package org.apache.karaf.shell.security.impl;

import java.io.IOException;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import org.jledit.AbstractConsoleEditor;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.ServiceReference;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.cm.ConfigurationEvent;
import org.osgi.service.cm.ConfigurationListener;
import org.osgi.service.packageadmin.PackageAdmin;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformer.class */
public class SecuredCommandConfigTransformer implements ConfigurationListener {
    static final String PROXY_COMMAND_ACL_PID_PREFIX = "org.apache.karaf.command.acl.";
    static final String PROXY_SERVICE_ACL_PID_PREFIX = "org.apache.karaf.service.acl.command.";
    private static final Logger LOGGER = LoggerFactory.getLogger(SecuredCommandConfigTransformer.class);
    private static final String CONFIGURATION_FILTER = "(service.pid=org.apache.karaf.command.acl.*)";
    private static final String ACL_SCOPE_BUNDLE_MAP = "org.apache.karaf.command.acl.scope_bundle";
    private ConfigurationAdmin configAdmin;

    public void setConfigAdmin(ConfigurationAdmin configurationAdmin) {
        this.configAdmin = configurationAdmin;
    }

    public void init() throws Exception {
        Configuration[] listConfigurations = this.configAdmin.listConfigurations(CONFIGURATION_FILTER);
        if (listConfigurations == null) {
            return;
        }
        for (Configuration configuration : listConfigurations) {
            generateServiceGuardConfig(configuration);
        }
    }

    void generateServiceGuardConfig(Configuration configuration) throws IOException {
        Dictionary dictionary;
        if (configuration.getPid().startsWith(PROXY_COMMAND_ACL_PID_PREFIX)) {
            String substring = configuration.getPid().substring(PROXY_COMMAND_ACL_PID_PREFIX.length());
            if (substring.indexOf(46) >= 0) {
                return;
            }
            String trim = substring.trim();
            HashMap hashMap = new HashMap();
            Enumeration keys = configuration.getProperties().keys();
            while (keys.hasMoreElements()) {
                String str = (String) keys.nextElement();
                String str2 = str;
                String str3 = "";
                int indexOf = str2.indexOf(91);
                if (indexOf >= 0) {
                    str3 = convertArgs(str2.substring(indexOf));
                    str2 = str2.substring(0, indexOf);
                }
                if (str2.indexOf(46) < 0) {
                    String trim2 = str2.trim();
                    String str4 = PROXY_SERVICE_ACL_PID_PREFIX + trim + "." + trim2;
                    if (hashMap.containsKey(str4)) {
                        dictionary = (Dictionary) hashMap.get(str4);
                    } else {
                        dictionary = new Hashtable();
                        dictionary.put("service.guard", "(&(osgi.command.scope=" + trim + ")(osgi.command.function=" + trim2 + "))");
                        hashMap.put(str4, dictionary);
                    }
                    Object obj = configuration.getProperties().get(str);
                    dictionary.put("execute" + str3, obj);
                    dictionary.put(str, obj);
                    dictionary.put(AbstractConsoleEditor.DIRTY_SIGN, AbstractConsoleEditor.DIRTY_SIGN);
                }
            }
            LOGGER.info("Generating command ACL config {} into service ACL configs {}", configuration.getPid(), hashMap.keySet());
            for (Map.Entry entry : hashMap.entrySet()) {
                this.configAdmin.getConfiguration((String) entry.getKey()).update((Dictionary) entry.getValue());
            }
        }
    }

    private String convertArgs(String str) {
        if (!str.startsWith("[/")) {
            throw new IllegalStateException("Badly formatted argument match: " + str + " Should start with '[/'");
        }
        if (!str.endsWith("/]")) {
            throw new IllegalStateException("Badly formatted argument match: " + str + " Should end with '/]'");
        }
        return "[/.*/," + str.substring(1);
    }

