package pl.edu.icm.yadda.aas.proxy;

import java.util.Random;
import java.util.Set;
import org.opensaml.lite.xacml.policy.ObligationType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import pl.edu.icm.ceon.search.model.filter.BooleanFilterDefinition;
import pl.edu.icm.ceon.search.model.filter.FilterClause;
import pl.edu.icm.ceon.search.model.filter.FilterDefinition;
import pl.edu.icm.ceon.search.model.query.SearchOperator;
import pl.edu.icm.yadda.aas.client.YaddaErrorAwareResult;
import pl.edu.icm.yadda.aas.client.authz.lic.LicensingAuthorizationFacade;
import pl.edu.icm.yadda.aas.handler.HeaderFieldBasedSecurityRequestHandler;
import pl.edu.icm.yadda.aas.handler.ISecurityRequestHandler;
import pl.edu.icm.yadda.aas.proxy.criterion.CriterionCreatorResponse;
import pl.edu.icm.yadda.aas.proxy.criterion.ICriterionCreatorManager;
import pl.edu.icm.yadda.aas.proxy.token.CacheEntry;
import pl.edu.icm.yadda.aas.proxy.token.TokenAwareSecuredService;
import pl.edu.icm.yadda.aas.proxy.token.TokenSecurityException;
import pl.edu.icm.yadda.elsevier.utils.BBQ4TitleGroupUtils;
import pl.edu.icm.yadda.service2.GenericRequest;
import pl.edu.icm.yadda.service2.GenericResponse;
import pl.edu.icm.yadda.service2.GetFeaturesRequest;
import pl.edu.icm.yadda.service2.GetFeaturesResponse;
import pl.edu.icm.yadda.service2.GetVersionResponse;
import pl.edu.icm.yadda.service2.PagedListResponseWithCount;
import pl.edu.icm.yadda.service2.VersionHelper;
import pl.edu.icm.yadda.service2.YaddaError;
import pl.edu.icm.yadda.service2.YaddaErrorCodeConstants;
import pl.edu.icm.yadda.service2.common.ParameterRequest;
import pl.edu.icm.yadda.service2.search.AddFilterDefinitionRequest;
import pl.edu.icm.yadda.service2.similarity.ISimilarityService;
import pl.edu.icm.yadda.service2.similarity.SimilarityRequest;
import pl.edu.icm.yadda.service2.similarity.SimilarityResult;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.4.11.jar:pl/edu/icm/yadda/aas/proxy/SecuredSimilarityService.class */
public class SecuredSimilarityService extends TokenAwareSecuredService<String, FilterDefinition> implements ISimilarityService {
    protected ISimilarityService similarityService;
    protected LicensingAuthorizationFacade licAuthzFacade;
    private ICriterionCreatorManager<FilterDefinition> criterionCreatorManager;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected Random rand = new Random();
    private ISecurityRequestHandler securityRequestHandler = new HeaderFieldBasedSecurityRequestHandler();

    @Override // pl.edu.icm.yadda.service2.similarity.ISimilarityService
    public PagedListResponseWithCount<SimilarityResult> findSimilar(SimilarityRequest similarityRequest) {
        YaddaErrorAwareResult<Set<ObligationType>> retrieveLicenseObligations = this.licAuthzFacade.retrieveLicenseObligations(this.securityRequestHandler.extract(similarityRequest));
        if (retrieveLicenseObligations.getError() != null) {
            this.log.error("got error from security client: " + retrieveLicenseObligations.getError().getCode() + ", " + retrieveLicenseObligations.getError().getMssg());
            return new PagedListResponseWithCount<>(retrieveLicenseObligations.getError());
        }
        CriterionCreatorResponse<FilterDefinition> createCriteria = this.criterionCreatorManager.createCriteria(retrieveLicenseObligations.getData());
        if (createCriteria.getSecurityCriterion() != null) {
            this.similarityService.addFilterDefinition(new AddFilterDefinitionRequest(createCriteria.getSecurityCriterion(), false));
        }
        if (similarityRequest.getResumptionToken() == null) {
            if (!shouldBeProcessed(createCriteria)) {
                return new PagedListResponseWithCount<>(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Permission not granted to retrieve search results! No security filter was found!"));
            }
            if (createCriteria.getSecurityCriterion() != null) {
                similarityRequest = mergeFilters(similarityRequest, createCriteria.getSecurityCriterion().getFilterName());
            }
            PagedListResponseWithCount<SimilarityResult> findSimilar = this.similarityService.findSimilar(similarityRequest);
            findSimilar.setResumptionToken(storeEntry(findSimilar.getResumptionToken(), createCriteria));
            return findSimilar;
        }
        try {
            CacheEntry<String, FilterDefinition> cachedEntryWithSecurityCriterionCheckAndRemoval = getCachedEntryWithSecurityCriterionCheckAndRemoval(similarityRequest.getResumptionToken(), createCriteria);
            if (cachedEntryWithSecurityCriterionCheckAndRemoval == null) {
                String str = "invalid resumption token: " + similarityRequest.getResumptionToken();
                this.log.warn(str);
                return new PagedListResponseWithCount<>(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, str));
            }
            similarityRequest.setResumptionToken(cachedEntryWithSecurityCriterionCheckAndRemoval.getInternalToken());
            PagedListResponseWithCount<SimilarityResult> findSimilar2 = this.similarityService.findSimilar(similarityRequest);
            findSimilar2.setResumptionToken(storeEntry(findSimilar2.getResumptionToken(), cachedEntryWithSecurityCriterionCheckAndRemoval.getSecurityCriterion()));
            return findSimilar2;
        } catch (TokenSecurityException e) {
            this.log.warn("Security constraints were violated: security criteria have changed!");
            return new PagedListResponseWithCount<>(new YaddaError(YaddaErrorCodeConstants.ERROR_AUTH, "Security constraints were violated: security criteria have changed!", e));
        }
    }

