package io.ballerina.messaging.broker.auth.authorization;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import io.ballerina.messaging.broker.auth.BrokerAuthConfiguration;
import io.ballerina.messaging.broker.auth.authorization.authorizer.empty.NoOpAuthorizer;
import io.ballerina.messaging.broker.auth.authorization.authorizer.rdbms.DefaultAuthorizer;
import io.ballerina.messaging.broker.auth.authorization.provider.DefaultMacHandler;
import io.ballerina.messaging.broker.auth.authorization.provider.RdbmsDacHandler;
import io.ballerina.messaging.broker.common.BrokerClassLoader;
import io.ballerina.messaging.broker.common.StartupContext;
import io.ballerina.messaging.broker.common.config.BrokerCommonConfiguration;
import java.util.Map;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/ballerina/messaging/broker/auth/authorization/AuthorizerFactory.class */
public class AuthorizerFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) AuthorizerFactory.class);

    public static Authorizer getAuthorizer(BrokerCommonConfiguration brokerCommonConfiguration, BrokerAuthConfiguration brokerAuthConfiguration, UserStore userStore, StartupContext startupContext) throws Exception {
        if (!brokerAuthConfiguration.getAuthentication().isEnabled() || !brokerAuthConfiguration.getAuthorization().isEnabled()) {
            return new NoOpAuthorizer();
        }
        DefaultAuthorizer defaultAuthorizer = new DefaultAuthorizer(getDac(brokerAuthConfiguration, brokerCommonConfiguration, startupContext, userStore), getMandatoryAccessController(brokerAuthConfiguration, brokerCommonConfiguration, startupContext, userStore), userStore);
        defaultAuthorizer.initialize(startupContext);
        return defaultAuthorizer;
    }

    @SuppressFBWarnings(value = {"REC_CATCH_EXCEPTION"}, justification = "Not an issue since a RuntimeException is thrown")
    private static MandatoryAccessController getMandatoryAccessController(BrokerAuthConfiguration brokerAuthConfiguration, BrokerCommonConfiguration brokerCommonConfiguration, StartupContext startupContext, UserStore userStore) {
        String className = brokerAuthConfiguration.getAuthorization().getMandatoryAccessController().getClassName();
        if (brokerCommonConfiguration.getEnableInMemoryMode() && DefaultMacHandler.class.getCanonicalName().equals(className)) {
            throw new RuntimeException("Cannot use " + className + " with in-memory mode.");
        }
        LOGGER.info("Initializing Mandatory Access Controller {}", className);
        try {
            MandatoryAccessController mandatoryAccessController = (MandatoryAccessController) BrokerClassLoader.loadClass(className, MandatoryAccessController.class);
            mandatoryAccessController.initialize(startupContext, userStore, brokerAuthConfiguration.getAuthorization().getMandatoryAccessController().getProperties());
            return mandatoryAccessController;
        } catch (Exception e) {
            throw new RuntimeException("Cannot initialize Mandatory Access Controller", e);
        }
    }

    @SuppressFBWarnings(value = {"REC_CATCH_EXCEPTION"}, justification = "Not an issue since a RuntimeException is thrown")
    private static DiscretionaryAccessController getDac(BrokerAuthConfiguration brokerAuthConfiguration, BrokerCommonConfiguration brokerCommonConfiguration, StartupContext startupContext, UserStore userStore) {
        String className = brokerAuthConfiguration.getAuthorization().getDiscretionaryAccessController().getClassName();
        if (brokerCommonConfiguration.getEnableInMemoryMode() && RdbmsDacHandler.class.getCanonicalName().equals(className)) {
            throw new RuntimeException("Cannot use " + className + " with in-memory mode.");
        }
        LOGGER.info("Initializing Discretionary Access Controller {}", className);
        try {
            DiscretionaryAccessController discretionaryAccessController = (DiscretionaryAccessController) BrokerClassLoader.loadClass(className, DiscretionaryAccessController.class);
            discretionaryAccessController.initialize(startupContext, userStore, brokerAuthConfiguration.getAuthorization().getDiscretionaryAccessController().getProperties());
            return discretionaryAccessController;
        } catch (Exception e) {
            throw new RuntimeException("Cannot initialize Discretionary Access Controller", e);
        }
    }

    public static UserStore createUserStore(StartupContext startupContext, BrokerAuthConfiguration brokerAuthConfiguration) {
        String className = brokerAuthConfiguration.getAuthorization().getUserStore().getClassName();
        Map<String, String> properties = brokerAuthConfiguration.getAuthorization().getUserStore().getProperties();
        if (!Objects.nonNull(className)) {
            throw new RuntimeException("Please configure a user store for ");
        }
        try {
            UserStore userStore = (UserStore) BrokerClassLoader.loadClass(className, UserStore.class);
            userStore.initialize(startupContext, properties);
            return userStore;
        } catch (Exception e) {
            throw new RuntimeException("Cannot initialize user store", e);
        }
    }
}
