package io.gravitee.gateway.jupiter.handlers.api.security.handler;

import io.gravitee.definition.model.Plan;
import io.gravitee.gateway.jupiter.api.context.RequestExecutionContext;
import io.gravitee.gateway.jupiter.api.policy.SecurityPolicy;
import io.gravitee.repository.management.api.SubscriptionRepository;
import io.gravitee.repository.management.api.search.SubscriptionCriteria;
import io.gravitee.repository.management.model.Subscription;
import io.reactivex.Completable;
import io.reactivex.Single;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Optional;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/gravitee/gateway/jupiter/handlers/api/security/handler/SecurityPlan.class */
public class SecurityPlan {
    protected static final String CONTEXT_ATTRIBUTE_CLIENT_ID = "oauth.client_id";
    private final Plan plan;
    private final SecurityPolicy policy;
    private final String selectionRule;
    private static final Logger log = LoggerFactory.getLogger(SecurityPlan.class);
    protected static final Single<Boolean> TRUE = Single.just(true);
    protected static final Single<Boolean> FALSE = Single.just(false);

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityPlan(@Nonnull Plan plan, @Nonnull SecurityPolicy securityPolicy) {
        this.plan = plan;
        this.policy = securityPolicy;
        this.selectionRule = getSelectionRule(plan.getSelectionRule());
    }

    public Single<Boolean> canExecute(RequestExecutionContext requestExecutionContext) {
        return this.policy.support(requestExecutionContext).flatMap(bool -> {
            return bool.booleanValue() ? matchSelectionRule(requestExecutionContext) : FALSE;
        });
    }

    public Completable execute(RequestExecutionContext requestExecutionContext) {
        return this.policy.onRequest(requestExecutionContext).andThen(validateSubscription(requestExecutionContext)).doOnSubscribe(disposable -> {
            requestExecutionContext.setAttribute("gravitee.attribute.plan", this.plan.getId());
        });
    }

    public int order() {
        return this.policy.order();
    }

    private String getSelectionRule(String str) {
        if (str == null) {
            return null;
        }
        return str.startsWith("#") ? "{" + str + "}" : str;
    }

    private Single<Boolean> matchSelectionRule(RequestExecutionContext requestExecutionContext) {
        return (this.selectionRule == null || this.selectionRule.isEmpty()) ? TRUE : Single.just((Boolean) requestExecutionContext.getTemplateEngine().getValue(this.selectionRule, Boolean.class));
    }

    private Completable validateSubscription(RequestExecutionContext requestExecutionContext) {
        return !this.policy.requireSubscription() ? Completable.complete() : Completable.defer(() -> {
            try {
                SubscriptionRepository subscriptionRepository = (SubscriptionRepository) requestExecutionContext.getComponent(SubscriptionRepository.class);
                String str = (String) requestExecutionContext.getAttribute("gravitee.attribute.api");
                List search = subscriptionRepository.search(new SubscriptionCriteria.Builder().apis(Collections.singleton(str)).clientId((String) requestExecutionContext.getAttribute(CONTEXT_ATTRIBUTE_CLIENT_ID)).status(Subscription.Status.ACCEPTED).build());
                if (search != null && !search.isEmpty()) {
                    Date date = new Date(requestExecutionContext.request().timestamp());
                    Optional findFirst = search.stream().filter(subscription -> {
                        return subscription.getPlan().equals(this.plan.getId());
                    }).filter(subscription2 -> {
                        return subscription2.getEndingAt() == null || subscription2.getEndingAt().after(date);
                    }).findFirst();
                    if (findFirst.isPresent()) {
                        Subscription subscription3 = (Subscription) findFirst.get();
                        requestExecutionContext.setAttribute("gravitee.attribute.application", subscription3.getApplication());
                        requestExecutionContext.setAttribute("gravitee.attribute.user-id", subscription3.getId());
                        return Completable.complete();
                    }
                }
                return this.policy.onInvalidSubscription(requestExecutionContext);
            } catch (Throwable th) {
                log.warn("An error occurred during subscription validation", th);
                return this.policy.onInvalidSubscription(requestExecutionContext);
            }
        });
    }
}
