package org.ow2.jonas.antmodular.jonasbase.security;

import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.tools.ant.BuildException;
import org.ow2.jonas.antmodular.jonasbase.bootstrap.AbstractJOnASBaseAntTask;
import org.ow2.jonas.antmodular.jonasbase.bootstrap.JReplace;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/ow2/jonas/antmodular/jonasbase/security/Jaas.class */
public class Jaas extends AbstractJOnASBaseAntTask {
    private static final String INFO = "[JAAS] ";
    private static final String TOKEN_BEGIN_CONF_FILE = "jaasclient {";
    public static final String JAAS_CONF_FILE = "jaas.config";
    public static final String DEFAULT_LOGIN_MODULE_NAME = "org.ow2.jonas.security.auth.spi.JResourceLoginModule";
    public static final String JMX_AUTHENTIFICATION_METHOD_TOKEN = "jonas.service.jmx.authentication.method";
    public static final String JMX_AUTHENTIFICATION_METHOD_VALUE = "jmx.remote.x.login.config";
    public static final String JMX_AUTHENTIFICATION_PARAMETER_TOKEN = "jonas.service.jmx.authentication.parameter";
    public static final String JMX_AUTHENTIFICATION_PARAMETER_VALUE = "jaas-jmx";
    public static final String JMX_IS_SECURED_TOKEN = "jonas.service.jmx.secured";
    public static final String JMX_IS_SECURED_VALUE = "true";
    public static final String JONAS_ADMIN_USERNAME_TOKEN = "jonas.adminClient.username";
    public static final String JONAS_ADMIN_PASSWORD_TOKEN = "jonas.adminClient.password";
    public static final String JONAS_REALM_CONF_FILE = "jonas-realm.xml";
    public static String EOL = "\n";
    public static String REALME_SEPARATOR = "      ";
    public static String USERS_TOKEN = "</users>";
    public static String ROLES_TOKEN = "</roles>";
    private boolean secureJmx = false;
    private List<User> users = new ArrayList();
    private List<User> admins = new ArrayList();
    private List<User> templateUsers = new ArrayList();
    private Map<String, String> templateRoles = new HashMap();

    public void addConfiguredJaasEntry(JaasEntry jaasEntry) {
        JReplace jReplace = new JReplace();
        jReplace.setConfigurationFile(JAAS_CONF_FILE);
        jReplace.setToken(TOKEN_BEGIN_CONF_FILE);
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(jaasEntry.getName() + "{\n");
        for (LoginModule loginModule : jaasEntry.getLoginModules()) {
            if (loginModule instanceof JResourceLoginModule) {
                JResourceLoginModule jResourceLoginModule = (JResourceLoginModule) loginModule;
                stringBuffer.append("    org.ow2.jonas.security.auth.spi.JResourceLoginModule " + loginModule.getFlag() + "\n");
                stringBuffer.append("    resourceName=\"" + jResourceLoginModule.getResourceName() + "\"\n");
                if (jResourceLoginModule.getServerName() != null && !"".equals(jResourceLoginModule.getServerName())) {
                    stringBuffer.append("    serverName=\"" + jResourceLoginModule.getServerName() + "\"\n");
                }
                if (jResourceLoginModule.isUseUpperCaseUsername()) {
                    stringBuffer.append("    useUpperCaseUsername=\"" + jResourceLoginModule.isUseUpperCaseUsername() + "\"\n");
                }
                if (jResourceLoginModule.isCertCallback()) {
                    stringBuffer.append("    certCallback=\"" + jResourceLoginModule.isCertCallback() + "\"\n");
                }
            }
            stringBuffer.append("\n");
        }
        stringBuffer.append("    ;\n");
        stringBuffer.append("};\n");
        stringBuffer.append("\n");
        stringBuffer.append(TOKEN_BEGIN_CONF_FILE);
        jReplace.setValue(stringBuffer.toString());
        jReplace.setLogInfo("[JAAS] Add the JAAS entry : " + jaasEntry.getName());
        addTask(jReplace);
    }

    public void addConfiguredAdmin(User user) {
        if (user.getName() == null) {
            throw new BuildException("Admin username is not set.");
        }
        if (user.getPassword() == null) {
            throw new BuildException("Admin password is not set");
        }
        this.admins.add(user);
    }

    public void addConfiguredUser(User user) {
        if (user.getName() == null) {
            throw new BuildException("Username is not set.");
        }
        if (user.getPassword() == null) {
            throw new BuildException("User's password is not set");
        }
        this.users.add(user);
    }

