package io.moquette.broker;

import io.moquette.broker.security.IAuthorizatorPolicy;
import io.moquette.broker.subscriptions.Topic;
import io.netty.handler.codec.mqtt.MqttQoS;
import io.netty.handler.codec.mqtt.MqttSubscribeMessage;
import io.netty.handler.codec.mqtt.MqttTopicSubscription;
import java.util.ArrayList;
import java.util.List;
import java.util.function.Function;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/moquette/broker/Authorizator.class */
final class Authorizator {
    private static final Logger LOG = LoggerFactory.getLogger(Authorizator.class);
    private final IAuthorizatorPolicy policy;

    /* JADX INFO: Access modifiers changed from: package-private */
    public Authorizator(IAuthorizatorPolicy iAuthorizatorPolicy) {
        this.policy = iAuthorizatorPolicy;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<MqttTopicSubscription> verifyAlsoSharedTopicsReadAccess(String str, String str2, MqttSubscribeMessage mqttSubscribeMessage) {
        return verifyTopicsReadAccessWithTopicExtractor(str, str2, mqttSubscribeMessage, Authorizator::extractShareTopic);
    }

    private static Topic extractShareTopic(String str) {
        return SharedSubscriptionUtils.isSharedSubscription(str) ? Topic.asTopic(SharedSubscriptionUtils.extractFilterFromShared(str)) : Topic.asTopic(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<MqttTopicSubscription> verifyTopicsReadAccess(String str, String str2, MqttSubscribeMessage mqttSubscribeMessage) {
        return verifyTopicsReadAccessWithTopicExtractor(str, str2, mqttSubscribeMessage, Topic::asTopic);
    }

    private List<MqttTopicSubscription> verifyTopicsReadAccessWithTopicExtractor(String str, String str2, MqttSubscribeMessage mqttSubscribeMessage, Function<String, Topic> function) {
        ArrayList arrayList = new ArrayList();
        int messageId = Utils.messageId(mqttSubscribeMessage);
        for (MqttTopicSubscription mqttTopicSubscription : mqttSubscribeMessage.payload().topicSubscriptions()) {
            arrayList.add(new MqttTopicSubscription(mqttTopicSubscription.topicName(), PostOffice.optionWithQos(getQoSCheckingAlsoPermissionsOnTopic(str, str2, messageId, function.apply(mqttTopicSubscription.topicName()), mqttTopicSubscription.qualityOfService()), mqttTopicSubscription.option())));
        }
        return arrayList;
    }

    private MqttQoS getQoSCheckingAlsoPermissionsOnTopic(String str, String str2, int i, Topic topic, MqttQoS mqttQoS) {
        if (!this.policy.canRead(topic, str2, str)) {
            LOG.warn("Client does not have read permissions on the topic username: {}, messageId: {}, topic: {}", new Object[]{str2, Integer.valueOf(i), topic});
            return MqttQoS.FAILURE;
        }
        if (topic.isValid()) {
            LOG.debug("Client will be subscribed to the topic username: {}, messageId: {}, topic: {}", new Object[]{str2, Integer.valueOf(i), topic});
            return mqttQoS;
        }
        LOG.warn("Topic filter is not valid username: {}, messageId: {}, topic: {}", new Object[]{str2, Integer.valueOf(i), topic});
        return MqttQoS.FAILURE;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean canWrite(Topic topic, String str, String str2) {
        return this.policy.canWrite(topic, str, str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean canRead(Topic topic, String str, String str2) {
        return this.policy.canRead(topic, str, str2);
    }
}
