package net.sf.jguard.ext.authentication.manager;

import com.google.inject.Inject;
import java.io.FileWriter;
import java.io.IOException;
import java.io.OutputStream;
import java.net.URL;
import java.security.Principal;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import net.sf.jguard.core.ApplicationName;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.authentication.exception.AuthenticationException;
import net.sf.jguard.core.authentication.manager.AuthenticationManager;
import net.sf.jguard.core.authentication.manager.AuthenticationXmlStoreFileLocation;
import net.sf.jguard.core.principals.Organization;
import net.sf.jguard.core.principals.OrganizationTemplate;
import net.sf.jguard.core.principals.OrganizationUtils;
import net.sf.jguard.core.principals.RolePrincipal;
import net.sf.jguard.core.principals.SubjectTemplate;
import net.sf.jguard.core.util.SubjectUtils;
import net.sf.jguard.core.util.XMLUtils;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.InvalidXPathException;
import org.dom4j.XPath;
import org.dom4j.io.HTMLWriter;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/ext/authentication/manager/XmlAuthenticationManager.class */
public class XmlAuthenticationManager extends AbstractAuthenticationManager implements AuthenticationManager {
    public static final String AUTHENTICATION = "authentication";
    private static final String PUBLIC_OPTIONAL_CREDENTIALS = "publicOptionalCredentials";
    private static final String PRIVATE_OPTIONAL_CREDENTIALS = "privateOptionalCredentials";
    private static final String PUBLIC_REQUIRED_CREDENTIALS = "publicRequiredCredentials";
    private static final String CRED_TEMPLATE_ID = "credTemplateId";
    private static final String PRIVATE_REQUIRED_CREDENTIALS = "privateRequiredCredentials";
    private static final String USER_TEMPLATE = "userTemplate";
    private static final String VALUE = "value";
    private static final String ID = "id";
    private static final String CREDENTIAL = "credential";
    private static final String CREDENTIALS = "credentials";
    private static final String PRINCIPAL_REF = "principalRef";
    private static final String PRINCIPALS_REF = "principalsRef";
    private static final String PUBLIC_CREDENTIALS = "publicCredentials";
    private static final String PRIVATE_CREDENTIALS = "privateCredentials";
    private static final String USER = "user";
    private static final String USERS = "users";
    private static final String APPLICATION_NAME = "applicationName";
    private static final String CLASS = "class";
    private static final String NAME = "name";
    private static final String ACTIVE = "active";
    private static final String DEFINITION = "definition";
    private static final String PRINCIPAL = "principal";
    private static final String PRINCIPALS = "principals";
    private static final String ORGANIZATIONS = "organizations";
    private static final String ORGANIZATION = "organization";
    private static final String ORGANIZATION_TEMPLATE = "organizationTemplate";
    private static final String ORGANIZATION_REF = "organizationRef";
    private static final Logger logger = LoggerFactory.getLogger(XmlAuthenticationManager.class.getName());
    private Document document;
    private Element root;
    private URL fileLocation;
    private static final String HTTP_JGUARD_SOURCEFORGE_NET_XSD_J_GUARD_USERS_PRINCIPALS_2_0_0_XSD = "http://jguard.sourceforge.net/xsd/jGuardUsersPrincipals_2.0.0.xsd";
    private static final String STRING_NAMESPACE_PREFIX = "j";
    private Set<Principal> principalsSet;
    private Map<String, Principal> principals;
    private Set<Subject> users;
    private static final String J_GUARD_USERS_PRINCIPALS_2_2_0_XSD = "jGuardUsersPrincipals_2.0.0.xsd";
    private static final String TEMPLATE = "template";

