package org.apache.nifi.web.security.spring;

import java.io.File;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import javax.xml.stream.XMLStreamReader;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.Schema;
import javax.xml.validation.SchemaFactory;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.authentication.AuthenticationResponse;
import org.apache.nifi.authentication.LoginCredentials;
import org.apache.nifi.authentication.LoginIdentityProvider;
import org.apache.nifi.authentication.LoginIdentityProviderConfigurationContext;
import org.apache.nifi.authentication.LoginIdentityProviderInitializationContext;
import org.apache.nifi.authentication.LoginIdentityProviderLookup;
import org.apache.nifi.authentication.annotation.LoginIdentityProviderContext;
import org.apache.nifi.authentication.exception.ProviderCreationException;
import org.apache.nifi.authentication.exception.ProviderDestructionException;
import org.apache.nifi.authentication.generated.LoginIdentityProviders;
import org.apache.nifi.authentication.generated.Property;
import org.apache.nifi.authentication.generated.Provider;
import org.apache.nifi.bundle.Bundle;
import org.apache.nifi.nar.ExtensionManager;
import org.apache.nifi.nar.NarCloseable;
import org.apache.nifi.properties.SensitivePropertyProviderFactoryAware;
import org.apache.nifi.security.xml.XmlUtils;
import org.apache.nifi.util.NiFiProperties;
import org.springframework.beans.factory.DisposableBean;
import org.springframework.beans.factory.FactoryBean;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/apache/nifi/web/security/spring/LoginIdentityProviderFactoryBean.class */
public class LoginIdentityProviderFactoryBean extends SensitivePropertyProviderFactoryAware implements FactoryBean, DisposableBean, LoginIdentityProviderLookup {
    private static final String LOGIN_IDENTITY_PROVIDERS_XSD = "/login-identity-providers.xsd";
    private static final String JAXB_GENERATED_PATH = "org.apache.nifi.authentication.generated";
    private static final JAXBContext JAXB_CONTEXT = initializeJaxbContext();
    private NiFiProperties properties;
    private ExtensionManager extensionManager;
    private LoginIdentityProvider loginIdentityProvider;
    private final Map<String, LoginIdentityProvider> loginIdentityProviders = new HashMap();

    private static JAXBContext initializeJaxbContext() {
        try {
            return JAXBContext.newInstance(JAXB_GENERATED_PATH, LoginIdentityProviderFactoryBean.class.getClassLoader());
        } catch (JAXBException e) {
            throw new RuntimeException("Unable to create JAXBContext.");
        }
    }

    public void setProperties(NiFiProperties niFiProperties) {
        this.properties = niFiProperties;
    }

    public LoginIdentityProvider getLoginIdentityProvider(String str) {
        return this.loginIdentityProviders.get(str);
    }

    public Object getObject() throws Exception {
        if (this.loginIdentityProvider == null) {
            String property = this.properties.getProperty("nifi.security.user.login.identity.provider");
            if (StringUtils.isNotBlank(property)) {
                LoginIdentityProviders loadLoginIdentityProvidersConfiguration = loadLoginIdentityProvidersConfiguration();
                for (Provider provider : loadLoginIdentityProvidersConfiguration.getProvider()) {
                    this.loginIdentityProviders.put(provider.getIdentifier(), createLoginIdentityProvider(provider.getIdentifier(), provider.getClazz()));
                }
                for (Provider provider2 : loadLoginIdentityProvidersConfiguration.getProvider()) {
                    this.loginIdentityProviders.get(provider2.getIdentifier()).onConfigured(loadLoginIdentityProviderConfiguration(provider2));
                }
                this.loginIdentityProvider = getLoginIdentityProvider(property);
                if (this.loginIdentityProvider == null) {
                    throw new Exception(String.format("The specified login identity provider '%s' could not be found.", property));
                }
            }
        }
        return this.loginIdentityProvider;
    }

