package gr.cite.commons.web.authz.configuration;

import gr.cite.tools.logging.LoggerService;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({AuthorizationProperties.class})
@Configuration
/* loaded from: input_file:gr/cite/commons/web/authz/configuration/AuthorizationConfiguration.class */
public class AuthorizationConfiguration implements PermissionPolicyContext {
    private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(AuthorizationConfiguration.class));
    private final HashMap<String, Permission> policies;
    private final List<String> extendedClaims;
    private Hashtable<String, HashSet<String>> permissionRoleMap;
    private Hashtable<String, Hashtable<String, HashSet<String>>> permissionClaimMap;
    private Hashtable<String, HashSet<String>> permissionClientMap;
    private Hashtable<String, Boolean> permissionAnonymousMap;
    private Hashtable<String, Boolean> permissionAuthenticatedMap;
    private Hashtable<String, HashSet<String>> rolePermissionsMap;
    private Hashtable<String, Hashtable<String, HashSet<String>>> claimPermissionsMap;

    @Autowired
    public AuthorizationConfiguration(AuthorizationProperties authorizationProperties) {
        this.policies = authorizationProperties.getPolicies();
        this.extendedClaims = authorizationProperties.getExtendedClaims();
        logger.info("Authorization policies found: {}", Integer.valueOf(this.policies.size()));
        refresh();
    }

    public List<String> getRawExtendedClaims() {
        return this.extendedClaims;
    }

    public HashMap<String, Permission> getRawPolicies() {
        return this.policies;
    }

    private void refresh() {
        this.permissionRoleMap = new Hashtable<>();
        getRawPolicies().forEach((str, permission) -> {
            this.permissionRoleMap.put(str, (HashSet) permission.getRoles());
        });
        this.permissionClaimMap = new Hashtable<>();
        getRawPolicies().forEach((str2, permission2) -> {
            if (permission2.getClaims() == null || permission2.getClaims().size() <= 0) {
                return;
            }
            Hashtable<String, HashSet<String>> hashtable = new Hashtable<>();
            for (PermissionClaims permissionClaims : permission2.getClaims()) {
                hashtable.put(permissionClaims.getClaim(), new HashSet<>(permissionClaims.getValues()));
            }
            this.permissionClaimMap.put(str2, hashtable);
        });
        this.permissionClientMap = new Hashtable<>();
        getRawPolicies().forEach((str3, permission3) -> {
            this.permissionClientMap.put(str3, new HashSet<>(permission3.getClients()));
        });
        this.permissionAnonymousMap = new Hashtable<>();
        getRawPolicies().forEach((str4, permission4) -> {
            this.permissionAnonymousMap.put(str4, permission4.getAllowAnonymous());
        });
        this.permissionAuthenticatedMap = new Hashtable<>();
        getRawPolicies().forEach((str5, permission5) -> {
            this.permissionAuthenticatedMap.put(str5, permission5.getAllowAuthenticated());
        });
        this.rolePermissionsMap = new Hashtable<>();
        getRawPolicies().forEach((str6, permission6) -> {
            if (permission6.getRoles() == null || permission6.getRoles().size() <= 0) {
                return;
            }
            for (String str6 : permission6.getRoles()) {
                if (this.rolePermissionsMap.get(str6) == null) {
                    this.rolePermissionsMap.put(str6, new HashSet<>(List.of(str6)));
                } else {
                    this.rolePermissionsMap.get(str6).add(str6);
                }
            }
        });
        this.claimPermissionsMap = new Hashtable<>();
        getRawPolicies().forEach((str7, permission7) -> {
            if (permission7.getClaims() == null || permission7.getClaims().size() <= 0) {
                return;
            }
            for (PermissionClaims permissionClaims : permission7.getClaims()) {
                if (this.claimPermissionsMap.get(permissionClaims.getClaim()) == null) {
                    this.claimPermissionsMap.put(permissionClaims.getClaim(), new Hashtable<>());
                    Iterator<String> it = permissionClaims.getValues().iterator();
                    while (it.hasNext()) {
                        this.claimPermissionsMap.get(permissionClaims.getClaim()).put(it.next(), new HashSet<>(List.of(str7)));
                    }
                } else {
                    for (String str7 : permissionClaims.getValues()) {
                        this.claimPermissionsMap.get(permissionClaims.getClaim()).computeIfAbsent(str7, str8 -> {
                            return new HashSet(List.of(str7));
                        });
                        this.claimPermissionsMap.get(permissionClaims.getClaim()).get(str7).add(str7);
                    }
                }
            }
        });
        logger.info("Authorization configuration import completed");
    }

    @Override // gr.cite.commons.web.authz.configuration.PermissionPolicyContext
    public Set<String> permissionsOfRoles(Collection<String> collection) {
        HashSet hashSet = new HashSet();
        for (String str : collection) {
            if (this.rolePermissionsMap.get(str) != null) {
                hashSet.addAll(this.rolePermissionsMap.get(str));
            }
        }
        return hashSet;
    }

    @Override // gr.cite.commons.web.authz.configuration.PermissionPolicyContext
    public Set<String> permissionsOfClaims(String str, Collection<String> collection) {
        HashSet hashSet = new HashSet();
        for (String str2 : collection) {
            if (this.claimPermissionsMap.get(str) != null && this.claimPermissionsMap.get(str).get(str2) != null) {
                hashSet.addAll(this.claimPermissionsMap.get(str).get(str2));
            }
        }
        return hashSet;
    }

    @Override // gr.cite.commons.web.authz.configuration.PermissionPolicyContext
    public Set<String> rolesHaving(String str) {
        return this.permissionRoleMap.get(str) == null ? new HashSet() : this.permissionRoleMap.get(str);
    }

    @Override // gr.cite.commons.web.authz.configuration.PermissionPolicyContext
    public Set<String> claimsHaving(String str, String str2) {
        return (this.permissionClaimMap.get(str2) == null || this.permissionClaimMap.get(str2).get(str) == null) ? new HashSet() : this.permissionClaimMap.get(str2).get(str);
    }

    @Override // gr.cite.commons.web.authz.configuration.PermissionPolicyContext
    public Set<String> clientsHaving(String str) {
        return this.permissionClientMap.get(str) == null ? new HashSet() : this.permissionClientMap.get(str);
    }

    @Override // gr.cite.commons.web.authz.configuration.PermissionPolicyContext
    public Boolean allowAnonymous(String str) {
        if (this.permissionAnonymousMap.get(str) == null) {
            return false;
        }
        return this.permissionAnonymousMap.get(str);
    }

    @Override // gr.cite.commons.web.authz.configuration.PermissionPolicyContext
    public Boolean allowAuthenticated(String str) {
        if (this.permissionAuthenticatedMap.get(str) == null) {
            return false;
        }
        return this.permissionAuthenticatedMap.get(str);
    }
}
