package org.apache.activemq.artemis.spi.core.security.jaas;

import java.util.Collections;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:artemis-server-2.9.0.redhat-00011.jar:org/apache/activemq/artemis/spi/core/security/jaas/TextFileCertificateLoginModule.class */
public class TextFileCertificateLoginModule extends CertificateLoginModule {
    private static final String USER_FILE_PROP_NAME = "org.apache.activemq.jaas.textfiledn.user";
    private static final String ROLE_FILE_PROP_NAME = "org.apache.activemq.jaas.textfiledn.role";
    private Map<String, Set<String>> rolesByUser;
    private Map<String, Pattern> regexpByUser;
    private Map<String, String> usersByDn;

    @Override // org.apache.activemq.artemis.spi.core.security.jaas.CertificateLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.usersByDn = load(USER_FILE_PROP_NAME, "", map2).invertedPropertiesMap();
        this.regexpByUser = load(USER_FILE_PROP_NAME, "", map2).regexpPropertiesMap();
        this.rolesByUser = load(ROLE_FILE_PROP_NAME, "", map2).invertedPropertiesValuesMap();
    }

    @Override // org.apache.activemq.artemis.spi.core.security.jaas.CertificateLoginModule
    protected String getUserNameForCertificates(X509Certificate[] x509CertificateArr) throws LoginException {
        if (x509CertificateArr == null) {
            throw new LoginException("Client certificates not found. Cannot authenticate.");
        }
        String distinguishedName = getDistinguishedName(x509CertificateArr);
        return this.usersByDn.containsKey(distinguishedName) ? this.usersByDn.get(distinguishedName) : getUserByRegexp(distinguishedName);
    }

    @Override // org.apache.activemq.artemis.spi.core.security.jaas.CertificateLoginModule
    protected Set<String> getUserRoles(String str) throws LoginException {
        Set<String> set = this.rolesByUser.get(str);
        if (set == null) {
            set = Collections.emptySet();
        }
        return set;
    }

    private synchronized String getUserByRegexp(String str) {
        String str2 = null;
        Iterator<Map.Entry<String, Pattern>> it = this.regexpByUser.entrySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Map.Entry<String, Pattern> next = it.next();
            if (next.getValue().matcher(str).matches()) {
                str2 = next.getKey();
                break;
            }
        }
        this.usersByDn.put(str, str2);
        return str2;
    }
}
