package org.thingsboard.server.transport.lwm2m.server.store;

import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.eclipse.leshan.core.SecurityMode;
import org.eclipse.leshan.core.peer.OscoreIdentity;
import org.eclipse.leshan.server.security.NonUniqueSecurityInfoException;
import org.eclipse.leshan.server.security.SecurityInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.thingsboard.server.transport.lwm2m.secure.LwM2mCredentialsSecurityInfoValidator;
import org.thingsboard.server.transport.lwm2m.secure.TbLwM2MSecurityInfo;
import org.thingsboard.server.transport.lwm2m.server.client.LwM2MAuthException;
import org.thingsboard.server.transport.lwm2m.server.uplink.LwM2mTypeServer;

/* loaded from: input_file:org/thingsboard/server/transport/lwm2m/server/store/TbLwM2mSecurityStore.class */
public class TbLwM2mSecurityStore implements TbMainSecurityStore {
    private static final Logger log = LoggerFactory.getLogger(TbLwM2mSecurityStore.class);
    private final TbEditableSecurityStore securityStore;
    private final LwM2mCredentialsSecurityInfoValidator validator;
    private final ConcurrentMap<String, Set<String>> endpointRegistrations = new ConcurrentHashMap();

    public TbLwM2mSecurityStore(TbEditableSecurityStore tbEditableSecurityStore, LwM2mCredentialsSecurityInfoValidator lwM2mCredentialsSecurityInfoValidator) {
        this.securityStore = tbEditableSecurityStore;
        this.validator = lwM2mCredentialsSecurityInfoValidator;
    }

    @Override // org.thingsboard.server.transport.lwm2m.server.store.TbSecurityStore
    public TbLwM2MSecurityInfo getTbLwM2MSecurityInfoByEndpoint(String str) {
        return this.securityStore.getTbLwM2MSecurityInfoByEndpoint(str);
    }

    public SecurityInfo getByEndpoint(String str) {
        SecurityInfo byEndpoint = this.securityStore.getByEndpoint(str);
        if (byEndpoint == null) {
            byEndpoint = fetchAndPutSecurityInfo(str);
        } else if (byEndpoint.usePSK() && byEndpoint.getEndpoint().equals(SecurityMode.NO_SEC.toString()) && byEndpoint.getPskIdentity().equals(SecurityMode.NO_SEC.toString()) && Arrays.equals(SecurityMode.NO_SEC.toString().getBytes(), byEndpoint.getPreSharedKey())) {
            return null;
        }
        return byEndpoint;
    }

    public SecurityInfo getByIdentity(String str) {
        SecurityInfo byIdentity = this.securityStore.getByIdentity(str);
        if (byIdentity == null) {
            try {
                byIdentity = fetchAndPutSecurityInfo(str);
            } catch (LwM2MAuthException e) {
                log.trace("Registration failed: No pre-shared key found for [identity: {}]", str);
                return null;
            }
        }
        return byIdentity;
    }

    public SecurityInfo getByOscoreIdentity(OscoreIdentity oscoreIdentity) {
        return null;
    }

    public SecurityInfo fetchAndPutSecurityInfo(String str) {
        TbLwM2MSecurityInfo endpointSecurityInfoByCredentialsId = this.validator.getEndpointSecurityInfoByCredentialsId(str, LwM2mTypeServer.CLIENT);
        doPut(endpointSecurityInfoByCredentialsId);
        if (endpointSecurityInfoByCredentialsId != null) {
            return endpointSecurityInfoByCredentialsId.getSecurityInfo();
        }
        return null;
    }

    private void doPut(TbLwM2MSecurityInfo tbLwM2MSecurityInfo) {
        if (tbLwM2MSecurityInfo != null) {
            try {
                this.securityStore.put(tbLwM2MSecurityInfo);
            } catch (NonUniqueSecurityInfoException e) {
                log.trace("Failed to add security info: {}", tbLwM2MSecurityInfo, e);
            }
        }
    }

    @Override // org.thingsboard.server.transport.lwm2m.server.store.TbMainSecurityStore
    public void putX509(TbLwM2MSecurityInfo tbLwM2MSecurityInfo) throws NonUniqueSecurityInfoException {
        this.securityStore.put(tbLwM2MSecurityInfo);
    }

    @Override // org.thingsboard.server.transport.lwm2m.server.store.TbMainSecurityStore
    public void registerX509(String str, String str2) {
        this.endpointRegistrations.computeIfAbsent(str, str3 -> {
            return new HashSet();
        }).add(str2);
    }

    @Override // org.thingsboard.server.transport.lwm2m.server.store.TbMainSecurityStore
    public void remove(String str, String str2) {
        boolean isEmpty;
        Set<String> set = this.endpointRegistrations.get(str);
        if (set == null) {
            isEmpty = true;
        } else {
            set.remove(str2);
            isEmpty = set.isEmpty();
        }
        if (isEmpty) {
            this.securityStore.remove(str);
        }
    }
}
