package org.ow2.authzforce.core.pdp.impl.policy;

import com.google.common.collect.HashBasedTable;
import com.google.common.collect.Table;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.file.FileVisitOption;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Deque;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Stream;
import javax.xml.bind.JAXBException;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet;
import org.ow2.authzforce.core.pdp.api.EnvironmentProperties;
import org.ow2.authzforce.core.pdp.api.IndeterminateEvaluationException;
import org.ow2.authzforce.core.pdp.api.XmlUtils;
import org.ow2.authzforce.core.pdp.api.combining.CombiningAlgRegistry;
import org.ow2.authzforce.core.pdp.api.expression.ExpressionFactory;
import org.ow2.authzforce.core.pdp.api.policy.BaseStaticRefPolicyProvider;
import org.ow2.authzforce.core.pdp.api.policy.CloseableRefPolicyProvider;
import org.ow2.authzforce.core.pdp.api.policy.PolicyRefsMetadata;
import org.ow2.authzforce.core.pdp.api.policy.PolicyVersion;
import org.ow2.authzforce.core.pdp.api.policy.PolicyVersionPatterns;
import org.ow2.authzforce.core.pdp.api.policy.StaticTopLevelPolicyElementEvaluator;
import org.ow2.authzforce.core.xmlns.pdp.StaticRefPolicyProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.ResourceUtils;

/* loaded from: input_file:org/ow2/authzforce/core/pdp/impl/policy/CoreRefPolicyProvider.class */
public class CoreRefPolicyProvider extends BaseStaticRefPolicyProvider {
    private static final IllegalArgumentException NO_POLICY_ARG_EXCEPTION;
    private static final IllegalArgumentException ILLEGAL_COMBINING_ALG_REGISTRY_ARGUMENT_EXCEPTION;
    private static final IllegalArgumentException ILLEGAL_EXPRESSION_FACTORY_ARGUMENT_EXCEPTION;
    private static final IllegalArgumentException ILLEGAL_XACML_PARSER_FACTORY_ARGUMENT_EXCEPTION;
    private static final IllegalArgumentException ILLEGAL_POLICY_URLS_ARGUMENT_EXCEPTION;
    private static final Logger LOGGER;
    private final PolicyMap<StaticTopLevelPolicyElementEvaluator> policyEvaluatorMap;
    private final PolicyMap<StaticTopLevelPolicyElementEvaluator> policySetEvaluatorMap;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:org/ow2/authzforce/core/pdp/impl/policy/CoreRefPolicyProvider$Factory.class */
    public static class Factory extends CloseableRefPolicyProvider.Factory<StaticRefPolicyProvider> {
        private static final IllegalArgumentException NULL_CONF_ARGUMENT_EXCEPTION;
        private static final Pattern WILDCARD_SEQ_PREFIX_PATTERN;
        static final /* synthetic */ boolean $assertionsDisabled;

        public Class<StaticRefPolicyProvider> getJaxbClass() {
            return StaticRefPolicyProvider.class;
        }

