package no.fintlabs.opa;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import no.fintlabs.opa.model.AllowResponse;
import no.fintlabs.opa.model.OpaRequest;
import no.fintlabs.opa.model.Scope;
import no.fintlabs.opa.model.ScopesListResponse;
import no.fintlabs.opa.model.ScopesResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Component;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.context.request.RequestContextHolder;

@Component
/* loaded from: input_file:no/fintlabs/opa/OpaApiClient.class */
public class OpaApiClient {
    private static final Logger log = LoggerFactory.getLogger(OpaApiClient.class);
    private RestTemplate restTemplate;

    public OpaApiClient(RestTemplate restTemplate) {
        this.restTemplate = restTemplate;
    }

    @Deprecated(forRemoval = true)
    public List<Scope> getScopesForUser(String str) {
        log.info("Getting scopes for user {}", str);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        try {
            ResponseEntity exchange = this.restTemplate.exchange("/scopes", HttpMethod.POST, new HttpEntity(createOpaRequestData(str, "GET", getRequestURI()), httpHeaders), ScopesResponse.class, new Object[0]);
            log.info("Got scopes from OPA: {}", exchange.getBody());
            return (List) Optional.ofNullable((ScopesResponse) exchange.getBody()).map((v0) -> {
                return v0.getScopes();
            }).orElse(Collections.emptyList());
        } catch (HttpClientErrorException e) {
            log.warn("Could not fetch scopes for user {}. Response status: {}", str, e.getStatusCode());
            return Collections.emptyList();
        } catch (Exception e2) {
            log.error("An error occurred while fetching scopes for user {}", str, e2);
            return Collections.emptyList();
        }
    }

    public List<Scope> getScopesListForUser(String str) {
        log.info("Getting scopes for user {}", str);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        try {
            ResponseEntity exchange = this.restTemplate.exchange("/scopeslist", HttpMethod.POST, new HttpEntity(createOpaRequestData(str, "GET", getRequestURI()), httpHeaders), ScopesListResponse.class, new Object[0]);
            log.info("Got scopes from OPA: {}", exchange.getBody());
            List<Scope> list = ((ScopesListResponse) exchange.getBody()).getScopes().stream().flatMap((v0) -> {
                return v0.stream();
            }).toList();
            HashMap hashMap = new HashMap();
            for (Scope scope : list) {
                ((Set) hashMap.computeIfAbsent(scope.getObjectType(), str2 -> {
                    return new HashSet();
                })).addAll(scope.getOrgUnits());
            }
            ArrayList arrayList = new ArrayList();
            for (Map.Entry entry : hashMap.entrySet()) {
                arrayList.add(new Scope((String) entry.getKey(), new ArrayList((Collection) entry.getValue())));
            }
            return arrayList;
        } catch (HttpClientErrorException e) {
            log.warn("Could not fetch scopes for user {}. Response status: {}", str, e.getStatusCode());
            return Collections.emptyList();
        } catch (Exception e2) {
            log.error("An error occurred while fetching scopes for user {}", str, e2);
            return Collections.emptyList();
        }
    }

    public boolean hasUserAuthorization(String str, String str2, String str3) {
        HttpEntity httpEntity = new HttpEntity(createOpaRequestData(str, str2, str3));
        try {
            log.info("Fetching authorization for user {}, operation {} and url {}", new Object[]{str, str2, str3});
            ResponseEntity exchange = this.restTemplate.exchange("/allow", HttpMethod.POST, httpEntity, AllowResponse.class, new Object[0]);
            boolean z = exchange.getBody() != null && ((AllowResponse) exchange.getBody()).isAllow();
            log.info("User {} got authorization response for operation {}: {}", new Object[]{str, str2, Boolean.valueOf(z)});
            return z;
        } catch (HttpClientErrorException e) {
            log.warn("Could not fetch authorization for user {}. Response status: {}", str, e.getStatusCode());
            return false;
        } catch (Exception e2) {
            log.error("An error occurred while fetching authorization for user {}", str, e2);
            return false;
        }
    }

    private Map<String, Object> createOpaRequestData(String str, String str2, String str3) {
        return Map.of("input", new OpaRequest(str, str2, str3));
    }

    private String getRequestURI() {
        return RequestContextHolder.getRequestAttributes() == null ? "" : RequestContextHolder.getRequestAttributes().getRequest().getRequestURI();
    }
}
