package nl.nn.testtool.web;

import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:adapterframework.war:WEB-INF/lib/ibis-ladybug-2.2-20211120.230828.jar:nl/nn/testtool/web/ApiAuthorizationFilter.class */
public class ApiAuthorizationFilter implements ContainerRequestFilter {
    private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
    private Map<Pattern, ConfigurationPart> configuration = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:adapterframework.war:WEB-INF/lib/ibis-ladybug-2.2-20211120.230828.jar:nl/nn/testtool/web/ApiAuthorizationFilter$ConfigurationPart.class */
    public static class ConfigurationPart {
        private Set<String> methods;
        private Pattern pattern;
        private int specificity;
        private List<String> roles;

        ConfigurationPart(String str, List<String> list) {
            int indexOf = str.indexOf(47);
            String[] split = str.substring(0, indexOf).split(",");
            if (split.length != 0 && !split[0].equals("")) {
                for (int i = 0; i < split.length; i++) {
                    split[i] = split[i].toLowerCase();
                }
                this.methods = new HashSet(Arrays.asList(split));
            }
            String substring = str.substring(indexOf + 1);
            this.specificity = (int) substring.chars().filter(i2 -> {
                return i2 == 47;
            }).count();
            this.pattern = Pattern.compile(substring);
            this.roles = list == null ? new ArrayList<>(0) : list;
        }

        public boolean containsMethod(String str) {
            return this.methods == null || this.methods.contains(str.toLowerCase());
        }

        public String toString() {
            return "Methods: \"" + this.methods + "\", Pattern: \"" + this.pattern + "\", Roles: " + this.roles.toString();
        }

        public Pattern getPattern() {
            return this.pattern;
        }

        public int getSpecificity() {
            return this.specificity;
        }

        public List<String> getRoles() {
            return this.roles;
        }
    }

    public void setChangeReportGeneratorEnabledRoles(List<String> list) {
        log.info("Set change report generator enabled roles");
        addConfigurationPart("POST/testtool$", list);
    }

    public void setRerunRoles(List<String> list) {
        log.info("Set rerun roles");
        addConfigurationPart("POST/runner/run/.*", list);
    }

    public void setLadybugApiRoles(Map<String, List<String>> map) {
        log.info("Set Ladybug api roles");
        for (String str : map.keySet()) {
            addConfigurationPart(str, map.get(str));
        }
    }

    private void addConfigurationPart(String str, List<String> list) {
        ConfigurationPart configurationPart = new ConfigurationPart(str, list);
        log.debug("Add configuration part [" + configurationPart.toString() + "]");
        this.configuration.put(configurationPart.getPattern(), configurationPart);
    }

    @Override // javax.ws.rs.container.ContainerRequestFilter
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (containerRequestContext.getSecurityContext().getUserPrincipal() == null) {
            return;
        }
        if (this.configuration.size() != 0) {
            String lowerCase = containerRequestContext.getUriInfo().getPath().toLowerCase();
            ConfigurationPart configurationPart = null;
            for (Pattern pattern : this.configuration.keySet()) {
                ConfigurationPart configurationPart2 = this.configuration.get(pattern);
                boolean matches = pattern.matcher(lowerCase).matches();
                boolean z = configurationPart == null;
                boolean z2 = z || configurationPart.getSpecificity() < configurationPart2.getSpecificity();
                boolean containsMethod = this.configuration.get(pattern).containsMethod(containerRequestContext.getMethod());
                if (matches && (z || z2)) {
                    if (containsMethod) {
                        configurationPart = configurationPart2;
                    }
                }
            }
            if (configurationPart == null) {
                return;
            }
            Iterator<String> it = configurationPart.getRoles().iterator();
            while (it.hasNext()) {
                if (containerRequestContext.getSecurityContext().isUserInRole(it.next())) {
                    return;
                }
            }
        }
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
    }
}