    @Inject
    public XmlAuthenticationManager(@ApplicationName String str, @AuthenticationXmlStoreFileLocation URL url) {
        super(str);
        this.document = null;
        this.root = null;
        this.fileLocation = null;
        this.applicationName = str;
        this.fileLocation = url;
        if (url == null) {
            logger.error(" parameter 'authenticationXmlFileLocation' which is null must be specified in the XmlLoginModule configuration ");
            throw new IllegalArgumentException(" parameter 'authenticationXmlFileLocation' which is null must be specified in the XmlLoginModule configuration ");
        }
        if (logger.isDebugEnabled()) {
            logger.debug("initAuthenticationDAO() - fileLocation=" + url);
        }
        this.document = XMLUtils.read(url, J_GUARD_USERS_PRINCIPALS_2_2_0_XSD);
        this.root = this.document.getRootElement();
        Map<RolePrincipal, String> initPrincipals = initPrincipals(this.root);
        this.organizationTemplate = getOrganizationTemplate(this.root);
        initOrganizations(this.root);
        resolvePrincipalsOrganizationRefs(initPrincipals, this.organizations);
        this.users = initUsers(this.root);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistPrincipal(Principal principal) throws AuthenticationException {
        Element addElement = this.root.element(PRINCIPALS).addElement(PRINCIPAL);
        Element addElement2 = addElement.addElement(NAME);
        addElement2.setText(principal.getName());
        addElement.addElement(CLASS).setText(principal.getClass().getName());
        Element addElement3 = addElement.addElement(APPLICATION_NAME);
        if (principal instanceof RolePrincipal) {
            RolePrincipal rolePrincipal = (RolePrincipal) principal;
            addElement2.setText(rolePrincipal.getLocalName());
            addElement3.setText(rolePrincipal.getApplicationName());
            addElement.addElement(ORGANIZATION_REF).setText(rolePrincipal.getOrganization().getName());
        }
        try {
            XMLUtils.write(this.fileLocation, this.document);
        } catch (IOException e) {
            logger.error(e.getMessage());
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void updateUserImpl(JGuardCredential jGuardCredential, Subject subject) throws AuthenticationException {
        logger.debug("update user - identityCred =" + jGuardCredential);
        Subject findUser = findUser((String) jGuardCredential.getValue());
        if (findUser == null) {
            logger.info("no user found for update with identity credential=" + jGuardCredential);
        } else {
            deleteUser(findUser);
            persistUser(subject);
        }
    }

    private void deleteUserFromMemory(Subject subject) throws AuthenticationException {
        deleteUserFromMemory(extractIdentityCredentialFromUser(subject));
    }

    private void deleteUserFromMemory(JGuardCredential jGuardCredential) throws AuthenticationException {
        Iterator<Subject> it = this.users.iterator();
        while (it.hasNext()) {
            if (jGuardCredential.equals(extractIdentityCredentialFromUser(it.next()))) {
                it.remove();
                logger.debug("user with identityCred:" + jGuardCredential.getName() + " =" + jGuardCredential.getValue().toString() + " removed ");
                return;
            }
        }
    }

    public void deleteUser(Subject subject) throws AuthenticationException {
        if (subject != null) {
            deleteUserFromMemory(subject);
            Element findUser = findUser(subject);
            if (findUser != null) {
                this.root.element(USERS).elements(USER).remove(findUser);
                try {
                    XMLUtils.write(this.fileLocation, this.document);
                } catch (IOException e) {
                    logger.error("removeUser(Subject)", e);
                    throw new AuthenticationException(e.getMessage(), e);
                }
            }
        }
    }

    private Element getOrganization(String str) throws InvalidXPathException {
        return getElement(getXpathSearchStringForOrganization(str));
    }

    private Element getElement(String str) {
        XPath createXPath = DocumentHelper.createXPath(str);
        HashMap hashMap = new HashMap();
        hashMap.put(STRING_NAMESPACE_PREFIX, HTTP_JGUARD_SOURCEFORGE_NET_XSD_J_GUARD_USERS_PRINCIPALS_2_0_0_XSD);
        createXPath.setNamespaceURIs(hashMap);
        return createXPath.selectSingleNode(this.root);
    }

    private Element findUser(Subject subject) throws AuthenticationException {
        return findUser(extractIdentityCredentialFromUser(subject));
    }

    private Element findUser(JGuardCredential jGuardCredential) {
        logger.debug("try to find user with identityCredential=" + jGuardCredential);
        this.root.element(USERS);
        Element element = getElement(getUserXpath(jGuardCredential));
        if (element == null) {
            logger.debug("no user has been found");
        }
        return element;
    }