    private LoginIdentityProviders loadLoginIdentityProvidersConfiguration() throws Exception {
        File loginIdentityProviderConfigurationFile = this.properties.getLoginIdentityProviderConfigurationFile();
        if (!loginIdentityProviderConfigurationFile.exists()) {
            throw new Exception("Unable to find the login identity provider configuration file at " + loginIdentityProviderConfigurationFile.getAbsolutePath());
        }
        try {
            Schema newSchema = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema").newSchema(LoginIdentityProviders.class.getResource(LOGIN_IDENTITY_PROVIDERS_XSD));
            XMLStreamReader createSafeReader = XmlUtils.createSafeReader(new StreamSource(loginIdentityProviderConfigurationFile));
            Unmarshaller createUnmarshaller = JAXB_CONTEXT.createUnmarshaller();
            createUnmarshaller.setSchema(newSchema);
            return (LoginIdentityProviders) createUnmarshaller.unmarshal(createSafeReader, LoginIdentityProviders.class).getValue();
        } catch (SAXException | JAXBException e) {
            throw new Exception("Unable to load the login identity provider configuration file at: " + loginIdentityProviderConfigurationFile.getAbsolutePath());
        }
    }

    private LoginIdentityProvider createLoginIdentityProvider(String str, String str2) throws Exception {
        List bundles = this.extensionManager.getBundles(str2);
        if (bundles.size() == 0) {
            throw new Exception(String.format("The specified login identity provider class '%s' is not known to this nifi.", str2));
        }
        if (bundles.size() > 1) {
            throw new Exception(String.format("Multiple bundles found for the specified login identity provider class '%s', only one is allowed.", str2));
        }
        ClassLoader classLoader = ((Bundle) bundles.get(0)).getClassLoader();
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        try {
            Thread.currentThread().setContextClassLoader(classLoader);
            Class asSubclass = Class.forName(str2, true, classLoader).asSubclass(LoginIdentityProvider.class);
            LoginIdentityProvider loginIdentityProvider = (LoginIdentityProvider) asSubclass.getConstructor(new Class[0]).newInstance(new Object[0]);
            performMethodInjection(loginIdentityProvider, asSubclass);
            performFieldInjection(loginIdentityProvider, asSubclass);
            loginIdentityProvider.initialize(new StandardLoginIdentityProviderInitializationContext(str, this));
            if (contextClassLoader != null) {
                Thread.currentThread().setContextClassLoader(contextClassLoader);
            }
            return withNarLoader(loginIdentityProvider);
        } catch (Throwable th) {
            if (contextClassLoader != null) {
                Thread.currentThread().setContextClassLoader(contextClassLoader);
            }
            throw th;
        }
    }

    private LoginIdentityProviderConfigurationContext loadLoginIdentityProviderConfiguration(Provider provider) {
        HashMap hashMap = new HashMap();
        for (Property property : provider.getProperty()) {
            if (StringUtils.isBlank(property.getEncryption())) {
                hashMap.put(property.getName(), property.getValue());
            } else {
                hashMap.put(property.getName(), decryptValue(property.getValue(), property.getEncryption(), property.getName(), provider.getIdentifier()));
            }
        }
        return new StandardLoginIdentityProviderConfigurationContext(provider.getIdentifier(), hashMap);
    }

    private void performMethodInjection(LoginIdentityProvider loginIdentityProvider, Class cls) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        Method[] methods = cls.getMethods();
        int length = methods.length;
        for (int i = 0; i < length; i++) {
            Method method = methods[i];
            if (method.isAnnotationPresent(LoginIdentityProviderContext.class)) {
                boolean isAccessible = method.isAccessible();
                method.setAccessible(true);
                try {
                    Class<?>[] parameterTypes = method.getParameterTypes();
                    if (parameterTypes.length == 1 && NiFiProperties.class.isAssignableFrom(parameterTypes[0])) {
                        method.invoke(loginIdentityProvider, this.properties);
                    }
                } finally {
                    method.setAccessible(isAccessible);
                }
            }
        }
        Class superclass = cls.getSuperclass();
        if (superclass == null || !LoginIdentityProvider.class.isAssignableFrom(superclass)) {
            return;
        }
        performMethodInjection(loginIdentityProvider, superclass);
    }

