package org.wso2.carbon.identity.entitlement.proxy.soap.authenticationAdmin;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.Stub;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.description.TransportOutDescription;
import org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient;
import org.wso2.carbon.identity.entitlement.proxy.Attribute;
import org.wso2.carbon.identity.entitlement.proxy.ProxyConstants;
import org.wso2.carbon.identity.entitlement.proxy.XACMLRequetBuilder;
import org.wso2.carbon.identity.entitlement.stub.EntitlementPolicyAdminServiceStub;
import org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub;
import org.wso2.carbon.identity.entitlement.stub.dto.EntitledAttributesDTO;
import org.wso2.carbon.identity.entitlement.stub.dto.EntitledResultSetDTO;

/* loaded from: input_file:org/wso2/carbon/identity/entitlement/proxy/soap/authenticationAdmin/SOAPEntitlementServiceClient.class */
public class SOAPEntitlementServiceClient extends AbstractEntitlementServiceClient {
    public static final String ACCESS_SUBJECT = "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject";
    public static final String ACTION = "urn:oasis:names:tc:xacml:3.0:attribute-category:action";
    public static final String ACTION_ID = "urn:oasis:names:tc:xacml:1.0:action:action-id";
    public static final String RESOURCE = "urn:oasis:names:tc:xacml:3.0:attribute-category:resource";
    public static final String RESOURCE_ID = "urn:oasis:names:tc:xacml:1.0:resource:resource-id";
    public static final String CATEGORY_ENVIRONMENT = "urn:oasis:names:tc:xacml:3.0:attribute-category:environment";
    public static final String ENVIRONMENT_ID = "urn:oasis:names:tc:xacml:1.0:environment:environment-id";
    private Map<String, EntitlementServiceStub> entitlementStub = new ConcurrentHashMap();
    private Map<String, EntitlementPolicyAdminServiceStub> policyAdminStub = new ConcurrentHashMap();
    private Map<String, Authenticator> authenticators = new ConcurrentHashMap();
    private String serverUrl;
    private String userName;
    private String password;
    private boolean reuseSession;

    public SOAPEntitlementServiceClient(String str, String str2, String str3, boolean z) {
        this.reuseSession = true;
        this.serverUrl = str;
        this.userName = str2;
        this.password = str3;
        this.reuseSession = z;
    }

    @Override // org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient
    public String getDecision(Attribute[] attributeArr, String str) throws Exception {
        String buildXACML3Request = XACMLRequetBuilder.buildXACML3Request(attributeArr);
        EntitlementServiceStub entitlementStub = getEntitlementStub(this.serverUrl);
        String decision = getDecision(buildXACML3Request, entitlementStub, getAuthenticator(this.serverUrl, this.userName, this.password));
        entitlementStub._getServiceClient().cleanupTransport();
        return decision;
    }

    @Override // org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient
    public boolean subjectCanActOnResource(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        String buildXACML3Request = XACMLRequetBuilder.buildXACML3Request(new Attribute[]{new Attribute("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject", str, ProxyConstants.DEFAULT_DATA_TYPE, str2), new Attribute("urn:oasis:names:tc:xacml:3.0:attribute-category:action", "urn:oasis:names:tc:xacml:1.0:action:action-id", ProxyConstants.DEFAULT_DATA_TYPE, str3), new Attribute("urn:oasis:names:tc:xacml:3.0:attribute-category:resource", "urn:oasis:names:tc:xacml:1.0:resource:resource-id", ProxyConstants.DEFAULT_DATA_TYPE, str4), new Attribute("urn:oasis:names:tc:xacml:3.0:attribute-category:environment", "urn:oasis:names:tc:xacml:1.0:environment:environment-id", ProxyConstants.DEFAULT_DATA_TYPE, str5)});
        EntitlementServiceStub entitlementStub = getEntitlementStub(this.serverUrl);
        String decision = getDecision(buildXACML3Request, entitlementStub, getAuthenticator(this.serverUrl, this.userName, this.password));
        entitlementStub._getServiceClient().cleanupTransport();
        return decision.contains("Permit");
    }

