package eu.unicore.uas.pdp.localsun;

import com.sun.xacml.attr.AnyURIAttribute;
import com.sun.xacml.attr.DateTimeAttribute;
import com.sun.xacml.attr.StandardAttributeFactory;
import com.sun.xacml.attr.StringAttribute;
import com.sun.xacml.attr.X500NameAttribute;
import com.sun.xacml.ctx.Attribute;
import com.sun.xacml.ctx.RequestCtx;
import com.sun.xacml.ctx.Subject;
import de.fzj.unicore.wsrflite.security.util.ResourceDescriptor;
import eu.unicore.security.Client;
import eu.unicore.security.XACMLAttribute;
import eu.unicore.security.util.Log;
import eu.unicore.uas.pdp.PDPUtils;
import java.net.URI;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;

/* loaded from: input_file:eu/unicore/uas/pdp/localsun/RequestBuilder.class */
public class RequestBuilder {
    private static final Logger log = Log.getLogger("unicore.security", RequestBuilder.class);

    private synchronized void addAttributesFromPips(HashSet<Attribute> hashSet, Client client) {
        StandardAttributeFactory factory = StandardAttributeFactory.getFactory();
        for (XACMLAttribute xACMLAttribute : client.getSubjectAttributes().getXacmlAttributes()) {
            if (PDPUtils.checkGenericAttr(xACMLAttribute.getName())) {
                try {
                    hashSet.add(new Attribute(new URI(xACMLAttribute.getName()), (String) null, (DateTimeAttribute) null, factory.createValue(new URI(xACMLAttribute.getType().toString()), xACMLAttribute.getValue())));
                } catch (Exception e) {
                    log.warn("Can't convert supplied XACML attribtue into Sun's XACML attribtue, skipping it", e);
                }
            } else {
                log.warn("Among clients GENERIC XACML attributes retrieved from the configured attribute sources, the special attribute " + xACMLAttribute.getName() + " was found. Ignoring it.");
            }
        }
    }

    public RequestCtx buildRequest(Client client, String str, ResourceDescriptor resourceDescriptor) throws Exception {
        X509Certificate consignorCertificate;
        HashSet hashSet = new HashSet();
        HashSet<Attribute> hashSet2 = new HashSet<>();
        hashSet2.add(new Attribute(new URI(XACMLAttribute.Name.XACML_SUBJECT_ID_ATTR.toString()), (String) null, (DateTimeAttribute) null, new X500NameAttribute(new X500Principal(client.getDistinguishedName()))));
        hashSet2.add(new Attribute(new URI(PDPUtils.LOCAL_SUBJECT_ROLE_ATTR), (String) null, (DateTimeAttribute) null, new StringAttribute(client.getRole().getName())));
        if (client.getSecurityTokens() != null && (consignorCertificate = client.getSecurityTokens().getConsignorCertificate()) != null) {
            hashSet2.add(new Attribute(new URI(PDPUtils.LOCAL_SUBJECT_CONSIGNOR_ATTR), (String) null, (DateTimeAttribute) null, new X500NameAttribute(consignorCertificate.getSubjectX500Principal())));
        }
        for (String str2 : client.getVos()) {
            hashSet2.add(new Attribute(new URI(PDPUtils.LOCAL_SUBJECT_CONSIGNOR_ATTR), (String) null, (DateTimeAttribute) null, new StringAttribute(str2)));
        }
        addAttributesFromPips(hashSet2, client);
        hashSet.add(new Subject(hashSet2));
        HashSet hashSet3 = new HashSet();
        if (str != null) {
            hashSet3.add(new Attribute(new URI(XACMLAttribute.Name.XACML_ACTION_ID_ATTR.toString()), (String) null, (DateTimeAttribute) null, new StringAttribute(str)));
        }
        HashSet hashSet4 = new HashSet();
        hashSet4.add(new Attribute(new URI("urn:oasis:names:tc:xacml:1.0:resource:resource-id"), (String) null, (DateTimeAttribute) null, new AnyURIAttribute(new URI(resourceDescriptor.getServiceName()))));
        if (resourceDescriptor.getResourceID() != null) {
            hashSet4.add(new Attribute(new URI(PDPUtils.LOCAL_WSR_ATTR), (String) null, (DateTimeAttribute) null, new StringAttribute(resourceDescriptor.getResourceID())));
        }
        if (resourceDescriptor.getOwner() != null) {
            hashSet4.add(new Attribute(new URI(PDPUtils.LOCAL_OWNER_ATTR), (String) null, (DateTimeAttribute) null, new X500NameAttribute(new X500Principal(resourceDescriptor.getOwner()))));
        }
        return new RequestCtx(hashSet, hashSet4, hashSet3, new HashSet());
    }
}
