package org.gcube.common.authorizationservice.persistence;

import ch.qos.logback.core.CoreConstants;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.locks.ReentrantLock;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.EntityTransaction;
import javax.persistence.NoResultException;
import javax.persistence.TypedQuery;
import org.eclipse.persistence.sdo.SDOConstants;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.policies.PolicyType;
import org.gcube.common.authorization.library.policies.Service2ServicePolicy;
import org.gcube.common.authorization.library.policies.User2ServicePolicy;
import org.gcube.common.authorization.library.provider.ClientInfo;
import org.gcube.common.authorization.library.provider.ContainerInfo;
import org.gcube.common.authorization.library.provider.ExternalServiceInfo;
import org.gcube.common.authorization.library.provider.ServiceIdentifier;
import org.gcube.common.authorization.library.provider.ServiceInfo;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.authorizationservice.persistence.entities.AuthorizationEntity;
import org.gcube.common.authorizationservice.persistence.entities.AuthorizationId;
import org.gcube.common.authorizationservice.persistence.entities.EntityConstants;
import org.gcube.common.authorizationservice.persistence.entities.ExternalServiceAuthorizationEntity;
import org.gcube.common.authorizationservice.persistence.entities.NodeAuthorizationEntity;
import org.gcube.common.authorizationservice.persistence.entities.PolicyEntity;
import org.gcube.common.authorizationservice.persistence.entities.ServiceAuthorizationEntity;
import org.gcube.common.authorizationservice.persistence.entities.ServicePolicyEntity;
import org.gcube.common.authorizationservice.persistence.entities.UserAuthorizationEntity;
import org.gcube.common.authorizationservice.persistence.entities.UserPolicyEntity;
import org.gcube.common.authorizationservice.util.TokenPersistence;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:WEB-INF/classes/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.class */
public class RelationDBPersistence implements TokenPersistence {
    private static final Logger log = LoggerFactory.getLogger(RelationDBPersistence.class);

    @Inject
    EntityManagerFactory emFactory;
    ReentrantLock lock = new ReentrantLock(true);
    HashMap<String, AuthorizationId> synchMap = new HashMap<>();

    public void setEntitymanagerFactory(EntityManagerFactory entityManagerFactory) {
        this.emFactory = entityManagerFactory;
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public AuthorizationEntry getAuthorizationEntry(String str) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            try {
                TypedQuery createNamedQuery = createEntityManager.createNamedQuery("Authz.get", AuthorizationEntity.class);
                createNamedQuery.setParameter(SDOConstants.TOKEN, (Object) str);
                try {
                    AuthorizationEntity authorizationEntity = (AuthorizationEntity) createNamedQuery.getSingleResult();
                    if (authorizationEntity.getEntryType().equals(EntityConstants.SERVICE_AUTHORIZATION)) {
                        ServiceAuthorizationEntity serviceAuthorizationEntity = (ServiceAuthorizationEntity) authorizationEntity;
                        AuthorizationEntry authorizationEntry = new AuthorizationEntry(serviceAuthorizationEntity.getInfo(), serviceAuthorizationEntity.getContext(), retrievePolicies(serviceAuthorizationEntity, createEntityManager), serviceAuthorizationEntity.getQualifier());
                        createEntityManager.close();
                        return authorizationEntry;
                    }
                    if (authorizationEntity.getEntryType().equals(EntityConstants.USER_AUTHORIZATION)) {
                        UserAuthorizationEntity userAuthorizationEntity = (UserAuthorizationEntity) authorizationEntity;
                        AuthorizationEntry authorizationEntry2 = new AuthorizationEntry(userAuthorizationEntity.getInfo(), userAuthorizationEntity.getContext(), retrievePolicies(userAuthorizationEntity, createEntityManager), userAuthorizationEntity.getQualifier());
                        createEntityManager.close();
                        return authorizationEntry2;
                    }
                    if (authorizationEntity.getEntryType().equals(EntityConstants.EXTERNAL_SERVICE_AUTHORIZATION)) {
                        ExternalServiceAuthorizationEntity externalServiceAuthorizationEntity = (ExternalServiceAuthorizationEntity) authorizationEntity;
                        AuthorizationEntry authorizationEntry3 = new AuthorizationEntry(externalServiceAuthorizationEntity.getInfo(), externalServiceAuthorizationEntity.getContext(), new ArrayList(), externalServiceAuthorizationEntity.getQualifier());
                        createEntityManager.close();
                        return authorizationEntry3;
                    }
                    if (!authorizationEntity.getEntryType().equals(EntityConstants.CONTAINER_AUTHORIZATION)) {