    private void performFieldInjection(LoginIdentityProvider loginIdentityProvider, Class cls) throws IllegalArgumentException, IllegalAccessException {
        Field[] declaredFields = cls.getDeclaredFields();
        int length = declaredFields.length;
        for (int i = 0; i < length; i++) {
            Field field = declaredFields[i];
            if (field.isAnnotationPresent(LoginIdentityProviderContext.class)) {
                boolean isAccessible = field.isAccessible();
                field.setAccessible(true);
                try {
                    Class<?> type = field.getType();
                    if (field.get(loginIdentityProvider) == null && NiFiProperties.class.isAssignableFrom(type)) {
                        field.set(loginIdentityProvider, this.properties);
                    }
                } finally {
                    field.setAccessible(isAccessible);
                }
            }
        }
        Class superclass = cls.getSuperclass();
        if (superclass == null || !LoginIdentityProvider.class.isAssignableFrom(superclass)) {
            return;
        }
        performFieldInjection(loginIdentityProvider, superclass);
    }

    private LoginIdentityProvider withNarLoader(final LoginIdentityProvider loginIdentityProvider) {
        return new LoginIdentityProvider() { // from class: org.apache.nifi.web.security.spring.LoginIdentityProviderFactoryBean.1
            public AuthenticationResponse authenticate(LoginCredentials loginCredentials) {
                NarCloseable withNarLoader = NarCloseable.withNarLoader();
                Throwable th = null;
                try {
                    try {
                        AuthenticationResponse authenticate = loginIdentityProvider.authenticate(loginCredentials);
                        if (withNarLoader != null) {
                            if (0 != 0) {
                                try {
                                    withNarLoader.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                withNarLoader.close();
                            }
                        }
                        return authenticate;
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (withNarLoader != null) {
                        if (th != null) {
                            try {
                                withNarLoader.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            withNarLoader.close();
                        }
                    }
                    throw th3;
                }
            }

            public void initialize(LoginIdentityProviderInitializationContext loginIdentityProviderInitializationContext) throws ProviderCreationException {
                NarCloseable withNarLoader = NarCloseable.withNarLoader();
                Throwable th = null;
                try {
                    try {
                        loginIdentityProvider.initialize(loginIdentityProviderInitializationContext);
                        if (withNarLoader != null) {
                            if (0 == 0) {
                                withNarLoader.close();
                                return;
                            }
                            try {
                                withNarLoader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (withNarLoader != null) {
                        if (th != null) {
                            try {
                                withNarLoader.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            withNarLoader.close();
                        }
                    }
                    throw th4;
                }
            }

            public void onConfigured(LoginIdentityProviderConfigurationContext loginIdentityProviderConfigurationContext) throws ProviderCreationException {
                NarCloseable withNarLoader = NarCloseable.withNarLoader();
                Throwable th = null;
                try {
                    try {
                        loginIdentityProvider.onConfigured(loginIdentityProviderConfigurationContext);
                        if (withNarLoader != null) {
                            if (0 == 0) {
                                withNarLoader.close();
                                return;
                            }
                            try {
                                withNarLoader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (withNarLoader != null) {
                        if (th != null) {
                            try {
                                withNarLoader.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            withNarLoader.close();
                        }
                    }
                    throw th4;
                }
            }

            public void preDestruction() throws ProviderDestructionException {
                NarCloseable withNarLoader = NarCloseable.withNarLoader();
                Throwable th = null;
                try {
                    loginIdentityProvider.preDestruction();
                    if (withNarLoader != null) {
                        if (0 == 0) {
                            withNarLoader.close();
                            return;
                        }
                        try {
                            withNarLoader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                } catch (Throwable th3) {
                    if (withNarLoader != null) {
                        if (0 != 0) {
                            try {
                                withNarLoader.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            withNarLoader.close();
                        }
                    }
                    throw th3;
                }
            }
        };
    }

    public Class getObjectType() {
        return LoginIdentityProvider.class;
    }

    public boolean isSingleton() {
        return true;
    }

    public void destroy() throws Exception {
        if (this.loginIdentityProvider != null) {
            this.loginIdentityProvider.preDestruction();
        }
    }

    public void setExtensionManager(ExtensionManager extensionManager) {
        this.extensionManager = extensionManager;
    }
}
