package io.jans.configapi.auth;

import com.google.common.base.Preconditions;
import io.jans.as.common.model.registration.Client;
import io.jans.as.common.service.common.EncryptionService;
import io.jans.as.model.common.ScopeType;
import io.jans.as.persistence.model.Scope;
import io.jans.ca.rs.protect.Condition;
import io.jans.ca.rs.protect.RsResource;
import io.jans.ca.rs.protect.RsResourceList;
import io.jans.configapi.service.ClientService;
import io.jans.configapi.service.ScopeService;
import io.jans.configapi.util.Jackson;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:io/jans/configapi/auth/ConfigApiResourceProtectionService.class */
public class ConfigApiResourceProtectionService {
    public static final String PROTECTION_CONFIGURATION_FILE_NAME = "config-api-rs-protect.json";

    @Inject
    Logger log;

    @Inject
    EncryptionService encryptionService;

    @Inject
    ConfigApiProtectionCache configApiProtectionCache;

    @Inject
    ScopeService scopeService;

    @Inject
    ClientService clientService;
    Collection<RsResource> rsResourceList;

    public Collection<RsResource> getResourceList() {
        return this.rsResourceList;
    }

    public void verifyResources(String str, String str2) throws Exception {
        this.log.info("\n ConfigApiResourceProtectionService::verifyResources() - apiProtectionType = " + str + " , clientId = " + str2 + "\n");
        this.rsResourceList = ((RsResourceList) Jackson.createJsonMapper().readValue(Thread.currentThread().getContextClassLoader().getResourceAsStream(PROTECTION_CONFIGURATION_FILE_NAME), RsResourceList.class)).getResources();
        this.log.info("verifyResources() - rsResourceList{} ", this.rsResourceList);
        Preconditions.checkNotNull(this.rsResourceList, "Config Api Resource list cannot be null !!!");
        createScopeIfNeeded(str);
        Logger logger = this.log;
        ConfigApiProtectionCache configApiProtectionCache = this.configApiProtectionCache;
        logger.trace("ConfigApiResourceProtectionService:::verifyResources() - configApiProtectionCache.getAllScopes() = " + ConfigApiProtectionCache.getAllScopes() + "\n\n");
        Logger logger2 = this.log;
        ConfigApiProtectionCache configApiProtectionCache2 = this.configApiProtectionCache;
        logger2.trace("ConfigApiResourceProtectionService:::verifyResources() - configApiProtectionCache.getAllResources() = " + ConfigApiProtectionCache.getAllResources() + "\n\n");
        updateScopeForClientIfNeeded(str2);
    }

