package org.wildfly.security.auth.provider;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.atomic.AtomicReference;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.principal.NamePrincipal;
import org.wildfly.security.auth.server.CredentialSupport;
import org.wildfly.security.auth.server.RealmIdentity;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.password.interfaces.DigestPassword;
import org.wildfly.security.password.spec.ClearPasswordSpec;
import org.wildfly.security.password.spec.DigestPasswordAlgorithmSpec;
import org.wildfly.security.password.spec.DigestPasswordSpec;
import org.wildfly.security.password.spec.EncryptablePasswordSpec;
import org.wildfly.security.util.ByteIterator;

/* loaded from: input_file:org/wildfly/security/auth/provider/LegacyPropertiesSecurityRealm.class */
public class LegacyPropertiesSecurityRealm implements SecurityRealm {
    private static final String COMMENT_PREFIX = "#";
    private static final String REALM_COMMENT_PREFIX = "$REALM_NAME=";
    private static final String REALM_COMMENT_SUFFIX = "$";
    private static final Pattern HASHED_PATTERN = Pattern.compile("#??([^#]*)=(([\\da-f]{2})+)$");
    private static final Pattern PLAIN_PATTERN = Pattern.compile("#??([^#]*)=([^=]*)");
    private final boolean plainText;
    private final AtomicReference<LoadedState> loadedState;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/wildfly/security/auth/provider/LegacyPropertiesSecurityRealm$AccountEntry.class */
    public class AccountEntry {
        private final String name;
        private final String passwordRepresentation;
        private final String groups;

        private AccountEntry(String str, String str2, String str3) {
            this.name = str;
            this.passwordRepresentation = str2;
            this.groups = str3;
        }

        public String getName() {
            return this.name;
        }

        public String getPasswordRepresentation() {
            return this.passwordRepresentation;
        }

        public String[] getGroups() {
            return null;
        }
    }

    /* loaded from: input_file:org/wildfly/security/auth/provider/LegacyPropertiesSecurityRealm$Builder.class */
    public static class Builder {
        private InputStream passwordsStream;
        private InputStream groupsStream;
        private boolean plainText;

        private Builder() {
        }

        public Builder setPasswordsStream(InputStream inputStream) {
            this.passwordsStream = inputStream;
            return this;
        }

        public Builder setGroupsStream(InputStream inputStream) {
            this.groupsStream = inputStream;
            return this;
        }

        public Builder setPlainText(boolean z) {
            this.plainText = z;
            return this;
        }

        public LegacyPropertiesSecurityRealm build() throws IOException {
            LegacyPropertiesSecurityRealm legacyPropertiesSecurityRealm = new LegacyPropertiesSecurityRealm(this);
            legacyPropertiesSecurityRealm.load(this.passwordsStream, this.groupsStream);
            return legacyPropertiesSecurityRealm;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/wildfly/security/auth/provider/LegacyPropertiesSecurityRealm$LoadedState.class */
    public static class LoadedState {
        private final Map<String, AccountEntry> accounts;
        private final String realmName;
        private final long loadTime;

        private LoadedState(Map<String, AccountEntry> map, String str, long j) {
            this.accounts = map;
            this.realmName = str;
            this.loadTime = j;
        }

        public Map<String, AccountEntry> getAccounts() {
            return this.accounts;
        }

        public String getRealmName() {
            return this.realmName;
        }

        public long getLoadTime() {
            return this.loadTime;
        }
    }

    /* loaded from: input_file:org/wildfly/security/auth/provider/LegacyPropertiesSecurityRealm$PropertiesAuthorizationIdentity.class */
    private class PropertiesAuthorizationIdentity implements AuthorizationIdentity {
        private final Principal principal;

        private PropertiesAuthorizationIdentity(Principal principal) {
            this.principal = principal;
        }
    }

    private LegacyPropertiesSecurityRealm(Builder builder) throws IOException {
        this.loadedState = new AtomicReference<>();
        this.plainText = builder.plainText;
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public RealmIdentity createRealmIdentity(final String str) throws RealmUnavailableException {
        final LoadedState loadedState = this.loadedState.get();
        final AccountEntry accountEntry = (AccountEntry) loadedState.accounts.get(str);
        final NamePrincipal namePrincipal = new NamePrincipal(str);
        return new RealmIdentity() { // from class: org.wildfly.security.auth.provider.LegacyPropertiesSecurityRealm.1
            @Override // org.wildfly.security.auth.server.RealmIdentity
            public String getName() {
                return str;
            }

            @Override // org.wildfly.security.auth.server.RealmIdentity
            public CredentialSupport getCredentialSupport(Class<?> cls) throws RealmUnavailableException {
                return accountEntry != null ? LegacyPropertiesSecurityRealm.this.getCredentialSupport(cls) : CredentialSupport.UNSUPPORTED;
            }

            @Override // org.wildfly.security.auth.server.RealmIdentity
            public <C> C getCredential(Class<C> cls) throws RealmUnavailableException {
                PasswordFactory passwordFactory;
                KeySpec digestPasswordSpec;
                if (accountEntry == null) {
                    return null;
                }
                if (cls.isAssignableFrom(ClearPassword.class) && LegacyPropertiesSecurityRealm.this.plainText) {
                    passwordFactory = LegacyPropertiesSecurityRealm.this.getPasswordFactory(ClearPassword.ALGORITHM_CLEAR);
                    digestPasswordSpec = new ClearPasswordSpec(accountEntry.getPasswordRepresentation().toCharArray());
                } else {
                    if (!cls.isAssignableFrom(DigestPassword.class)) {
                        return null;
                    }
                    passwordFactory = LegacyPropertiesSecurityRealm.this.getPasswordFactory(DigestPassword.ALGORITHM_DIGEST_MD5);
                    if (LegacyPropertiesSecurityRealm.this.plainText) {
                        digestPasswordSpec = new EncryptablePasswordSpec(accountEntry.getPasswordRepresentation().toCharArray(), new DigestPasswordAlgorithmSpec(DigestPassword.ALGORITHM_DIGEST_MD5, accountEntry.getName(), loadedState.getRealmName()));
                    } else {
                        digestPasswordSpec = new DigestPasswordSpec(accountEntry.getName(), loadedState.getRealmName(), ByteIterator.ofBytes(accountEntry.getPasswordRepresentation().getBytes(StandardCharsets.UTF_8)).hexDecode().drain());
                    }
                }
                try {
                    return cls.cast(passwordFactory.generatePassword(digestPasswordSpec));
                } catch (InvalidKeySpecException e) {
                    throw new IllegalStateException(e);
                }
            }

