package org.sonatype.nexus.internal.security.apikey;

import com.google.common.base.Preconditions;
import com.google.common.eventbus.AllowConcurrentEvents;
import com.google.common.eventbus.Subscribe;
import com.orientechnologies.orient.core.db.ODatabaseDocumentInternal;
import com.orientechnologies.orient.core.db.ODatabaseRecordThreadLocal;
import com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.sonatype.nexus.common.app.ManagedLifecycle;
import org.sonatype.nexus.common.event.EventAware;
import org.sonatype.nexus.common.stateguard.Guarded;
import org.sonatype.nexus.common.stateguard.StateGuardLifecycleSupport;
import org.sonatype.nexus.orient.DatabaseInstance;
import org.sonatype.nexus.security.UserPrincipalsExpired;
import org.sonatype.nexus.security.UserPrincipalsHelper;
import org.sonatype.nexus.security.authc.apikey.ApiKeyFactory;
import org.sonatype.nexus.security.authc.apikey.ApiKeyStore;
import org.sonatype.nexus.security.user.UserNotFoundException;

@Singleton
@ManagedLifecycle(phase = ManagedLifecycle.Phase.SERVICES)
@Named
/* loaded from: input_file:org/sonatype/nexus/internal/security/apikey/ApiKeyStoreImpl.class */
public class ApiKeyStoreImpl extends StateGuardLifecycleSupport implements ApiKeyStore, EventAware {
    private final Provider<DatabaseInstance> databaseInstance;
    private final ApiKeyEntityAdapter entityAdapter;
    private final UserPrincipalsHelper principalsHelper;
    private final Map<String, ApiKeyFactory> apiKeyFactories;
    private final DefaultApiKeyFactory defaultApiKeyFactory;

    @Inject
    public ApiKeyStoreImpl(@Named("security") Provider<DatabaseInstance> provider, ApiKeyEntityAdapter apiKeyEntityAdapter, UserPrincipalsHelper userPrincipalsHelper, Map<String, ApiKeyFactory> map, DefaultApiKeyFactory defaultApiKeyFactory) {
        this.databaseInstance = (Provider) Preconditions.checkNotNull(provider);
        this.entityAdapter = (ApiKeyEntityAdapter) Preconditions.checkNotNull(apiKeyEntityAdapter);
        this.principalsHelper = (UserPrincipalsHelper) Preconditions.checkNotNull(userPrincipalsHelper);
        this.apiKeyFactories = (Map) Preconditions.checkNotNull(map);
        this.defaultApiKeyFactory = (DefaultApiKeyFactory) Preconditions.checkNotNull(defaultApiKeyFactory);
    }

