package com.draeger.medical.biceps.device.mdib.impl;

import com.draeger.medical.biceps.device.mdib.AuthorizationManager;
import com.draeger.medical.mdpws.message.MDPWSMessageContextMap;
import com.draeger.medical.mdpws.qos.QoSMessageContext;
import com.draeger.medical.mdpws.qos.interception.QoSPolicyToken;
import com.draeger.medical.mdpws.qos.interception.QoSPolicyTokenState;
import com.draeger.medical.mdpws.qos.signature.AuthenticationQoSPolicyToken;
import com.draeger.medical.mdpws.utils.Log;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import org.ws4d.java.structures.Iterator;

/* loaded from: input_file:com/draeger/medical/biceps/device/mdib/impl/DefaultAuthorizationManager.class */
public class DefaultAuthorizationManager implements AuthorizationManager {
    private final ArrayList<X500Principal> level2 = new ArrayList<>();
    private final ArrayList<X500Principal> level1 = new ArrayList<>();
    private final HashMap<String, Integer> malMap = new HashMap<>();

    protected int getMinialAccessLevelForOperation(String str) {
        int i = 0;
        if (this.malMap.containsKey(str)) {
            i = this.malMap.get(str).intValue();
        }
        return i;
    }

    @Override // com.draeger.medical.biceps.device.mdib.AuthorizationManager
    public void setMinimalAccessLevelForOperation(String str, int i) {
        this.malMap.put(str, Integer.valueOf(i));
    }

    protected int getMinimumAccessLevel() {
        return 0;
    }

    protected int getUnknownAccessLevel() {
        return -1;
    }

    @Override // com.draeger.medical.biceps.device.mdib.AuthorizationManager
    public boolean checkCredentialsForOperationHandle(MDPWSMessageContextMap mDPWSMessageContextMap, String str) {
        int minialAccessLevelForOperation = getMinialAccessLevelForOperation(str);
        if (minialAccessLevelForOperation <= getMinimumAccessLevel()) {
            return true;
        }
        int unknownAccessLevel = getUnknownAccessLevel();
        List<QoSPolicyToken<?, ?>> qoSTokenList = getQoSTokenList(mDPWSMessageContextMap);
        if (!qoSTokenList.isEmpty()) {
            for (QoSPolicyToken<?, ?> qoSPolicyToken : qoSTokenList) {
                if (qoSPolicyToken instanceof AuthenticationQoSPolicyToken) {
                    unknownAccessLevel = processToken(unknownAccessLevel, (AuthenticationQoSPolicyToken) qoSPolicyToken);
                }
            }
        }
        return unknownAccessLevel >= minialAccessLevelForOperation;
    }

    private int processToken(int i, AuthenticationQoSPolicyToken<?, ?> authenticationQoSPolicyToken) {
        int i2 = i;
        if (authenticationQoSPolicyToken.getTokenState().equals(QoSPolicyTokenState.VALID)) {
            for (X509Certificate x509Certificate : (List) authenticationQoSPolicyToken.getValue()) {
                Log.info("Checking certificate: " + x509Certificate.getSubjectX500Principal().toString());
                X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
                if (issuerX500Principal != null) {
                    i2 = Math.max(getAccessLevel(issuerX500Principal, x509Certificate), i2);
                }
            }
        }
        return i2;
    }

    private int getAccessLevel(X500Principal x500Principal, X509Certificate x509Certificate) {
        int i = 0;
        if (this.level2.contains(x500Principal)) {
            i = 2;
        } else if (this.level1.contains(x500Principal)) {
            i = 1;
        }
        return i;
    }

    protected List<QoSPolicyToken<?, ?>> getQoSTokenList(MDPWSMessageContextMap mDPWSMessageContextMap) {
        ArrayList arrayList = new ArrayList();
        if (mDPWSMessageContextMap != null) {
            Iterator qoSPolicyToken = ((QoSMessageContext) mDPWSMessageContextMap.get(QoSMessageContext.class)).getQoSPolicyToken();
            while (qoSPolicyToken.hasNext()) {
                arrayList.add((QoSPolicyToken) qoSPolicyToken.next());
            }
        }
        return arrayList;
    }
}
