package org.apache.karaf.shell.security.impl;

import java.security.AccessController;
import java.util.ArrayList;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.felix.gogo.api.CommandSessionListener;
import org.apache.felix.gogo.runtime.CommandProcessorImpl;
import org.apache.felix.gogo.runtime.CommandProxy;
import org.apache.felix.gogo.runtime.activator.Activator;
import org.apache.felix.service.command.CommandProcessor;
import org.apache.felix.service.command.Converter;
import org.apache.felix.service.threadio.ThreadIO;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.shell.util.ShellUtil;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Constants;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.ServiceReference;
import org.osgi.util.tracker.ServiceTracker;
import shaded.org.codehaus.plexus.util.LineOrientedInterpolatingReader;

@Deprecated
/* loaded from: input_file:WEB-INF/karaf/system/org/apache/karaf/shell/org.apache.karaf.shell.console/4.0.2.redhat-621079/org.apache.karaf.shell.console-4.0.2.redhat-621079.jar:org/apache/karaf/shell/security/impl/SecuredCommandProcessorImpl.class */
public class SecuredCommandProcessorImpl extends CommandProcessorImpl {
    private final BundleContext bundleContext;
    private final ServiceReference<ThreadIO> threadIOServiceReference;
    private final ServiceTracker<Object, Object> commandTracker;
    private final ServiceTracker<Converter, Converter> converterTracker;
    private final ServiceTracker<CommandSessionListener, CommandSessionListener> listenerTracker;

    public SecuredCommandProcessorImpl(BundleContext bundleContext) {
        this(bundleContext, bundleContext.getServiceReference(ThreadIO.class));
    }

    private SecuredCommandProcessorImpl(BundleContext bundleContext, ServiceReference<ThreadIO> serviceReference) {
        super((ThreadIO) bundleContext.getService(serviceReference));
        this.bundleContext = bundleContext;
        this.threadIOServiceReference = serviceReference;
        Subject subject = Subject.getSubject(AccessController.getContext());
        if (subject == null) {
            throw new SecurityException("No current Subject in the Access Control Context");
        }
        Set<RolePrincipal> principals = subject.getPrincipals(RolePrincipal.class);
        if (principals.size() == 0) {
            throw new SecurityException("Current user " + ShellUtil.getCurrentUserName() + " has no associated roles.");
        }
        StringBuilder sb = new StringBuilder();
        sb.append("(|");
        for (RolePrincipal rolePrincipal : principals) {
            sb.append('(');
            sb.append("org.apache.karaf.service.guard.roles");
            sb.append('=');
            sb.append(escapeforFilterString(rolePrincipal.getName()));
            sb.append(')');
        }
        sb.append("(!(org.apache.karaf.service.guard.roles=*))");
        sb.append(')');
        String sb2 = sb.toString();
        addConstant(Activator.CONTEXT, bundleContext);
        addCommand(Constants.FRAMEWORK_SECURITY_OSGI, this, "addCommand");
        addCommand(Constants.FRAMEWORK_SECURITY_OSGI, this, "removeCommand");
        addCommand(Constants.FRAMEWORK_SECURITY_OSGI, this, org.apache.xalan.templates.Constants.ELEMNAME_EVAL_STRING);
        try {
            this.commandTracker = trackCommands(bundleContext, sb2);
            this.commandTracker.open();
            this.converterTracker = trackConverters(bundleContext);
            this.converterTracker.open();
            this.listenerTracker = trackListeners(bundleContext);
            this.listenerTracker.open();
        } catch (InvalidSyntaxException e) {
            throw new RuntimeException(e);
        }
    }

    public void close() {
        this.commandTracker.close();
        this.converterTracker.close();
        this.listenerTracker.close();
        this.bundleContext.ungetService(this.threadIOServiceReference);
    }