    @Override // org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient
    public boolean subjectCanActOnResource(String str, String str2, String str3, String str4, Attribute[] attributeArr, String str5, String str6) throws Exception {
        Attribute[] attributeArr2 = new Attribute[attributeArr.length + 4];
        attributeArr2[0] = new Attribute("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject", str, ProxyConstants.DEFAULT_DATA_TYPE, str2);
        for (int i = 0; i < attributeArr.length; i++) {
            attributeArr2[i + 1] = new Attribute("urn:oasis:names:tc:xacml:1.0:subject-category:access-subject", attributeArr[i].getType(), attributeArr[i].getId(), attributeArr[i].getValue());
        }
        attributeArr2[attributeArr2.length - 3] = new Attribute("urn:oasis:names:tc:xacml:3.0:attribute-category:action", "urn:oasis:names:tc:xacml:1.0:action:action-id", ProxyConstants.DEFAULT_DATA_TYPE, str3);
        attributeArr2[attributeArr2.length - 2] = new Attribute("urn:oasis:names:tc:xacml:3.0:attribute-category:resource", "urn:oasis:names:tc:xacml:1.0:resource:resource-id", ProxyConstants.DEFAULT_DATA_TYPE, str4);
        attributeArr2[attributeArr2.length - 1] = new Attribute("urn:oasis:names:tc:xacml:3.0:attribute-category:environment", "urn:oasis:names:tc:xacml:1.0:environment:environment-id", ProxyConstants.DEFAULT_DATA_TYPE, str5);
        String buildXACML3Request = XACMLRequetBuilder.buildXACML3Request(attributeArr2);
        EntitlementServiceStub entitlementStub = getEntitlementStub(this.serverUrl);
        String decision = getDecision(buildXACML3Request, entitlementStub, getAuthenticator(this.serverUrl, this.userName, this.password));
        entitlementStub._getServiceClient().cleanupTransport();
        return decision.contains("Permit");
    }

    @Override // org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient
    public List<String> getResourcesForAlias(String str, String str2) throws Exception {
        EntitlementServiceStub entitlementStub = getEntitlementStub(this.serverUrl);
        List<String> resources = getResources(getEntitledAttributes(str, null, "urn:oasis:names:tc:xacml:1.0:subject:subject-id", null, false, entitlementStub, getAuthenticator(this.serverUrl, this.userName, this.password)));
        entitlementStub._getServiceClient().cleanupTransport();
        return resources;
    }

    @Override // org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient
    public List<String> getActionableResourcesForAlias(String str, String str2) throws Exception {
        EntitlementServiceStub entitlementStub = getEntitlementStub(this.serverUrl);
        List<String> resources = getResources(getEntitledAttributes(str, null, "urn:oasis:names:tc:xacml:1.0:subject:subject-id", null, true, entitlementStub, getAuthenticator(this.serverUrl, this.userName, this.password)));
        entitlementStub._getServiceClient().cleanupTransport();
        return resources;
    }

    @Override // org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient
    public List<String> getActionsForResource(String str, String str2, String str3) throws Exception {
        EntitlementServiceStub entitlementStub = getEntitlementStub(this.serverUrl);
        List<String> actions = getActions(getEntitledAttributes(str, str2, "urn:oasis:names:tc:xacml:1.0:subject:subject-id", null, false, entitlementStub, getAuthenticator(this.serverUrl, this.userName, this.password)));
        entitlementStub._getServiceClient().cleanupTransport();
        return actions;
    }

    @Override // org.wso2.carbon.identity.entitlement.proxy.AbstractEntitlementServiceClient
    public List<String> getActionableChildResourcesForAlias(String str, String str2, String str3, String str4) throws Exception {
        EntitlementServiceStub entitlementStub = getEntitlementStub(this.serverUrl);
        List<String> resources = getResources(getEntitledAttributes(str, str2, "urn:oasis:names:tc:xacml:1.0:subject:subject-id", str3, true, entitlementStub, getAuthenticator(this.serverUrl, this.userName, this.password)));
        entitlementStub._getServiceClient().cleanupTransport();
        return resources;
    }

    private Authenticator getAuthenticator(String str, String str2, String str3) throws Exception {
        if (this.reuseSession && this.authenticators.containsKey(str)) {
            return this.authenticators.get(str);
        }
        Authenticator authenticator = new Authenticator(str2, str3, str + "AuthenticationAdmin");
        setAuthCookie(false, getEntitlementStub(str), authenticator);
        setAuthCookie(false, getEntitlementAdminStub(str), authenticator);
        this.authenticators.put(str, authenticator);
        return authenticator;
    }

