package org.wso2.carbon.identity.entitlement.policy;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.util.AXIOMUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Document;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.entitlement.EntitlementConstants;
import org.wso2.carbon.identity.entitlement.EntitlementService;
import org.wso2.carbon.identity.entitlement.EntitlementUtil;
import org.wso2.carbon.identity.entitlement.dto.AttributeValueDTO;
import org.wso2.carbon.identity.entitlement.dto.EntitledAttributesDTO;
import org.wso2.carbon.identity.entitlement.dto.EntitledResultSetDTO;
import org.wso2.carbon.identity.entitlement.dto.PolicyDTO;
import org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent;
import org.wso2.carbon.identity.entitlement.pdp.EntitlementEngine;
import org.wso2.carbon.identity.entitlement.policy.finder.RegistryBasedPolicyFinder;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.xacml.BasicEvaluationCtx;
import org.wso2.xacml.ParsingException;
import org.wso2.xacml.ctx.RequestCtx;

/* loaded from: input_file:org/wso2/carbon/identity/entitlement/policy/PolicySearch.class */
public class PolicySearch {
    private static Log log = LogFactory.getLog(PolicySearch.class);

    public EntitledResultSetDTO getEntitledAttributes(String str, String str2, String str3, String str4, boolean z, boolean z2) throws IdentityException {
        OMElement firstChildWithName;
        ArrayList<PolicyDTO> arrayList = new ArrayList();
        boolean z3 = false;
        EntitledResultSetDTO entitledResultSetDTO = new EntitledResultSetDTO();
        HashSet hashSet = new HashSet();
        EntitlementService entitlementService = new EntitlementService();
        try {
            PolicyStoreReader policyStoreReader = new PolicyStoreReader(new PolicyStore(EntitlementServiceComponent.getRegistryService().getGovernanceSystemRegistry()));
            if (z2) {
                List<String> matchPolicyIds = getMatchPolicyIds(str, str2, str3, str4);
                if (matchPolicyIds == null || matchPolicyIds.size() <= 0) {
                    log.warn("Matching policies can not be found. Therefore all the policies are evaluated");
                    arrayList.addAll(Arrays.asList(policyStoreReader.readAllLightPolicyDTOs()));
                } else {
                    Iterator<String> it = matchPolicyIds.iterator();
                    while (it.hasNext()) {
                        arrayList.add(policyStoreReader.readPolicyDTO(it.next()));
                    }
                }
            } else {
                arrayList.addAll(Arrays.asList(policyStoreReader.readAllLightPolicyDTOs()));
            }
            if (str == null || str.trim().length() <= 0) {
                throw new IdentityException("Error : subject value can not be null");
            }
            AttributeValueDTO attributeValueDTO = new AttributeValueDTO();
            attributeValueDTO.setAttributeType(EntitlementConstants.SUBJECT_ELEMENT);
            attributeValueDTO.setAttribute(str);
            attributeValueDTO.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
            if (str3 == null || str3.trim().length() <= 0) {
                attributeValueDTO.setAttributeId(EntitlementConstants.SUBJECT_ID_DEFAULT);
            } else {
                attributeValueDTO.setAttributeId(str3);
            }
            for (PolicyDTO policyDTO : arrayList) {
                if (policyDTO.isActive()) {
                    List<AttributeValueDTO> asList = Arrays.asList(policyStoreReader.readMetaDataPolicyDTO(policyDTO.getPolicyId()).getPolicyMetaData());
                    String[] policyIdReferences = policyDTO.getPolicyIdReferences();
                    String[] policySetIdReferences = policyDTO.getPolicySetIdReferences();
                    for (String str5 : policyIdReferences) {
                        asList.addAll(Arrays.asList(policyStoreReader.readMetaDataPolicyDTO(str5).getPolicyMetaData()));
                    }
                    for (String str6 : policySetIdReferences) {
                        asList.addAll(Arrays.asList(policyStoreReader.readMetaDataPolicyDTO(str6).getPolicyMetaData()));
                    }
                    if (asList != null) {
                        String str7 = null;
                        ArrayList<AttributeValueDTO> arrayList2 = new ArrayList();
                        ArrayList<AttributeValueDTO> arrayList3 = new ArrayList();
                        ArrayList arrayList4 = new ArrayList();
                        if (str2 != null && str2.trim().length() > 0) {
                            AttributeValueDTO attributeValueDTO2 = new AttributeValueDTO();
                            attributeValueDTO2.setAttribute(str2);
                            attributeValueDTO2.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
                            attributeValueDTO2.setAttributeId(EntitlementConstants.RESOURCE_ID);
                            attributeValueDTO2.setAttributeType(EntitlementConstants.RESOURCE_ELEMENT);
                            arrayList3.add(attributeValueDTO2);
                            z3 = true;
                        }
                        AttributeValueDTO attributeValueDTO3 = new AttributeValueDTO();
                        attributeValueDTO3.setAttribute(EntitlementConstants.RESOURCE_DESCENDANTS);
                        attributeValueDTO3.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
                        attributeValueDTO3.setAttributeId(EntitlementConstants.RESOURCE_SCOPE_ID);
