package org.opensearch.hadoop.security;

import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.opensearch.hadoop.OpenSearchHadoopException;
import org.opensearch.hadoop.cfg.Settings;
import org.opensearch.hadoop.util.ClusterName;

/* loaded from: input_file:org/opensearch/hadoop/security/JdkUser.class */
public class JdkUser implements User {
    private final Subject subject;
    private final Settings providerSettings;

    /* loaded from: input_file:org/opensearch/hadoop/security/JdkUser$OpenSearchTokenHolder.class */
    static class OpenSearchTokenHolder {
        private Map<String, OpenSearchToken> creds = new HashMap();

        OpenSearchTokenHolder() {
        }

        OpenSearchToken getCred(String str) {
            return this.creds.get(str);
        }

        Collection<OpenSearchToken> getCreds() {
            return this.creds.values();
        }

        void setCred(String str, OpenSearchToken openSearchToken) {
            this.creds.put(str, openSearchToken);
        }
    }

    public JdkUser(Subject subject, Settings settings) {
        this.subject = subject;
        this.providerSettings = settings;
    }

    @Override // org.opensearch.hadoop.security.User
    public <T> T doAs(PrivilegedAction<T> privilegedAction) {
        return (T) Subject.doAs(this.subject, privilegedAction);
    }

    @Override // org.opensearch.hadoop.security.User
    public <T> T doAs(PrivilegedExceptionAction<T> privilegedExceptionAction) throws OpenSearchHadoopException {
        try {
            return (T) Subject.doAs(this.subject, privilegedExceptionAction);
        } catch (PrivilegedActionException e) {
            if (e.getCause() instanceof OpenSearchHadoopException) {
                throw ((OpenSearchHadoopException) e.getCause());
            }
            throw new OpenSearchHadoopException(e.getCause());
        }
    }

    @Override // org.opensearch.hadoop.security.User
    public OpenSearchToken getOpenSearchToken(String str) {
        if (str == null || str.equals("") || str.equals(ClusterName.UNNAMED_CLUSTER_NAME)) {
            return null;
        }
        Set privateCredentials = this.subject.getPrivateCredentials(OpenSearchTokenHolder.class);
        if (privateCredentials.isEmpty()) {
            return null;
        }
        return ((OpenSearchTokenHolder) privateCredentials.iterator().next()).getCred(str);
    }

    @Override // org.opensearch.hadoop.security.User
    public Iterable<OpenSearchToken> getAllOpenSearchTokens() {
        Set privateCredentials = this.subject.getPrivateCredentials(OpenSearchTokenHolder.class);
        if (privateCredentials.isEmpty()) {
            return Collections.emptyList();
        }
        OpenSearchTokenHolder openSearchTokenHolder = (OpenSearchTokenHolder) privateCredentials.iterator().next();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(openSearchTokenHolder.getCreds());
        return Collections.unmodifiableList(arrayList);
    }

    @Override // org.opensearch.hadoop.security.User
    public void addOpenSearchToken(OpenSearchToken openSearchToken) {
        OpenSearchTokenHolder openSearchTokenHolder;
        Iterator it = this.subject.getPrivateCredentials(OpenSearchTokenHolder.class).iterator();
        if (it.hasNext()) {
            openSearchTokenHolder = (OpenSearchTokenHolder) it.next();
        } else {
            openSearchTokenHolder = new OpenSearchTokenHolder();
            this.subject.getPrivateCredentials().add(openSearchTokenHolder);
        }
        openSearchTokenHolder.setCred(openSearchToken.getClusterName(), openSearchToken);
    }

    @Override // org.opensearch.hadoop.security.User
    public String getUserName() {
        KerberosPrincipal kerberosPrincipal = getKerberosPrincipal();
        if (kerberosPrincipal == null) {
            return null;
        }
        return kerberosPrincipal.getName();
    }

    @Override // org.opensearch.hadoop.security.User
    public KerberosPrincipal getKerberosPrincipal() {
        Iterator it = this.subject.getPrincipals(KerberosPrincipal.class).iterator();
        if (it.hasNext()) {
            return (KerberosPrincipal) it.next();
        }
        return null;
    }

    @Override // org.opensearch.hadoop.security.User
    public boolean isProxyUser() {
        return false;
    }

    @Override // org.opensearch.hadoop.security.User
    public UserProvider getRealUserProvider() {
        JdkUserProvider jdkUserProvider = new JdkUserProvider();
        jdkUserProvider.setSettings(this.providerSettings);
        return jdkUserProvider;
    }

    public String toString() {
        return "JdkUser{subject=" + this.subject + '}';
    }
}
