package org.wicketstuff.security.hive.config;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.lang.reflect.Constructor;
import java.net.URL;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wicketstuff.security.actions.ActionFactory;
import org.wicketstuff.security.actions.WaspAction;
import org.wicketstuff.security.hive.BasicHive;
import org.wicketstuff.security.hive.Hive;
import org.wicketstuff.security.hive.SimpleCachingHive;
import org.wicketstuff.security.hive.authorization.EverybodyPrincipal;
import org.wicketstuff.security.hive.authorization.Permission;
import org.wicketstuff.security.hive.authorization.Principal;

/* loaded from: input_file:org/wicketstuff/security/hive/config/PolicyFileHiveFactory.class */
public class PolicyFileHiveFactory implements HiveFactory {
    private Set<URL> policyFiles;
    private Set<InputStream> inputStreams;
    private Set<Reader> inputReaders;
    private Map<String, String> aliases = new HashMap();
    private boolean useHiveCache = true;
    private boolean closeInputStreams = true;
    private int currentLineNr;
    private final ActionFactory actionFactory;
    private static final Logger log = LoggerFactory.getLogger(PolicyFileHiveFactory.class);
    private static final Pattern principalPattern = Pattern.compile("\\s*(?:grant(?:\\s+principal\\s+([^\"]+)\\s+\"([^\"]+)\")?){1}\\s*");
    private static final Pattern permissionPattern = Pattern.compile("\\s*(?:permission\\s+([^\",]+?)\\s+(?:(?:\"([^\"]+)\"){1}?(?:\\s*,\\s*\"([^\"]*)\")?)?\\s*;){1}\\s*");
    private static final Pattern aliasPattern = Pattern.compile("(\\$\\{[^\"\\{\\}\\$]+?\\})+?");
    private static final Class<?>[][] constructorArgs = {new Class[]{String.class, WaspAction.class}, new Class[]{String.class, String.class}, new Class[]{String.class, ActionFactory.class}, new Class[]{String.class}};

    public PolicyFileHiveFactory(ActionFactory actionFactory) {
        this.actionFactory = actionFactory;
        if (actionFactory == null) {
            throw new IllegalArgumentException("Must provide an ActionFactory");
        }
        this.policyFiles = new HashSet();
        this.inputStreams = new HashSet();
        this.inputReaders = new HashSet();
        setAlias("AllPermissions", "org.wicketstuff.security.hive.authorization.permissions.AllPermissions");
    }

    public final boolean addPolicyFile(URL url) {
        if (url != null) {
            return this.policyFiles.add(url);
        }
        log.warn("Can not add null as an url.");
        return false;
    }

    protected final Set<URL> getPolicyFiles() {
        return Collections.unmodifiableSet(this.policyFiles);
    }

    public final boolean addStream(InputStream inputStream) {
        if (inputStream != null) {
            return this.inputStreams.add(inputStream);
        }
        log.warn("Can not add null as a stream.");
        return false;
    }

    protected final Set<InputStream> getStreams() {
        return Collections.unmodifiableSet(this.inputStreams);
    }

    public final boolean addReader(Reader reader) {
        if (reader != null) {
            return this.inputReaders.add(reader);
        }
        log.warn("Can not add null as a reader.");
        return false;
    }

    protected final Set<Reader> getReaders() {
        return Collections.unmodifiableSet(this.inputReaders);
    }

    public final String getAlias(String str) {
        return this.aliases.get(str);
    }

    public final String setAlias(String str, String str2) {
        return this.aliases.put(str, str2);
    }

    protected final int getCurrentLineNr() {
        return this.currentLineNr;
    }