    private String getUserXpath(JGuardCredential jGuardCredential) {
        return "/j:authentication/j:users/j:user/j:privateCredentials/j:credential[@id='" + jGuardCredential.getName() + "' and @value='" + jGuardCredential.getValue().toString() + "']/../..";
    }

    private Set getCredentialsSet(Element element) {
        HashSet hashSet = new HashSet();
        for (Element element2 : element.elements(CREDENTIAL)) {
            hashSet.add(new JGuardCredential(element2.attribute(ID).getStringValue(), element2.attribute(VALUE).getStringValue()));
        }
        return hashSet;
    }

    private Organization getOrganization(Element element) {
        if (element == null) {
            throw new IllegalArgumentException("organizationElement in argument is null");
        }
        Organization organization = new Organization();
        organization.setPrincipals(getPrincipalsReference(element));
        organization.setSubjectTemplate(buildSubjectTemplateFromElement(element.element(USER_TEMPLATE)));
        organization.setCredentials(getCredentialsSet(element.element(CREDENTIALS)));
        return organization;
    }

    private Organization getOrganizationPrincipal(Element element) {
        String stringValue = element.element(ORGANIZATION_REF).getStringValue();
        for (Organization organization : this.organizations) {
            if (stringValue.equals(organization.getName())) {
                return organization;
            }
        }
        logger.error(" organization with name" + stringValue + " have not been found");
        return null;
    }

    private OrganizationTemplate getOrganizationTemplate(Element element) {
        Element element2 = element.element(ORGANIZATIONS).element(ORGANIZATION_TEMPLATE);
        OrganizationTemplate organizationTemplate = new OrganizationTemplate();
        organizationTemplate.setCredentials(getJGuardCredentialList(element2.element(CREDENTIALS).elements(CRED_TEMPLATE_ID)));
        organizationTemplate.setPrincipals(getPrincipalsReference(element2));
        organizationTemplate.setSubjectTemplate(getSubjectTemplate(element2));
        return organizationTemplate;
    }

    private Set<RolePrincipal> getPrincipalsReference(Element element) {
        HashSet hashSet = new HashSet();
        for (Element element2 : element.element(PRINCIPALS_REF).elements(PRINCIPAL_REF)) {
            String attributeValue = element2.attributeValue(NAME);
            if (element2.attributeValue(APPLICATION_NAME) == null) {
                String str = this.applicationName;
            }
            String attributeValue2 = element2.attributeValue(DEFINITION);
            String attributeValue3 = element2.attributeValue("active");
            RolePrincipal rolePrincipal = this.principals.get(RolePrincipal.getName(attributeValue, this.applicationName));
            if (rolePrincipal != null) {
                rolePrincipal.setDefinition(attributeValue2);
                if ("true".equalsIgnoreCase(attributeValue3)) {
                    rolePrincipal.setActive(true);
                } else {
                    rolePrincipal.setActive(false);
                }
                hashSet.add(rolePrincipal);
            }
        }
        return hashSet;
    }

    private String getXpathSearchStringForOrganization(String str) {
        return "/j:authentication/j:organizations/j:organization/j:credentials/j:credential[@id='id' and @value='" + str + "']/../..";
    }

    private void initOrganizations(Element element) {
        Iterator it = element.element(ORGANIZATIONS).elements(ORGANIZATION).iterator();
        while (it.hasNext()) {
            this.organizations.add(getOrganization((Element) it.next()));
        }
    }

