package at.gv.egiz.bku.accesscontroller;

import at.gv.egiz.bku.slcommands.SLCommand;
import at.gv.egiz.bku.slexceptions.SLRuntimeException;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.UnknownHostException;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/accesscontroller/RuleChecker.class */
public class RuleChecker implements AccessChecker {
    private final Logger log = LoggerFactory.getLogger(RuleChecker.class);
    protected String id;
    protected AuthenticationClass authenticationClass;
    protected String commandName;
    protected Pattern commandNamePattern;
    protected String peerId;
    protected Pattern peerIdPattern;
    protected PEER_TYPE peerType;
    protected Action action;
    protected UserAction userAction;
    protected String chainId;
    protected CommandParamChecker paramChecker;

    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/accesscontroller/RuleChecker$PEER_TYPE.class */
    public enum PEER_TYPE {
        HOST,
        IP,
        URL
    }

    public RuleChecker(String str) {
        if (str == null) {
            throw new NullPointerException("Id argument must not be null");
        }
        this.id = str;
    }

    public void setAuthenticationClass(String str) {
        if (str != null) {
            AuthenticationClass fromString = AuthenticationClass.fromString(str);
            if (fromString == null) {
                throw new SLRuntimeException("Unknown authentication class " + str);
            }
            this.authenticationClass = fromString;
        }
    }

    public void setAction(String str) {
        if (str != null) {
            Action fromString = Action.fromString(str);
            if (fromString == null) {
                throw new SLRuntimeException("Unknown action " + str);
            }
            this.action = fromString;
        }
    }

    public void setUserAction(String str) {
        if (str != null) {
            UserAction fromString = UserAction.fromString(str);
            if (fromString == null) {
                throw new SLRuntimeException("Unknown user action " + str);
            }
            this.userAction = fromString;
        }
    }

    public void setChainId(String str) {
        this.chainId = str;
    }

    public void setPeerId(String str, PEER_TYPE peer_type) {
        this.peerType = peer_type;
        this.peerId = str;
        this.peerIdPattern = Pattern.compile(str);
    }

    public void setCommandName(String str) {
        this.commandName = str;
        this.commandNamePattern = Pattern.compile(str);
        this.paramChecker = AccessControllerFactory.getInstance().createParamChecker(str);
    }

    public void addParameter(String str, String str2) {
        if (this.paramChecker == null) {
            throw new IllegalArgumentException("Cannot set parameters for command " + this.commandName);
        }
        this.paramChecker.addParameter(str, str2);
    }

    public String getId() {
        return this.id;
    }

    protected boolean matchAuthenticationClass(AuthenticationClass authenticationClass) {
        return this.authenticationClass == null || authenticationClass == null || this.authenticationClass.compareTo(authenticationClass) <= 0;
    }

    protected boolean matchCommandName(SLCommand sLCommand) {
        if (this.commandName == null || sLCommand == null) {
            return true;
        }
        if (!this.commandNamePattern.matcher(sLCommand.getName()).matches()) {
            return false;
        }
        if (this.paramChecker != null) {
            return this.paramChecker.checkParameter(sLCommand);
        }
        return true;
    }

    protected boolean matchPeerId(String str) {
        if (this.peerId == null || str == null) {
            return true;
        }
        if (this.peerType == PEER_TYPE.URL) {
            return this.peerIdPattern.matcher(str).matches();
        }
        try {
            URL url = new URL(str);
            if (this.peerType == PEER_TYPE.HOST) {
                try {
                    return this.peerIdPattern.matcher(InetAddress.getByName(url.getHost()).getCanonicalHostName()).matches();
                } catch (UnknownHostException e) {
                    this.log.error("Cannot resolve hostname.", (Throwable) e);
                    return false;
                }
            }
            try {
                return this.peerIdPattern.matcher(InetAddress.getByName(url.getHost()).getHostAddress()).matches();
            } catch (UnknownHostException e2) {
                this.log.error("Cannot resolve host address.", (Throwable) e2);
                return false;
            }
        } catch (MalformedURLException e3) {
            this.log.error("Cannot parse url.", (Throwable) e3);
            return false;
        }
        this.log.error("Cannot parse url.", (Throwable) e3);
        return false;
    }

    @Override // at.gv.egiz.bku.accesscontroller.AccessChecker
    public RuleResult check(AccessCheckerContext accessCheckerContext) {
        this.log.debug("Processing rule: {}.", this.id);
        if (matchAuthenticationClass(accessCheckerContext.getAuthenticationClass()) && matchCommandName(accessCheckerContext.getCommand()) && matchPeerId(accessCheckerContext.getPeerUrl())) {
            this.log.debug("Match found for rule: {}.", this.id);
            return new RuleResult(this.action, this.userAction, true, this.chainId);
        }
        this.log.debug("No match found for rule: {}", this.id);
        return new RuleResult(this.action, this.userAction, false, this.chainId);
    }

    public String getChainId() {
        return this.chainId;
    }
}
