package org.apache.ranger.biz;

import com.google.common.base.Strings;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.UniformInterfaceException;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.MediaType;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.collections.Predicate;
import org.apache.commons.collections.PredicateUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.fs.CommonConfigurationKeys;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.security.ProviderUtils;
import org.apache.hadoop.security.SecureClientLogin;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.log4j.Logger;
import org.apache.ranger.common.ContextUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.common.RangerConfigUtil;
import org.apache.ranger.common.SortField;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.db.RangerDaoManagerBase;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.util.KeySearchFilter;
import org.apache.ranger.plugin.util.PasswordUtils;
import org.apache.ranger.view.VXKmsKey;
import org.apache.ranger.view.VXKmsKeyList;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/biz/KmsKeyMgr.class */
public class KmsKeyMgr {
    private static final String KMS_KEY_LIST_URI = "v1/keys/names";
    private static final String KMS_ADD_KEY_URI = "v1/keys";
    private static final String KMS_ROLL_KEY_URI = "v1/key/${alias}";
    private static final String KMS_DELETE_KEY_URI = "v1/key/${alias}";
    private static final String KMS_KEY_METADATA_URI = "v1/key/${alias}/_metadata";
    private static final String KMS_URL_CONFIG = "provider";
    private static final String KMS_PASSWORD = "password";
    private static final String KMS_USERNAME = "username";
    static final String NAME_RULES = "hadoop.security.auth_to_local";
    static final String RANGER_AUTH_TYPE = "hadoop.security.authentication";
    private static final String KERBEROS_TYPE = "kerberos";
    private static final String ADMIN_USER_PRINCIPAL = "ranger.admin.kerberos.principal";
    private static final String ADMIN_USER_KEYTAB = "ranger.admin.kerberos.keytab";
    static final String HOST_NAME = "ranger.service.host";

    @Autowired
    ServiceDBStore svcStore;

    @Autowired
    RESTErrorUtil restErrorUtil;

    @Autowired
    RangerConfigUtil configUtil;

    @Autowired
    RangerDaoManagerBase rangerDaoManagerBase;
    private static final Logger logger = Logger.getLogger(KmsKeyMgr.class);
    private static Map<String, String> providerList = new HashMap();
    private static int nextProvider = 0;

    public VXKmsKeyList searchKeys(HttpServletRequest httpServletRequest, String str) throws Exception {
        List<VXKmsKey> subList;
        String[] strArr = null;
        try {
            strArr = getKMSURL(str);
        } catch (Exception e) {
            logger.error("getKey(" + str + ") failed", e);
        }
        ArrayList arrayList = new ArrayList();
        VXKmsKeyList vXKmsKeyList = new VXKmsKeyList();
        String str2 = null;
        boolean z = false;
        try {
            z = checkKerberos();
        } catch (Exception e2) {
            logger.error("checkKerberos(" + str + ") failed", e2);
        }
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                Client client = getClient();
                String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
                String replaceAll = KMS_KEY_LIST_URI.replaceAll(Pattern.quote("${userName}"), currentUserLoginId);
                str2 = strArr[i];
                String str3 = strArr[i] + (strArr[i].endsWith("/") ? replaceAll : "/" + replaceAll);
                final WebResource resource = client.resource(!z ? str3.concat("?user.name=" + currentUserLoginId) : str3.concat("?doAs=" + currentUserLoginId));
                try {
                    String str4 = !z ? (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class) : (String) Subject.doAs(getSubjectForKerberos(str), new PrivilegedAction<String>() { // from class: org.apache.ranger.biz.KmsKeyMgr.1
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.security.PrivilegedAction
                        public String run() {
                            return (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
                        }
                    });
                    Gson create = new GsonBuilder().create();
                    logger.debug(" Search Key RESPONSE: [" + str4 + "]");
                    List<String> list = (List) create.fromJson(str4, List.class);
                    Collections.sort(list);
                    VXKmsKeyList vXKmsKeyList2 = new VXKmsKeyList();
                    ArrayList arrayList2 = new ArrayList();
                    for (String str5 : list) {
                        VXKmsKey vXKmsKey = new VXKmsKey();
                        vXKmsKey.setName(str5);
                        arrayList2.add(vXKmsKey);
                    }
                    vXKmsKeyList2.setVXKeys(arrayList2);
                    vXKmsKeyList = getFilteredKeyList(httpServletRequest, vXKmsKeyList2);
                    break;
                } catch (Exception e3) {
                    if ((e3 instanceof UniformInterfaceException) || i == strArr.length - 1) {
                        throw e3;
                    }
                }
            }
        }
        if (vXKmsKeyList != null && vXKmsKeyList.getVXKeys() != null && !vXKmsKeyList.getVXKeys().isEmpty()) {
            List<VXKmsKey> vXKeys = vXKmsKeyList.getVXKeys();
            int intValue = this.restErrorUtil.parseInt(httpServletRequest.getParameter("startIndex"), 0, "Invalid value for parameter startIndex", MessageEnums.INVALID_INPUT_DATA, null, "startIndex").intValue();
            int i2 = intValue < 0 ? 0 : intValue;
            int intValue2 = this.restErrorUtil.parseInt(httpServletRequest.getParameter("pageSize"), 0, "Invalid value for parameter pageSize", MessageEnums.INVALID_INPUT_DATA, null, "pageSize").intValue();
            int i3 = intValue2 < 0 ? 0 : intValue2;
            vXKmsKeyList.setResultSize(vXKeys.size());
            vXKmsKeyList.setTotalCount(vXKeys.size());
            if (i2 + i3 <= vXKeys.size()) {
                subList = vXKeys.subList(i2, i2 + i3);
            } else {
                i2 = i2 >= vXKeys.size() ? 0 : i2;
                subList = vXKeys.subList(i2, vXKeys.size());
            }
            if (CollectionUtils.isNotEmpty(subList)) {
                for (VXKmsKey vXKmsKey2 : subList) {
                    if (vXKmsKey2 != null) {
                        arrayList.add(getKeyFromUri(str2, vXKmsKey2.getName(), z, str));
                    }
                }
            }
            vXKmsKeyList.setStartIndex(i2);
            vXKmsKeyList.setPageSize(i3);
        }
        if (vXKmsKeyList != null) {
            vXKmsKeyList.setVXKeys(arrayList);
        }
        return vXKmsKeyList;
    }