            @Override // org.wildfly.security.auth.server.RealmIdentity
            public boolean verifyCredential(Object obj) throws RealmUnavailableException {
                PasswordFactory passwordFactory;
                KeySpec digestPasswordSpec;
                if (accountEntry == null || !(obj instanceof ClearPassword)) {
                    return false;
                }
                ClearPassword clearPassword = (ClearPassword) obj;
                if (LegacyPropertiesSecurityRealm.this.plainText) {
                    passwordFactory = LegacyPropertiesSecurityRealm.this.getPasswordFactory(ClearPassword.ALGORITHM_CLEAR);
                    digestPasswordSpec = new ClearPasswordSpec(accountEntry.getPasswordRepresentation().toCharArray());
                } else {
                    passwordFactory = LegacyPropertiesSecurityRealm.this.getPasswordFactory(DigestPassword.ALGORITHM_DIGEST_MD5);
                    digestPasswordSpec = new DigestPasswordSpec(accountEntry.getName(), loadedState.getRealmName(), ByteIterator.ofBytes(accountEntry.getPasswordRepresentation().getBytes(StandardCharsets.UTF_8)).hexDecode().drain());
                }
                try {
                    return passwordFactory.verify(passwordFactory.generatePassword(digestPasswordSpec), clearPassword.getPassword());
                } catch (IllegalStateException | InvalidKeyException | InvalidKeySpecException e) {
                    throw new IllegalStateException(e);
                }
            }

            @Override // org.wildfly.security.auth.server.RealmIdentity
            public boolean exists() throws RealmUnavailableException {
                return accountEntry != null;
            }

            @Override // org.wildfly.security.auth.server.RealmIdentity
            public AuthorizationIdentity getAuthorizationIdentity() throws RealmUnavailableException {
                if (accountEntry == null) {
                    return null;
                }
                return new PropertiesAuthorizationIdentity(namePrincipal);
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public PasswordFactory getPasswordFactory(String str) {
        try {
            return PasswordFactory.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public CredentialSupport getCredentialSupport(Class<?> cls) throws RealmUnavailableException {
        return cls.isAssignableFrom(ClearPassword.class) ? this.plainText ? CredentialSupport.FULLY_SUPPORTED : CredentialSupport.VERIFIABLE_ONLY : cls.isAssignableFrom(DigestPassword.class) ? CredentialSupport.OBTAINABLE_ONLY : CredentialSupport.UNSUPPORTED;
    }

    private Pattern getPattern() {
        return this.plainText ? PLAIN_PATTERN : HASHED_PATTERN;
    }

    public void load(InputStream inputStream, InputStream inputStream2) throws IOException {
        HashMap hashMap = new HashMap();
        Properties properties = new Properties();
        if (inputStream2 != null) {
            InputStreamReader inputStreamReader = new InputStreamReader(inputStream2, StandardCharsets.UTF_8);
            Throwable th = null;
            try {
                try {
                    properties.load(inputStreamReader);
                    if (inputStreamReader != null) {
                        if (0 != 0) {
                            try {
                                inputStreamReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            inputStreamReader.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (inputStreamReader != null) {
                    if (th != null) {
                        try {
                            inputStreamReader.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        inputStreamReader.close();
                    }
                }
                throw th3;
            }
        }
        String str = null;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
        Throwable th5 = null;
        while (true) {
            try {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    String trim = readLine.trim();
                    if (trim.startsWith(COMMENT_PREFIX) && trim.contains(REALM_COMMENT_PREFIX)) {
                        int indexOf = trim.indexOf(REALM_COMMENT_PREFIX) + REALM_COMMENT_PREFIX.length();
                        int indexOf2 = trim.indexOf(REALM_COMMENT_SUFFIX, indexOf);
                        if (indexOf2 > -1) {
                            str = trim.substring(indexOf, indexOf2);
                        }
                    } else {
                        Matcher matcher = getPattern().matcher(trim);
                        if (matcher.matches()) {
                            String group = matcher.group(1);
                            String group2 = matcher.group(2);
                            if (!trim.startsWith(COMMENT_PREFIX)) {
                                hashMap.put(group, new AccountEntry(group, group2, properties.getProperty(group)));
                            }
                        }
                    }
                } catch (Throwable th6) {
                    if (bufferedReader != null) {
                        if (th5 != null) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th7) {
                                th5.addSuppressed(th7);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    throw th6;
                }
            } finally {
            }
        }
        if (bufferedReader != null) {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (Throwable th8) {
                    th5.addSuppressed(th8);
                }
            } else {
                bufferedReader.close();
            }
        }
        if (str == null) {
            throw ElytronMessages.log.noRealmFoundInProperties();
        }
        this.loadedState.set(new LoadedState(hashMap, str, System.currentTimeMillis()));
    }

    public long getLoadTime() {
        return this.loadedState.get().getLoadTime();
    }

    public static Builder builder() {
        return new Builder();
    }
}
