package org.apache.karaf.shell.security.impl;

import java.io.InputStream;
import java.io.PrintStream;
import java.security.AccessController;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.felix.gogo.api.CommandSessionListener;
import org.apache.felix.gogo.runtime.CommandProcessorImpl;
import org.apache.felix.gogo.runtime.CommandProxy;
import org.apache.felix.gogo.runtime.CommandSessionImpl;
import org.apache.felix.gogo.runtime.activator.Activator;
import org.apache.felix.service.command.CommandProcessor;
import org.apache.felix.service.command.CommandSession;
import org.apache.felix.service.command.Converter;
import org.apache.felix.service.threadio.ThreadIO;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.jolokia.util.EscapeUtil;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Constants;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.ServiceReference;
import org.osgi.util.tracker.ServiceTracker;

/* loaded from: input_file:WEB-INF/lib/org.apache.karaf.shell.console-2.4.0.redhat-620165.jar:org/apache/karaf/shell/security/impl/SecuredCommandProcessorImpl.class */
public class SecuredCommandProcessorImpl extends CommandProcessorImpl {
    private final BundleContext bundleContext;
    private final ServiceTracker<Object, Map<String, CommandProxy>> commandTracker;
    private final ServiceTracker<Converter, Converter> converterTracker;
    private final ServiceTracker<CommandSessionListener, CommandSessionListener> listenerTracker;

    public SecuredCommandProcessorImpl(BundleContext bundleContext, ThreadIO threadIO) {
        super(threadIO);
        this.bundleContext = bundleContext;
        String str = "";
        Subject subject = Subject.getSubject(AccessController.getContext());
        if (subject != null) {
            Set<RolePrincipal> principals = subject.getPrincipals(RolePrincipal.class);
            if (principals.size() == 0) {
                throw new SecurityException("Current user has no associated roles.");
            }
            StringBuilder sb = new StringBuilder();
            sb.append("(|");
            for (RolePrincipal rolePrincipal : principals) {
                sb.append('(');
                sb.append("org.apache.karaf.service.guard.roles");
                sb.append('=');
                sb.append(escapeforFilterString(rolePrincipal.getName()));
                sb.append(')');
            }
            sb.append("(!(org.apache.karaf.service.guard.roles=*))");
            sb.append(')');
            str = sb.toString();
        }
        addConstant(Activator.CONTEXT, bundleContext);
        addCommand(Constants.FRAMEWORK_SECURITY_OSGI, this, "addCommand");
        addCommand(Constants.FRAMEWORK_SECURITY_OSGI, this, "removeCommand");
        addCommand(Constants.FRAMEWORK_SECURITY_OSGI, this, "eval");
        try {
            this.commandTracker = trackCommands(bundleContext, str);
            this.commandTracker.open();
            this.converterTracker = trackConverters(bundleContext);
            this.converterTracker.open();
            this.listenerTracker = trackListeners(bundleContext);
            this.listenerTracker.open();
        } catch (InvalidSyntaxException e) {
            throw new RuntimeException(e);
        }
    }

    public void close() {
        this.commandTracker.close();
        this.converterTracker.close();
        this.listenerTracker.close();
    }

    @Override // org.apache.felix.gogo.runtime.CommandProcessorImpl, org.apache.felix.service.command.CommandProcessor
    public CommandSession createSession(InputStream inputStream, PrintStream printStream, PrintStream printStream2) {
        CommandSessionImpl commandSessionImpl;
        synchronized (this.sessions) {
            if (this.stopped) {
                throw new IllegalStateException("CommandProcessor has been stopped");
            }
            commandSessionImpl = new CommandSessionImpl(this, inputStream, printStream, printStream2) { // from class: org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.1
                @Override // org.apache.felix.gogo.runtime.CommandSessionImpl, org.apache.felix.service.command.CommandSession
                public void close() {
                    super.close();
                    SecuredCommandProcessorImpl.this.close();
                }
            };
            this.sessions.put(commandSessionImpl, null);
        }
        return commandSessionImpl;
    }

