package com.sun.identity.entitlement.opensso;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.entitlement.EntitlementException;
import com.sun.identity.entitlement.EntitlementListener;
import com.sun.identity.entitlement.interfaces.IEntitlementListenerRegistry;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.sm.AttributeSchema;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.ServiceSchemaManager;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.security.auth.Subject;
import org.apache.hc.core5.http.HttpStatus;
import org.forgerock.openam.entitlement.PolicyConstants;
import org.forgerock.openam.entitlement.utils.EntitlementUtils;
import org.forgerock.openam.sdk.org.json.JSONException;
import org.forgerock.openam.sdk.org.json.JSONObject;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.1.jar:com/sun/identity/entitlement/opensso/OpenSSOEntitlementListener.class */
public class OpenSSOEntitlementListener implements IEntitlementListenerRegistry {
    private static final String ATTR_NAME = "listeners";
    private ReadWriteLock rwlock = new ReentrantReadWriteLock();

    @Override // com.sun.identity.entitlement.interfaces.IEntitlementListenerRegistry
    public void addListener(Subject subject, EntitlementListener entitlementListener) throws EntitlementException {
        for (String str : entitlementListener.getMapAppToRes().keySet()) {
            if (!doesApplicationExist(str)) {
                throw new EntitlementException(HttpStatus.SC_REQUEST_HEADER_FIELDS_TOO_LARGE, str);
            }
        }
        List<EntitlementListener> listeners = getListeners();
        boolean z = false;
        Iterator<EntitlementListener> it = listeners.iterator();
        while (true) {
            if (it.hasNext()) {
                if (it.next().combine(entitlementListener)) {
                    z = true;
                    break;
                }
            } else {
                break;
            }
        }
        if (!z) {
            listeners.add(entitlementListener);
        }
        storeListeners(listeners);
    }

    @Override // com.sun.identity.entitlement.interfaces.IEntitlementListenerRegistry
    public boolean removeListener(Subject subject, String str) throws EntitlementException {
        if (str == null) {
            throw new EntitlementException(436);
        }
        try {
            URL url = new URL(str);
            boolean z = false;
            List<EntitlementListener> listeners = getListeners();
            int size = listeners.size() - 1;
            while (true) {
                if (size < 0) {
                    break;
                }
                EntitlementListener entitlementListener = listeners.get(size);
                if (entitlementListener.getUrl().equals(url)) {
                    listeners.remove(entitlementListener);
                    z = true;
                    break;
                }
                size--;
            }
            storeListeners(listeners);
            return z;
        } catch (MalformedURLException e) {
            throw new EntitlementException(435);
        }
    }

    private void storeListeners(List<EntitlementListener> list) throws EntitlementException {
        this.rwlock.writeLock().lock();
        try {
            try {
                AttributeSchema attributeSchema = getAttributeSchema();
                HashSet hashSet = new HashSet();
                Iterator<EntitlementListener> it = list.iterator();
                while (it.hasNext()) {
                    hashSet.add(it.next().toJSON().toString());
                }
                attributeSchema.setDefaultValues(hashSet);
                this.rwlock.writeLock().unlock();
            } catch (SSOException e) {
                throw new EntitlementException(427, e);
            } catch (SMSException e2) {
                throw new EntitlementException(HttpStatus.SC_UPGRADE_REQUIRED, e2);
            } catch (JSONException e3) {
                throw new EntitlementException(HttpStatus.SC_UPGRADE_REQUIRED, e3);
            }
        } catch (Throwable th) {
            this.rwlock.writeLock().unlock();
            throw th;
        }
    }

    private List<EntitlementListener> getListeners() throws EntitlementException {
        ArrayList arrayList = new ArrayList();
        try {
            Set defaultValues = getAttributeSchema().getDefaultValues();
            if (defaultValues != null) {
                Iterator it = defaultValues.iterator();
                while (it.hasNext()) {
                    arrayList.add(new EntitlementListener(new JSONObject((String) it.next())));
                }
            }
            return arrayList;
        } catch (SSOException e) {
            throw new EntitlementException(427, e);
        } catch (SMSException e2) {
            throw new EntitlementException(HttpStatus.SC_UPGRADE_REQUIRED, e2);
        } catch (JSONException e3) {
            throw new EntitlementException(HttpStatus.SC_UPGRADE_REQUIRED, e3);
        }
    }

    private AttributeSchema getAttributeSchema() throws SMSException, SSOException {
        return new ServiceSchemaManager("sunEntitlementService", (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance())).getGlobalSchema().getAttributeSchema(ATTR_NAME);
    }

    private boolean doesApplicationExist(String str) throws EntitlementException {
        return EntitlementUtils.getApplicationService(PolicyConstants.SUPER_ADMIN_SUBJECT, "/").getApplicationNames().contains(str);
    }

    @Override // com.sun.identity.entitlement.interfaces.IEntitlementListenerRegistry
    public Set<EntitlementListener> getListeners(Subject subject) throws EntitlementException {
        this.rwlock.readLock().lock();
        try {
            HashSet hashSet = new HashSet();
            hashSet.addAll(getListeners());
            this.rwlock.readLock().unlock();
            return hashSet;
        } catch (Throwable th) {
            this.rwlock.readLock().unlock();
            throw th;
        }
    }
}
