package org.glassfish.security.common;

import com.sun.enterprise.util.Utility;
import com.sun.enterprise.util.i18n.StringManager;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;

/* loaded from: input_file:org/glassfish/security/common/FileRealmHelper.class */
public final class FileRealmHelper {
    public static final String PARAM_KEYFILE = "file";
    private static final String FIELD_SEP = ";";
    private static final String GROUP_SEP = ",";
    private static final String COMMENT = "#";
    public static final String MISC_VALID_CHARS = "_-.";
    private static final int SALT_SIZE = 8;
    private final HashMap<String, User> userTable = new HashMap<>();
    private final HashMap<String, Integer> groupSizeMap = new HashMap<>();
    private File keyfile;
    private String keyfileName;
    private static final String SSHA_TAG = "{SSHA}";
    private static final String SSHA_256_TAG = "{SSHA256}";
    private static final String algoSHA = "SHA";
    private static final String algoSHA256 = "SHA-256";
    private static final String resetKey = "RESET";
    private static final StringManager sm;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:org/glassfish/security/common/FileRealmHelper$User.class */
    public static class User extends PrincipalImpl {
        private String[] groups;
        private String realm;
        private byte[] salt;
        private byte[] hash;
        private String algo;

        public User(String str) {
            super(str);
        }

        public User(String str, String[] strArr, String str2, byte[] bArr, byte[] bArr2, String str3) {
            super(str);
            this.groups = strArr;
            this.realm = str2;
            this.hash = bArr2;
            this.salt = bArr;
            this.algo = str3;
        }

        @Override // org.glassfish.security.common.PrincipalImpl, java.security.Principal
        public boolean equals(Object obj) {
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            User user = (User) obj;
            if (!Arrays.deepEquals(this.groups, user.groups)) {
                return false;
            }
            if (this.realm == null) {
                if (user.realm != null) {
                    return false;
                }
            } else if (!this.realm.equals(user.realm)) {
                return false;
            }
            if (!Arrays.equals(this.salt, user.salt) || !Arrays.equals(this.hash, user.hash)) {
                return false;
            }
            if (this.algo == null) {
                if (user.algo != null) {
                    return false;
                }
            } else if (!this.algo.equals(user.algo)) {
                return false;
            }
            return super.equals(obj);
        }

        @Override // org.glassfish.security.common.PrincipalImpl, java.security.Principal
        public int hashCode() {
            int deepHashCode = (17 * ((17 * ((17 * ((17 * ((17 * 5) + Arrays.deepHashCode(this.groups))) + (this.realm != null ? this.realm.hashCode() : 0))) + Arrays.hashCode(this.salt))) + Arrays.hashCode(this.hash))) + (this.algo != null ? this.algo.hashCode() : 0);
            return 17 * super.hashCode();
        }

        public byte[] getSalt() {
            return this.salt;
        }

        public void setSalt(byte[] bArr) {
            this.salt = bArr;
        }

        public byte[] getHash() {
            return this.hash;
        }

        public void setHash(byte[] bArr) {
            this.hash = bArr;
        }

        public String[] getGroups() {
            return this.groups;
        }

        public void setGroups(String[] strArr) {
            this.groups = strArr;
        }

        public String getAlgo() {
            return this.algo;
        }

        public void setAlgo(String str) {
            this.algo = str;
        }
    }

    public FileRealmHelper(String str) throws IOException {
        this.keyfileName = str;
        this.keyfile = new File(str);
        if (!this.keyfile.exists() && !this.keyfile.createNewFile()) {
            throw new IOException(sm.getString("filerealm.badwrite", str));
        }
        loadKeyFile();
    }

    public Set<String> getUserNames() {
        return this.userTable.keySet();
    }

    public User getUser(String str) {
        return this.userTable.get(str);
    }

    public Set<String> getGroupNames() {
        return this.groupSizeMap.keySet();
    }

    public String[] getGroupNames(String str) {
        User user = this.userTable.get(str);
        if (user == null) {
            return null;
        }
        return user.getGroups();
    }

    public String[] authenticate(String str, char[] cArr) {
        User user = this.userTable.get(str);
        if (user == null || resetKey.equals(user.getAlgo())) {
            return null;
        }
        try {
            if (SSHA.verify(user.getSalt(), user.getHash(), Utility.convertCharArrayToByteArray(cArr, Charset.defaultCharset().displayName()), user.getAlgo())) {
                return user.getGroups();
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    public boolean hasAuthenticatableUser() {
        Iterator<User> it = this.userTable.values().iterator();
        while (it.hasNext()) {
            if (!resetKey.equals(it.next().getAlgo())) {
                return true;
            }
        }
        return false;
    }

    private static boolean isValid(String str, boolean z) {
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (!Character.isLetterOrDigit(charAt) && !Character.isWhitespace(charAt) && MISC_VALID_CHARS.indexOf(charAt) == -1 && (!z || charAt != '@')) {
                return false;
            }
        }
        return true;
    }

