package org.xdi.oxauth.uma.service;

import com.google.common.base.Preconditions;
import com.unboundid.ldap.sdk.Filter;
import com.unboundid.util.StaticUtils;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.lang.StringUtils;
import org.gluu.site.ldap.persistence.BatchOperation;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.slf4j.Logger;
import org.xdi.ldap.model.SearchScope;
import org.xdi.ldap.model.SimpleBranch;
import org.xdi.oxauth.model.config.StaticConfiguration;
import org.xdi.oxauth.model.error.ErrorResponseFactory;
import org.xdi.oxauth.model.uma.persistence.UmaResource;
import org.xdi.service.CacheService;
import org.xdi.util.StringHelper;

@Stateless
@Named
/* loaded from: input_file:org/xdi/oxauth/uma/service/UmaResourceService.class */
public class UmaResourceService {
    private static final int RESOURCE_CACHE_EXPIRATION_IN_SECONDS = 120;

    @Inject
    private Logger log;

    @Inject
    private LdapEntryManager ldapEntryManager;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    @Inject
    private StaticConfiguration staticConfiguration;

    @Inject
    private CacheService cacheService;

    public void addBranch() {
        SimpleBranch simpleBranch = new SimpleBranch();
        simpleBranch.setOrganizationalUnitName("resources");
        simpleBranch.setDn(getDnForResource(null));
        this.ldapEntryManager.persist(simpleBranch);
    }

    public void addResource(UmaResource umaResource) {
        validate(umaResource);
        this.ldapEntryManager.persist(umaResource);
        putInCache(umaResource);
    }

    public void validate(UmaResource umaResource) {
        Preconditions.checkArgument(StringUtils.isNotBlank(umaResource.getName()), "Name is required for resource.");
        Preconditions.checkArgument(!(umaResource.getScopes() == null || umaResource.getScopes().isEmpty()) || StringUtils.isNotBlank(umaResource.getScopeExpression()), "Scope must be specified for resource.");
        Preconditions.checkState(!umaResource.isExpired(), "UMA Resource expired. It must not be expired.");
        prepareBranch();
    }

    public void updateResource(UmaResource umaResource) {
        validate(umaResource);
        this.ldapEntryManager.merge(umaResource);
    }

    public void remove(UmaResource umaResource) {
        this.ldapEntryManager.remove(umaResource);
    }

    public void remove(String str) {
        this.ldapEntryManager.remove(getResourceById(str));
    }

    public void remove(List<UmaResource> list) {
        Iterator<UmaResource> it = list.iterator();
        while (it.hasNext()) {
            remove(it.next());
        }
    }

    public List<UmaResource> getResourcesByAssociatedClient(String str) {
        try {
            prepareBranch();
            if (StringUtils.isNotBlank(str)) {
                return this.ldapEntryManager.findEntries(getBaseDnForResource(), UmaResource.class, Filter.create(String.format("&(oxAssociatedClient=%s)", str)));
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
        return Collections.emptyList();
    }

    private List<UmaResource> findResources(UmaResource umaResource) {
        return this.ldapEntryManager.findEntries(umaResource);
    }

    public boolean containsResource(UmaResource umaResource) {
        return this.ldapEntryManager.contains(umaResource);
    }

    public Set<UmaResource> getResources(Set<String> set) {
        HashSet hashSet = new HashSet();
        if (set != null) {
            for (String str : set) {
                UmaResource resourceById = getResourceById(str);
                if (resourceById != null) {
                    hashSet.add(resourceById);
                } else {
                    this.log.error("Failed to find resource by id: " + str);
                }
            }
        }
        return hashSet;
    }

    public UmaResource getResourceById(String str) {
        UmaResource fromCache = fromCache(getDnForResource(str));
        if (fromCache != null) {
            this.log.trace("UMA Resource from cache, id: " + str);
            return fromCache;
        }
        prepareBranch();
        UmaResource umaResource = new UmaResource();
        umaResource.setDn(getBaseDnForResource());
        umaResource.setId(str);
        List<UmaResource> findResources = findResources(umaResource);
        if (findResources.size() == 0) {
            this.log.error("Failed to find resource set with id: " + str);
            this.errorResponseFactory.throwUmaNotFoundException();
        } else if (findResources.size() > 1) {
            this.log.error("Multiple resource sets found with given id: " + str);
            this.errorResponseFactory.throwUmaInternalErrorException();
        }
        return findResources.get(0);
    }

    private void prepareBranch() {
        if (this.ldapEntryManager.contains(SimpleBranch.class, getDnForResource(null))) {
            return;
        }
        addBranch();
    }

    public UmaResource getResourceByDn(String str) {
        UmaResource fromCache = fromCache(str);
        return fromCache != null ? fromCache : (UmaResource) this.ldapEntryManager.find(UmaResource.class, str);
    }

    public String getDnForResource(String str) {
        return StringHelper.isEmpty(str) ? getBaseDnForResource() : String.format("oxId=%s,%s", str, getBaseDnForResource());
    }

    public String getBaseDnForResource() {
        return String.format("ou=resources,%s", this.staticConfiguration.getBaseDn().getUmaBase());
    }

    private void putInCache(UmaResource umaResource) {
        if (umaResource == null) {
            return;
        }
        try {
            this.cacheService.put(Integer.toString(RESOURCE_CACHE_EXPIRATION_IN_SECONDS), umaResource.getDn(), umaResource, true);
        } catch (Exception e) {
            this.log.error("Failed to put client in cache, client:" + umaResource, e);
        }
    }

    private UmaResource fromCache(String str) {
        try {
            return (UmaResource) this.cacheService.get((String) null, str);
        } catch (Exception e) {
            this.log.error("Failed to fetch client from cache, dn: " + str, e);
            return null;
        }
    }

    public boolean removeFromCache(UmaResource umaResource) {
        try {
            this.cacheService.remove((String) null, umaResource.getDn());
            return true;
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
            return false;
        }
    }

    public void cleanup(Date date) {
        prepareBranch();
        final Filter createLessOrEqualFilter = Filter.createLessOrEqualFilter("oxAuthExpiration", StaticUtils.encodeGeneralizedTime(date));
        new BatchOperation<UmaResource>(this.ldapEntryManager) { // from class: org.xdi.oxauth.uma.service.UmaResourceService.1
            protected List<UmaResource> getChunkOrNull(int i) {
                return UmaResourceService.this.ldapEntryManager.findEntries(UmaResourceService.this.getBaseDnForResource(), UmaResource.class, createLessOrEqualFilter, SearchScope.SUB, new String[]{""}, this, 0, 0, 25);
            }

            public void performAction(List<UmaResource> list) {
                Iterator<UmaResource> it = list.iterator();
                while (it.hasNext()) {
                    try {
                        UmaResourceService.this.remove(it.next());
                    } catch (Exception e) {
                        UmaResourceService.this.log.error("Failed to remove UMA resource on cleaning.", e);
                    }
                }
            }
        }.iterateAllByChunks(25);
    }
}
