package com.atlassian.bitbucket.internal.ssh.service;

import com.atlassian.activeobjects.spi.TransactionSynchronisationManager;
import com.atlassian.bitbucket.event.cluster.ClusterNodeAddedEvent;
import com.atlassian.bitbucket.internal.ssh.dao.SshConfigurationDao;
import com.atlassian.bitbucket.internal.ssh.server.HostKeyPairProvider;
import com.atlassian.bitbucket.nav.NavBuilder;
import com.atlassian.bitbucket.permission.Permission;
import com.atlassian.bitbucket.permission.PermissionValidationService;
import com.atlassian.bitbucket.server.ApplicationPropertiesService;
import com.atlassian.bitbucket.ssh.SimpleSshConfiguration;
import com.atlassian.bitbucket.ssh.SimpleSshKeyFingerprint;
import com.atlassian.bitbucket.ssh.SshConfiguration;
import com.atlassian.bitbucket.ssh.SshConfigurationService;
import com.atlassian.bitbucket.ssh.SshKeyFingerprint;
import com.atlassian.bitbucket.ssh.event.SshConfigurationChangedEvent;
import com.atlassian.bitbucket.topic.Topic;
import com.atlassian.bitbucket.topic.TopicService;
import com.atlassian.bitbucket.topic.TopicSettings;
import com.atlassian.bitbucket.util.ValidationUtils;
import com.atlassian.event.api.EventListener;
import com.atlassian.event.api.EventPublisher;
import com.atlassian.sal.api.lifecycle.LifecycleAware;
import com.atlassian.sal.api.transaction.TransactionTemplate;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Objects;
import javax.annotation.Nonnull;
import javax.validation.Validator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-ssh-5.16.0.jar:com/atlassian/bitbucket/internal/ssh/service/DefaultSshConfigurationService.class */
public class DefaultSshConfigurationService implements SshConfigurationService, SshBaseUrlResolver, LifecycleAware {
    static final int DEFAULT_PORT = 7999;
    static final String PLUGIN_PROPERTY_SSH_BASEURL = "plugin.ssh.baseurl";
    static final String SYS_PROP_PORT_OVERRIDE = "plugin.ssh.port";
    static final String TOPIC_SSH_CONFIG = "ssh.configuration";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SshConfigurationService.class);
    private final ApplicationPropertiesService applicationPropertiesService;
    private final EventPublisher eventPublisher;
    private final HostKeyPairProvider hostKeyPairProvider;
    private final NavBuilder navBuilder;
    private final PermissionValidationService permissionValidationService;
    private final SshConfigurationDao sshConfigurationDao;
    private final Topic<String> topic;
    private final TransactionTemplate transactionTemplate;
    private final TransactionSynchronisationManager transactionSynchronisationManager;
    private final Validator validator;
    private String subscriptionId;
    private volatile SshConfiguration configuration;

    public DefaultSshConfigurationService(ApplicationPropertiesService applicationPropertiesService, EventPublisher eventPublisher, HostKeyPairProvider hostKeyPairProvider, NavBuilder navBuilder, PermissionValidationService permissionValidationService, SshConfigurationDao sshConfigurationDao, TransactionTemplate transactionTemplate, TransactionSynchronisationManager transactionSynchronisationManager, TopicService topicService, Validator validator) {
        this.applicationPropertiesService = applicationPropertiesService;
        this.eventPublisher = eventPublisher;
        this.hostKeyPairProvider = hostKeyPairProvider;
        this.navBuilder = navBuilder;
        this.permissionValidationService = permissionValidationService;
        this.sshConfigurationDao = sshConfigurationDao;
        this.transactionTemplate = transactionTemplate;
        this.transactionSynchronisationManager = transactionSynchronisationManager;
        this.validator = validator;
        this.topic = topicService.getTopic(TOPIC_SSH_CONFIG, new TopicSettings.Builder(String.class).dedupePendingMessages(true).build());
        this.subscriptionId = this.topic.subscribe(messageEvent -> {
            if (messageEvent.getSource().isLocal()) {
                return;
            }
            log.debug("Received SSH configuration reload trigger from node {}", messageEvent.getSource().getAddress());
            SshConfiguration configuration = getConfiguration();
            loadConfiguration(true);
            SshConfiguration configuration2 = getConfiguration();
            if (Objects.equals(configuration, configuration2)) {
                return;
            }
            this.eventPublisher.publish(new SshConfigurationChangedEvent(this, configuration, configuration2));
        });
    }

