package io.confluent.security.policyapi.engine;

import io.confluent.security.policyapi.ConfluentPolicy;
import io.confluent.security.policyapi.PolicyRuleLoadingCache;
import io.confluent.security.policyapi.cel.TrustPolicyCelParser;
import io.confluent.security.policyapi.exception.PolicyEngineException;
import io.confluent.shaded.org.slf4j.Logger;
import io.confluent.shaded.org.slf4j.LoggerFactory;
import java.util.Map;
import org.projectnessie.cel.Env;

/* loaded from: input_file:io/confluent/security/policyapi/engine/TrustPolicyEngine.class */
public class TrustPolicyEngine implements PolicyEngine<String> {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) TrustPolicyEngine.class);
    public static final int CHAIN_LIMIT_DEFAULT = 32;
    public static final int NESTING_LIMIT_DEFAULT = 32;
    public static final int ARRAY_LIST_LIMIT_DEFAULT = 256;
    private final PolicyRuleLoadingCache<String> cache;
    private final Env env;

    public TrustPolicyEngine() {
        this(null, null);
    }

    public TrustPolicyEngine(PolicyRuleLoadingCache<String> policyRuleLoadingCache) {
        this(null, policyRuleLoadingCache);
    }

    public TrustPolicyEngine(Env env, PolicyRuleLoadingCache<String> policyRuleLoadingCache) {
        if (env == null) {
            this.env = TrustPolicyCelParser.getTrustPolicyEnv();
        } else {
            this.env = env;
        }
        this.cache = policyRuleLoadingCache == null ? new PolicyRuleLoadingCache<>(this.env) : policyRuleLoadingCache;
    }

    @Override // io.confluent.security.policyapi.engine.PolicyEngine
    public boolean evaluatePolicy(ConfluentPolicy<String> confluentPolicy, Map<String, Object> map) throws PolicyEngineException {
        try {
            return TrustPolicyCelParser.evaluatePolicy(TrustPolicyCelParser.compilePolicy(this.env, confluentPolicy.condition()), map);
        } catch (Throwable th) {
            throw new PolicyEngineException("Could not evaluate rule for workload identity " + confluentPolicy, th);
        }
    }

    @Override // io.confluent.security.policyapi.engine.PolicyEngine
    public void validatePolicy(String str) throws PolicyEngineException {
        try {
            TrustPolicyCelParser.compilePolicy(this.env, str);
        } catch (Exception e) {
            LOGGER.error("Could not compile statements {}: {}", str, e);
            throw new PolicyEngineException(e);
        }
    }

    /* renamed from: validatePolicyEvaluation, reason: avoid collision after fix types in other method */
    public boolean validatePolicyEvaluation2(String str, Map<String, Object> map) throws PolicyEngineException {
        try {
            return TrustPolicyCelParser.evaluatePolicy(TrustPolicyCelParser.compilePolicy(this.env, str), map);
        } catch (Exception e) {
            LOGGER.error("Could not evaluate rule for expression {}: {}", str, e);
            throw new PolicyEngineException(e);
        }
    }

    @Override // io.confluent.security.policyapi.engine.PolicyEngine
    public /* bridge */ /* synthetic */ boolean validatePolicyEvaluation(String str, Map map) throws PolicyEngineException {
        return validatePolicyEvaluation2(str, (Map<String, Object>) map);
    }
}
