package io.jans.as.server.uma.service;

import io.jans.as.common.model.registration.Client;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.uma.UmaNeedInfoResponse;
import io.jans.as.model.uma.persistence.UmaPermission;
import io.jans.as.persistence.model.Scope;
import io.jans.as.server.service.external.ExternalUmaRptPolicyService;
import io.jans.as.server.uma.authorization.Claims;
import io.jans.as.server.uma.authorization.UmaAuthorizationContext;
import io.jans.as.server.uma.authorization.UmaAuthorizationContextBuilder;
import io.jans.as.server.uma.authorization.UmaPCT;
import io.jans.as.server.uma.authorization.UmaScriptByScope;
import io.jans.as.server.util.ServerUtil;
import io.jans.model.custom.script.conf.CustomScriptConfiguration;
import io.jans.model.uma.ClaimDefinition;
import jakarta.ejb.Stateless;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.Response;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;

@Named
@Stateless
/* loaded from: input_file:io/jans/as/server/uma/service/UmaNeedsInfoService.class */
public class UmaNeedsInfoService {

    @Inject
    private Logger log;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private UmaPermissionService permissionService;

    @Inject
    private UmaResourceService resourceService;

    @Inject
    private ExternalUmaRptPolicyService policyService;

    @Inject
    private UmaSessionService sessionService;

    public static Set<String> getScriptDNs(List<Scope> list) {
        HashSet hashSet = new HashSet();
        Iterator<Scope> it = list.iterator();
        while (it.hasNext()) {
            List umaAuthorizationPolicies = it.next().getUmaAuthorizationPolicies();
            if (umaAuthorizationPolicies != null) {
                hashSet.addAll(umaAuthorizationPolicies);
            }
        }
        return hashSet;
    }

    public Map<UmaScriptByScope, UmaAuthorizationContext> checkNeedsInfo(Claims claims, Map<Scope, Boolean> map, List<UmaPermission> list, UmaPCT umaPCT, HttpServletRequest httpServletRequest, Client client) {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        ArrayList arrayList = new ArrayList();
        UmaAuthorizationContextBuilder umaAuthorizationContextBuilder = new UmaAuthorizationContextBuilder(this.appConfiguration, this.resourceService, list, map, claims, httpServletRequest, this.sessionService, this.permissionService, client);
        for (Scope scope : map.keySet()) {
            List<String> umaAuthorizationPolicies = scope.getUmaAuthorizationPolicies();
            if (umaAuthorizationPolicies == null || umaAuthorizationPolicies.isEmpty()) {
                this.log.trace("No policies defined for scope: {}, scopeDn: {}", scope.getId(), scope.getDn());
            } else {
                for (String str : umaAuthorizationPolicies) {
                    CustomScriptConfiguration scriptByDn = this.policyService.getScriptByDn(str);
                    if (scriptByDn != null) {
                        UmaAuthorizationContext build = umaAuthorizationContextBuilder.build(scriptByDn);
                        hashMap.put(new UmaScriptByScope(scope, scriptByDn), build);
                        List<ClaimDefinition> requiredClaims = this.policyService.getRequiredClaims(scriptByDn, build);
                        if (requiredClaims != null && !requiredClaims.isEmpty()) {
                            for (ClaimDefinition claimDefinition : requiredClaims) {
                                if (!claims.has(claimDefinition.getName())) {
                                    arrayList.add(claimDefinition);
                                }
                            }
                        }
                        String claimsGatheringScriptName = this.policyService.getClaimsGatheringScriptName(scriptByDn, build);
                        if (StringUtils.isNotBlank(claimsGatheringScriptName)) {
                            hashMap2.put("gathering_id", constructGatheringScriptNameValue((String) hashMap2.get("gathering_id"), claimsGatheringScriptName));
                        } else {
                            this.log.debug("External 'getClaimsGatheringScriptName' script method return null or blank value, script: {}", scriptByDn.getName());
                        }
                    } else {
                        this.log.error("Unable to load UMA script dn: '{}'", str);
                    }
                }
            }
        }
        if (arrayList.isEmpty()) {
            return hashMap;
        }
        hashMap2.put("pct", umaPCT.getCode());
        String changeTicket = this.permissionService.changeTicket(list, hashMap2);
        UmaNeedInfoResponse umaNeedInfoResponse = new UmaNeedInfoResponse();
        umaNeedInfoResponse.setTicket(changeTicket);
        umaNeedInfoResponse.setError("need_info");
        umaNeedInfoResponse.setRedirectUser(buildClaimsGatheringRedirectUri(hashMap.values(), client, changeTicket));
        umaNeedInfoResponse.setRequiredClaims(arrayList);
        throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(ServerUtil.asJsonSilently(umaNeedInfoResponse)).build());
    }

    private String constructGatheringScriptNameValue(String str, String str2) {
        return StringUtils.isBlank(str) ? str2 : str + " " + str2;
    }

    private String buildClaimsGatheringRedirectUri(Collection<UmaAuthorizationContext> collection, Client client, String str) {
        StringBuilder sb = new StringBuilder();
        Iterator<UmaAuthorizationContext> it = collection.iterator();
        while (it.hasNext()) {
            sb.append(it.next().getRedirectUserParameters().buildQueryString()).append("&");
        }
        String removeEnd = StringUtils.removeEnd(sb.toString(), "&");
        String str2 = this.appConfiguration.getBaseEndpoint() + "/uma/gather_claims";
        if (StringUtils.isNotBlank(removeEnd)) {
            str2 = str2 + "?" + removeEnd;
        }
        return str2 + "&client_id=" + client.getClientId() + "&ticket=" + str;
    }
}
