package com.linecorp.centraldogma.server.internal.admin.authentication;

import com.github.benmanes.caffeine.cache.Caffeine;
import com.google.common.base.Preconditions;
import com.google.common.primitives.Ints;
import com.linecorp.centraldogma.server.internal.storage.repository.cache.RepositoryCache;
import com.linecorp.centraldogma.server.support.shiro.FileBasedSessionDAO;
import java.io.File;
import java.io.IOError;
import java.io.IOException;
import java.io.Serializable;
import java.time.Duration;
import java.util.Collection;
import java.util.List;
import java.util.Set;
import javax.annotation.Nullable;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.cache.AbstractCacheManager;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.config.Ini;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionManager;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.session.mgt.SimpleSession;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;

/* loaded from: input_file:com/linecorp/centraldogma/server/internal/admin/authentication/CentralDogmaSecurityManager.class */
public final class CentralDogmaSecurityManager implements SecurityManager {
    private final FileBasedSessionDAO sessionDao;
    private final CentralDogmaSessionManager sessionManager;
    private final SecurityManager delegate;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/linecorp/centraldogma/server/internal/admin/authentication/CentralDogmaSecurityManager$CaffeineCacheManager.class */
    public static final class CaffeineCacheManager extends AbstractCacheManager {
        private final Caffeine<Object, Object> caffeine;

        CaffeineCacheManager(String str) {
            this.caffeine = Caffeine.from(str);
        }

        protected Cache<?, ?> createCache(String str) {
            return new CaffeineCacheWrapper(this.caffeine);
        }
    }

    /* loaded from: input_file:com/linecorp/centraldogma/server/internal/admin/authentication/CentralDogmaSecurityManager$CaffeineCacheWrapper.class */
    private static final class CaffeineCacheWrapper implements Cache<Object, Object> {
        private final com.github.benmanes.caffeine.cache.Cache<Object, Object> cache;

        CaffeineCacheWrapper(Caffeine<Object, Object> caffeine) {
            this.cache = caffeine.build();
        }

        @Nullable
        public Object get(Object obj) {
            return this.cache.getIfPresent(obj);
        }

        @Nullable
        public Object put(Object obj, Object obj2) {
            Object ifPresent = this.cache.getIfPresent(obj);
            this.cache.put(obj, obj2);
            return ifPresent;
        }

        @Nullable
        public Object remove(Object obj) {
            Object ifPresent = this.cache.getIfPresent(obj);
            this.cache.invalidate(obj);
            return ifPresent;
        }

        public void clear() {
            this.cache.invalidateAll();
            this.cache.cleanUp();
        }

        public int size() {
            return Ints.saturatedCast(this.cache.estimatedSize());
        }

        public Set<Object> keys() {
            return this.cache.asMap().keySet();
        }

        public Collection<Object> values() {
            return this.cache.asMap().values();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/linecorp/centraldogma/server/internal/admin/authentication/CentralDogmaSecurityManager$CentralDogmaSessionManager.class */
    public static final class CentralDogmaSessionManager extends DefaultSessionManager {
        CentralDogmaSessionManager(SessionDAO sessionDAO, long j) {
            setSessionDAO(sessionDAO);
            setSessionValidationInterval(Duration.ofHours(1L).toMillis());
            setGlobalSessionTimeout(j);
        }

        protected synchronized void enableSessionValidation() {
            super.enableSessionValidation();
        }

        protected synchronized void disableSessionValidation() {
            super.disableSessionValidation();
        }
    }

    public CentralDogmaSecurityManager(File file, Ini ini, long j, final String str) {
        try {
            this.sessionDao = new FileBasedSessionDAO(new File(file, "_sessions").toPath());
            Preconditions.checkArgument(j > 0, "sessionTimeoutMillis: %s (expected: > 0)", j);
            this.sessionManager = new CentralDogmaSessionManager(this.sessionDao, j);
            RepositoryCache.validateCacheSpec(str);
            this.delegate = (SecurityManager) new IniSecurityManagerFactory(ini) { // from class: com.linecorp.centraldogma.server.internal.admin.authentication.CentralDogmaSecurityManager.1
                /* JADX INFO: Access modifiers changed from: protected */
                /* renamed from: createDefaultInstance, reason: merged with bridge method [inline-methods] */
                public SecurityManager m12createDefaultInstance() {
                    DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
                    defaultSecurityManager.setSessionManager(CentralDogmaSecurityManager.this.sessionManager);
                    defaultSecurityManager.setCacheManager(new CaffeineCacheManager(str));
                    return defaultSecurityManager;
                }
            }.getInstance();
        } catch (IOException e) {
            throw new IOError(e);
        }
    }

