package org.xdi.oxauth.service.external;

import java.io.File;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.ejb.DependsOn;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.io.FileUtils;
import org.slf4j.Logger;
import org.xdi.model.custom.script.CustomScriptType;
import org.xdi.model.custom.script.conf.CustomScriptConfiguration;
import org.xdi.model.custom.script.type.uma.UmaRptPolicyType;
import org.xdi.model.uma.ClaimDefinition;
import org.xdi.oxauth.uma.authorization.UmaAuthorizationContext;
import org.xdi.service.LookupService;
import org.xdi.service.custom.script.CustomScriptManager;
import org.xdi.service.custom.script.ExternalScriptService;
import org.xdi.util.StringHelper;

@DependsOn({"appInitializer"})
@ApplicationScoped
@Named
/* loaded from: input_file:org/xdi/oxauth/service/external/ExternalUmaRptPolicyService.class */
public class ExternalUmaRptPolicyService extends ExternalScriptService {
    private static final long serialVersionUID = -8609727759114795435L;
    public static final boolean HOTSWAP_UMA_SCRIPT = Boolean.parseBoolean(System.getProperty("uma.hotswap.script"));

    @Inject
    private Logger log;

    @Inject
    private LookupService lookupService;

    @Inject
    private CustomScriptManager scriptManager;
    protected Map<String, CustomScriptConfiguration> scriptInumMap;

    public ExternalUmaRptPolicyService() {
        super(CustomScriptType.UMA_RPT_POLICY);
    }

    protected void reloadExternal() {
        this.scriptInumMap = buildExternalConfigurationsInumMap(this.customScriptConfigurations);
    }

    private Map<String, CustomScriptConfiguration> buildExternalConfigurationsInumMap(List<CustomScriptConfiguration> list) {
        HashMap hashMap = new HashMap(list.size());
        for (CustomScriptConfiguration customScriptConfiguration : list) {
            hashMap.put(customScriptConfiguration.getInum(), customScriptConfiguration);
        }
        return hashMap;
    }

    public CustomScriptConfiguration getScriptByDn(String str) {
        return getScriptByInum(this.lookupService.getInumFromDn(str));
    }

    public CustomScriptConfiguration getScriptByInum(String str) {
        if (StringHelper.isEmpty(str)) {
            return null;
        }
        return this.scriptInumMap.get(str);
    }

    private UmaRptPolicyType policyScript(CustomScriptConfiguration customScriptConfiguration) {
        return HOTSWAP_UMA_SCRIPT ? (UmaRptPolicyType) hotswap(this.scriptManager, customScriptConfiguration, true) : customScriptConfiguration.getExternalType();
    }

    public boolean authorize(CustomScriptConfiguration customScriptConfiguration, UmaAuthorizationContext umaAuthorizationContext) {
        try {
            this.log.debug("Executing python 'authorize' method, script: " + customScriptConfiguration.getName());
            boolean authorize = policyScript(customScriptConfiguration).authorize(umaAuthorizationContext);
            this.log.debug("python 'authorize' result: " + authorize);
            return authorize;
        } catch (Exception e) {
            this.log.error("Failed to execute python 'authorize' method, script: " + customScriptConfiguration.getName() + ", message: " + e.getMessage(), e);
            saveScriptError(customScriptConfiguration.getCustomScript(), e);
            return false;
        }
    }

    public List<ClaimDefinition> getRequiredClaims(CustomScriptConfiguration customScriptConfiguration, UmaAuthorizationContext umaAuthorizationContext) {
        try {
            this.log.debug("Executing python 'getRequiredClaims' method, script: " + customScriptConfiguration.getName());
            List<ClaimDefinition> requiredClaims = policyScript(customScriptConfiguration).getRequiredClaims(umaAuthorizationContext);
            this.log.debug("python 'getRequiredClaims' result: " + requiredClaims);
            return requiredClaims;
        } catch (Exception e) {
            this.log.error("Failed to execute python 'getRequiredClaims' method, script: " + customScriptConfiguration.getName() + ", message: " + e.getMessage(), e);
            saveScriptError(customScriptConfiguration.getCustomScript(), e);
            return new ArrayList();
        }
    }

    public String getClaimsGatheringScriptName(CustomScriptConfiguration customScriptConfiguration, UmaAuthorizationContext umaAuthorizationContext) {
        try {
            this.log.debug("Executing python 'getClaimsGatheringScriptName' method, script: " + customScriptConfiguration.getName());
            String claimsGatheringScriptName = policyScript(customScriptConfiguration).getClaimsGatheringScriptName(umaAuthorizationContext);
            this.log.debug("python 'getClaimsGatheringScriptName' result: " + claimsGatheringScriptName);
            return claimsGatheringScriptName;
        } catch (Exception e) {
            this.log.error("Failed to execute python 'getClaimsGatheringScriptName' method, script: " + customScriptConfiguration.getName() + ", message: " + e.getMessage(), e);
            saveScriptError(customScriptConfiguration.getCustomScript(), e);
            return "";
        }
    }

    public static <T> T hotswap(CustomScriptManager customScriptManager, CustomScriptConfiguration customScriptConfiguration, boolean z) {
        if (!HOTSWAP_UMA_SCRIPT) {
            throw new RuntimeException("UMA script hotswap is not allowed");
        }
        try {
            customScriptConfiguration.getCustomScript().setScript(FileUtils.readFileToString(new File(z ? System.getProperty("uma.hotswap.rpt_policy_script.path") : System.getProperty("uma.hotswap.claims_gathering_script.path"))));
            return (T) customScriptManager.createExternalTypeFromStringWithPythonException(customScriptConfiguration.getCustomScript(), customScriptConfiguration.getConfigurationAttributes());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