                        throw new IllegalArgumentException("entryType cannot be mapped");
                    }
                    NodeAuthorizationEntity nodeAuthorizationEntity = (NodeAuthorizationEntity) authorizationEntity;
                    AuthorizationEntry authorizationEntry4 = new AuthorizationEntry(nodeAuthorizationEntity.getInfo(), nodeAuthorizationEntity.getContext(), new ArrayList(), nodeAuthorizationEntity.getQualifier());
                    createEntityManager.close();
                    return authorizationEntry4;
                } catch (NoResultException e) {
                    log.warn("no result found for token {}", str);
                    createEntityManager.close();
                    return null;
                }
            } catch (Throwable th) {
                log.error("error retrieving authorization entry", th);
                createEntityManager.close();
                return null;
            }
        } catch (Throwable th2) {
            createEntityManager.close();
            throw th2;
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public String getExistingToken(String str, String str2, String str3) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            AuthorizationEntity authorizationEntity = (AuthorizationEntity) createEntityManager.find(AuthorizationEntity.class, new AuthorizationId(str2, str, str3));
            if (authorizationEntity == null) {
                return null;
            }
            String token = authorizationEntity.getToken();
            createEntityManager.close();
            return token;
        } finally {
            createEntityManager.close();
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public void saveAuthorizationEntry(String str, String str2, ClientInfo clientInfo, String str3, String str4) {
        AuthorizationEntity userAuthorizationEntity = clientInfo instanceof UserInfo ? new UserAuthorizationEntity(str, str2, str3, (UserInfo) clientInfo) : clientInfo instanceof ServiceInfo ? new ServiceAuthorizationEntity(str, str2, str3, (ServiceInfo) clientInfo, str4) : clientInfo instanceof ExternalServiceInfo ? new ExternalServiceAuthorizationEntity(str, str2, str3, (ExternalServiceInfo) clientInfo, str4) : new NodeAuthorizationEntity(str, str2, str3, (ContainerInfo) clientInfo, str4);
        AuthorizationId authorizationId = new AuthorizationId(str2, clientInfo.getId(), str3);
        this.lock.lock();
        try {
            if (this.synchMap.containsKey(authorizationId.toString())) {
                authorizationId = this.synchMap.get(authorizationId.toString());
            } else {
                this.synchMap.put(authorizationId.toString(), authorizationId);
            }
            synchronized (authorizationId) {
                EntityManager createEntityManager = this.emFactory.createEntityManager();
                EntityTransaction transaction = createEntityManager.getTransaction();
                try {
                    try {
                        transaction.begin();
                        AuthorizationEntity authorizationEntity = (AuthorizationEntity) createEntityManager.find(AuthorizationEntity.class, authorizationId);
                        log.trace("AuthorizationEntity {} found, saving it", authorizationEntity == null ? "not" : "");
                        if (authorizationEntity == null) {
                            createEntityManager.persist(userAuthorizationEntity);
                        }
                        transaction.commit();
                        createEntityManager.close();
                        this.synchMap.remove(authorizationId.toString());
                    } catch (RuntimeException e) {
                        log.error("error saving authorization Entry", (Throwable) e);
                        if (transaction.isActive()) {
                            transaction.rollback();
                        }
                        throw e;
                    }
                } catch (Throwable th) {
                    createEntityManager.close();
                    this.synchMap.remove(authorizationId.toString());
                    throw th;
                }
            }
        } finally {
            this.lock.unlock();
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public void addPolicies(List<Policy> list) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            try {
                createEntityManager.getTransaction().begin();
                for (Policy policy : list) {
                    if (policy.getPolicyType() == PolicyType.SERVICE) {
                        Service2ServicePolicy service2ServicePolicy = (Service2ServicePolicy) policy;
                        createEntityManager.persist(new ServicePolicyEntity(service2ServicePolicy.getContext(), service2ServicePolicy.getServiceAccess(), service2ServicePolicy.getClient(), service2ServicePolicy.getMode()));
                    } else {
                        User2ServicePolicy user2ServicePolicy = (User2ServicePolicy) policy;
