package org.apache.geode.distributed.internal.membership.gms.auth;

import java.security.Principal;
import java.util.Properties;
import org.apache.commons.lang.StringUtils;
import org.apache.geode.distributed.DistributedMember;
import org.apache.geode.distributed.internal.membership.InternalDistributedMember;
import org.apache.geode.distributed.internal.membership.NetView;
import org.apache.geode.distributed.internal.membership.gms.Services;
import org.apache.geode.distributed.internal.membership.gms.interfaces.Authenticator;
import org.apache.geode.internal.cache.tier.sockets.HandShake;
import org.apache.geode.internal.i18n.LocalizedStrings;
import org.apache.geode.internal.logging.InternalLogWriter;
import org.apache.geode.internal.security.CallbackInstantiator;
import org.apache.geode.internal.security.SecurityService;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.geode.security.GemFireSecurityException;
import org.apache.geode.security.ResourcePermission;

/* loaded from: input_file:org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.class */
public class GMSAuthenticator implements Authenticator {
    private Services services;
    private Properties securityProps;

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void init(Services services) {
        this.services = services;
        this.securityProps = this.services.getConfig().getDistributionConfig().getSecurityProps();
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void start() {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void started() {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void stop() {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void stopped() {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void installView(NetView netView) {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void beSick() {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void playDead() {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void beHealthy() {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void memberSuspected(InternalDistributedMember internalDistributedMember, InternalDistributedMember internalDistributedMember2, String str) {
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Authenticator
    public String authenticate(InternalDistributedMember internalDistributedMember, Properties properties) throws AuthenticationFailedException {
        return authenticate(internalDistributedMember, properties, this.securityProps);
    }

    String authenticate(DistributedMember distributedMember, Properties properties, Properties properties2) throws AuthenticationFailedException {
        SecurityService securityService = this.services.getSecurityService();
        String property = properties2.getProperty("security-peer-authenticator");
        if (!securityService.isPeerSecurityRequired() && StringUtils.isBlank(property)) {
            return null;
        }
        InternalLogWriter securityLogWriter = this.services.getSecurityLogWriter();
        if (properties == null) {
            securityLogWriter.warning(LocalizedStrings.AUTH_PEER_AUTHENTICATION_MISSING_CREDENTIALS, distributedMember);
            return LocalizedStrings.AUTH_PEER_AUTHENTICATION_MISSING_CREDENTIALS.toLocalizedString(distributedMember);
        }
        String str = null;
        try {
            if (securityService.isIntegratedSecurity()) {
                securityService.login(properties);
                securityService.authorize(ResourcePermission.Resource.CLUSTER, ResourcePermission.Operation.MANAGE);
            } else {
                invokeAuthenticator(properties2, distributedMember, properties);
            }
        } catch (Exception e) {
            securityLogWriter.warning(LocalizedStrings.AUTH_PEER_AUTHENTICATION_FAILED_WITH_EXCEPTION, new Object[]{distributedMember, e.getLocalizedMessage()}, (Throwable) e);
            str = LocalizedStrings.AUTH_PEER_AUTHENTICATION_FAILED.toLocalizedString(e.getLocalizedMessage());
        }
        return str;
    }

    Principal invokeAuthenticator(Properties properties, DistributedMember distributedMember, Properties properties2) throws AuthenticationFailedException {
        org.apache.geode.security.Authenticator authenticator = null;
        try {
            try {
                authenticator = (org.apache.geode.security.Authenticator) CallbackInstantiator.getObjectOfType(properties.getProperty("security-peer-authenticator"), org.apache.geode.security.Authenticator.class);
                authenticator.init(this.securityProps, this.services.getLogWriter(), this.services.getSecurityLogWriter());
                Principal authenticate = authenticator.authenticate(properties2, distributedMember);
                if (authenticator != null) {
                    authenticator.close();
                }
                return authenticate;
            } catch (GemFireSecurityException e) {
                throw e;
            } catch (Exception e2) {
                throw new AuthenticationFailedException(LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), e2);
            }
        } catch (Throwable th) {
            if (authenticator != null) {
                authenticator.close();
            }
            throw th;
        }
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Authenticator
    public Properties getCredentials(InternalDistributedMember internalDistributedMember) {
        try {
            return getCredentials(internalDistributedMember, this.securityProps);
        } catch (Exception e) {
            this.services.getSecurityLogWriter().warning(LocalizedStrings.AUTH_FAILED_TO_OBTAIN_CREDENTIALS_IN_0_USING_AUTHINITIALIZE_1_2, new Object[]{this.securityProps.getProperty("security-peer-auth-init"), e.getLocalizedMessage()});
            return null;
        }
    }

    Properties getCredentials(DistributedMember distributedMember, Properties properties) {
        return HandShake.getCredentials(properties.getProperty("security-peer-auth-init"), properties, distributedMember, true, this.services.getLogWriter(), this.services.getSecurityLogWriter());
    }

    Properties getSecurityProps() {
        return this.securityProps;
    }

    @Override // org.apache.geode.distributed.internal.membership.gms.interfaces.Service
    public void emergencyClose() {
    }
}