                        attributeValueDTO3.setAttributeType(EntitlementConstants.RESOURCE_ELEMENT);
                        for (AttributeValueDTO attributeValueDTO4 : asList) {
                            if (EntitlementConstants.ENVIRONMENT_ELEMENT.equals(attributeValueDTO4.getAttributeType())) {
                                arrayList4.add(attributeValueDTO4);
                                attributeValueDTO4.setAttributeId(EntitlementConstants.ENVIRONMENT_ID_DEFAULT);
                                arrayList4.add(attributeValueDTO4);
                            } else if (EntitlementConstants.ACTION_ELEMENT.equals(attributeValueDTO4.getAttributeType())) {
                                if (str4 != null && str4.trim().length() > 0) {
                                    attributeValueDTO4.setAttribute(str4);
                                }
                                arrayList2.add(attributeValueDTO4);
                                attributeValueDTO4.setAttributeId(EntitlementConstants.ACTION_ID_DEFAULT);
                                arrayList2.add(attributeValueDTO4);
                            } else if (EntitlementConstants.RESOURCE_ELEMENT.equals(attributeValueDTO4.getAttributeType()) && !z3) {
                                attributeValueDTO4.setAttributeId(EntitlementConstants.RESOURCE_ID);
                                arrayList3.add(attributeValueDTO4);
                            }
                        }
                        if (entitledResultSetDTO.getMessage() == null) {
                            for (AttributeValueDTO attributeValueDTO5 : arrayList3) {
                                if (EntitlementConstants.RESOURCE_ELEMENT.equals(attributeValueDTO5.getAttributeType())) {
                                    for (AttributeValueDTO attributeValueDTO6 : arrayList2) {
                                        int i = z ? 0 : 1;
                                        while (i < 2) {
                                            ArrayList arrayList5 = new ArrayList();
                                            Iterator it2 = arrayList4.iterator();
                                            while (it2.hasNext()) {
                                                arrayList5.add((AttributeValueDTO) it2.next());
                                            }
                                            if (i < 1) {
                                                arrayList5.add(attributeValueDTO3);
                                            }
                                            arrayList5.add(attributeValueDTO);
                                            arrayList5.add(attributeValueDTO5);
                                            arrayList5.add(attributeValueDTO6);
                                            Document createRequestElement = EntitlementUtil.createRequestElement(arrayList5);
                                            if (createRequestElement != null) {
                                                try {
                                                    str7 = entitlementService.getDecision(EntitlementUtil.getStringFromDocument(createRequestElement));
                                                } catch (Exception e) {
                                                    throw new IdentityException("Error while searching entitled resources");
                                                }
                                            }
                                            if (str7 != null) {
                                                try {
                                                    OMElement stringToOM = AXIOMUtil.stringToOM(str7);
                                                    if (stringToOM != null) {
                                                        Iterator childrenWithName = stringToOM.getChildrenWithName(new QName(EntitlementConstants.RESPONSE_RESULT));
                                                        while (childrenWithName.hasNext()) {
                                                            OMElement oMElement = (OMElement) childrenWithName.next();
                                                            if (oMElement != null && (firstChildWithName = oMElement.getFirstChildWithName(new QName(EntitlementConstants.RESPONSE_DECISION))) != null && EntitlementConstants.RULE_EFFECT_PERMIT.equals(firstChildWithName.getText())) {
                                                                EntitledAttributesDTO entitledAttributesDTO = new EntitledAttributesDTO();
                                                                entitledAttributesDTO.setResourceName(oMElement.getAttributeValue(new QName(EntitlementConstants.RESPONSE_RESOURCE_ID)));
                                                                entitledAttributesDTO.setAction(attributeValueDTO6.getAttribute());
                                                                hashSet.add(entitledAttributesDTO);
                                                            }
                                                        }
                                                    }
                                                } catch (XMLStreamException e2) {
                                                    throw new IdentityException("Error while evaluating XACML policy");
                                                }
                                            }
                                            i++;
                                        }
                                    }
                                }
                            }
