package org.wso2.carbon.identity.entitlement.internal;

import java.io.File;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.apache.commons.io.FileUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.thrift.server.TServer;
import org.apache.thrift.server.TThreadPoolServer;
import org.apache.thrift.transport.TSSLTransportFactory;
import org.apache.thrift.transport.TTransportException;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.base.ServerConfigurationException;
import org.wso2.carbon.caching.core.CacheInvalidator;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.entitlement.EntitlementConstants;
import org.wso2.carbon.identity.entitlement.EntitlementUtil;
import org.wso2.carbon.identity.entitlement.cache.DecisionCache;
import org.wso2.carbon.identity.entitlement.cache.EntitlementPolicyCache;
import org.wso2.carbon.identity.entitlement.cache.PIPAbstractAttributeCache;
import org.wso2.carbon.identity.entitlement.cache.PIPAttributeCache;
import org.wso2.carbon.identity.entitlement.cache.PolicySearchCache;
import org.wso2.carbon.identity.entitlement.dto.PolicyDTO;
import org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStore;
import org.wso2.carbon.identity.entitlement.thrift.EntitlementService;
import org.wso2.carbon.identity.entitlement.thrift.ThriftConfigConstants;
import org.wso2.carbon.identity.entitlement.thrift.ThriftEntitlementServiceImpl;
import org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.NetworkUtils;

/* loaded from: input_file:org/wso2/carbon/identity/entitlement/internal/EntitlementServiceComponent.class */
public class EntitlementServiceComponent {
    private static Log log = LogFactory.getLog(EntitlementServiceComponent.class);
    private static RegistryService registryService = null;
    private static EntitlementConfigHolder entitlementConfig = null;
    private static RealmService realmservice;
    private ThriftAuthenticatorService thriftAuthenticationService;
    private static CacheInvalidator cacheInvalidator;
    private ExecutorService executor = Executors.newFixedThreadPool(2);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/wso2/carbon/identity/entitlement/internal/EntitlementServiceComponent$ServerRunnable.class */
    public static class ServerRunnable implements Runnable {
        TServer server;

        public ServerRunnable(TServer tServer) {
            this.server = tServer;
        }

        @Override // java.lang.Runnable
        public void run() {
            this.server.serve();
        }
    }

    protected void activate(ComponentContext componentContext) {
        if (log.isDebugEnabled()) {
            log.info("Identity Entitlement bundle is activated");
        }
        try {
            new EntitlementServiceInitializer(registryService).putEntitlementPolicyResourcesToRegistry();
            entitlementConfig = new EntitlementConfigHolder();
            EntitlementExtensionBuilder entitlementExtensionBuilder = new EntitlementExtensionBuilder();
            entitlementExtensionBuilder.setBundleContext(componentContext.getBundleContext());
            entitlementExtensionBuilder.buildEntitlementConfig(entitlementConfig);
            DecisionCache.getInstance();
            PolicySearchCache.getInstance();
            PIPAttributeCache.getInstance();
            PIPAbstractAttributeCache.getInstance();
            EntitlementPolicyCache.getInstance();
            new Thread(new SchemaBuilder(entitlementConfig)).start();
            PAPPolicyStore pAPPolicyStore = new PAPPolicyStore(registryService.getGovernanceSystemRegistry());
            String property = entitlementConfig.getEngineProperties().getProperty(EntitlementConstants.START_UP_POLICY_ADDING);
            if (property != null && Boolean.parseBoolean(property) && (pAPPolicyStore.getAllPolicyIds() == null || pAPPolicyStore.getAllPolicyIds().length == 0)) {
                File file = null;
                String property2 = entitlementConfig.getEngineProperties().getProperty(EntitlementConstants.FILESYSTEM_POLICY_PATH);
                if (property2 != null && property2.trim().length() > 0) {
                    file = new File(property2);
                }
                if (file != null && !file.exists()) {
                    log.warn("Defined policy directory location is not exit. Therefore using default policy location");
                }
                if (property2 == null || !file.exists()) {
                    file = new File(CarbonUtils.getCarbonHome() + File.separator + "repository" + File.separator + "resources" + File.separator + "security" + File.separator + "policies" + File.separator + "xacml");
                }
                boolean z = false;
                if (file != null && file.exists()) {
                    for (File file2 : file.listFiles()) {
                        if (file2.isFile()) {
                            PolicyDTO policyDTO = new PolicyDTO();
                            policyDTO.setPolicy(FileUtils.readFileToString(file2));
                            try {
                                EntitlementUtil.addFilesystemPolicy(policyDTO, registryService.getGovernanceSystemRegistry(), true);
                            } catch (Exception e) {
                                log.error("Error while adding XACML policies", e);
                            }
                            z = true;
                        }
                    }
                }
                if (!z) {
                    EntitlementUtil.addSamplePolicies(registryService.getGovernanceSystemRegistry());
                }
            }
            ThriftEntitlementServiceImpl.init(this.thriftAuthenticationService);
            startThriftServices();
        } catch (Exception e2) {
            log.error("Failed to initialize Entitlement Service", e2);
        }
    }

