package org.xdi.oxauth.service.uma;

import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.util.StaticUtils;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.inject.Named;
import org.gluu.site.ldap.persistence.BatchOperation;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.slf4j.Logger;
import org.xdi.ldap.model.SearchScope;
import org.xdi.ldap.model.SimpleBranch;
import org.xdi.oxauth.model.config.StaticConfiguration;
import org.xdi.oxauth.model.uma.persistence.ResourceSetPermission;

@Stateless
@Named
/* loaded from: input_file:org/xdi/oxauth/service/uma/ResourceSetPermissionManager.class */
public class ResourceSetPermissionManager extends AbstractResourceSetPermissionManager {
    private static final String ORGUNIT_OF_RESOURCE_SET_PERMISSION = "uma_resource_set_permission";

    @Inject
    private Logger log;

    @Inject
    private LdapEntryManager ldapEntryManager;

    @Inject
    private StaticConfiguration staticConfiguration;

    public static String getDn(String str, String str2) {
        return String.format("oxTicket=%s,%s", str2, getBranchDn(str));
    }

    public static String getBranchDn(String str) {
        return String.format("ou=%s,%s", ORGUNIT_OF_RESOURCE_SET_PERMISSION, str);
    }

    @Override // org.xdi.oxauth.service.uma.IResourceSetPermissionManager
    public void addResourceSetPermission(ResourceSetPermission resourceSetPermission, String str) {
        try {
            addBranchIfNeeded(str);
            resourceSetPermission.setDn(getDn(str, resourceSetPermission.getTicket()));
            this.ldapEntryManager.persist(resourceSetPermission);
        } catch (Exception e) {
            this.log.trace(e.getMessage(), e);
        }
    }

    @Override // org.xdi.oxauth.service.uma.IResourceSetPermissionManager
    public ResourceSetPermission getResourceSetPermissionByTicket(String str) {
        try {
            List findEntries = this.ldapEntryManager.findEntries(this.staticConfiguration.getBaseDn().getClients(), ResourceSetPermission.class, Filter.create(String.format("&(oxTicket=%s)", str)));
            if (findEntries == null || findEntries.isEmpty()) {
                return null;
            }
            return (ResourceSetPermission) findEntries.get(0);
        } catch (Exception e) {
            this.log.trace(e.getMessage(), e);
            return null;
        }
    }

    @Override // org.xdi.oxauth.service.uma.IResourceSetPermissionManager
    public String getResourceSetPermissionTicketByConfigurationCode(String str, String str2) {
        ResourceSetPermission resourceSetPermissionByConfigurationCode = getResourceSetPermissionByConfigurationCode(str, str2);
        if (resourceSetPermissionByConfigurationCode != null) {
            return resourceSetPermissionByConfigurationCode.getTicket();
        }
        return null;
    }

    public ResourceSetPermission getResourceSetPermissionByConfigurationCode(String str, String str2) {
        try {
            List findEntries = this.ldapEntryManager.findEntries(str2, ResourceSetPermission.class, Filter.create(String.format("&(oxConfigurationCode=%s)", str)));
            if (findEntries == null || findEntries.isEmpty()) {
                return null;
            }
            return (ResourceSetPermission) findEntries.get(0);
        } catch (Exception e) {
            this.log.trace(e.getMessage(), e);
            return null;
        }
    }

    @Override // org.xdi.oxauth.service.uma.IResourceSetPermissionManager
    public void deleteResourceSetPermission(String str) {
        try {
            ResourceSetPermission resourceSetPermissionByTicket = getResourceSetPermissionByTicket(str);
            if (resourceSetPermissionByTicket != null) {
                this.ldapEntryManager.remove(resourceSetPermissionByTicket);
            }
        } catch (Exception e) {
            this.log.trace(e.getMessage(), e);
        }
    }

    @Override // org.xdi.oxauth.service.uma.IResourceSetPermissionManager
    public void cleanupResourceSetPermissions(final Date date) {
        new BatchOperation<ResourceSetPermission>(this.ldapEntryManager) { // from class: org.xdi.oxauth.service.uma.ResourceSetPermissionManager.1
            protected List<ResourceSetPermission> getChunkOrNull(int i) {
                return ResourceSetPermissionManager.this.ldapEntryManager.findEntries(ResourceSetPermissionManager.this.staticConfiguration.getBaseDn().getClients(), ResourceSetPermission.class, getFilter(), SearchScope.SUB, (String[]) null, this, 0, i, i);
            }

            protected void performAction(List<ResourceSetPermission> list) {
                Iterator<ResourceSetPermission> it = list.iterator();
                while (it.hasNext()) {
                    try {
                        ResourceSetPermissionManager.this.ldapEntryManager.remove(it.next());
                    } catch (Exception e) {
                        ResourceSetPermissionManager.this.log.error("Failed to remove entry", e);
                    }
                }
            }

            private Filter getFilter() {
                try {
                    return Filter.create(String.format("(oxAuthExpiration<=%s)", StaticUtils.encodeGeneralizedTime(date)));
                } catch (LDAPException e) {
                    ResourceSetPermissionManager.this.log.trace(e.getMessage(), e);
                    return Filter.createPresenceFilter("oxAuthExpiration");
                }
            }
        }.iterateAllByChunks(100);
    }

    public void addBranch(String str) {
        SimpleBranch simpleBranch = new SimpleBranch();
        simpleBranch.setOrganizationalUnitName(ORGUNIT_OF_RESOURCE_SET_PERMISSION);
        simpleBranch.setDn(getBranchDn(str));
        this.ldapEntryManager.persist(simpleBranch);
    }

    public void addBranchIfNeeded(String str) {
        if (containsBranch(str)) {
            return;
        }
        addBranch(str);
    }

    public boolean containsBranch(String str) {
        return this.ldapEntryManager.contains(SimpleBranch.class, getBranchDn(str));
    }
}
