package org.josso.gateway.identity.service.store;

import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.josso.auth.BaseCredential;
import org.josso.auth.Credential;
import org.josso.auth.CredentialKey;
import org.josso.auth.CredentialProvider;
import org.josso.auth.scheme.AuthenticationScheme;
import org.josso.gateway.SSOException;
import org.josso.gateway.SSONameValuePair;
import org.josso.gateway.identity.exceptions.NoSuchRoleException;
import org.josso.gateway.identity.exceptions.NoSuchUserException;
import org.josso.gateway.identity.exceptions.SSOIdentityException;
import org.josso.gateway.identity.service.BaseRole;
import org.josso.gateway.identity.service.BaseRoleImpl;
import org.josso.gateway.identity.service.BaseUser;
import org.josso.gateway.identity.service.BaseUserImpl;
import org.josso.selfservices.ChallengeResponseCredential;
import org.springframework.beans.PropertyAccessor;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/josso-memory-identitystore-1.8.7.jar:org/josso/gateway/identity/service/store/MemoryIdentityStore.class */
public class MemoryIdentityStore extends AbstractStore implements ExtendedIdentityStore {
    private static final Log logger = LogFactory.getLog(MemoryIdentityStore.class);
    private Map<String, Element> _roles;
    private Map<String, Element> _users;
    private Map<String, Set<String>> _userRoles;
    private Map<String, Element> _principalCredentials;
    private Map<String, List<String>> _principalLookupKeys;
    private boolean _initialized;
    private String _credentialsFileName;
    private String _usersFileName;

    public MemoryIdentityStore() {
        logger.debug("Creating new MemoryIdentityStore");
        this._users = new HashMap(7);
        this._userRoles = new HashMap(11);
        this._roles = new HashMap(11);
        this._principalCredentials = new HashMap(11);
        this._principalLookupKeys = new HashMap(11);
        this._initialized = false;
    }

    public synchronized void initialize() {
        try {
            if (this._usersFileName != null) {
                loadUsersData(this._usersFileName);
            }
            if (this._credentialsFileName != null) {
                loadCredentialsData(this._credentialsFileName);
            }
            this._initialized = true;
        } catch (Exception e) {
            logger.error(e, e);
            throw new RuntimeException("Can't initialize memory store : " + e.getMessage(), e);
        }
    }

    protected void loadUsersData(String str) throws Exception {
        logger.info("Reading users from : " + str);
        Document parse = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(getClass().getResourceAsStream("/" + str));
        parse.getDocumentElement().normalize();
        logger.debug("Root element of the doc is " + parse.getDocumentElement().getNodeName());
        loadRoles(parse);
        logger.info("Loaded " + this._roles.size() + " roles from : " + str);
        loadUsers(parse);
        logger.info("Loaded " + this._users.size() + " users from : " + str);
    }

    protected void loadRoles(Document document) throws SSOException {
        NodeList elementsByTagName = document.getElementsByTagName("role");
        logger.debug("Total roles: " + elementsByTagName.getLength());
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                Element element = (Element) item;
                Element element2 = (Element) element.getElementsByTagName("name").item(0);
                logger.debug("Storing role for name : [" + getTextContent(element2) + PropertyAccessor.PROPERTY_KEY_SUFFIX);
                this._roles.put(getTextContent(element2), element);
            }
        }
    }

    protected void loadUsers(Document document) throws Exception {
        NodeList elementsByTagName = document.getElementsByTagName("user");
        logger.debug("Total users: " + elementsByTagName.getLength());
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                Element element = (Element) item;
                Node item2 = element.getElementsByTagName("name").item(0);
                logger.debug("Storing user for name : " + getTextContent(item2));
                this._users.put(getTextContent(item2), element);
            }
        }
    }

    protected void loadCredentialsData(String str) throws Exception {
        logger.info("Reading credentials from : " + str);
        Document parse = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(getClass().getResourceAsStream("/" + str));
        parse.getDocumentElement().normalize();
        loadCredentials(parse);
        logger.info("Loaded " + this._principalCredentials.size() + " credential sets from : " + str);
    }

