package io.corbel.iam.service;

import com.google.common.collect.Sets;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonPrimitive;
import io.corbel.iam.exception.ScopeAbsentIdException;
import io.corbel.iam.exception.ScopeNameException;
import io.corbel.iam.model.Device;
import io.corbel.iam.model.Scope;
import io.corbel.iam.repository.ScopeRepository;
import io.corbel.iam.scope.ScopeFillStrategy;
import io.corbel.lib.ws.auth.repository.AuthorizationRulesRepository;
import java.time.Clock;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.lang3.Validate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.CollectionUtils;

/* loaded from: input_file:io/corbel/iam/service/DefaultScopeService.class */
public class DefaultScopeService implements ScopeService {
    private static final Logger LOG = LoggerFactory.getLogger(DefaultScopeService.class);
    static final int SCOPE_ID_POSITION = 0;
    static final int FIRST_PARAM_POSITION = 1;
    static final String SCOPE_PARAMS_SEPARATOR = ";";
    private final ScopeRepository scopeRepository;
    private final AuthorizationRulesRepository authorizationRulesRepository;
    private final long publicTokenExpireTimeInMillis;
    private final ScopeFillStrategy fillStrategy;
    private final String iamAudience;
    private final Clock clock;
    private final EventsService eventsService;

    public DefaultScopeService(ScopeRepository scopeRepository, AuthorizationRulesRepository authorizationRulesRepository, long j, ScopeFillStrategy scopeFillStrategy, String str, Clock clock, EventsService eventsService) {
        this.scopeRepository = scopeRepository;
        this.authorizationRulesRepository = authorizationRulesRepository;
        this.publicTokenExpireTimeInMillis = j;
        this.fillStrategy = scopeFillStrategy;
        this.iamAudience = str;
        this.clock = clock;
        this.eventsService = eventsService;
    }

    @Override // io.corbel.iam.service.ScopeService
    public Scope getScope(String str) {
        return this.scopeRepository.findOne(str);
    }

    @Override // io.corbel.iam.service.ScopeService
    public Set<Scope> getScopes(Collection<String> collection) {
        return CollectionUtils.isEmpty(collection) ? Collections.emptySet() : getScopes((String[]) collection.toArray(new String[collection.size()]));
    }

    @Override // io.corbel.iam.service.ScopeService
    public Set<Scope> getScopes(String... strArr) {
        ArrayList arrayList = new ArrayList();
        if (strArr.length > 0) {
            int length = strArr.length;
            for (int i = SCOPE_ID_POSITION; i < length; i += FIRST_PARAM_POSITION) {
                String[] split = strArr[i].split(SCOPE_PARAMS_SEPARATOR);
                Optional.ofNullable(getScope(split[SCOPE_ID_POSITION])).ifPresent(scope -> {
                    if (scopeHasCustomParameters(scope)) {
                        scope = fillScopeCustomParameters(scope, split);
                    }
                    arrayList.add(scope);
                });
            }
            if (arrayList.size() != strArr.length) {
                throw new IllegalStateException("Nonexistent scope: " + Sets.difference(Sets.newHashSet(strArr), (Set) arrayList.stream().map((v0) -> {
                    return v0.getId();
                }).collect(Collectors.toSet())));
            }
        }
        return Sets.newHashSet(arrayList);
    }

    private boolean scopeHasCustomParameters(Scope scope) {
        return scope.getParameters() != null;
    }

    private Scope fillScopeCustomParameters(Scope scope, String[] strArr) {
        Scope scope2 = new Scope(scope.getId(), scope.getType(), scope.getAudience(), scope.getScopes(), scope.getRules(), new JsonParser().parse(scope.getParameters().toString()).getAsJsonObject());
        Map<String, String> createParametersMap = createParametersMap(strArr);
        scope2.getParameters().entrySet().forEach(entry -> {
            if (createParametersMap.containsKey(entry.getKey())) {
                String str = (String) createParametersMap.get(entry.getKey());
                if (Pattern.matches(((JsonElement) entry.getValue()).getAsString(), str)) {
                    scope2.getParameters().add((String) entry.getKey(), new JsonPrimitive(str));
                }
            }
        });
        return scope2;
    }

