package pl.edu.icm.yadda.aas.client.authn.session;

import java.util.Arrays;
import java.util.Set;
import org.opensaml.lite.saml2.core.Assertion;
import org.opensaml.lite.xacml.policy.ObligationType;
import org.springframework.beans.factory.annotation.Required;
import pl.edu.icm.yadda.aas.client.ISecuritySession;
import pl.edu.icm.yadda.aas.client.YaddaErrorAwareResult;
import pl.edu.icm.yadda.aas.client.authz.lic.LicensingAuthorizationFacade;
import pl.edu.icm.yadda.aas.client.session.LicenseAuthority;
import pl.edu.icm.yadda.aas.proxy.criterion.CriterionCreatorResponse;
import pl.edu.icm.yadda.aas.proxy.criterion.ICriterionCreatorManager;
import pl.edu.icm.yadda.service2.user.token.SecurityToken;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-1.10.0-RC6.jar:pl/edu/icm/yadda/aas/client/authn/session/LicenseAuthoritySessionEnricher.class */
public class LicenseAuthoritySessionEnricher implements ISessionEnricher {
    public static final String ALL_ALLOWED_MARKUP = "all";
    protected LicensingAuthorizationFacade authzFacade;
    protected ICriterionCreatorManager<String[]> criterionCreatorManager;

    @Override // pl.edu.icm.yadda.aas.client.authn.session.ISessionEnricher
    public void enrich(ISecuritySession iSecuritySession, SecurityToken securityToken, Assertion assertion) throws SessionEnricherException {
        YaddaErrorAwareResult<Set<ObligationType>> retrieveLicenseObligations = this.authzFacade.retrieveLicenseObligations(assertion);
        if (retrieveLicenseObligations.getError() != null) {
            throw new SessionEnricherException("errors found when retrieving license obligations: error code: " + retrieveLicenseObligations.getError().getCode() + ", error message: " + retrieveLicenseObligations.getError().getMssg(), retrieveLicenseObligations.getError().getException());
        }
        LicenseAuthority licenseAuthority = (LicenseAuthority) iSecuritySession.getAuthorities("LICENSE");
        if (licenseAuthority == null) {
            licenseAuthority = new LicenseAuthority();
            iSecuritySession.setAuthorities(licenseAuthority);
        }
        CriterionCreatorResponse<String[]> createCriteria = this.criterionCreatorManager.createCriteria(retrieveLicenseObligations.getData());
        if (createCriteria.isAllowAll()) {
            licenseAuthority.add("all");
        } else {
            if (createCriteria.getSecurityCriterion() == null || createCriteria.getSecurityCriterion().length <= 0) {
                return;
            }
            licenseAuthority.addAll(Arrays.asList(dropTagPrefixes(createCriteria.getSecurityCriterion())));
        }
    }

    protected String[] dropTagPrefixes(String[] strArr) {
        for (int i = 0; i < strArr.length; i++) {
            strArr[i] = strArr[i].replace("license:", "");
        }
        return strArr;
    }

    @Required
    public void setAuthzFacade(LicensingAuthorizationFacade licensingAuthorizationFacade) {
        this.authzFacade = licensingAuthorizationFacade;
    }

    @Required
    public void setCriterionCreatorManager(ICriterionCreatorManager<String[]> iCriterionCreatorManager) {
        this.criterionCreatorManager = iCriterionCreatorManager;
    }
}
