package net.sf.jguard.ext.authentication.manager;

import java.io.FileWriter;
import java.io.IOException;
import java.io.OutputStream;
import java.security.Principal;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import net.sf.jguard.core.authentication.AuthenticationException;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.authentication.manager.AuthenticationManager;
import net.sf.jguard.core.principals.RolePrincipal;
import net.sf.jguard.core.provisioning.SubjectTemplate;
import net.sf.jguard.ext.SecurityConstants;
import net.sf.jguard.ext.util.XMLUtils;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.dom4j.Attribute;
import org.dom4j.Document;
import org.dom4j.Element;
import org.dom4j.io.HTMLWriter;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;

/* loaded from: input_file:WEB-INF/lib/jguard-ext-1.1.0-beta-2.jar:net/sf/jguard/ext/authentication/manager/XmlAuthenticationManager.class */
public class XmlAuthenticationManager extends AbstractAuthenticationManager implements AuthenticationManager {
    public static final String GENERIC_PRINCIPALS = "genericPrincipals";
    private static final String PUBLIC_OPTIONAL_CREDENTIALS = "publicOptionalCredentials";
    private static final String PRIVATE_OPTIONAL_CREDENTIALS = "privateOptionalCredentials";
    private static final String PUBLIC_REQUIRED_CREDENTIALS = "publicRequiredCredentials";
    private static final String CRED_TEMPLATE_ID = "credTemplateId";
    private static final String PRIVATE_REQUIRED_CREDENTIALS = "privateRequiredCredentials";
    private static final String USER_TEMPLATE = "userTemplate";
    private static final String VALUE = "value";
    private static final String ID = "id";
    private static final String CREDENTIAL = "credential";
    private static final String PRINCIPAL_REF = "principalRef";
    private static final String PRINCIPALS_REF = "principalsRef";
    private static final String PUBLIC_CREDENTIALS = "publicCredentials";
    private static final String IDENTITY = "identity";
    private static final String DIGEST_NEEDED = "digestNeeded";
    private static final String PRIVATE_CREDENTIALS = "privateCredentials";
    private static final String USER = "user";
    private static final String USERS = "users";
    private static final String APPLICATION_NAME = "applicationName";
    private static final String CLASS = "class";
    private static final String NAME = "name";
    private static final String ACTIVE = "active";
    private static final String DEFINITION = "definition";
    private static final String PRINCIPAL = "principal";
    private static final String PRINCIPALS = "principals";
    private static final Logger logger;
    private Document document;
    private Element root;
    private String fileLocation;
    private Map principals;
    private Set principalsSet;
    private Set users;
    static Class class$net$sf$jguard$ext$authentication$manager$XmlAuthenticationManager;
    static Class class$net$sf$jguard$core$authentication$credentials$JGuardCredential;
    static Class class$net$sf$jguard$core$principals$RolePrincipal;

    public XmlAuthenticationManager(Map map) {
        super(map);
        this.document = null;
        this.root = null;
        this.fileLocation = null;
        this.users = new HashSet();
        this.principalsSet = new HashSet();
        this.principals = new HashMap();
        this.applicationName = (String) map.get("applicationName");
        this.debug = Boolean.valueOf((String) map.get("debug")).booleanValue();
        this.fileLocation = (String) map.get(SecurityConstants.AUTHENTICATION_XML_FILE_LOCATION);
        if (this.fileLocation == null) {
            logger.severe(" parameter 'authenticationXmlFileLocation' which is null must be specified in the authentication configuration ");
        }
        if (this.debug && logger.isLoggable(Level.FINEST)) {
            logger.finest(new StringBuffer().append("initAuthenticationDAO() - fileLocation=").append(this.fileLocation).toString());
        }
        this.document = XMLUtils.read(this.fileLocation);
        this.root = this.document.getRootElement();
        initPrincipals(this.root);
        try {
            this.subjectTemplate = getSubjectTemplate("default");
        } catch (AuthenticationException e) {
            logger.info(" no SubjectTemplate are defined ");
        }
        this.users = initUsers(this.root);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistPrincipal(Principal principal) throws AuthenticationException {
        Element addElement = this.root.element(PRINCIPALS).addElement(PRINCIPAL);
        addElement.addElement("name").setText(principal.getName());
        addElement.addElement("class").setText(principal.getClass().getName());
        Element addElement2 = addElement.addElement("applicationName");
        if (principal instanceof RolePrincipal) {
            addElement2.setText(((RolePrincipal) principal).getApplicationName());
        }
        try {
            XMLUtils.write(this.fileLocation, this.document);
        } catch (IOException e) {
            logger.severe(e.getMessage());
            throw new AuthenticationException(e.getMessage());
        }
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void updateUserImpl(JGuardCredential jGuardCredential, Subject subject) throws AuthenticationException {
        logger.finest(new StringBuffer().append("update user - identityCred =").append(jGuardCredential).toString());
        Element findUser = findUser(jGuardCredential);
        if (findUser != null) {
            deleteUserFromMemory(jGuardCredential);
            this.root.element(USERS).elements(USER).remove(findUser);
            try {
                XMLUtils.write(this.fileLocation, this.document);
                persistUser(subject);
            } catch (IOException e) {
                logger.log(Level.SEVERE, "removeUser(Subject)", (Throwable) e);
                throw new AuthenticationException(e.getMessage());
            }
        }
    }