    private String resolveAliases(String str) {
        Matcher matcher = aliasPattern.matcher(str);
        StringBuffer stringBuffer = new StringBuffer(str.length() + 30);
        int i = 0;
        while (true) {
            int i2 = i;
            if (!matcher.find()) {
                if (i2 < str.length()) {
                    stringBuffer.append(str.substring(i2, str.length()));
                }
                String stringBuffer2 = stringBuffer.toString();
                if (stringBuffer2.indexOf("${") >= 0) {
                    throw new IllegalStateException("Nesting aliases is not supported: " + str);
                }
                return stringBuffer2;
            }
            if (matcher.start() > i2) {
                stringBuffer.append(str.substring(i2, matcher.start()));
                replaceAlias(str, matcher, stringBuffer);
            } else {
                if (matcher.start() != i2) {
                    throw new IllegalStateException("These aliases are not supported: " + str);
                }
                replaceAlias(str, matcher, stringBuffer);
            }
            i = matcher.end();
        }
    }

    private void replaceAlias(String str, Matcher matcher, StringBuffer stringBuffer) {
        String substring = str.substring(matcher.start() + 2, matcher.end() - 1);
        String alias = getAlias(substring);
        if (alias == null) {
            alias = substring;
            if (log.isDebugEnabled()) {
                log.debug("failed to resolve alias: " + substring);
            }
        } else if (log.isDebugEnabled()) {
            log.debug("resolved alias: " + substring + " to " + alias);
        }
        stringBuffer.ensureCapacity(stringBuffer.length() + alias.length());
        stringBuffer.append(alias);
    }

    protected BasicHive constructHive() {
        return isUsingHiveCache() ? new SimpleCachingHive() : new BasicHive();
    }

    @Override // org.wicketstuff.security.hive.config.HiveFactory
    public final Hive createHive() {
        BasicHive constructHive = constructHive();
        boolean z = false;
        for (URL url : this.policyFiles) {
            z = true;
            try {
                readPolicyFile(url, constructHive);
            } catch (IOException e) {
                log.error("Could not read from " + url, e);
            }
        }
        Iterator<InputStream> it = this.inputStreams.iterator();
        while (it.hasNext()) {
            z = true;
            try {
                readInputStream(it.next(), constructHive);
            } catch (IOException e2) {
                log.error("Could not read from stream", e2);
            }
        }
        this.inputStreams.clear();
        Iterator<Reader> it2 = this.inputReaders.iterator();
        while (it2.hasNext()) {
            z = true;
            try {
                readInputReader(it2.next(), constructHive);
            } catch (IOException e3) {
                log.error("Could not read from reader", e3);
            }
        }
        this.inputReaders.clear();
        if (!z) {
            log.warn("No policyFiles or inputstreams were added to the factory!");
        }
        constructHive.lock();
        return constructHive;
    }

    protected final void readPolicyFile(URL url, BasicHive basicHive) throws IOException {
        notifyFileStart(url);
        InputStream inputStream = null;
        try {
            inputStream = url.openStream();
            readStream(inputStream, basicHive);
            notifyFileClose(url, this.currentLineNr);
            if (inputStream != null) {
                inputStream.close();
            }
        } catch (Throwable th) {
            notifyFileClose(url, this.currentLineNr);
            if (inputStream != null) {
                inputStream.close();
            }
            throw th;
        }
    }

    protected final void readInputStream(InputStream inputStream, BasicHive basicHive) throws IOException {
        notifyStreamStart(inputStream);
        try {
            readStream(inputStream, basicHive);
        } finally {
            notifyStreamEnd(inputStream, this.currentLineNr);
            if (this.closeInputStreams) {
                inputStream.close();
            }
        }
    }

    protected final void readInputReader(Reader reader, BasicHive basicHive) throws IOException {
        notifyReaderStart(reader);
        try {
            readReader(reader, basicHive);
        } finally {
            notifyReaderEnd(reader, this.currentLineNr);
            if (this.closeInputStreams) {
                reader.close();
            }
        }
    }

    protected void readReader(Reader reader, BasicHive basicHive) throws IOException {
        read(reader, basicHive);
    }