        public CloseableRefPolicyProvider getInstance(StaticRefPolicyProvider staticRefPolicyProvider, XmlUtils.XmlnsFilteringParserFactory xmlnsFilteringParserFactory, int i, ExpressionFactory expressionFactory, CombiningAlgRegistry combiningAlgRegistry, EnvironmentProperties environmentProperties) {
            if (staticRefPolicyProvider == null) {
                throw NULL_CONF_ARGUMENT_EXCEPTION;
            }
            ArrayList arrayList = new ArrayList();
            int i2 = 0;
            for (String str : staticRefPolicyProvider.getPolicyLocations()) {
                String replacePlaceholders = environmentProperties.replacePlaceholders(str);
                try {
                    if (replacePlaceholders.startsWith("file:")) {
                        if (replacePlaceholders.endsWith("/")) {
                            throw new IllegalArgumentException("Invalid policy location pattern: " + replacePlaceholders);
                        }
                        int indexOf = replacePlaceholders.indexOf("/*");
                        if (indexOf > 0) {
                            String substring = replacePlaceholders.substring("file:".length(), indexOf);
                            String substring2 = replacePlaceholders.substring(indexOf + 1);
                            if (CoreRefPolicyProvider.LOGGER.isDebugEnabled()) {
                                CoreRefPolicyProvider.LOGGER.debug("Policy location #{} is a filepath pattern (found '/*') -> expanding to all files in directory '{}' matching pattern '{}'", new Object[]{Integer.valueOf(i2), substring, substring2});
                            }
                            Matcher matcher = WILDCARD_SEQ_PREFIX_PATTERN.matcher(substring2);
                            if (!matcher.matches()) {
                                throw new IllegalArgumentException("Invalid policy location: '" + str + "'. Pattern part does not match regex: " + WILDCARD_SEQ_PREFIX_PATTERN.pattern());
                            }
                            String group = matcher.group(1);
                            String group2 = matcher.group(2);
                            if (!$assertionsDisabled && group == null) {
                                throw new AssertionError();
                            }
                            try {
                                Stream<Path> find = Files.find(Paths.get(substring, new String[0]), group.length(), (path, basicFileAttributes) -> {
                                    return basicFileAttributes.isRegularFile() && path.getFileName().toString().endsWith(group2.substring(1));
                                }, new FileVisitOption[0]);
                                Throwable th = null;
                                try {
                                    try {
                                        find.forEach(path2 -> {
                                            CoreRefPolicyProvider.LOGGER.debug("Adding policy file: {}", path2);
                                            try {
                                                arrayList.add(path2.toUri().toURL());
                                            } catch (MalformedURLException e) {
                                                throw new RuntimeException("Error getting policy files in '" + substring + "' according to policy location pattern '" + replacePlaceholders + "'", e);
                                            }
                                        });
                                        if (find != null) {
                                            if (0 != 0) {
                                                try {
                                                    find.close();
                                                } catch (Throwable th2) {
                                                    th.addSuppressed(th2);
                                                }
                                            } else {
                                                find.close();
                                            }
                                        }
                                    } finally {
                                    }
                                } finally {
                                }
                            } catch (IOException e) {
                                throw new RuntimeException("Error getting policy files in '" + substring + "' according to policy location pattern '" + replacePlaceholders + "'", e);
                            }
                        }
                    }
                    URL url = ResourceUtils.getURL(replacePlaceholders);
                    if (url == null) {
                        throw new IllegalArgumentException("No policy file found at the specified location: " + replacePlaceholders);
                    }
                    arrayList.add(url);
                    i2++;
                } catch (FileNotFoundException e2) {
                    throw new IllegalArgumentException("Error loading policy (as Spring resource) from the following URL: " + replacePlaceholders, e2);
                }
            }
            return CoreRefPolicyProvider.getInstance(arrayList, staticRefPolicyProvider.isIgnoreOldVersions(), xmlnsFilteringParserFactory, i, expressionFactory, combiningAlgRegistry);
        }

        static {
            $assertionsDisabled = !CoreRefPolicyProvider.class.desiredAssertionStatus();
            NULL_CONF_ARGUMENT_EXCEPTION = new IllegalArgumentException("RefPolicyProvider configuration undefined");
            WILDCARD_SEQ_PREFIX_PATTERN = Pattern.compile("^(\\*+)([^\\*]*)$");
        }
    }

