package com.sun.identity.entitlement;

import com.sun.identity.common.HttpURLConnectionManager;
import com.sun.identity.entitlement.interfaces.ResourceName;
import com.sun.identity.federation.common.IFSConstants;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import org.forgerock.openam.entitlement.PolicyConstants;
import org.forgerock.openam.entitlement.utils.EntitlementUtils;
import org.forgerock.openam.sdk.org.json.JSONException;
import org.forgerock.openam.sdk.org.json.JSONObject;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.0.jar:com/sun/identity/entitlement/PrivilegeChangeNotifier.class */
public class PrivilegeChangeNotifier {
    private static PrivilegeChangeNotifier instance = new PrivilegeChangeNotifier();
    private static int POOL_SIZE;
    private static int HTTP_TIMEOUT;
    private static int NUM_RETRY;
    private static int RETRY_INTERVAL;
    private static EntitlementThreadPool thrdPool;

    /* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.0.jar:com/sun/identity/entitlement/PrivilegeChangeNotifier$Task.class */
    public class Task implements Runnable {
        private Subject adminSubject;
        private String url;
        private String json;

        Task(Subject subject, String str, String str2) {
            this.adminSubject = subject;
            this.url = str;
            this.json = str2;
        }

        @Override // java.lang.Runnable
        public void run() {
            int i = 0;
            boolean z = false;
            while (true) {
                int i2 = i;
                i++;
                if (i2 >= PrivilegeChangeNotifier.NUM_RETRY || z) {
                    break;
                }
                z = postRequest();
                if (!z) {
                    try {
                        Thread.sleep(PrivilegeChangeNotifier.RETRY_INTERVAL);
                    } catch (InterruptedException e) {
                    }
                }
            }
            if (z) {
                return;
            }
            try {
                ListenerManager.getInstance().removeListener(this.adminSubject, this.url);
            } catch (EntitlementException e2) {
                PolicyConstants.DEBUG.error("PrivilegeChangeNotifier.Task.run", e2);
            }
        }

        private boolean postRequest() {
            OutputStreamWriter outputStreamWriter = null;
            BufferedReader bufferedReader = null;
            try {
                try {
                    try {
                        HttpURLConnection connection = HttpURLConnectionManager.getConnection(new URL(this.url));
                        connection.setConnectTimeout(PrivilegeChangeNotifier.HTTP_TIMEOUT);
                        connection.setDoOutput(true);
                        outputStreamWriter = new OutputStreamWriter(connection.getOutputStream());
                        outputStreamWriter.write(this.json);
                        outputStreamWriter.flush();
                        boolean z = connection.getResponseCode() == 200;
                        if (outputStreamWriter != null) {
                            try {
                                outputStreamWriter.close();
                            } catch (IOException e) {
                            }
                        }
                        if (0 != 0) {
                            bufferedReader.close();
                        }
                        return z;
                    } catch (Throwable th) {
                        if (outputStreamWriter != null) {
                            try {
                                outputStreamWriter.close();
                            } catch (IOException e2) {
                                throw th;
                            }
                        }
                        if (0 != 0) {
                            bufferedReader.close();
                        }
                        throw th;
                    }
                } catch (IOException e3) {
                    PolicyConstants.DEBUG.error("PrivilegeChangeNotifier.Task.postRequest", e3);
                    if (outputStreamWriter != null) {
                        try {
                            outputStreamWriter.close();
                        } catch (IOException e4) {
                            return false;
                        }
                    }
                    if (0 != 0) {
                        bufferedReader.close();
                    }
                    return false;
                }
            } catch (SocketTimeoutException e5) {
                PolicyConstants.DEBUG.error("PrivilegeChangeNotifier.Task.postRequest", e5);
                if (outputStreamWriter != null) {
                    try {
                        outputStreamWriter.close();
                    } catch (IOException e6) {
                        return false;
                    }
                }
                if (0 != 0) {
                    bufferedReader.close();
                }
                return false;
            }
        }
    }

