package org.apache.catalina.authenticator.jaspic;

import jakarta.security.auth.message.AuthException;
import jakarta.security.auth.message.AuthStatus;
import jakarta.security.auth.message.MessageInfo;
import jakarta.security.auth.message.config.AuthConfigFactory;
import jakarta.security.auth.message.config.AuthConfigProvider;
import jakarta.security.auth.message.config.ClientAuthConfig;
import jakarta.security.auth.message.config.RegistrationListener;
import jakarta.security.auth.message.config.ServerAuthConfig;
import jakarta.security.auth.message.config.ServerAuthContext;
import jakarta.security.auth.message.module.ServerAuthModule;
import jakarta.servlet.ServletContext;
import java.io.File;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CopyOnWriteArrayList;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import org.apache.catalina.authenticator.jaspic.PersistentProviderRegistrations;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: input_file:BOOT-INF/lib/tomcat-embed-core-10.1.13.jar:org/apache/catalina/authenticator/jaspic/AuthConfigFactoryImpl.class */
public class AuthConfigFactoryImpl extends AuthConfigFactory {
    private static final String SERVLET_LAYER_ID = "HttpServlet";
    private static final StringManager sm = StringManager.getManager((Class<?>) AuthConfigFactoryImpl.class);
    private static final String CONFIG_PATH = "conf/jaspic-providers.xml";
    private static final File CONFIG_FILE = new File(System.getProperty("catalina.base"), CONFIG_PATH);
    private static final Object CONFIG_FILE_LOCK = new Object();
    private static final String[] EMPTY_STRING_ARRAY = new String[0];
    private static String DEFAULT_REGISTRATION_ID = getRegistrationID(null, null);
    private final Log log = LogFactory.getLog((Class<?>) AuthConfigFactoryImpl.class);
    private final Map<String, RegistrationContextImpl> layerAppContextRegistrations = new ConcurrentHashMap();
    private final Map<String, RegistrationContextImpl> appContextRegistrations = new ConcurrentHashMap();
    private final Map<String, RegistrationContextImpl> layerRegistrations = new ConcurrentHashMap();
    private final Map<String, RegistrationContextImpl> defaultRegistration = new ConcurrentHashMap(1);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/tomcat-embed-core-10.1.13.jar:org/apache/catalina/authenticator/jaspic/AuthConfigFactoryImpl$RegistrationContextImpl.class */
    public static class RegistrationContextImpl implements AuthConfigFactory.RegistrationContext {
        private final String messageLayer;
        private final String appContext;
        private final String description;
        private final boolean persistent;
        private final AuthConfigProvider provider;
        private final Map<String, String> properties;
        private final List<RegistrationListenerWrapper> listeners = new CopyOnWriteArrayList();

        private RegistrationContextImpl(String str, String str2, String str3, boolean z, AuthConfigProvider authConfigProvider, Map<String, String> map) {
            this.messageLayer = str;
            this.appContext = str2;
            this.description = str3;
            this.persistent = z;
            this.provider = authConfigProvider;
            HashMap hashMap = new HashMap();
            if (map != null) {
                hashMap.putAll(map);
            }
            this.properties = Collections.unmodifiableMap(hashMap);
        }

        @Override // jakarta.security.auth.message.config.AuthConfigFactory.RegistrationContext
        public String getMessageLayer() {
            return this.messageLayer;
        }

        @Override // jakarta.security.auth.message.config.AuthConfigFactory.RegistrationContext
        public String getAppContext() {
            return this.appContext;
        }

        @Override // jakarta.security.auth.message.config.AuthConfigFactory.RegistrationContext
        public String getDescription() {
            return this.description;
        }

        @Override // jakarta.security.auth.message.config.AuthConfigFactory.RegistrationContext
        public boolean isPersistent() {
            return this.persistent;
        }

        private AuthConfigProvider getProvider() {
            return this.provider;
        }

        private void addListener(RegistrationListenerWrapper registrationListenerWrapper) {
            if (registrationListenerWrapper != null) {
                this.listeners.add(registrationListenerWrapper);
            }
        }

        private Map<String, String> getProperties() {
            return this.properties;
        }

        private boolean removeListener(RegistrationListener registrationListener) {
            boolean z = false;
            for (RegistrationListenerWrapper registrationListenerWrapper : this.listeners) {
                if (registrationListenerWrapper.getListener().equals(registrationListener)) {
                    this.listeners.remove(registrationListenerWrapper);
                    z = true;
                }
            }
            return z;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/tomcat-embed-core-10.1.13.jar:org/apache/catalina/authenticator/jaspic/AuthConfigFactoryImpl$RegistrationListenerWrapper.class */
    public static class RegistrationListenerWrapper {
        private final String messageLayer;
        private final String appContext;
        private final RegistrationListener listener;