    protected SimilarityRequest mergeFilters(SimilarityRequest similarityRequest, String str) {
        if (similarityRequest.getFilterName() != null) {
            String buildFilterName = BBQ4TitleGroupUtils.buildFilterName(new String[]{similarityRequest.getFilterName(), str});
            BooleanFilterDefinition booleanFilterDefinition = new BooleanFilterDefinition();
            booleanFilterDefinition.setFilterName(buildFilterName);
            booleanFilterDefinition.addFilterClause(new FilterClause(similarityRequest.getFilterName(), SearchOperator.AND));
            booleanFilterDefinition.addFilterClause(new FilterClause(str, SearchOperator.AND));
            this.similarityService.addFilterDefinition(new AddFilterDefinitionRequest(booleanFilterDefinition, false));
            similarityRequest.setFilterName(buildFilterName);
        } else {
            similarityRequest.setFilterName(str);
        }
        return similarityRequest;
    }

    protected boolean shouldBeProcessed(CriterionCreatorResponse<FilterDefinition> criterionCreatorResponse) {
        return criterionCreatorResponse.isAllowAll() || criterionCreatorResponse.getSecurityCriterion() != null;
    }

    @Override // pl.edu.icm.yadda.aas.proxy.token.TokenAwareSecuredService
    public boolean equals(CriterionCreatorResponse<FilterDefinition> criterionCreatorResponse, CriterionCreatorResponse<FilterDefinition> criterionCreatorResponse2) {
        if (criterionCreatorResponse.isAllowAll()) {
            return criterionCreatorResponse2.isAllowAll();
        }
        if (criterionCreatorResponse2.isAllowAll()) {
            return false;
        }
        return SecurityCriterionComparatorHelper.equals(criterionCreatorResponse.getSecurityCriterion(), criterionCreatorResponse2.getSecurityCriterion());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pl.edu.icm.yadda.aas.proxy.token.TokenAwareSecuredService
    public String generateExternalToken(String str) {
        return System.currentTimeMillis() + "-" + this.rand.nextInt(100);
    }

    @Override // pl.edu.icm.yadda.service2.IYaddaService
    public GetFeaturesResponse getFeatures(GetFeaturesRequest getFeaturesRequest) {
        GetFeaturesResponse features = this.similarityService.getFeatures(getFeaturesRequest);
        features.getFeatures().add(SecurityConstants.FEATURE_REQUIRES_AUTHORIZATION);
        return features;
    }

    @Override // pl.edu.icm.yadda.service2.IYaddaService
    public GetVersionResponse getVersionResponse(GenericRequest genericRequest) {
        return new GetVersionResponse(VersionHelper.currentAPIVersion());
    }

    @Override // pl.edu.icm.yadda.service2.filter.IFilterDefinitionAwareService
    public GenericResponse addFilterDefinition(AddFilterDefinitionRequest addFilterDefinitionRequest) {
        return this.similarityService.addFilterDefinition(addFilterDefinitionRequest);
    }

    @Override // pl.edu.icm.yadda.service2.filter.IFilterDefinitionAwareService
    public GenericResponse removeFilterDefinition(ParameterRequest<String> parameterRequest) {
        return this.similarityService.removeFilterDefinition(parameterRequest);
    }

    public void setSimilarityService(ISimilarityService iSimilarityService) {
        this.similarityService = iSimilarityService;
    }

    @Required
    public void setLicAuthzFacade(LicensingAuthorizationFacade licensingAuthorizationFacade) {
        this.licAuthzFacade = licensingAuthorizationFacade;
    }

    public void setCriterionCreatorManager(ICriterionCreatorManager<FilterDefinition> iCriterionCreatorManager) {
        this.criterionCreatorManager = iCriterionCreatorManager;
    }

    public void setSecurityRequestHandler(ISecurityRequestHandler iSecurityRequestHandler) {
        this.securityRequestHandler = iSecurityRequestHandler;
    }
}