    private Map<RolePrincipal, String> initPrincipals(Element element) {
        List<Element> elements = element.element(PRINCIPALS).elements(PRINCIPAL);
        this.principals = new HashMap();
        this.principalsSet = new HashSet();
        HashMap hashMap = new HashMap();
        for (Element element2 : elements) {
            String stringValue = element2.element(CLASS).getStringValue();
            if (!RolePrincipal.class.getName().equals(stringValue)) {
                throw new IllegalArgumentException("class=+" + stringValue + "is unsupported ; only class=" + RolePrincipal.class.getName() + " is supported");
            }
            Element element3 = element2.element(APPLICATION_NAME);
            String stringValue2 = element2.element(ORGANIZATION_REF).getStringValue();
            Principal rolePrincipal = new RolePrincipal(element2.element(NAME).getStringValue(), element3.getStringValue());
            hashMap.put(rolePrincipal, stringValue2);
            this.principals.put(rolePrincipal.getName(), rolePrincipal);
            this.principalsSet.add(rolePrincipal);
            if (rolePrincipal.getApplicationName().equals(this.applicationName)) {
                this.localPrincipalsSet.add(rolePrincipal);
                this.localPrincipals.put(rolePrincipal.getName(), rolePrincipal);
            }
        }
        if (this.localPrincipalsSet.isEmpty()) {
            throw new IllegalStateException("no principals are granted to the current application=" + getApplicationName());
        }
        return hashMap;
    }

    private Set<Subject> initUsers(Element element) {
        this.users = new HashSet();
        for (Element element2 : element.element(USERS).elements(USER)) {
            Set credentialsSet = getCredentialsSet(element2.element(PRIVATE_CREDENTIALS));
            Set credentialsSet2 = getCredentialsSet(element2.element(PUBLIC_CREDENTIALS));
            Set<RolePrincipal> principalsReference = getPrincipalsReference(element2);
            Organization organizationPrincipal = getOrganizationPrincipal(element2);
            principalsReference.retainAll(new HashSet(organizationPrincipal.getPrincipals()));
            principalsReference.add(organizationPrincipal);
            Subject subject = new Subject(false, principalsReference, credentialsSet2, credentialsSet);
            if (principalsReference.size() <= 1) {
                JGuardCredential identityCredential = SubjectUtils.getIdentityCredential(subject, this);
                logger.warn(" user " + identityCredential.getName() + "=" + identityCredential.getValue() + " hasn't got any RolePrincipals granted (no roles owned by his organization is granted to him) ");
            }
            this.users.add(subject);
        }
        return this.users;
    }

    public SubjectTemplate getSubjectTemplate(Element element) {
        return buildSubjectTemplateFromElement(element.element(USER_TEMPLATE));
    }

    private SubjectTemplate buildSubjectTemplateFromElement(Element element) {
        Set<JGuardCredential> jGuardCredentialList = getJGuardCredentialList(element.element(PRIVATE_REQUIRED_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        Set<JGuardCredential> jGuardCredentialList2 = getJGuardCredentialList(element.element(PUBLIC_REQUIRED_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        Set<JGuardCredential> jGuardCredentialList3 = getJGuardCredentialList(element.element(PRIVATE_OPTIONAL_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        Set<JGuardCredential> jGuardCredentialList4 = getJGuardCredentialList(element.element(PUBLIC_OPTIONAL_CREDENTIALS).elements(CRED_TEMPLATE_ID));
        SubjectTemplate subjectTemplate = new SubjectTemplate();
        subjectTemplate.setPrivateRequiredCredentials(jGuardCredentialList);
        subjectTemplate.setPublicRequiredCredentials(jGuardCredentialList2);
        subjectTemplate.setPrivateOptionalCredentials(jGuardCredentialList3);
        subjectTemplate.setPublicOptionalCredentials(jGuardCredentialList4);
        subjectTemplate.setPrincipals(getPrincipals(element.element(PRINCIPALS_REF).elements(PRINCIPAL_REF)));
        return subjectTemplate;
    }

    private Set getPrincipals(List list) {
        HashSet hashSet = new HashSet();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            Element element = (Element) it.next();
            Principal principal = this.principals.get(element.attribute(APPLICATION_NAME).getData() + "#" + element.attribute(NAME).getData());
            if (principal != null) {
                hashSet.add(principal);
            }
        }
        return hashSet;
    }