    protected void loadCredentials(Document document) throws Exception {
        NodeList elementsByTagName = document.getElementsByTagName("credential-set");
        logger.debug("Total credential sets: " + elementsByTagName.getLength());
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element = (Element) elementsByTagName.item(i);
            Node item = element.getElementsByTagName("key").item(0);
            if (item.getNodeType() != 1 || !item.getNodeName().equals("key")) {
                throw new SSOIdentityException("Credential set definitions need a 'key' element [" + item.getNodeName() + PropertyAccessor.PROPERTY_KEY_SUFFIX);
            }
            String textContent = getTextContent(item);
            logger.info("Storing credentials for key : " + textContent);
            this._principalCredentials.put(textContent, element);
            Node item2 = element.getElementsByTagName("principalLookupKey").item(0);
            if (item2 != null && item2.getNodeType() == 1 && item2.getNodeName().equals("principalLookupKey")) {
                String textContent2 = getTextContent(item2);
                logger.info("Storing principal lookup key for " + textContent + " : " + textContent2);
                List<String> list = this._principalLookupKeys.get(textContent2);
                if (list == null) {
                    list = new ArrayList();
                }
                list.add(textContent);
                this._principalLookupKeys.put(textContent2, list);
            }
        }
    }

    protected Collection<BaseUser> listUsers() throws SSOIdentityException {
        if (!this._initialized) {
            initialize();
        }
        Collection<Element> values = this._users.values();
        ArrayList arrayList = new ArrayList(values.size());
        Iterator<Element> it = values.iterator();
        while (it.hasNext()) {
            arrayList.add(toBaseUser(it.next()));
        }
        return arrayList;
    }

    @Override // org.josso.gateway.identity.service.store.IdentityStore
    public synchronized BaseUser loadUser(UserKey userKey) throws NoSuchUserException, SSOIdentityException {
        if (!this._initialized) {
            initialize();
        }
        if (!(userKey instanceof SimpleUserKey)) {
            throw new SSOIdentityException("Unsupported key type : " + userKey.getClass().getName());
        }
        Element element = this._users.get(((SimpleUserKey) userKey).getId());
        if (element == null) {
            Iterator<Map.Entry<String, Element>> it = this._users.entrySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Map.Entry<String, Element> next = it.next();
                if (next.getKey().equalsIgnoreCase(((SimpleUserKey) userKey).getId())) {
                    element = next.getValue();
                    break;
                }
            }
        }
        if (element == null) {
            throw new NoSuchUserException(userKey);
        }
        BaseUser baseUser = toBaseUser(element);
        if (logger.isDebugEnabled()) {
            logger.debug("[load(" + userKey + ")] : ok");
        }
        return baseUser;
    }

    @Override // org.josso.gateway.identity.service.store.IdentityStore
    public synchronized BaseRole[] findRolesByUserKey(UserKey userKey) throws SSOIdentityException {
        if (!this._initialized) {
            initialize();
        }
        ArrayList arrayList = new ArrayList();
        Set<String> set = this._userRoles.get(((SimpleUserKey) userKey).getId());
        if (set != null) {
            for (String str : set) {
                BaseRole findRoleByName = findRoleByName(str);
                if (findRoleByName == null) {
                    throw new SSOIdentityException("Role '" + str + "' declared for user '" + userKey + "' not defined");
                }
                arrayList.add(findRoleByName);
            }
        }
        return (BaseRole[]) arrayList.toArray(new BaseRole[arrayList.size()]);
    }

    @Override // org.josso.gateway.identity.service.store.ExtendedIdentityStore
    public String loadUsernameByRelayCredential(ChallengeResponseCredential challengeResponseCredential) throws SSOIdentityException {
        logger.debug("Looking for user with " + challengeResponseCredential.getId() + "=[" + challengeResponseCredential.getResponse() + PropertyAccessor.PROPERTY_KEY_SUFFIX);
        for (BaseUser baseUser : listUsers()) {
            SSONameValuePair[] properties = baseUser.getProperties();
            if (logger.isDebugEnabled()) {
                logger.debug("Checking user : " + baseUser.getName() + " with " + properties.length + " properties.");
            }
            if (properties != null) {
                for (SSONameValuePair sSONameValuePair : properties) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("Checking property : " + sSONameValuePair.getName() + "=[" + sSONameValuePair.getValue() + PropertyAccessor.PROPERTY_KEY_SUFFIX);
                    }
                    if (sSONameValuePair.getName().equals(challengeResponseCredential.getId()) && sSONameValuePair.getValue().equals(challengeResponseCredential.getResponse())) {
                        return baseUser.getName();
                    }
                }
            }
        }
        return null;
    }