    private ServiceTracker<Object, Object> trackCommands(BundleContext bundleContext, String str) throws InvalidSyntaxException {
        return new ServiceTracker<Object, Object>(bundleContext, bundleContext.createFilter(String.format("(&(%s=*)(%s=*)%s)", CommandProcessor.COMMAND_SCOPE, CommandProcessor.COMMAND_FUNCTION, str)), null) { // from class: org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.1
            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public Object addingService(ServiceReference<Object> serviceReference) {
                Object property = serviceReference.getProperty(CommandProcessor.COMMAND_SCOPE);
                Object property2 = serviceReference.getProperty(CommandProcessor.COMMAND_FUNCTION);
                ArrayList arrayList = new ArrayList();
                if (property == null || property2 == null) {
                    return null;
                }
                if (property2.getClass().isArray()) {
                    for (Object obj : (Object[]) property2) {
                        CommandProxy commandProxy = new CommandProxy(this.context, serviceReference, obj.toString());
                        SecuredCommandProcessorImpl.this.addCommand(property.toString(), commandProxy, obj.toString());
                        arrayList.add(commandProxy);
                    }
                } else {
                    CommandProxy commandProxy2 = new CommandProxy(this.context, serviceReference, property2.toString());
                    SecuredCommandProcessorImpl.this.addCommand(property.toString(), commandProxy2, property2.toString());
                    arrayList.add(commandProxy2);
                }
                return arrayList;
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public void removedService(ServiceReference<Object> serviceReference, Object obj) {
                Object property = serviceReference.getProperty(CommandProcessor.COMMAND_SCOPE);
                Object property2 = serviceReference.getProperty(CommandProcessor.COMMAND_FUNCTION);
                if (property != null && property2 != null) {
                    if (property2.getClass().isArray()) {
                        for (Object obj2 : (Object[]) property2) {
                            SecuredCommandProcessorImpl.this.removeCommand(property.toString(), obj2.toString());
                        }
                    } else {
                        SecuredCommandProcessorImpl.this.removeCommand(property.toString(), property2.toString());
                    }
                }
                super.removedService(serviceReference, obj);
            }
        };
    }

    private ServiceTracker<Converter, Converter> trackConverters(BundleContext bundleContext) {
        return new ServiceTracker<Converter, Converter>(bundleContext, Converter.class.getName(), null) { // from class: org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.2
            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public Converter addingService(ServiceReference<Converter> serviceReference) {
                Converter converter = (Converter) super.addingService((ServiceReference) serviceReference);
                SecuredCommandProcessorImpl.this.addConverter(converter);
                return converter;
            }

            public void removedService(ServiceReference<Converter> serviceReference, Converter converter) {
                SecuredCommandProcessorImpl.this.removeConverter(converter);
                super.removedService(serviceReference, (ServiceReference<Converter>) converter);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ void removedService(ServiceReference serviceReference, Object obj) {
                removedService((ServiceReference<Converter>) serviceReference, (Converter) obj);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ Object addingService(ServiceReference serviceReference) {
                return addingService((ServiceReference<Converter>) serviceReference);
            }
        };
    }

    private ServiceTracker<CommandSessionListener, CommandSessionListener> trackListeners(BundleContext bundleContext) {
        return new ServiceTracker<CommandSessionListener, CommandSessionListener>(bundleContext, CommandSessionListener.class.getName(), null) { // from class: org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.3
            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public CommandSessionListener addingService(ServiceReference<CommandSessionListener> serviceReference) {
                CommandSessionListener commandSessionListener = (CommandSessionListener) super.addingService((ServiceReference) serviceReference);
                SecuredCommandProcessorImpl.this.addListener(commandSessionListener);
                return commandSessionListener;
            }

            public void removedService(ServiceReference<CommandSessionListener> serviceReference, CommandSessionListener commandSessionListener) {
                SecuredCommandProcessorImpl.this.removeListener(commandSessionListener);
                super.removedService(serviceReference, (ServiceReference<CommandSessionListener>) commandSessionListener);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ void removedService(ServiceReference serviceReference, Object obj) {
                removedService((ServiceReference<CommandSessionListener>) serviceReference, (CommandSessionListener) obj);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ Object addingService(ServiceReference serviceReference) {
                return addingService((ServiceReference<CommandSessionListener>) serviceReference);
            }
        };
    }

    private String escapeforFilterString(String str) {
        return str.replace(LineOrientedInterpolatingReader.DEFAULT_ESCAPE_SEQ, "\\\\").replace("*", "\\*").replace("(", "\\(").replace(")", "\\)");
    }
}
