package io.ballerina.messaging.broker.auth.authorization.authorizer.rdbms.scope;

import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import io.ballerina.messaging.broker.auth.AuthNotFoundException;
import io.ballerina.messaging.broker.auth.AuthServerException;
import io.ballerina.messaging.broker.auth.BrokerAuthConfiguration;
import io.ballerina.messaging.broker.auth.authorization.AuthScopeStore;
import io.ballerina.messaging.broker.auth.authorization.authorizer.rdbms.scope.dao.AuthScopeDao;
import io.ballerina.messaging.broker.auth.authorization.authorizer.rdbms.scope.dao.impl.AuthScopeRdbmsDao;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.stream.Stream;
import javax.annotation.Nonnull;
import javax.sql.DataSource;

/* loaded from: input_file:io/ballerina/messaging/broker/auth/authorization/authorizer/rdbms/scope/AuthScopeStoreImpl.class */
public class AuthScopeStoreImpl implements AuthScopeStore {
    private AuthScopeDao authScopeDao;
    private LoadingCache<String, AuthScope> authScopeCache;

    /* loaded from: input_file:io/ballerina/messaging/broker/auth/authorization/authorizer/rdbms/scope/AuthScopeStoreImpl$AuthScopeCacheLoader.class */
    private class AuthScopeCacheLoader extends CacheLoader<String, AuthScope> {
        private AuthScopeCacheLoader() {
        }

        @Override // com.google.common.cache.CacheLoader
        public AuthScope load(@Nonnull String str) throws AuthNotFoundException, AuthServerException {
            AuthScope read = AuthScopeStoreImpl.this.read(str);
            if (Objects.nonNull(read)) {
                return read;
            }
            throw new AuthNotFoundException("Scope does not found");
        }
    }

    public AuthScopeStoreImpl(BrokerAuthConfiguration brokerAuthConfiguration, DataSource dataSource) {
        this.authScopeDao = new AuthScopeRdbmsDao(dataSource);
        this.authScopeCache = CacheBuilder.newBuilder().maximumSize(brokerAuthConfiguration.getAuthorization().getCache().getSize()).expireAfterWrite(brokerAuthConfiguration.getAuthorization().getCache().getTimeout(), TimeUnit.MINUTES).build(new AuthScopeCacheLoader());
    }

    @Override // io.ballerina.messaging.broker.auth.authorization.AuthScopeStore
    public boolean authorize(String str, Set<String> set) throws AuthNotFoundException {
        try {
            AuthScope authScope = this.authScopeCache.get(str);
            if (Objects.nonNull(authScope)) {
                Stream<String> stream = authScope.getUserGroups().stream();
                set.getClass();
                if (stream.anyMatch((v1) -> {
                    return r1.contains(v1);
                })) {
                    return true;
                }
            }
            return false;
        } catch (ExecutionException e) {
            throw new AuthNotFoundException("A scope was not found for the scope name: " + str, e);
        }
    }

    @Override // io.ballerina.messaging.broker.auth.authorization.AuthScopeStore
    public void update(String str, List<String> list) throws AuthServerException {
        this.authScopeDao.update(str, list);
        this.authScopeCache.invalidate(str);
    }

    @Override // io.ballerina.messaging.broker.auth.authorization.AuthScopeStore
    public AuthScope read(String str) throws AuthServerException {
        return this.authScopeDao.read(str);
    }

    @Override // io.ballerina.messaging.broker.auth.authorization.AuthScopeStore
    public List<AuthScope> readAll() throws AuthServerException {
        return this.authScopeDao.readAll();
    }
}
