package org.apache.nifi.web.security.spring;

import org.apache.nifi.util.NiFiProperties;
import org.apache.nifi.web.security.kerberos.AlternateKerberosUserDetailsService;
import org.apache.nifi.web.security.kerberos.KerberosService;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.core.io.FileSystemResource;
import org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider;
import org.springframework.security.kerberos.authentication.KerberosTicketValidator;
import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator;

/* loaded from: input_file:org/apache/nifi/web/security/spring/KerberosServiceFactoryBean.class */
public class KerberosServiceFactoryBean implements FactoryBean<KerberosService> {
    private KerberosService kerberosService = null;
    private NiFiProperties properties = null;

    /* renamed from: getObject, reason: merged with bridge method [inline-methods] */
    public KerberosService m8getObject() throws Exception {
        if (this.kerberosService == null && this.properties.isKerberosServiceSupportEnabled()) {
            this.kerberosService = new KerberosService();
            this.kerberosService.setKerberosServiceAuthenticationProvider(createKerberosServiceAuthenticationProvider());
        }
        return this.kerberosService;
    }

    public Class<?> getObjectType() {
        return KerberosService.class;
    }

    public boolean isSingleton() {
        return true;
    }

    public void setProperties(NiFiProperties niFiProperties) {
        this.properties = niFiProperties;
    }

    private KerberosServiceAuthenticationProvider createKerberosServiceAuthenticationProvider() throws Exception {
        KerberosServiceAuthenticationProvider kerberosServiceAuthenticationProvider = new KerberosServiceAuthenticationProvider();
        kerberosServiceAuthenticationProvider.setTicketValidator(createTicketValidator());
        kerberosServiceAuthenticationProvider.setUserDetailsService(createAlternateKerberosUserDetailsService());
        kerberosServiceAuthenticationProvider.afterPropertiesSet();
        return kerberosServiceAuthenticationProvider;
    }

    private AlternateKerberosUserDetailsService createAlternateKerberosUserDetailsService() {
        return new AlternateKerberosUserDetailsService();
    }

    private KerberosTicketValidator createTicketValidator() throws Exception {
        SunJaasKerberosTicketValidator sunJaasKerberosTicketValidator = new SunJaasKerberosTicketValidator();
        sunJaasKerberosTicketValidator.setServicePrincipal(this.properties.getKerberosServicePrincipal());
        sunJaasKerberosTicketValidator.setKeyTabLocation(new FileSystemResource(this.properties.getKerberosKeytabLocation()));
        sunJaasKerberosTicketValidator.afterPropertiesSet();
        return sunJaasKerberosTicketValidator;
    }
}
