package com.taobao.spas.sdk.svcbase.auth;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.TypeReference;
import com.alibaba.fastjson.parser.Feature;
import com.taobao.dauth.manager.ManagerListener;
import com.taobao.dauth.manager.ManagerListenerAdapter;
import com.taobao.dauth.manager.SharedManagerListenerAdapter;
import com.taobao.spas.sdk.common.log.SpasLogCode;
import com.taobao.spas.sdk.common.log.SpasLogger;
import com.taobao.spas.sdk.svcbase.Constants;
import com.taobao.spas.sdk.svcbase.SpasSdkServiceBase;
import com.taobao.spas.sdk.svcbase.auth.entity.AuthServiceComponent;
import com.taobao.spas.sdk.svcbase.auth.entity.ResourcePattern;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;

/* loaded from: input_file:lib/spas-sdk-svcbase-1.3.0.jar:com/taobao/spas/sdk/svcbase/auth/RoleCenter.class */
public final class RoleCenter extends AuthServiceComponent {
    private static final String ROLE_KEY_RESOURCES = "resources";
    private static final String ROLE_KEY_PATTERNS = "patterns";
    private static final String ROLE_KEY_CLIENTS = "clients";
    private Map<String, Map<String, Map<String, Object>>> ownerRoleMap;
    private Map<String, Set<String>> clientOwners;
    private Object ownerLock;
    private SharedManagerListenerAdapter roleAuthListener;
    private SharedManagerListenerAdapter roleClientsListener;
    private ManagerListener roleOwnersListener;

    public RoleCenter(String str, SpasSdkServiceBase spasSdkServiceBase) {
        super(str, spasSdkServiceBase);
        this.ownerRoleMap = new ConcurrentHashMap();
        this.clientOwners = new ConcurrentHashMap();
        this.ownerLock = new Object();
        this.roleAuthListener = new SharedManagerListenerAdapter() { // from class: com.taobao.spas.sdk.svcbase.auth.RoleCenter.1
            @Override // com.taobao.dauth.manager.SharedManagerListenerAdapter
            public void innerReceive(String str2, String str3, String str4) {
                Map map;
                if (str2 == null || !str2.endsWith(Constants.ROLE_AUTHORITY_POSTFIX)) {
                    return;
                }
                String substring = str2.substring(0, str2.length() - Constants.ROLE_AUTHORITY_POSTFIX.length());
                try {
                    if (str4 == null) {
                        SpasLogger.info(RoleCenter.this.serverName, "SPAS role authority for " + substring + " is removed");
                        map = new HashMap();
                    } else {
                        map = (Map) JSON.parseObject(str4, new TypeReference<Map<String, Map<String, Set<String>>>>() { // from class: com.taobao.spas.sdk.svcbase.auth.RoleCenter.1.1
                        }, new Feature[0]);
                    }
                    RoleCenter.this.loadRoleAuthority(substring, map);
                } catch (Exception e) {
                    SpasLogger.error(SpasLogCode.SPAS0112, RoleCenter.this.serverName, "SPAS role authority for " + substring + " parse error!", e);
                }
            }
        };
        this.roleClientsListener = new SharedManagerListenerAdapter() { // from class: com.taobao.spas.sdk.svcbase.auth.RoleCenter.2
            @Override // com.taobao.dauth.manager.SharedManagerListenerAdapter
            public void innerReceive(String str2, String str3, String str4) {
                Map map;
                if (str2 == null || !str2.endsWith(Constants.ROLE_CLIENTS_POSTFIX)) {
                    return;
                }
                String substring = str2.substring(0, str2.length() - Constants.ROLE_CLIENTS_POSTFIX.length());
                try {
                    if (str4 == null) {
                        SpasLogger.info(RoleCenter.this.serverName, "SPAS role clients for " + substring + " is removed");
                        map = new HashMap();
                    } else {
                        map = (Map) JSON.parseObject(str4, new TypeReference<Map<String, Set<String>>>() { // from class: com.taobao.spas.sdk.svcbase.auth.RoleCenter.2.1
                        }, new Feature[0]);
                    }
                    RoleCenter.this.loadRoleClients(substring, map);
                } catch (Exception e) {
                    SpasLogger.error(SpasLogCode.SPAS0113, RoleCenter.this.serverName, "SPAS role clients for " + substring + " parse error!", e);
                }
            }
        };
        this.roleOwnersListener = new ManagerListenerAdapter() { // from class: com.taobao.spas.sdk.svcbase.auth.RoleCenter.3
            @Override // com.taobao.dauth.manager.ManagerListener
            public void receiveConfigInfo(String str2) {
                List parseArray;
                try {
                    if (str2 == null) {
                        SpasLogger.info(RoleCenter.this.serverName, "SPAS role owner list is removed");
                        parseArray = new ArrayList();
                    } else {
                        parseArray = JSON.parseArray(str2, String.class);
                    }
                    RoleCenter.this.loadRoleOwners(parseArray);
                } catch (Exception e) {
                    SpasLogger.error(SpasLogCode.SPAS0114, RoleCenter.this.serverName, "SPAS role owner list parse error!", e);
                }
            }
        };
    }