    private Set<JGuardCredential> getJGuardCredentialList(List list) {
        Iterator it = list.iterator();
        HashSet hashSet = new HashSet();
        while (it.hasNext()) {
            String text = ((Element) it.next()).getText();
            hashSet.add(text.equals(ID) ? new JGuardCredential(text, TEMPLATE) : new JGuardCredential(text, ""));
        }
        return hashSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistUser(Subject subject) throws AuthenticationException {
        Element addElement = this.root.element(USERS).addElement(USER);
        persistCredentialsSet(subject.getPrivateCredentials(JGuardCredential.class), addElement.addElement(PRIVATE_CREDENTIALS));
        persistCredentialsSet(subject.getPublicCredentials(JGuardCredential.class), addElement.addElement(PUBLIC_CREDENTIALS));
        persistPrincipalRefs(subject.getPrincipals(), addElement.addElement(PRINCIPALS_REF));
        Set principals = subject.getPrincipals(Organization.class);
        if (principals.size() != 1) {
            throw new IllegalArgumentException(USER + subject + "hasn't got one Organization but " + principals.size() + " organizations ");
        }
        addElement.addElement(ORGANIZATION_REF).setText(((Organization) principals.iterator().next()).getName());
        try {
            XMLUtils.write(this.fileLocation, this.document);
            this.users.add(subject);
        } catch (IOException e) {
            logger.error("persistUser(Subject)", e);
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    private void persistCredentialTemplates(Set set, Element element, String str) {
        Element addElement = element.addElement(str);
        if (addElement == null) {
            logger.debug("credentialTemplateID element in XML " + str + " is null");
            return;
        }
        if (set == null || set.size() == 0) {
            logger.debug(CREDENTIALS + str + " in Object is null or empty");
            return;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            addElement.addElement(CRED_TEMPLATE_ID).setText(((JGuardCredential) it.next()).getName());
        }
    }

    private void persistOrganization(Organization organization, Element element) throws AuthenticationException {
        SubjectTemplate subjectTemplate = organization.getSubjectTemplate();
        if (subjectTemplate == null) {
            throw new IllegalArgumentException("SubejctTemplate is null into Organization " + organization);
        }
        persistSubjectTemplate(element, subjectTemplate);
        Element addElement = element.addElement(CREDENTIALS);
        for (JGuardCredential jGuardCredential : organization.getCredentials()) {
            Element addElement2 = addElement.addElement(CREDENTIAL);
            addElement2.addAttribute(ID, jGuardCredential.getName());
            addElement2.addAttribute(VALUE, jGuardCredential.getValue().toString());
        }
        Element addElement3 = element.addElement(PRINCIPALS_REF);
        for (RolePrincipal rolePrincipal : organization.getPrincipals()) {
            Element addElement4 = addElement3.addElement(PRINCIPAL_REF);
            addElement4.addAttribute(NAME, rolePrincipal.getLocalName());
            addElement4.addAttribute(APPLICATION_NAME, rolePrincipal.getApplicationName());
            addElement4.addAttribute(DEFINITION, rolePrincipal.getDefinition());
            addElement4.addAttribute("active", rolePrincipal.isActive() ? "true" : "false");
        }
        try {
            XMLUtils.write(this.fileLocation, this.document);
        } catch (IOException e) {
            logger.error(e.getMessage());
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    private void persistPrincipalRefs(Set set, Element element) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            RolePrincipal rolePrincipal = (Principal) it.next();
            if (rolePrincipal instanceof RolePrincipal) {
                RolePrincipal rolePrincipal2 = rolePrincipal;
                Element addElement = element.addElement(PRINCIPAL_REF);
                addElement.addAttribute(NAME, rolePrincipal2.getLocalName());
                addElement.addAttribute(APPLICATION_NAME, rolePrincipal2.getApplicationName());
                addElement.addAttribute(DEFINITION, rolePrincipal2.getDefinition());
                addElement.addAttribute("active", rolePrincipal2.isActive() ? "true" : "false");
            }
        }
    }

    private void persistCredentialsSet(Set set, Element element) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            JGuardCredential jGuardCredential = (JGuardCredential) it.next();
            Element addElement = element.addElement(CREDENTIAL);
            addElement.addAttribute(ID, jGuardCredential.getName());
            addElement.addAttribute(VALUE, jGuardCredential.getValue().toString());
        }
    }

