package org.n52.security.service.pdp;

import java.io.InputStream;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import org.apache.log4j.Logger;
import org.n52.security.authentication.principals.RolePrincipal;
import org.n52.security.authentication.principals.UsernameIDPrincipal;
import org.n52.security.common.util.XPathHelper;
import org.n52.security.common.xml.DOMParser;
import org.n52.security.common.xml.DOMParserOptions;
import org.n52.security.decision.DecisionProcessingException;
import org.n52.security.decision.PDPProxy;
import org.n52.security.decision.PDPRequest;
import org.n52.security.decision.PDPRequestCollection;
import org.n52.security.decision.PDPResponse;
import org.n52.security.decision.PDPResponseCollection;
import org.n52.security.decision.Target;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/n52/security/service/pdp/DefaultPDPProxy.class */
public class DefaultPDPProxy implements PDPProxy {
    Document m_rightsDocument;
    private static Logger sLogger;
    static Class class$org$n52$security$service$pdp$DefaultPDPProxy;
    static Class class$org$n52$security$authentication$principals$UsernameIDPrincipal;

    public DefaultPDPProxy(InputStream inputStream) {
        if (inputStream == null) {
            throw new IllegalArgumentException("parameter <rightsDocument> must not null");
        }
        this.m_rightsDocument = DOMParser.createNew(DOMParserOptions.getDefault().notNamespaceaware()).parse(new InputSource(inputStream));
    }

    public PDPResponseCollection request(PDPRequestCollection pDPRequestCollection) throws DecisionProcessingException {
        PDPResponseCollection pDPResponseCollection = new PDPResponseCollection();
        sLogger.info("PDP performs request");
        Iterator it = pDPRequestCollection.iterator();
        while (it.hasNext()) {
            PDPRequest pDPRequest = (PDPRequest) it.next();
            Target target = pDPRequest.getTarget();
            if (sLogger.isDebugEnabled()) {
                sLogger.debug(pDPRequest);
            }
            PDPResponse pDPResponse = new PDPResponse(permissionExists(target) ? 2 : 1, pDPRequest);
            if (sLogger.isDebugEnabled()) {
                sLogger.debug(pDPResponse);
            }
            pDPResponseCollection.add(pDPResponse);
        }
        return pDPResponseCollection;
    }

    private List extractPermissions(NodeList nodeList) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < nodeList.getLength(); i++) {
            arrayList.add(getPermission(nodeList.item(i)));
        }
        return arrayList;
    }

    public Permission getPermission(Node node) {
        XPathHelper xPathHelper = new XPathHelper(node);
        String querySimpleXPath = xPathHelper.querySimpleXPath("Subject/text()");
        xPathHelper.querySimpleXPath("Subject/@type");
        return new Permission((Principal) new RolePrincipal(querySimpleXPath), xPathHelper.querySimpleXPath("Resource/text()"), xPathHelper.querySimpleXPath("Action/text()"), Collections.EMPTY_LIST, "[unknown]");
    }

    public List getPermissions(String str) {
        return extractPermissions(new XPathHelper(this.m_rightsDocument).queryXPath(new StringBuffer().append("//Permission[Subject[text()=\"").append(str).append("\"]]/.").toString()));
    }

    public List getPermissions(String str, String str2) {
        return extractPermissions(new XPathHelper(this.m_rightsDocument).queryXPath(new StringBuffer().append("//Permission[Subject[text()=\"").append(str).append("\"] and Action[text()=\"").append(str2).append("\"]]/.").toString()));
    }

    public List getPermissions(String str, String str2, String str3) {
        return extractPermissions(new XPathHelper(this.m_rightsDocument).queryXPath(new StringBuffer().append("//Permission[Subject[text()=\"").append(str).append("\"] and Action[text()=\"").append(str2).append("\"] and Resource[text()=\"").append(str3).append("\"]]/.").toString()));
    }

    public List getPermissions(Target target) throws DecisionProcessingException {
        Class cls;
        Subject subject = target.getSubject();
        if (class$org$n52$security$authentication$principals$UsernameIDPrincipal == null) {
            cls = class$("org.n52.security.authentication.principals.UsernameIDPrincipal");
            class$org$n52$security$authentication$principals$UsernameIDPrincipal = cls;
        } else {
            cls = class$org$n52$security$authentication$principals$UsernameIDPrincipal;
        }
        UsernameIDPrincipal usernameIDPrincipal = (UsernameIDPrincipal) subject.getPrincipals(cls).iterator().next();
        if (usernameIDPrincipal == null) {
            throw new DecisionProcessingException("Subject for PDP request contains no username or id");
        }
        return getPermissions(usernameIDPrincipal.getName(), target.getAction(), target.getResource());
    }

    public boolean permissionExists(Target target) throws DecisionProcessingException {
        return getPermissions(target).size() >= 1;
    }

    public List getPermissions() {
        return extractPermissions(new XPathHelper(this.m_rightsDocument).queryXPath("//Permission/."));
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$service$pdp$DefaultPDPProxy == null) {
            cls = class$("org.n52.security.service.pdp.DefaultPDPProxy");
            class$org$n52$security$service$pdp$DefaultPDPProxy = cls;
        } else {
            cls = class$org$n52$security$service$pdp$DefaultPDPProxy;
        }
        sLogger = Logger.getLogger(cls);
    }
}