                        createEntityManager.persist(new UserPolicyEntity(user2ServicePolicy.getContext(), user2ServicePolicy.getServiceAccess(), user2ServicePolicy.getEntity(), user2ServicePolicy.getMode()));
                    }
                }
                createEntityManager.getTransaction().commit();
                createEntityManager.close();
            } catch (Exception e) {
                log.error("error storing policy", (Throwable) e);
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            createEntityManager.close();
            throw th;
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public void removePolicy(long j) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            try {
                createEntityManager.getTransaction().begin();
                PolicyEntity policyEntity = (PolicyEntity) createEntityManager.find(PolicyEntity.class, Long.valueOf(j));
                if (policyEntity != null) {
                    createEntityManager.remove(policyEntity);
                } else {
                    log.warn("policy with id {} not found", Long.valueOf(j));
                }
                createEntityManager.getTransaction().commit();
                createEntityManager.close();
            } catch (Exception e) {
                log.error("error removing policy with id {}", Long.valueOf(j), e);
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            createEntityManager.close();
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v32, types: [org.gcube.common.authorization.library.policies.Service2ServicePolicy] */
    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public List<Policy> getPolices(String str) {
        ArrayList arrayList = new ArrayList();
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            TypedQuery createNamedQuery = createEntityManager.createNamedQuery("Policy.allPolicies", PolicyEntity.class);
            createNamedQuery.setParameter(CoreConstants.CONTEXT_SCOPE_VALUE, (Object) str);
            log.info("query to get all policies in context {} , {} ", createNamedQuery.getParameterValue(CoreConstants.CONTEXT_SCOPE_VALUE), createNamedQuery.toString());
            for (PolicyEntity policyEntity : createNamedQuery.getResultList()) {
                User2ServicePolicy service2ServicePolicy = policyEntity.getPolicyType().equals(EntityConstants.SERVICE_POLICY) ? new Service2ServicePolicy(policyEntity.getContext(), policyEntity.getServiceAccess(), ((ServicePolicyEntity) policyEntity).getClientAccess(), policyEntity.getAction()) : new User2ServicePolicy(policyEntity.getContext(), policyEntity.getServiceAccess(), ((UserPolicyEntity) policyEntity).getUser(), policyEntity.getAction());
                service2ServicePolicy.setId(policyEntity.getId());
                service2ServicePolicy.setCreationTime(policyEntity.getCreationTime());
                service2ServicePolicy.setLastUpdateTime(policyEntity.getLastUpdateTime());
                arrayList.add(service2ServicePolicy);
            }
            log.info("policies to return are {} ", Integer.valueOf(arrayList.size()));
            return arrayList;
        } finally {
            createEntityManager.close();
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public List<Policy> getPolicesByType(String str, PolicyType policyType) {
        return null;
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public List<Policy> getPolicesByTypeAndClientId(String str, PolicyType policyType, String str2) {
        return null;
    }

    private List<Policy> retrievePolicies(UserAuthorizationEntity userAuthorizationEntity, EntityManager entityManager) {
        ArrayList arrayList = new ArrayList();
        TypedQuery createNamedQuery = entityManager.createNamedQuery("UserPolicy.get", UserPolicyEntity.class);
        createNamedQuery.setParameter(CoreConstants.CONTEXT_SCOPE_VALUE, (Object) userAuthorizationEntity.getContext());
        createNamedQuery.setParameter("user", (Object) userAuthorizationEntity.getInfo().getId());
        if (userAuthorizationEntity.getInfo().getRoles().isEmpty()) {
            createNamedQuery.setParameter("rolesList", (Object) Collections.singleton(""));
        } else {
            createNamedQuery.setParameter("rolesList", (Object) userAuthorizationEntity.getInfo().getRoles());
        }
        for (UserPolicyEntity userPolicyEntity : createNamedQuery.getResultList()) {
            User2ServicePolicy user2ServicePolicy = new User2ServicePolicy(userPolicyEntity.getContext(), userPolicyEntity.getServiceAccess(), userPolicyEntity.getUser(), userPolicyEntity.getAction());
            user2ServicePolicy.setCreationTime(userPolicyEntity.getCreationTime());
            user2ServicePolicy.setLastUpdateTime(userPolicyEntity.getLastUpdateTime());
            arrayList.add(user2ServicePolicy);
        }
        log.debug("user policies found are {}", arrayList);
        return arrayList;
    }

    private List<Policy> retrievePolicies(ServiceAuthorizationEntity serviceAuthorizationEntity, EntityManager entityManager) {
        ArrayList arrayList = new ArrayList();
