package org.wso2.carbon.apimgt.gateway.opa;

import java.util.Map;
import java.util.TreeMap;
import org.apache.axis2.util.JavaUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.mediators.opa.OPARequestGenerator;
import org.apache.synapse.mediators.opa.OPASecurityException;
import org.apache.synapse.mediators.opa.OPAUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.json.JSONException;
import org.json.JSONObject;
import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
import org.wso2.carbon.apimgt.gateway.MethodTimeLogger;
import org.wso2.carbon.apimgt.gateway.handlers.analytics.Constants;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityUtils;
import org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext;
import org.wso2.carbon.apimgt.gateway.handlers.throttling.APIThrottleConstants;
import org.wso2.carbon.apimgt.gateway.threatprotection.utils.ThreatProtectorConstants;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/opa/APIMOPARequestGenerator.class */
public class APIMOPARequestGenerator implements OPARequestGenerator {
    private static final Log log;
    public static final String ELECTED_RESOURCE_STRING = "API_ELECTED_RESOURCE";
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/opa/APIMOPARequestGenerator$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return APIMOPARequestGenerator.generateRequest_aroundBody0((APIMOPARequestGenerator) objArr2[0], (String) objArr2[1], (String) objArr2[2], (Map) objArr2[3], (MessageContext) objArr2[4], (JoinPoint) objArr2[5]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/opa/APIMOPARequestGenerator$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(APIMOPARequestGenerator.handleResponse_aroundBody2((APIMOPARequestGenerator) objArr2[0], (String) objArr2[1], (String) objArr2[2], (String) objArr2[3], (Map) objArr2[4], (MessageContext) objArr2[5], (JoinPoint) objArr2[6]));
        }
    }

    static {
        ajc$preClinit();
        log = LogFactory.getLog(APIMOPARequestGenerator.class);
    }

    public String generateRequest(String str, String str2, Map<String, String> map, MessageContext messageContext) throws OPASecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, new Object[]{str, str2, map, messageContext});
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, str, str2, map, messageContext, makeJP}).linkClosureAndJoinPoint(69648)) : generateRequest_aroundBody0(this, str, str2, map, messageContext, makeJP);
    }

    public boolean handleResponse(String str, String str2, String str3, Map<String, String> map, MessageContext messageContext) throws OPASecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, new Object[]{str, str2, str3, map, messageContext});
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, str, str2, str3, map, messageContext, makeJP}).linkClosureAndJoinPoint(69648))) : handleResponse_aroundBody2(this, str, str2, str3, map, messageContext, makeJP);
    }

    static final String generateRequest_aroundBody0(APIMOPARequestGenerator aPIMOPARequestGenerator, String str, String str2, Map map, MessageContext messageContext, JoinPoint joinPoint) {
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        TreeMap treeMap = (TreeMap) axis2MessageContext.getProperty(APIMgtGatewayConstants.TRANSPORT_HEADERS);
        String requestIp = OPAUtils.getRequestIp(axis2MessageContext);
        String str3 = (String) axis2MessageContext.getProperty(ThreatProtectorConstants.HTTP_METHOD);
        String str4 = (String) axis2MessageContext.getProperty("TransportInURL");
        String str5 = (String) axis2MessageContext.getProperty("API_ELECTED_RESOURCE");
        AuthenticationContext authenticationContext = (AuthenticationContext) messageContext.getProperty(APISecurityUtils.API_AUTH_CONTEXT);
        if (authenticationContext != null) {
            JSONObject jSONObject3 = new JSONObject();
            jSONObject3.put("apiName", authenticationContext.getApiName());
            jSONObject3.put("apiVersion", authenticationContext.getApiVersion());
            jSONObject3.put("subscriberOrganization", authenticationContext.getSubscriberTenantDomain());
            jSONObject3.put("isAuthenticated", authenticationContext.isAuthenticated());
            jSONObject3.put("issuer", authenticationContext.getIssuer());
            jSONObject3.put("apiPublisher", authenticationContext.getApiPublisher());
            jSONObject3.put("keyType", authenticationContext.getKeyType());
            jSONObject3.put("subscriber", authenticationContext.getSubscriber());
            jSONObject3.put("consumerKey", authenticationContext.getConsumerKey());
            jSONObject3.put("applicationUUID", authenticationContext.getApplicationUUID());
            jSONObject3.put(APIThrottleConstants.APPLICATION_NAME, authenticationContext.getApplicationName());
            jSONObject3.put("username", authenticationContext.getUsername());
            if (map.get("sendAccessToken") != null && JavaUtils.isTrueExplicitly((String) map.get("sendAccessToken"))) {
                jSONObject3.put("accessToken", authenticationContext.getAccessToken());
            }
            jSONObject2.put(Constants.API_CONTEXT_KEY, jSONObject3);
        }
        jSONObject2.put("requestOrigin", requestIp);
        jSONObject2.put("method", str3);
        jSONObject2.put("path", str4);
        jSONObject2.put("transportHeaders", new JSONObject(treeMap));
        jSONObject2.put("electedResource", str5);
        if (map.get("additionalMCProperties") != null) {
            for (String str6 : ((String) map.get("additionalMCProperties")).split(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR)) {
                if (messageContext.getProperty(str6) != null) {
                    jSONObject2.put(str6, messageContext.getProperty(str6));
                }
            }
        }
        jSONObject.put("input", jSONObject2);
        return jSONObject.toString();
    }

    static final boolean handleResponse_aroundBody2(APIMOPARequestGenerator aPIMOPARequestGenerator, String str, String str2, String str3, Map map, MessageContext messageContext, JoinPoint joinPoint) {
        if ("{}".equals(str3)) {
            log.error("Empty result received for the OPA policy " + str + " for rule " + str2);
            throw new OPASecurityException(902011, "Empty result received for the OPA policy " + str + " for rule " + str2);
        }
        try {
            JSONObject jSONObject = new JSONObject(str3);
            return str2 != null ? jSONObject.getBoolean("result") : ((JSONObject) jSONObject.get("allow")).getBoolean("result");
        } catch (JSONException e) {
            log.error("Error parsing OPA JSON response, the field \"result\" not found or not a Boolean", e);
            throw new OPASecurityException(902011, "Unexpected OPA mediator failure", e);
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("APIMOPARequestGenerator.java", APIMOPARequestGenerator.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "generateRequest", "org.wso2.carbon.apimgt.gateway.opa.APIMOPARequestGenerator", "java.lang.String:java.lang.String:java.util.Map:org.apache.synapse.MessageContext", "policyName:rule:additionalParameters:messageContext", "org.apache.synapse.mediators.opa.OPASecurityException", "java.lang.String"), 46);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "handleResponse", "org.wso2.carbon.apimgt.gateway.opa.APIMOPARequestGenerator", "java.lang.String:java.lang.String:java.lang.String:java.util.Map:org.apache.synapse.MessageContext", "policyName:rule:opaResponse:additionalParameters:messageContext", "org.apache.synapse.mediators.opa.OPASecurityException", "boolean"), 108);
    }
}