    private Map<String, String> createParametersMap(String[] strArr) {
        HashMap hashMap = new HashMap();
        hashMap.put("scopeId", strArr[SCOPE_ID_POSITION]);
        for (int i = FIRST_PARAM_POSITION; i < strArr.length; i += FIRST_PARAM_POSITION) {
            String[] split = strArr[i].split("=");
            if (split.length == 2) {
                hashMap.put(split[SCOPE_ID_POSITION], split[FIRST_PARAM_POSITION]);
            } else {
                LOG.warn("Custom parameter " + split[SCOPE_ID_POSITION] + " is wrong");
            }
        }
        return hashMap;
    }

    @Override // io.corbel.iam.service.ScopeService
    public Set<Scope> fillScopes(Set<Scope> set, String str, String str2, String str3) {
        return (Set) set.stream().map(scope -> {
            return fillScope(scope, str, str2, str3);
        }).collect(Collectors.toSet());
    }

    @Override // io.corbel.iam.service.ScopeService
    public Scope fillScope(Scope scope, String str, String str2, String str3) {
        Validate.notNull(scope, "scope must not be null", new Object[SCOPE_ID_POSITION]);
        Validate.notNull(str2, "clientId must not be null", new Object[SCOPE_ID_POSITION]);
        Validate.notNull(str3, "domainId must not be null", new Object[SCOPE_ID_POSITION]);
        Map<String, String> createDefaultParams = createDefaultParams(Device.USER_ID_FIELD, str, "clientId", str2, "domainId", str3);
        fillParamsWithCustomParameters(scope, createDefaultParams);
        return this.fillStrategy.fillScope(scope, createDefaultParams);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void fillParamsWithCustomParameters(Scope scope, Map<String, String> map) {
        if (scope.getParameters() != null) {
            for (Map.Entry entry : scope.getParameters().entrySet()) {
                map.put(entry.getKey(), ((JsonElement) entry.getValue()).getAsString());
            }
        }
    }

    @Override // io.corbel.iam.service.ScopeService
    public void publishAuthorizationRules(String str, long j, Set<Scope> set) {
        Validate.notNull(set);
        Validate.noNullElements(set);
        for (Map.Entry<String, Set<JsonObject>> entry : prepareRules((Scope[]) set.toArray(new Scope[set.size()])).entrySet()) {
            Set<JsonObject> value = entry.getValue();
            this.authorizationRulesRepository.save(this.authorizationRulesRepository.getKeyForAuthorizationRules(str, entry.getKey()), getMillisTo(j), (JsonObject[]) value.toArray(new JsonObject[value.size()]));
        }
    }

    @Override // io.corbel.iam.service.ScopeService
    public void addAuthorizationRules(String str, Set<Scope> set) {
        addAuthorizationRules(str, set, false);
    }

    @Override // io.corbel.iam.service.ScopeService
    public void addAuthorizationRulesForPublicAccess(String str, Set<Scope> set) {
        addAuthorizationRules(str, (Set) set.stream().map(scope -> {
            if (scope.getParameters() == null) {
                return scope;
            }
            HashMap hashMap = new HashMap();
            scope.getParameters().entrySet().forEach(entry -> {
            });
            return this.fillStrategy.fillScope(scope, hashMap);
        }).collect(Collectors.toSet()), true);
    }

