package org.gluu.oxauth.uma.service;

import com.google.common.base.Preconditions;
import com.google.common.collect.Sets;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.inject.Named;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.gluu.oxauth.model.config.StaticConfiguration;
import org.gluu.oxauth.model.error.ErrorResponseFactory;
import org.gluu.oxauth.model.uma.UmaErrorResponseType;
import org.gluu.oxauth.model.uma.persistence.UmaResource;
import org.gluu.persist.PersistenceEntryManager;
import org.gluu.persist.model.base.SimpleBranch;
import org.gluu.search.filter.Filter;
import org.gluu.service.CacheService;
import org.gluu.util.StringHelper;
import org.slf4j.Logger;

@Stateless
@Named
/* loaded from: input_file:org/gluu/oxauth/uma/service/UmaResourceService.class */
public class UmaResourceService {
    private static final int RESOURCE_CACHE_EXPIRATION_IN_SECONDS = 120;

    @Inject
    private Logger log;

    @Inject
    private PersistenceEntryManager ldapEntryManager;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    @Inject
    private StaticConfiguration staticConfiguration;

    @Inject
    private CacheService cacheService;

    public void addBranch() {
        SimpleBranch simpleBranch = new SimpleBranch();
        simpleBranch.setOrganizationalUnitName("resources");
        simpleBranch.setDn(getDnForResource(null));
        this.ldapEntryManager.persist(simpleBranch);
    }

    public void addResource(UmaResource umaResource) {
        validate(umaResource);
        this.ldapEntryManager.persist(umaResource);
    }

    public void validate(UmaResource umaResource) {
        Preconditions.checkArgument(StringUtils.isNotBlank(umaResource.getName()), "Name is required for resource.");
        Preconditions.checkArgument(!(umaResource.getScopes() == null || umaResource.getScopes().isEmpty()) || StringUtils.isNotBlank(umaResource.getScopeExpression()), "Scope must be specified for resource.");
        Preconditions.checkState(!umaResource.isExpired(), "UMA Resource expired. It must not be expired.");
        prepareBranch();
    }

    public void updateResource(UmaResource umaResource) {
        updateResource(umaResource, false);
    }

    public void updateResource(UmaResource umaResource, boolean z) {
        if (!z) {
            validate(umaResource);
        }
        this.cacheService.put(umaResource.getDn(), umaResource);
        this.ldapEntryManager.merge(umaResource);
    }

    public void remove(UmaResource umaResource) {
        this.ldapEntryManager.remove(umaResource);
    }

    public void remove(String str) {
        this.ldapEntryManager.remove(getResourceById(str));
    }

    public void remove(List<UmaResource> list) {
        Iterator<UmaResource> it = list.iterator();
        while (it.hasNext()) {
            remove(it.next());
        }
    }

    public List<UmaResource> getResourcesByAssociatedClient(String str) {
        try {
            prepareBranch();
            if (StringUtils.isNotBlank(str)) {
                return this.ldapEntryManager.findEntries(getBaseDnForResource(), UmaResource.class, Filter.createEqualityFilter("oxAssociatedClient", str));
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
        return Collections.emptyList();
    }

    public Set<UmaResource> getResources(Set<String> set) {
        HashSet hashSet = new HashSet();
        if (set != null) {
            for (String str : set) {
                UmaResource resourceById = getResourceById(str);
                if (resourceById != null) {
                    hashSet.add(resourceById);
                } else {
                    this.log.error("Failed to find resource by id: " + str);
                }
            }
        }
        return hashSet;
    }

    public UmaResource getResourceById(String str) {
        prepareBranch();
        try {
            String dnForResource = getDnForResource(str);
            UmaResource umaResource = (UmaResource) this.cacheService.getWithPut(dnForResource, () -> {
                return (UmaResource) this.ldapEntryManager.find(UmaResource.class, dnForResource);
            }, RESOURCE_CACHE_EXPIRATION_IN_SECONDS);
            if (umaResource != null) {
                return umaResource;
            }
        } catch (Exception e) {
            this.log.error("Failed to find resource set with id: " + str, e);
        }
        this.log.error("Failed to find resource set with id: " + str);
        throw this.errorResponseFactory.createWebApplicationException(Response.Status.NOT_FOUND, UmaErrorResponseType.NOT_FOUND, "Failed to find resource set with id: " + str);
    }

    public Set<String> getResourceScopes(Set<String> set) {
        HashSet newHashSet = Sets.newHashSet();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            newHashSet.addAll(getResourceById(it.next()).getScopes());
        }
        return newHashSet;
    }

    private void prepareBranch() {
        if (this.ldapEntryManager.hasBranchesSupport(getDnForResource(null)) && !this.ldapEntryManager.contains(getDnForResource(null), SimpleBranch.class)) {
            addBranch();
        }
    }

    public String getDnForResource(String str) {
        return StringHelper.isEmpty(str) ? getBaseDnForResource() : String.format("oxId=%s,%s", str, getBaseDnForResource());
    }

    public String getBaseDnForResource() {
        return String.format("ou=resources,%s", this.staticConfiguration.getBaseDn().getUmaBase());
    }
}
