package net.corda.node.internal.security;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.TuplesKt;
import kotlin.TypeCastException;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.collections.SetsKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.ranges.RangesKt;
import kotlin.text.Regex;
import net.corda.node.services.config.NodeConfigurationImpl;
import net.corda.node.services.config.PasswordEncryption;
import net.corda.nodeapi.internal.config.User;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: RPCSecurityManagerImpl.kt */
@Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = NodeConfigurationImpl.Defaults.lazyBridgeStart, d1 = {"��B\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010$\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\u0018��2\u00020\u0001B%\u0012\f\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003\u0012\u0006\u0010\u0005\u001a\u00020\u0006\u0012\b\b\u0002\u0010\u0007\u001a\u00020\b¢\u0006\u0002\u0010\tJ\u0012\u0010\u000f\u001a\u0004\u0018\u00010\f2\u0006\u0010\u0010\u001a\u00020\u0011H\u0014J\u0012\u0010\u0012\u001a\u0004\u0018\u00010\u000e2\u0006\u0010\u0013\u001a\u00020\u0014H\u0014R\u001a\u0010\n\u001a\u000e\u0012\u0004\u0012\u00020\u0006\u0012\u0004\u0012\u00020\f0\u000bX\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\r\u001a\u000e\u0012\u0004\u0012\u00020\u0006\u0012\u0004\u0012\u00020\u000e0\u000bX\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0015"}, d2 = {"Lnet/corda/node/internal/security/InMemoryRealm;", "Lorg/apache/shiro/realm/AuthorizingRealm;", "users", "", "Lnet/corda/nodeapi/internal/config/User;", "realmId", "", "passwordEncryption", "Lnet/corda/node/services/config/PasswordEncryption;", "(Ljava/util/List;Ljava/lang/String;Lnet/corda/node/services/config/PasswordEncryption;)V", "authenticationInfoByUser", "", "Lorg/apache/shiro/authc/AuthenticationInfo;", "authorizationInfoByUser", "Lorg/apache/shiro/authz/AuthorizationInfo;", "doGetAuthenticationInfo", "token", "Lorg/apache/shiro/authc/AuthenticationToken;", "doGetAuthorizationInfo", "principals", "Lorg/apache/shiro/subject/PrincipalCollection;", "node"})
/* loaded from: input_file:net/corda/node/internal/security/InMemoryRealm.class */
public final class InMemoryRealm extends AuthorizingRealm {
    private final Map<String, AuthorizationInfo> authorizationInfoByUser;
    private final Map<String, AuthenticationInfo> authenticationInfoByUser;

    @Nullable
    protected AuthenticationInfo doGetAuthenticationInfo(@NotNull AuthenticationToken authenticationToken) {
        Intrinsics.checkParameterIsNotNull(authenticationToken, "token");
        Map<String, AuthenticationInfo> map = this.authenticationInfoByUser;
        Object principal = authenticationToken.getPrincipal();
        if (principal == null) {
            throw new TypeCastException("null cannot be cast to non-null type kotlin.String");
        }
        return map.get((String) principal);
    }

    @Nullable
    protected AuthorizationInfo doGetAuthorizationInfo(@NotNull PrincipalCollection principalCollection) {
        Intrinsics.checkParameterIsNotNull(principalCollection, "principals");
        Map<String, AuthorizationInfo> map = this.authorizationInfoByUser;
        Object primaryPrincipal = principalCollection.getPrimaryPrincipal();
        if (primaryPrincipal == null) {
            throw new TypeCastException("null cannot be cast to non-null type kotlin.String");
        }
        return map.get((String) primaryPrincipal);
    }

    public InMemoryRealm(@NotNull List<User> list, @NotNull String str, @NotNull PasswordEncryption passwordEncryption) {
        CredentialsMatcher buildCredentialMatcher;
        Intrinsics.checkParameterIsNotNull(list, "users");
        Intrinsics.checkParameterIsNotNull(str, "realmId");
        Intrinsics.checkParameterIsNotNull(passwordEncryption, "passwordEncryption");
        setPermissionResolver(RPCPermissionResolver.INSTANCE);
        for (User user : list) {
            if (!new Regex("\\w+").matches(user.getUsername())) {
                throw new IllegalArgumentException(("Username " + user.getUsername() + " contains invalid characters").toString());
            }
        }
        InMemoryRealm$resolvePermission$1 inMemoryRealm$resolvePermission$1 = new InMemoryRealm$resolvePermission$1(getPermissionResolver());
        List<User> list2 = list;
        LinkedHashMap linkedHashMap = new LinkedHashMap(RangesKt.coerceAtLeast(MapsKt.mapCapacity(CollectionsKt.collectionSizeOrDefault(list2, 10)), 16));
        for (User user2 : list2) {
            String username = user2.getUsername();
            SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
            Set permissions = user2.getPermissions();
            InMemoryRealm$resolvePermission$1 inMemoryRealm$resolvePermission$12 = inMemoryRealm$resolvePermission$1;
            ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(permissions, 10));
            Iterator it = permissions.iterator();
            while (it.hasNext()) {
                arrayList.add(inMemoryRealm$resolvePermission$12.invoke(it.next()));
            }
            simpleAuthorizationInfo.setObjectPermissions(CollectionsKt.toSet(arrayList));
            simpleAuthorizationInfo.setRoles(SetsKt.emptySet());
            simpleAuthorizationInfo.setStringPermissions(SetsKt.emptySet());
            Pair pair = TuplesKt.to(username, simpleAuthorizationInfo);
            linkedHashMap.put(pair.getFirst(), pair.getSecond());
        }
        this.authorizationInfoByUser = linkedHashMap;
        List<User> list3 = list;
        LinkedHashMap linkedHashMap2 = new LinkedHashMap(RangesKt.coerceAtLeast(MapsKt.mapCapacity(CollectionsKt.collectionSizeOrDefault(list3, 10)), 16));
        for (User user3 : list3) {
            String username2 = user3.getUsername();
            SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo();
            simpleAuthenticationInfo.setCredentials(user3.getPassword());
            simpleAuthenticationInfo.setPrincipals(new SimplePrincipalCollection(user3.getUsername(), str));
            Pair pair2 = TuplesKt.to(username2, simpleAuthenticationInfo);
            linkedHashMap2.put(pair2.getFirst(), pair2.getSecond());
        }
        this.authenticationInfoByUser = linkedHashMap2;
        buildCredentialMatcher = RPCSecurityManagerImplKt.buildCredentialMatcher(passwordEncryption);
        setCredentialsMatcher(buildCredentialMatcher);
    }

    public /* synthetic */ InMemoryRealm(List list, String str, PasswordEncryption passwordEncryption, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this(list, str, (i & 4) != 0 ? PasswordEncryption.NONE : passwordEncryption);
    }
}