        RegistrationListenerWrapper(String str, String str2, RegistrationListener registrationListener) {
            this.messageLayer = str;
            this.appContext = str2;
            this.listener = registrationListener;
        }

        public String getMessageLayer() {
            return this.messageLayer;
        }

        public String getAppContext() {
            return this.appContext;
        }

        public RegistrationListener getListener() {
            return this.listener;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/tomcat-embed-core-10.1.13.jar:org/apache/catalina/authenticator/jaspic/AuthConfigFactoryImpl$SingleConfigAuthConfigProvider.class */
    private static class SingleConfigAuthConfigProvider implements AuthConfigProvider {
        private final ServerAuthConfig serverAuthConfig;

        SingleConfigAuthConfigProvider(ServerAuthConfig serverAuthConfig) {
            this.serverAuthConfig = serverAuthConfig;
        }

        @Override // jakarta.security.auth.message.config.AuthConfigProvider
        public ClientAuthConfig getClientAuthConfig(String str, String str2, CallbackHandler callbackHandler) throws AuthException {
            throw new UnsupportedOperationException();
        }

        @Override // jakarta.security.auth.message.config.AuthConfigProvider
        public ServerAuthConfig getServerAuthConfig(String str, String str2, CallbackHandler callbackHandler) throws AuthException {
            return this.serverAuthConfig;
        }

        @Override // jakarta.security.auth.message.config.AuthConfigProvider
        public void refresh() {
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/tomcat-embed-core-10.1.13.jar:org/apache/catalina/authenticator/jaspic/AuthConfigFactoryImpl$SingleContextServerAuthConfig.class */
    private static class SingleContextServerAuthConfig implements ServerAuthConfig {
        private final ServerAuthContext context;
        private final String appContext;

        SingleContextServerAuthConfig(ServerAuthContext serverAuthContext, String str) {
            this.context = serverAuthContext;
            this.appContext = str;
        }

        @Override // jakarta.security.auth.message.config.AuthConfig
        public String getMessageLayer() {
            return AuthConfigFactoryImpl.SERVLET_LAYER_ID;
        }

        @Override // jakarta.security.auth.message.config.AuthConfig
        public String getAppContext() {
            return this.appContext;
        }

        @Override // jakarta.security.auth.message.config.AuthConfig
        public String getAuthContextID(MessageInfo messageInfo) {
            return messageInfo.toString();
        }

        @Override // jakarta.security.auth.message.config.AuthConfig
        public void refresh() {
        }

        @Override // jakarta.security.auth.message.config.AuthConfig
        public boolean isProtected() {
            return false;
        }

        @Override // jakarta.security.auth.message.config.ServerAuthConfig
        public ServerAuthContext getAuthContext(String str, Subject subject, Map<String, Object> map) throws AuthException {
            return this.context;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/tomcat-embed-core-10.1.13.jar:org/apache/catalina/authenticator/jaspic/AuthConfigFactoryImpl$SingleModuleServerAuthContext.class */
    private static class SingleModuleServerAuthContext implements ServerAuthContext {
        private final ServerAuthModule module;

        SingleModuleServerAuthContext(ServerAuthModule serverAuthModule) {
            this.module = serverAuthModule;
        }

        @Override // jakarta.security.auth.message.ServerAuth
        public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
            return this.module.validateRequest(messageInfo, subject, subject2);
        }

        @Override // jakarta.security.auth.message.ServerAuth
        public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
            return this.module.secureResponse(messageInfo, subject);
        }

