package org.n52.security.enforcement.interceptors.wps.simplepermission;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import org.apache.log4j.Logger;
import org.n52.security.common.xml.DOMParser;
import org.n52.security.common.xml.DOMParserException;
import org.n52.security.common.xml.DOMSerializer;
import org.n52.security.common.xml.XMLPathCtx;
import org.n52.security.decision.PDPRequest;
import org.n52.security.decision.PDPRequestCollection;
import org.n52.security.decision.PDPResponse;
import org.n52.security.decision.Target;
import org.n52.security.enforcement.artifact.Payload;
import org.n52.security.enforcement.artifact.QueryStringPayload;
import org.n52.security.enforcement.artifact.TextualPayload;
import org.n52.security.enforcement.artifact.TransferAttribute;
import org.n52.security.enforcement.artifact.Transferable;
import org.n52.security.enforcement.chain.AuthzInterceptor;
import org.n52.security.enforcement.chain.InterceptorException;
import org.n52.security.enforcement.chain.InterceptorRequest;
import org.n52.security.enforcement.chain.InterceptorResponse;
import org.n52.security.enforcement.chain.SecuredServiceRequest;
import org.n52.security.enforcement.exception.EnforcementServiceException;
import org.n52.security.enforcement.interceptors.TargetItem;
import org.n52.security.enforcement.interceptors.TargetItemCollection;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/n52/security/enforcement/interceptors/wps/simplepermission/WPSFilterCapabilitiesInterceptor.class */
public class WPSFilterCapabilitiesInterceptor extends AuthzInterceptor {
    private static Logger LOGGER = Logger.getLogger(WPSFilterCapabilitiesInterceptor.class);

    public WPSFilterCapabilitiesInterceptor(Map<String, Object> map) {
        super(map);
        LOGGER.info("Initialized WPS GetCapabilities Interceptor");
    }

    @Override // org.n52.security.enforcement.chain.Interceptor
    public SecuredServiceRequest doRequest(Subject subject, InterceptorRequest interceptorRequest) throws InterceptorException, EnforcementServiceException {
        return interceptorRequest.getRequest();
    }

    @Override // org.n52.security.enforcement.chain.Interceptor
    public Transferable doResponse(Subject subject, InterceptorResponse interceptorResponse) throws InterceptorException, EnforcementServiceException {
        String localName;
        Payload payload = interceptorResponse.getRequest().getPayload();
        if (payload instanceof QueryStringPayload) {
            localName = ((QueryStringPayload) payload).getParameterValue("REQUEST");
        } else {
            if (!(payload instanceof TextualPayload)) {
                throw new EnforcementServiceException("Unsupported request type");
            }
            localName = DOMParser.createNew().parse(new InputSource(payload.getAsStream())).getDocumentElement().getLocalName();
        }
        if (localName == null || localName.length() == 0) {
            throw new InterceptorException("Could not identify request!");
        }
        if (!localName.equalsIgnoreCase("GetCapabilities")) {
            return interceptorResponse.getResponse();
        }
        String str = (String) interceptorResponse.getRequest().getAttributeValue(TransferAttribute.SERVICE_BASE_URL);
        String str2 = str.endsWith("/") ? str : str + "/";
        Transferable response = interceptorResponse.getResponse();
        try {
            response.setPayload(new TextualPayload(DOMSerializer.createNew().serializeToString(filterDocument(subject, DOMParser.createNew().parse(new InputSource(response.getPayload().getAsStream())), str2)), (String) response.getAttributeValue("Content-Charset")));
            return response;
        } catch (DOMParserException e) {
            throw new EnforcementServiceException("Could not parse response document as xml", e);
        }
    }

    private Document filterDocument(Subject subject, Document document, String str) {
        String stringBuffer = new StringBuffer(str).append("operations/GetCapabilities").toString();
        XMLPathCtx addNamespace = XMLPathCtx.createNew().addNamespace("ows", "http://www.opengis.net/ows/1.1").addNamespace("wps", "http://www.opengis.net/wps/1.0.0");
        TargetItemCollection targetItemCollection = new TargetItemCollection();
        NodeList nodeList = addNamespace.findIn(document).all("/wps:Capabilities/wps:ProcessOfferings/wps:Process/ows:Identifier/text()").get();
        for (int i = 0; i < nodeList.getLength(); i++) {
            Node item = nodeList.item(i);
            try {
                targetItemCollection.addItem(new TargetItem(item.getParentNode().getParentNode(), new StringBuffer(str).append("process/").append(URLEncoder.encode(item.getNodeValue(), "UTF-8")).toString()));
            } catch (UnsupportedEncodingException e) {
                throw new RuntimeException("Could not encode process.", e);
            }
        }
        PDPRequestCollection pDPRequestCollection = new PDPRequestCollection();
        Iterator<TargetItem> it = targetItemCollection.getItems().iterator();
        while (it.hasNext()) {
            pDPRequestCollection.add(new PDPRequest(new Target(subject, it.next().getTargetId(), stringBuffer)));
        }
        Iterator it2 = getDecisionService().request(pDPRequestCollection).iterator();
        while (it2.hasNext()) {
            PDPResponse pDPResponse = (PDPResponse) it2.next();
            PDPRequest request = pDPResponse.getRequest();
            if (!pDPResponse.isPermit()) {
                Node node = (Node) targetItemCollection.getItem(request.getTarget().getResourceId()).getAppItem();
                node.getParentNode().removeChild(node);
            }
        }
        return document;
    }
}