    /* loaded from: input_file:org/ow2/authzforce/core/pdp/impl/policy/CoreRefPolicyProvider$InitOnlyRefPolicyProvider.class */
    private static class InitOnlyRefPolicyProvider extends BaseStaticRefPolicyProvider {
        private final ExpressionFactory expressionFactory;
        private final CombiningAlgRegistry combiningAlgRegistry;
        private final PolicyMap<StaticTopLevelPolicyElementEvaluator> policyMap;
        private final PolicyMap<PolicyWithNamespaces<PolicySet>> jaxbPolicySetMap;
        private final Table<String, PolicyVersion, StaticTopLevelPolicyElementEvaluator> policySetMapToUpdate;

        private InitOnlyRefPolicyProvider(PolicyMap<StaticTopLevelPolicyElementEvaluator> policyMap, PolicyMap<PolicyWithNamespaces<PolicySet>> policyMap2, Table<String, PolicyVersion, StaticTopLevelPolicyElementEvaluator> table, int i, ExpressionFactory expressionFactory, CombiningAlgRegistry combiningAlgRegistry) {
            super(i);
            this.policyMap = policyMap;
            this.policySetMapToUpdate = table;
            this.jaxbPolicySetMap = policyMap2;
            this.expressionFactory = expressionFactory;
            this.combiningAlgRegistry = combiningAlgRegistry;
        }

        protected StaticTopLevelPolicyElementEvaluator getPolicy(String str, Optional<PolicyVersionPatterns> optional) throws IndeterminateEvaluationException {
            Map.Entry<PolicyVersion, StaticTopLevelPolicyElementEvaluator> entry = this.policyMap.get(str, optional);
            if (entry == null) {
                return null;
            }
            return entry.getValue();
        }

        public StaticTopLevelPolicyElementEvaluator getPolicySet(String str, Optional<PolicyVersionPatterns> optional, Deque<String> deque) {
            StaticTopLevelPolicyElementEvaluator staticTopLevelPolicyElementEvaluator;
            Map.Entry<PolicyVersion, PolicyWithNamespaces<PolicySet>> entry = this.jaxbPolicySetMap.get(str, optional);
            if (entry == null) {
                return null;
            }
            PolicyVersion key = entry.getKey();
            StaticTopLevelPolicyElementEvaluator staticTopLevelPolicyElementEvaluator2 = (StaticTopLevelPolicyElementEvaluator) this.policySetMapToUpdate.get(str, key);
            if (staticTopLevelPolicyElementEvaluator2 == null) {
                PolicyWithNamespaces<PolicySet> value = entry.getValue();
                try {
                    staticTopLevelPolicyElementEvaluator = PolicyEvaluators.getInstanceStatic((PolicySet) ((PolicyWithNamespaces) value).policy, null, ((PolicyWithNamespaces) value).nsPrefixUriMap, this.expressionFactory, this.combiningAlgRegistry, this, deque);
                    this.policySetMapToUpdate.put(str, key, staticTopLevelPolicyElementEvaluator);
                } catch (IllegalArgumentException e) {
                    throw new IllegalArgumentException("Invalid PolicySet with PolicySetId=" + str + ", Version=" + key, e);
                }
            } else {
                staticTopLevelPolicyElementEvaluator = staticTopLevelPolicyElementEvaluator2;
                if (deque != null && !deque.isEmpty()) {
                    Optional policyRefsMetadata = staticTopLevelPolicyElementEvaluator2.getPolicyRefsMetadata();
                    if (policyRefsMetadata.isPresent()) {
                        joinPolicyRefChains(deque, ((PolicyRefsMetadata) policyRefsMetadata.get()).getLongestPolicyRefChain());
                    }
                }
            }
            return staticTopLevelPolicyElementEvaluator;
        }

        public void close() {
        }
    }

    /* loaded from: input_file:org/ow2/authzforce/core/pdp/impl/policy/CoreRefPolicyProvider$PolicyWithNamespaces.class */
    public static final class PolicyWithNamespaces<P> {
        private final Map<String, String> nsPrefixUriMap;
        private final P policy;

        public Map<String, String> getNsPrefixUriMap() {
            return this.nsPrefixUriMap;
        }

        public P getPolicy() {
            return this.policy;
        }

        private PolicyWithNamespaces(P p, Map<String, String> map) {
            this.policy = p;
            this.nsPrefixUriMap = map;
        }
    }

