package org.wso2.choreo.connect.enforcer.interceptor.opa;

import java.util.Arrays;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.json.JSONException;
import org.json.JSONObject;
import org.wso2.choreo.connect.enforcer.commons.logging.ErrorDetails;
import org.wso2.choreo.connect.enforcer.commons.logging.LoggingConstants;
import org.wso2.choreo.connect.enforcer.commons.model.AuthenticationContext;
import org.wso2.choreo.connect.enforcer.commons.model.RequestContext;
import org.wso2.choreo.connect.enforcer.commons.opa.OPAConstants;
import org.wso2.choreo.connect.enforcer.commons.opa.OPARequestGenerator;
import org.wso2.choreo.connect.enforcer.commons.opa.OPASecurityException;
import org.wso2.choreo.connect.enforcer.constants.APIConstants;
import org.wso2.choreo.connect.enforcer.constants.APISecurityConstants;
import org.wso2.choreo.connect.enforcer.constants.AdapterConstants;
import org.wso2.choreo.connect.enforcer.constants.AdminConstants;
import org.wso2.choreo.connect.enforcer.constants.InterceptorConstants;

/* loaded from: input_file:org/wso2/choreo/connect/enforcer/interceptor/opa/OPADefaultRequestGenerator.class */
public class OPADefaultRequestGenerator implements OPARequestGenerator {
    private static final Logger log = LogManager.getLogger(OPADefaultRequestGenerator.class);

    @Override // org.wso2.choreo.connect.enforcer.commons.opa.OPARequestGenerator
    public String generateRequest(String str, String str2, Map<String, String> map, RequestContext requestContext) throws OPASecurityException {
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        jSONObject.put("input", jSONObject2);
        JSONObject jSONObject3 = new JSONObject();
        requestContext.getHeaders().keySet().stream().filter(str3 -> {
            return !requestContext.getProtectedHeaders().contains(str3);
        }).forEach(str4 -> {
            jSONObject3.put(str4, requestContext.getHeaders().get(str4));
        });
        jSONObject2.put("transportHeaders", jSONObject3);
        jSONObject2.put("requestOrigin", requestContext.getClientIp());
        jSONObject2.put("method", requestContext.getRequestMethod());
        jSONObject2.put("path", requestContext.getRequestPath());
        JSONObject jSONObject4 = new JSONObject();
        jSONObject2.put("apiContext", jSONObject4);
        jSONObject4.put("apiName", requestContext.getMatchedAPI().getName());
        jSONObject4.put("apiVersion", requestContext.getMatchedAPI().getVersion());
        jSONObject4.put(AdminConstants.Parameters.ORGANIZATION_ID, requestContext.getMatchedAPI().getOrganizationId());
        jSONObject4.put("vhost", requestContext.getMatchedAPI().getVhost());
        jSONObject4.put("pathTemplate", requestContext.getRequestPathTemplate());
        jSONObject4.put(AdapterConstants.PROD_CLUSTER_HEADER_KEY, requestContext.getProdClusterHeader());
        jSONObject4.put(AdapterConstants.SAND_CLUSTER_HEADER_KEY, requestContext.getSandClusterHeader());
        if (Boolean.parseBoolean(map.get(OPAConstants.AdditionalParameters.SEND_ACCESS_TOKEN))) {
            AuthenticationContext authenticationContext = requestContext.getAuthenticationContext();
            JSONObject jSONObject5 = new JSONObject();
            jSONObject5.put("token", authenticationContext.getRawToken());
            jSONObject5.put(InterceptorConstants.AuthContextFields.TOKEN_TYPE, authenticationContext.getTokenType());
            jSONObject5.put("keyType", authenticationContext.getKeyType());
            jSONObject2.put("authenticationContext", jSONObject5);
        }
        String str5 = map.get(OPAConstants.AdditionalParameters.ADDITIONAL_PROPERTIES);
        if (StringUtils.isNotEmpty(str5)) {
            Arrays.stream(str5.split(",")).forEach(str6 -> {
                jSONObject2.put(str6, requestContext.getProperties().get(str6));
            });
        }
        return jSONObject.toString();
    }

    @Override // org.wso2.choreo.connect.enforcer.commons.opa.OPARequestGenerator
    public boolean handleResponse(String str, String str2, String str3, Map<String, String> map, RequestContext requestContext) throws OPASecurityException {
        try {
            return new JSONObject(str3).getBoolean("result");
        } catch (JSONException e) {
            log.error("Error parsing OPA JSON response, the field \"result\" not found or not a Boolean, response: {} {} {}", str3, ErrorDetails.errorLog(LoggingConstants.Severity.MINOR, 6104), e.getMessage());
            throw new OPASecurityException(APIConstants.StatusCodes.INTERNAL_SERVER_ERROR.getCode(), APISecurityConstants.OPA_RESPONSE_FAILURE, e);
        }
    }
}
