package eu.unicore.uas.pdp.request.profile;

import eu.unicore.security.Client;
import eu.unicore.security.XACMLAttribute;
import eu.unicore.services.security.pdp.ActionDescriptor;
import eu.unicore.services.security.util.ResourceDescriptor;
import eu.unicore.uas.pdp.request.creator.XACMLAttributeMeta;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:eu/unicore/uas/pdp/request/profile/EMI1Profile.class */
public class EMI1Profile extends XACMLProfileBase {
    public static final String ATTR_PROFILE_ID_XACML_ID = "http://dci-sec.org/xacml/attribute/profile-id";
    public static final String ATTR_PROFILE_ID_VALUE = "http://dci-sec.org/xacml/profile/common-authz/1.1";
    public static final String ATTR_SUBJECT_ISSUER_XACML_ID = "http://dci-sec.org/xacml/attribute/subject-issuer";
    public static final String ATTR_VO_XACML_ID = "http://dci-sec.org/xacml/attribute/virtual-organization";
    public static final String ATTR_GROUP_XACML_ID = "http://dci-sec.org/xacml/attribute/group";
    public static final String ATTR_PRIMARY_GROUP_XACML_ID = "http://dci-sec.org/xacml/attribute/group/primary";
    public static final String ATTR_ROLE_XACML_ID = "http://dci-sec.org/xacml/attribute/role";
    public static final String ATTR_PRIMARY_ROLE_XACML_ID = "http://dci-sec.org/xacml/attribute/role/primary";
    public static final String ATTR_RESOURCE_OWNER_XACML_ID = "http://dci-sec.org/xacml/attribute/resource-owner";

    public EMI1Profile(String str) {
        super(str);
        this.siteUrl = str;
        addAttributeDef(new XACMLAttributeMeta(ATTR_PROFILE_ID_XACML_ID, XACMLAttribute.Type.ANYURI.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Environment));
        addAttributeDef(new XACMLAttributeMeta(ATTR_SUBJECT_ISSUER_XACML_ID, XACMLAttribute.Type.X500NAME.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Subject));
        addAttributeDef(new XACMLAttributeMeta(ATTR_VO_XACML_ID, XACMLAttribute.Type.STRING.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Subject));
        addAttributeDef(new XACMLAttributeMeta(ATTR_GROUP_XACML_ID, XACMLAttribute.Type.STRING.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Subject));
        addAttributeDef(new XACMLAttributeMeta(ATTR_PRIMARY_GROUP_XACML_ID, XACMLAttribute.Type.STRING.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Subject));
        addAttributeDef(new XACMLAttributeMeta(ATTR_ROLE_XACML_ID, XACMLAttribute.Type.STRING.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Subject));
        addAttributeDef(new XACMLAttributeMeta(ATTR_PRIMARY_ROLE_XACML_ID, XACMLAttribute.Type.STRING.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Subject));
        addAttributeDef(new XACMLAttributeMeta(XACMLAttribute.Name.XACML_RESOURCE_ID_ATTR.toString(), XACMLAttribute.Type.STRING.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Resource));
        addAttributeDef(new XACMLAttributeMeta(ATTR_RESOURCE_OWNER_XACML_ID, XACMLAttribute.Type.X500NAME.toString(), XACMLAttributeMeta.XACMLAttributeCategory.Resource));
    }

    @Override // eu.unicore.uas.pdp.request.profile.XACMLProfile
    public List<String> getValue(XACMLAttributeMeta xACMLAttributeMeta, Client client, ActionDescriptor actionDescriptor, ResourceDescriptor resourceDescriptor) {
        List<String> arrayList = new ArrayList();
        String name = xACMLAttributeMeta.getName();
        if (name.equals(XACMLAttribute.Name.XACML_SUBJECT_ID_ATTR.toString())) {
            arrayList.add(client.getDistinguishedName());
        } else if (name.equals(XACMLAttribute.Name.XACML_ACTION_ID_ATTR.toString())) {
            String action = actionDescriptor != null ? actionDescriptor.getAction() : null;
            arrayList.add(action != null ? action : "___ANY_ACTION___");
        } else if (name.equals(ATTR_PROFILE_ID_XACML_ID)) {
            arrayList.add(ATTR_PROFILE_ID_VALUE);
        } else if (name.equals(ATTR_SUBJECT_ISSUER_XACML_ID)) {
            if (client.getSecurityTokens() != null) {
                arrayList.add(client.getSecurityTokens().getEffectiveUserCertificate().getIssuerX500Principal().getName());
            }
        } else if (name.equals(ATTR_VO_XACML_ID)) {
            arrayList = getEMIVos(client.getVos());
        } else if (name.equals(ATTR_GROUP_XACML_ID)) {
            arrayList = getEMIGroups(client.getVos());
        } else if (name.equals(ATTR_PRIMARY_GROUP_XACML_ID)) {
            if (client.getVo() != null) {
                arrayList.add(client.getVo());
            }
        } else if (name.equals(ATTR_ROLE_XACML_ID)) {
            String[] validRoles = client.getRole().getValidRoles();
            if (validRoles != null) {
                Collections.addAll(arrayList, validRoles);
            }
        } else if (name.equals(ATTR_PRIMARY_ROLE_XACML_ID)) {
            arrayList.add(client.getRole().getName());
        } else if (name.equals(XACMLAttribute.Name.XACML_RESOURCE_ID_ATTR.toString())) {
            arrayList.add(getU6ResourceAttr(this.siteUrl, resourceDescriptor.getServiceName(), resourceDescriptor.getResourceID()));
        } else {
            if (!name.equals(ATTR_RESOURCE_OWNER_XACML_ID)) {
                throw new RuntimeException("BUG! got request about attribute for which we don't have value generator: " + xACMLAttributeMeta);
            }
            String owner = resourceDescriptor.getOwner();
            if (owner != null) {
                arrayList.add(new X500Principal(owner).getName());
            }
        }
        return arrayList;
    }

    protected String getU6ResourceAttr(String str, String str2, String str3) {
        StringBuilder sb = new StringBuilder();
        sb.append("u6://");
        try {
            URL url = new URL(str);
            sb.append(url.getHost() + ":" + url.getPort());
        } catch (MalformedURLException e) {
        }
        sb.append("/" + str2);
        sb.append("/" + str3);
        return sb.toString();
    }

    protected List<String> getEMIVos(String[] strArr) {
        HashSet hashSet = new HashSet();
        for (String str : strArr) {
            if (!str.startsWith("/")) {
                str = "/" + str;
            }
            hashSet.add(str.trim().split("/")[1]);
        }
        ArrayList arrayList = new ArrayList(hashSet);
        Collections.sort(arrayList);
        return arrayList;
    }

    protected List<String> getEMIGroups(String[] strArr) {
        ArrayList arrayList = new ArrayList();
        Collections.addAll(arrayList, strArr);
        Collections.sort(arrayList);
        return arrayList;
    }
}
