package com.aliyun.odps.local.common.security;

import com.aliyun.odps.Odps;
import com.aliyun.odps.local.common.Constants;
import com.aliyun.odps.local.common.WareHouse;
import com.aliyun.odps.utils.ReflectionUtils;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.lang.reflect.Field;
import java.net.URL;
import java.security.Policy;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:com/aliyun/odps/local/common/security/SecurityClient.class */
public class SecurityClient {
    private static volatile SecurityClient securityClient;
    private String policyFilePath;
    private boolean isSecurityEnabled;
    private boolean isJNIEnabled;
    private String userDefinePolicy;
    private SecurityManager oldSecurityManager;
    private Policy oldPolicy;
    private ApplicatitionType appType;
    private List<String> appCodeBase;
    private Map<String, String> replacement;
    private static String lineSeperator = System.getProperty("line.separator", "\n");
    private static Map<String, Object> visitedPath = new HashMap();
    private static Object obj = new Object();

    private SecurityClient() {
    }

    private static synchronized SecurityClient getInstance() {
        if (securityClient == null) {
            securityClient = new SecurityClient();
        }
        return securityClient;
    }

    public static void init(ApplicatitionType applicatitionType, List<String> list, Map<String, String> map, boolean z, boolean z2, String str) {
        getInstance().appType = applicatitionType;
        getInstance().appCodeBase = list;
        getInstance().isSecurityEnabled = z;
        if (getInstance().isSecurityEnabled) {
            getInstance().isJNIEnabled = z2;
            if (str == null || str.length() < "permission".length()) {
                str = "";
            }
            if (str.startsWith("\"") && str.endsWith("\"")) {
                str = str.substring(1, str.length() - 1);
            } else if (str.startsWith("'") && str.endsWith("'")) {
                str = str.substring(1, str.length() - 1);
            }
            String trim = str.trim();
            if (!trim.isEmpty() && !trim.endsWith(";")) {
                trim = trim + ";";
            }
            if (getInstance().isJNIEnabled) {
                trim = trim + "permission java.lang.RuntimePermission \"loadLibrary.*\";";
                try {
                    if (WareHouse.getInstance().getOdps() != null && WareHouse.getInstance().getOdps().getDefaultProject() != null) {
                        addJavaLibPath(WareHouse.getInstance().getResourceDir(WareHouse.getInstance().getOdps().getDefaultProject()).getAbsolutePath());
                    }
                } catch (IOException e) {
                    System.err.println("Add java.library.path failed! " + e.getMessage());
                }
            }
            if (WareHouse.getInstance() != null && WareHouse.getInstance().getWarehouseDir() != null) {
                trim = trim + "permission java.io.FilePermission  \"" + WareHouse.getInstance().getWarehouseDir().getAbsolutePath() + File.separator + "-\" , \"read,write,delete\";";
            }
            if (WareHouse.getInstance() != null && WareHouse.getInstance().getJobDirStr() != null) {
                trim = trim + "permission java.io.FilePermission  \"" + WareHouse.getInstance().getJobDirStr() + File.separator + "-\" , \"read,write,delete\";";
            }
            getInstance().userDefinePolicy = trim;
            getInstance().replacement = map;
            copyPolicyFile();
        }
    }

    private static void copyPolicyFile() {
        String str;
        switch (getInstance().appType) {
            case MR:
                str = "mr.policy";
                break;
            case UDF:
                str = "udf.policy";
                break;
            default:
                str = "mr.policy";
                break;
        }
        StringBuffer stringBuffer = new StringBuffer();
        BufferedReader bufferedReader = null;
        try {
            try {
                bufferedReader = new BufferedReader(new InputStreamReader(SecurityClient.class.getClassLoader().getResourceAsStream(str)));
            } catch (FileNotFoundException e) {
                e.printStackTrace();
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
            } catch (IOException e3) {
                e3.printStackTrace();
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                        return;
                    } catch (IOException e4) {
                        e4.printStackTrace();
                        return;
                    }
                }
                return;
            }
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (IOException e5) {
                            e5.printStackTrace();
                        }
                    }
                    String handlePolicyTemplet = handlePolicyTemplet(stringBuffer.toString());
                    String str2 = null;
                    try {
                        str2 = WareHouse.getInstance().getJobDir().getJobDir() + File.separator + "temp." + str;
                    } catch (Exception e6) {
                    }
                    if (str2 == null) {
                        str2 = "temp." + str;
                    }
                    PrintWriter printWriter = null;
                    try {
                        try {
                            printWriter = new PrintWriter(str2);
                            printWriter.write(handlePolicyTemplet);
                            printWriter.flush();
                            if (printWriter != null) {
                                printWriter.close();
                            }
                        } catch (FileNotFoundException e7) {
                            e7.printStackTrace();
                            if (printWriter != null) {
                                printWriter.close();
                            }
                        }
                        getInstance().policyFilePath = str2;
                        return;
                    } catch (Throwable th) {
                        if (printWriter != null) {
                            printWriter.close();
                        }
                        throw th;
                    }
                }
                if (stringBuffer.length() > 0) {
                    stringBuffer.append(lineSeperator);
                }
                stringBuffer.append(readLine);
            }
        } catch (Throwable th2) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e8) {
                    e8.printStackTrace();
                }
            }
            throw th2;
        }
    }

