package eu.emi.emir.pdp.local;

import eu.emi.emir.client.util.Log;
import eu.emi.emir.pdp.PDPUtils;
import eu.emi.emir.security.Client;
import eu.emi.emir.security.XACMLAttribute;
import eu.emi.emir.security.util.ResourceDescriptor;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
import org.herasaf.xacml.core.context.RequestCtx;
import org.herasaf.xacml.core.context.impl.ActionType;
import org.herasaf.xacml.core.context.impl.AttributeType;
import org.herasaf.xacml.core.context.impl.AttributeValueType;
import org.herasaf.xacml.core.context.impl.EnvironmentType;
import org.herasaf.xacml.core.context.impl.RequestType;
import org.herasaf.xacml.core.context.impl.ResourceType;
import org.herasaf.xacml.core.context.impl.SubjectType;
import org.herasaf.xacml.core.converter.URNToDataTypeConverter;
import org.herasaf.xacml.core.dataTypeAttribute.DataTypeAttribute;
import org.herasaf.xacml.core.dataTypeAttribute.impl.AnyURIDataTypeAttribute;
import org.herasaf.xacml.core.dataTypeAttribute.impl.StringDataTypeAttribute;
import org.herasaf.xacml.core.dataTypeAttribute.impl.X500DataTypeAttribute;

/* loaded from: input_file:eu/emi/emir/pdp/local/RequestCreator.class */
public class RequestCreator {
    private static final Logger log = Log.getLogger("emir.security", RequestCreator.class);

    public RequestCtx createRequest(Client client, String str, ResourceDescriptor resourceDescriptor) {
        X509Certificate consignorCertificate;
        RequestType requestType = new RequestType();
        List subjects = requestType.getSubjects();
        SubjectType subjectType = new SubjectType();
        subjects.add(subjectType);
        List<AttributeType> attributes = subjectType.getAttributes();
        PDPUtils.validateClient(client);
        attributes.add(getAttribute(XACMLAttribute.Name.XACML_SUBJECT_ID_ATTR.toString(), new X500DataTypeAttribute(), new X500Principal(client.getDistinguishedName()).getName()));
        attributes.add(getAttribute("role", new StringDataTypeAttribute(), client.getRole().getName()));
        if (client.getSecurityTokens() != null && (consignorCertificate = client.getSecurityTokens().getConsignorCertificate()) != null) {
            attributes.add(getAttribute(PDPUtils.LOCAL_SUBJECT_CONSIGNOR_ATTR, new X500DataTypeAttribute(), consignorCertificate.getSubjectX500Principal().getName()));
        }
        addAttributesFromAIPs(client, attributes);
        List resources = requestType.getResources();
        ResourceType resourceType = new ResourceType();
        resources.add(resourceType);
        List attributes2 = resourceType.getAttributes();
        attributes2.add(getAttribute(XACMLAttribute.Name.XACML_RESOURCE_ID_ATTR.toString(), new AnyURIDataTypeAttribute(), resourceDescriptor.getServiceName()));
        if (resourceDescriptor.getResourceID() != null) {
            attributes2.add(getAttribute(PDPUtils.LOCAL_WSR_ATTR, new StringDataTypeAttribute(), resourceDescriptor.getResourceID()));
        }
        if (resourceDescriptor.getOwner() != null) {
            attributes2.add(getAttribute(PDPUtils.LOCAL_OWNER_ATTR, new X500DataTypeAttribute(), new X500Principal(resourceDescriptor.getOwner()).getName()));
        }
        if (str != null) {
            ActionType actionType = new ActionType();
            actionType.getAttributes().add(getAttribute(XACMLAttribute.Name.XACML_ACTION_ID_ATTR.toString(), new StringDataTypeAttribute(), str));
            requestType.setAction(actionType);
        }
        requestType.setEnvironment(new EnvironmentType());
        return new RequestCtx(requestType);
    }

    private static AttributeValueType getStringAV(String str) {
        AttributeValueType attributeValueType = new AttributeValueType();
        attributeValueType.getContent().add(str);
        return attributeValueType;
    }

    private static AttributeType getAttribute(String str, DataTypeAttribute<?> dataTypeAttribute, String str2) {
        AttributeType attributeType = new AttributeType();
        attributeType.setAttributeId(str);
        attributeType.setDataType(dataTypeAttribute);
        attributeType.getAttributeValues().add(getStringAV(str2));
        return attributeType;
    }

    private void addAttributesFromAIPs(Client client, List<AttributeType> list) {
        URNToDataTypeConverter uRNToDataTypeConverter = new URNToDataTypeConverter();
        for (XACMLAttribute xACMLAttribute : client.getSubjectAttributes().getXacmlAttributes()) {
            if (PDPUtils.checkGenericAttr(xACMLAttribute.getName())) {
                list.add(getAttribute(xACMLAttribute.getName(), uRNToDataTypeConverter.unmarshal(xACMLAttribute.getType().toString()), xACMLAttribute.getValue()));
            } else {
                log.warn("Among clients GENERIC XACML attributes retrieved from the configured attribute sources, the special attribute " + xACMLAttribute.getName() + " was found. Ignoring it.");
            }
        }
    }
}
