package org.n52.security.service.gatekeeper.pdpproxy;

import com.sun.xacml.Obligation;
import com.sun.xacml.attr.DateTimeAttribute;
import com.sun.xacml.attr.StringAttribute;
import com.sun.xacml.ctx.Attribute;
import com.sun.xacml.ctx.RequestCtx;
import com.sun.xacml.ctx.ResponseCtx;
import com.sun.xacml.ctx.Result;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.rpc.ServiceException;
import javax.xml.soap.SOAPException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;
import org.apache.log4j.Logger;
import org.n52.security.authentication.principals.AttributePrincipal;
import org.n52.security.authentication.principals.UsernameIDPrincipal;
import org.n52.security.common.attributes.StringAttributeValue;
import org.n52.security.common.util.XMLUtils;
import org.n52.security.common.util.XPathHelper;
import org.n52.security.decision.DecisionProcessingException;
import org.n52.security.decision.PDPProxy;
import org.n52.security.decision.PDPRequest;
import org.n52.security.decision.PDPRequestCollection;
import org.n52.security.decision.PDPResponse;
import org.n52.security.decision.PDPResponseCollection;
import org.n52.security.decision.Target;
import org.n52.security.enforcement.interceptors.obligation.wms.BoundingBox;
import org.n52.security.service.gatekeeper.loginmodule.signaturelogin.LicensePrincipal;
import org.n52.security.service.licman.client.AbstractRequestBuilder;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/n52/security/service/gatekeeper/pdpproxy/RemotePDPProxy.class */
public class RemotePDPProxy implements PDPProxy {
    private String pdpURL;
    private static Logger sLogger;
    private static DocumentBuilder dBuilder;
    private static Transformer sTrans;
    Call call = null;
    static Class class$org$n52$security$service$gatekeeper$pdpproxy$RemotePDPProxy;
    static Class class$org$n52$security$service$gatekeeper$loginmodule$signaturelogin$LicensePrincipal;
    static Class class$org$n52$security$authentication$principals$UsernameIDPrincipal;

    public RemotePDPProxy(String str) {
        try {
            this.pdpURL = str;
            prepareCall();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private void prepareCall() {
        try {
            this.call = new Service().createCall();
            this.call.setTargetEndpointAddress(this.pdpURL);
            this.call.setOperationName("process");
        } catch (ServiceException e) {
            e.printStackTrace();
        }
    }

    public PDPResponseCollection request(PDPRequestCollection pDPRequestCollection) throws DecisionProcessingException {
        Iterator it;
        Class cls;
        int i;
        PDPResponseCollection pDPResponseCollection = new PDPResponseCollection();
        try {
            it = pDPRequestCollection.iterator();
        } catch (Exception e) {
            sLogger.error("Error during PDP request.", e);
            throw new DecisionProcessingException("Error during PDP request.", e);
        }
        while (it.hasNext()) {
            PDPRequest pDPRequest = (PDPRequest) it.next();
            Target target = pDPRequest.getTarget();
            RequestCtx prepareRequest = prepareRequest(target);
            Subject subject = target.getSubject();
            if (class$org$n52$security$service$gatekeeper$loginmodule$signaturelogin$LicensePrincipal == null) {
                cls = class$("org.n52.security.service.gatekeeper.loginmodule.signaturelogin.LicensePrincipal");
                class$org$n52$security$service$gatekeeper$loginmodule$signaturelogin$LicensePrincipal = cls;
            } else {
                cls = class$org$n52$security$service$gatekeeper$loginmodule$signaturelogin$LicensePrincipal;
            }
            Set principals = subject.getPrincipals(cls);
            if (principals.isEmpty()) {
                throw new Exception("License is Missing");
            }
            Node sendRequest = sendRequest(prepareRequest, (LicensePrincipal) principals.iterator().next());
            if (sLogger.isDebugEnabled()) {
                try {
                    StringWriter stringWriter = new StringWriter();
                    sTrans.transform(new DOMSource(sendRequest), new StreamResult(stringWriter));
                    sLogger.debug(new StringBuffer().append("Response:\n").append(stringWriter.toString()).toString());
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
            }
            new XPathHelper(sendRequest);
            Result result = (Result) ResponseCtx.getInstance(sendRequest.getFirstChild().getFirstChild()).getResults().iterator().next();
            ArrayList arrayList = new ArrayList();
            for (Obligation obligation : result.getObligations()) {
                ArrayList arrayList2 = new ArrayList();
                for (Attribute attribute : obligation.getAssignments()) {
                    arrayList2.add(new org.n52.security.common.attributes.Attribute(attribute.getId().toString(), new StringAttributeValue(attribute.getValue().encode())));
                }
                arrayList.add(new org.n52.security.decision.Obligation(obligation.getFulfillOn(), obligation.getId().toString(), arrayList2));
            }
            switch (result.getDecision()) {
                case BoundingBox.FIT_MINIMUM /* 0 */:
                    i = 2;
                    break;
                case 1:
                    i = 1;
                    break;
                case 2:
                    i = 0;
                    break;
                default:
                    i = 0;
                    break;
            }
            pDPResponseCollection.add(new PDPResponse(i, pDPRequest, arrayList));
            sLogger.error("Error during PDP request.", e);
            throw new DecisionProcessingException("Error during PDP request.", e);
        }
        return pDPResponseCollection;
    }