        @Override // jakarta.security.auth.message.ServerAuth
        public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
            this.module.cleanSubject(messageInfo, subject);
        }
    }

    public AuthConfigFactoryImpl() {
        loadPersistentRegistrations();
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public AuthConfigProvider getConfigProvider(String str, String str2, RegistrationListener registrationListener) {
        RegistrationContextImpl findRegistrationContextImpl = findRegistrationContextImpl(str, str2);
        if (findRegistrationContextImpl == null) {
            return null;
        }
        if (registrationListener != null) {
            findRegistrationContextImpl.addListener(new RegistrationListenerWrapper(str, str2, registrationListener));
        }
        return findRegistrationContextImpl.getProvider();
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public String registerConfigProvider(String str, Map<String, String> map, String str2, String str3, String str4) {
        String doRegisterConfigProvider = doRegisterConfigProvider(str, map, str2, str3, str4);
        savePersistentRegistrations();
        return doRegisterConfigProvider;
    }

    private String doRegisterConfigProvider(String str, Map<String, String> map, String str2, String str3, String str4) {
        if (this.log.isDebugEnabled()) {
            this.log.debug(sm.getString("authConfigFactoryImpl.registerClass", str, str2, str3));
        }
        AuthConfigProvider authConfigProvider = null;
        if (str != null) {
            authConfigProvider = createAuthConfigProvider(str, map);
        }
        String registrationID = getRegistrationID(str2, str3);
        addRegistrationContextImpl(str2, str3, registrationID, new RegistrationContextImpl(str2, str3, str4, true, authConfigProvider, map));
        return registrationID;
    }

    private AuthConfigProvider createAuthConfigProvider(String str, Map<String, String> map) throws SecurityException {
        Class<?> cls = null;
        try {
            cls = Class.forName(str, true, Thread.currentThread().getContextClassLoader());
        } catch (ClassNotFoundException e) {
        }
        if (cls == null) {
            try {
                cls = Class.forName(str);
            } catch (IllegalArgumentException | ReflectiveOperationException e2) {
                throw new SecurityException(e2);
            }
        }
        return (AuthConfigProvider) cls.getConstructor(Map.class, AuthConfigFactory.class).newInstance(map, null);
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public String registerConfigProvider(AuthConfigProvider authConfigProvider, String str, String str2, String str3) {
        if (this.log.isDebugEnabled()) {
            this.log.debug(sm.getString("authConfigFactoryImpl.registerInstance", authConfigProvider.getClass().getName(), str, str2));
        }
        String registrationID = getRegistrationID(str, str2);
        addRegistrationContextImpl(str, str2, registrationID, new RegistrationContextImpl(str, str2, str3, false, authConfigProvider, null));
        return registrationID;
    }