    private static String handlePolicyTemplet(String str) {
        if (getInstance().replacement != null) {
            for (String str2 : getInstance().replacement.keySet()) {
                str = str.replaceAll(str2, getInstance().replacement.get(str2));
            }
        }
        String replace = str.replace("$USER_DEFINE$", getInstance().userDefinePolicy);
        visitedPath.clear();
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(grantAllPermission(ReflectionUtils.class.getProtectionDomain().getCodeSource().getLocation().getPath()));
        String path = Odps.class.getProtectionDomain().getCodeSource().getLocation().getPath();
        stringBuffer.append(lineSeperator);
        stringBuffer.append(grantAllPermission(path));
        String path2 = SecurityClient.class.getProtectionDomain().getCodeSource().getLocation().getPath();
        stringBuffer.append(lineSeperator);
        stringBuffer.append(grantAllPermission(path2));
        if (getInstance().appCodeBase != null) {
            for (String str3 : getInstance().appCodeBase) {
                stringBuffer.append(lineSeperator);
                stringBuffer.append(grantAllPermission(str3));
            }
        }
        return replace.replace("$FRAMEWORK_GRANT$", stringBuffer);
    }

    private static String grantAllPermission(String str) {
        if (visitedPath.containsKey(str)) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (str.endsWith(".jar")) {
            stringBuffer.append("grant codeBase \"file:");
            stringBuffer.append(str + "\"{");
            stringBuffer.append(lineSeperator);
            stringBuffer.append("permission java.security.AllPermission;");
            stringBuffer.append(lineSeperator);
            stringBuffer.append("};");
            stringBuffer.append(lineSeperator);
            visitedPath.put(str, obj);
            return stringBuffer.toString();
        }
        String str2 = str.endsWith(File.separator) ? str : str + File.separator;
        if (visitedPath.containsKey(str2)) {
            return stringBuffer.toString();
        }
        stringBuffer.append("grant codeBase \"file:");
        stringBuffer.append(str2 + "-\"{");
        stringBuffer.append(lineSeperator);
        stringBuffer.append("permission java.security.AllPermission;");
        stringBuffer.append(lineSeperator);
        stringBuffer.append("};");
        stringBuffer.append(lineSeperator);
        visitedPath.put(str2, obj);
        return stringBuffer.toString();
    }

    public static boolean isSecurityEnabled() {
        return getInstance().isSecurityEnabled;
    }

    public static boolean isJNIEnabled() {
        return getInstance().isJNIEnabled;
    }

    public static void open() {
        if (getInstance().isSecurityEnabled) {
            getInstance().oldPolicy = Policy.getPolicy();
            getInstance().oldSecurityManager = System.getSecurityManager();
            try {
                Policy.setPolicy((Policy) Class.forName("sun.security.provider.PolicyFile").getConstructor(URL.class).newInstance(new URL("file:" + getInstance().policyFilePath)));
                Policy.getPolicy().refresh();
                System.setSecurityManager(new DefaultSecurityManager());
            } catch (Exception e) {
                System.err.println("Your JVM not support local sandbox figture! " + e.getMessage());
            }
        }
    }

    public static void close() {
        if (getInstance().isSecurityEnabled) {
            System.setSecurityManager(getInstance().oldSecurityManager);
            Policy.setPolicy(getInstance().oldPolicy);
            Policy.getPolicy().refresh();
        }
    }

    private static void addJavaLibPath(String str) throws IOException {
        try {
            Field declaredField = ClassLoader.class.getDeclaredField("usr_paths");
            declaredField.setAccessible(true);
            String[] strArr = (String[]) declaredField.get(null);
            for (String str2 : strArr) {
                if (str.trim().equals(str2)) {
                    return;
                }
            }
            String[] strArr2 = new String[strArr.length + 1];
            System.arraycopy(strArr, 0, strArr2, 0, strArr.length);
            strArr2[strArr.length] = str;
            declaredField.set(null, strArr2);
        } catch (IllegalAccessException e) {
            throw new IOException(e.getMessage());
        } catch (NoSuchFieldException e2) {
            throw new IOException(e2.getMessage());
        }
    }

    public static void clear() {
        System.clearProperty(Constants.LOCAL_SECURITY_JNI_ENABLE);
        System.clearProperty(Constants.LOCAL_USER_DEFINE_POLICY);
        System.clearProperty(Constants.LOCAL_SECURITY_ENABLE);
    }

    public static void setIsSecurityEnabled(boolean z) {
        System.setProperty(Constants.LOCAL_SECURITY_ENABLE, z ? "true" : "false");
    }

    public static void setIsJNIEnabled(boolean z) {
        System.setProperty(Constants.LOCAL_SECURITY_ENABLE, z ? "true" : "false");
    }

    public static void setUserDefinePolicy(String str) {
        if (str != null) {
            System.setProperty(Constants.LOCAL_USER_DEFINE_POLICY, str);
        } else {
            System.clearProperty(Constants.LOCAL_USER_DEFINE_POLICY);
        }
    }
}