    void deleteServiceGuardConfig(String str, String str2) throws IOException, InvalidSyntaxException {
        Configuration[] listConfigurations;
        if (str2.contains(".") || (listConfigurations = this.configAdmin.listConfigurations("(service.pid=org.apache.karaf.service.acl.command." + str2 + ".*)")) == null) {
            return;
        }
        LOGGER.info("Config ACL deleted: {}. Deleting generated service ACL configs {}", str, listConfigurations);
        for (Configuration configuration : listConfigurations) {
            configuration.delete();
        }
    }

    public void configurationEvent(ConfigurationEvent configurationEvent) {
        if (configurationEvent.getPid().startsWith(PROXY_COMMAND_ACL_PID_PREFIX)) {
            try {
                switch (configurationEvent.getType()) {
                    case 1:
                        generateServiceGuardConfig(this.configAdmin.getConfiguration(configurationEvent.getPid()));
                        refreshTheAffectedShellCommandBundle(configurationEvent, this.configAdmin.getConfiguration(configurationEvent.getPid()));
                        break;
                    case 2:
                        deleteServiceGuardConfig(configurationEvent.getPid(), configurationEvent.getPid().substring(PROXY_COMMAND_ACL_PID_PREFIX.length()));
                        break;
                }
            } catch (Exception e) {
                LOGGER.error("Problem processing Configuration Event {}", configurationEvent, e);
            }
        }
    }

    private void refreshTheAffectedShellCommandBundle(ConfigurationEvent configurationEvent, Configuration configuration) {
        if (configuration.getPid().startsWith(PROXY_COMMAND_ACL_PID_PREFIX)) {
            String str = "";
            String substring = configuration.getPid().substring(PROXY_COMMAND_ACL_PID_PREFIX.length());
            if (substring.indexOf(46) >= 0) {
                return;
            }
            String trim = substring.trim();
            Iterator<Map.Entry<String, String>> it = loadScopeBundleMaps().entrySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Map.Entry<String, String> next = it.next();
                if (next.getKey().equals(trim)) {
                    str = "(osgi.blueprint.container.symbolicname=" + next.getValue() + ")";
                    break;
                }
            }
            if (str.length() == 0) {
                return;
            }
            BundleContext bundleContext = configurationEvent.getReference().getBundle().getBundleContext();
            try {
                ServiceReference[] serviceReferences = bundleContext.getServiceReferences("org.osgi.service.blueprint.container.BlueprintContainer", str);
                if (serviceReferences == null) {
                    LOGGER.error("can't find the command bundle for scope " + trim);
                    return;
                }
                LOGGER.debug("the refreshed bundle is " + serviceReferences[0].getBundle().getSymbolicName());
                ServiceReference serviceReference = bundleContext.getServiceReference(PackageAdmin.class.getName());
                if (serviceReference == null) {
                    LOGGER.error("PackageAdmin service is unavailable.");
                    return;
                }
                try {
                    PackageAdmin packageAdmin = (PackageAdmin) bundleContext.getService(serviceReference);
                    if (packageAdmin == null) {
                        LOGGER.error("PackageAdmin service is unavailable.");
                        bundleContext.ungetService(serviceReference);
                    } else {
                        packageAdmin.refreshPackages(new Bundle[]{serviceReferences[0].getBundle()});
                        bundleContext.ungetService(serviceReference);
                    }
                } catch (Throwable th) {
                    bundleContext.ungetService(serviceReference);
                    throw th;
                }
            } catch (InvalidSyntaxException e) {
                LOGGER.error("Problem refresh the affected shell command bundle", e);
            }
        }
    }

    private Map<String, String> loadScopeBundleMaps() {
        HashMap hashMap = new HashMap();
        try {
            for (Configuration configuration : this.configAdmin.listConfigurations("(service.pid=org.apache.karaf.command.acl.scope_bundle)")) {
                Enumeration keys = configuration.getProperties().keys();
                while (keys.hasMoreElements()) {
                    String str = (String) keys.nextElement();
                    hashMap.put(str, (String) configuration.getProperties().get(str));
                }
            }
        } catch (Exception e) {
            LOGGER.error("Problem load the scope bundle map", e);
        }
        return hashMap;
    }
}
