package com.addc.server.commons.security;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.xml.validation.SchemaFactory;
import org.jdom2.Document;
import org.jdom2.Element;
import org.jdom2.JDOMException;
import org.jdom2.Namespace;
import org.jdom2.input.SAXBuilder;
import org.jdom2.input.sax.XMLReaderSchemaFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.xml.sax.SAXException;

/* loaded from: input_file:com/addc/server/commons/security/DefaultAuthorizationProvider.class */
public final class DefaultAuthorizationProvider implements AuthorizationProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(DefaultAuthorizationProvider.class);
    private static final String SCHEMA_NAME = "Authorization.xsd";
    private static final String EL_TARGET = "Target";
    private static final String EL_OPERATION = "Operation";
    private static final String EL_GRANTED = "GrantedAuthority";
    private static final String AT_NAME = "name";
    private Map<String, Map<String, List<GrantedAuthority>>> acl;

    public DefaultAuthorizationProvider() {
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v84, types: [java.io.InputStream] */
    public DefaultAuthorizationProvider(String str) {
        FileInputStream fileInputStream;
        URL resource = getClass().getResource(SCHEMA_NAME);
        LOGGER.info("Use schema {}", resource);
        SchemaFactory newInstance = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
        InputStream inputStream = null;
        try {
            try {
                if (str.startsWith("classpath:")) {
                    URL resource2 = ClassLoader.getSystemClassLoader().getResource(str.substring("classpath:".length()));
                    if (resource2 == null) {
                        throw new FileNotFoundException(str + " cannot be found");
                    }
                    fileInputStream = resource2.openStream();
                } else {
                    fileInputStream = new FileInputStream(str);
                }
                LOGGER.info("Read {}", str);
                Document build = new SAXBuilder(new XMLReaderSchemaFactory(newInstance.newSchema(resource))).build(fileInputStream);
                this.acl = new HashMap();
                Element rootElement = build.getRootElement();
                LOGGER.debug("Got root {}", rootElement.getName());
                List<Element> children = rootElement.getChildren(EL_TARGET, (Namespace) null);
                LOGGER.debug("Got {} {} elements", Integer.valueOf(children.size()), EL_TARGET);
                for (Element element : children) {
                    String attributeValue = element.getAttributeValue(AT_NAME);
                    LOGGER.debug("Add target {}", attributeValue);
                    ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
                    this.acl.put(attributeValue, concurrentHashMap);
                    List<Element> children2 = element.getChildren(EL_OPERATION, (Namespace) null);
                    LOGGER.debug("Got {} {} elements for taget {}", new Object[]{Integer.valueOf(children2.size()), EL_OPERATION, attributeValue});
                    for (Element element2 : children2) {
                        String attributeValue2 = element2.getAttributeValue(AT_NAME);
                        LOGGER.debug("Add operation {} to {}", attributeValue2, attributeValue);
                        ArrayList arrayList = new ArrayList();
                        concurrentHashMap.put(attributeValue2, arrayList);
                        List children3 = element2.getChildren(EL_GRANTED, (Namespace) null);
                        LOGGER.debug("Got {} {} in operation {}", new Object[]{Integer.valueOf(children3.size()), EL_GRANTED, attributeValue2});
                        Iterator it = children3.iterator();
                        while (it.hasNext()) {
                            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(((Element) it.next()).getAttributeValue(AT_NAME));
                            arrayList.add(simpleGrantedAuthority);
                            LOGGER.info("Add GrantedAuthority {} to target {} operation {}", new Object[]{simpleGrantedAuthority, attributeValue, attributeValue2});
                        }
                    }
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        LOGGER.debug("Error closing stream", e);
                    }
                }
            } catch (IOException | SAXException | JDOMException e2) {
                LOGGER.error("Error reading {}", str, e2);
                throw new RuntimeException("Error reading " + str, e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e3) {
                    LOGGER.debug("Error closing stream", e3);
                }
            }
            throw th;
        }
    }

    @Override // com.addc.server.commons.security.AuthorizationProvider
    public boolean isAuthorized(Authentication authentication, String str, String str2) {
        if (this.acl == null) {
            return true;
        }
        Map<String, List<GrantedAuthority>> map = this.acl.get(str);
        if (map == null) {
            map = this.acl.get("*");
            if (map == null) {
                LOGGER.warn("No target {} has been defined, permission denied for {}", str, authentication.getName());
                return false;
            }
        }
        List<GrantedAuthority> list = map.get(str2);
        if (list == null) {
            list = map.get("*");
        }
        if (list == null) {
            LOGGER.warn("No operation {} defined for target {}, permission denied for {}", new Object[]{str2, str, authentication.getName()});
            return false;
        }
        ArrayList arrayList = new ArrayList(authentication.getAuthorities());
        LOGGER.debug("Granted: {}", arrayList);
        arrayList.retainAll(list);
        LOGGER.debug("Retained: {}", arrayList);
        if (arrayList.isEmpty()) {
            LOGGER.warn("Permission denied for {} on target {} operation {}", new Object[]{authentication.getName(), str, str2});
            return false;
        }
        LOGGER.debug("Permission granted for {} on target {} operation {}", new Object[]{authentication.getName(), str, str2});
        return true;
    }
}