    private void deleteUserFromMemory(Subject subject) throws AuthenticationException {
        deleteUserFromMemory(extractIdentityCredentialFromUser(subject));
    }

    private void deleteUserFromMemory(JGuardCredential jGuardCredential) throws AuthenticationException {
        Iterator it = this.users.iterator();
        while (it.hasNext()) {
            if (jGuardCredential.equals(extractIdentityCredentialFromUser((Subject) it.next()))) {
                it.remove();
                logger.finest(new StringBuffer().append("user with identityCred:").append(jGuardCredential.getId()).append(" =").append(jGuardCredential.getValue().toString()).append(" removed ").toString());
                return;
            }
        }
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager
    public void deleteUser(Subject subject) throws AuthenticationException {
        if (subject != null) {
            deleteUserFromMemory(subject);
            Element findUser = findUser(subject);
            if (findUser != null) {
                this.root.element(USERS).elements(USER).remove(findUser);
                try {
                    XMLUtils.write(this.fileLocation, this.document);
                } catch (IOException e) {
                    logger.log(Level.SEVERE, "removeUser(Subject)", (Throwable) e);
                    throw new AuthenticationException(e.getMessage());
                }
            }
        }
    }

    private Element findUser(Subject subject) throws AuthenticationException {
        return findUser(extractIdentityCredentialFromUser(subject));
    }

    private Element findUser(JGuardCredential jGuardCredential) {
        logger.finest(new StringBuffer().append("try to find user with identityCredential=").append(jGuardCredential).toString());
        for (Element element : this.root.element(USERS).elements(USER)) {
            if (((Element) element.element(PRIVATE_CREDENTIALS).selectSingleNode(new StringBuffer().append("./credential[id='").append(jGuardCredential.getId()).append("' and value='").append(jGuardCredential.getValue().toString()).append("']").toString())) != null) {
                logger.finest(new StringBuffer().append("user ").append(element).append("has been found").toString());
                return element;
            }
            if (((Element) element.element(PUBLIC_CREDENTIALS).selectSingleNode(new StringBuffer().append("./credential[id='").append(jGuardCredential.getId()).append("' and value='").append(jGuardCredential.getValue().toString()).append("']").toString())) != null) {
                logger.finest(new StringBuffer().append("user ").append(element).append("has been found").toString());
                return element;
            }
        }
        logger.finest("no user has been found");
        return null;
    }

    private void initPrincipals(Element element) {
        for (Element element2 : element.element(PRINCIPALS).elements(PRINCIPAL)) {
            RolePrincipal rolePrincipal = new RolePrincipal();
            rolePrincipal.setLocalName(element2.element("name").getStringValue());
            rolePrincipal.setApplicationName(element2.element("applicationName").getStringValue());
            this.principals.put(rolePrincipal.getName(), rolePrincipal);
            this.principalsSet.add(rolePrincipal);
            if (rolePrincipal.getApplicationName().equals(this.applicationName)) {
                this.localPrincipalsSet.add(rolePrincipal);
                this.localPrincipals.put(rolePrincipal.getName(), rolePrincipal);
            }
        }
    }

