package org.jfrog.access.common;

import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import lombok.Generated;
import org.jfrog.access.token.exception.TokenScopeException;
import org.jfrog.access.util.TokenScopeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jfrog/access/common/ScopeContainer.class */
public class ScopeContainer {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(ScopeContainer.class);
    private static final String RESOURCE_PERMISSION_DELIMITER = ":";
    private static final String USER_PERMISSION_GROUP = "*";
    public static final String APPLIED_PERMISSIONS_USER_SCOPE = "applied-permissions/user";
    private static final String MEMBER_OF_GROUPS_RESOURCE = "member-of-groups";
    public static final String LEGACY_APPLIED_PERMISSIONS_GROUP_SCOPE = "member-of-groups:";
    public static final String LEGACY_APPLIED_PERMISSIONS_USER_SCOPE = "member-of-groups:*";
    private static final String APPLIED_PERMISSIONS_GROUPS = "applied-permissions/groups";
    public static final String APPLIED_PERMISSIONS_GROUP_SCOPE = "applied-permissions/groups:";
    private static final String GROUP_DELIMITER = ",";
    public static final String ADMIN_PERMISSION = "applied-permissions/admin";
    private static final String OLD_ADMIN_PERMISSION = "admin";
    private Map<String, Scope> scopeMap = new HashMap();
    private boolean hasUserPermission = false;
    private boolean isAdmin = false;

    public static ScopeContainer create(String str) {
        ScopeContainer scopeContainer = new ScopeContainer();
        scopeContainer.addAll(str);
        return scopeContainer;
    }

    public void addAll(String str) {
        TokenScopeUtils.scopeToList(str).forEach(this::add);
    }

    public void addAllRaw(String str) {
        TokenScopeUtils.scopeToList(str).forEach(this::addRaw);
    }

    public void add(String str) {
        if (processSpecial(str)) {
            return;
        }
        doAddScope(str, false);
    }

    public void addRaw(String str) {
        processSpecial(str);
        doAddScope(str, true);
    }

    public void add(Scope scope) {
        if (this.scopeMap.containsKey(getName(scope))) {
            log.debug("Scope is malformed, {} is repeated, ignoring repeats", getName(scope));
        } else {
            this.scopeMap.put(getName(scope), scope);
        }
    }

    public Set<String> getGroups() {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.addAll(getGroups(this.scopeMap.get(MEMBER_OF_GROUPS_RESOURCE)));
        linkedHashSet.addAll(getGroups(this.scopeMap.get(APPLIED_PERMISSIONS_GROUPS)));
        return linkedHashSet;
    }

    public boolean hasUserPermission() {
        return this.hasUserPermission;
    }

    public boolean isAdmin() {
        return this.isAdmin;
    }

    private boolean processSpecial(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1544046138:
                if (str.equals(APPLIED_PERMISSIONS_USER_SCOPE)) {
                    z = false;
                    break;
                }
                break;
            case -639699788:
                if (str.equals(ADMIN_PERMISSION)) {
                    z = true;
                    break;
                }
                break;
            case 92668751:
                if (str.equals("admin")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                this.hasUserPermission = true;
                return true;
            case true:
            case true:
                this.isAdmin = true;
                return true;
            default:
                return false;
        }
    }

    private void doAddScope(String str, boolean z) {
        Scope scope = toScope(str);
        if (processOldUsers(scope, z) || processOldAdmin(scope, z)) {
            return;
        }
        add(scope);
    }

    private boolean processOldUsers(Scope scope, boolean z) {
        if (!MEMBER_OF_GROUPS_RESOURCE.equals(scope.getResource())) {
            return false;
        }
        Collection<? extends String> groups = getGroups(scope);
        if (!groups.contains("*")) {
            return false;
        }
        this.hasUserPermission = true;
        if (z) {
            add(scope);
            return true;
        }
        if (groups.size() <= 1) {
            return true;
        }
        add(new Scope(scope.getResource(), scope.getPermission().replaceAll(",\\s*\\*\\s*", "").replaceAll("\\s*\\*\\s*,?", "").replaceAll("^\\s*\\*\\s*$", "")));
        return true;
    }

    private boolean processOldAdmin(Scope scope, boolean z) {
        if (scope.getResource() == null || !isServiceId(scope.getResource()) || !"admin".equals(scope.getPermission())) {
            return false;
        }
        this.isAdmin = true;
        if (!z) {
            return true;
        }
        add(scope);
        return true;
    }

    private boolean isServiceId(String str) {
        try {
            ServiceId.fromFormattedName(str);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private Scope toScope(String str) {
        Scope scope;
        String[] split = str.split(RESOURCE_PERMISSION_DELIMITER);
        switch (split.length) {
            case 1:
                scope = new Scope(split[0]);
                break;
            case 2:
                scope = new Scope(split[0], split[1]);
                break;
            case 3:
                scope = new Scope(split[0] + "/" + split[1], split[2]);
                break;
            default:
                throw new TokenScopeException("sub-scope is malformed: " + split);
        }
        return scope;
    }

    private Collection<? extends String> getGroups(Scope scope) {
        return scope == null ? Collections.emptyList() : (Collection) Arrays.asList(scope.getPermission().replaceAll("^\"|\"$", "").split(GROUP_DELIMITER)).stream().map((v0) -> {
            return v0.trim();
        }).collect(Collectors.toUnmodifiableList());
    }

    private String getName(Scope scope) {
        return scope.getResource() != null ? scope.getResource() : scope.getPermission();
    }
}