    private void addRegistrationContextImpl(String str, String str2, String str3, RegistrationContextImpl registrationContextImpl) {
        RegistrationContextImpl registrationContextImpl2;
        RegistrationContextImpl put = (str == null || str2 == null) ? (str != null || str2 == null) ? (str == null || str2 != null) ? this.defaultRegistration.put(str3, registrationContextImpl) : this.layerRegistrations.put(str3, registrationContextImpl) : this.appContextRegistrations.put(str3, registrationContextImpl) : this.layerAppContextRegistrations.put(str3, registrationContextImpl);
        if (put != null) {
            for (RegistrationListenerWrapper registrationListenerWrapper : put.listeners) {
                put.listeners.remove(registrationListenerWrapper);
                registrationListenerWrapper.listener.notify(registrationListenerWrapper.messageLayer, registrationListenerWrapper.appContext);
            }
            return;
        }
        if (str != null && str2 != null && (registrationContextImpl2 = this.appContextRegistrations.get(getRegistrationID(null, str2))) != null) {
            for (RegistrationListenerWrapper registrationListenerWrapper2 : registrationContextImpl2.listeners) {
                if (str.equals(registrationListenerWrapper2.getMessageLayer()) && str2.equals(registrationListenerWrapper2.getAppContext())) {
                    registrationContextImpl2.listeners.remove(registrationListenerWrapper2);
                    registrationListenerWrapper2.listener.notify(registrationListenerWrapper2.messageLayer, registrationListenerWrapper2.appContext);
                }
            }
        }
        if (str2 != null) {
            for (RegistrationContextImpl registrationContextImpl3 : this.layerRegistrations.values()) {
                for (RegistrationListenerWrapper registrationListenerWrapper3 : registrationContextImpl3.listeners) {
                    if (str2.equals(registrationListenerWrapper3.getAppContext())) {
                        registrationContextImpl3.listeners.remove(registrationListenerWrapper3);
                        registrationListenerWrapper3.listener.notify(registrationListenerWrapper3.messageLayer, registrationListenerWrapper3.appContext);
                    }
                }
            }
        }
        if (str == null && str2 == null) {
            return;
        }
        for (RegistrationContextImpl registrationContextImpl4 : this.defaultRegistration.values()) {
            for (RegistrationListenerWrapper registrationListenerWrapper4 : registrationContextImpl4.listeners) {
                if ((str2 != null && str2.equals(registrationListenerWrapper4.getAppContext())) || (str != null && str.equals(registrationListenerWrapper4.getMessageLayer()))) {
                    registrationContextImpl4.listeners.remove(registrationListenerWrapper4);
                    registrationListenerWrapper4.listener.notify(registrationListenerWrapper4.messageLayer, registrationListenerWrapper4.appContext);
                }
            }
        }
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public boolean removeRegistration(String str) {
        RegistrationContextImpl remove = DEFAULT_REGISTRATION_ID.equals(str) ? this.defaultRegistration.remove(str) : null;
        if (remove == null) {
            remove = this.layerAppContextRegistrations.remove(str);
        }
        if (remove == null) {
            remove = this.appContextRegistrations.remove(str);
        }
        if (remove == null) {
            remove = this.layerRegistrations.remove(str);
        }
        if (remove == null) {
            return false;
        }
        for (RegistrationListenerWrapper registrationListenerWrapper : remove.listeners) {
            registrationListenerWrapper.getListener().notify(registrationListenerWrapper.getMessageLayer(), registrationListenerWrapper.getAppContext());
        }
        if (!remove.isPersistent()) {
            return true;
        }
        savePersistentRegistrations();
        return true;
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public String[] detachListener(RegistrationListener registrationListener, String str, String str2) {
        String registrationID = getRegistrationID(str, str2);
        RegistrationContextImpl findRegistrationContextImpl = findRegistrationContextImpl(str, str2);
        return (findRegistrationContextImpl == null || !findRegistrationContextImpl.removeListener(registrationListener)) ? EMPTY_STRING_ARRAY : new String[]{registrationID};
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public String[] getRegistrationIDs(AuthConfigProvider authConfigProvider) {
        ArrayList arrayList = new ArrayList();
        if (authConfigProvider == null) {
            arrayList.addAll(this.layerAppContextRegistrations.keySet());
            arrayList.addAll(this.appContextRegistrations.keySet());
            arrayList.addAll(this.layerRegistrations.keySet());
            if (!this.defaultRegistration.isEmpty()) {
                arrayList.add(DEFAULT_REGISTRATION_ID);
            }
        } else {
            findProvider(authConfigProvider, this.layerAppContextRegistrations, arrayList);
            findProvider(authConfigProvider, this.appContextRegistrations, arrayList);
            findProvider(authConfigProvider, this.layerRegistrations, arrayList);
            findProvider(authConfigProvider, this.defaultRegistration, arrayList);
        }
        return (String[]) arrayList.toArray(EMPTY_STRING_ARRAY);
    }

    private void findProvider(AuthConfigProvider authConfigProvider, Map<String, RegistrationContextImpl> map, List<String> list) {
        for (Map.Entry<String, RegistrationContextImpl> entry : map.entrySet()) {
            if (authConfigProvider.equals(entry.getValue().getProvider())) {
                list.add(entry.getKey());
            }
        }
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public AuthConfigFactory.RegistrationContext getRegistrationContext(String str) {
        RegistrationContextImpl registrationContextImpl = this.defaultRegistration.get(str);
        if (registrationContextImpl == null) {
            registrationContextImpl = this.layerAppContextRegistrations.get(str);
        }
        if (registrationContextImpl == null) {
            registrationContextImpl = this.appContextRegistrations.get(str);
        }
        if (registrationContextImpl == null) {
            registrationContextImpl = this.layerRegistrations.get(str);
        }
        return registrationContextImpl;
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public void refresh() {
        loadPersistentRegistrations();
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public String registerServerAuthModule(ServerAuthModule serverAuthModule, Object obj) {
        if (obj == null) {
            throw new IllegalArgumentException(sm.getString("authConfigFactoryImpl.nullContext"));
        }
        if (!(obj instanceof ServletContext)) {
            throw new IllegalArgumentException(sm.getString("authConfigFactoryImpl.unsupportedContextType", obj.getClass().getName()));
        }
        ServletContext servletContext = (ServletContext) obj;
        String str = servletContext.getVirtualServerName() + " " + servletContext.getContextPath();
        return registerConfigProvider(new SingleConfigAuthConfigProvider(new SingleContextServerAuthConfig(new SingleModuleServerAuthContext(serverAuthModule), str)), SERVLET_LAYER_ID, str, "");
    }

