package org.xdi.oxauth.service.uma.authorization;

import com.unboundid.ldap.sdk.Attribute;
import com.unboundid.ldap.sdk.SearchResultEntry;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.net.util.SubnetUtils;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.jboss.seam.log.Log;
import org.jboss.seam.log.Logging;
import org.xdi.model.GluuAttribute;
import org.xdi.oxauth.model.common.IAuthorizationGrant;
import org.xdi.oxauth.model.common.uma.UmaRPT;
import org.xdi.oxauth.model.uma.persistence.ResourceSetPermission;
import org.xdi.oxauth.model.util.Util;
import org.xdi.oxauth.service.AttributeService;
import org.xdi.oxauth.util.ServerUtil;

/* loaded from: input_file:org/xdi/oxauth/service/uma/authorization/AuthorizationContext.class */
public class AuthorizationContext {
    private static final Log LOG = Logging.getLog(AuthorizationContext.class);
    private final LdapEntryManager ldapEntryManager = ServerUtil.getLdapManager();
    private final UmaRPT m_rpt;
    private final ResourceSetPermission m_permission;
    private final IAuthorizationGrant m_grant;
    private final HttpServletRequest m_httpRequest;
    private final Map<String, List<String>> m_claims;

    public AuthorizationContext(UmaRPT umaRPT, ResourceSetPermission resourceSetPermission, IAuthorizationGrant iAuthorizationGrant, HttpServletRequest httpServletRequest, Map<String, List<String>> map) {
        this.m_rpt = umaRPT;
        this.m_permission = resourceSetPermission;
        this.m_grant = iAuthorizationGrant;
        this.m_httpRequest = httpServletRequest;
        this.m_claims = map;
    }

    public Log getLog() {
        return LOG;
    }

    public HttpServletRequest getHttpRequest() {
        return this.m_httpRequest;
    }

    public List<String> getRequestClaim(String str) {
        List<String> list;
        return (!StringUtils.isNotBlank(str) || this.m_claims == null || (list = this.m_claims.get(str)) == null) ? Collections.emptyList() : Collections.unmodifiableList(list);
    }

    public String getIpAddress() {
        return this.m_httpRequest != null ? this.m_httpRequest.getRemoteAddr() : "";
    }

    public boolean isInNetwork(String str) {
        String ipAddress = getIpAddress();
        if (Util.allNotBlank(new String[]{ipAddress, str})) {
            return new SubnetUtils(str).getInfo().isInRange(ipAddress);
        }
        return false;
    }

    public IAuthorizationGrant getGrant() {
        return this.m_grant;
    }

    public String getAuthLevel() {
        return this.m_grant.getAuthLevel();
    }

    public String getAuthMode() {
        return this.m_grant.getAuthMode();
    }

    public String getClientClaim(String str) {
        return getEntryAttributeValue(getGrant().getClientDn(), str);
    }

    public String getUserClaim(String str) {
        GluuAttribute byClaimName = AttributeService.instance().getByClaimName(str);
        if (byClaimName == null) {
            return null;
        }
        return getEntryAttributeValue(getGrant().getUserDn(), byClaimName.getGluuLdapAttributeName());
    }

    public String getUserClaimByLdapName(String str) {
        return getEntryAttributeValue(getGrant().getUserDn(), str);
    }

    public UmaRPT getRpt() {
        return this.m_rpt;
    }

    public ResourceSetPermission getPermission() {
        return this.m_permission;
    }

    private SearchResultEntry getEntryByDn(String str) {
        try {
            return this.ldapEntryManager.getLdapOperationService().getConnectionPool().getEntry(str);
        } catch (Exception e) {
            LOG.error(e.getMessage(), e, new Object[0]);
            return null;
        }
    }

    private String getEntryAttributeValue(String str, String str2) {
        Attribute attribute;
        SearchResultEntry entryByDn = getEntryByDn(str);
        return (entryByDn == null || (attribute = entryByDn.getAttribute(str2)) == null) ? "" : attribute.getValue();
    }
}