    protected void notifyStreamEnd(InputStream inputStream, int i) {
    }

    protected void notifyReaderStart(Reader reader) {
    }

    protected void notifyReaderEnd(Reader reader, int i) {
    }

    protected void notifyStreamStart(InputStream inputStream) {
    }

    protected void readStream(InputStream inputStream, BasicHive basicHive) throws IOException {
        read(new InputStreamReader(inputStream), basicHive);
    }

    protected final void read(Reader reader, BasicHive basicHive) throws IOException {
        BufferedReader bufferedReader = reader instanceof BufferedReader ? (BufferedReader) reader : new BufferedReader(reader);
        boolean z = false;
        Principal principal = null;
        Set<Permission> set = null;
        this.currentLineNr = 0;
        String readLine = bufferedReader.readLine();
        while (readLine != null) {
            this.currentLineNr++;
            if (z) {
                String trim = readLine.trim();
                boolean startsWith = trim.startsWith("{");
                if (startsWith) {
                    if (set != null || principal == null) {
                        skipIllegalPrincipal(this.currentLineNr, principal, set);
                    }
                    set = new HashSet<>();
                }
                boolean endsWith = trim.endsWith("};");
                if (endsWith) {
                    z = false;
                    if (set == null || set.size() <= 0) {
                        skipEmptyPrincipal(this.currentLineNr, principal);
                    } else {
                        basicHive.addPrincipal(principal, set);
                    }
                    set = null;
                    principal = null;
                }
                if (!startsWith && !endsWith) {
                    Matcher matcher = permissionPattern.matcher(readLine);
                    if (matcher.matches()) {
                        String group = matcher.group(1);
                        if (group == null) {
                            skipPermission(this.currentLineNr, null);
                            readLine = bufferedReader.readLine();
                        } else {
                            try {
                                Class<?> cls = Class.forName(resolveAliases(group));
                                if (Permission.class.isAssignableFrom(cls)) {
                                    Permission createPermission = createPermission(cls.asSubclass(Permission.class), resolveAliases(matcher.group(2)), matcher.group(3));
                                    if (createPermission == null) {
                                        readLine = bufferedReader.readLine();
                                    } else if (set == null) {
                                        skipIllegalPermission(this.currentLineNr, principal, createPermission);
                                        readLine = bufferedReader.readLine();
                                    } else if (set.add(createPermission)) {
                                        notifyPermission(this.currentLineNr, principal, createPermission);
                                    } else {
                                        skipPermission(this.currentLineNr, principal, createPermission);
                                    }
                                } else {
                                    skipPermission(this.currentLineNr, cls);
                                    readLine = bufferedReader.readLine();
                                }
                            } catch (ClassNotFoundException e) {
                                skipPermission(this.currentLineNr, group, e);
                                readLine = bufferedReader.readLine();
                            }
                        }
                    } else {
                        skipLine(this.currentLineNr, readLine);
                    }
                }
            } else {
                Matcher matcher2 = principalPattern.matcher(readLine);
                if (matcher2.matches()) {
                    String group2 = matcher2.group(1);
                    if (group2 == null) {
                        principal = new EverybodyPrincipal();
                    } else {
                        try {
                            Class<?> cls2 = Class.forName(resolveAliases(group2));
                            if (Principal.class.isAssignableFrom(cls2)) {
                                Class<? extends U> asSubclass = cls2.asSubclass(Principal.class);
                                Constructor constructor = null;
                                try {
                                    constructor = asSubclass.getConstructor(constructorArgs[constructorArgs.length - 1]);
                                } catch (NoSuchMethodException e2) {
                                    log.error("No valid constructor found for " + asSubclass.getName(), e2);
                                } catch (SecurityException e3) {
                                    log.error("No valid constructor found for " + asSubclass.getName(), e3);
                                }
                                if (constructor == null) {
                                    skipPrincipal(this.currentLineNr, asSubclass);
                                    readLine = bufferedReader.readLine();
                                } else {
                                    try {
                                        principal = (Principal) constructor.newInstance(resolveAliases(matcher2.group(2)));
                                    } catch (Exception e4) {
                                        skipPrincipal(this.currentLineNr, asSubclass, e4);
                                        readLine = bufferedReader.readLine();
                                    }
                                }
                            } else {
                                skipPrincipalClass(this.currentLineNr, cls2);
                                readLine = bufferedReader.readLine();
                            }
                        } catch (ClassNotFoundException e5) {
                            skipPrincipalClass(this.currentLineNr, group2, e5);
                            readLine = bufferedReader.readLine();
                        }
                    }
                    notifyOfPrincipal(this.currentLineNr, principal);
                    z = true;
                } else {
                    skipLine(this.currentLineNr, readLine);
                }
            }
            readLine = bufferedReader.readLine();
        }
        if (z) {
            warnUnclosedPrincipalBlock(principal, this.currentLineNr);
            if (set == null || set.size() <= 0) {
                skipEmptyPrincipal(this.currentLineNr, principal);
            } else {
                basicHive.addPrincipal(principal, set);
            }
        }
    }

