package org.thingsboard.server.transport.snmp.service;

import java.beans.ConstructorProperties;
import java.util.Optional;
import org.snmp4j.CommunityTarget;
import org.snmp4j.Target;
import org.snmp4j.UserTarget;
import org.snmp4j.security.SecurityProtocols;
import org.snmp4j.security.USM;
import org.snmp4j.security.UsmUser;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.GenericAddress;
import org.snmp4j.smi.OID;
import org.snmp4j.smi.OctetString;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.thingsboard.server.common.data.device.data.SnmpDeviceTransportConfiguration;
import org.thingsboard.server.common.data.device.profile.SnmpDeviceProfileTransportConfiguration;
import org.thingsboard.server.common.data.transport.snmp.SnmpProtocolVersion;
import org.thingsboard.server.queue.util.TbSnmpTransportComponent;
import org.thingsboard.server.transport.snmp.session.DeviceSessionContext;

@TbSnmpTransportComponent
@Service
/* loaded from: input_file:org/thingsboard/server/transport/snmp/service/SnmpAuthService.class */
public class SnmpAuthService {
    private final SnmpTransportService snmpTransportService;

    @Value("${transport.snmp.underlying_protocol}")
    private String snmpUnderlyingProtocol;

    /* renamed from: org.thingsboard.server.transport.snmp.service.SnmpAuthService$1, reason: invalid class name */
    /* loaded from: input_file:org/thingsboard/server/transport/snmp/service/SnmpAuthService$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$thingsboard$server$common$data$transport$snmp$SnmpProtocolVersion = new int[SnmpProtocolVersion.values().length];

        static {
            try {
                $SwitchMap$org$thingsboard$server$common$data$transport$snmp$SnmpProtocolVersion[SnmpProtocolVersion.V1.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$thingsboard$server$common$data$transport$snmp$SnmpProtocolVersion[SnmpProtocolVersion.V2C.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$thingsboard$server$common$data$transport$snmp$SnmpProtocolVersion[SnmpProtocolVersion.V3.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public Target setUpSnmpTarget(SnmpDeviceProfileTransportConfiguration snmpDeviceProfileTransportConfiguration, SnmpDeviceTransportConfiguration snmpDeviceTransportConfiguration) {
        CommunityTarget communityTarget;
        SnmpProtocolVersion protocolVersion = snmpDeviceTransportConfiguration.getProtocolVersion();
        switch (AnonymousClass1.$SwitchMap$org$thingsboard$server$common$data$transport$snmp$SnmpProtocolVersion[protocolVersion.ordinal()]) {
            case 1:
                CommunityTarget communityTarget2 = new CommunityTarget();
                communityTarget2.setSecurityModel(1);
                communityTarget2.setSecurityLevel(1);
                communityTarget2.setCommunity(new OctetString(snmpDeviceTransportConfiguration.getCommunity()));
                communityTarget = communityTarget2;
                break;
            case 2:
                CommunityTarget communityTarget3 = new CommunityTarget();
                communityTarget3.setSecurityModel(2);
                communityTarget3.setSecurityLevel(1);
                communityTarget3.setCommunity(new OctetString(snmpDeviceTransportConfiguration.getCommunity()));
                communityTarget = communityTarget3;
                break;
            case 3:
                OctetString octetString = new OctetString(snmpDeviceTransportConfiguration.getUsername());
                OctetString octetString2 = new OctetString(snmpDeviceTransportConfiguration.getSecurityName());
                OctetString fromString = OctetString.fromString(snmpDeviceTransportConfiguration.getEngineId(), 16);
                OID oid = new OID(snmpDeviceTransportConfiguration.getAuthenticationProtocol().getOid());
                OctetString octetString3 = (OctetString) Optional.ofNullable(SecurityProtocols.getInstance().passwordToKey(oid, new OctetString(snmpDeviceTransportConfiguration.getAuthenticationPassphrase()), fromString.getValue())).map(OctetString::new).orElseThrow(() -> {
                    return new UnsupportedOperationException("Authentication protocol " + String.valueOf(snmpDeviceTransportConfiguration.getAuthenticationProtocol()) + " is not supported");
                });
                OID oid2 = new OID(snmpDeviceTransportConfiguration.getPrivacyProtocol().getOid());
                OctetString octetString4 = (OctetString) Optional.ofNullable(SecurityProtocols.getInstance().passwordToKey(oid2, oid, new OctetString(snmpDeviceTransportConfiguration.getPrivacyPassphrase()), fromString.getValue())).map(OctetString::new).orElseThrow(() -> {
                    return new UnsupportedOperationException("Privacy protocol " + String.valueOf(snmpDeviceTransportConfiguration.getPrivacyProtocol()) + " is not supported");
                });
                USM usm = this.snmpTransportService.getSnmp().getUSM();
                if (usm.hasUser(fromString, octetString2)) {
                    usm.removeAllUsers(octetString, fromString);
                }
                usm.addUser(octetString, fromString, new UsmUser(octetString, oid, octetString3, oid2, octetString4, fromString));
                CommunityTarget userTarget = new UserTarget();
                userTarget.setSecurityName(octetString2);
                userTarget.setAuthoritativeEngineID(fromString.getValue());
                userTarget.setSecurityModel(3);
                userTarget.setSecurityLevel(3);
                communityTarget = userTarget;
                break;
            default:
                throw new UnsupportedOperationException("SNMP protocol version " + String.valueOf(protocolVersion) + " is not supported");
        }
        communityTarget.setAddress((Address) Optional.ofNullable(GenericAddress.parse(this.snmpUnderlyingProtocol + ":" + snmpDeviceTransportConfiguration.getHost() + "/" + snmpDeviceTransportConfiguration.getPort())).orElseThrow(() -> {
            return new IllegalArgumentException("Address of the SNMP device is invalid");
        }));
        communityTarget.setTimeout(snmpDeviceProfileTransportConfiguration.getTimeoutMs().intValue());
        communityTarget.setRetries(snmpDeviceProfileTransportConfiguration.getRetries().intValue());
        communityTarget.setVersion(protocolVersion.getCode());
        return communityTarget;
    }

    public void cleanUpSnmpAuthInfo(DeviceSessionContext deviceSessionContext) {
        SnmpDeviceTransportConfiguration deviceTransportConfiguration = deviceSessionContext.getDeviceTransportConfiguration();
        if (deviceTransportConfiguration.getProtocolVersion() == SnmpProtocolVersion.V3) {
            this.snmpTransportService.getSnmp().getUSM().removeAllUsers(new OctetString(deviceTransportConfiguration.getUsername()), new OctetString(deviceTransportConfiguration.getEngineId()));
        }
    }

    @ConstructorProperties({"snmpTransportService"})
    public SnmpAuthService(SnmpTransportService snmpTransportService) {
        this.snmpTransportService = snmpTransportService;
    }
}
