package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization;

import feign.Feign;
import feign.FeignException;
import feign.gson.GsonDecoder;
import feign.gson.GsonEncoder;
import feign.jaxrs.JAXRSContract;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.websocket.Session;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.output.adapter.websocket.authentication.AuthenticationInfo;
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.OAuthRequestInterceptor;
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.AuthorizationRequest;
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.DeviceAccessAuthorizationAdminService;
import org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.client.dto.DeviceIdentifier;
import org.wso2.carbon.device.mgt.output.adapter.websocket.config.Properties;
import org.wso2.carbon.device.mgt.output.adapter.websocket.config.Property;
import org.wso2.carbon.device.mgt.output.adapter.websocket.config.WebsocketConfig;
import org.wso2.carbon.device.mgt.output.adapter.websocket.util.WebSocketSessionRequest;

/* loaded from: input_file:org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.class */
public class DeviceAuthorizer implements Authorizer {
    private static DeviceAccessAuthorizationAdminService deviceAccessAuthorizationAdminService;
    private static final String CDMF_SERVER_BASE_CONTEXT = "/api/device-mgt/v1.0";
    private static final String DEVICE_MGT_SERVER_URL = "deviceMgtServerUrl";
    private static final String STAT_PERMISSION = "statsPermission";
    private static Log logger = LogFactory.getLog(DeviceAuthorizer.class);
    private static List<String> statPermissions;

    public DeviceAuthorizer() {
        Properties properties = WebsocketConfig.getInstance().getWebsocketValidationConfigs().getAuthorizer().getProperties();
        statPermissions = getPermissions(properties);
        deviceAccessAuthorizationAdminService = (DeviceAccessAuthorizationAdminService) Feign.builder().requestInterceptor(new OAuthRequestInterceptor()).contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder()).target(DeviceAccessAuthorizationAdminService.class, getDeviceMgtServerUrl(properties) + CDMF_SERVER_BASE_CONTEXT);
    }

    @Override // org.wso2.carbon.device.mgt.output.adapter.websocket.authorization.Authorizer
    public boolean isAuthorized(AuthenticationInfo authenticationInfo, Session session, String str) {
        Map<String, String> queryParamValuePairs = new WebSocketSessionRequest(session).getQueryParamValuePairs();
        String str2 = queryParamValuePairs.get("deviceId");
        String str3 = queryParamValuePairs.get("deviceType");
        if (str2 == null || str2.isEmpty() || str3 == null || str3.isEmpty()) {
            return false;
        }
        AuthorizationRequest authorizationRequest = new AuthorizationRequest();
        authorizationRequest.setTenantDomain(authenticationInfo.getTenantDomain());
        if (statPermissions != null && !statPermissions.isEmpty()) {
            authorizationRequest.setPermissions(statPermissions);
        }
        authorizationRequest.setUsername(authenticationInfo.getUsername());
        DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
        deviceIdentifier.setId(str2);
        deviceIdentifier.setType(str3);
        ArrayList arrayList = new ArrayList();
        arrayList.add(deviceIdentifier);
        authorizationRequest.setDeviceIdentifiers(arrayList);
        try {
            List<DeviceIdentifier> authorizedDevices = deviceAccessAuthorizationAdminService.isAuthorized(authorizationRequest).getAuthorizedDevices();
            if (authorizedDevices == null || authorizedDevices.size() <= 0) {
                return false;
            }
            DeviceIdentifier deviceIdentifier2 = authorizedDevices.get(0);
            if (deviceIdentifier2.getId().equals(str2)) {
                return deviceIdentifier2.getType().equals(str3);
            }
            return false;
        } catch (FeignException e) {
            logger.error(e.getMessage(), e);
            return false;
        }
    }

    private String getDeviceMgtServerUrl(Properties properties) {
        String str = null;
        Iterator<Property> it = properties.getProperty().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Property next = it.next();
            if (next.getName().equals(DEVICE_MGT_SERVER_URL)) {
                str = next.getValue();
                break;
            }
        }
        if (str == null || str.isEmpty()) {
            logger.error("deviceMgtServerUrl can't be empty ");
        }
        return str;
    }

    private List<String> getPermissions(Properties properties) {
        ArrayList arrayList = new ArrayList();
        for (Property property : properties.getProperty()) {
            if (property.getName().equals(STAT_PERMISSION)) {
                arrayList.add(property.getValue());
            }
        }
        return arrayList;
    }
}
