package org.forgerock.openam.scripting;

import com.google.inject.Key;
import com.google.inject.name.Names;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.datastruct.CollectionHelper;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.ServiceConfig;
import com.sun.identity.sm.ServiceConfigManager;
import com.sun.identity.sm.ServiceListener;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.forgerock.guice.core.InjectorHolder;
import org.forgerock.openam.scripting.ScriptConstants;
import org.forgerock.openam.utils.StringUtils;
import org.slf4j.Logger;

@Singleton
/* loaded from: input_file:org/forgerock/openam/scripting/ScriptEngineConfigurator.class */
public class ScriptEngineConfigurator implements ServiceListener {
    private final Logger logger;
    private volatile boolean initialised = false;

    @Inject
    public ScriptEngineConfigurator(@Named("ScriptLogger") Logger logger) {
        this.logger = logger;
    }

    public void registerServiceListener() {
        if (this.initialised) {
            return;
        }
        try {
            String addListener = new ServiceConfigManager(ScriptConstants.SERVICE_NAME, getAdminToken()).addListener(this);
            if (addListener == null) {
                throw new SMSException("Unable to register service config listener");
            }
            this.logger.info("Registered service config listener: {}", addListener);
            updateConfig(ScriptConstants.ScriptContext.POLICY_CONDITION);
            updateConfig(ScriptConstants.ScriptContext.AUTHENTICATION_SERVER_SIDE);
            updateConfig(ScriptConstants.ScriptContext.OIDC_CLAIMS);
            this.initialised = true;
        } catch (SSOException | SMSException e) {
            this.logger.error("Unable to create ServiceConfigManager", e);
            throw new IllegalStateException((Throwable) e);
        }
    }

    public void schemaChanged(String str, String str2) {
    }

    public void organizationConfigChanged(String str, String str2, String str3, String str4, String str5, int i) {
    }

    public void globalConfigChanged(String str, String str2, String str3, String str4, int i) {
        if (!ScriptConstants.SERVICE_NAME.equals(str) || StringUtils.isEmpty(str4)) {
            return;
        }
        String[] split = (str4.startsWith("/") ? str4.substring(1).trim() : str4).toUpperCase().split("/");
        if (split.length == 2 && ScriptConstants.ENGINE_CONFIGURATION.equalsIgnoreCase(split[1])) {
            try {
                updateConfig(ScriptConstants.ScriptContext.valueOf(split[0]));
            } catch (IllegalArgumentException e) {
                this.logger.error("Script Context does not exist: " + split[0], e);
            }
        }
    }

    private StandardScriptEngineManager getScriptEngineManager(ScriptConstants.ScriptContext scriptContext) {
        return (StandardScriptEngineManager) InjectorHolder.getInstance(Key.get(StandardScriptEngineManager.class, Names.named(scriptContext.name())));
    }

    protected void updateConfig(ScriptConstants.ScriptContext scriptContext) {
        Map<String, Set<String>> engineConfigurationSchema = getEngineConfigurationSchema(scriptContext);
        int parseInt = parseInt(CollectionHelper.getMapAttr(engineConfigurationSchema, ScriptConstants.THREAD_POOL_CORE_SIZE), 10);
        int parseInt2 = parseInt(CollectionHelper.getMapAttr(engineConfigurationSchema, ScriptConstants.THREAD_POOL_MAX_SIZE), 10);
        int parseInt3 = parseInt(CollectionHelper.getMapAttr(engineConfigurationSchema, ScriptConstants.THREAD_POOL_QUEUE_SIZE), 10);
        long parseLong = parseLong(CollectionHelper.getMapAttr(engineConfigurationSchema, ScriptConstants.THREAD_POOL_IDLE_TIMEOUT), 60L);
        getScriptEngineManager(scriptContext).setConfiguration(ScriptEngineConfiguration.builder().withSecurityManager(CollectionHelper.getBooleanMapAttr(engineConfigurationSchema, ScriptConstants.USE_SECURITY_MANAGER, true) ? System.getSecurityManager() : null).withThreadPoolCoreSize(parseInt).withThreadPoolMaxSize(parseInt2).withThreadPoolQueueSize(parseInt3).withThreadPoolIdleTimeout(parseLong, TimeUnit.SECONDS).withTimeout(parseLong(CollectionHelper.getMapAttr(engineConfigurationSchema, ScriptConstants.SCRIPT_TIMEOUT), 0L), TimeUnit.SECONDS).withWhiteList(compilePatternList(engineConfigurationSchema.get(ScriptConstants.WHITE_LIST))).withBlackList(compilePatternList(engineConfigurationSchema.get(ScriptConstants.BLACK_LIST))).build());
    }

    private SSOToken getAdminToken() {
        return (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance());
    }

    private Map<String, Set<String>> getEngineConfigurationSchema(ScriptConstants.ScriptContext scriptContext) {
        ServiceConfig subConfig;
        ServiceConfig subConfig2;
        try {
            ServiceConfig globalConfig = new ServiceConfigManager(ScriptConstants.SERVICE_NAME, getAdminToken()).getGlobalConfig(ScriptConstants.SCRIPT_IS_DEFAULT);
            if (globalConfig != null && (subConfig = globalConfig.getSubConfig(scriptContext.name())) != null && (subConfig2 = subConfig.getSubConfig(ScriptConstants.ENGINE_CONFIGURATION)) != null) {
                return subConfig2.getAttributes();
            }
        } catch (SSOException e) {
            this.logger.error("ScriptEngineConfigurator.updateConfig", e);
        } catch (SMSException e2) {
            this.logger.error("ScriptEngineConfigurator.updateConfig", e2);
        }
        this.logger.error("No engine configuration called 'EngineConfiguration' found for context '" + scriptContext.name() + "' in service '" + ScriptConstants.SERVICE_NAME + "'. Using default configuration.");
        return Collections.emptyMap();
    }

    protected List<Pattern> compilePatternList(Set<String> set) {
        ArrayList arrayList = new ArrayList();
        if (set != null) {
            for (String str : set) {
                if (!str.isEmpty()) {
                    arrayList.add(Pattern.compile("\\Q" + str.replace("*", "\\E.*?\\Q") + "\\E"));
                }
            }
        }
        return arrayList;
    }

    private int parseInt(String str, int i) {
        try {
            return Integer.parseInt(str);
        } catch (NumberFormatException e) {
            this.logger.error("ScriptEngineConfigurator.parseInt", e);
            return i;
        }
    }

    private long parseLong(String str, long j) {
        try {
            return Long.parseLong(str);
        } catch (NumberFormatException e) {
            this.logger.error("ScriptEngineConfigurator.parseLong", e);
            return j;
        }
    }
}