    @Override // com.atlassian.bitbucket.ssh.SshConfigurationService, com.atlassian.bitbucket.internal.ssh.service.SshBaseUrlResolver
    @Nonnull
    public String getBaseUrl() {
        String baseUrl = getConfiguration().getBaseUrl();
        if (baseUrl == null) {
            baseUrl = getDefaultBaseUrl();
        }
        return baseUrl;
    }

    @Override // com.atlassian.bitbucket.ssh.SshConfigurationService
    @Nonnull
    public SshConfiguration getConfiguration() {
        SshConfiguration sshConfiguration = this.configuration;
        while (true) {
            SshConfiguration sshConfiguration2 = sshConfiguration;
            if (sshConfiguration2 != null) {
                return sshConfiguration2;
            }
            loadConfiguration(false);
            sshConfiguration = this.configuration;
        }
    }

    @Override // com.atlassian.bitbucket.internal.ssh.service.SshBaseUrlResolver
    @Nonnull
    public String getDefaultBaseUrl() {
        try {
            return String.format("ssh://%s:%s", new URI(this.navBuilder.buildBaseUrl()).getHost(), Integer.valueOf(getConfiguration().getPort()));
        } catch (URISyntaxException e) {
            throw new IllegalStateException("Base URL is not a valid URI");
        }
    }

    @EventListener
    public void onClusterNodeAdded(ClusterNodeAddedEvent clusterNodeAddedEvent) {
        if (clusterNodeAddedEvent.isMaybeNetworkPartitionResolved()) {
            loadConfiguration(true);
        }
    }

    @Override // com.atlassian.bitbucket.ssh.SshConfigurationService
    public void setConfiguration(@Nonnull SshConfiguration sshConfiguration) {
        this.permissionValidationService.validateForGlobal(Permission.SYS_ADMIN);
        ValidationUtils.validate(this.validator, sshConfiguration, new Class[0]);
        this.transactionTemplate.execute(() -> {
            SshConfiguration configuration = getConfiguration();
            if (Objects.equals(configuration, sshConfiguration)) {
                return null;
            }
            this.sshConfigurationDao.setConfiguration(sshConfiguration);
            this.transactionSynchronisationManager.runOnSuccessfulCommit(() -> {
                this.configuration = sshConfiguration;
                this.eventPublisher.publish(new SshConfigurationChangedEvent(this, configuration, sshConfiguration));
                log.debug("Notifying other nodes of configuration change");
                this.topic.publish("reload-config");
            });
            return null;
        });
    }

    @Override // com.atlassian.bitbucket.ssh.SshConfigurationService
    @Nonnull
    public SshKeyFingerprint getServerFingerprint() {
        return new SimpleSshKeyFingerprint(this.hostKeyPairProvider.getAlgorithm(), this.hostKeyPairProvider.getFingerprint());
    }

    @Override // com.atlassian.sal.api.lifecycle.LifecycleAware
    public void onStart() {
        loadConfiguration(false);
    }

    @Override // com.atlassian.sal.api.lifecycle.LifecycleAware
    public void onStop() {
        if (this.subscriptionId != null) {
            this.topic.unsubscribe(this.subscriptionId);
        }
        this.subscriptionId = null;
    }

    private String getSshBaseUrlFromProperties() {
        return this.applicationPropertiesService.getPluginProperty(PLUGIN_PROPERTY_SSH_BASEURL);
    }

    private int getSshPortFromProperties() {
        String pluginProperty = this.applicationPropertiesService.getPluginProperty(SYS_PROP_PORT_OVERRIDE);
        if (pluginProperty == null) {
            return DEFAULT_PORT;
        }
        try {
            return Integer.parseInt(pluginProperty);
        } catch (NumberFormatException e) {
            log.warn("Override {} value [{}] is not valid, ignoring", SYS_PROP_PORT_OVERRIDE, pluginProperty, e);
            return DEFAULT_PORT;
        }
    }

    private synchronized boolean loadConfiguration(boolean z) {
        if (this.configuration != null && !z) {
            return false;
        }
        this.configuration = this.sshConfigurationDao.getConfiguration().orElseGet(() -> {
            return new SimpleSshConfiguration(true, true, getSshPortFromProperties(), getSshBaseUrlFromProperties());
        });
        return true;
    }
}
