package com.sun.identity.cli;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.security.DecodeAction;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import org.forgerock.openam.utils.CollectionUtils;

/* loaded from: input_file:com/sun/identity/cli/AuthenticatedCommand.class */
public abstract class AuthenticatedCommand extends CLICommandBase {
    private static final String FILE_REFERENCE_SUFFIX = "-file";
    private static final Set<String> FILE_REFERENCE_SUFFIX_EXEMPT = CollectionUtils.asSet(new String[]{"iplanet-am-logging-num-hist-file", "iplanet-am-auth-windowsdesktopsso-keytab-file"});
    private String adminID;
    private String adminPassword;
    protected SSOToken ssoToken;

    @Override // com.sun.identity.cli.CLICommandBase, com.sun.identity.cli.CLICommand
    public void handleRequest(RequestContext requestContext) throws CLIException {
        super.handleRequest(requestContext);
        this.ssoToken = requestContext.getCLIRequest().getSSOToken();
        if (this.ssoToken == null) {
            this.adminID = getStringOptionValue("adminid");
            this.adminPassword = getPassword();
        }
    }

    private String getPassword() throws CLIException {
        String stringOptionValue = getStringOptionValue("password-file");
        String fileContent = CLIUtil.getFileContent(getCommandManager(), stringOptionValue, true);
        String str = (String) AccessController.doPrivileged((PrivilegedAction) new DecodeAction(fileContent));
        if (str != null) {
            fileContent = str;
        }
        validatePwdFilePermissions(stringOptionValue);
        return fileContent;
    }

    private void validatePwdFilePermissions(String str) throws CLIException {
        int indexOf;
        if (System.getProperty("path.separator").equals(":")) {
            try {
                String readLine = new BufferedReader(new InputStreamReader(Runtime.getRuntime().exec(new String[]{"/bin/ls", "-l", str}).getInputStream())).readLine();
                if (readLine == null || (indexOf = readLine.indexOf(" ")) == -1 || readLine.substring(0, indexOf).startsWith("-r--------")) {
                } else {
                    throw new CLIException(MessageFormat.format(getCommandManager().getResourceBundle().getString("error-message-password-file-not-readonly"), str), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
                }
            } catch (IOException e) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAdminPassword() {
        return this.adminPassword;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAdminID() {
        return this.adminID;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSOToken getAdminSSOToken() {
        return this.ssoToken;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void ldapLogin() throws CLIException {
        if (this.ssoToken == null) {
            this.ssoToken = Authenticator.getInstance().ldapLogin(getCommandManager(), getAdminID(), getAdminPassword());
        } else {
            try {
                SSOTokenManager.getInstance().validateToken(this.ssoToken);
            } catch (SSOException e) {
                throw new CLIException((Throwable) e, 27);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.identity.cli.CLICommandBase
    public void writeLog(int i, Level level, String str, String... strArr) throws CLIException {
        LogWriter.log(getCommandManager(), i, level, str, strArr, getAdminSSOToken());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, Set<String>> processFileAttributes(Map<String, Set<String>> map) throws CLIException {
        Map<String, Set<String>> map2 = map;
        if (map != null) {
            map2 = new LinkedHashMap(map.size());
            for (Map.Entry<String, Set<String>> entry : map.entrySet()) {
                String key = entry.getKey();
                Set<String> value = entry.getValue();
                if (key != null && key.endsWith(FILE_REFERENCE_SUFFIX) && !FILE_REFERENCE_SUFFIX_EXEMPT.contains(key)) {
                    key = key.substring(0, key.length() - FILE_REFERENCE_SUFFIX.length());
                    if (map.containsKey(key)) {
                        throw new CLIException("Cannot specify both normal and -file attribute: " + key, 21);
                    }
                    if (value != null) {
                        LinkedHashSet linkedHashSet = new LinkedHashSet(value.size());
                        Iterator<String> it = value.iterator();
                        while (it.hasNext()) {
                            linkedHashSet.add(CLIUtil.getFileContent(getCommandManager(), it.next()));
                        }
                        value = linkedHashSet;
                    }
                }
                map2.put(key, value);
            }
        }
        return map2;
    }
}
