package org.apereo.cas.services;

import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import lombok.Generated;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.hc.core5.http.HttpEntityContainer;
import org.apereo.cas.configuration.support.ExpressionLanguageCapable;
import org.apereo.cas.util.HttpUtils;
import org.apereo.cas.util.LoggingUtils;
import org.apereo.cas.util.function.FunctionUtils;
import org.apereo.cas.util.serialization.JacksonObjectMapperFactory;
import org.apereo.cas.util.spring.SpringExpressionLanguageValueResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;

@JsonInclude(JsonInclude.Include.NON_DEFAULT)
/* loaded from: input_file:org/apereo/cas/services/OpenFGARegisteredServiceAccessStrategy.class */
public class OpenFGARegisteredServiceAccessStrategy extends BaseRegisteredServiceAccessStrategy {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(OpenFGARegisteredServiceAccessStrategy.class);
    private static final ObjectMapper MAPPER = JacksonObjectMapperFactory.builder().defaultTypingEnabled(false).build().toObjectMapper();
    private static final long serialVersionUID = -1108201604115278440L;
    private String relation;
    private String object;

    @ExpressionLanguageCapable
    private String apiUrl;

    @ExpressionLanguageCapable
    private String storeId;

    @ExpressionLanguageCapable
    private String token;

    /* loaded from: input_file:org/apereo/cas/services/OpenFGARegisteredServiceAccessStrategy$AuthorizationRequestEntity.class */
    private static class AuthorizationRequestEntity {
        private final String user;
        private final String relation;
        private final String object;

        @Generated
        /* loaded from: input_file:org/apereo/cas/services/OpenFGARegisteredServiceAccessStrategy$AuthorizationRequestEntity$AuthorizationRequestEntityBuilder.class */
        public static abstract class AuthorizationRequestEntityBuilder<C extends AuthorizationRequestEntity, B extends AuthorizationRequestEntityBuilder<C, B>> {

            @Generated
            private String user;

            @Generated
            private String relation;

            @Generated
            private String object;

            @Generated
            protected abstract B self();

            @Generated
            public abstract C build();

            @Generated
            public B user(String str) {
                this.user = str;
                return self();
            }

            @Generated
            public B relation(String str) {
                this.relation = str;
                return self();
            }

            @Generated
            public B object(String str) {
                this.object = str;
                return self();
            }

            @Generated
            public String toString() {
                return "OpenFGARegisteredServiceAccessStrategy.AuthorizationRequestEntity.AuthorizationRequestEntityBuilder(user=" + this.user + ", relation=" + this.relation + ", object=" + this.object + ")";
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        @Generated
        /* loaded from: input_file:org/apereo/cas/services/OpenFGARegisteredServiceAccessStrategy$AuthorizationRequestEntity$AuthorizationRequestEntityBuilderImpl.class */
        public static final class AuthorizationRequestEntityBuilderImpl extends AuthorizationRequestEntityBuilder<AuthorizationRequestEntity, AuthorizationRequestEntityBuilderImpl> {
            @Generated
            private AuthorizationRequestEntityBuilderImpl() {
            }

            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.apereo.cas.services.OpenFGARegisteredServiceAccessStrategy.AuthorizationRequestEntity.AuthorizationRequestEntityBuilder
            @Generated
            public AuthorizationRequestEntityBuilderImpl self() {
                return this;
            }

            @Override // org.apereo.cas.services.OpenFGARegisteredServiceAccessStrategy.AuthorizationRequestEntity.AuthorizationRequestEntityBuilder
            @Generated
            public AuthorizationRequestEntity build() {
                return new AuthorizationRequestEntity(this);
            }
        }

        @JsonIgnore
        public String toJson() {
            return (String) FunctionUtils.doUnchecked(() -> {
                return OpenFGARegisteredServiceAccessStrategy.MAPPER.writeValueAsString(Map.of("tuple_key", this));
            });
        }

        @Generated
        protected AuthorizationRequestEntity(AuthorizationRequestEntityBuilder<?, ?> authorizationRequestEntityBuilder) {
            this.user = ((AuthorizationRequestEntityBuilder) authorizationRequestEntityBuilder).user;
            this.relation = ((AuthorizationRequestEntityBuilder) authorizationRequestEntityBuilder).relation;
            this.object = ((AuthorizationRequestEntityBuilder) authorizationRequestEntityBuilder).object;
        }

        @Generated
        public static AuthorizationRequestEntityBuilder<?, ?> builder() {
            return new AuthorizationRequestEntityBuilderImpl();
        }

        @Generated
        public String getUser() {
            return this.user;
        }

        @Generated
        public String getRelation() {
            return this.relation;
        }

        @Generated
        public String getObject() {
            return this.object;
        }
    }