    private Permission createPermission(Class<? extends Permission> cls, String str, String str2) {
        Object[] objArr;
        Constructor<? extends Permission> findConstructor = findConstructor(cls, str2);
        if (findConstructor == null) {
            skipPermission(this.currentLineNr, cls);
            return null;
        }
        if (match(findConstructor.getParameterTypes(), constructorArgs[0])) {
            objArr = new Object[]{str, getActionFactory().getAction(str2)};
        } else if (match(findConstructor.getParameterTypes(), constructorArgs[1])) {
            objArr = new Object[]{str, str2};
        } else if (match(findConstructor.getParameterTypes(), constructorArgs[2])) {
            objArr = new Object[]{str, this.actionFactory};
        } else {
            if (!match(findConstructor.getParameterTypes(), constructorArgs[3])) {
                String str3 = "Unable to handle constructor " + findConstructor + ", at line nr " + this.currentLineNr;
                log.error(str3);
                throw new RuntimeException(str3);
            }
            objArr = new Object[]{str};
        }
        try {
            return findConstructor.newInstance(objArr);
        } catch (Exception e) {
            skipPermission(this.currentLineNr, cls, objArr, e);
            return null;
        }
    }

    private boolean match(Class<?>[] clsArr, Class<?>[] clsArr2) {
        if (clsArr == clsArr2) {
            return true;
        }
        if (clsArr == null || clsArr2 == null || clsArr.length != clsArr2.length) {
            return false;
        }
        for (int i = 0; i < clsArr.length; i++) {
            if (!clsArr[i].isAssignableFrom(clsArr2[i])) {
                return false;
            }
        }
        return true;
    }

    private Constructor<? extends Permission> findConstructor(Class<? extends Permission> cls, String str) {
        int i = 0;
        if (str == null) {
            i = 2;
        }
        return findConstructor(cls, i);
    }

    private Constructor<? extends Permission> findConstructor(Class<? extends Permission> cls, int i) {
        if (i >= constructorArgs.length) {
            return null;
        }
        Class<?>[] clsArr = constructorArgs[i];
        Constructor<? extends Permission> constructor = null;
        try {
            constructor = cls.getConstructor(clsArr);
        } catch (NoSuchMethodException e) {
            log.debug("No valid constructor found for " + cls.getName(), e);
            notifyPermission(this.currentLineNr, cls, clsArr);
            if (i < constructorArgs.length) {
                return findConstructor(cls, i + 1);
            }
        } catch (SecurityException e2) {
            log.debug("No valid constructor found for " + cls.getName(), e2);
            notifyPermission(this.currentLineNr, cls, clsArr);
            if (i < constructorArgs.length) {
                return findConstructor(cls, i + 1);
            }
        }
        return constructor;
    }