    public VXKmsKey rolloverKey(String str, VXKmsKey vXKmsKey) throws Exception {
        String[] strArr = null;
        try {
            strArr = getKMSURL(str);
        } catch (Exception e) {
            logger.error("rolloverKey(" + str + ", " + vXKmsKey.getName() + ") failed", e);
        }
        VXKmsKey vXKmsKey2 = null;
        boolean z = false;
        try {
            z = checkKerberos();
        } catch (Exception e2) {
            logger.error("checkKerberos(" + str + ") failed", e2);
        }
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                Client client = getClient();
                String replaceAll = "v1/key/${alias}".replaceAll(Pattern.quote("${alias}"), vXKmsKey.getName());
                String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
                String str2 = strArr[i] + (strArr[i].endsWith("/") ? replaceAll : "/" + replaceAll);
                final WebResource resource = client.resource(!z ? str2.concat("?user.name=" + currentUserLoginId) : str2.concat("?doAs=" + currentUserLoginId));
                Gson create = new GsonBuilder().create();
                final String json = create.toJson(vXKmsKey);
                try {
                    String str3 = !z ? (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, json) : (String) Subject.doAs(getSubjectForKerberos(str), new PrivilegedAction<String>() { // from class: org.apache.ranger.biz.KmsKeyMgr.2
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.security.PrivilegedAction
                        public String run() {
                            return (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, json);
                        }
                    });
                    logger.debug("Roll RESPONSE: [" + str3 + "]");
                    vXKmsKey2 = (VXKmsKey) create.fromJson(str3, VXKmsKey.class);
                    break;
                } catch (Exception e3) {
                    if ((e3 instanceof UniformInterfaceException) || i == strArr.length - 1) {
                        throw e3;
                    }
                }
            }
        }
        return vXKmsKey2;
    }

    public void deleteKey(String str, String str2) throws Exception {
        String[] strArr = null;
        try {
            strArr = getKMSURL(str);
        } catch (Exception e) {
            logger.error("deleteKey(" + str + ", " + str2 + ") failed", e);
        }
        boolean z = false;
        try {
            z = checkKerberos();
        } catch (Exception e2) {
            logger.error("checkKerberos(" + str + ") failed", e2);
        }
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                Client client = getClient();
                String replaceAll = "v1/key/${alias}".replaceAll(Pattern.quote("${alias}"), str2);
                String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
                String str3 = strArr[i] + (strArr[i].endsWith("/") ? replaceAll : "/" + replaceAll);
                final WebResource resource = client.resource(!z ? str3.concat("?user.name=" + currentUserLoginId) : str3.concat("?doAs=" + currentUserLoginId));
                try {
                    logger.debug("delete RESPONSE: [" + (!z ? (String) resource.delete(String.class) : (String) Subject.doAs(getSubjectForKerberos(str), new PrivilegedAction<String>() { // from class: org.apache.ranger.biz.KmsKeyMgr.3
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.security.PrivilegedAction
                        public String run() {
                            return (String) resource.delete(String.class);
                        }
                    })) + "]");
                    return;
                } catch (Exception e3) {
                    if ((e3 instanceof UniformInterfaceException) || i == strArr.length - 1) {
                        throw e3;
                    }
                }
            }
        }
    }