    public static void validateUserName(String str) throws IllegalArgumentException {
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException(sm.getString("filerealm.noname"));
        }
        if (!isValid(str, true)) {
            throw new IllegalArgumentException(sm.getString("filerealm.badname", str));
        }
        if (!str.equals(str.trim())) {
            throw new IllegalArgumentException(sm.getString("filerealm.badspaces", str));
        }
    }

    public static void validatePassword(char[] cArr) throws IllegalArgumentException {
        if (Arrays.equals((char[]) null, cArr)) {
            throw new IllegalArgumentException(sm.getString("filerealm.emptypwd"));
        }
        for (char c : cArr) {
            if (Character.isSpaceChar(c)) {
                throw new IllegalArgumentException(sm.getString("filerealm.badspacespwd"));
            }
        }
    }

    public static void validateGroupName(String str) throws IllegalArgumentException {
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException(sm.getString("filerealm.nogroup"));
        }
        if (!isValid(str, false)) {
            throw new IllegalArgumentException(sm.getString("filerealm.badchars", str));
        }
        if (!str.equals(str.trim())) {
            throw new IllegalArgumentException(sm.getString("filerealm.badspaces", str));
        }
    }

    public static void validateGroupList(String[] strArr) throws IllegalArgumentException {
        if (strArr == null || strArr.length == 0) {
            return;
        }
        for (String str : strArr) {
            validateGroupName(str);
        }
    }

    public synchronized void addUser(String str, char[] cArr, String[] strArr) throws IllegalArgumentException {
        validateUserName(str);
        validatePassword(cArr);
        validateGroupList(strArr);
        if (this.userTable.containsKey(str)) {
            throw new IllegalArgumentException(sm.getString("filerealm.dupuser", str));
        }
        addGroupNames(strArr);
        this.userTable.put(str, createNewUser(str, cArr, strArr));
    }

    public synchronized void removeUser(String str) throws IllegalArgumentException {
        if (!this.userTable.containsKey(str)) {
            throw new IllegalArgumentException(sm.getString("filerealm.nouser", str));
        }
        User user = this.userTable.get(str);
        this.userTable.remove(str);
        reduceGroups(user.getGroups());
    }

    public synchronized void updateUser(String str, String str2, char[] cArr, String[] strArr) throws IllegalArgumentException {
        validateUserName(str);
        if (!this.userTable.containsKey(str)) {
            throw new IllegalArgumentException(sm.getString("filerealm.nouser", str));
        }
        validateUserName(str2);
        validateGroupList(strArr);
        if (cArr != null) {
            validatePassword(cArr);
        }
        if (!str.equals(str2) && this.userTable.containsKey(str2)) {
            throw new IllegalArgumentException(sm.getString("filerealm.dupuser", str));
        }
        User user = this.userTable.get(str);
        if (!$assertionsDisabled && user == null) {
            throw new AssertionError();
        }
        User user2 = new User(str2);
        if (strArr != null) {
            changeGroups(user.getGroups(), strArr);
            user2.setGroups(strArr);
        } else {
            user2.setGroups(user.getGroups());
        }
        if (cArr == null) {
            user2.setSalt(user.getSalt());
            user2.setHash(user.getHash());
            if (user.getAlgo().equals(resetKey)) {
                user2.setAlgo("SHA-256");
            } else {
                user2.setAlgo(user.getAlgo());
            }
        } else {
            setPassword(user2, cArr);
            user2.setAlgo("SHA-256");
        }
        this.userTable.remove(str);
        this.userTable.put(str2, user2);
    }

    public void persist() throws IOException {
        synchronized (FileRealmHelper.class) {
            FileOutputStream fileOutputStream = null;
            try {
                try {
                    FileOutputStream fileOutputStream2 = new FileOutputStream(this.keyfile);
                    for (Map.Entry<String, User> entry : this.userTable.entrySet()) {
                        fileOutputStream2.write(encodeUser(entry.getKey(), entry.getValue(), entry.getValue().getAlgo()).getBytes());
                    }
                    if (fileOutputStream2 != null) {
                        fileOutputStream2.close();
                    }
                } catch (Throwable th) {
                    if (0 != 0) {
                        fileOutputStream.close();
                    }
                    throw th;
                }
            } catch (IOException e) {
                throw e;
            } catch (Exception e2) {
                throw new IOException(sm.getString("filerealm.badwrite", e2.toString()));
            }
        }
    }

    private void addGroupNames(String[] strArr) {
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                Integer num = this.groupSizeMap.get(strArr[i]);
                this.groupSizeMap.put(strArr[i], Integer.valueOf(num != null ? num.intValue() + 1 : 1));
            }
        }
    }