    private ServiceTracker<Object, Map<String, CommandProxy>> trackCommands(BundleContext bundleContext, String str) throws InvalidSyntaxException {
        return new ServiceTracker<Object, Map<String, CommandProxy>>(bundleContext, bundleContext.createFilter(String.format("(&(%s=*)(%s=*)%s)", CommandProcessor.COMMAND_SCOPE, CommandProcessor.COMMAND_FUNCTION, str)), null) { // from class: org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.2
            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public Map<String, CommandProxy> addingService(ServiceReference<Object> serviceReference) {
                Object property = serviceReference.getProperty(CommandProcessor.COMMAND_SCOPE);
                Object property2 = serviceReference.getProperty(CommandProcessor.COMMAND_FUNCTION);
                Object property3 = serviceReference.getProperty(Constants.SERVICE_RANKING);
                int i = 0;
                if (property3 != null) {
                    try {
                        i = Integer.parseInt(property3.toString());
                    } catch (NumberFormatException e) {
                    }
                }
                if (property == null || property2 == null) {
                    return null;
                }
                HashMap hashMap = new HashMap();
                if (property2.getClass().isArray()) {
                    for (Object obj : (Object[]) property2) {
                        String obj2 = obj.toString();
                        CommandProxy commandProxy = new CommandProxy(this.context, serviceReference, obj2);
                        if (!hashMap.containsKey(obj2)) {
                            hashMap.put(obj2, commandProxy);
                            SecuredCommandProcessorImpl.this.addCommand(property.toString(), commandProxy, obj2, i);
                        }
                    }
                } else {
                    String obj3 = property2.toString();
                    CommandProxy commandProxy2 = new CommandProxy(this.context, serviceReference, obj3);
                    hashMap.put(obj3, commandProxy2);
                    SecuredCommandProcessorImpl.this.addCommand(property.toString(), commandProxy2, obj3, i);
                }
                return hashMap;
            }

            public void removedService(ServiceReference<Object> serviceReference, Map<String, CommandProxy> map) {
                Object property = serviceReference.getProperty(CommandProcessor.COMMAND_SCOPE);
                for (Map.Entry<String, CommandProxy> entry : map.entrySet()) {
                    SecuredCommandProcessorImpl.this.removeCommand(property.toString(), entry.getKey(), entry.getValue());
                }
                this.context.ungetService(serviceReference);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ void removedService(ServiceReference serviceReference, Object obj) {
                removedService((ServiceReference<Object>) serviceReference, (Map<String, CommandProxy>) obj);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ Object addingService(ServiceReference serviceReference) {
                return addingService((ServiceReference<Object>) serviceReference);
            }
        };
    }

    private ServiceTracker<Converter, Converter> trackConverters(BundleContext bundleContext) {
        return new ServiceTracker<Converter, Converter>(bundleContext, Converter.class.getName(), null) { // from class: org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.3
            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public Converter addingService(ServiceReference<Converter> serviceReference) {
                Converter converter = (Converter) super.addingService((ServiceReference) serviceReference);
                SecuredCommandProcessorImpl.this.addConverter(converter);
                return converter;
            }

            public void removedService(ServiceReference<Converter> serviceReference, Converter converter) {
                SecuredCommandProcessorImpl.this.removeConverter(converter);
                super.removedService(serviceReference, (ServiceReference<Converter>) converter);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ void removedService(ServiceReference serviceReference, Object obj) {
                removedService((ServiceReference<Converter>) serviceReference, (Converter) obj);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ Object addingService(ServiceReference serviceReference) {
                return addingService((ServiceReference<Converter>) serviceReference);
            }
        };
    }

    private ServiceTracker<CommandSessionListener, CommandSessionListener> trackListeners(BundleContext bundleContext) {
        return new ServiceTracker<CommandSessionListener, CommandSessionListener>(bundleContext, CommandSessionListener.class.getName(), null) { // from class: org.apache.karaf.shell.security.impl.SecuredCommandProcessorImpl.4
            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public CommandSessionListener addingService(ServiceReference<CommandSessionListener> serviceReference) {
                CommandSessionListener commandSessionListener = (CommandSessionListener) super.addingService((ServiceReference) serviceReference);
                SecuredCommandProcessorImpl.this.addListener(commandSessionListener);
                return commandSessionListener;
            }

            public void removedService(ServiceReference<CommandSessionListener> serviceReference, CommandSessionListener commandSessionListener) {
                SecuredCommandProcessorImpl.this.removeListener(commandSessionListener);
                super.removedService(serviceReference, (ServiceReference<CommandSessionListener>) commandSessionListener);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ void removedService(ServiceReference serviceReference, Object obj) {
                removedService((ServiceReference<CommandSessionListener>) serviceReference, (CommandSessionListener) obj);
            }

            @Override // org.osgi.util.tracker.ServiceTracker, org.osgi.util.tracker.ServiceTrackerCustomizer
            public /* bridge */ /* synthetic */ Object addingService(ServiceReference serviceReference) {
                return addingService((ServiceReference<CommandSessionListener>) serviceReference);
            }
        };
    }

    private String escapeforFilterString(String str) {
        return str.replace("\\", EscapeUtil.CSV_ESCAPE).replace("*", "\\*").replace("(", "\\(").replace(")", "\\)");
    }
}