    private static int getConfiguration(EntitlementConfiguration entitlementConfiguration, String str, int i) {
        Set<String> configuration = entitlementConfiguration.getConfiguration(str);
        if (configuration == null || configuration.isEmpty()) {
            return i;
        }
        try {
            return Integer.parseInt(configuration.iterator().next());
        } catch (NumberFormatException e) {
            PolicyConstants.DEBUG.error("PrivilegeChangeNotifier.getConfiguration: attribute name=" + str, e);
            return i;
        }
    }

    private PrivilegeChangeNotifier() {
    }

    public static PrivilegeChangeNotifier getInstance() {
        return instance;
    }

    public void notify(Subject subject, String str, String str2, String str3, Set<String> set) {
        try {
            Set<EntitlementListener> listeners = ListenerManager.getInstance().getListeners(subject);
            HashSet hashSet = new HashSet();
            for (EntitlementListener entitlementListener : listeners) {
                if (toSendNotification(subject, str, entitlementListener, str2, set)) {
                    hashSet.add(entitlementListener.getUrl());
                }
            }
            String jSONString = toJSONString(str, str3, set);
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                thrdPool.submit(new Task(subject, ((URL) it.next()).toString(), jSONString));
            }
        } catch (EntitlementException e) {
            PolicyConstants.DEBUG.error("PrivilegeChangeNotifier.notify", e);
        } catch (JSONException e2) {
            PolicyConstants.DEBUG.error("PrivilegeChangeNotifier.notify", e2);
        }
    }

    private boolean toSendNotification(Subject subject, String str, EntitlementListener entitlementListener, String str2, Set<String> set) throws EntitlementException {
        Map<String, Set<String>> mapAppToRes = entitlementListener.getMapAppToRes();
        for (String str3 : mapAppToRes.keySet()) {
            if (str3.equals(str2)) {
                Set<String> set2 = mapAppToRes.get(str3);
                if (set2 == null || set2.isEmpty()) {
                    return true;
                }
                ResourceName resourceComparator = EntitlementUtils.getApplicationService(PolicyConstants.SUPER_ADMIN_SUBJECT, str).getApplication(str3).getResourceComparator();
                Iterator<String> it = set2.iterator();
                while (it.hasNext()) {
                    if (doesResourceMatch(resourceComparator, it.next(), set)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private boolean doesResourceMatch(ResourceName resourceName, String str, Set<String> set) {
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            ResourceMatch compare = resourceName.compare(it.next(), str, true);
            if (compare.equals(ResourceMatch.EXACT_MATCH) || compare.equals(ResourceMatch.SUPER_RESOURCE_MATCH) || compare.equals(ResourceMatch.WILDCARD_MATCH)) {
                return true;
            }
        }
        return false;
    }

    private static String toJSONString(String str, String str2, Set<String> set) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("realm", str);
        jSONObject.put("privilegeName", str2);
        jSONObject.put("resources", (Collection<?>) set);
        return jSONObject.toString();
    }

    static {
        POOL_SIZE = 5;
        HTTP_TIMEOUT = 1000;
        NUM_RETRY = 3;
        RETRY_INTERVAL = IFSConstants.MAX_IDLE_TIME;
        EntitlementConfiguration entitlementConfiguration = EntitlementUtils.getEntitlementConfiguration(PolicyConstants.SUPER_ADMIN_SUBJECT, "/");
        POOL_SIZE = getConfiguration(entitlementConfiguration, "privilege-notifier-threadpool-size", 5);
        HTTP_TIMEOUT = getConfiguration(entitlementConfiguration, "privilege-notifier-conn-timeout", 1000);
        NUM_RETRY = getConfiguration(entitlementConfiguration, "privilege-notifier-retries", 3);
        RETRY_INTERVAL = getConfiguration(entitlementConfiguration, "privilege-notifier-duration-between-retries", IFSConstants.MAX_IDLE_TIME);
        thrdPool = new EntitlementThreadPool(POOL_SIZE);
    }
}