    public VXKmsKey createKey(String str, VXKmsKey vXKmsKey) throws Exception {
        String[] strArr = null;
        try {
            strArr = getKMSURL(str);
        } catch (Exception e) {
            logger.error("createKey(" + str + ", " + vXKmsKey.getName() + ") failed", e);
        }
        VXKmsKey vXKmsKey2 = null;
        boolean z = false;
        try {
            z = checkKerberos();
        } catch (Exception e2) {
            logger.error("checkKerberos(" + str + ") failed", e2);
        }
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                Client client = getClient();
                String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
                String str2 = strArr[i] + (strArr[i].endsWith("/") ? KMS_ADD_KEY_URI : "/v1/keys");
                final WebResource resource = client.resource(!z ? str2.concat("?user.name=" + currentUserLoginId) : str2.concat("?doAs=" + currentUserLoginId));
                Gson create = new GsonBuilder().create();
                final String json = create.toJson(vXKmsKey);
                try {
                    String str3 = !z ? (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, json) : (String) Subject.doAs(getSubjectForKerberos(str), new PrivilegedAction<String>() { // from class: org.apache.ranger.biz.KmsKeyMgr.4
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.security.PrivilegedAction
                        public String run() {
                            return (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, json);
                        }
                    });
                    logger.debug("Create RESPONSE: [" + str3 + "]");
                    vXKmsKey2 = (VXKmsKey) create.fromJson(str3, VXKmsKey.class);
                    return vXKmsKey2;
                } catch (Exception e3) {
                    if ((e3 instanceof UniformInterfaceException) || i == strArr.length - 1) {
                        throw e3;
                    }
                }
            }
        }
        return vXKmsKey2;
    }

    public VXKmsKey getKey(String str, String str2) throws Exception {
        String[] strArr = null;
        try {
            strArr = getKMSURL(str);
        } catch (Exception e) {
            logger.error("getKey(" + str + ", " + str2 + ") failed", e);
        }
        boolean z = false;
        try {
            z = checkKerberos();
        } catch (Exception e2) {
            logger.error("checkKerberos(" + str + ") failed", e2);
        }
        if (strArr == null) {
            return null;
        }
        for (int i = 0; i < strArr.length; i++) {
            Client client = getClient();
            String replaceAll = KMS_KEY_METADATA_URI.replaceAll(Pattern.quote("${alias}"), str2);
            String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
            String str3 = strArr[i] + (strArr[i].endsWith("/") ? replaceAll : "/" + replaceAll);
            final WebResource resource = client.resource(!z ? str3.concat("?user.name=" + currentUserLoginId) : str3.concat("?doAs=" + currentUserLoginId));
            try {
                String str4 = !z ? (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class) : (String) Subject.doAs(getSubjectForKerberos(str), new PrivilegedAction<String>() { // from class: org.apache.ranger.biz.KmsKeyMgr.5
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public String run() {
                        return (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
                    }
                });
                Gson create = new GsonBuilder().create();
                logger.debug("RESPONSE: [" + str4 + "]");
                return (VXKmsKey) create.fromJson(str4, VXKmsKey.class);
            } catch (Exception e3) {
                if ((e3 instanceof UniformInterfaceException) || i == strArr.length - 1) {
                    throw e3;
                }
            }
        }
        return null;
    }

    public VXKmsKey getKeyFromUri(String str, String str2, boolean z, String str3) throws Exception {
        Client client = getClient();
        String replaceAll = KMS_KEY_METADATA_URI.replaceAll(Pattern.quote("${alias}"), str2);
        String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
        String str4 = str + (str.endsWith("/") ? replaceAll : "/" + replaceAll);
        final WebResource resource = client.resource(!z ? str4.concat("?user.name=" + currentUserLoginId) : str4.concat("?doAs=" + currentUserLoginId));
        String str5 = !z ? (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class) : (String) Subject.doAs(getSubjectForKerberos(str3), new PrivilegedAction<String>() { // from class: org.apache.ranger.biz.KmsKeyMgr.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public String run() {
                return (String) resource.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
            }
        });
        Gson create = new GsonBuilder().create();
        logger.debug("RESPONSE: [" + str5 + "]");
        return (VXKmsKey) create.fromJson(str5, VXKmsKey.class);
    }