    private EntitlementServiceStub getEntitlementStub(String str) throws Exception {
        if (this.entitlementStub.containsKey(str)) {
            return this.entitlementStub.get(str);
        }
        ConfigurationContext createDefaultConfigurationContext = ConfigurationContextFactory.createDefaultConfigurationContext();
        for (TransportOutDescription transportOutDescription : createDefaultConfigurationContext.getAxisConfiguration().getTransportsOut().values()) {
            transportOutDescription.getSender().init(createDefaultConfigurationContext, transportOutDescription);
        }
        EntitlementServiceStub entitlementServiceStub = new EntitlementServiceStub(createDefaultConfigurationContext, str + "EntitlementService");
        this.entitlementStub.put(str, entitlementServiceStub);
        return entitlementServiceStub;
    }

    private EntitlementPolicyAdminServiceStub getEntitlementAdminStub(String str) throws Exception {
        if (this.policyAdminStub.containsKey(str)) {
            return this.policyAdminStub.get(str);
        }
        ConfigurationContext createDefaultConfigurationContext = ConfigurationContextFactory.createDefaultConfigurationContext();
        for (TransportOutDescription transportOutDescription : createDefaultConfigurationContext.getAxisConfiguration().getTransportsOut().values()) {
            transportOutDescription.getSender().init(createDefaultConfigurationContext, transportOutDescription);
        }
        EntitlementPolicyAdminServiceStub entitlementPolicyAdminServiceStub = new EntitlementPolicyAdminServiceStub(createDefaultConfigurationContext, str + "EntitlementPolicyAdminService");
        this.policyAdminStub.put(str, entitlementPolicyAdminServiceStub);
        return entitlementPolicyAdminServiceStub;
    }

    private String getDecision(String str, EntitlementServiceStub entitlementServiceStub, Authenticator authenticator) throws Exception {
        try {
            return entitlementServiceStub.getDecision(str);
        } catch (AxisFault e) {
            if (!ProxyConstants.SESSION_TIME_OUT.equals(e.getFaultCode().getLocalPart())) {
                throw e;
            }
            setAuthCookie(true, entitlementServiceStub, authenticator);
            return entitlementServiceStub.getDecision(str);
        }
    }

    private EntitledAttributesDTO[] getEntitledAttributes(String str, String str2, String str3, String str4, boolean z, EntitlementServiceStub entitlementServiceStub, Authenticator authenticator) throws Exception {
        EntitledResultSetDTO entitledAttributes;
        try {
            entitledAttributes = entitlementServiceStub.getEntitledAttributes(str, str2, str3, str4, z);
        } catch (AxisFault e) {
            if (!ProxyConstants.SESSION_TIME_OUT.equals(e.getFaultCode().getLocalPart())) {
                throw e;
            }
            setAuthCookie(true, entitlementServiceStub, authenticator);
            entitledAttributes = entitlementServiceStub.getEntitledAttributes(str, str2, str3, str4, z);
        }
        return entitledAttributes.getEntitledAttributesDTOs();
    }

    private List<String> getResources(EntitledAttributesDTO[] entitledAttributesDTOArr) {
        ArrayList arrayList = new ArrayList();
        if (entitledAttributesDTOArr != null) {
            for (EntitledAttributesDTO entitledAttributesDTO : entitledAttributesDTOArr) {
                arrayList.add(entitledAttributesDTO.getResourceName());
            }
        }
        return arrayList;
    }

    private List<String> getActions(EntitledAttributesDTO[] entitledAttributesDTOArr) {
        ArrayList arrayList = new ArrayList();
        if (entitledAttributesDTOArr != null) {
            for (EntitledAttributesDTO entitledAttributesDTO : entitledAttributesDTOArr) {
                arrayList.add(entitledAttributesDTO.getAction());
            }
        }
        return arrayList;
    }

    private void setAuthCookie(boolean z, Stub stub, Authenticator authenticator) throws Exception {
        Options options = stub._getServiceClient().getOptions();
        options.setManageSession(true);
        options.setProperty("Cookie", authenticator.getCookie(z));
    }
}