    private CoreRefPolicyProvider(PolicyMap<StaticTopLevelPolicyElementEvaluator> policyMap, PolicyMap<PolicyWithNamespaces<PolicySet>> policyMap2, int i, ExpressionFactory expressionFactory, CombiningAlgRegistry combiningAlgRegistry) throws IllegalArgumentException {
        super(i);
        if (!$assertionsDisabled && (policyMap == null || policyMap2 == null || expressionFactory == null || combiningAlgRegistry == null)) {
            throw new AssertionError();
        }
        this.policyEvaluatorMap = policyMap;
        HashBasedTable create = HashBasedTable.create();
        InitOnlyRefPolicyProvider initOnlyRefPolicyProvider = new InitOnlyRefPolicyProvider(this.policyEvaluatorMap, policyMap2, create, i, expressionFactory, combiningAlgRegistry);
        Throwable th = null;
        try {
            for (Map.Entry<String, PolicyVersions<PolicyWithNamespaces<PolicySet>>> entry : policyMap2.entrySet()) {
                String key = entry.getKey();
                Iterator<Map.Entry<PolicyVersion, PolicyWithNamespaces<PolicySet>>> it = entry.getValue().iterator();
                while (it.hasNext()) {
                    Map.Entry<PolicyVersion, PolicyWithNamespaces<PolicySet>> next = it.next();
                    PolicyVersion key2 = next.getKey();
                    if (((StaticTopLevelPolicyElementEvaluator) create.get(key, key2)) == null) {
                        PolicyWithNamespaces<PolicySet> value = next.getValue();
                        try {
                            create.put(key, key2, PolicyEvaluators.getInstanceStatic((PolicySet) ((PolicyWithNamespaces) value).policy, null, ((PolicyWithNamespaces) value).nsPrefixUriMap, expressionFactory, combiningAlgRegistry, initOnlyRefPolicyProvider, null));
                        } catch (IllegalArgumentException e) {
                            throw new IllegalArgumentException("Invalid PolicySet with PolicySetId='" + key + "', Version=" + key2, e);
                        }
                    }
                }
            }
            this.policySetEvaluatorMap = new PolicyMap<>(create.rowMap());
        } finally {
            if (initOnlyRefPolicyProvider != null) {
                if (0 != 0) {
                    try {
                        initOnlyRefPolicyProvider.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    initOnlyRefPolicyProvider.close();
                }
            }
        }
    }

    public static CoreRefPolicyProvider getInstance(List<PolicyWithNamespaces<Policy>> list, List<PolicyWithNamespaces<PolicySet>> list2, int i, ExpressionFactory expressionFactory, CombiningAlgRegistry combiningAlgRegistry) throws IllegalArgumentException {
        PolicyMap policyMap;
        PolicyMap policyMap2;
        if ((list == null || list.isEmpty()) && (list2 == null || list2.isEmpty())) {
            throw NO_POLICY_ARG_EXCEPTION;
        }
        if (expressionFactory == null) {
            throw ILLEGAL_EXPRESSION_FACTORY_ARGUMENT_EXCEPTION;
        }
        if (combiningAlgRegistry == null) {
            throw ILLEGAL_COMBINING_ALG_REGISTRY_ARGUMENT_EXCEPTION;
        }
        if (list == null) {
            policyMap = new PolicyMap(Collections.emptyMap());
        } else {
            HashBasedTable create = HashBasedTable.create();
            for (PolicyWithNamespaces<Policy> policyWithNamespaces : list) {
                Policy policy = (Policy) ((PolicyWithNamespaces) policyWithNamespaces).policy;
                String policyId = policy.getPolicyId();
                String version = policy.getVersion();
                try {
                    if (((StaticTopLevelPolicyElementEvaluator) create.put(policyId, new PolicyVersion(version), PolicyEvaluators.getInstance(policy, null, ((PolicyWithNamespaces) policyWithNamespaces).nsPrefixUriMap, expressionFactory, combiningAlgRegistry))) != null) {
                        throw new IllegalArgumentException("Policy conflict: two <Policy>s with same PolicyId=" + policyId + ", Version=" + version);
                    }
                } catch (IllegalArgumentException e) {
                    throw new IllegalArgumentException("Invalid Policy with PolicyId=" + policyId + ", Version=" + version, e);
                }
            }
            policyMap = new PolicyMap(create.rowMap());
        }
        if (list2 == null) {
            policyMap2 = new PolicyMap(Collections.emptyMap());
        } else {
            HashBasedTable create2 = HashBasedTable.create();
            for (PolicyWithNamespaces<PolicySet> policyWithNamespaces2 : list2) {
                PolicySet policySet = (PolicySet) ((PolicyWithNamespaces) policyWithNamespaces2).policy;
                String policySetId = policySet.getPolicySetId();
                String version2 = policySet.getVersion();
                if (((PolicyWithNamespaces) create2.put(policySetId, new PolicyVersion(version2), policyWithNamespaces2)) != null) {
                    throw new IllegalArgumentException("Policy conflict: two PolicySets with same PolicySetId=" + policySetId + ", Version=" + version2);
                }
            }
            policyMap2 = new PolicyMap(create2.rowMap());
        }
        return new CoreRefPolicyProvider(policyMap, policyMap2, i, expressionFactory, combiningAlgRegistry);
    }