    @Override // org.josso.gateway.identity.service.store.ExtendedIdentityStore
    public void updateAccountPassword(UserKey userKey, Credential credential) {
    }

    @Override // org.josso.auth.CredentialStore
    public Credential[] loadCredentials(CredentialKey credentialKey, CredentialProvider credentialProvider) throws SSOIdentityException {
        if (!this._initialized) {
            initialize();
        }
        if (!(credentialKey instanceof SimpleUserKey)) {
            throw new SSOIdentityException("Unsupported key type : " + credentialKey.getClass().getName());
        }
        Credential[] credentials = toCredentials(getCredentialElements((SimpleUserKey) credentialKey, credentialProvider), credentialProvider);
        logger.debug("Found " + credentials.length + " credentials!");
        if (logger.isDebugEnabled()) {
            for (int i = 0; i < credentials.length; i++) {
                logger.debug("Credential[" + i + "]=" + credentials[i]);
            }
        }
        return credentials;
    }

    @Override // org.josso.auth.CredentialStore
    public String loadUID(CredentialKey credentialKey, CredentialProvider credentialProvider) throws SSOIdentityException {
        if (!(credentialKey instanceof SimpleUserKey)) {
            throw new SSOIdentityException("Unsupported key type : " + credentialKey.getClass().getName());
        }
        SimpleUserKey simpleUserKey = (SimpleUserKey) credentialKey;
        if (!(credentialKey instanceof CertificateUserKey)) {
            return simpleUserKey.getId();
        }
        X509Certificate certificate = ((CertificateUserKey) credentialKey).getCertificate();
        if (certificate == null) {
            return null;
        }
        for (Element element : getCredentialElements(simpleUserKey, credentialProvider)) {
            for (Credential credential : toCredentials(element, credentialProvider)) {
                if ((((BaseCredential) credential).getValue() instanceof X509Certificate) && certificate.equals((X509Certificate) ((BaseCredential) credential).getValue())) {
                    return getTextContent(element.getElementsByTagName("key").item(0));
                }
            }
        }
        return null;
    }

    protected Element getCredentialElement(String str) {
        Element element = this._principalCredentials.get(str);
        if (element == null) {
            Iterator<Map.Entry<String, Element>> it = this._principalCredentials.entrySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Map.Entry<String, Element> next = it.next();
                if (next.getKey().equalsIgnoreCase(str)) {
                    element = next.getValue();
                    break;
                }
            }
        }
        return element;
    }

    protected List<Element> getCredentialElements(SimpleUserKey simpleUserKey, CredentialProvider credentialProvider) {
        Element credentialElement;
        List<String> list;
        ArrayList arrayList = new ArrayList();
        String str = null;
        if (credentialProvider instanceof AuthenticationScheme) {
            str = ((AuthenticationScheme) credentialProvider).getName();
        }
        if ("strong-authentication".equals(str) && (list = this._principalLookupKeys.get(simpleUserKey.getId())) != null && list.size() > 0) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                Element credentialElement2 = getCredentialElement(it.next());
                if (credentialElement2 != null) {
                    arrayList.add(credentialElement2);
                }
            }
        }
        if (arrayList.size() == 0 && (credentialElement = getCredentialElement(simpleUserKey.getId())) != null) {
            arrayList.add(credentialElement);
        }
        return arrayList;
    }

    protected Credential[] toCredentials(List<Element> list, CredentialProvider credentialProvider) throws SSOIdentityException {
        ArrayList arrayList = new ArrayList();
        if (list == null || list.size() == 0) {
            return (Credential[]) arrayList.toArray(new Credential[arrayList.size()]);
        }
        Iterator<Element> it = list.iterator();
        while (it.hasNext()) {
            arrayList.addAll(toCredentials(it.next(), credentialProvider));
        }
        return (Credential[]) arrayList.toArray(new Credential[arrayList.size()]);
    }

