package it.eng.rdlab.soa3.pm.connector.javaapi.impl.engine;

import it.eng.rdlab.soa3.connector.utils.SecurityManager;
import it.eng.rdlab.soa3.pm.connector.javaapi.beans.AuthZRequestBean;
import it.eng.rdlab.soa3.pm.connector.javaapi.configuration.ConfigurationManagerBuilder;
import it.eng.rdlab.soa3.pm.connector.javaapi.engine.PolicyDecisionEngine;
import it.eng.rdlab.soa3.pm.connector.javaapi.impl.utils.AttributeLoader;
import it.eng.rdlab.soa3.pm.connector.javaapi.impl.utils.Utils;
import java.util.List;
import java.util.Map;
import org.glite.authz.common.model.Attribute;
import org.glite.authz.common.model.Response;
import org.glite.authz.common.model.Result;
import org.glite.authz.common.model.Subject;
import org.glite.authz.pep.client.PEPClient;
import org.glite.authz.pep.client.config.PEPClientConfiguration;
import org.glite.authz.pep.profile.GridCEAuthorizationProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/policy-management-api-impl-0.1.1-3.3.0.jar:it/eng/rdlab/soa3/pm/connector/javaapi/impl/engine/PolicyDecisionEngineImpl.class */
public class PolicyDecisionEngineImpl implements PolicyDecisionEngine {
    private PEPClient client;
    private boolean indeterminateDecision;
    private final String SUBJECT_CATEGORY = Attribute.ID_SUB_CAT_ACCESS_SUBJECT;
    private final String DATA_TYPE = "http://www.w3.org/2001/XMLSchema#string";
    private Logger logger = LoggerFactory.getLogger(getClass());

    public PolicyDecisionEngineImpl() throws Exception {
        PEPClientConfiguration pEPClientConfiguration = new PEPClientConfiguration();
        String authQueryEndpoint = ConfigurationManagerBuilder.getConfigurationManager().getAuthQueryEndpoint();
        this.indeterminateDecision = ConfigurationManagerBuilder.getConfigurationManager().getIndeterminateDecision();
        this.logger.debug("Authorization query endpoint " + authQueryEndpoint);
        pEPClientConfiguration.addPEPDaemonEndpoint(authQueryEndpoint);
        pEPClientConfiguration.setTrustMaterial(SecurityManager.getInstance().getKeyStore());
        pEPClientConfiguration.setKeyMaterial(SecurityManager.getInstance().getKeyStore(), SecurityManager.KEYSTORE_PWD);
        this.client = new PEPClient(pEPClientConfiguration);
        this.logger.debug("Configuration completed");
    }

    @Override // it.eng.rdlab.soa3.pm.connector.javaapi.engine.PolicyDecisionEngine
    public boolean getDecision(AuthZRequestBean authZRequestBean) {
        boolean z = false;
        GridCEAuthorizationProfile gridCEAuthorizationProfile = GridCEAuthorizationProfile.getInstance();
        Subject subject = new Subject();
        subject.setCategory(Attribute.ID_SUB_CAT_ACCESS_SUBJECT);
        Map<String, List<String>> generateAttributeMap = Utils.generateAttributeMap(authZRequestBean.getAttributes());
        for (String str : generateAttributeMap.keySet()) {
            String attribute = AttributeLoader.getInstance().getAttribute(str);
            this.logger.debug("Attribute id " + attribute);
            Attribute attribute2 = new Attribute();
            attribute2.setDataType("http://www.w3.org/2001/XMLSchema#string");
            attribute2.setId(attribute);
            for (String str2 : generateAttributeMap.get(str)) {
                this.logger.debug("Attribute value " + str2);
                attribute2.getValues().add(str2);
            }
            subject.getAttributes().add(attribute2);
        }
        try {
            Response authorize = this.client.authorize(gridCEAuthorizationProfile.createRequest(subject, gridCEAuthorizationProfile.createResourceId(authZRequestBean.getResource()), gridCEAuthorizationProfile.createActionId(authZRequestBean.getAction())));
            this.logger.debug("Argus Response " + authorize);
            List<Result> results = authorize.getResults();
            if (results.size() > 0) {
                int decision = results.get(0).getDecision();
                this.logger.debug("Policy decision = " + decision);
                z = 1 == decision || (this.indeterminateDecision && 0 != decision);
            } else {
                this.logger.error("No results!!!");
            }
        } catch (Exception e) {
            this.logger.debug("Policy query error", (Throwable) e);
        }
        this.logger.debug("Permit = " + z);
        return z;
    }
}
