package org.aaaarch.gaaapi.impl.pep;

import com.sun.xacml.finder.PolicyFinder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.logging.Logger;
import org.aaaarch.config.ConfigSecurity;
import org.aaaarch.config.ConstantsNS;
import org.aaaarch.gaaapi.MalformedAuthzRequestException;
import org.aaaarch.gaaapi.NotAuthenticatedException;
import org.aaaarch.gaaapi.NotAuthorizedException;
import org.aaaarch.gaaapi.NotAvailablePDPException;
import org.aaaarch.gaaapi.PEPConfig;
import org.aaaarch.gaaapi.PEPgenRequest;
import org.aaaarch.gaaapi.PEPinputParser;
import org.aaaarch.gaaapi.ResolverNS;
import org.aaaarch.gaaapi.TriageAuthzRequest;
import org.aaaarch.gaaapi.TrustDomain;
import org.aaaarch.gaaapi.ticktok.TicketAuthority;
import org.aaaarch.impl.pdp.PDPResponceException;
import org.aaaarch.impl.pdp.XACMLPDPsimple;
import org.aaaarch.utils.HelpersXMLsecurity;

/* loaded from: input_file:org/aaaarch/gaaapi/impl/pep/PEPtbn.class */
public class PEPtbn {
    private static PEPtbn pep;
    private static PEPConfig confPEP;
    private static TicketAuthority issuerAuthzTicket;
    private static String ticketauthority;
    private static ResolverNS resolverNS;
    private static TrustDomain trustDomain;
    static String resourceId;
    static String actions;
    static String authzTicket;
    static String sessionId;
    static String sessionCreds;
    private static String trustdomainPEP = "x-urn:aaa:trust:pep";
    private static final Logger logger = Logger.getLogger(PolicyFinder.class.getName());

    public PEPtbn(PEPConfig pEPConfig) {
        issuerAuthzTicket = pEPConfig.getIssuerAuthzTicket();
        resolverNS = pEPConfig.getResolverNS();
        trustDomain = pEPConfig.getTrustDomain();
        sessionCreds = pEPConfig.getSessionCreds();
    }

    private static void configurePEP() throws Exception {
        confPEP = PEPConfig.getPEPConfigTest();
        trustDomain = confPEP.getTrustDomain();
        trustdomainPEP = trustDomain.getTrustDomain();
        issuerAuthzTicket = confPEP.getIssuerAuthzTicket();
        ticketauthority = issuerAuthzTicket.getIssuerAuthzTicket();
        resolverNS = confPEP.getResolverNS();
        sessionCreds = confPEP.getSessionCreds();
    }

    public static boolean authorizeAction(String str, String str2, HashMap hashMap) throws Exception {
        boolean z = false;
        List configPolicy = ConfigSecurity.getConfigPolicy(null);
        String requestPDP = XACMLPDPsimple.requestPDP(PEPgenRequest.generateXACMLRequestCtx(hashMap, str, str2, (String) null), String.valueOf(configPolicy.get(0).toString()) + configPolicy.get(1).toString() + "policyXACML00.xml");
        System.out.println("\nPDP Response: \n" + requestPDP);
        ArrayList parsePDPResponse = PEPinputParser.parsePDPResponse(requestPDP);
        if (parsePDPResponse.get(0).equals("Permit")) {
            z = true;
        }
        if (parsePDPResponse.get(0).equals("Deny")) {
            z = false;
        }
        if (parsePDPResponse.get(0).equals("Indeterminate")) {
            throw new PDPResponceException("PDP response: Indeterminate: Request not complete or PDP evaluation not complete");
        }
        if (parsePDPResponse.get(0).equals("NotApplicable")) {
            throw new PDPResponceException("PDP response: NotApplicable: Request and Policy semantics or values don't match");
        }
        return z;
    }

    public static String authorizeAction(String str, String str2, String str3, String str4) throws Exception, NotAuthenticatedException, NotAuthorizedException, NotAvailablePDPException {
        boolean z = false;
        configurePEP();
        String nodeName = HelpersXMLsecurity.readStringToDOM(str).getDocumentElement().getNodeName();
        if (nodeName.equals(null)) {
            throw new MalformedAuthzRequestException("PEP Request is not complete: AuthzTicket or AuthzToken are null");
        }
        if (!nodeName.equals(ConstantsNS.TAG_AZTICKET)) {
            if (nodeName.equals(ConstantsNS.TAG_AZTOKEN)) {
                System.out.println("\n\nPEP.authorizeAction(Token) input data check \n" + str2 + ", " + str4 + ", " + str3 + "\n" + str + "\n");
                System.out.println("PEP.authoriseAction(Token): Start processing PEP Request with AuthzTicket");
                z = TriageAuthzRequest.tryRequestTicketToken(str, str2, str3, str4);
                System.out.println("\nPEP.authorizeAction(Token): returned Triage result is \"" + (z ? "Permit" : "Deny") + "\"");
            } else if (nodeName.equals(ConstantsNS.TAG_AZTICKET_SAML)) {
                throw new MalformedAuthzRequestException("Not supported AuthzTicket/Token format");
            }
        }
        if (z) {
            return str;
        }
        throw new NotAuthorizedException("PEP.authorizeAction(Token): User is not authorised");
    }
}
