package org.wso2.photo.edit.services;

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Properties;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HttpsURLConnection;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.oltu.oauth2.common.OAuth;
import org.json.JSONArray;
import org.json.JSONObject;
import org.wso2.photo.edit.CommonUtils;
import org.wso2.photo.edit.OAuth2Constants;
import org.wso2.photo.edit.SampleContextEventListener;

/* loaded from: input_file:WEB-INF/classes/org/wso2/photo/edit/services/PermissionService.class */
public class PermissionService extends HttpServlet {
    private static final String POLICY_ID = "album-1-policy";
    private static String target;
    private static final Logger LOGGER = Logger.getLogger(PermissionService.class.getName());
    private static String xacmlRequest = "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://org.apache.axis2/xsd\" xmlns:xsd1=\"http://dto.entitlement.identity.carbon.wso2.org/xsd\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <xsd:updatePolicy>\n         <!--Optional:-->\n         <xsd:policyDTO>\n         \n            <!--Optional:-->\n            <xsd1:policy>\n            <![CDATA[\n                    <Policy xmlns=\"urn:oasis:names:tc:xacml:3.0:core:schema:wd-17\"  PolicyId=\"album-1-policy\" RuleCombiningAlgId=\"urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable\" Version=\"1.0\">\n                        <Target>\n                            <AnyOf>\n                                <AllOf>\n                                    <Match MatchId=\"urn:oasis:names:tc:xacml:1.0:function:string-equal\">\n                                        <AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">${resource-id}</AttributeValue>\n                                        <AttributeDesignator AttributeId=\"http://wso2.org/identity/identity-resource/resource-id\" Category=\"http://wso2.org/identity/identity-resource\" DataType=\"http://www.w3.org/2001/XMLSchema#string\" MustBePresent=\"true\"></AttributeDesignator>\n                                    </Match>\n                                </AllOf>\n                            </AnyOf>\n                         </Target>\n   <Rule Effect=\"Permit\" RuleId=\"permit_for_username\">                        ${target}\n                            <Condition>\n                                <Apply FunctionId=\"urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of\">\n                                    <Apply FunctionId=\"urn:oasis:names:tc:xacml:1.0:function:string-bag\">\n                                        <AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">view</AttributeValue>\n                                        <AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">download</AttributeValue>\n                                    </Apply>\n                                    <AttributeDesignator AttributeId=\"http://wso2.org/identity/identity-action/action-name\" Category=\"http://wso2.org/identity/identity-action\" DataType=\"http://www.w3.org/2001/XMLSchema#string\" MustBePresent=\"true\"></AttributeDesignator>\n                                </Apply>\n                            </Condition>\n                        </Rule>\n                        <Rule Effect=\"Deny\" RuleId=\"Deny_all\"></Rule>\n                    </Policy>      \n                ]]>\n            </xsd1:policy>\n           \n            <xsd1:policyEditorData></xsd1:policyEditorData>\n            <!--Optional:-->\n            <xsd1:policyId>album-1-policy</xsd1:policyId>\n           \n         </xsd:policyDTO>\n      </xsd:updatePolicy>\n   </soapenv:Body>\n</soapenv:Envelope>";
    private static String publishPolicyRequest = "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://org.apache.axis2/xsd\">\n    <soapenv:Header/>\n    <soapenv:Body>\n        <ns3:publishPolicies xmlns:ns3=\"http://org.apache.axis2/xsd\">\n            <ns3:policyIds>album-1-policy</ns3:policyIds>\n            <ns3:subscriberIds>PDP Subscriber</ns3:subscriberIds>\n            <ns3:action>CREATE</ns3:action>\n            <ns3:version xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:nil=\"1\"/>\n            <ns3:enabled>true</ns3:enabled>\n            <ns3:order>0</ns3:order>\n        </ns3:publishPolicies>\n    </soapenv:Body>\n</soapenv:Envelope>";
    private static String policyDualTarget = "<Target>\n         <AnyOf>\n            <AllOf>\n               <Match MatchId=\"urn:oasis:names:tc:xacml:1.0:function:string-equal\">\n                  <AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">oliver</AttributeValue>\n                  <AttributeDesignator AttributeId=\"http://wso2.org/identity/user/username\" Category=\"http://wso2.org/identity/user\" DataType=\"http://www.w3.org/2001/XMLSchema#string\" MustBePresent=\"false\"></AttributeDesignator>\n               </Match>\n            </AllOf>\n            <AllOf>\n               <Match MatchId=\"urn:oasis:names:tc:xacml:1.0:function:string-equal\">\n                  <AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">pam.uma.demo</AttributeValue>\n                  <AttributeDesignator AttributeId=\"http://wso2.org/identity/user/username\" Category=\"http://wso2.org/identity/user\" DataType=\"http://www.w3.org/2001/XMLSchema#string\" MustBePresent=\"false\"></AttributeDesignator>\n               </Match>\n            </AllOf>\n         </AnyOf>\n      </Target>";
    private static String policySingleTarget = "<Target>\n         <AnyOf>\n            <AllOf>\n               <Match MatchId=\"urn:oasis:names:tc:xacml:1.0:function:string-equal\">\n                  <AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">${authz-user}</AttributeValue>\n                  <AttributeDesignator AttributeId=\"http://wso2.org/identity/user/username\" Category=\"http://wso2.org/identity/user\" DataType=\"http://www.w3.org/2001/XMLSchema#string\" MustBePresent=\"false\"></AttributeDesignator>\n               </Match>\n            </AllOf>\n         </AnyOf>\n      </Target>";

