package org.wso2.carbon.identity.entitlement.endpoint.resources;

import com.google.gson.Gson;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import javassist.bytecode.Opcode;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.entitlement.dto.EntitledResultSetDTO;
import org.wso2.carbon.identity.entitlement.endpoint.exception.ExceptionBean;
import org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException;
import org.wso2.carbon.identity.entitlement.endpoint.resources.models.AllEntitlementsRequestModel;
import org.wso2.carbon.identity.entitlement.endpoint.resources.models.AllEntitlementsResponseModel;
import org.wso2.carbon.identity.entitlement.endpoint.resources.models.DecisionRequestModel;
import org.wso2.carbon.identity.entitlement.endpoint.resources.models.EntitledAttributesRequestModel;
import org.wso2.carbon.identity.entitlement.endpoint.resources.models.EntitledAttributesResponseModel;
import org.wso2.carbon.identity.entitlement.endpoint.resources.models.HomeResponseModel;
import org.wso2.carbon.identity.entitlement.endpoint.util.EntitlementEndpointConstants;
import org.wso2.carbon.identity.entitlement.endpoint.util.JSONRequestParser;
import org.wso2.carbon.identity.entitlement.endpoint.util.JSONResponseWriter;
import org.wso2.carbon.identity.entitlement.pdp.EntitlementEngine;

@Api(value = "/", description = "Evaluate XACML 3.0 Policies")
@Path("/")
/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.server.entitlement-5.20.283.jar:org/wso2/carbon/identity/entitlement/endpoint/resources/DecisionResource.class */
public class DecisionResource extends AbstractResource {
    private static Log log = LogFactory.getLog(DecisionResource.class);
    private static Gson gson = new Gson();

    @GET
    @ApiResponses({@ApiResponse(code = Opcode.GOTO_W, message = "Method call success", response = HomeResponseModel.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class)})
    @Path("home")
    @Consumes({EntitlementEndpointConstants.APPLICATION_JSON, EntitlementEndpointConstants.APPLICATION_XML})
    @ApiOperation(value = "Get API resource list according to XACML 3.0 Specification", httpMethod = "GET")
    @Produces({EntitlementEndpointConstants.APPLICATION_JSON, EntitlementEndpointConstants.APPLICATION_XML})
    public HomeResponseModel getHome(@HeaderParam("Accept") @ApiParam(value = "Request Media Type", required = true) String str, @HeaderParam("Auth_Type") @ApiParam(value = "Authentication Type", required = true) String str2, @HeaderParam("Authorization") @ApiParam(value = "Add HTTP Basic Authorization", required = true) String str3, @HeaderParam("Content-Type") @ApiParam(value = "Response Media Type", required = true) String str4) {
        return new HomeResponseModel();
    }

    @ApiResponses({@ApiResponse(code = Opcode.GOTO_W, message = "XACML JSON/XML Response"), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_CODE, message = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_RESPONSE_READ_MESSAGE, response = ExceptionBean.class)})
    @Path("pdp")
    @Consumes({EntitlementEndpointConstants.APPLICATION_JSON, EntitlementEndpointConstants.APPLICATION_XML})
    @ApiOperation(value = "Get response by evaluating JSON/XML XACML request", response = String.class)
    @POST
    @Produces({EntitlementEndpointConstants.APPLICATION_JSON, EntitlementEndpointConstants.APPLICATION_XML})
    public String getDecision(@HeaderParam("Accept") @ApiParam(value = "Request Media Type", required = true) String str, @HeaderParam("Auth_Type") @ApiParam(value = "Authentication Type", required = true) String str2, @HeaderParam("Authorization") @ApiParam(value = "Add HTTP Basic Authorization", required = true) String str3, @HeaderParam("Content-Type") @ApiParam(value = "Response Media Type", required = true) String str4, @ApiParam(value = "XACML JSON/XML Request", required = true) String str5) throws Exception {
        if (log.isDebugEnabled()) {
            log.debug("recieved :" + str5);
        }
        EntitlementEngine entitlementEngine = EntitlementEngine.getInstance();
        if (!str4.equals(EntitlementEndpointConstants.APPLICATION_JSON)) {
            return entitlementEngine.evaluate(str5);
        }
        return gson.toJson(JSONResponseWriter.write(entitlementEngine.evaluate(JSONRequestParser.parse(str5), str5)));
    }

    @ApiResponses({@ApiResponse(code = Opcode.GOTO_W, message = "XACML JSON/XML Response"), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_CODE, message = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_RESPONSE_READ_MESSAGE, response = ExceptionBean.class)})
    @Path("by-attrib")
    @Consumes({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    @ApiOperation(value = "Get response by evaluating attributes", response = String.class)
    @POST
    @Produces({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    public String getDecisionByAttributes(@HeaderParam("Accept") @ApiParam(value = "Request Media Type", required = true) String str, @HeaderParam("Auth_Type") @ApiParam(value = "Authentication Type", required = true) String str2, @HeaderParam("Authorization") @ApiParam(value = "Add HTTP Basic Authorization", required = true) String str3, @HeaderParam("Content-Type") @ApiParam(value = "Response Media Type", required = true) String str4, @ApiParam(value = "Decision Request Model", required = true) DecisionRequestModel decisionRequestModel) throws Exception {
        return EntitlementEngine.getInstance().evaluate(decisionRequestModel.getSubject(), decisionRequestModel.getResource(), decisionRequestModel.getAction(), decisionRequestModel.getEnvironment());
    }