    private Set initUsers(Element element) {
        for (Element element2 : element.element(USERS).elements(USER)) {
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            HashSet hashSet3 = new HashSet();
            Element element3 = element2.element(PRIVATE_CREDENTIALS);
            Element element4 = element2.element(PUBLIC_CREDENTIALS);
            for (Element element5 : element3.elements(CREDENTIAL)) {
                JGuardCredential jGuardCredential = new JGuardCredential();
                String stringValue = element5.element("id").getStringValue();
                String stringValue2 = element5.element("value").getStringValue();
                jGuardCredential.setId(stringValue);
                jGuardCredential.setValue(stringValue2);
                hashSet2.add(jGuardCredential);
            }
            for (Element element6 : element4.elements(CREDENTIAL)) {
                JGuardCredential jGuardCredential2 = new JGuardCredential();
                String stringValue3 = element6.element("id").getStringValue();
                String stringValue4 = element6.element("value").getStringValue();
                jGuardCredential2.setId(stringValue3);
                jGuardCredential2.setValue(stringValue4);
                hashSet3.add(jGuardCredential2);
            }
            for (Element element7 : element2.element(PRINCIPALS_REF).elements(PRINCIPAL_REF)) {
                String attributeValue = element7.attributeValue("name");
                String attributeValue2 = element7.attributeValue("applicationName");
                if (attributeValue2 == null) {
                    attributeValue2 = this.applicationName;
                }
                String attributeValue3 = element7.attributeValue(DEFINITION);
                String attributeValue4 = element7.attributeValue(ACTIVE);
                RolePrincipal rolePrincipal = new RolePrincipal();
                rolePrincipal.setLocalName(attributeValue);
                rolePrincipal.setApplicationName(attributeValue2);
                rolePrincipal.setDefinition(attributeValue3);
                if (SchemaSymbols.ATTVAL_TRUE.equalsIgnoreCase(attributeValue4)) {
                    rolePrincipal.setActive(true);
                } else {
                    rolePrincipal.setActive(false);
                }
                hashSet.add(rolePrincipal);
            }
            this.users.add(new Subject(false, hashSet, hashSet3, hashSet2));
        }
        return this.users;
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager
    public SubjectTemplate getSubjectTemplate(String str) throws AuthenticationException {
        List selectNodes = this.root.selectNodes(new StringBuffer().append("//userTemplate[name=\"").append(str).append("\"]").toString());
        if (selectNodes != null && selectNodes.size() == 1) {
            return buildSubjectTemplateFromElement((Element) selectNodes.get(0), str);
        }
        logger.severe(new StringBuffer().append("SubjectTemplates found : ").append(selectNodes).toString());
        throw new AuthenticationException(new StringBuffer().append("subjecttemplate intitled ").append(str).append(" is not unique ").toString());
    }

    private SubjectTemplate buildSubjectTemplateFromElement(Element element, String str) {
        Set jGuardCredentialList = getJGuardCredentialList(element.element(PRIVATE_REQUIRED_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        Set jGuardCredentialList2 = getJGuardCredentialList(element.element(PUBLIC_REQUIRED_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        Set jGuardCredentialList3 = getJGuardCredentialList(element.element(PRIVATE_OPTIONAL_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        Set jGuardCredentialList4 = getJGuardCredentialList(element.element(PUBLIC_OPTIONAL_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        SubjectTemplate subjectTemplate = new SubjectTemplate();
        subjectTemplate.setPrivateRequiredCredentials(jGuardCredentialList);
        subjectTemplate.setPublicRequiredCredentials(jGuardCredentialList2);
        subjectTemplate.setPrivateOptionalCredentials(jGuardCredentialList3);
        subjectTemplate.setPublicOptionalCredentials(jGuardCredentialList4);
        subjectTemplate.setPrincipals(getGenericPrincipals(element.element(GENERIC_PRINCIPALS).elements(PRINCIPAL_REF)));
        subjectTemplate.setName(str);
        return subjectTemplate;
    }

    private Set getGenericPrincipals(List list) {
        HashSet hashSet = new HashSet();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            Principal principal = (Principal) this.principals.get(new StringBuffer().append(this.applicationName).append("#").append(((Element) it.next()).attribute("name").getData()).toString());
            if (principal != null) {
                hashSet.add(principal);
            }
        }
        return hashSet;
    }