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpServletRequest.getInputStream()));
        StringBuilder sb = new StringBuilder();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            } else {
                sb.append(readLine);
            }
        }
        JSONObject jSONObject = new JSONObject(sb.toString());
        String string = jSONObject.getString("photoId");
        boolean booleanValue = ((Boolean) jSONObject.get("familyView")).booleanValue();
        boolean booleanValue2 = ((Boolean) jSONObject.get("friendView")).booleanValue();
        if (booleanValue && booleanValue2) {
            target = policyDualTarget;
        } else if (booleanValue) {
            target = policySingleTarget.replaceAll("\\$\\{authz-user}", "oliver");
        } else if (booleanValue2) {
            target = policySingleTarget.replaceAll("\\$\\{authz-user}", "pam");
        }
        String str = (String) httpServletRequest.getSession(false).getAttribute("accessToken");
        LOGGER.fine("Retrieved access token from session: " + str);
        String resourceId = getResourceId(httpServletRequest);
        LOGGER.fine("Retrieved resource ID: " + resourceId);
        CommonUtils.addToResourceMap(string, new ResourceTokenData(resourceId, str));
        createPolicy(resourceId);
        publishPolicy();
    }

    private String createResource(HttpServletRequest httpServletRequest) throws IOException {
        String str = CommonUtils.getIdpUrl() + "/api/identity/oauth2/uma/resourceregistration/v1.0/resource/";
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray = new JSONArray();
        jSONArray.put("view");
        jSONObject.put("resource_scopes", jSONArray);
        jSONObject.put("description", "Photo album");
        jSONObject.put("icon_uri", "http://www.example.com/icons/album.png");
        jSONObject.put("type", "http://www.example.com/rsrcs/photo-album");
        jSONObject.put(OAuth2Constants.NAME, "album" + UUID.randomUUID().toString());
        String jSONObject2 = jSONObject.toString();
        LOGGER.fine("Resource creation request payload: " + jSONObject2);
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
        httpsURLConnection.setRequestMethod(OAuth.HttpMethod.POST);
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.AUTHORIZATION, CommonUtils.getBearerHeader(httpServletRequest));
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.CONTENT_TYPE, OAuth.ContentType.JSON);
        httpsURLConnection.setDoOutput(true);
        new DataOutputStream(httpsURLConnection.getOutputStream()).writeBytes(jSONObject2);
        return new JSONObject(CommonUtils.readFromResponse(httpsURLConnection)).getString("_id");
    }