    protected List<Credential> toCredentials(Element element, CredentialProvider credentialProvider) throws SSOIdentityException {
        ArrayList arrayList = new ArrayList();
        if (element == null) {
            return arrayList;
        }
        NodeList elementsByTagName = element.getElementsByTagName("credential");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element2 = (Element) elementsByTagName.item(i);
            if (element2.getNodeType() == 1 && element2.getNodeName().equals("credential")) {
                Node item = element2.getElementsByTagName("name").item(0);
                if (item.getNodeType() != 1 || !item.getNodeName().equals("name")) {
                    throw new SSOIdentityException("Credential definitions need a 'name' and 'value' element");
                }
                Node item2 = element2.getElementsByTagName("value").item(0);
                if (item2.getNodeType() != 1 || !item2.getNodeName().equals("value")) {
                    throw new SSOIdentityException("Credential definitions need a 'name' and 'value' element");
                }
                String textContent = getTextContent(item);
                String textContent2 = getTextContent(item2);
                if (logger.isDebugEnabled()) {
                    logger.debug("Creating credential [" + textContent + "/" + textContent2 + "] ");
                }
                Credential newCredential = credentialProvider.newCredential(textContent, textContent2);
                if (newCredential != null) {
                    arrayList.add(newCredential);
                }
            }
        }
        return arrayList;
    }

    protected BaseRole toBaseRole(Element element) throws SSOIdentityException {
        Node item = element.getElementsByTagName("name").item(0);
        if (item.getNodeType() == 1 && item.getNodeName().equals("name")) {
            return new BaseRoleImpl(getTextContent(item));
        }
        throw new SSOIdentityException("Role definitions need a 'name' element");
    }

    protected BaseUser toBaseUser(Element element) throws SSOIdentityException {
        Node item = element.getElementsByTagName("name").item(0);
        if (item.getNodeType() != 1 || !item.getNodeName().equals("name")) {
            throw new SSOIdentityException("User definitions need a 'name'");
        }
        String textContent = getTextContent(item);
        BaseUserImpl baseUserImpl = new BaseUserImpl();
        new SimpleUserKey(textContent);
        baseUserImpl.setName(textContent);
        NodeList elementsByTagName = element.getElementsByTagName(BeanDefinitionParserDelegate.PROPERTY_ELEMENT);
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element2 = (Element) elementsByTagName.item(i);
            Node item2 = element2.getElementsByTagName("name").item(0);
            if (item2.getNodeType() != 1 || !item2.getNodeName().equals("name")) {
                throw new SSOIdentityException("Property definitions need a 'name' and 'value' element");
            }
            Node item3 = element2.getElementsByTagName("value").item(0);
            if (item3.getNodeType() != 1 || !item3.getNodeName().equals("value")) {
                throw new SSOIdentityException("Property definitions need a 'name' and 'value' element");
            }
            baseUserImpl.addProperty(new SSONameValuePair(getTextContent(item2), getTextContent(item3)));
        }
        NodeList elementsByTagName2 = element.getElementsByTagName("roles");
        if (elementsByTagName2.getLength() > 1) {
            throw new SSOIdentityException("Only one 'roles' element can be defined for a user");
        }
        if (elementsByTagName2.getLength() > 0) {
            HashSet hashSet = new HashSet();
            String textContent2 = getTextContent(elementsByTagName2.item(0));
            StringTokenizer stringTokenizer = new StringTokenizer(textContent2 != null ? textContent2 : "", ",");
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                BaseRole findRoleByName = findRoleByName(trim);
                hashSet.add(trim);
                logger.debug("User is in role : " + findRoleByName);
            }
            this._userRoles.put(textContent, hashSet);
        }
        return baseUserImpl;
    }

    protected CredentialKey createCredentialKey(String str) {
        return new SimpleUserKey(str);
    }

    public synchronized Set<String> getRoleKeys() throws SSOIdentityException {
        return this._roles.keySet();
    }

    public synchronized BaseRole loadRole(RoleKey roleKey) throws NoSuchRoleException, SSOIdentityException {
        BaseRole baseRole = (BaseRole) this._roles.get(roleKey);
        if (baseRole == null) {
            throw new NoSuchRoleException(roleKey);
        }
        return baseRole;
    }

    public synchronized BaseRole findRoleByName(String str) throws SSOIdentityException {
        Element element = this._roles.get(str);
        if (element == null) {
            throw new SSOIdentityException("No such role : " + str);
        }
        return toBaseRole(element);
    }