    @ApiResponses({@ApiResponse(code = Opcode.GOTO_W, message = "Boolean response"), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_CODE, message = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_RESPONSE_READ_MESSAGE, response = ExceptionBean.class)})
    @Path("by-attrib-boolean")
    @Consumes({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    @ApiOperation(value = "Get boolean response by evaluating attributes", response = Boolean.class)
    @POST
    @Produces({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    public boolean getBooleanDecision(@HeaderParam("Accept") @ApiParam(value = "Request Media Type", required = true) String str, @HeaderParam("Auth_Type") @ApiParam(value = "Authentication Type", required = true) String str2, @HeaderParam("Authorization") @ApiParam(value = "Add HTTP Basic Authorization", required = true) String str3, @HeaderParam("Content-Type") @ApiParam(value = "Response Media Type", required = true) String str4, @ApiParam(value = "Decision Request Model", required = true) DecisionRequestModel decisionRequestModel) throws Exception {
        return EntitlementEngine.getInstance().evaluate(decisionRequestModel.getSubject(), decisionRequestModel.getResource(), decisionRequestModel.getAction(), (String[]) null).contains("Permit");
    }

    @ApiResponses({@ApiResponse(code = Opcode.GOTO_W, message = "Entitled Attributes response", response = EntitledAttributesResponseModel.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_CODE, message = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_RESPONSE_READ_MESSAGE, response = ExceptionBean.class)})
    @Path("entitled-attribs")
    @Consumes({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    @ApiOperation(value = "Get entitled attributes for a given set of parameters", response = EntitledAttributesResponseModel.class)
    @POST
    @Produces({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    public EntitledAttributesResponseModel getEntitledAttributes(@HeaderParam("Accept") @ApiParam(value = "Request Media Type", required = true) String str, @HeaderParam("Auth_Type") @ApiParam(value = "Authentication Type", required = true) String str2, @HeaderParam("Authorization") @ApiParam(value = "Add HTTP Basic Authorization", required = true) String str3, @HeaderParam("Content-Type") @ApiParam(value = "Response Media Type", required = true) String str4, @ApiParam(value = "Entitled Attributes Model", required = true) EntitledAttributesRequestModel entitledAttributesRequestModel) throws Exception {
        if (entitledAttributesRequestModel.getSubjectName() == null) {
            log.error("Invalid input data - either the user name or role name should be non-null");
            throw new RequestParseException(40022, "Invalid input data - either the user name or role name should be non-null");
        }
        EntitledResultSetDTO entitledAttributes = EntitlementEngine.getInstance().getPolicySearch().getEntitledAttributes(entitledAttributesRequestModel.getSubjectName(), entitledAttributesRequestModel.getResourceName(), entitledAttributesRequestModel.getSubjectId(), entitledAttributesRequestModel.getAction(), entitledAttributesRequestModel.isEnableChildSearch());
        EntitledAttributesResponseModel entitledAttributesResponseModel = new EntitledAttributesResponseModel();
        entitledAttributesResponseModel.setEntitledResultSetDTO(entitledAttributes);
        return entitledAttributesResponseModel;
    }

    @ApiResponses({@ApiResponse(code = Opcode.GOTO_W, message = "All Entitlements response", response = AllEntitlementsResponseModel.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_CODE, message = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_CODE, message = EntitlementEndpointConstants.ERROR_RESPONSE_READ_MESSAGE, response = ExceptionBean.class)})
    @Path("entitlements-all")
    @Consumes({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    @ApiOperation(value = "Get all entitlements for a given set of parameters", response = AllEntitlementsResponseModel.class)
    @POST
    @Produces({EntitlementEndpointConstants.APPLICATION_XML, EntitlementEndpointConstants.APPLICATION_JSON})
    public AllEntitlementsResponseModel getAllEntitlements(@HeaderParam("Accept") @ApiParam(value = "Request Media Type", required = true) String str, @HeaderParam("Auth_Type") @ApiParam(value = "Authentication Type", required = true) String str2, @HeaderParam("Authorization") @ApiParam(value = "Add HTTP Basic Authorization", required = true) String str3, @HeaderParam("Content-Type") @ApiParam(value = "Response Media Type", required = true) String str4, @ApiParam(value = "All Entitlements Model", required = true) AllEntitlementsRequestModel allEntitlementsRequestModel) {
        EntitledResultSetDTO entitledAttributes = EntitlementEngine.getInstance().getPolicySearch().getEntitledAttributes(allEntitlementsRequestModel.getIdentifier(), allEntitlementsRequestModel.getGivenAttributes());
        AllEntitlementsResponseModel allEntitlementsResponseModel = new AllEntitlementsResponseModel();
        allEntitlementsResponseModel.setEntitledResultSetDTO(entitledAttributes);
        return allEntitlementsResponseModel;
    }
}