    private static RequestCtx prepareRequest(Target target) throws URISyntaxException, org.n52.security.service.base.ServiceException {
        Class cls;
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        HashSet hashSet3 = new HashSet();
        HashSet hashSet4 = new HashSet();
        HashSet hashSet5 = new HashSet();
        Subject subject = target.getSubject();
        if (class$org$n52$security$authentication$principals$UsernameIDPrincipal == null) {
            cls = class$("org.n52.security.authentication.principals.UsernameIDPrincipal");
            class$org$n52$security$authentication$principals$UsernameIDPrincipal = cls;
        } else {
            cls = class$org$n52$security$authentication$principals$UsernameIDPrincipal;
        }
        UsernameIDPrincipal usernameIDPrincipal = (UsernameIDPrincipal) subject.getPrincipals(cls).iterator().next();
        if (usernameIDPrincipal == null) {
            sLogger.warn("Subject contains no UsernameIDPrincipal! Answering with ServiceException!");
            throw new org.n52.security.service.base.ServiceException("Username lost.", org.n52.security.service.base.ServiceException.SERVICE_ERROR);
        }
        addSubjectToList(AbstractRequestBuilder.URN_OASIS_NAMES_TC_XACML_1_0_SUBJECT_SUBJECT_ID, usernameIDPrincipal.getName(), hashSet5);
        hashSet.add(new com.sun.xacml.ctx.Subject(hashSet5));
        hashSet2.add(new Attribute(new URI(AbstractRequestBuilder.URN_OASIS_NAMES_TC_XACML_1_0_RESOURCE_RESOURCE_ID), (String) null, (DateTimeAttribute) null, new StringAttribute(target.getResource().replaceAll("&", "&amp;"))));
        hashSet3.add(new Attribute(new URI(AbstractRequestBuilder.URN_OASIS_NAMES_TC_XACML_1_0_ACTION_ACTION_ID), (String) null, (DateTimeAttribute) null, new StringAttribute(target.getAction())));
        return new RequestCtx(hashSet, hashSet2, hashSet3, hashSet4);
    }

    private static void addSubjectToList(String str, String str2, Set set) throws URISyntaxException {
        set.add(new Attribute(new URI(str), (String) null, (DateTimeAttribute) null, new StringAttribute(str2)));
    }

    private synchronized Node sendRequest(RequestCtx requestCtx, LicensePrincipal licensePrincipal) throws SOAPException, SAXException, IOException, ServiceException {
        Document licenseAssertion = licensePrincipal.getLicenseAssertion();
        Document makeDocument = makeDocument(requestCtx);
        sLogger.info(new StringBuffer().append("XACML request to:").append(this.pdpURL).toString());
        if (this.call == null) {
            throw new SOAPException("Call is null");
        }
        return SOAPClient.sendXML(makeDocument, licenseAssertion, this.call);
    }

    private static Document makeDocument(RequestCtx requestCtx) throws SAXException, IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(512);
        requestCtx.encode(byteArrayOutputStream);
        return XMLUtils.getDocumentBuilder().parse(new InputSource(new StringReader(byteArrayOutputStream.toString())));
    }