    protected UserKey createUserKey(BaseUser baseUser) {
        return new SimpleUserKey(baseUser.getName());
    }

    protected BaseRole createRole(String str) {
        BaseRoleImpl baseRoleImpl = new BaseRoleImpl();
        baseRoleImpl.setName(str);
        return baseRoleImpl;
    }

    protected RoleKey createRoleKey(BaseRole baseRole) {
        return new SimpleRoleKey(baseRole.getName());
    }

    public void setCredentialsFileName(String str) {
        logger.debug("Setting crednetials file name to : " + str);
        this._credentialsFileName = str;
    }

    public String getCredentialsFileName() {
        return this._credentialsFileName;
    }

    public void setUsersFileName(String str) {
        logger.debug("Setting users file name to : " + str);
        this._usersFileName = str;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x005b  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected java.lang.String getTextContent(org.w3c.dom.Node r5) {
        /*
            r4 = this;
            r0 = r5
            java.lang.Class r0 = r0.getClass()     // Catch: java.lang.NoSuchMethodException -> L1b java.lang.reflect.InvocationTargetException -> L29 java.lang.IllegalAccessException -> L3a
            java.lang.String r1 = "getTextContent"
            r2 = 0
            java.lang.Class[] r2 = new java.lang.Class[r2]     // Catch: java.lang.NoSuchMethodException -> L1b java.lang.reflect.InvocationTargetException -> L29 java.lang.IllegalAccessException -> L3a
            java.lang.reflect.Method r0 = r0.getMethod(r1, r2)     // Catch: java.lang.NoSuchMethodException -> L1b java.lang.reflect.InvocationTargetException -> L29 java.lang.IllegalAccessException -> L3a
            r6 = r0
            r0 = r6
            r1 = r5
            r2 = 0
            java.lang.Object[] r2 = new java.lang.Object[r2]     // Catch: java.lang.NoSuchMethodException -> L1b java.lang.reflect.InvocationTargetException -> L29 java.lang.IllegalAccessException -> L3a
            java.lang.Object r0 = r0.invoke(r1, r2)     // Catch: java.lang.NoSuchMethodException -> L1b java.lang.reflect.InvocationTargetException -> L29 java.lang.IllegalAccessException -> L3a
            java.lang.String r0 = (java.lang.String) r0     // Catch: java.lang.NoSuchMethodException -> L1b java.lang.reflect.InvocationTargetException -> L29 java.lang.IllegalAccessException -> L3a
            return r0
        L1b:
            r6 = move-exception
            org.apache.commons.logging.Log r0 = org.josso.gateway.identity.service.store.MemoryIdentityStore.logger
            java.lang.String r1 = "Using old DOM Java Api to get Node text content"
            r0.debug(r1)
            goto L48
        L29:
            r6 = move-exception
            org.apache.commons.logging.Log r0 = org.josso.gateway.identity.service.store.MemoryIdentityStore.logger
            r1 = r6
            java.lang.String r1 = r1.getMessage()
            r2 = r6
            r0.warn(r1, r2)
            goto L48
        L3a:
            r6 = move-exception
            org.apache.commons.logging.Log r0 = org.josso.gateway.identity.service.store.MemoryIdentityStore.logger
            r1 = r6
            java.lang.String r1 = r1.getMessage()
            r2 = r6
            r0.warn(r1, r2)
        L48:
            r0 = r5
            org.w3c.dom.NodeList r0 = r0.getChildNodes()
            r6 = r0
            r0 = 0
            r7 = r0
        L51:
            r0 = r7
            r1 = r6
            int r1 = r1.getLength()
            if (r0 >= r1) goto L7d
            r0 = r6
            r1 = r7
            org.w3c.dom.Node r0 = r0.item(r1)
            r8 = r0
            r0 = r8
            short r0 = r0.getNodeType()
            r1 = 3
            if (r0 != r1) goto L77
            r0 = r8
            java.lang.String r0 = r0.getNodeValue()
            return r0
        L77:
            int r7 = r7 + 1
            goto L51
        L7d:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.josso.gateway.identity.service.store.MemoryIdentityStore.getTextContent(org.w3c.dom.Node):java.lang.String");
    }
}