    private void reduceGroups(String[] strArr) {
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                Integer num = this.groupSizeMap.get(strArr[i]);
                if (num != null) {
                    int intValue = num.intValue() - 1;
                    if (intValue > 0) {
                        this.groupSizeMap.put(strArr[i], Integer.valueOf(intValue));
                    } else {
                        this.groupSizeMap.remove(strArr[i]);
                    }
                }
            }
        }
    }

    private void changeGroups(String[] strArr, String[] strArr2) {
        addGroupNames(strArr2);
        reduceGroups(strArr);
    }

    private void loadKeyFile() throws IOException {
        BufferedReader bufferedReader = null;
        try {
            try {
                bufferedReader = new BufferedReader(new FileReader(this.keyfile));
                while (bufferedReader.ready()) {
                    String readLine = bufferedReader.readLine();
                    if (readLine != null && !readLine.startsWith(COMMENT) && readLine.indexOf(FIELD_SEP) >= 0) {
                        User decodeUser = decodeUser(readLine, this.groupSizeMap);
                        this.userTable.put(decodeUser.getName(), decodeUser);
                    }
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (Exception e) {
                    }
                }
            } catch (Exception e2) {
                throw new IOException(e2.toString());
            }
        } catch (Throwable th) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (Exception e3) {
                }
            }
            throw th;
        }
    }

    private static String encodeUser(String str, User user, String str2) {
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        sb.append(FIELD_SEP);
        if (resetKey.equals(str2)) {
            sb.append(resetKey);
        } else {
            sb.append(SSHA.encode(user.getSalt(), user.getHash(), str2));
        }
        sb.append(FIELD_SEP);
        String[] groups = user.getGroups();
        if (groups != null) {
            for (int i = 0; i < groups.length; i++) {
                if (i > 0) {
                    sb.append(GROUP_SEP);
                }
                sb.append(groups[i]);
            }
        }
        sb.append("\n");
        return sb.toString();
    }

    private static User decodeUser(String str, Map map) throws IllegalArgumentException {
        StringTokenizer stringTokenizer = new StringTokenizer(str, FIELD_SEP);
        String str2 = null;
        try {
            String nextToken = stringTokenizer.nextToken();
            String nextToken2 = stringTokenizer.nextToken();
            if (stringTokenizer.hasMoreTokens()) {
                str2 = stringTokenizer.nextToken();
            }
            User user = new User(nextToken);
            if (resetKey.equals(nextToken2)) {
                user.setAlgo(resetKey);
            } else {
                String str3 = str.contains(SSHA_TAG) ? algoSHA : "SHA-256";
                int i = 32;
                if (algoSHA.equals(str3)) {
                    i = 20;
                }
                byte[] bArr = new byte[i];
                byte[] decode = SSHA.decode(nextToken2, bArr, str3);
                user.setHash(bArr);
                user.setSalt(decode);
                user.setAlgo(str3);
            }
            ArrayList arrayList = new ArrayList();
            if (str2 != null) {
                StringTokenizer stringTokenizer2 = new StringTokenizer(str2, GROUP_SEP);
                while (stringTokenizer2.hasMoreTokens()) {
                    String nextToken3 = stringTokenizer2.nextToken();
                    arrayList.add(nextToken3);
                    Integer num = (Integer) map.get(nextToken3);
                    map.put(nextToken3, Integer.valueOf(num != null ? num.intValue() + 1 : 1));
                }
            }
            user.setGroups((String[]) arrayList.toArray(new String[arrayList.size()]));
            return user;
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("filerealm.syntaxerror", str));
        }
    }

    private static User createNewUser(String str, char[] cArr, String[] strArr) {
        User user = new User(str);
        if (strArr == null) {
            strArr = new String[0];
        }
        user.setGroups(strArr);
        user.setAlgo("SHA-256");
        setPassword(user, cArr);
        return user;
    }

    private static void setPassword(User user, char[] cArr) throws IllegalArgumentException {
        if (!$assertionsDisabled && user == null) {
            throw new AssertionError();
        }
        try {
            byte[] convertCharArrayToByteArray = Utility.convertCharArrayToByteArray(cArr, Charset.defaultCharset().displayName());
            SecureRandom secureRandom = SharedSecureRandomImpl.get();
            byte[] bArr = new byte[SALT_SIZE];
            secureRandom.nextBytes(bArr);
            user.setSalt(bArr);
            String algo = user.getAlgo();
            if (algo == null) {
                algo = "SHA-256";
            }
            user.setHash(SSHA.compute(bArr, convertCharArrayToByteArray, algo));
        } catch (Exception e) {
            throw new IllegalArgumentException(e);
        }
    }

    static {
        $assertionsDisabled = !FileRealmHelper.class.desiredAssertionStatus();
        sm = StringManager.getManager(FileRealmHelper.class);
    }
}
