected AWSIotData getDataClient() {
        if (iotDataClient != null) {
            return iotDataClient;
        }
        iotDataClient = ((AWSIotDataClientBuilder) ((AWSIotDataClientBuilder) AWSIotDataClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(new BasicAWSCredentials(Config.AWS_ACCESSKEY, Config.AWS_SECRETKEY)))).withRegion(Config.AWS_REGION)).build();
        Para.addDestroyListener(new DestroyListener() { // from class: com.erudika.para.iot.AWSIoTService.2
            @Override // com.erudika.para.DestroyListener
            public void onDestroy() {
                AWSIoTService.this.shutdownDataClient();
            }
        });
        return iotDataClient;
    }

    protected void shutdownClient() {
        if (iotClient != null) {
            iotClient.shutdown();
            iotClient = null;
        }
    }

    protected void shutdownDataClient() {
        if (iotDataClient != null) {
            iotDataClient.shutdown();
            iotDataClient = null;
        }
    }

    @Override // com.erudika.para.iot.IoTService
    public Thing createThing(Thing thing) {
        if (thing == null || StringUtils.isBlank(thing.getName()) || StringUtils.isBlank(thing.getAppid()) || existsThing(thing)) {
            return null;
        }
        thing.setId(Utils.getNewId());
        String cloudIDForThing = cloudIDForThing(thing);
        CreateThingResult createThing = getClient().createThing(new CreateThingRequest().withThingName(cloudIDForThing).withAttributePayload(new AttributePayload().addAttributesEntry(Config._APPID, thing.getAppid())));
        CreateKeysAndCertificateResult createKeysAndCertificate = getClient().createKeysAndCertificate(new CreateKeysAndCertificateRequest().withSetAsActive(true));
        getClient().createPolicy(new CreatePolicyRequest().withPolicyDocument((String) (thing.getDeviceMetadata().containsKey("policyJSON") ? thing.getDeviceMetadata().get("policyJSON") : getDefaultPolicyDocument(getAccountIdFromARN(createThing.getThingArn()), cloudIDForThing))).withPolicyName(cloudIDForThing + "-Policy"));
        getClient().attachPrincipalPolicy(new AttachPrincipalPolicyRequest().withPrincipal(createKeysAndCertificate.getCertificateArn()).withPolicyName(cloudIDForThing + "-Policy"));
        getClient().attachThingPrincipal(new AttachThingPrincipalRequest().withPrincipal(createKeysAndCertificate.getCertificateArn()).withThingName(cloudIDForThing));
        thing.getDeviceMetadata().remove("policyJSON");
        thing.setServiceBroker("AWS");
        thing.getDeviceMetadata().put("thingId", thing.getId());
        thing.getDeviceMetadata().put("thingName", cloudIDForThing);
        thing.getDeviceMetadata().put("thingARN", createThing.getThingArn());
        thing.getDeviceMetadata().put("clientId", cloudIDForThing);
        thing.getDeviceMetadata().put("clientCertId", createKeysAndCertificate.getCertificateId());
        thing.getDeviceMetadata().put("clientCertARN", createKeysAndCertificate.getCertificateArn());
        thing.getDeviceMetadata().put("clientCert", createKeysAndCertificate.getCertificatePem());
        thing.getDeviceMetadata().put("privateKey", createKeysAndCertificate.getKeyPair().getPrivateKey());
        thing.getDeviceMetadata().put("publicKey", createKeysAndCertificate.getKeyPair().getPublicKey());
        thing.getDeviceMetadata().put(ProfileKeyConstants.REGION, Config.AWS_REGION);
        thing.getDeviceMetadata().put("port", 8883);
        thing.getDeviceMetadata().put("host", getClient().describeEndpoint(new DescribeEndpointRequest()).getEndpointAddress());
        return thing;
    }

    @Override // com.erudika.para.iot.IoTService
    public Map<String, Object> readThing(Thing thing) {
        if (thing == null || StringUtils.isBlank(thing.getId())) {
            return Collections.emptyMap();
        }
        String cloudIDForThing = cloudIDForThing(thing);
        ByteBuffer payload = getDataClient().getThingShadow(new GetThingShadowRequest().withThingName(cloudIDForThing)).getPayload();
        if (payload != null) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(payload.array());
            try {
                try {
                    Map map = (Map) ParaObjectUtils.getJsonReader(Map.class).readValue(byteArrayInputStream);
                    if (map != null && map.containsKey("state")) {
                        Map<String, Object> map2 = (Map) ((Map) map.get("state")).get("desired");
                        IOUtils.closeQuietly((InputStream) byteArrayInputStream);
                        return map2;
                    }
                    IOUtils.closeQuietly((InputStream) byteArrayInputStream);
                } catch (Exception e) {
                    logger.warn("Failed to connect to IoT device {}: {}", cloudIDForThing, e.getMessage());
                    IOUtils.closeQuietly((InputStream) byteArrayInputStream);
                }
            } catch (Throwable th) {
                IOUtils.closeQuietly((InputStream) byteArrayInputStream);
                throw th;
            }
        }
        return Collections.emptyMap();
    }