    public static CoreRefPolicyProvider getInstance(Collection<URL> collection, boolean z, XmlUtils.XmlnsFilteringParserFactory xmlnsFilteringParserFactory, int i, ExpressionFactory expressionFactory, CombiningAlgRegistry combiningAlgRegistry) throws IllegalArgumentException {
        Map row;
        Map row2;
        if (collection == null || collection.isEmpty()) {
            throw ILLEGAL_POLICY_URLS_ARGUMENT_EXCEPTION;
        }
        if (xmlnsFilteringParserFactory == null) {
            throw ILLEGAL_XACML_PARSER_FACTORY_ARGUMENT_EXCEPTION;
        }
        if (expressionFactory == null) {
            throw ILLEGAL_EXPRESSION_FACTORY_ARGUMENT_EXCEPTION;
        }
        if (combiningAlgRegistry == null) {
            throw ILLEGAL_COMBINING_ALG_REGISTRY_ARGUMENT_EXCEPTION;
        }
        try {
            XmlUtils.XmlnsFilteringParser xmlnsFilteringParserFactory2 = xmlnsFilteringParserFactory.getInstance();
            HashBasedTable create = HashBasedTable.create();
            HashBasedTable create2 = HashBasedTable.create();
            int i2 = 0;
            for (URL url : collection) {
                if (url == null) {
                    throw new IllegalArgumentException("policyURL #" + i2 + " undefined");
                }
                try {
                    Object parse = xmlnsFilteringParserFactory2.parse(url);
                    Map namespacePrefixUriMap = xmlnsFilteringParserFactory2.getNamespacePrefixUriMap();
                    if (parse instanceof Policy) {
                        Policy policy = (Policy) parse;
                        String policyId = policy.getPolicyId();
                        String version = policy.getVersion();
                        PolicyVersion policyVersion = new PolicyVersion(version);
                        try {
                            if (z && (row = create.row(policyId)) != null) {
                                if (row.keySet().parallelStream().anyMatch(policyVersion2 -> {
                                    return policyVersion.compareTo(policyVersion2) <= 0;
                                })) {
                                    continue;
                                } else {
                                    row.clear();
                                }
                            }
                            if (((StaticTopLevelPolicyElementEvaluator) create.put(policyId, policyVersion, PolicyEvaluators.getInstance(policy, null, namespacePrefixUriMap, expressionFactory, combiningAlgRegistry))) != null) {
                                throw new IllegalArgumentException("Policy conflict: two policies with same PolicyId=" + policyId + ", Version=" + version);
                            }
                            i2++;
                        } catch (IllegalArgumentException e) {
                            throw new IllegalArgumentException("Invalid Policy with PolicyId=" + policyId + ", Version=" + version, e);
                        }
                    } else {
                        if (!(parse instanceof PolicySet)) {
                            throw new IllegalArgumentException("Unexpected element found as root of the policy document: " + parse.getClass().getSimpleName());
                        }
                        PolicySet policySet = (PolicySet) parse;
                        String policySetId = policySet.getPolicySetId();
                        String version2 = policySet.getVersion();
                        PolicyVersion policyVersion3 = new PolicyVersion(version2);
                        if (z && (row2 = create2.row(policySetId)) != null) {
                            if (row2.keySet().parallelStream().anyMatch(policyVersion4 -> {
                                return policyVersion3.compareTo(policyVersion4) <= 0;
                            })) {
                                continue;
                            } else {
                                row2.clear();
                            }
                        }
                        if (((PolicyWithNamespaces) create2.put(policySetId, policyVersion3, new PolicyWithNamespaces(policySet, namespacePrefixUriMap))) != null) {
                            throw new IllegalArgumentException("Policy conflict: two PolicySets with same PolicySetId=" + policySetId + ", Version=" + version2);
                        }
                        i2++;
                    }
                } catch (JAXBException e2) {
                    throw new IllegalArgumentException("Failed to unmarshall Policy(Set) XML document from policy location: " + url, e2);
                }
            }
            return new CoreRefPolicyProvider(new PolicyMap(create.rowMap()), new PolicyMap(create2.rowMap()), i, expressionFactory, combiningAlgRegistry);
        } catch (JAXBException e3) {
            throw new IllegalArgumentException("Failed to create JAXB unmarshaller for XML Policy(Set)", e3);
        }
    }