    @Override // com.taobao.spas.sdk.svcbase.auth.entity.AuthServiceComponent
    protected void doInit() throws Exception {
        initRoleOwners();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void loadRoleOwners(List<String> list) throws IOException {
        List arrayList;
        ArrayList arrayList2 = new ArrayList(this.ownerRoleMap.keySet());
        if (arrayList2.isEmpty()) {
            arrayList = list;
        } else {
            arrayList = new ArrayList(list);
            arrayList.removeAll(arrayList2);
            arrayList2.removeAll(list);
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                removeRoleOwner((String) it.next());
            }
        }
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            addRoleOwner((String) it2.next());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loadRoleAuthority(String str, Map<String, Map<String, Set<String>>> map) {
        Map<String, Object> value;
        synchronized (this.ownerLock) {
            Map<String, Map<String, Object>> map2 = this.ownerRoleMap.get(str);
            if (map2 == null) {
                map2 = new ConcurrentHashMap();
                this.ownerRoleMap.put(str, map2);
            }
            for (Map.Entry<String, Map<String, Object>> entry : map2.entrySet()) {
                if (!map.keySet().contains(entry.getKey()) && (value = entry.getValue()) != null) {
                    value.remove(ROLE_KEY_RESOURCES);
                    value.remove(ROLE_KEY_PATTERNS);
                }
            }
            for (Map.Entry<String, Map<String, Set<String>>> entry2 : map.entrySet()) {
                Map<String, Object> map3 = map2.get(entry2.getKey());
                if (map3 == null) {
                    map3 = new ConcurrentHashMap();
                    map2.put(entry2.getKey(), map3);
                }
                Map<String, Set<String>> value2 = entry2.getValue();
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = new HashMap();
                for (Map.Entry<String, Set<String>> entry3 : value2.entrySet()) {
                    ResourcePattern resourcePattern = new ResourcePattern(entry3.getKey());
                    if (resourcePattern.isPattern()) {
                        hashMap2.put(resourcePattern, entry3.getValue());
                    } else {
                        hashMap.put(entry3.getKey(), entry3.getValue());
                    }
                }
                if (!hashMap.isEmpty()) {
                    map3.put(ROLE_KEY_RESOURCES, hashMap);
                }
                if (!hashMap2.isEmpty()) {
                    map3.put(ROLE_KEY_PATTERNS, hashMap2);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loadRoleClients(String str, Map<String, Set<String>> map) {
        Map<String, Object> value;
        synchronized (this.ownerLock) {
            Map<String, Map<String, Object>> map2 = this.ownerRoleMap.get(str);
            if (map2 == null) {
                map2 = new ConcurrentHashMap();
                this.ownerRoleMap.put(str, map2);
            }
            for (Map.Entry<String, Map<String, Object>> entry : map2.entrySet()) {
                if (!map.keySet().contains(entry.getKey()) && (value = entry.getValue()) != null) {
                    value.remove(ROLE_KEY_CLIENTS);
                }
            }
            HashSet hashSet = new HashSet();
            for (Map.Entry<String, Set<String>> entry2 : map.entrySet()) {
                Map<String, Object> map3 = map2.get(entry2.getKey());
                if (map3 == null) {
                    map3 = new ConcurrentHashMap();
                    map2.put(entry2.getKey(), map3);
                }
                map3.put(ROLE_KEY_CLIENTS, entry2.getValue());
                if (entry2.getValue() != null) {
                    hashSet.addAll(entry2.getValue());
                }
            }
            updateClientOwners(str, hashSet);
        }
    }

