package com.sap.cloud.sdk.service.prov.api.security;

import com.google.gson.JsonObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sap/cloud/sdk/service/prov/api/security/AuthorizationService.class */
public final class AuthorizationService {
    private static final String BASE_AUTH_CLASS = "com.sap.cloud.sdk.service.prov.rt.security.SpringSecurityImpl";
    private static final String USER_INFO_CLASS = "com.sap.xs2.security.container.UserInfo";
    static final Logger logger = LoggerFactory.getLogger(AuthorizationService.class);
    private static final Logger log = LoggerFactory.getLogger(AuthorizationService.class);
    private static final InheritableThreadLocal<AuthJWTToken> jwtTokenStore = new InheritableThreadLocal<>();
    private static final InheritableThreadLocal<Authorization> authorizationFactory = new InheritableThreadLocal<>();
    private static final InheritableThreadLocal<Object> userInfoStore = new InheritableThreadLocal<>();
    private static boolean isContainerSecurityEnabled = true;

    private AuthorizationService() {
    }

    public static Authorization getAuthorization() {
        Authorization authorization = authorizationFactory.get();
        if (null == authorization) {
            log.debug("Authorization object is not available. Creating a new one.");
            if (isContainerSecurityEnabled) {
                log.info("Enabling container security.");
                authorization = getContainerAuthObject();
            } else {
                log.info("Enabling Spring Security as container security is disbled.");
                authorization = getSpringAuthObject(BASE_AUTH_CLASS);
            }
            if (null != authorization) {
                authorizationFactory.set(authorization);
            } else {
                log.error("Unable to instantiate Authorization object.");
            }
        }
        return authorization;
    }

    private static Authorization getSpringAuthObject(String str) {
        BackwardCompatibility backwardCompatibility;
        try {
            backwardCompatibility = new BackwardCompatibility((Authorization) Class.forName(str).newInstance());
        } catch (Exception e) {
            log.error(String.format("Error while creating an Authorization object: %s", e.getMessage()), e);
            backwardCompatibility = null;
        }
        return backwardCompatibility;
    }

    private static Authorization getContainerAuthObject() {
        BackwardCompatibility backwardCompatibility;
        try {
            backwardCompatibility = new BackwardCompatibility(new ContainerSecurityImpl());
        } catch (Exception e) {
            log.error(String.format("Error while creating an Authorization object: %s", e.getMessage()), e);
            backwardCompatibility = null;
        }
        return backwardCompatibility;
    }

    public static boolean isAuthenticatedUser(String str) {
        log.debug("Authorization check on service {}.", str);
        Authorization authorization = getAuthorization();
        if (null != authorization) {
            return authorization.isAuthenticatedUser(str);
        }
        return false;
    }

    public static boolean isRegisteredUser(String str) {
        log.debug("Registerd user check on service {}.", str);
        Authorization authorization = getAuthorization();
        if (null != authorization) {
            return authorization.isRegisteredUser(str);
        }
        return false;
    }

    public static boolean hasEntityAccess(String str, String str2) {
        log.debug("Access control check on entity {} for the operation {}.", str, str2);
        Authorization authorization = getAuthorization();
        if (null != authorization) {
            return authorization.hasEntityAccess(str, str2);
        }
        return false;
    }

    public static String getWhereCondition() {
        log.debug("Getting where condition to restrict query.");
        Authorization authorization = getAuthorization();
        return null != authorization ? authorization.getWhereCondition() : ExpressionExecutorUtil.EMPTY;
    }

    public static void setWhereCondition(String str) {
        log.debug("Setting where condition to restrict query {}", str);
        Authorization authorization = getAuthorization();
        if (null != authorization) {
            authorization.setWhereCondition(str);
        }
    }

    public static String getUserName() {
        log.debug("Getting where condition to restrict query.");
        Authorization authorization = getAuthorization();
        return null != authorization ? authorization.getUserName() : ExpressionExecutorUtil.EMPTY;
    }

    public static String getUserId() {
        log.debug("Getting current user's id.");
        Authorization authorization = getAuthorization();
        if (null != authorization) {
            return authorization.getUserId();
        }
        return null;
    }

    public static boolean hasUserRole(String str) {
        log.debug("Checking current user's role has {}", str);
        Authorization authorization = getAuthorization();
        if (null != authorization) {
            return authorization.hasUserRole(str);
        }
        return false;
    }

    public static String getUserAttribute(String str) {
        log.debug("Getting current user's attribute {}", str);
        Authorization authorization = getAuthorization();
        if (null != authorization) {
            return authorization.getUserAttribute(str);
        }
        return null;
    }

    public static boolean isContainerSecurityEnabled() {
        return isContainerSecurityEnabled;
    }

    public static void setContainerSecurityEnabled(boolean z) {
        isContainerSecurityEnabled = z;
    }

    @Deprecated
    public static boolean isContainerSecurityEnable() {
        return isContainerSecurityEnabled;
    }

    @Deprecated
    public static void setContainerSecurityEnable(boolean z) {
        isContainerSecurityEnabled = z;
    }

    public static AuthJWTToken getJWTToken() {
        return jwtTokenStore.get();
    }

    public static void setJWTToken(String str) {
        jwtTokenStore.set(new AuthJWTToken(str));
    }

    public static void setJWTToken(String str, JsonObject jsonObject) {
        jwtTokenStore.set(new AuthJWTToken(str, jsonObject));
    }

    public static Object getUserInfo() {
        return userInfoStore.get();
    }

    public static void setUserInfo(Object obj) throws IllegalArgumentException {
        try {
            if (Class.forName(USER_INFO_CLASS).isInstance(obj)) {
                userInfoStore.set(obj);
            }
        } catch (ClassNotFoundException e) {
            logger.error("setUserInfo expects instance of com.sap.xs2.security.container.UserInfo class", e);
            throw new IllegalArgumentException("setUserInfo expects instance of com.sap.xs2.security.container.UserInfo class");
        }
    }

    public static void purgeCurrentAuthorization() {
        if (null != authorizationFactory.get()) {
            log.debug("Destroying Authorization Object.");
            authorizationFactory.remove();
        }
        if (null != jwtTokenStore.get()) {
            log.debug("Destroying Authorization JWT Token.");
            jwtTokenStore.remove();
        }
        if (null != userInfoStore.get()) {
            log.debug("Destroying Authorization UserInfo Object.");
            userInfoStore.remove();
        }
    }
}
