package org.ogema.impl.apploader;

import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Objects;
import javax.net.ssl.SSLContext;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.ogema.core.administration.CredentialStore;
import org.osgi.framework.FrameworkUtil;
import org.osgi.service.useradmin.Group;
import org.osgi.service.useradmin.User;
import org.osgi.service.useradmin.UserAdmin;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service({CredentialStore.class})
@Component(specVersion = "1.2", immediate = true)
/* loaded from: input_file:org/ogema/impl/apploader/CredentialStoreImpl.class */
public class CredentialStoreImpl implements CredentialStore {
    private static final String APPSTORE_GROUP_NAME = "appstoreGroup";
    private static final String APPSTORE_PWD_NAME = "appstoreCred";
    private static final String APPSTORE_USER_NAME = "appstoreUsr";

    @Reference
    private UserAdmin userAdmin;
    private Logger logger = LoggerFactory.getLogger(getClass());

    public void setGWPassword(String str, String str2, final String str3) {
        if (!login(str, str2)) {
            throw new SecurityException("Wrong old passowrd!");
        }
        User role = this.userAdmin.getRole(str);
        final User user = role;
        if (role == null) {
            throw new IllegalArgumentException("User doesn't exist: " + str);
        }
        if (((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: org.ogema.impl.apploader.CredentialStoreImpl.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Boolean run() {
                user.getCredentials().put("pwd", str3);
                return Boolean.valueOf(user.hasCredential("pwd", str3));
            }
        })).booleanValue()) {
            this.logger.debug("Set new password succeeded.");
        } else {
            this.logger.debug("Set new password failed.");
        }
    }

    public boolean createUser(String str, String str2, String str3, String str4) throws IOException, IllegalArgumentException, RuntimeException {
        Objects.requireNonNull(str);
        Objects.requireNonNull(str2);
        boolean z = true;
        if (str == null || str.equals("")) {
            z = false;
        } else if (str3 != null && str3.equals("")) {
            z = false;
        } else if (str3 != null && str4 == null) {
            z = false;
        }
        if (!z) {
            throw new IllegalArgumentException();
        }
        setCredential(str, "pwd", str2);
        if (str3 == null) {
            return true;
        }
        addStoreCredentials(str, str3, str4);
        return true;
    }

    public boolean login(String str, final String str2) {
        User role = this.userAdmin.getRole(str);
        if (role == null) {
            return false;
        }
        final User user = role;
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: org.ogema.impl.apploader.CredentialStoreImpl.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Boolean run() {
                return Boolean.valueOf(user.hasCredential("pwd", str2));
            }
        })).booleanValue();
    }

    public void logout(String str) {
    }

    public void removeUser(String str) {
    }

    private void setCredential(String str, String str2, String str3) {
        User role = this.userAdmin.getRole(str);
        if (role == null) {
            throw new IllegalArgumentException();
        }
        User user = role;
        user.getCredentials().put(str2, str3);
        if (user.hasCredential(str, str2)) {
            this.logger.debug("User credential is set correctly");
        }
    }

    Boolean hasAccess(String str) {
        return Boolean.valueOf(this.userAdmin.getRole(str).hasCredential(APPSTORE_USER_NAME, str));
    }

    private Group getAppstoreGroup(String str) {
        return this.userAdmin.getRole(str) == null ? this.userAdmin.createRole(str, 2) : this.userAdmin.getRole(str);
    }

    private String addStoreCredentials(String str, String str2, String str3) {
        User role = this.userAdmin.getRole(str);
        if (hasAccess(str).booleanValue()) {
            setCredential(str, APPSTORE_PWD_NAME, str3);
            return "The password has successfully been changed";
        }
        Group appstoreGroup = getAppstoreGroup(APPSTORE_GROUP_NAME);
        setCredential(str, APPSTORE_PWD_NAME, str3);
        setCredential(str, APPSTORE_USER_NAME, str2);
        appstoreGroup.addMember(role);
        return "The user " + str + " was successfully assigned to the appstore with the name " + str2;
    }

    public String getGWId() {
        String str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: org.ogema.impl.apploader.CredentialStoreImpl.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public String run() {
                return FrameworkUtil.getBundle(getClass()).getBundleContext().getProperty("org.ogema.secloader.gatewayidentifier");
            }
        });
        if (str == null) {
            try {
                str = "OGEMA-" + InetAddress.getLocalHost().toString();
            } catch (UnknownHostException e) {
                str = "OGEMA-" + System.currentTimeMillis();
            }
        }
        return str;
    }

    public SSLContext getDISSLContext() {
        return null;
    }

    protected void bindUserAdmin(UserAdmin userAdmin) {
        this.userAdmin = userAdmin;
    }

    protected void unbindUserAdmin(UserAdmin userAdmin) {
        if (this.userAdmin == userAdmin) {
            this.userAdmin = null;
        }
    }
}
