package io.continual.iam.impl.file;

import io.continual.builder.Builder;
import io.continual.iam.IamServiceManager;
import io.continual.iam.access.AccessControlList;
import io.continual.iam.access.AccessDb;
import io.continual.iam.access.AccessManager;
import io.continual.iam.access.AclUpdateListener;
import io.continual.iam.exceptions.IamSvcException;
import io.continual.iam.identity.IdentityDb;
import io.continual.iam.identity.IdentityManager;
import io.continual.iam.impl.common.CommonJsonDb;
import io.continual.iam.impl.common.CommonJsonGroup;
import io.continual.iam.impl.common.CommonJsonIdentity;
import io.continual.iam.impl.common.jwt.JwtProducer;
import io.continual.iam.impl.common.jwt.SimpleJwtValidator;
import io.continual.iam.impl.file.IamFileDb;
import io.continual.iam.tags.TagManager;
import io.continual.services.ServiceContainer;
import io.continual.services.SimpleService;
import io.continual.util.data.exprEval.ExpressionEvaluator;
import io.continual.util.data.json.JsonVisitor;
import java.io.File;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:io/continual/iam/impl/file/IamFileDbServiceManager.class */
public class IamFileDbServiceManager extends SimpleService implements IamServiceManager<CommonJsonIdentity, CommonJsonGroup> {
    private final IamFileDb fDb;

    public IamFileDbServiceManager(ServiceContainer serviceContainer, JSONObject jSONObject) throws IamSvcException, Builder.BuildFailure {
        final String optString = jSONObject.optString("sysAdminGroup", "sysadmin");
        JSONObject optJSONObject = jSONObject.optJSONObject("jwt");
        JwtProducer jwtProducer = null;
        if (optJSONObject != null) {
            String optString2 = optJSONObject.optString("issuer", null);
            String optString3 = optJSONObject.optString("sha256Key", null);
            if (optString2 != null && optString3 != null) {
                jwtProducer = new JwtProducer.Builder().withIssuerName(optString2).usingSigningKey(optString3).build();
            }
        }
        ExpressionEvaluator exprEval = serviceContainer.getExprEval(jSONObject);
        this.fDb = new IamFileDb.Builder().usingFile(new File(exprEval.evaluateText(jSONObject.getString("file")))).withPassword(exprEval.evaluateText(jSONObject.optString("password", ""))).readonly(jSONObject.optBoolean("readonly", false)).usingAclFactory(new CommonJsonDb.AclFactory(this) { // from class: io.continual.iam.impl.file.IamFileDbServiceManager.1
            final /* synthetic */ IamFileDbServiceManager this$0;

            {
                this.this$0 = this;
            }

            public AccessControlList createDefaultAcl(AclUpdateListener aclUpdateListener) {
                AccessControlList accessControlList = new AccessControlList(aclUpdateListener);
                accessControlList.permit(optString, new String[]{"read"}).permit(optString, new String[]{"update"}).permit(optString, new String[]{"create"}).permit(optString, new String[]{"delete"});
                return accessControlList;
            }
        }).withJwtProducer(jwtProducer).build();
        if (optJSONObject != null) {
            JsonVisitor.forEachElement(optJSONObject.optJSONArray("thirdPartyAuth"), new JsonVisitor.ArrayVisitor<JSONObject, Builder.BuildFailure>() { // from class: io.continual.iam.impl.file.IamFileDbServiceManager.2
                public boolean visit(JSONObject jSONObject2) throws JSONException, Builder.BuildFailure {
                    IamFileDbServiceManager.this.fDb.addJwtValidator(new SimpleJwtValidator.Builder().named(jSONObject2.optString("name", "(anonymous)")).forIssuer(jSONObject2.getString("issuer")).forAudience(jSONObject2.getString("audience")).getPublicKeysFrom(jSONObject2.optString("keys")).build());
                    return true;
                }
            });
        }
    }

    public IdentityDb<CommonJsonIdentity> getIdentityDb() throws IamSvcException {
        return this.fDb;
    }

    public AccessDb<CommonJsonGroup> getAccessDb() throws IamSvcException {
        return this.fDb;
    }

    public IdentityManager<CommonJsonIdentity> getIdentityManager() throws IamSvcException {
        return this.fDb;
    }

    public AccessManager<CommonJsonGroup> getAccessManager() throws IamSvcException {
        return this.fDb;
    }

    public TagManager getTagManager() throws IamSvcException {
        return this.fDb;
    }
}