    private String[] getKMSURL(String str) throws Exception {
        try {
            RangerService serviceByName = this.svcStore.getServiceByName(str);
            if (serviceByName == null) {
                throw new Exception("Service " + str + " not found");
            }
            String str2 = serviceByName.getConfigs().get(KMS_URL_CONFIG);
            if (providerList.containsKey(str2)) {
                str2 = providerList.get(str2);
            } else {
                providerList.put(str2, str2);
            }
            String[] createProvider = createProvider(str2, str2);
            if (createProvider == null) {
                throw new Exception("Providers for service " + str + " not found");
            }
            return createProvider;
        } catch (Exception e) {
            logger.error("getServiceByName(" + str + ") failed", e);
            throw new Exception("getServiceByName(" + str + ") failed", e);
        }
    }

    private String[] createProvider(String str, String str2) throws IOException, URISyntaxException {
        URI uri = new URI(str2);
        URL url = new URL(extractKMSPath(uri).toString());
        String authority = url.getAuthority();
        if (Strings.isNullOrEmpty(authority)) {
            throw new IOException("No valid authority in kms uri [" + url + "]");
        }
        int i = -1;
        String str3 = authority;
        if (authority.contains(":")) {
            String[] split = authority.split(":");
            try {
                i = Integer.parseInt(split[1]);
                str3 = split[0];
            } catch (Exception e) {
                throw new IOException("Could not parse port in kms uri [" + url + "]");
            }
        }
        return createProvider(str, uri, url, i, str3);
    }

    private static Path extractKMSPath(URI uri) throws MalformedURLException, IOException {
        return ProviderUtils.unnestUri(uri);
    }

    private String[] createProvider(String str, URI uri, URL url, int i, String str2) throws IOException {
        String[] split = str2.split(CommonConfigurationKeys.NFS_EXPORTS_ALLOWED_HOSTS_SEPARATOR);
        String[] strArr = new String[split.length];
        if (split.length == 1) {
            strArr[0] = url.toString();
        } else {
            String str3 = uri.getScheme() + "://" + url.getProtocol() + "@";
            for (int i2 = nextProvider; i2 < split.length; i2++) {
                str3 = str3 + split[i2];
                if (i2 != split.length - 1) {
                    str3 = str3 + CommonConfigurationKeys.NFS_EXPORTS_ALLOWED_HOSTS_SEPARATOR;
                }
            }
            for (int i3 = 0; i3 < nextProvider && i3 < split.length; i3++) {
                str3 = str3 + CommonConfigurationKeys.NFS_EXPORTS_ALLOWED_HOSTS_SEPARATOR + split[i3];
            }
            if (nextProvider != split.length - 1) {
                nextProvider++;
            } else {
                nextProvider = 0;
            }
            providerList.put(str, str3 + ":" + i + url.getPath());
            for (int i4 = 0; i4 < split.length; i4++) {
                try {
                    strArr[i4] = new URI(url.getProtocol() + "://" + split[i4] + ":" + i + url.getPath()).toString();
                } catch (URISyntaxException e) {
                    throw new IOException("Could not Prase KMS URL..", e);
                }
            }
        }
        return strArr;
    }

    private Subject getSubjectForKerberos(String str) throws Exception {
        String kMSUserName = getKMSUserName(str);
        String kMSPassword = getKMSPassword(str);
        String property = PropertiesUtil.getProperty("hadoop.security.auth_to_local");
        if (StringUtils.isEmpty(property)) {
            KerberosName.setRules(DFSConfigKeys.DFS_CLIENT_WRITE_REPLACE_DATANODE_ON_FAILURE_POLICY_DEFAULT);
        } else {
            KerberosName.setRules(property);
        }
        new Subject();
        String principal = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(ADMIN_USER_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
        return checkKerberos() ? SecureClientLogin.isKerberosCredentialExists(principal, PropertiesUtil.getProperty(ADMIN_USER_KEYTAB)) ? SecureClientLogin.loginUserFromKeytab(principal, PropertiesUtil.getProperty(ADMIN_USER_KEYTAB), property) : SecureClientLogin.loginUserWithPassword(kMSUserName, kMSPassword) : SecureClientLogin.login(kMSUserName);
    }

    private String getKMSPassword(String str) throws Exception {
        return PasswordUtils.decryptPassword(this.rangerDaoManagerBase.getXXServiceConfigMap().findByServiceAndConfigKey(this.rangerDaoManagerBase.getXXService().findByName(str).getId(), "password").getConfigvalue());
    }

    private String getKMSUserName(String str) throws Exception {
        return this.svcStore.getServiceByName(str).getConfigs().get("username");
    }

