package org.wso2.carbon.apimgt.impl.utils;

import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder;
import org.wso2.carbon.um.ws.api.stub.RemoteAuthorizationManagerServiceStub;
import org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceStub;
import org.wso2.carbon.utils.CarbonUtils;

/* loaded from: input_file:org/wso2/carbon/apimgt/impl/utils/RemoteAuthorizationManagerClient.class */
public class RemoteAuthorizationManagerClient implements AuthorizationManagerClient {
    private static final int TIMEOUT_IN_MILLIS = 900000;
    private RemoteAuthorizationManagerServiceStub authorizationManager;
    private RemoteUserStoreManagerServiceStub userStoreManager;
    private String username;
    private String password;
    private String cookie;

    public RemoteAuthorizationManagerClient() {
        APIManagerConfiguration aPIManagerConfiguration = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
        String firstProperty = aPIManagerConfiguration.getFirstProperty(APIConstants.AUTH_MANAGER_URL);
        this.username = aPIManagerConfiguration.getFirstProperty(APIConstants.AUTH_MANAGER_USERNAME);
        this.password = aPIManagerConfiguration.getFirstProperty(APIConstants.AUTH_MANAGER_PASSWORD);
        if (firstProperty == null || this.username == null || this.password == null) {
            throw new IllegalArgumentException("Required connection details for authentication manager not provided");
        }
        try {
            this.authorizationManager = new RemoteAuthorizationManagerServiceStub((ConfigurationContext) null, firstProperty + "RemoteAuthorizationManagerService");
            this.userStoreManager = new RemoteUserStoreManagerServiceStub((ConfigurationContext) null, firstProperty + "RemoteUserStoreManagerService");
            for (ServiceClient serviceClient : new ServiceClient[]{this.authorizationManager._getServiceClient(), this.userStoreManager._getServiceClient()}) {
                Options options = serviceClient.getOptions();
                options.setTimeOutInMilliSeconds(900000L);
                options.setProperty("SO_TIMEOUT", 900000);
                options.setProperty("CONNECTION_TIMEOUT", 900000);
                options.setCallTransportCleanup(true);
                options.setManageSession(true);
            }
        } catch (AxisFault e) {
            throw new IllegalArgumentException("Error while initializing the user management stubs. Invalid parameter values passed into initializing the corresponding service clients might potentially have been the issue", e);
        }
    }

    @Override // org.wso2.carbon.apimgt.impl.utils.AuthorizationManagerClient
    public boolean isUserAuthorized(String str, String str2) throws APIManagementException {
        CarbonUtils.setBasicAccessSecurityHeaders(this.username, this.password, this.authorizationManager._getServiceClient());
        if (this.cookie != null) {
            this.authorizationManager._getServiceClient().getOptions().setProperty("Cookie", this.cookie);
        }
        try {
            boolean isUserAuthorized = this.authorizationManager.isUserAuthorized(str, str2, "ui.execute");
            this.cookie = (String) this.authorizationManager._getServiceClient().getLastOperationContext().getServiceContext().getProperty("Cookie");
            return isUserAuthorized;
        } catch (Exception e) {
            throw new APIManagementException("Error while accessing backend services for user permission validation", e);
        }
    }

    @Override // org.wso2.carbon.apimgt.impl.utils.AuthorizationManagerClient
    public String[] getRolesOfUser(String str) throws APIManagementException {
        CarbonUtils.setBasicAccessSecurityHeaders(this.username, this.password, this.userStoreManager._getServiceClient());
        if (this.cookie != null) {
            this.userStoreManager._getServiceClient().getOptions().setProperty("Cookie", this.cookie);
        }
        try {
            String[] roleListOfUser = this.userStoreManager.getRoleListOfUser(str);
            this.cookie = (String) this.userStoreManager._getServiceClient().getLastOperationContext().getServiceContext().getProperty("Cookie");
            return roleListOfUser;
        } catch (Exception e) {
            throw new APIManagementException("Error while accessing backend services for user role list", e);
        }
    }

    @Override // org.wso2.carbon.apimgt.impl.utils.AuthorizationManagerClient
    public String[] getRoleNames() throws APIManagementException {
        CarbonUtils.setBasicAccessSecurityHeaders(this.username, this.password, this.userStoreManager._getServiceClient());
        if (this.cookie != null) {
            this.userStoreManager._getServiceClient().getOptions().setProperty("Cookie", this.cookie);
        }
        try {
            String[] roleNames = this.userStoreManager.getRoleNames();
            this.cookie = (String) this.userStoreManager._getServiceClient().getLastOperationContext().getServiceContext().getProperty("Cookie");
            return roleNames;
        } catch (Exception e) {
            throw new APIManagementException("Error while accessing backend services for getting list of all the roles.", e);
        }
    }
}