    private void createScopeIfNeeded(String str) {
        this.log.info("ConfigApiResourceProtectionService:::createScopeIfNeeded() - apiProtectionType = " + str + "\n ***********");
        for (RsResource rsResource : this.rsResourceList) {
            for (Condition condition : rsResource.getConditions()) {
                String str2 = condition.getHttpMethods() + ":::" + rsResource.getPath();
                ArrayList arrayList = new ArrayList();
                List scopes = condition.getScopes();
                this.log.trace("ConfigApiResourceProtectionService:::createScopeIfNeeded() - resourceName = " + str2 + " ,rsScopes = " + scopes + "\n\n");
                Iterator it = scopes.iterator();
                while (true) {
                    if (it.hasNext()) {
                        String str3 = (String) it.next();
                        this.log.trace("ConfigApiResourceProtectionService:::createScopeIfNeeded() - scopeName = " + str3);
                        ConfigApiProtectionCache configApiProtectionCache = this.configApiProtectionCache;
                        Scope scope = ConfigApiProtectionCache.getScope(str3);
                        Logger logger = this.log;
                        ConfigApiProtectionCache configApiProtectionCache2 = this.configApiProtectionCache;
                        logger.trace("ConfigApiResourceProtectionService:::createScopeIfNeeded() -configApiProtectionCache.getScope(scopeName) = " + ConfigApiProtectionCache.getScope(str3));
                        if (scope != null) {
                            this.log.trace("Scope - '" + str3 + "' exists in cache.");
                            arrayList.add(scope);
                            break;
                        }
                        this.log.trace("Verify Scope in DB - '" + str3);
                        List<Scope> searchScopesById = this.scopeService.searchScopesById(str3);
                        this.log.trace("Scopes from DB - '" + searchScopesById);
                        if (searchScopesById != null && !searchScopesById.isEmpty()) {
                            scope = searchScopesById.get(0);
                            this.log.trace("Scope from DB is - '" + scope.getDisplayName() + " from DB");
                            arrayList.add(scope);
                            if (searchScopesById.size() > 1) {
                                this.log.error(searchScopesById.size() + " Scope with same name - " + str3 + "!");
                                throw new WebApplicationException("Multiple Scope with same name - " + str3, Response.status(Response.Status.INTERNAL_SERVER_ERROR).build());
                            }
                        }
                        ScopeType scopeType = ScopeType.OAUTH;
                        this.log.info("Scope details from DB - '" + searchScopesById);
                        if (searchScopesById == null || searchScopesById.isEmpty()) {
                            this.log.info("Scope - '" + str3 + "' does not exist, hence creating it.");
                            scope = new Scope();
                            String uuid = UUID.randomUUID().toString();
                            scope.setId(str3);
                            scope.setDisplayName(str3);
                            scope.setInum(uuid);
                            scope.setDn(this.scopeService.getDnForScope(uuid));
                            scope.setScopeType(scopeType);
                            this.scopeService.addScope(scope);
                        } else {
                            this.log.info("Scope - '" + str3 + "' already exists, hence updating it.");
                            scope.setId(str3);
                            scope.setScopeType(scopeType);
                            this.scopeService.updateScope(scope);
                        }
                        arrayList.add(scope);
                        ConfigApiProtectionCache configApiProtectionCache3 = this.configApiProtectionCache;
                        ConfigApiProtectionCache.putScope(scope);
                    }
                }
                ConfigApiProtectionCache configApiProtectionCache4 = this.configApiProtectionCache;
                ConfigApiProtectionCache.putResource(str2, arrayList);
                this.log.trace("ConfigApiResourceProtectionService:::createScopeIfNeeded() - resourceName = " + str2 + " ,scopeList = " + arrayList);
            }
        }
    }

    private void updateScopeForClientIfNeeded(String str) throws Exception {
        this.log.info(" Internal clientId = " + str);
        if (StringUtils.isBlank(str)) {
            return;
        }
        try {
            Client clientByInum = this.clientService.getClientByInum(str);
            this.log.debug(" \n\n updateScopeForClientIfNeeded() - Verify client = " + clientByInum + "\n\n");
            if (clientByInum != null) {
                List<String> scopeWithDn = getScopeWithDn(getAllScopes());
                this.log.trace(" \n\n updateScopeForClientIfNeeded() - All scopes = " + scopeWithDn + "\n\n");
                if (clientByInum.getScopes() != null) {
                    List asList = Arrays.asList(clientByInum.getScopes());
                    this.log.trace(" \n\n updateScopeForClientIfNeeded() - Clients existing scopes = " + asList + "\n\n");
                    scopeWithDn.addAll(asList);
                }
                List<String> list = (List) scopeWithDn.stream().distinct().collect(Collectors.toList());
                this.log.trace(" \n\n updateScopeForClientIfNeeded() - Distinct scopes to add = " + list + "\n\n");
                String[] allScopesArray = getAllScopesArray(list);
                this.log.trace(" All Scope to assign to client = " + Arrays.asList(allScopesArray) + "\n");
                clientByInum.setScopes(allScopesArray);
                this.clientService.updateClient(clientByInum);
            }
            this.log.trace(" Verify scopes post assignment, clientId =" + str + " ,scopes = " + Arrays.asList(this.clientService.getClientByInum(str).getScopes()));
        } catch (Exception e) {
            this.log.error("Error while searching internal client " + e);
        }
    }

    private List<String> getAllScopes() {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = ConfigApiProtectionCache.getAllScopes().keySet().iterator();
        while (it.hasNext()) {
            arrayList.add(ConfigApiProtectionCache.getScope(it.next()).getInum());
        }
        return arrayList;
    }

    private String[] getAllScopesArray(List<String> list) {
        String[] strArr = null;
        if (list != null && !list.isEmpty()) {
            strArr = new String[list.size()];
            for (int i = 0; i < list.size(); i++) {
                strArr[i] = list.get(i);
            }
        }
        return strArr;
    }

    private List<String> getScopeWithDn(List<String> list) {
        ArrayList arrayList = null;
        if (list != null && !list.isEmpty()) {
            arrayList = new ArrayList();
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(this.scopeService.getDnForScope(it.next()));
            }
        }
        return arrayList;
    }
}