    /* JADX WARN: Type inference failed for: r0v21, types: [org.apereo.cas.services.OpenFGARegisteredServiceAccessStrategy$AuthorizationRequestEntity$AuthorizationRequestEntityBuilder] */
    public boolean doPrincipalAttributesAllowServiceAccess(RegisteredServiceAccessStrategyRequest registeredServiceAccessStrategyRequest) {
        HttpEntityContainer httpEntityContainer = null;
        try {
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("Content-Type", "application/json");
                if (StringUtils.isNotBlank(this.token)) {
                    hashMap.put("Authorization", "Bearer " + SpringExpressionLanguageValueResolver.getInstance().resolve(this.token));
                }
                String removeEnd = StringUtils.removeEnd(SpringExpressionLanguageValueResolver.getInstance().resolve(this.apiUrl), "/");
                String format = String.format("%s/stores/%s/check", removeEnd, StringUtils.removeEnd(SpringExpressionLanguageValueResolver.getInstance().resolve(this.storeId), "/"));
                String json = AuthorizationRequestEntity.builder().object(StringUtils.defaultString(this.object, registeredServiceAccessStrategyRequest.getService().getId())).relation(StringUtils.defaultString(this.relation, "owner")).user(registeredServiceAccessStrategyRequest.getPrincipalId()).build().toJson();
                HttpUtils.HttpExecutionRequest build = HttpUtils.HttpExecutionRequest.builder().method(HttpMethod.POST).url(format).headers(hashMap).entity(json).build();
                LOGGER.debug("Submitting authorization request to [{}] for [{}]", format, json);
                httpEntityContainer = HttpUtils.execute(build);
                if (!HttpStatus.resolve(httpEntityContainer.getCode()).is2xxSuccessful()) {
                    HttpUtils.close(httpEntityContainer);
                    return false;
                }
                String iOUtils = IOUtils.toString(httpEntityContainer.getEntity().getContent(), StandardCharsets.UTF_8);
                LOGGER.trace("Received response from endpoint [{}] as [{}]", removeEnd, iOUtils);
                boolean booleanValue = ((Boolean) ((Map) MAPPER.readValue(iOUtils, Map.class)).getOrDefault("allowed", Boolean.FALSE)).booleanValue();
                HttpUtils.close(httpEntityContainer);
                return booleanValue;
            } catch (Exception e) {
                LoggingUtils.error(LOGGER, e);
                HttpUtils.close(httpEntityContainer);
                return false;
            }
        } catch (Throwable th) {
            HttpUtils.close(httpEntityContainer);
            throw th;
        }
    }

    @Override // org.apereo.cas.services.BaseRegisteredServiceAccessStrategy
    @Generated
    public String toString() {
        return "OpenFGARegisteredServiceAccessStrategy(super=" + super.toString() + ", relation=" + this.relation + ", object=" + this.object + ", apiUrl=" + this.apiUrl + ", storeId=" + this.storeId + ", token=" + this.token + ")";
    }

    @Generated
    public String getRelation() {
        return this.relation;
    }

    @Generated
    public String getObject() {
        return this.object;
    }

    @Generated
    public String getApiUrl() {
        return this.apiUrl;
    }

    @Generated
    public String getStoreId() {
        return this.storeId;
    }

    @Generated
    public String getToken() {
        return this.token;
    }

    @Generated
    public OpenFGARegisteredServiceAccessStrategy setRelation(String str) {
        this.relation = str;
        return this;
    }

    @Generated
    public OpenFGARegisteredServiceAccessStrategy setObject(String str) {
        this.object = str;
        return this;
    }

    @Generated
    public OpenFGARegisteredServiceAccessStrategy setApiUrl(String str) {
        this.apiUrl = str;
        return this;
    }

    @Generated
    public OpenFGARegisteredServiceAccessStrategy setStoreId(String str) {
        this.storeId = str;
        return this;
    }

    @Generated
    public OpenFGARegisteredServiceAccessStrategy setToken(String str) {
        this.token = str;
        return this;
    }

    @Override // org.apereo.cas.services.BaseRegisteredServiceAccessStrategy
    @Generated
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof OpenFGARegisteredServiceAccessStrategy)) {
            return false;
        }
        OpenFGARegisteredServiceAccessStrategy openFGARegisteredServiceAccessStrategy = (OpenFGARegisteredServiceAccessStrategy) obj;
        if (!openFGARegisteredServiceAccessStrategy.canEqual(this) || !super.equals(obj)) {
            return false;
        }
        String str = this.relation;
        String str2 = openFGARegisteredServiceAccessStrategy.relation;
        if (str == null) {
            if (str2 != null) {
                return false;
            }
        } else if (!str.equals(str2)) {
            return false;
        }
        String str3 = this.object;
        String str4 = openFGARegisteredServiceAccessStrategy.object;
        if (str3 == null) {
            if (str4 != null) {
                return false;
            }
        } else if (!str3.equals(str4)) {
            return false;
        }
        String str5 = this.apiUrl;
        String str6 = openFGARegisteredServiceAccessStrategy.apiUrl;
        if (str5 == null) {
            if (str6 != null) {
                return false;
            }
        } else if (!str5.equals(str6)) {
            return false;
        }
        String str7 = this.storeId;
        String str8 = openFGARegisteredServiceAccessStrategy.storeId;
        if (str7 == null) {
            if (str8 != null) {
                return false;
            }
        } else if (!str7.equals(str8)) {
            return false;
        }
        String str9 = this.token;
        String str10 = openFGARegisteredServiceAccessStrategy.token;
        return str9 == null ? str10 == null : str9.equals(str10);
    }

    @Override // org.apereo.cas.services.BaseRegisteredServiceAccessStrategy
    @Generated
    protected boolean canEqual(Object obj) {
        return obj instanceof OpenFGARegisteredServiceAccessStrategy;
    }

    @Override // org.apereo.cas.services.BaseRegisteredServiceAccessStrategy
    @Generated
    public int hashCode() {
        int hashCode = super.hashCode();
        String str = this.relation;
        int hashCode2 = (hashCode * 59) + (str == null ? 43 : str.hashCode());
        String str2 = this.object;
        int hashCode3 = (hashCode2 * 59) + (str2 == null ? 43 : str2.hashCode());
        String str3 = this.apiUrl;
        int hashCode4 = (hashCode3 * 59) + (str3 == null ? 43 : str3.hashCode());
        String str4 = this.storeId;
        int hashCode5 = (hashCode4 * 59) + (str4 == null ? 43 : str4.hashCode());
        String str5 = this.token;
        return (hashCode5 * 59) + (str5 == null ? 43 : str5.hashCode());
    }

    @Generated
    public OpenFGARegisteredServiceAccessStrategy() {
    }
}