    protected void doStart() throws Exception {
        Throwable th = null;
        try {
            ODatabaseDocumentTx connect = ((DatabaseInstance) this.databaseInstance.get()).connect();
            try {
                this.entityAdapter.register(connect);
                if (connect != null) {
                    connect.close();
                }
            } catch (Throwable th2) {
                if (connect != null) {
                    connect.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    @Guarded(by = {"STARTED"})
    public char[] createApiKey(String str, PrincipalCollection principalCollection) {
        Preconditions.checkNotNull(str);
        Preconditions.checkNotNull(principalCollection);
        char[] makeApiKey = makeApiKey(str, principalCollection);
        ApiKey apiKey = new ApiKey();
        apiKey.setDomain(str);
        apiKey.setApiKey(makeApiKey);
        apiKey.setPrincipals(principalCollection);
        Throwable th = null;
        try {
            ODatabaseDocumentTx openDb = openDb();
            try {
                this.entityAdapter.addEntity(openDb, apiKey);
                if (openDb != null) {
                    openDb.close();
                }
                return makeApiKey;
            } catch (Throwable th2) {
                if (openDb != null) {
                    openDb.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Guarded(by = {"STARTED"})
    @Nullable
    public char[] getApiKey(String str, PrincipalCollection principalCollection) {
        Throwable th = null;
        try {
            ODatabaseDocumentTx openDb = openDb();
            try {
                for (ApiKey apiKey : findByPrimaryPrincipal(openDb, principalCollection)) {
                    if (apiKey.getDomain().equals(str)) {
                        char[] apiKey2 = apiKey.getApiKey();
                        if (openDb != null) {
                            openDb.close();
                        }
                        return apiKey2;
                    }
                }
                if (openDb == null) {
                    return null;
                }
                openDb.close();
                return null;
            } catch (Throwable th2) {
                if (openDb != null) {
                    openDb.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    @Guarded(by = {"STARTED"})
    @Nullable
    public PrincipalCollection getPrincipals(String str, char[] cArr) {
        Throwable th = null;
        try {
            ODatabaseDocumentTx openDb = openDb();
            try {
                ApiKey findByApiKey = this.entityAdapter.findByApiKey(openDb, str, (char[]) Preconditions.checkNotNull(cArr));
                return findByApiKey == null ? null : findByApiKey.getPrincipals();
            } finally {
                if (openDb != null) {
                    openDb.close();
                }
            }
        } catch (Throwable th2) {
            if (0 == 0) {
                th = th2;
            } else if (null != th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Guarded(by = {"STARTED"})
    public void deleteApiKey(String str, PrincipalCollection principalCollection) {
        Throwable th = null;
        try {
            ODatabaseDocumentTx openDb = openDb();
            try {
                for (ApiKey apiKey : findByPrimaryPrincipal(openDb, principalCollection)) {
                    if (apiKey.getDomain().equals(str)) {
                        this.entityAdapter.deleteEntity(openDb, apiKey);
                    }
                }
                if (openDb != null) {
                    openDb.close();
                }
            } catch (Throwable th2) {
                if (openDb != null) {
                    openDb.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Guarded(by = {"STARTED"})
    public void deleteApiKeys(PrincipalCollection principalCollection) {
        Throwable th = null;
        try {
            ODatabaseDocumentTx openDb = openDb();
            try {
                Iterator<ApiKey> it = findByPrimaryPrincipal(openDb, principalCollection).iterator();
                while (it.hasNext()) {
                    this.entityAdapter.deleteEntity(openDb, it.next());
                }
                if (openDb != null) {
                    openDb.close();
                }
            } catch (Throwable th2) {
                if (openDb != null) {
                    openDb.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Guarded(by = {"STARTED"})
    public void purgeApiKeys() {
        Throwable th = null;
        try {
            ODatabaseDocumentTx openDb = openDb();
            try {
                ArrayList arrayList = new ArrayList();
                for (ApiKey apiKey : this.entityAdapter.browse.execute(openDb)) {
                    ODatabaseRecordThreadLocal.INSTANCE.set((ODatabaseDocumentInternal) null);
                    try {
                        try {
                            this.principalsHelper.getUserStatus(apiKey.getPrincipals());
                        } catch (UserNotFoundException e) {
                            this.log.debug("Stale user found", e);
                            arrayList.add(apiKey);
                            ODatabaseRecordThreadLocal.INSTANCE.set(openDb);
                        }
                    } finally {
                        ODatabaseRecordThreadLocal.INSTANCE.set(openDb);
                    }
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    this.entityAdapter.deleteEntity(openDb, (ApiKey) it.next());
                }
                if (openDb != null) {
                    openDb.close();
                }
            } catch (Throwable th2) {
                if (openDb != null) {
                    openDb.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    @Subscribe
    @AllowConcurrentEvents
    public void on(UserPrincipalsExpired userPrincipalsExpired) {
        String userId = userPrincipalsExpired.getUserId();
        if (userId != null) {
            deleteApiKeys(new SimplePrincipalCollection(userId, userPrincipalsExpired.getSource()));
        } else {
            purgeApiKeys();
        }
    }

    private ODatabaseDocumentTx openDb() {
        return ((DatabaseInstance) this.databaseInstance.get()).acquire();
    }

    private Iterable<ApiKey> findByPrimaryPrincipal(ODatabaseDocumentTx oDatabaseDocumentTx, PrincipalCollection principalCollection) {
        return this.entityAdapter.browseByPrimaryPrincipal.execute(oDatabaseDocumentTx, ((PrincipalCollection) Preconditions.checkNotNull(principalCollection)).getPrimaryPrincipal().toString());
    }

    private char[] makeApiKey(String str, PrincipalCollection principalCollection) {
        ApiKeyFactory apiKeyFactory = this.apiKeyFactories.get(str);
        return apiKeyFactory != null ? (char[]) Preconditions.checkNotNull(apiKeyFactory.makeApiKey(principalCollection)) : this.defaultApiKeyFactory.makeApiKey(principalCollection);
    }
}