    public void persistSubjectTemplate(Element element, SubjectTemplate subjectTemplate) {
        Element addElement = element.addElement(USER_TEMPLATE);
        if (addElement == null) {
            throw new IllegalArgumentException(" subjectTemplate is not present into organizationElement " + element.getName());
        }
        if (subjectTemplate == null) {
            throw new IllegalArgumentException(" SubjectTemplate is null");
        }
        persistCredentialTemplates(subjectTemplate.getPrivateRequiredCredentials(), addElement, PRIVATE_REQUIRED_CREDENTIALS);
        persistCredentialTemplates(subjectTemplate.getPublicRequiredCredentials(), addElement, PUBLIC_REQUIRED_CREDENTIALS);
        persistCredentialTemplates(subjectTemplate.getPrivateOptionalCredentials(), addElement, PRIVATE_OPTIONAL_CREDENTIALS);
        persistCredentialTemplates(subjectTemplate.getPublicOptionalCredentials(), addElement, PUBLIC_OPTIONAL_CREDENTIALS);
        persistPrincipalRefs(subjectTemplate.getPrincipals(), addElement.addElement(PRINCIPALS_REF));
    }

    public boolean isEmpty() {
        return this.root.element(PRINCIPALS).elements(PRINCIPAL).isEmpty() || this.root.element(USERS).elements(USER).isEmpty();
    }

    public Set<Principal> getAllPrincipalsSet() {
        return new HashSet(this.principalsSet);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public Set<Subject> findUsers(Collection collection, Collection collection2) {
        HashSet hashSet = new HashSet();
        for (Subject subject : this.users) {
            Iterator it = collection.iterator();
            boolean z = true;
            while (it.hasNext()) {
                if (!subject.getPrivateCredentials().contains((JGuardCredential) it.next())) {
                    z = false;
                }
            }
            if (z) {
                Iterator it2 = collection2.iterator();
                while (it2.hasNext()) {
                    if (!subject.getPublicCredentials().contains((JGuardCredential) it2.next())) {
                        z = false;
                    }
                }
                if (z) {
                    hashSet.add(new Subject(false, subject.getPrincipals(), subject.getPublicCredentials(), subject.getPrivateCredentials()));
                }
            }
        }
        return hashSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public Set<Subject> getUsers() {
        return this.users;
    }

    public void updatePrincipal(String str, Principal principal) {
        Principal remove = this.principals.remove(str);
        if (remove == null) {
            logger.warn(" principal " + str + " cannot be updated because it does not exists ");
            return;
        }
        this.principalsSet.remove(remove);
        this.principals.put(principal.getName(), principal);
        this.principalsSet.add(principal);
        if (isRoleAndLocal(remove) && this.localPrincipalsSet.contains(remove)) {
            this.localPrincipalsSet.remove(remove);
            this.localPrincipals.put(principal.getName(), principal);
            this.localPrincipalsSet.add(principal);
        }
        try {
            XMLUtils.write(this.fileLocation, this.document);
        } catch (IOException e) {
            logger.error("updateRole(String, RolePrincipal)", e);
        }
    }

    public boolean deletePrincipal(Principal principal) throws AuthenticationException {
        RolePrincipal rolePrincipal = (Principal) this.principals.remove(principal.getName());
        if (rolePrincipal == null) {
            return false;
        }
        this.principalsSet.remove(rolePrincipal);
        if (isRoleAndLocal(principal) && this.localPrincipalsSet.contains(principal)) {
            this.localPrincipalsSet.remove(principal);
            this.localPrincipals.remove(principal);
        }
        Element element = this.root.element(PRINCIPALS);
        element.remove(element.selectSingleNode("//principal[name='" + principal.getName() + "']"));
        if (rolePrincipal.getClass().equals(RolePrincipal.class)) {
            XMLUtils.deletePrincipalRefs(this.root, rolePrincipal);
        }
        try {
            XMLUtils.write(this.fileLocation, this.document);
            return true;
        } catch (IOException e) {
            logger.error("deletePrincipal(String)", e);
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    public String exportAsXMLString() {
        return this.document.asXML();
    }