    @Override // com.erudika.para.iot.IoTService
    public void updateThing(Thing thing) {
        if (thing == null || StringUtils.isBlank(thing.getId())) {
            return;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        String cloudIDForThing = cloudIDForThing(thing);
        try {
            try {
                ParaObjectUtils.getJsonWriterNoIdent().writeValue(byteArrayOutputStream, Collections.singletonMap("state", Collections.singletonMap("desired", thing.getDeviceState())));
                getDataClient().updateThingShadow(new UpdateThingShadowRequest().withThingName(cloudIDForThing).withPayload(ByteBuffer.wrap(byteArrayOutputStream.toByteArray())));
                IOUtils.closeQuietly((OutputStream) byteArrayOutputStream);
            } catch (Exception e) {
                logger.warn("Failed to connect to IoT device {}: {}", cloudIDForThing, e.getMessage());
                IOUtils.closeQuietly((OutputStream) byteArrayOutputStream);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly((OutputStream) byteArrayOutputStream);
            throw th;
        }
    }

    @Override // com.erudika.para.iot.IoTService
    public void deleteThing(Thing thing) {
        if (thing == null || StringUtils.isBlank(thing.getId())) {
            return;
        }
        String cloudIDForThing = cloudIDForThing(thing);
        String str = (String) thing.getDeviceMetadata().get("clientCertARN");
        String str2 = (String) thing.getDeviceMetadata().get("clientCertId");
        String str3 = cloudIDForThing + "-Policy";
        for (PolicyVersion policyVersion : getClient().listPolicyVersions(new ListPolicyVersionsRequest().withPolicyName(str3)).getPolicyVersions()) {
            if (!policyVersion.isDefaultVersion().booleanValue()) {
                getClient().deletePolicyVersion(new DeletePolicyVersionRequest().withPolicyName(str3).withPolicyVersionId(policyVersion.getVersionId()));
            }
        }
        try {
            getClient().detachThingPrincipal(new DetachThingPrincipalRequest().withPrincipal(str).withThingName(cloudIDForThing));
        } catch (Exception e) {
        }
        try {
            getClient().detachPrincipalPolicy(new DetachPrincipalPolicyRequest().withPrincipal(str).withPolicyName(str3));
        } catch (Exception e2) {
        }
        try {
            getClient().deletePolicy(new DeletePolicyRequest().withPolicyName(str3));
        } catch (Exception e3) {
        }
        try {
            getClient().updateCertificate(new UpdateCertificateRequest().withCertificateId(str2).withNewStatus(CertificateStatus.INACTIVE));
        } catch (Exception e4) {
        }
        try {
            getClient().deleteCertificate(new DeleteCertificateRequest().withCertificateId(str2));
        } catch (Exception e5) {
        }
        getClient().deleteThing(new DeleteThingRequest().withThingName(cloudIDForThing));
        try {
            getDataClient().deleteThingShadow(new DeleteThingShadowRequest().withThingName(cloudIDForThing));
        } catch (Exception e6) {
        }
    }

    private String getDefaultPolicyDocument(String str, String str2) {
        return "{  \"Version\": \"2012-10-17\",  \"Statement\": [    {      \"Effect\": \"Allow\",      \"Action\": [\"iot:Connect\"],      \"Resource\": [\"*\"]    },    {      \"Effect\": \"Allow\",      \"Action\": [\"iot:Publish\"],      \"Resource\": [        \"arn:aws:iot:" + Config.AWS_REGION + ":" + str + ":topic/$aws/things/" + str2 + "/*\"      ]    },    {      \"Effect\": \"Allow\",      \"Action\": [\"iot:Receive\", \"iot:Subscribe\"],      \"Resource\": [\"*\"]    },    {      \"Effect\": \"Allow\",      \"Action\": [        \"iot:UpdateThingShadow\",        \"iot:GetThingShadow\"      ],      \"Resource\": [\"arn:aws:iot:" + Config.AWS_REGION + ":" + str + ":thing/" + str2 + "\"]    }  ]}";
    }

    @Override // com.erudika.para.iot.IoTService
    public boolean existsThing(Thing thing) {
        if (thing == null) {
            return false;
        }
        try {
            return getClient().describeThing(new DescribeThingRequest().withThingName(cloudIDForThing(thing))) != null;
        } catch (Exception e) {
            return false;
        }
    }

    private String getAccountIdFromARN(String str) {
        return StringUtils.contains(str, ":") ? str.split(":")[4] : "";
    }

    private String cloudIDForThing(Thing thing) {
        return thing.getAppid().concat("-").concat(thing.getId());
    }
}
