package org.forgerock.openam.rest;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import javax.inject.Inject;
import org.forgerock.json.resource.AbstractConnectionWrapper;
import org.forgerock.json.resource.Connection;
import org.forgerock.json.resource.ConnectionFactory;
import org.forgerock.json.resource.ResourceException;
import org.forgerock.openam.rest.resource.SSOTokenContext;
import org.forgerock.services.context.Context;
import org.forgerock.services.context.SecurityContext;
import org.forgerock.util.promise.Promise;
import org.forgerock.util.promise.Promises;

/* loaded from: input_file:org/forgerock/openam/rest/ElevatedConnectionFactoryWrapper.class */
public final class ElevatedConnectionFactoryWrapper implements ConnectionFactory {
    private final ConnectionFactory connectionFactory;
    private final PrivilegedAction<SSOToken> ssoTokenPrivilegedAction;
    private final SSOTokenContext.Factory ssoTokenContextFactory;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/forgerock/openam/rest/ElevatedConnectionFactoryWrapper$ElevatedConnection.class */
    public final class ElevatedConnection extends AbstractConnectionWrapper<Connection> {
        private final String authenticationId;
        private final Map<String, Object> authorisation;

        ElevatedConnection(Connection connection, SSOToken sSOToken) {
            super(connection);
            try {
                this.authenticationId = sSOToken.getPrincipal().getName();
                this.authorisation = new HashMap();
                this.authorisation.put("authLevel", Integer.valueOf(sSOToken.getAuthLevel()));
                this.authorisation.put("tokenId", sSOToken.getTokenID().toString());
            } catch (SSOException e) {
                throw new SecurityException("Unable to create security context", e);
            }
        }

        protected Context transform(Context context) {
            return ElevatedConnectionFactoryWrapper.this.ssoTokenContextFactory.create(new SecurityContext(context, this.authenticationId, this.authorisation));
        }
    }

    @Inject
    public ElevatedConnectionFactoryWrapper(ConnectionFactory connectionFactory, PrivilegedAction<SSOToken> privilegedAction, SSOTokenContext.Factory factory) {
        this.connectionFactory = connectionFactory;
        this.ssoTokenPrivilegedAction = privilegedAction;
        this.ssoTokenContextFactory = factory;
    }

    public Connection getConnection() throws ResourceException {
        return new ElevatedConnection(this.connectionFactory.getConnection(), this.ssoTokenPrivilegedAction.run());
    }

    public Promise<Connection, ResourceException> getConnectionAsync() {
        try {
            return Promises.newResultPromise(getConnection());
        } catch (ResourceException e) {
            return Promises.newExceptionPromise(e);
        }
    }

    public void close() {
        this.connectionFactory.close();
    }
}