    protected void warnUnclosedPrincipalBlock(Principal principal, int i) {
        log.warn("The principal " + principal + " running to line " + i + " is not properly closed with '};'.");
    }

    protected void notifyFileClose(URL url, int i) {
    }

    protected void notifyFileStart(URL url) {
    }

    protected void skipPermission(int i, String str, ClassNotFoundException classNotFoundException) {
        log.error("Permission class not found: " + str + ", line " + i, classNotFoundException);
    }

    protected void notifyPermission(int i, Principal principal, Permission permission) {
    }

    protected void skipPermission(int i, Principal principal, Permission permission) {
        log.debug(permission + " skipped because it was already added to the permission set for " + principal + ", line nr " + i);
    }

    protected void skipIllegalPermission(int i, Principal principal, Permission permission) {
        log.debug(permission + " skipped because the pricipal " + principal + " has not yet declared its opening block statement '{', line nr " + i);
    }

    protected void skipPrincipalClass(int i, String str, ClassNotFoundException classNotFoundException) {
        log.error("Unable to find principal of class " + str + " at line nr " + i, classNotFoundException);
    }

    protected void skipPrincipal(int i, Class<? extends Principal> cls) {
        log.error("No valid constructor found for " + cls.getName() + " at line " + i);
    }

    protected void notifyOfPrincipal(int i, Principal principal) {
    }

    protected void skipPrincipal(int i, Class<? extends Principal> cls, Exception exc) {
        log.error("Unable to create new instance of " + cls.getName() + " at line nr " + i, exc);
    }

    protected void skipPrincipalClass(int i, Class<?> cls) {
        log.error(cls.getName() + "is not a subclass of " + Principal.class.getName() + ", line nr " + i);
    }

    protected void skipLine(int i, String str) {
        log.debug("skipping line " + i + ": " + str);
    }

    protected void skipPermission(int i, Class<? extends Permission> cls, Object[] objArr, Exception exc) {
        log.error("Unable to create new instance of class " + cls.getName() + " using the following argument(s) " + arrayToString(objArr) + ", line nr " + i, exc);
    }

    protected final String arrayToString(Object[] objArr) {
        if (objArr == null) {
            return null;
        }
        if (objArr.length < 1) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer(objArr.length * 12);
        for (int i = 0; i < objArr.length; i++) {
            stringBuffer.append(objArr[i]);
            if (i < objArr.length - 1) {
                stringBuffer.append(", ");
            }
        }
        return stringBuffer.toString();
    }

    protected void notifyPermission(int i, Class<? extends Permission> cls, Class<?>[] clsArr) {
        log.debug("No constructor found matching argument(s) " + arrayToString(clsArr) + " for class " + cls.getName() + ", line nr " + i);
    }

    protected void skipPermission(int i, Class<?> cls) {
        if (cls == null) {
            log.error("Missing permission class at line " + i);
        } else if (Permission.class.isAssignableFrom(cls)) {
            log.error("No valid constructor found for class " + cls.getName() + ", line nr " + i);
        } else {
            log.error(cls.getName() + " is not a subclass of " + Permission.class.getName());
        }
    }

    protected void skipEmptyPrincipal(int i, Principal principal) {
        if (log.isDebugEnabled()) {
            log.debug("skipping principal " + principal + ", no permissions found before line nr " + i);
        }
    }

    protected void skipIllegalPrincipal(int i, Principal principal, Set<Permission> set) {
        log.error("Illegal principal block detected at line " + i);
    }

    public final boolean isUsingHiveCache() {
        return this.useHiveCache;
    }

    public final void useHiveCache(boolean z) {
        this.useHiveCache = z;
    }

    public final boolean isCloseInputStreams() {
        return this.closeInputStreams;
    }

    public final void setCloseInputStreams(boolean z) {
        this.closeInputStreams = z;
    }

    protected final ActionFactory getActionFactory() {
        return this.actionFactory;
    }
}