    private boolean checkKerberos() throws Exception {
        return "kerberos".equalsIgnoreCase(PropertiesUtil.getProperty("hadoop.security.authentication", "simple"));
    }

    private synchronized Client getClient() {
        DefaultClientConfig defaultClientConfig = new DefaultClientConfig();
        defaultClientConfig.getProperties().put(ClientConfig.PROPERTY_FOLLOW_REDIRECTS, true);
        return Client.create(defaultClientConfig);
    }

    public VXKmsKeyList getFilteredKeyList(HttpServletRequest httpServletRequest, VXKmsKeyList vXKmsKeyList) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new SortField("name", "name"));
        Predicate predicate = getPredicate(getKeySearchFilter(httpServletRequest, arrayList));
        if (predicate != null) {
            CollectionUtils.filter(vXKmsKeyList.getVXKeys(), predicate);
        }
        return vXKmsKeyList;
    }

    private Predicate getPredicate(KeySearchFilter keySearchFilter) {
        if (keySearchFilter == null || keySearchFilter.isEmpty()) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        addPredicateForKeyName(keySearchFilter.getParam("name"), arrayList);
        return CollectionUtils.isEmpty(arrayList) ? null : PredicateUtils.allPredicate(arrayList);
    }

    private Predicate addPredicateForKeyName(final String str, List<Predicate> list) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        Predicate predicate = new Predicate() { // from class: org.apache.ranger.biz.KmsKeyMgr.7
            @Override // org.apache.commons.collections.Predicate
            public boolean evaluate(Object obj) {
                boolean z;
                if (obj == null) {
                    return false;
                }
                if (obj instanceof VXKmsKey) {
                    VXKmsKey vXKmsKey = (VXKmsKey) obj;
                    z = StringUtils.isEmpty(vXKmsKey.getName()) ? true : vXKmsKey.getName().contains(str);
                } else {
                    z = true;
                }
                return z;
            }
        };
        if (list != null) {
            list.add(predicate);
        }
        return predicate;
    }

    private KeySearchFilter getKeySearchFilter(HttpServletRequest httpServletRequest, List<SortField> list) {
        if (httpServletRequest == null) {
            return null;
        }
        KeySearchFilter keySearchFilter = new KeySearchFilter();
        if (MapUtils.isEmpty(httpServletRequest.getParameterMap())) {
            keySearchFilter.setParams(new HashMap());
        }
        keySearchFilter.setParam("name", httpServletRequest.getParameter("name"));
        extractCommonCriteriasForFilter(httpServletRequest, keySearchFilter, list);
        return keySearchFilter;
    }

    private KeySearchFilter extractCommonCriteriasForFilter(HttpServletRequest httpServletRequest, KeySearchFilter keySearchFilter, List<SortField> list) {
        keySearchFilter.setStartIndex(this.restErrorUtil.parseInt(httpServletRequest.getParameter("startIndex"), 0, "Invalid value for parameter startIndex", MessageEnums.INVALID_INPUT_DATA, null, "startIndex").intValue());
        keySearchFilter.setMaxRows(this.restErrorUtil.parseInt(httpServletRequest.getParameter("pageSize"), this.configUtil.getDefaultMaxRows(), "Invalid value for parameter pageSize", MessageEnums.INVALID_INPUT_DATA, null, "pageSize").intValue());
        keySearchFilter.setGetCount(this.restErrorUtil.parseBoolean(httpServletRequest.getParameter("getCount"), true));
        String validateString = this.restErrorUtil.validateString(httpServletRequest.getParameter("sortBy"), StringUtil.VALIDATION_ALPHA, "Invalid value for parameter sortBy", MessageEnums.INVALID_INPUT_DATA, null, "sortBy");
        boolean z = false;
        if (!StringUtils.isEmpty(validateString)) {
            Iterator<SortField> it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SortField next = it.next();
                if (next.getParamName().equalsIgnoreCase(validateString)) {
                    keySearchFilter.setSortBy(next.getParamName());
                    keySearchFilter.setSortType(this.restErrorUtil.validateString(httpServletRequest.getParameter("sortType"), StringUtil.VALIDATION_ALPHA, "Invalid value for parameter sortType", MessageEnums.INVALID_INPUT_DATA, null, "sortType"));
                    z = true;
                    break;
                }
            }
        }
        if (!z && !StringUtils.isEmpty(validateString)) {
            logger.info("Invalid or unsupported sortBy field passed. sortBy=" + validateString, new Throwable());
        }
        if (keySearchFilter.getParams() == null) {
            keySearchFilter.setParams(new HashMap());
        }
        return keySearchFilter;
    }
}