    protected void deactivate(ComponentContext componentContext) {
        if (log.isDebugEnabled()) {
            log.debug("Identity Entitlement bundle is deactivated");
        }
    }

    protected void setRegistryService(RegistryService registryService2) {
        if (log.isDebugEnabled()) {
            log.debug("RegistryService set in Entitlement bundle");
        }
        registryService = registryService2;
    }

    protected void unsetRegistryService(RegistryService registryService2) {
        if (log.isDebugEnabled()) {
            log.debug("RegistryService unset in Entitlement bundle");
        }
        registryService = null;
    }

    protected void setRealmService(RealmService realmService) {
        if (log.isDebugEnabled()) {
            log.debug("DefaultUserRealm set in Entitlement bundle");
        }
        realmservice = realmService;
    }

    protected void unsetRealmService(RealmService realmService) {
        if (log.isDebugEnabled()) {
            log.debug("DefaultUserRealm unset in Entitlement bundle");
        }
        realmservice = null;
    }

    protected void setThriftAuthenticationService(ThriftAuthenticatorService thriftAuthenticatorService) {
        if (log.isDebugEnabled()) {
            log.debug("ThriftAuthenticatorService set in Entitlement bundle");
        }
        this.thriftAuthenticationService = thriftAuthenticatorService;
    }

    protected void unsetThriftAuthenticationService(ThriftAuthenticatorService thriftAuthenticatorService) {
        if (log.isDebugEnabled()) {
            log.debug("ThriftAuthenticatorService unset in Entitlement bundle");
        }
        this.thriftAuthenticationService = null;
    }

    public static EntitlementConfigHolder getEntitlementConfig() {
        return entitlementConfig;
    }

    public static RealmService getRealmservice() {
        return realmservice;
    }

    public static void setRealmservice(RealmService realmService) {
        realmservice = realmService;
    }

    public static RegistryService getRegistryService() {
        return registryService;
    }

    public static Registry getGovernanceRegistry(int i) {
        try {
            return registryService.getGovernanceSystemRegistry(i);
        } catch (RegistryException e) {
            return null;
        }
    }

    private void startThriftServices() throws Exception {
        startThriftEntitlementService();
    }

    private void startThriftEntitlementService() throws Exception {
        try {
            IdentityUtil.populateProperties();
            String property = IdentityUtil.getProperty(ThriftConfigConstants.PARAM_ENABLE_THRIFT_SERVICE);
            if (property != null && Boolean.parseBoolean(property)) {
                TSSLTransportFactory.TSSLTransportParameters tSSLTransportParameters = new TSSLTransportFactory.TSSLTransportParameters();
                tSSLTransportParameters.setKeyStore(IdentityUtil.getProperty(ThriftConfigConstants.PARAM_KEYSTORE_LOCATION), IdentityUtil.getProperty(ThriftConfigConstants.PARAM_KEYSTORE_PASSWORD));
                int readThriftReceivePort = readThriftReceivePort();
                this.executor.submit(new ServerRunnable(new TThreadPoolServer(new TThreadPoolServer.Args(TSSLTransportFactory.getServerSocket(readThriftReceivePort, Integer.parseInt(IdentityUtil.getProperty(ThriftConfigConstants.PARAM_CLIENT_TIMEOUT)), getHostAddress(NetworkUtils.getLocalHostname()), tSSLTransportParameters)).processor(new EntitlementService.Processor(new ThriftEntitlementServiceImpl())))));
                log.info("Started thrift entitlement service at port:" + readThriftReceivePort);
            }
        } catch (TTransportException e) {
            log.error("Error in initializing thrift transport", e);
            throw new Exception("Error in initializing thrift transport");
        } catch (UnknownHostException e2) {
            log.error("Error in obtaining host name", e2);
            throw new Exception("Error in obtaining host name");
        } catch (ServerConfigurationException e3) {
            log.error("Error in reading configuration.", e3);
            throw new Exception("Error in reading configuration.");
        }
    }

    private int readThriftReceivePort() {
        String property = IdentityUtil.getProperty(ThriftConfigConstants.PARAM_RECEIVE_PORT);
        return (property.contains("${") && property.contains("}")) ? CarbonUtils.getPortFromServerConfig(property) : Integer.parseInt(property);
    }

    private InetAddress getHostAddress(String str) throws UnknownHostException {
        String[] split = str.split("\\.");
        if (split.length == 1) {
            return InetAddress.getByName(split[0]);
        }
        byte[] bArr = new byte[4];
        for (int i = 0; i < split.length; i++) {
            if (Integer.parseInt(split[i]) > 127) {
                bArr[i] = new Integer(Integer.parseInt(split[i]) - 256).byteValue();
            } else {
                bArr[i] = Byte.parseByte(split[i]);
            }
        }
        return InetAddress.getByAddress(bArr);
    }

    protected void setCacheInvalidator(CacheInvalidator cacheInvalidator2) {
        cacheInvalidator = cacheInvalidator2;
    }

    protected void removeCacheInvalidator(CacheInvalidator cacheInvalidator2) {
        cacheInvalidator = null;
    }

    public static CacheInvalidator getCacheInvalidator() {
        return cacheInvalidator;
    }
}