    public void writeAsXML(OutputStream outputStream, String str) throws IOException {
        OutputFormat createPrettyPrint = OutputFormat.createPrettyPrint();
        createPrettyPrint.setEncoding(str);
        XMLWriter xMLWriter = new XMLWriter(outputStream, createPrettyPrint);
        xMLWriter.write(this.document);
        xMLWriter.flush();
    }

    public void writeAsHTML(OutputStream outputStream) throws IOException {
        HTMLWriter hTMLWriter = new HTMLWriter(outputStream, OutputFormat.createPrettyPrint());
        hTMLWriter.write(this.document);
        hTMLWriter.flush();
    }

    public void exportAsXMLFile(String str) throws IOException {
        FileWriter fileWriter = null;
        try {
            fileWriter = new FileWriter(str);
            XMLWriter xMLWriter = new XMLWriter(fileWriter, OutputFormat.createPrettyPrint());
            xMLWriter.write(this.document);
            xMLWriter.close();
            if (fileWriter != null) {
                fileWriter.close();
            }
        } catch (Throwable th) {
            if (fileWriter != null) {
                fileWriter.close();
            }
            throw th;
        }
    }

    public void deleteOrganization(Organization organization) {
        this.root.remove(getOrganization(organization.getName()));
    }

    public void updateOrganization(String str, Organization organization) throws AuthenticationException {
        Element organization2 = getOrganization(str);
        if (organization2 == null) {
            throw new IllegalArgumentException("organization cannot be updated : it doesn't exist ");
        }
        Element element = organization2.element(USER_TEMPLATE);
        if (element != null) {
            organization2.remove(element);
        }
        organization2.remove(organization2.element(CREDENTIALS));
        organization2.remove(organization2.element(PRINCIPALS_REF));
        persistOrganization(organization, organization2);
    }

    public Organization findOrganization(String str) {
        Element organization = getOrganization(str);
        if (organization == null) {
            return null;
        }
        return getOrganization(organization);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistOrganization(Organization organization) throws AuthenticationException {
        String name = organization.getName();
        String xpathSearchStringForOrganization = getXpathSearchStringForOrganization(name);
        logger.debug("id for organization =" + name);
        logger.debug("xpath for organization =" + xpathSearchStringForOrganization);
        Element element = this.root.element(xpathSearchStringForOrganization);
        if (element == null) {
            element = this.root.element(ORGANIZATIONS).addElement(ORGANIZATION);
        }
        persistOrganization(organization, element);
    }

    public Set<Organization> getOrganizations() throws AuthenticationException {
        return new HashSet(this.organizations);
    }

    private void resolvePrincipalsOrganizationRefs(Map<RolePrincipal, String> map, Set<Organization> set) {
        for (Map.Entry<RolePrincipal, String> entry : map.entrySet()) {
            entry.getKey().setOrganization(OrganizationUtils.findOrganization(set, entry.getValue()));
        }
    }

    public Collection findOrganizations(Collection collection) throws AuthenticationException {
        HashSet hashSet = new HashSet();
        for (Organization organization : this.organizations) {
            Iterator it = collection.iterator();
            boolean z = true;
            while (it.hasNext()) {
                if (!organization.getCredentials().contains((JGuardCredential) it.next())) {
                    z = false;
                }
            }
            if (z) {
                hashSet.add(organization);
            }
        }
        return hashSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public void setOrganizationTemplate(OrganizationTemplate organizationTemplate) throws AuthenticationException {
        Element element = this.root.element(ORGANIZATIONS).element(ORGANIZATION_TEMPLATE);
        Element element2 = element.element(CREDENTIALS);
        Iterator it = element2.elements(CRED_TEMPLATE_ID).iterator();
        while (it.hasNext()) {
            element2.remove((Element) it.next());
        }
        Iterator it2 = organizationTemplate.getCredentials().iterator();
        while (it2.hasNext()) {
            element2.addElement(CRED_TEMPLATE_ID).setText(((JGuardCredential) it2.next()).getName());
        }
        persistPrincipalRefs(organizationTemplate.getPrincipals(), element);
        persistSubjectTemplate(element, organizationTemplate.getSubjectTemplate());
    }
}