        ServiceIdentifier serviceIdentifier = ((ServiceInfo) serviceAuthorizationEntity.getInfo()).getServiceIdentifier();
        TypedQuery createNamedQuery = entityManager.createNamedQuery("ServicePolicy.get", ServicePolicyEntity.class);
        createNamedQuery.setParameter(CoreConstants.CONTEXT_SCOPE_VALUE, (Object) serviceAuthorizationEntity.getContext());
        createNamedQuery.setParameter("serviceClass", (Object) serviceIdentifier.getServiceClass());
        createNamedQuery.setParameter("serviceName", (Object) serviceIdentifier.getServiceName());
        createNamedQuery.setParameter("identifier", (Object) serviceIdentifier.getServiceId());
        for (ServicePolicyEntity servicePolicyEntity : createNamedQuery.getResultList()) {
            Service2ServicePolicy service2ServicePolicy = new Service2ServicePolicy(servicePolicyEntity.getContext(), servicePolicyEntity.getServiceAccess(), servicePolicyEntity.getClientAccess(), servicePolicyEntity.getAction());
            service2ServicePolicy.setCreationTime(servicePolicyEntity.getCreationTime());
            service2ServicePolicy.setLastUpdateTime(servicePolicyEntity.getLastUpdateTime());
            arrayList.add(service2ServicePolicy);
        }
        log.debug("service policies found are {}", arrayList);
        return arrayList;
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public Map<String, String> getExistingApiKeys(String str, String str2) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            TypedQuery createNamedQuery = createEntityManager.createNamedQuery("Authz.getQualifiers", AuthorizationEntity.class);
            createNamedQuery.setParameter(CoreConstants.CONTEXT_SCOPE_VALUE, (Object) str2);
            createNamedQuery.setParameter("clientId", (Object) str);
            List<AuthorizationEntity> resultList = createNamedQuery.getResultList();
            HashMap hashMap = new HashMap();
            for (AuthorizationEntity authorizationEntity : resultList) {
                hashMap.put(authorizationEntity.getQualifier(), authorizationEntity.getToken());
            }
            return hashMap;
        } finally {
            createEntityManager.close();
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public Map<String, String> getExistingExternalServices(String str, String str2) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            TypedQuery createNamedQuery = createEntityManager.createNamedQuery("ExternalService.getByGenerator", ExternalServiceAuthorizationEntity.class);
            createNamedQuery.setParameter(CoreConstants.CONTEXT_SCOPE_VALUE, (Object) str2);
            createNamedQuery.setParameter("generatorId", (Object) str);
            List<ExternalServiceAuthorizationEntity> resultList = createNamedQuery.getResultList();
            HashMap hashMap = new HashMap();
            for (ExternalServiceAuthorizationEntity externalServiceAuthorizationEntity : resultList) {
                hashMap.put(externalServiceAuthorizationEntity.getClientId(), externalServiceAuthorizationEntity.getToken());
            }
            return hashMap;
        } finally {
            createEntityManager.close();
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public void removeApiKey(String str) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            createEntityManager.getTransaction().begin();
            TypedQuery createNamedQuery = createEntityManager.createNamedQuery("Authz.getByToken", AuthorizationEntity.class);
            createNamedQuery.setParameter(SDOConstants.TOKEN, (Object) str);
            AuthorizationEntity authorizationEntity = (AuthorizationEntity) createNamedQuery.getSingleResult();
            if (authorizationEntity != null) {
                createEntityManager.remove(authorizationEntity);
            }
            createEntityManager.getTransaction().commit();
        } catch (Exception e) {
            log.error("error removing apikey  {}", str);
            createEntityManager.close();
        }
    }

    @Override // org.gcube.common.authorizationservice.util.TokenPersistence
    public void removeAllAuthorizationsEntryForClientId(String str, String str2) {
        EntityManager createEntityManager = this.emFactory.createEntityManager();
        try {
            createEntityManager.getTransaction().begin();
            TypedQuery createNamedQuery = createEntityManager.createNamedQuery("Authz.getGeneratedTokenByClientId", AuthorizationEntity.class);
            createNamedQuery.setParameter("clientid", (Object) str2);
            createNamedQuery.setParameter(CoreConstants.CONTEXT_SCOPE_VALUE, (Object) str);
            Iterator it = createNamedQuery.getResultList().iterator();
            while (it.hasNext()) {
                createEntityManager.remove((AuthorizationEntity) it.next());
            }
            createEntityManager.getTransaction().commit();
        } catch (Exception e) {
            log.error("error removing client authorization for user {}  ", str2);
            createEntityManager.close();
        }
    }
}