    private String getResourceId(HttpServletRequest httpServletRequest) throws IOException {
        String property = SampleContextEventListener.getProperties().getProperty("resource_id");
        if (StringUtils.isNotBlank(property)) {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(CommonUtils.getIdpUrl() + "/api/identity/oauth2/uma/resourceregistration/v1.0/resource/" + property).openConnection();
            httpURLConnection.setRequestMethod(OAuth.HttpMethod.GET);
            httpURLConnection.setRequestProperty(OAuth.HeaderType.AUTHORIZATION, CommonUtils.getBearerHeader(httpServletRequest));
            if (httpURLConnection.getResponseCode() == 200) {
                return property;
            }
        }
        String createResource = createResource(httpServletRequest);
        updateAppProperties("resource_id", createResource, true);
        return createResource;
    }

    private static void updateAppProperties(String str, String str2, boolean z) {
        SampleContextEventListener.getProperties().put(str, str2);
        if (z) {
            updatePropertyFile(str, str2);
        }
    }

    private static void updatePropertyFile(String str, String str2) {
        Path path = Paths.get(SampleContextEventListener.getPropertyFilePath(), new String[0]);
        Properties properties = new Properties();
        try {
            InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
            Throwable th = null;
            try {
                try {
                    properties.load(newInputStream);
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (IOException e) {
            LOGGER.log(Level.SEVERE, e.getMessage(), (Throwable) e);
        }
        properties.put(str, str2);
        try {
            OutputStream newOutputStream = Files.newOutputStream(path, new OpenOption[0]);
            Throwable th4 = null;
            try {
                try {
                    properties.store(newOutputStream, (String) null);
                    if (newOutputStream != null) {
                        if (0 != 0) {
                            try {
                                newOutputStream.close();
                            } catch (Throwable th5) {
                                th4.addSuppressed(th5);
                            }
                        } else {
                            newOutputStream.close();
                        }
                    }
                } catch (Throwable th6) {
                    th4 = th6;
                    throw th6;
                }
            } finally {
            }
        } catch (IOException e2) {
            LOGGER.log(Level.SEVERE, e2.getMessage(), (Throwable) e2);
        }
    }

    private void createPolicy(String str) throws IOException {
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(CommonUtils.getIdpUrl() + "/services/EntitlementPolicyAdminService").openConnection();
        httpsURLConnection.setRequestMethod(OAuth.HttpMethod.POST);
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.AUTHORIZATION, CommonUtils.getAuthHeader());
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.CONTENT_TYPE, "text/xml");
        httpsURLConnection.setRequestProperty("SOAPAction", "updatePolicy");
        httpsURLConnection.setDoOutput(true);
        DataOutputStream dataOutputStream = new DataOutputStream(httpsURLConnection.getOutputStream());
        String replaceAll = xacmlRequest.replaceAll("\\$\\{resource-id}", str).replaceAll("\\$\\{target}", target);
        LOGGER.fine("XACML policy update request: " + replaceAll);
        dataOutputStream.writeBytes(replaceAll);
        LOGGER.fine("XACML policy update request status: " + httpsURLConnection.getResponseCode());
        LOGGER.fine("XACML policy update response: " + CommonUtils.readFromResponse(httpsURLConnection));
    }

    private void publishPolicy() throws IOException {
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(CommonUtils.getIdpUrl() + "/services/EntitlementPolicyAdminService").openConnection();
        httpsURLConnection.setRequestMethod(OAuth.HttpMethod.POST);
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.AUTHORIZATION, CommonUtils.getAuthHeader());
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.CONTENT_TYPE, "text/xml");
        httpsURLConnection.setRequestProperty("SOAPAction", "publishPolicies");
        httpsURLConnection.setDoOutput(true);
        new DataOutputStream(httpsURLConnection.getOutputStream()).writeBytes(publishPolicyRequest);
        LOGGER.fine("XACML policy publish status: " + httpsURLConnection.getResponseCode());
        LOGGER.fine("XACML policy publish response: " + CommonUtils.readFromResponse(httpsURLConnection));
    }
}