    private void addRoleOwner(String str) throws IOException {
        String str2 = Constants.ROLE_OWNER_GROUP_PREFIX + this.serverName;
        String str3 = str + Constants.ROLE_AUTHORITY_POSTFIX;
        String config = this.diamond.getConfig(str3, str2, Constants.DIAMOND_TIME_OUT);
        List<ManagerListener> listeners = this.diamond.getListeners(str3, str2);
        if (listeners == null || listeners.isEmpty()) {
            this.diamond.addListeners(str3, str2, Arrays.asList(this.roleAuthListener));
            saveDataId(str3, str2);
        }
        if (config == null || config.trim().isEmpty()) {
            SpasLogger.info(this.serverName, "SPAS role authority for " + str + " is empty");
        } else {
            try {
                loadRoleAuthority(str, (Map) JSON.parseObject(config, new TypeReference<Map<String, Map<String, Set<String>>>>() { // from class: com.taobao.spas.sdk.svcbase.auth.RoleCenter.4
                }, new Feature[0]));
            } catch (Exception e) {
                SpasLogger.error(SpasLogCode.SPAS0112, this.serverName, "SPAS role authority for " + str + " parse error!", e);
            }
        }
        String str4 = str + Constants.ROLE_CLIENTS_POSTFIX;
        String config2 = this.diamond.getConfig(str4, str2, Constants.DIAMOND_TIME_OUT);
        List<ManagerListener> listeners2 = this.diamond.getListeners(str4, str2);
        if (listeners2 == null || listeners2.isEmpty()) {
            this.diamond.addListeners(str4, str2, Arrays.asList(this.roleClientsListener));
            saveDataId(str4, str2);
        }
        if (config2 == null || config2.trim().isEmpty()) {
            SpasLogger.info(this.serverName, "SPAS role clients for " + str + " is empty");
            return;
        }
        try {
            loadRoleClients(str, (Map) JSON.parseObject(config2, new TypeReference<Map<String, Set<String>>>() { // from class: com.taobao.spas.sdk.svcbase.auth.RoleCenter.5
            }, new Feature[0]));
        } catch (Exception e2) {
            SpasLogger.error(SpasLogCode.SPAS0113, this.serverName, "SPAS role clients for " + str + " parse error!", e2);
        }
    }

    private void removeRoleOwner(String str) {
        String str2 = Constants.ROLE_OWNER_GROUP_PREFIX + this.serverName;
        String str3 = str + Constants.ROLE_AUTHORITY_POSTFIX;
        List<ManagerListener> listeners = this.diamond.getListeners(str3, str2);
        if (listeners != null) {
            Iterator<ManagerListener> it = listeners.iterator();
            while (it.hasNext()) {
                this.diamond.removeListener(str3, str2, it.next());
            }
            removeDataId(str3, str2);
        }
        String str4 = str + Constants.ROLE_CLIENTS_POSTFIX;
        List<ManagerListener> listeners2 = this.diamond.getListeners(str4, str2);
        if (listeners2 != null) {
            Iterator<ManagerListener> it2 = listeners2.iterator();
            while (it2.hasNext()) {
                this.diamond.removeListener(str4, str2, it2.next());
            }
            removeDataId(str4, str2);
        }
        updateClientOwners(str, null);
        this.ownerRoleMap.remove(str);
    }