    private void addAuthorizationRules(String str, Set<Scope> set, boolean z) {
        for (Map.Entry<String, Set<JsonObject>> entry : prepareRules((Scope[]) set.toArray(new Scope[set.size()])).entrySet()) {
            Set<JsonObject> value = entry.getValue();
            String keyForAuthorizationRules = this.authorizationRulesRepository.getKeyForAuthorizationRules(str, entry.getKey());
            if (this.authorizationRulesRepository.existsRules(keyForAuthorizationRules)) {
                this.authorizationRulesRepository.addRules(keyForAuthorizationRules, (JsonObject[]) value.toArray(new JsonObject[value.size()]));
            } else {
                this.authorizationRulesRepository.save(keyForAuthorizationRules, z ? this.publicTokenExpireTimeInMillis : getRulesExpireTime(str), (JsonObject[]) value.toArray(new JsonObject[value.size()]));
            }
        }
    }

    private long getRulesExpireTime(String str) {
        return TimeUnit.SECONDS.toMillis(this.authorizationRulesRepository.getTimeToExpire(this.authorizationRulesRepository.getKeyForAuthorizationRules(str, this.iamAudience)).longValue());
    }

    @Override // io.corbel.iam.service.ScopeService
    public Set<Scope> expandScopes(Collection<String> collection) {
        if (CollectionUtils.isEmpty(collection)) {
            return Collections.emptySet();
        }
        Validate.notNull(collection);
        Validate.noNullElements(collection);
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        ArrayList arrayList = new ArrayList(collection.size());
        arrayList.addAll(getScopes(collection));
        while (!arrayList.isEmpty()) {
            Scope scope = (Scope) arrayList.remove(SCOPE_ID_POSITION);
            if (!scope.isComposed()) {
                hashSet.add(scope);
            } else if (hashSet2.add(scope)) {
                arrayList.addAll(getScopes(addParams(scope.getScopes(), Optional.ofNullable(scope.getParameters()))));
            }
        }
        return hashSet;
    }

    private Set<String> addParams(Set<String> set, Optional<JsonObject> optional) {
        if (!optional.isPresent()) {
            return set;
        }
        StringBuilder sb = new StringBuilder();
        for (Map.Entry entry : optional.get().entrySet()) {
            sb.append(SCOPE_PARAMS_SEPARATOR + ((String) entry.getKey()) + "=" + ((JsonElement) entry.getValue()).getAsString());
        }
        String sb2 = sb.toString();
        return (Set) set.stream().map(str -> {
            return str + sb2;
        }).collect(Collectors.toSet());
    }

    @Override // io.corbel.iam.service.ScopeService
    public void create(Scope scope) throws ScopeNameException, ScopeAbsentIdException {
        if (scope.getId() == null) {
            throw new ScopeAbsentIdException();
        }
        if (scope.getId().contains(SCOPE_PARAMS_SEPARATOR)) {
            throw new ScopeNameException();
        }
        this.scopeRepository.save(scope);
        this.eventsService.sendCreateScope(scope.getIdWithParameters());
    }

    @Override // io.corbel.iam.service.ScopeService
    public void delete(String str) {
        this.scopeRepository.delete(str);
        this.eventsService.sendDeleteScope(str);
    }

    private Map<String, Set<JsonObject>> prepareRules(Scope... scopeArr) {
        Validate.noNullElements(scopeArr);
        HashMap hashMap = new HashMap();
        int length = scopeArr.length;
        for (int i = SCOPE_ID_POSITION; i < length; i += FIRST_PARAM_POSITION) {
            Scope scope = scopeArr[i];
            Set set = (Set) hashMap.get(scope.getAudience());
            if (set == null) {
                set = new HashSet();
                hashMap.put(scope.getAudience(), set);
            }
            set.addAll(scope.getRules());
        }
        return hashMap;
    }

    private long getMillisTo(long j) {
        return j - this.clock.millis();
    }

    private Map<String, String> createDefaultParams(String... strArr) {
        HashMap hashMap = new HashMap(strArr.length / 2);
        for (int i = SCOPE_ID_POSITION; i < strArr.length; i += 2) {
            hashMap.put(strArr[i], strArr[i + FIRST_PARAM_POSITION]);
        }
        return hashMap;
    }
}
