package de.iip_ecosphere.platform.support.aas;

import de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor;
import de.iip_ecosphere.platform.support.identities.IdentityStore;
import de.iip_ecosphere.platform.support.identities.IdentityToken;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:BOOT-INF/lib/support.aas-0.7.1-SNAPSHOT.jar:de/iip_ecosphere/platform/support/aas/IdentityStoreAuthenticationDescriptor.class */
public class IdentityStoreAuthenticationDescriptor implements AuthenticationDescriptor {
    public static final String DEFAULT_ID = "aas";
    private String clientId;
    private List<AuthenticationDescriptor.RbacRule> rbacRules;

    public IdentityStoreAuthenticationDescriptor() {
        this("aas");
    }

    public IdentityStoreAuthenticationDescriptor(String str) {
        this.clientId = str;
    }

    @Override // de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor
    public IdentityToken getClientToken() {
        return IdentityStore.getInstance().getToken(this.clientId, new String[0]);
    }

    @Override // de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor
    public List<AuthenticationDescriptor.IdentityTokenWithRole> getServerUsers() {
        ArrayList arrayList = new ArrayList();
        IdentityStore identityStore = IdentityStore.getInstance();
        for (AuthenticationDescriptor.DefaultRole defaultRole : AuthenticationDescriptor.DefaultRole.values()) {
            Iterator<IdentityToken> it = identityStore.enumerateTokens(this.clientId + "-" + defaultRole.name() + "-").iterator();
            while (it.hasNext()) {
                arrayList.add(new AuthenticationDescriptor.IdentityTokenWithRole(it.next(), defaultRole));
            }
        }
        return arrayList;
    }

    @Override // de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor
    public void addAccessRule(AuthenticationDescriptor.RbacRule rbacRule) {
        if (null != rbacRule) {
            enableRbac();
            this.rbacRules.add(rbacRule);
        }
    }

    @Override // de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor
    public List<AuthenticationDescriptor.RbacRule> getAccessRules() {
        if (null == this.rbacRules) {
            return null;
        }
        return Collections.unmodifiableList(this.rbacRules);
    }

    @Override // de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor
    public void enableRbac() {
        if (null == this.rbacRules) {
            this.rbacRules = new ArrayList();
        }
    }

    @Override // de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor
    public AuthenticationDescriptor.OAuth2Setup getOAuth2Setup() {
        return null;
    }
}