    private synchronized void updateClientOwners(String str, Set<String> set) {
        if (set == null) {
            set = new HashSet();
        }
        HashSet hashSet = new HashSet();
        for (Map.Entry<String, Set<String>> entry : this.clientOwners.entrySet()) {
            String key = entry.getKey();
            Set<String> value = entry.getValue();
            if (set.contains(key)) {
                value.add(str);
            } else if (value.remove(str) && value.isEmpty()) {
                hashSet.add(key);
            }
        }
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            this.clientOwners.remove((String) it.next());
        }
        set.removeAll(this.clientOwners.keySet());
        for (String str2 : set) {
            HashSet hashSet2 = new HashSet();
            hashSet2.add(str);
            this.clientOwners.put(str2, hashSet2);
        }
    }

    private void initRoleOwners() throws IOException {
        String str = Constants.AUTHOITY_PREFIX + this.serverName + Constants.ROLE_OWNERS_POSTFIX;
        String config = this.diamond.getConfig(str, Constants.SPAS_INFO_GROUP, Constants.DIAMOND_TIME_OUT);
        List<ManagerListener> listeners = this.diamond.getListeners(str, Constants.SPAS_INFO_GROUP);
        if (listeners == null || listeners.isEmpty()) {
            this.diamond.addListeners(str, Constants.SPAS_INFO_GROUP, Arrays.asList(this.roleOwnersListener));
            saveDataId(str, Constants.SPAS_INFO_GROUP);
        }
        if (config == null || config.trim().length() == 0) {
            SpasLogger.info(this.serverName, "SPAS role owner list is empty");
        } else {
            loadRoleOwners(JSON.parseArray(config, String.class));
        }
    }

    public boolean checkRoleAuthority(String str, String str2, List<String> list, Set<String> set) {
        Set set2;
        Set set3;
        Set set4;
        if (str == null || str.isEmpty() || str2 == null || str2.isEmpty() || list == null || list.isEmpty()) {
            return false;
        }
        if (set == null || set.isEmpty()) {
            set = this.clientOwners.get(str);
        }
        if (set == null) {
            return false;
        }
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            Map<String, Map<String, Object>> map = this.ownerRoleMap.get(it.next());
            if (map != null && !map.isEmpty()) {
                for (Map<String, Object> map2 : map.values()) {
                    if (map2 != null && !map2.isEmpty() && (set2 = (Set) map2.get(ROLE_KEY_CLIENTS)) != null && !set2.isEmpty()) {
                        Map map3 = (Map) map2.get(ROLE_KEY_RESOURCES);
                        Map map4 = (Map) map2.get(ROLE_KEY_PATTERNS);
                        if ((map3 != null && !map3.isEmpty()) || (map4 != null && !map4.isEmpty())) {
                            if (!set2.contains(str)) {
                                Set<String> groups = this.base.groupUserCenter.getGroups(str);
                                if (groups != null && !groups.isEmpty()) {
                                    HashSet hashSet = new HashSet(set2);
                                    hashSet.retainAll(groups);
                                    if (hashSet.isEmpty()) {
                                        continue;
                                    }
                                }
                            }
                            if (map3 != null && (set4 = (Set) map3.get(str2)) != null && !set4.isEmpty()) {
                                for (String str3 : list) {
                                    if (set4.contains(str3)) {
                                        return true;
                                    }
                                    if (set4.contains("*") && !set4.contains(Constants.ACT_NEG_PREFIX + str3)) {
                                        return true;
                                    }
                                }
                            }
                            if (map4 != null) {
                                for (Map.Entry entry : map4.entrySet()) {
                                    if (((ResourcePattern) entry.getKey()).match(str2) && (set3 = (Set) entry.getValue()) != null && !set3.isEmpty()) {
                                        for (String str4 : list) {
                                            if (set3.contains(str4)) {
                                                return true;
                                            }
                                            if (set3.contains("*") && !set3.contains(Constants.ACT_NEG_PREFIX + str4)) {
                                                return true;
                                            }
                                        }
                                    }
                                }
                            } else {
                                continue;
                            }
                        }
                    }
                }
            }
        }
        return false;
    }
}
