package com.sun.identity.entitlement.xacml3;

import com.sun.identity.entitlement.EntitlementException;
import com.sun.identity.entitlement.Privilege;
import com.sun.identity.entitlement.PrivilegeManager;
import com.sun.identity.entitlement.util.SearchFilter;
import com.sun.identity.entitlement.xacml3.core.PolicySet;
import com.sun.identity.entitlement.xacml3.validation.PrivilegeValidator;
import com.sun.identity.shared.debug.Debug;
import java.io.InputStream;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
import org.forgerock.openam.entitlement.service.ApplicationServiceFactory;
import org.forgerock.openam.entitlement.service.ResourceTypeService;
import org.forgerock.openam.sdk.javax.inject.Inject;
import org.forgerock.openam.sdk.javax.inject.Named;
import org.forgerock.openam.xacml.v3.ImportStep;
import org.forgerock.openam.xacml.v3.ImportStepGenerator;
import org.forgerock.openam.xacml.v3.PersistableImportStep;
import org.forgerock.openam.xacml.v3.XACMLApplicationUtils;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/entitlement/xacml3/XACMLExportImport.class */
public class XACMLExportImport {
    public static final String PREFIX = XACMLExportImport.class.getSimpleName();
    private final XACMLReaderWriter xacmlReaderWriter;
    private final SearchFilterFactory searchFilterFactory;
    private final Debug debug;
    private final PrivilegeValidator privilegeValidator;
    private final PrivilegeManagerFactory privilegeManagerFactory;
    private final ApplicationServiceFactory applicationServiceFactory;
    private final ResourceTypeService resourceTypeService;

    /* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/entitlement/xacml3/XACMLExportImport$PrivilegeManagerFactory.class */
    public static class PrivilegeManagerFactory {
        PrivilegeManager createReferralPrivilegeManager(String str, Subject subject) {
            return PrivilegeManager.getInstance(str, subject);
        }
    }

    @Inject
    public XACMLExportImport(PrivilegeManagerFactory privilegeManagerFactory, XACMLReaderWriter xACMLReaderWriter, PrivilegeValidator privilegeValidator, SearchFilterFactory searchFilterFactory, @Named("Entitlement") Debug debug, ApplicationServiceFactory applicationServiceFactory, ResourceTypeService resourceTypeService) {
        this.privilegeManagerFactory = privilegeManagerFactory;
        this.xacmlReaderWriter = xACMLReaderWriter;
        this.searchFilterFactory = searchFilterFactory;
        this.privilegeValidator = privilegeValidator;
        this.debug = debug;
        this.applicationServiceFactory = applicationServiceFactory;
        this.resourceTypeService = resourceTypeService;
    }

    public List<ImportStep> importXacml(String str, InputStream inputStream, Subject subject, boolean z) throws EntitlementException {
        List<PersistableImportStep> generateImportSteps = generateImportSteps(str, xacmlToPrivilegeSet(inputStream), subject);
        applyIfRequired(z, generateImportSteps);
        return new ArrayList(generateImportSteps);
    }

    private PrivilegeSet xacmlToPrivilegeSet(InputStream inputStream) throws EntitlementException {
        return this.xacmlReaderWriter.read(inputStream);
    }

    private List<PersistableImportStep> generateImportSteps(String str, PrivilegeSet privilegeSet, Subject subject) throws EntitlementException {
        ImportStepGenerator importStepGenerator = new ImportStepGenerator(this.applicationServiceFactory.create(subject, str), this.resourceTypeService, this.privilegeManagerFactory.createReferralPrivilegeManager(str, subject), this.privilegeValidator, new XACMLApplicationUtils.ApplicationTypeService(), str, subject, privilegeSet);
        importStepGenerator.generateImportSteps();
        return importStepGenerator.getAllImportSteps();
    }

    private void applyIfRequired(boolean z, List<PersistableImportStep> list) throws EntitlementException {
        if (z) {
            return;
        }
        message("Import: Policies to Import {0}", Integer.valueOf(list.size()));
        for (PersistableImportStep persistableImportStep : list) {
            message("Import: {0} {1} {2}", persistableImportStep.getDiffStatus().name(), persistableImportStep.getType(), persistableImportStep.getName());
            persistableImportStep.apply();
        }
        message("Import: Complete", new Object[0]);
    }

    public PolicySet exportXACML(String str, Subject subject, List<String> list) throws EntitlementException {
        PrivilegeManager createReferralPrivilegeManager = this.privilegeManagerFactory.createReferralPrivilegeManager(str, subject);
        HashSet hashSet = new HashSet();
        if (list != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                SearchFilter filter = this.searchFilterFactory.getFilter(it.next());
                message("Export: Search Filter: {0}", filter);
                hashSet.add(filter);
            }
        }
        Set<String> searchNames = createReferralPrivilegeManager.searchNames(hashSet);
        message("Export: Privilege Matches {0}", Integer.valueOf(searchNames.size()));
        PrivilegeSet privilegeSet = new PrivilegeSet();
        Iterator<String> it2 = searchNames.iterator();
        while (it2.hasNext()) {
            Privilege findByName = createReferralPrivilegeManager.findByName(it2.next(), subject);
            message("Export: Privilege {0}", findByName.getName());
            privilegeSet.addPrivilege(findByName);
        }
        PolicySet xacml = this.xacmlReaderWriter.toXACML(str, privilegeSet);
        message("Export: Complete", new Object[0]);
        return xacml;
    }

    private void message(String str, Object... objArr) {
        if (this.debug.messageEnabled()) {
            this.debug.message(MessageFormat.format(PREFIX + str, objArr));
        }
    }
}