    private Set getJGuardCredentialList(List list) {
        Iterator it = list.iterator();
        HashSet hashSet = new HashSet();
        while (it.hasNext()) {
            Element element = (Element) it.next();
            JGuardCredential jGuardCredential = new JGuardCredential();
            Attribute attribute = element.attribute(IDENTITY);
            if (attribute != null && attribute.getText().equals(SchemaSymbols.ATTVAL_TRUE)) {
                jGuardCredential.setIdentity(true);
            }
            jGuardCredential.setId(element.getStringValue());
            hashSet.add(jGuardCredential);
        }
        return hashSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistUser(Subject subject) throws AuthenticationException {
        Class cls;
        Class cls2;
        Element addElement = this.root.element(USERS).addElement(USER);
        Element addElement2 = addElement.addElement(PRIVATE_CREDENTIALS);
        if (class$net$sf$jguard$core$authentication$credentials$JGuardCredential == null) {
            cls = class$("net.sf.jguard.core.authentication.credentials.JGuardCredential");
            class$net$sf$jguard$core$authentication$credentials$JGuardCredential = cls;
        } else {
            cls = class$net$sf$jguard$core$authentication$credentials$JGuardCredential;
        }
        persistCredentialsSet(subject.getPrivateCredentials(cls), addElement2);
        Element addElement3 = addElement.addElement(PUBLIC_CREDENTIALS);
        if (class$net$sf$jguard$core$authentication$credentials$JGuardCredential == null) {
            cls2 = class$("net.sf.jguard.core.authentication.credentials.JGuardCredential");
            class$net$sf$jguard$core$authentication$credentials$JGuardCredential = cls2;
        } else {
            cls2 = class$net$sf$jguard$core$authentication$credentials$JGuardCredential;
        }
        persistCredentialsSet(subject.getPublicCredentials(cls2), addElement3);
        persistPrincipalRefs(subject.getPrincipals(), addElement.addElement(PRINCIPALS_REF));
        try {
            XMLUtils.write(this.fileLocation, this.document);
            this.users.add(subject);
        } catch (IOException e) {
            logger.log(Level.SEVERE, "persistUser(Subject)", (Throwable) e);
            throw new AuthenticationException(e.getMessage());
        }
    }

    private void persistPrincipalRefs(Set set, Element element) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            Principal principal = (Principal) it.next();
            if (principal instanceof RolePrincipal) {
                RolePrincipal rolePrincipal = (RolePrincipal) principal;
                Element addElement = element.addElement(PRINCIPAL_REF);
                addElement.addAttribute("name", rolePrincipal.getLocalName());
                addElement.addAttribute("applicationName", rolePrincipal.getApplicationName());
                addElement.addAttribute(DEFINITION, rolePrincipal.getDefinition());
                addElement.addAttribute(ACTIVE, rolePrincipal.isActive() ? SchemaSymbols.ATTVAL_TRUE : SchemaSymbols.ATTVAL_FALSE);
            }
        }
    }

