package org.apache.nifi.registry.security.authorization.util;

import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.registry.security.authorization.AuthorizerConfigurationContext;
import org.apache.nifi.registry.security.authorization.Group;
import org.apache.nifi.registry.security.authorization.UserGroupProvider;
import org.apache.nifi.registry.security.exception.SecurityProviderCreationException;
import org.apache.nifi.registry.security.identity.IdentityMapper;
import org.apache.nifi.registry.util.PropertyValue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/nifi-registry-framework-1.15.0.jar:org/apache/nifi/registry/security/authorization/util/AccessPolicyProviderUtils.class */
public final class AccessPolicyProviderUtils {
    public static final String PROP_NIFI_IDENTITY_PREFIX = "NiFi Identity ";
    public static final String PROP_INITIAL_ADMIN_IDENTITY = "Initial Admin Identity";
    public static final String PROP_NIFI_GROUP_NAME = "NiFi Group Name";
    private static final Logger LOGGER = LoggerFactory.getLogger(AccessPolicyProviderUtils.class);
    public static final Pattern NIFI_IDENTITY_PATTERN = Pattern.compile("NiFi Identity \\S+");

    public static String getInitialAdminIdentity(AuthorizerConfigurationContext authorizerConfigurationContext, IdentityMapper identityMapper) {
        PropertyValue property = authorizerConfigurationContext.getProperty(PROP_INITIAL_ADMIN_IDENTITY);
        if (property.isSet()) {
            return identityMapper.mapUser(property.getValue());
        }
        return null;
    }

    public static Set<String> getNiFiIdentities(AuthorizerConfigurationContext authorizerConfigurationContext, IdentityMapper identityMapper) {
        HashSet hashSet = new HashSet();
        for (Map.Entry entry : authorizerConfigurationContext.getProperties().entrySet()) {
            if (NIFI_IDENTITY_PATTERN.matcher((CharSequence) entry.getKey()).matches() && !StringUtils.isBlank((CharSequence) entry.getValue())) {
                hashSet.add(identityMapper.mapUser((String) entry.getValue()));
            }
        }
        return hashSet;
    }

    public static String getNiFiGroupName(AuthorizerConfigurationContext authorizerConfigurationContext, IdentityMapper identityMapper) {
        PropertyValue property = authorizerConfigurationContext.getProperty(PROP_NIFI_GROUP_NAME);
        String value = (property == null || !property.isSet()) ? null : property.getValue();
        if (!StringUtils.isBlank(value)) {
            return identityMapper.mapGroup(value);
        }
        LOGGER.debug("NiFi Group Name was not specified");
        return null;
    }

    public static Group getGroup(String str, UserGroupProvider userGroupProvider) {
        Set groups = userGroupProvider.getGroups();
        LOGGER.trace("All groups: {}", groups);
        Group group = (Group) groups.stream().filter(group2 -> {
            return group2.getName().equals(str);
        }).findFirst().orElseThrow(() -> {
            return new SecurityProviderCreationException(String.format("Group '%s' could not be found", str));
        });
        LOGGER.debug("Group identifier is: {}", group);
        return group;
    }

    private AccessPolicyProviderUtils() {
    }
}