    @Override // jakarta.security.auth.message.config.AuthConfigFactory
    public void removeServerAuthModule(Object obj) {
        if (obj == null) {
            throw new IllegalArgumentException(sm.getString("authConfigFactoryImpl.nullContext"));
        }
        if (obj instanceof ServletContext) {
            ServletContext servletContext = (ServletContext) obj;
            removeRegistration(getRegistrationID(SERVLET_LAYER_ID, servletContext.getVirtualServerName() + " " + servletContext.getContextPath()));
        }
        throw new IllegalArgumentException(sm.getString("authConfigFactoryImpl.unsupportedContextType", obj.getClass().getName()));
    }

    private static String getRegistrationID(String str, String str2) {
        if (str != null && str.length() == 0) {
            throw new IllegalArgumentException(sm.getString("authConfigFactoryImpl.zeroLengthMessageLayer"));
        }
        if (str2 == null || str2.length() != 0) {
            return (str == null ? "" : str) + ":" + (str2 == null ? "" : str2);
        }
        throw new IllegalArgumentException(sm.getString("authConfigFactoryImpl.zeroLengthAppContext"));
    }

    private void loadPersistentRegistrations() {
        synchronized (CONFIG_FILE_LOCK) {
            if (this.log.isDebugEnabled()) {
                this.log.debug(sm.getString("authConfigFactoryImpl.load", CONFIG_FILE.getAbsolutePath()));
            }
            if (CONFIG_FILE.isFile()) {
                for (PersistentProviderRegistrations.Provider provider : PersistentProviderRegistrations.loadProviders(CONFIG_FILE).getProviders()) {
                    doRegisterConfigProvider(provider.getClassName(), provider.getProperties(), provider.getLayer(), provider.getAppContext(), provider.getDescription());
                }
            }
        }
    }

    private void savePersistentRegistrations() {
        synchronized (CONFIG_FILE_LOCK) {
            PersistentProviderRegistrations.Providers providers = new PersistentProviderRegistrations.Providers();
            savePersistentProviders(providers, this.layerAppContextRegistrations);
            savePersistentProviders(providers, this.appContextRegistrations);
            savePersistentProviders(providers, this.layerRegistrations);
            savePersistentProviders(providers, this.defaultRegistration);
            PersistentProviderRegistrations.writeProviders(providers, CONFIG_FILE);
        }
    }

    private void savePersistentProviders(PersistentProviderRegistrations.Providers providers, Map<String, RegistrationContextImpl> map) {
        Iterator<Map.Entry<String, RegistrationContextImpl>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            savePersistentProvider(providers, it.next().getValue());
        }
    }

    private void savePersistentProvider(PersistentProviderRegistrations.Providers providers, RegistrationContextImpl registrationContextImpl) {
        if (registrationContextImpl == null || !registrationContextImpl.isPersistent()) {
            return;
        }
        PersistentProviderRegistrations.Provider provider = new PersistentProviderRegistrations.Provider();
        provider.setAppContext(registrationContextImpl.getAppContext());
        if (registrationContextImpl.getProvider() != null) {
            provider.setClassName(registrationContextImpl.getProvider().getClass().getName());
        }
        provider.setDescription(registrationContextImpl.getDescription());
        provider.setLayer(registrationContextImpl.getMessageLayer());
        for (Map.Entry<String, String> entry : registrationContextImpl.getProperties().entrySet()) {
            provider.addProperty(entry.getKey(), entry.getValue());
        }
        providers.addProvider(provider);
    }

    private RegistrationContextImpl findRegistrationContextImpl(String str, String str2) {
        RegistrationContextImpl registrationContextImpl = this.layerAppContextRegistrations.get(getRegistrationID(str, str2));
        if (registrationContextImpl == null) {
            registrationContextImpl = this.appContextRegistrations.get(getRegistrationID(null, str2));
        }
        if (registrationContextImpl == null) {
            registrationContextImpl = this.layerRegistrations.get(getRegistrationID(str, null));
        }
        if (registrationContextImpl == null) {
            registrationContextImpl = this.defaultRegistration.get(DEFAULT_REGISTRATION_ID);
        }
        return registrationContextImpl;
    }
}
