package org.jgroups.auth.sasl;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedList;
import java.util.Properties;
import java.util.Timer;
import java.util.concurrent.TimeUnit;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.RealmCallback;
import org.jgroups.logging.Log;
import org.jgroups.logging.LogFactory;
import org.jgroups.util.Util;

/* JADX WARN: Classes with same name are omitted:
  input_file:_bootstrap/guvnor-ala-distribution-7.0.0.Beta3.war:WEB-INF/lib/jgroups-3.6.8.Final.jar:org/jgroups/auth/sasl/SimpleAuthorizingCallbackHandler.class
  input_file:m2repo/org/jgroups/jgroups/3.6.10.Final/jgroups-3.6.10.Final.jar:org/jgroups/auth/sasl/SimpleAuthorizingCallbackHandler.class
 */
/* loaded from: input_file:m2repo/org/jgroups/jgroups/3.6.8.Final/jgroups-3.6.8.Final.jar:org/jgroups/auth/sasl/SimpleAuthorizingCallbackHandler.class */
public class SimpleAuthorizingCallbackHandler implements CallbackHandler {
    private static final Log log = LogFactory.getLog(SimpleAuthorizingCallbackHandler.class);
    private final Properties credentials;
    private final Properties roles;
    private final Timer timer;
    private final String localPrincipal;
    private final String role;
    private final String realm;

    /* JADX WARN: Classes with same name are omitted:
      input_file:_bootstrap/guvnor-ala-distribution-7.0.0.Beta3.war:WEB-INF/lib/jgroups-3.6.8.Final.jar:org/jgroups/auth/sasl/SimpleAuthorizingCallbackHandler$PropertiesReloadFileObserver.class
      input_file:m2repo/org/jgroups/jgroups/3.6.10.Final/jgroups-3.6.10.Final.jar:org/jgroups/auth/sasl/SimpleAuthorizingCallbackHandler$PropertiesReloadFileObserver.class
     */
    /* loaded from: input_file:m2repo/org/jgroups/jgroups/3.6.8.Final/jgroups-3.6.8.Final.jar:org/jgroups/auth/sasl/SimpleAuthorizingCallbackHandler$PropertiesReloadFileObserver.class */
    public static class PropertiesReloadFileObserver implements FileObserver {
        private final Properties properties;

        PropertiesReloadFileObserver(File file, Properties properties) {
            this.properties = properties;
            loadProperties(file);
        }

        private void loadProperties(File file) {
            FileInputStream fileInputStream = null;
            try {
                try {
                    fileInputStream = new FileInputStream(file);
                    this.properties.load(fileInputStream);
                    Util.close(fileInputStream);
                } catch (IOException e) {
                    SimpleAuthorizingCallbackHandler.log.error(Util.getMessage("AnErrorOccurredWhileLoadingPropertiesFrom") + file, e);
                    Util.close(fileInputStream);
                }
            } catch (Throwable th) {
                Util.close(fileInputStream);
                throw th;
            }
        }

        @Override // org.jgroups.auth.sasl.FileObserver
        public void fileChanged(File file) {
            loadProperties(file);
        }
    }

    public SimpleAuthorizingCallbackHandler() {
        this(SecurityActions.getSystemProperties());
    }

    public SimpleAuthorizingCallbackHandler(Properties properties) {
        this.credentials = new Properties();
        this.roles = new Properties();
        this.localPrincipal = requireProperty(properties, "sasl.local.principal");
        String requireProperty = requireProperty(properties, "sasl.credentials.properties");
        this.timer = new Timer();
        File file = new File(requireProperty);
        this.timer.scheduleAtFixedRate(new FileWatchTask(file, new PropertiesReloadFileObserver(file, this.credentials)), 0L, TimeUnit.SECONDS.toMillis(10L));
        this.role = properties.getProperty("sasl.role");
        String property = properties.getProperty("sasl.roles.properties");
        if (this.role != null) {
            if (property == null) {
                throw new IllegalStateException("To enable role authorization, both sasl.role and sasl.roles.properties system properties must be set");
            }
            File file2 = new File(property);
            this.timer.scheduleAtFixedRate(new FileWatchTask(file2, new PropertiesReloadFileObserver(file2, this.roles)), 0L, TimeUnit.SECONDS.toMillis(10L));
        }
        this.realm = properties.getProperty("sasl.realm");
    }

    private String requireProperty(Properties properties, String str) {
        String property = properties.getProperty(str);
        if (property == null) {
            throw new IllegalStateException("The required system property " + str + " has not been set");
        }
        return property;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        String property;
        LinkedList<RealmCallback> linkedList = new LinkedList();
        String str = null;
        boolean z = false;
        for (Callback callback : callbackArr) {
            if (callback instanceof AuthorizeCallback) {
                linkedList.add(callback);
            } else if (callback instanceof NameCallback) {
                str = ((NameCallback) callback).getDefaultName();
                if (str != null) {
                    z = this.credentials.containsKey(str);
                } else {
                    linkedList.add(callback);
                }
            } else if (callback instanceof PasswordCallback) {
                linkedList.add(callback);
            } else {
                if (!(callback instanceof RealmCallback)) {
                    throw new UnsupportedCallbackException(callback);
                }
                String defaultText = ((RealmCallback) callback).getDefaultText();
                if (defaultText != null && !this.realm.equals(defaultText)) {
                    throw new IOException("Invalid realm " + defaultText);
                }
                linkedList.add(callback);
            }
        }
        for (RealmCallback realmCallback : linkedList) {
            if (realmCallback instanceof NameCallback) {
                ((NameCallback) realmCallback).setName(this.localPrincipal);
            } else if (realmCallback instanceof AuthorizeCallback) {
                AuthorizeCallback authorizeCallback = (AuthorizeCallback) realmCallback;
                String authenticationID = authorizeCallback.getAuthenticationID();
                String authorizationID = authorizeCallback.getAuthorizationID();
                authorizeCallback.setAuthorized(authenticationID.equals(authorizationID));
                if (this.role == null) {
                    continue;
                } else {
                    String property2 = this.roles.getProperty(authorizeCallback.getAuthorizationID());
                    if (!(property2 != null ? Arrays.asList(property2.split("\\s*,\\s*")) : Collections.emptyList()).contains(this.role)) {
                        throw new IOException("Unauthorized user " + authorizationID);
                    }
                }
            } else if (realmCallback instanceof PasswordCallback) {
                if (str == null) {
                    property = this.credentials.getProperty(this.localPrincipal);
                } else {
                    if (!z) {
                        throw new IOException("Unauthorized user " + str);
                    }
                    property = this.credentials.getProperty(str);
                }
                ((PasswordCallback) realmCallback).setPassword(property.toCharArray());
            } else if (realmCallback instanceof RealmCallback) {
                realmCallback.setText(this.realm);
            }
        }
    }
}