    private static Subject buildSubject(String str, String str2) {
        Subject subject = new Subject();
        HashSet hashSet = new HashSet(8);
        hashSet.add(new UsernameIDPrincipal(str));
        hashSet.add(new AttributePrincipal("urn:conterra:names:sdi-suite:policy:attribute:role", str2));
        subject.getPrincipals().addAll(hashSet);
        return subject;
    }

    public String getLicenseRequest(String str) {
        StringBuffer stringBuffer = new StringBuffer("");
        stringBuffer.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
        stringBuffer.append("<PreparePolicy>");
        stringBuffer.append(new StringBuffer().append("<LicenseId>").append(str).append("</LicenseId>").toString());
        stringBuffer.append("</PreparePolicy>");
        return stringBuffer.toString();
    }

    public Document getLicenseByAssertionRequest(String str) throws Exception {
        Document newDocument = dBuilder.newDocument();
        Element createElement = newDocument.createElement("PreparePolicy");
        Element createElement2 = newDocument.createElement("LicenseId");
        createElement2.setTextContent(str);
        createElement.appendChild(createElement2);
        newDocument.appendChild(createElement);
        return newDocument;
    }

    public String geoAuthZRequest(String str, String str2, String str3, String str4, String str5) {
        StringBuffer stringBuffer = new StringBuffer("");
        stringBuffer.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
        stringBuffer.append("<Request>");
        stringBuffer.append("<Subject SubjectCategory=\"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\">");
        stringBuffer.append("<Attribute AttributeId=\"urn:oasis:names:tc:xacml:1.0:subject:subject-id\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("</Subject>");
        stringBuffer.append("<Resource>");
        stringBuffer.append("<Attribute AttributeId=\"urn:oasis:names:tc:xacml:1.0:resource:resource-id\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str3).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("<Attribute AttributeId=\"urn:oasis:names:tc:xacml:1.0:resource:resource-type\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str4).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("</Resource>");
        stringBuffer.append("<Action>");
        stringBuffer.append("<Attribute AttributeId=\"urn:oasis:names:tc:xacml:1.0:action:action-id\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str5).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("</Action>");
        stringBuffer.append("</Request>");
        return stringBuffer.toString();
    }

    public String geoAuthZRequest(String str, String str2, String str3, String str4) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
        stringBuffer.append("<Request>");
        stringBuffer.append("<Subject SubjectCategory=\"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\">");
        stringBuffer.append("<Attribute AttributeId=\"urn:ogc:ows4:subject:group\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str2).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("<Attribute AttributeId=\"urn:oasis:names:tc:xacml:1.0:subject:subject-id\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("</Subject>");
        stringBuffer.append("<Resource>");
        stringBuffer.append("<Attribute AttributeId=\"urn:oasis:names:tc:xacml:1.0:resource:resource-id\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str3).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("<Attribute AttributeId=\"urn:oasis:names:tc:xacml:1.0:resource:resource-type\" DataType=\"http://www.w3.org/2001/XMLSchema#string\">");
        stringBuffer.append(new StringBuffer().append("<AttributeValue>").append(str4).append("</AttributeValue>").toString());
        stringBuffer.append("</Attribute>");
        stringBuffer.append("</Resource>");
        stringBuffer.append("<Action/>");
        stringBuffer.append("</Request>");
        return stringBuffer.toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$service$gatekeeper$pdpproxy$RemotePDPProxy == null) {
            cls = class$("org.n52.security.service.gatekeeper.pdpproxy.RemotePDPProxy");
            class$org$n52$security$service$gatekeeper$pdpproxy$RemotePDPProxy = cls;
        } else {
            cls = class$org$n52$security$service$gatekeeper$pdpproxy$RemotePDPProxy;
        }
        sLogger = Logger.getLogger(cls);
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            newInstance.setValidating(false);
            dBuilder = newInstance.newDocumentBuilder();
            sTrans = TransformerFactory.newInstance().newTransformer();
            sTrans.setOutputProperty("indent", "yes");
        } catch (Exception e) {
            e.printStackTrace();
            sLogger.error((Object) null, e);
        }
    }
}