                        } else {
                            continue;
                        }
                    } else {
                        continue;
                    }
                }
            }
            entitledResultSetDTO.setEntitledAttributesDTOs((EntitledAttributesDTO[]) hashSet.toArray(new EntitledAttributesDTO[hashSet.size()]));
            return entitledResultSetDTO;
        } catch (RegistryException e3) {
            throw new IdentityException("Error while initializing policy store");
        }
    }

    private List<String> getMatchPolicyIds(String str, String str2, String str3, String str4) throws IdentityException {
        Document createRequestElement;
        boolean z = false;
        List<String> list = null;
        ArrayList arrayList = new ArrayList();
        ArrayList<AttributeValueDTO> arrayList2 = new ArrayList();
        try {
            PolicyStoreReader policyStoreReader = new PolicyStoreReader(new PolicyStore(EntitlementServiceComponent.getRegistryService().getGovernanceSystemRegistry()));
            AttributeValueDTO attributeValueDTO = new AttributeValueDTO();
            attributeValueDTO.setAttributeId(str3);
            attributeValueDTO.setAttribute(str);
            attributeValueDTO.setAttributeType(EntitlementConstants.SUBJECT_ELEMENT);
            attributeValueDTO.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
            arrayList.add(attributeValueDTO);
            AttributeValueDTO attributeValueDTO2 = new AttributeValueDTO();
            attributeValueDTO2.setAttributeId(EntitlementConstants.RESOURCE_ID);
            attributeValueDTO2.setAttributeType(EntitlementConstants.RESOURCE_ELEMENT);
            attributeValueDTO2.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
            if (str2 == null || str2.trim().length() <= 0) {
                attributeValueDTO2.setAttribute("  ");
            } else {
                attributeValueDTO2.setAttribute(str2);
            }
            arrayList.add(attributeValueDTO2);
            if (str4 != null && str4.trim().length() > 0) {
                AttributeValueDTO attributeValueDTO3 = new AttributeValueDTO();
                attributeValueDTO3.setAttributeId(EntitlementConstants.ACTION_ID_DEFAULT);
                attributeValueDTO3.setAttribute(str4);
                attributeValueDTO3.setAttributeType(EntitlementConstants.ACTION_ELEMENT);
                attributeValueDTO3.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
                arrayList.add(attributeValueDTO3);
                z = true;
            }
            for (PolicyDTO policyDTO : policyStoreReader.readAllLightPolicyDTOs()) {
                if (policyDTO.isActive()) {
                    arrayList2.addAll(Arrays.asList(policyStoreReader.readMetaDataPolicyDTO(policyDTO.getPolicyId()).getPolicyMetaData()));
                    String[] policyIdReferences = policyDTO.getPolicyIdReferences();
                    String[] policySetIdReferences = policyDTO.getPolicySetIdReferences();
                    for (String str5 : policyIdReferences) {
                        arrayList2.addAll(Arrays.asList(policyStoreReader.readMetaDataPolicyDTO(str5).getPolicyMetaData()));
                    }
                    for (String str6 : policySetIdReferences) {
                        arrayList2.addAll(Arrays.asList(policyStoreReader.readMetaDataPolicyDTO(str6).getPolicyMetaData()));
                    }
                }
            }
            for (AttributeValueDTO attributeValueDTO4 : arrayList2) {
                if (!z && EntitlementConstants.ACTION_ELEMENT.equals(attributeValueDTO4.getAttributeType())) {
                    attributeValueDTO4.setAttributeId(EntitlementConstants.ACTION_ID_DEFAULT);
                    attributeValueDTO4.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
                    arrayList.add(attributeValueDTO4);
                }
                if (EntitlementConstants.ENVIRONMENT_ELEMENT.equals(attributeValueDTO4.getAttributeType())) {
                    attributeValueDTO4.setAttributeId(EntitlementConstants.ENVIRONMENT_ID_DEFAULT);
                    attributeValueDTO4.setAttributeDataType(EntitlementConstants.STRING_DATA_TYPE);
                    arrayList.add(attributeValueDTO4);
                }
            }
            try {
                EntitlementEngine entitlementEngine = EntitlementEngine.getInstance(EntitlementServiceComponent.getRegistryService().getGovernanceSystemRegistry(CarbonContext.getCurrentContext().getTenantId()), CarbonContext.getCurrentContext().getTenantId());
                RegistryBasedPolicyFinder registryModule = entitlementEngine.getRegistryModule();
                if (registryModule != null && (createRequestElement = EntitlementUtil.createRequestElement(arrayList)) != null) {
                    try {
                        list = registryModule.getMatchingPolicies(new BasicEvaluationCtx(RequestCtx.getInstance(createRequestElement.getDocumentElement()), entitlementEngine.getPdpConfig().getAttributeFinder()));
                    } catch (ParsingException e) {
                        throw new IdentityException("Error while creating XACML Request context", e);
                    }
                }
                return list;
            } catch (RegistryException e2) {
                throw new IdentityException("Entitlement Engine can not be initialized", e2);
            }
        } catch (RegistryException e3) {
            throw new IdentityException("Error while initializing policy store");
        }
    }
}
