package org.yamcs.security;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.yamcs.ConfigurationException;
import org.yamcs.YConfiguration;
import org.yamcs.commanding.PreparedCommand;
import org.yamcs.utils.YObjectLoader;

/* loaded from: input_file:org/yamcs/security/SecurityStore.class */
public class SecurityStore {
    private static final Logger log = LoggerFactory.getLogger(SecurityStore.class);
    private static SecurityStore instance;
    private boolean enabled;
    private List<AuthModule> authModules = new ArrayList();
    private User systemUser;
    private User unauthenticatedUser;

    private SecurityStore() {
        this.enabled = false;
        YConfiguration configuration = YConfiguration.isDefined("security") ? YConfiguration.getConfiguration("security") : YConfiguration.emptyConfig();
        this.enabled = configuration.getBoolean("enabled", false);
        if (!this.enabled) {
            log.warn("Security disabled");
            if (configuration.containsKey("unauthenticatedUser")) {
                YConfiguration config = configuration.getConfig("unauthenticatedUser");
                String string = config.getString(PreparedCommand.CNAME_USERNAME);
                if (string.isEmpty() || string.contains(":")) {
                    throw new ConfigurationException("Invalid username '" + string + "' for unauthenticatedUser");
                }
                this.unauthenticatedUser = new User(string);
                this.unauthenticatedUser.setSuperuser(config.getBoolean("superuser", false));
                if (config.containsKey("privileges")) {
                    config.getMap("privileges").forEach((str, obj) -> {
                        if (str.equals("System")) {
                            Iterator it = ((List) obj).iterator();
                            while (it.hasNext()) {
                                this.unauthenticatedUser.addSystemPrivilege(new SystemPrivilege((String) it.next()));
                            }
                            return;
                        }
                        ObjectPrivilegeType objectPrivilegeType = new ObjectPrivilegeType(str);
                        Iterator it2 = ((List) obj).iterator();
                        while (it2.hasNext()) {
                            this.unauthenticatedUser.addObjectPrivilege(new ObjectPrivilege(objectPrivilegeType, (String) it2.next()));
                        }
                    });
                }
            } else {
                this.unauthenticatedUser = new User("admin");
                this.unauthenticatedUser.setSuperuser(true);
            }
        } else if (configuration.containsKey("authModules")) {
            for (Map map : configuration.getList("authModules")) {
                log.info("Loading AuthModule " + YConfiguration.getString(map, "class"));
                try {
                    this.authModules.add((AuthModule) YObjectLoader.loadObject(map));
                } catch (IOException e) {
                    throw new ConfigurationException("Failed to load AuthModule", e);
                }
            }
        }
        this.systemUser = new User("System");
        this.systemUser.setSuperuser(true);
    }

    public static synchronized SecurityStore getInstance() {
        if (instance == null) {
            instance = new SecurityStore();
        }
        return instance;
    }

    public List<AuthModule> getAuthModules() {
        return this.authModules;
    }

    public <T extends AuthModule> T getAuthModule(Class<T> cls) {
        Iterator<AuthModule> it = this.authModules.iterator();
        while (it.hasNext()) {
            T t = (T) it.next();
            if (t.getClass() == cls) {
                return t;
            }
        }
        return null;
    }

    public User getSystemUser() {
        return this.systemUser;
    }

    public User getUnauthenticatedUser() {
        return this.unauthenticatedUser;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x0047, code lost:
    
        org.yamcs.security.SecurityStore.log.debug("User successfully authenticated by {}", r0.getClass().getName());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.concurrent.CompletableFuture<org.yamcs.security.User> login(org.yamcs.security.AuthenticationToken r6) {
        /*
            Method dump skipped, instructions count: 387
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.yamcs.security.SecurityStore.login(org.yamcs.security.AuthenticationToken):java.util.concurrent.CompletableFuture");
    }

    public boolean verifyValidity(User user) {
        for (AuthModule authModule : this.authModules) {
            AuthenticationInfo authenticationInfo = user.getAuthenticationInfo();
            if (authenticationInfo != null && authModule.equals(authenticationInfo.getAuthenticator())) {
                return authModule.verifyValidity(user);
            }
        }
        return true;
    }
}