    public void enableSessionValidation() {
        this.sessionManager.setSessionValidationSchedulerEnabled(true);
        this.sessionManager.enableSessionValidation();
    }

    public void disableSessionValidation() {
        this.sessionManager.setSessionValidationSchedulerEnabled(false);
        this.sessionManager.disableSessionValidation();
    }

    public long globalSessionTimeout() {
        return this.sessionManager.getGlobalSessionTimeout();
    }

    public boolean sessionExists(String str) {
        return this.sessionDao.exists(str);
    }

    public SimpleSession getSerializableSession(String str) {
        return this.sessionDao.m87readSession((Serializable) str);
    }

    public void createSession(SimpleSession simpleSession) {
        this.sessionDao.create(simpleSession);
    }

    public void removeSession(String str) {
        this.sessionDao.delete(str);
    }

    public Subject login(Subject subject, AuthenticationToken authenticationToken) {
        return this.delegate.login(subject, authenticationToken);
    }

    public void logout(Subject subject) {
        this.delegate.logout(subject);
    }

    public Subject createSubject(SubjectContext subjectContext) {
        return this.delegate.createSubject(subjectContext);
    }

    public Session start(SessionContext sessionContext) {
        return this.sessionManager.start(sessionContext);
    }

    public Session getSession(SessionKey sessionKey) {
        return this.sessionManager.getSession(sessionKey);
    }

    public AuthenticationInfo authenticate(AuthenticationToken authenticationToken) {
        return this.delegate.authenticate(authenticationToken);
    }

    public boolean isPermitted(PrincipalCollection principalCollection, String str) {
        return this.delegate.isPermitted(principalCollection, str);
    }

    public boolean isPermitted(PrincipalCollection principalCollection, Permission permission) {
        return this.delegate.isPermitted(principalCollection, permission);
    }

    public boolean[] isPermitted(PrincipalCollection principalCollection, String... strArr) {
        return this.delegate.isPermitted(principalCollection, strArr);
    }

    public boolean[] isPermitted(PrincipalCollection principalCollection, List<Permission> list) {
        return this.delegate.isPermitted(principalCollection, list);
    }

    public boolean isPermittedAll(PrincipalCollection principalCollection, String... strArr) {
        return this.delegate.isPermittedAll(principalCollection, strArr);
    }

    public boolean isPermittedAll(PrincipalCollection principalCollection, Collection<Permission> collection) {
        return this.delegate.isPermittedAll(principalCollection, collection);
    }

    public void checkPermission(PrincipalCollection principalCollection, String str) {
        this.delegate.checkPermission(principalCollection, str);
    }

    public void checkPermission(PrincipalCollection principalCollection, Permission permission) {
        this.delegate.checkPermission(principalCollection, permission);
    }

    public void checkPermissions(PrincipalCollection principalCollection, String... strArr) {
        this.delegate.checkPermissions(principalCollection, strArr);
    }

    public void checkPermissions(PrincipalCollection principalCollection, Collection<Permission> collection) {
        this.delegate.checkPermissions(principalCollection, collection);
    }

    public boolean hasRole(PrincipalCollection principalCollection, String str) {
        return this.delegate.hasRole(principalCollection, str);
    }

    public boolean[] hasRoles(PrincipalCollection principalCollection, List<String> list) {
        return this.delegate.hasRoles(principalCollection, list);
    }

    public boolean hasAllRoles(PrincipalCollection principalCollection, Collection<String> collection) {
        return this.delegate.hasAllRoles(principalCollection, collection);
    }

    public void checkRole(PrincipalCollection principalCollection, String str) {
        this.delegate.checkRole(principalCollection, str);
    }

    public void checkRoles(PrincipalCollection principalCollection, Collection<String> collection) {
        this.delegate.checkRoles(principalCollection, collection);
    }

    public void checkRoles(PrincipalCollection principalCollection, String... strArr) {
        this.delegate.checkRoles(principalCollection, strArr);
    }
}
