package io.jans.configapi.auth;

import com.google.common.base.Preconditions;
import io.jans.as.common.service.common.EncryptionService;
import io.jans.as.model.common.ScopeType;
import io.jans.as.model.uma.persistence.UmaResource;
import io.jans.as.persistence.model.Scope;
import io.jans.ca.rs.protect.Condition;
import io.jans.ca.rs.protect.RsResource;
import io.jans.ca.rs.protect.RsResourceList;
import io.jans.configapi.service.ClientService;
import io.jans.configapi.service.ScopeService;
import io.jans.configapi.service.UmaResourceService;
import io.jans.configapi.util.Jackson;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:io/jans/configapi/auth/UmaResourceProtectionService.class */
public class UmaResourceProtectionService {
    public static final String PROTECTION_CONFIGURATION_FILE_NAME = "uma-rs-protect.json";

    @Inject
    Logger log;

    @Inject
    EncryptionService encryptionService;

    @Inject
    UmaResourceProtectionCache umaResourceProtectionCache;

    @Inject
    ScopeService scopeService;

    @Inject
    UmaResourceService umaResourceService;

    @Inject
    ClientService clientService;
    Collection<RsResource> rsResourceList;

    public Collection<RsResource> getResourceList() {
        return this.rsResourceList;
    }

    public void verifyUmaResources() throws Exception {
        RsResourceList rsResourceList = (RsResourceList) Jackson.createJsonMapper().readValue(Thread.currentThread().getContextClassLoader().getResourceAsStream(PROTECTION_CONFIGURATION_FILE_NAME), RsResourceList.class);
        this.log.debug(" \n\n UmaResourceProtectionService::verifyUmaResources() - resourceList = " + rsResourceList + "\n\n");
        this.rsResourceList = rsResourceList.getResources();
        this.log.debug(" \n\n UmaResourceProtectionService::verifyUmaResources() - rsResourceList = " + this.rsResourceList + "\n\n");
        Preconditions.checkNotNull(this.rsResourceList, "Config Api Resource list cannot be null !!!");
        createScopeIfNeeded();
        createResourceIfNeeded();
    }

    private void createScopeIfNeeded() {
        Iterator<RsResource> it = this.rsResourceList.iterator();
        while (it.hasNext()) {
            Iterator it2 = it.next().getConditions().iterator();
            while (it2.hasNext()) {
                Iterator it3 = ((Condition) it2.next()).getScopes().iterator();
                while (true) {
                    if (it3.hasNext()) {
                        String str = (String) it3.next();
                        if (UmaResourceProtectionCache.getScope(str) != null) {
                            this.log.debug("Scope - '" + str + "' exists in cache.");
                            break;
                        }
                        List<Scope> searchScopes = this.scopeService.searchScopes(str, 2);
                        Scope scope = null;
                        if (searchScopes != null && !searchScopes.isEmpty()) {
                            scope = searchScopes.get(0);
                            if (searchScopes.size() > 1) {
                                this.log.error(searchScopes.size() + " UMA Scope with same name.");
                                throw new WebApplicationException("Multiple UMA Scope with same name - " + str, Response.status(Response.Status.INTERNAL_SERVER_ERROR).build());
                            }
                        }
                        if (searchScopes == null || searchScopes.isEmpty()) {
                            this.log.debug("Scope - '" + str + "' does not exist, hence creating it.");
                            scope = new Scope();
                            String uuid = UUID.randomUUID().toString();
                            scope.setId(str);
                            scope.setDisplayName(str);
                            scope.setInum(uuid);
                            scope.setDn(this.scopeService.getDnForScope(uuid));
                            scope.setScopeType(ScopeType.UMA);
                            this.scopeService.addScope(scope);
                        } else {
                            this.log.debug("Scope - '" + str + "' already exists, hence updating it.");
                            scope.setId(str);
                            scope.setDisplayName(str);
                            scope.setDn(this.scopeService.getDnForScope(scope.getInum()));
                            scope.setScopeType(ScopeType.UMA);
                            this.scopeService.updateScope(scope);
                        }
                        UmaResourceProtectionCache.putScope(scope);
                    }
                }
            }
        }
    }

    public void createResourceIfNeeded() {
        this.log.debug(" \n\n UmaResourceProtectionService::createResourceIfNeeded() - rsResourceList = " + this.rsResourceList + "\n\n");
        UmaResourceProtectionCache.getAllUmaResources();
        for (RsResource rsResource : this.rsResourceList) {
            Iterator it = rsResource.getConditions().iterator();
            while (true) {
                if (it.hasNext()) {
                    Condition condition = (Condition) it.next();
                    String str = condition.getHttpMethods() + ":::" + rsResource.getPath();
                    this.log.debug(" \n\n UmaResourceProtectionService::createResourceIfNeeded() - umaResourceName = " + str + "\n\n");
                    if (UmaResourceProtectionCache.getUmaResource(str) != null) {
                        this.log.debug("UmaResource - '" + str + "' exists in cache.");
                        break;
                    }
                    List<UmaResource> findResourcesByName = this.umaResourceService.findResourcesByName(str, 2);
                    this.log.debug(" \n\n UmaResourceProtectionService::createResourceIfNeeded() - findResources() -> umaResources = " + findResourcesByName + "\n\n");
                    UmaResource umaResource = null;
                    if (findResourcesByName != null && !findResourcesByName.isEmpty()) {
                        umaResource = findResourcesByName.get(0);
                        if (findResourcesByName.size() > 1) {
                            this.log.error(findResourcesByName.size() + " UMA Resource with same name.");
                            throw new WebApplicationException("Multiple UMA Resource with same name - " + str, Response.status(Response.Status.INTERNAL_SERVER_ERROR).build());
                        }
                    }
                    if (findResourcesByName == null || findResourcesByName.isEmpty()) {
                        this.log.debug("UmaResource - '" + findResourcesByName + "' does not exist, hence creating it.");
                        umaResource = new UmaResource();
                        String uuid = UUID.randomUUID().toString();
                        umaResource.setId(uuid);
                        umaResource.setDn(this.umaResourceService.getDnForResource(uuid));
                        umaResource.setName(str);
                        umaResource.setScopes(condition.getScopes());
                        umaResource.setCreationDate(getCreationDate(rsResource));
                        umaResource.setDescription("Config API Resource - " + str);
                        this.umaResourceService.addResource(umaResource);
                    } else {
                        this.log.debug("UmaResource - '" + findResourcesByName + "' already exists, hence updating it.");
                        umaResource.setName(str);
                        umaResource.setScopes(condition.getScopes());
                        this.umaResourceService.updateResource(umaResource);
                    }
                    UmaResourceProtectionCache.putUmaResource(str, umaResource);
                }
            }
        }
    }

    private Date getCreationDate(RsResource rsResource) {
        Date time = Calendar.getInstance().getTime();
        if (rsResource.getIat() != null && rsResource.getIat().intValue() > 0) {
            time = new Date(rsResource.getIat().intValue() * 1000);
        }
        return time;
    }
}