    protected StaticTopLevelPolicyElementEvaluator getPolicy(String str, Optional<PolicyVersionPatterns> optional) {
        Map.Entry<PolicyVersion, StaticTopLevelPolicyElementEvaluator> entry = this.policyEvaluatorMap.get(str, optional);
        if (entry == null) {
            return null;
        }
        return entry.getValue();
    }

    protected StaticTopLevelPolicyElementEvaluator getPolicySet(String str, Optional<PolicyVersionPatterns> optional, Deque<String> deque) {
        Map.Entry<PolicyVersion, StaticTopLevelPolicyElementEvaluator> entry = this.policySetEvaluatorMap.get(str, optional);
        if (entry == null) {
            return null;
        }
        StaticTopLevelPolicyElementEvaluator value = entry.getValue();
        if (deque != null) {
            Optional policyRefsMetadata = value.getPolicyRefsMetadata();
            if (policyRefsMetadata.isPresent()) {
                joinPolicyRefChains(deque, ((PolicyRefsMetadata) policyRefsMetadata.get()).getLongestPolicyRefChain());
            }
        }
        return value;
    }

    public void close() {
    }

    static {
        $assertionsDisabled = !CoreRefPolicyProvider.class.desiredAssertionStatus();
        NO_POLICY_ARG_EXCEPTION = new IllegalArgumentException("No Policy(Set) specified");
        ILLEGAL_COMBINING_ALG_REGISTRY_ARGUMENT_EXCEPTION = new IllegalArgumentException("Undefined CombiningAlgorithm registry");
        ILLEGAL_EXPRESSION_FACTORY_ARGUMENT_EXCEPTION = new IllegalArgumentException("Undefined Expression factory");
        ILLEGAL_XACML_PARSER_FACTORY_ARGUMENT_EXCEPTION = new IllegalArgumentException("Undefined XACML parser factory");
        ILLEGAL_POLICY_URLS_ARGUMENT_EXCEPTION = new IllegalArgumentException("Undefined policy URL(s)");
        LOGGER = LoggerFactory.getLogger(CoreRefPolicyProvider.class);
    }
}
