package org.wso2.carbon.security.caas.internal.config;

import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.HashSet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.security.caas.jaas.util.CarbonSecurityConstants;
import org.yaml.snakeyaml.Yaml;
import org.yaml.snakeyaml.introspector.BeanAccess;

/* loaded from: input_file:org/wso2/carbon/security/caas/internal/config/SecurityConfigBuilder.class */
public class SecurityConfigBuilder {
    private static final Logger log = LoggerFactory.getLogger(SecurityConfigBuilder.class);

    private SecurityConfigBuilder() {
    }

    public static DefaultPermissionInfoCollection buildDefaultPermissionInfoCollection() {
        DefaultPermissionInfoCollection defaultPermissionInfoCollection;
        Path path = Paths.get(CarbonSecurityConstants.getCarbonHomeDirectory().toString(), "conf", "security", CarbonSecurityConstants.PERMISSION_CONFIG_FILE);
        if (Files.exists(path, new LinkOption[0])) {
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(Files.newInputStream(path, new OpenOption[0]), StandardCharsets.ISO_8859_1);
                Throwable th = null;
                try {
                    try {
                        Yaml yaml = new Yaml();
                        yaml.setBeanAccess(BeanAccess.FIELD);
                        defaultPermissionInfoCollection = (DefaultPermissionInfoCollection) yaml.loadAs(inputStreamReader, DefaultPermissionInfoCollection.class);
                        if (inputStreamReader != null) {
                            if (0 != 0) {
                                try {
                                    inputStreamReader.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                inputStreamReader.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (IOException e) {
                throw new RuntimeException("Error while loading permissions.yml configuration file", e);
            }
        } else {
            log.warn("permissions.yml file is not available. Starting server with default permissions.");
            defaultPermissionInfoCollection = getDefault();
        }
        return defaultPermissionInfoCollection;
    }

    private static DefaultPermissionInfoCollection getDefault() {
        HashSet hashSet = new HashSet();
        hashSet.add(new DefaultPermissionInfo("javax.security.auth.AuthPermission", "createLoginContext", null));
        hashSet.add(new DefaultPermissionInfo("javax.security.auth.AuthPermission", "doAsPrivileged", null));
        hashSet.add(new DefaultPermissionInfo("javax.security.auth.AuthPermission", "modifyPrincipals", null));
        hashSet.add(new DefaultPermissionInfo("javax.security.auth.AuthPermission", "createLoginContext.CarbonSecurityConfig", null));
        hashSet.add(new DefaultPermissionInfo("javax.security.auth.AuthPermission", "getUserName", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "accessClassInPackage.sun.security.provider", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "getProtectionDomain", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "createSecurityManager", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "setSecurityManager", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "getClassLoader", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "accessDeclaredMembers", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "setContextClassLoader", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.RuntimePermission", "accessClassInPackage.sun.reflect.generics.reflectiveObjects", ""));
        hashSet.add(new DefaultPermissionInfo("java.io.FilePermission", "<<ALL FILES>>", "read,write,delete,execute"));
        hashSet.add(new DefaultPermissionInfo("org.osgi.framework.AdaptPermission", "(adaptClass=org.osgi.framework.wiring.*)", "adapt"));
        hashSet.add(new DefaultPermissionInfo("org.osgi.framework.AdaptPermission", "(adaptClass=org.eclipse.osgi.container.Module)", "adapt"));
        hashSet.add(new DefaultPermissionInfo("javax.management.MBeanServerPermission", "createMBeanServer", null));
        hashSet.add(new DefaultPermissionInfo("javax.management.MBeanPermission", "-#-[-]", "queryNames"));
        hashSet.add(new DefaultPermissionInfo("java.net.SocketPermission", "*", "accept,connect,listen,resolve"));
        hashSet.add(new DefaultPermissionInfo("java.net.NetPermission", "specifyStreamHandler", null));
        hashSet.add(new DefaultPermissionInfo("java.lang.reflect.ReflectPermission", "suppressAccessChecks", null));
        hashSet.add(new DefaultPermissionInfo("org.osgi.framework.AdminPermission", "*", "*"));
        hashSet.add(new DefaultPermissionInfo("org.osgi.framework.BundlePermission", "*", "host,provide,fragment"));
        hashSet.add(new DefaultPermissionInfo("java.util.PropertyPermission", "*", "read,write"));
        hashSet.add(new DefaultPermissionInfo("java.lang.management.ManagementPermission", "control", null));
        hashSet.add(new DefaultPermissionInfo("java.util.logging.LoggingPermission", "control", null));
        hashSet.add(new DefaultPermissionInfo("java.security.SecurityPermission", "setPolicy", null));
        hashSet.add(new DefaultPermissionInfo("org.osgi.framework.PackagePermission", "*", "exportonly,import"));
        hashSet.add(new DefaultPermissionInfo("org.osgi.framework.ServicePermission", "*", "get,register"));
        DefaultPermissionInfoCollection defaultPermissionInfoCollection = new DefaultPermissionInfoCollection();
        defaultPermissionInfoCollection.setPermissions(hashSet);
        return defaultPermissionInfoCollection;
    }
}
