package eu.dnetlib.espas.pep;

import java.io.File;
import java.io.FileOutputStream;
import java.rmi.RemoteException;
import java.util.Collection;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.llom.util.AXIOMUtil;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.transport.http.HttpTransportProperties;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
import org.springframework.core.io.Resource;
import org.wso2.carbon.identity.entitlement.stub.EntitlementServiceException;
import org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub;

/* loaded from: input_file:eu/dnetlib/espas/pep/AuthenticationPEP.class */
public class AuthenticationPEP {
    private static final Logger _logger = Logger.getLogger(AuthenticationPEP.class);
    private EntitlementServiceStub entServiceStub;
    private Resource trustStore = null;
    private String trustStorePassword = null;
    private String serverUsername = null;
    private String serverPassword = null;
    private String serverUrl = null;
    private long connectionTimeout = 0;

    public void initEntitlementService() throws Exception {
        File createTempFile = File.createTempFile("trs", null);
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        createTempFile.deleteOnExit();
        IOUtils.copy(this.trustStore.getInputStream(), fileOutputStream);
        fileOutputStream.close();
        System.setProperty("javax.net.ssl.trustStore", createTempFile.getCanonicalPath());
        System.setProperty("javax.net.ssl.trustStorePassword", this.trustStorePassword);
        ConfigurationContext createConfigurationContextFromFileSystem = ConfigurationContextFactory.createConfigurationContextFromFileSystem((String) null, (String) null);
        HttpTransportProperties.Authenticator authenticator = new HttpTransportProperties.Authenticator();
        authenticator.setUsername(this.serverUsername);
        authenticator.setPassword(this.serverPassword);
        this.entServiceStub = new EntitlementServiceStub(createConfigurationContextFromFileSystem, this.serverUrl);
        ServiceClient _getServiceClient = this.entServiceStub._getServiceClient();
        Options options = _getServiceClient.getOptions();
        options.setManageSession(true);
        options.setProperty("Cookie", (Object) null);
        options.setProperty("_NTLM_DIGEST_BASIC_AUTHENTICATION_", authenticator);
        options.setManageSession(true);
        options.setTimeOutInMilliSeconds(this.connectionTimeout);
        _getServiceClient.setOptions(options);
        _logger.info("Entitlement service initialized succesfully");
    }

    public synchronized PEPResponseMap isPermitedRequest(Collection<String> collection, String str, String str2, String[] strArr) throws RemoteException {
        _logger.info("Evaluating request for [" + collection.size() + ", " + str + ", " + str2 + "]");
        PEPResponseMap pEPResponseMap = new PEPResponseMap();
        if (this.entServiceStub != null) {
            for (String str3 : collection) {
                try {
                    String decisionByAttributes = this.entServiceStub.getDecisionByAttributes(str, str3, str2, strArr);
                    _logger.trace("Evaluation of [" + collection.size() + ", " + str + ", " + str2 + "] returned :" + decisionByAttributes);
                    String[] pDPResults = getPDPResults(decisionByAttributes);
                    pEPResponseMap.addResponse(str3, new PEPResponse(str3, pDPResults[1], pDPResults[0].contains("Permit")));
                } catch (XMLStreamException e) {
                    _logger.error((Object) null, e);
                } catch (Exception e2) {
                    _logger.error((Object) null, e2);
                } catch (EntitlementServiceException e3) {
                    _logger.error((Object) null, e3);
                }
            }
        }
        return pEPResponseMap;
    }

    public synchronized boolean isPermitedRequest(String str, String str2, String str3, String[] strArr) throws RemoteException, EntitlementServiceException, Exception {
        _logger.info("Evaluating request for [" + str + ", " + str2 + ", " + str3 + "]");
        if (this.entServiceStub == null) {
            return false;
        }
        String decisionByAttributes = this.entServiceStub.getDecisionByAttributes(str2, str, str3, strArr);
        _logger.info("Evaluation of [" + str + ", " + str2 + ", " + str3 + "] returned :" + decisionByAttributes);
        return decisionByAttributes.contains("Permit");
    }

    public synchronized boolean isPermitedRequest(String str) throws RemoteException, EntitlementServiceException, Exception {
        _logger.info("Evaluating request " + str);
        if (this.entServiceStub == null) {
            return false;
        }
        String decision = this.entServiceStub.getDecision(str);
        _logger.info("Evaluation of [" + str + "] returned :" + decision);
        return decision.contains("Permit");
    }

    public Resource getTrustStore() {
        return this.trustStore;
    }

    public void setTrustStore(Resource resource) {
        this.trustStore = resource;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public String getServerUsername() {
        return this.serverUsername;
    }

    public void setServerUsername(String str) {
        this.serverUsername = str;
    }

    public String getServerPassword() {
        return this.serverPassword;
    }

    public void setServerPassword(String str) {
        this.serverPassword = str;
    }

    public String getServerUrl() {
        return this.serverUrl;
    }

    public void setServerUrl(String str) {
        this.serverUrl = str;
    }

    public long getConnectionTimeout() {
        return this.connectionTimeout;
    }

    public void setConnectionTimeout(long j) {
        this.connectionTimeout = j;
    }

    protected String[] getPDPResults(String str) throws XMLStreamException {
        String[] strArr = new String[2];
        OMElement stringToOM = AXIOMUtil.stringToOM(str);
        if (stringToOM != null && stringToOM.getChildElements().hasNext()) {
            OMElement firstChildWithName = stringToOM.getFirstChildWithName(new QName("urn:oasis:names:tc:xacml:3.0:core:schema:wd-17", "Result"));
            OMElement firstChildWithName2 = firstChildWithName.getFirstChildWithName(new QName("urn:oasis:names:tc:xacml:3.0:core:schema:wd-17", "Decision"));
            strArr[0] = firstChildWithName2 != null ? firstChildWithName2.getFirstOMChild().getText() : "";
            OMElement firstChildWithName3 = firstChildWithName.getFirstChildWithName(new QName("urn:oasis:names:tc:xacml:3.0:core:schema:wd-17", "AssociatedAdvice"));
            if (firstChildWithName3 != null) {
                OMElement firstChildWithName4 = firstChildWithName3.getFirstElement().getFirstChildWithName(new QName("urn:oasis:names:tc:xacml:3.0:core:schema:wd-17", "AttributeAssignment"));
                strArr[1] = firstChildWithName4 != null ? firstChildWithName4.getFirstOMChild().getText() : "";
            } else {
                strArr[1] = "";
            }
        }
        return strArr;
    }
}
