package oracle.kv.impl.sna;

import java.util.List;
import java.util.logging.Logger;
import oracle.kv.impl.admin.param.BootstrapParams;
import oracle.kv.impl.admin.param.GlobalParams;
import oracle.kv.impl.admin.param.SecurityParams;
import oracle.kv.impl.admin.param.StorageNodeParams;
import oracle.kv.impl.param.ParameterMap;
import oracle.kv.impl.security.AccessChecker;
import oracle.kv.impl.security.AccessCheckerImpl;
import oracle.kv.impl.security.KVBuiltInRoleResolver;
import oracle.kv.impl.security.login.InternalLoginManager;
import oracle.kv.impl.security.login.LoginManager;
import oracle.kv.impl.security.login.LoginUpdater;
import oracle.kv.impl.security.login.TokenResolverImpl;
import oracle.kv.impl.security.login.TokenVerifier;
import oracle.kv.impl.security.login.TopologyResolver;
import oracle.kv.impl.security.util.CacheBuilder;
import oracle.kv.impl.topo.RepNodeId;
import oracle.kv.impl.topo.ResourceId;
import oracle.kv.impl.topo.StorageNodeId;

/* loaded from: input_file:oracle/kv/impl/sna/SNASecurity.class */
public class SNASecurity implements LoginUpdater.GlobalParamsUpdater, LoginUpdater.ServiceParamsUpdater {
    private final StorageNodeAgent sna;
    private final AccessChecker accessChecker;
    private final TokenResolverImpl tokenResolver;
    private final InternalLoginManager loginMgr;
    private final TokenVerifier tokenVerifier;
    private final Logger logger;

    /* loaded from: input_file:oracle/kv/impl/sna/SNASecurity$SNATopoResolver.class */
    private final class SNATopoResolver implements TopologyResolver {
        final TopologyResolver.SNInfo localSNInfo;

        private SNATopoResolver(TopologyResolver.SNInfo sNInfo) {
            this.localSNInfo = sNInfo;
        }

        private SNATopoResolver() {
            this.localSNInfo = null;
        }

        @Override // oracle.kv.impl.security.login.TopologyResolver
        public TopologyResolver.SNInfo getStorageNode(ResourceId resourceId) {
            if (this.localSNInfo != null && (resourceId instanceof StorageNodeId) && ((StorageNodeId) resourceId).getStorageNodeId() == this.localSNInfo.getStorageNodeId().getStorageNodeId()) {
                return this.localSNInfo;
            }
            return null;
        }

        @Override // oracle.kv.impl.security.login.TopologyResolver
        public List<RepNodeId> listRepNodeIds(int i) {
            return null;
        }
    }

    public SNASecurity(StorageNodeAgent storageNodeAgent, BootstrapParams bootstrapParams, SecurityParams securityParams, GlobalParams globalParams, StorageNodeParams storageNodeParams, Logger logger) {
        this.sna = storageNodeAgent;
        this.logger = logger;
        if (!securityParams.isSecure()) {
            this.tokenResolver = null;
            this.accessChecker = null;
            this.loginMgr = null;
            this.tokenVerifier = null;
            return;
        }
        String hostname = bootstrapParams.getHostname();
        int registryPort = bootstrapParams.getRegistryPort();
        String storeName = bootstrapParams.getStoreName();
        SNATopoResolver sNATopoResolver = storeName == null ? null : new SNATopoResolver(new TopologyResolver.SNInfo(hostname, registryPort, storeName == null ? null : new StorageNodeId(bootstrapParams.getId())));
        this.loginMgr = new InternalLoginManager(null);
        this.tokenResolver = new TokenResolverImpl(hostname, registryPort, storeName, sNATopoResolver, this.loginMgr, logger);
        int loginCacheSize = (storageNodeParams == null ? new StorageNodeParams(storageNodeAgent.getHostname(), storageNodeAgent.getRegistryPort(), null) : storageNodeParams).getLoginCacheSize();
        GlobalParams globalParams2 = globalParams == null ? new GlobalParams(storageNodeAgent.getStoreName()) : globalParams;
        this.tokenVerifier = new TokenVerifier(new CacheBuilder.CacheConfig().capacity(loginCacheSize).entryLifetime(globalParams2.getLoginCacheTimeoutUnit().toMillis(globalParams2.getLoginCacheTimeout())), this.tokenResolver);
        this.accessChecker = new AccessCheckerImpl(this.tokenVerifier, new KVBuiltInRoleResolver(), null, logger);
    }

    public AccessChecker getAccessChecker() {
        return this.accessChecker;
    }

    public LoginManager getLoginManager() {
        return this.loginMgr;
    }

    @Override // oracle.kv.impl.security.login.LoginUpdater.ServiceParamsUpdater
    public void newServiceParameters(ParameterMap parameterMap) {
        if (this.tokenVerifier == null) {
            return;
        }
        int loginCacheSize = new StorageNodeParams(parameterMap).getLoginCacheSize();
        if (this.tokenVerifier.updateLoginCacheSize(loginCacheSize)) {
            this.logger.info(String.format("SNASecurity: loginCacheSize has been updated to %d", Integer.valueOf(loginCacheSize)));
        }
    }

    @Override // oracle.kv.impl.security.login.LoginUpdater.GlobalParamsUpdater
    public void newGlobalParameters(ParameterMap parameterMap) {
        if (this.tokenVerifier == null) {
            return;
        }
        GlobalParams globalParams = new GlobalParams(parameterMap);
        long millis = globalParams.getLoginCacheTimeoutUnit().toMillis(globalParams.getLoginCacheTimeout());
        if (this.tokenVerifier.updateLoginCacheTimeout(millis)) {
            this.logger.info(String.format("SNASecurity: loginCacheTimeout has been updated to %d ms", Long.valueOf(millis)));
        }
    }
}