    private void persistCredentialsSet(Set set, Element element) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            JGuardCredential jGuardCredential = (JGuardCredential) it.next();
            Element addElement = element.addElement(CREDENTIAL);
            addElement.addElement("id").setText(jGuardCredential.getId());
            addElement.addElement("value").setText(jGuardCredential.getValue().toString());
        }
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager
    public void persistSubjectTemplate(SubjectTemplate subjectTemplate) {
        Element element = this.root.element(USER_TEMPLATE);
        Element element2 = element.element(PRIVATE_REQUIRED_CREDENTIALS);
        Iterator it = subjectTemplate.getPrivateRequiredCredentials().iterator();
        while (it.hasNext()) {
            element2.addElement(CRED_TEMPLATE_ID).setText(((JGuardCredential) it.next()).getId());
        }
        Element element3 = element.element(PUBLIC_REQUIRED_CREDENTIALS);
        Iterator it2 = subjectTemplate.getPublicRequiredCredentials().iterator();
        while (it2.hasNext()) {
            element3.addElement(CRED_TEMPLATE_ID).setText(((JGuardCredential) it2.next()).getId());
        }
        Element element4 = element.element(PRIVATE_OPTIONAL_CREDENTIALS);
        Iterator it3 = subjectTemplate.getPrivateOptionalCredentials().iterator();
        while (it3.hasNext()) {
            element4.addElement(CRED_TEMPLATE_ID).setText(((JGuardCredential) it3.next()).getId());
        }
        Element element5 = element.element(PUBLIC_OPTIONAL_CREDENTIALS);
        Iterator it4 = subjectTemplate.getPublicOptionalCredentials().iterator();
        while (it4.hasNext()) {
            element5.addElement(CRED_TEMPLATE_ID).setText(((JGuardCredential) it4.next()).getId());
        }
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager, net.sf.jguard.ext.JdbcManager
    public boolean isEmpty() {
        return this.root.selectNodes("//principal").isEmpty() || this.root.selectNodes("//users").isEmpty();
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager
    public Set getAllPrincipalsSet() {
        return this.principalsSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.core.authentication.manager.AuthenticationManager
    public Set findUsers(Collection collection) {
        HashSet hashSet = new HashSet();
        for (Subject subject : this.users) {
            Iterator it = collection.iterator();
            boolean z = true;
            while (it.hasNext()) {
                JGuardCredential jGuardCredential = (JGuardCredential) it.next();
                if (!subject.getPrivateCredentials().contains(jGuardCredential) && !subject.getPublicCredentials().contains(jGuardCredential)) {
                    z = false;
                }
            }
            if (z) {
                hashSet.add(subject);
            }
        }
        return hashSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.core.authentication.manager.AuthenticationManager
    public Set getUsers() {
        return this.users;
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager
    public void updatePrincipal(String str, Principal principal) {
        Principal principal2 = (Principal) this.principals.remove(str);
        if (principal2 == null) {
            logger.log(Level.WARNING, new StringBuffer().append(" principal ").append(str).append(" cannot be updated because it does not exists ").toString());
            return;
        }
        this.principalsSet.remove(principal2);
        this.principals.put(principal.getName(), principal);
        this.principalsSet.add(principal);
        try {
            XMLUtils.write(this.fileLocation, this.document);
        } catch (IOException e) {
            logger.log(Level.SEVERE, "updateRole(String, RolePrincipal)", (Throwable) e);
        }
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager
    public boolean deletePrincipal(Principal principal) throws AuthenticationException {
        Class cls;
        Principal principal2 = (Principal) this.principals.remove(principal.getName());
        if (principal2 == null) {
            return false;
        }
        this.principalsSet.remove(principal2);
        Element element = this.root.element(PRINCIPALS);
        element.remove((Element) element.selectSingleNode(new StringBuffer().append("//principal[name='").append(principal.getName()).append("']").toString()));
        Class<?> cls2 = principal2.getClass();
        if (class$net$sf$jguard$core$principals$RolePrincipal == null) {
            cls = class$("net.sf.jguard.core.principals.RolePrincipal");
            class$net$sf$jguard$core$principals$RolePrincipal = cls;
        } else {
            cls = class$net$sf$jguard$core$principals$RolePrincipal;
        }
        if (cls2.equals(cls)) {
            XMLUtils.deletePrincipalRefs(this.root, (RolePrincipal) principal2);
        }
        try {
            XMLUtils.write(this.fileLocation, this.document);
            return true;
        } catch (IOException e) {
            logger.log(Level.SEVERE, "deletePrincipal(String)", (Throwable) e);
            throw new AuthenticationException(e.getMessage());
        }
    }

    public String exportAsXMLString() {
        return this.document.asXML();
    }

    public void writeAsXML(OutputStream outputStream, String str) throws IOException {
        OutputFormat createPrettyPrint = OutputFormat.createPrettyPrint();
        createPrettyPrint.setEncoding(str);
        XMLWriter xMLWriter = new XMLWriter(outputStream, createPrettyPrint);
        xMLWriter.write(this.document);
        xMLWriter.flush();
    }

    public void writeAsHTML(OutputStream outputStream) throws IOException {
        HTMLWriter hTMLWriter = new HTMLWriter(outputStream, OutputFormat.createPrettyPrint());
        hTMLWriter.write(this.document);
        hTMLWriter.flush();
    }

    public void exportAsXMLFile(String str) throws IOException {
        XMLWriter xMLWriter = new XMLWriter(new FileWriter(str), OutputFormat.createPrettyPrint());
        xMLWriter.write(this.document);
        xMLWriter.close();
    }

    @Override // net.sf.jguard.core.authentication.manager.AuthenticationManager
    public void persistUserAccessAttempt(String str, String str2, String str3, boolean z, long j) throws AuthenticationException {
        System.out.println(" persistUserAccessAttempt not yet implemented  in XmlAuthenticationManager ");
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$ext$authentication$manager$XmlAuthenticationManager == null) {
            cls = class$("net.sf.jguard.ext.authentication.manager.XmlAuthenticationManager");
            class$net$sf$jguard$ext$authentication$manager$XmlAuthenticationManager = cls;
        } else {
            cls = class$net$sf$jguard$ext$authentication$manager$XmlAuthenticationManager;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
