package org.fcrepo.server.security;

import com.sun.xacml.AbstractPolicy;
import com.sun.xacml.EvaluationCtx;
import com.sun.xacml.PolicySet;
import com.sun.xacml.attr.AttributeValue;
import com.sun.xacml.attr.BagAttribute;
import com.sun.xacml.attr.StringAttribute;
import com.sun.xacml.combine.PolicyCombiningAlgorithm;
import com.sun.xacml.cond.EvaluationResult;
import com.sun.xacml.ctx.Status;
import com.sun.xacml.finder.PolicyFinder;
import com.sun.xacml.finder.PolicyFinderResult;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.List;
import org.fcrepo.common.Constants;
import org.fcrepo.common.FaultException;
import org.fcrepo.server.ReadOnlyContext;
import org.fcrepo.server.errors.GeneralException;
import org.fcrepo.server.errors.ObjectNotInLowlevelStorageException;
import org.fcrepo.server.errors.ServerException;
import org.fcrepo.server.errors.ValidationException;
import org.fcrepo.server.storage.RepositoryReader;
import org.fcrepo.server.storage.types.Datastream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/fcrepo-server-3.5.jar:org/fcrepo/server/security/PolicyFinderModule.class */
public class PolicyFinderModule extends com.sun.xacml.finder.PolicyFinderModule {
    private static final Logger logger = LoggerFactory.getLogger(PolicyFinderModule.class);
    private static final List<String> ERROR_CODE_LIST = new ArrayList(1);
    private final String m_combiningAlgorithm;
    private final RepositoryReader m_repoReader;
    private final boolean m_validateRepositoryPolicies;
    private final boolean m_validateObjectPoliciesFromDatastream;
    private final PolicyParser m_policyParser;
    private final List<AbstractPolicy> m_repositoryPolicies;

    public PolicyFinderModule(String str, String str2, String str3, String str4, RepositoryReader repositoryReader, boolean z, boolean z2, PolicyParser policyParser) throws GeneralException {
        this.m_combiningAlgorithm = str;
        this.m_repoReader = repositoryReader;
        this.m_validateRepositoryPolicies = z;
        this.m_validateObjectPoliciesFromDatastream = z2;
        this.m_policyParser = policyParser;
        logger.info("Loading repository policies...");
        this.m_repositoryPolicies = new ArrayList();
        try {
            this.m_repositoryPolicies.addAll(loadPolicies(this.m_policyParser, this.m_validateRepositoryPolicies, new File(str2)));
            this.m_repositoryPolicies.addAll(loadPolicies(this.m_policyParser, this.m_validateRepositoryPolicies, new File(str3)));
        } catch (Exception e) {
            throw new GeneralException("Error loading repository policies", e);
        }
    }

    @Override // com.sun.xacml.finder.PolicyFinderModule
    public void init(PolicyFinder policyFinder) {
    }

    @Override // com.sun.xacml.finder.PolicyFinderModule
    public boolean isRequestSupported() {
        return true;
    }

    @Override // com.sun.xacml.finder.PolicyFinderModule
    public PolicyFinderResult findPolicy(EvaluationCtx evaluationCtx) {
        PolicyFinderResult policyFinderResult;
        AbstractPolicy loadObjectPolicy;
        try {
            ArrayList arrayList = new ArrayList(this.m_repositoryPolicies);
            String pid = getPid(evaluationCtx);
            if (pid != null && !"".equals(pid) && (loadObjectPolicy = loadObjectPolicy(pid)) != null) {
                arrayList.add(loadObjectPolicy);
            }
            policyFinderResult = new PolicyFinderResult(new PolicySet(new URI(""), (PolicyCombiningAlgorithm) Class.forName(this.m_combiningAlgorithm).newInstance(), null, arrayList));
        } catch (Exception e) {
            logger.warn("PolicyFinderModule seriously failed to evaluate a policy ", (Throwable) e);
            policyFinderResult = new PolicyFinderResult(new Status(ERROR_CODE_LIST, e.getMessage()));
        }
        return policyFinderResult;
    }

    private AbstractPolicy loadObjectPolicy(String str) throws ServerException {
        try {
            Datastream GetDatastream = this.m_repoReader.getReader(false, ReadOnlyContext.EMPTY, str).GetDatastream("POLICY", null);
            if (GetDatastream == null) {
                return null;
            }
            logger.debug("Using POLICY for " + str);
            return this.m_policyParser.copy().parse(GetDatastream.getContentStream(), this.m_validateObjectPoliciesFromDatastream);
        } catch (ObjectNotInLowlevelStorageException e) {
            return null;
        }
    }

    public static String getPid(EvaluationCtx evaluationCtx) {
        try {
            Object attributeFromEvaluationResult = getAttributeFromEvaluationResult(evaluationCtx.getResourceAttribute(new URI(StringAttribute.identifier), new URI(Constants.OBJECT.PID.uri), null));
            if (attributeFromEvaluationResult == null) {
                logger.debug("PolicyFinderModule:getPid exit on can't get contextId on request callback");
                return null;
            }
            if (attributeFromEvaluationResult instanceof StringAttribute) {
                return ((StringAttribute) attributeFromEvaluationResult).getValue();
            }
            logger.debug("PolicyFinderModule:getPid exit on couldn't get contextId from xacml request non-string returned");
            return null;
        } catch (URISyntaxException e) {
            throw new FaultException("Bad URI syntax", e);
        }
    }

    private static final Object getAttributeFromEvaluationResult(EvaluationResult evaluationResult) {
        if (evaluationResult.indeterminate()) {
            return null;
        }
        if (evaluationResult.getStatus() != null && !Status.STATUS_OK.equals(evaluationResult.getStatus())) {
            return null;
        }
        AttributeValue attributeValue = evaluationResult.getAttributeValue();
        if (!(attributeValue instanceof BagAttribute)) {
            return null;
        }
        BagAttribute bagAttribute = (BagAttribute) attributeValue;
        if (1 != bagAttribute.size()) {
            return null;
        }
        return bagAttribute.iterator().next();
    }

    private static List<AbstractPolicy> loadPolicies(PolicyParser policyParser, boolean z, File file) throws IOException, ValidationException {
        ArrayList arrayList = new ArrayList();
        for (File file2 : file.listFiles()) {
            if (file2.isDirectory()) {
                arrayList.addAll(loadPolicies(policyParser, z, file2));
            } else if (file2.getName().endsWith(".xml")) {
                logger.info("Loading policy: " + file2.getPath());
                arrayList.add(policyParser.parse(new FileInputStream(file2), z));
            }
        }
        return arrayList;
    }

    static {
        ERROR_CODE_LIST.add(Status.STATUS_PROCESSING_ERROR);
    }
}