    public void setSecureJmx(boolean z) {
        this.secureJmx = z;
    }

    public void execute() {
        String str;
        super.execute();
        String str2 = getJOnASBase() + "/conf";
        if (this.secureJmx) {
            if (this.admins.isEmpty()) {
                throw new BuildException("JMX security is enabled, but with no admin user defined. Please correct your configuration and run again.");
            }
            super.createServiceNameReplace(JMX_IS_SECURED_VALUE, INFO, str2, JMX_IS_SECURED_TOKEN);
            super.createServiceNameReplace(JMX_AUTHENTIFICATION_METHOD_VALUE, INFO, str2, JMX_AUTHENTIFICATION_METHOD_TOKEN);
            super.createServiceNameReplace(JMX_AUTHENTIFICATION_PARAMETER_VALUE, INFO, str2, JMX_AUTHENTIFICATION_PARAMETER_TOKEN);
        }
        if (this.admins.size() > 0) {
            super.createServiceNameReplace(this.admins.get(0).getName(), INFO, str2, JONAS_ADMIN_USERNAME_TOKEN);
            super.createServiceNameReplace(this.admins.get(0).getPassword(), INFO, str2, JONAS_ADMIN_PASSWORD_TOKEN);
        }
        initUsers(new File(str2, JONAS_REALM_CONF_FILE));
        for (User user : this.users) {
            String name = user.getName();
            String password = user.getPassword();
            String roles = user.getRoles();
            String description = user.getDescription();
            User isUserAlreadyDefined = isUserAlreadyDefined(user);
            if (isUserAlreadyDefined != null) {
                String name2 = isUserAlreadyDefined.getName();
                String password2 = isUserAlreadyDefined.getPassword();
                String roles2 = isUserAlreadyDefined.getRoles();
                String groups = isUserAlreadyDefined.getGroups();
                if (!password2.equals(user.getPassword())) {
                    if ((groups != null && groups.contains("jonas")) || (roles2 != null && roles2.contains("jonas-admin"))) {
                        throw new BuildException("Cannot update the password and/or role of the username '" + name2 + "'. An admin is already defined with this name.");
                    }
                    String str3 = "<user name=\"" + name2 + "\" password=\"" + password2 + "\" roles=\"" + roles2 + "\" />";
                    String str4 = "<user name=\"" + name + "\" password=\"" + password + "\" roles=\"" + roles + "\" />";
                    JReplace jReplace = new JReplace();
                    jReplace.setConfigurationFile(JONAS_REALM_CONF_FILE);
                    jReplace.setToken(str3);
                    jReplace.setValue(str4);
                    jReplace.setDestDir(this.destDir);
                    jReplace.setLogInfo("[JAAS] Setting password of '" + name + "' to '" + password + "'");
                    jReplace.execute();
                }
            } else {
                String str5 = "  <user name=\"" + name + "\" password=\"" + password + "\" roles=\"" + roles + "\" />" + EOL + REALME_SEPARATOR + USERS_TOKEN;
                JReplace jReplace2 = new JReplace();
                jReplace2.setConfigurationFile(JONAS_REALM_CONF_FILE);
                jReplace2.setToken(USERS_TOKEN);
                jReplace2.setValue(str5);
                jReplace2.setDestDir(this.destDir);
                jReplace2.setLogInfo("[JAAS] Creating a new user with name equals to '" + name + "'  ,password equals to '" + password + "' and role equals to '" + roles + "'");
                jReplace2.execute();
            }
            if (this.templateRoles.containsKey(roles)) {
                String str6 = this.templateRoles.get(roles);
                if (description != null && !str6.equals(description)) {
                    String str7 = "<role name=\"" + roles + "\" description=\"" + str6 + "\" />";
                    StringBuilder sb = new StringBuilder();
                    sb.append("<role name=\"" + roles + "\" ");
                    if (description != null) {
                        sb.append("description=\"" + description + "\" ");
                    }
                    sb.append("/>");
                    JReplace jReplace3 = new JReplace();
                    jReplace3.setConfigurationFile(JONAS_REALM_CONF_FILE);
                    jReplace3.setToken(str7);
                    jReplace3.setValue(sb.toString());
                    jReplace3.setDestDir(this.destDir);
                    jReplace3.setLogInfo("[JAAS] Setting the description of role " + roles + "  to : " + description);
                    jReplace3.execute();
                }
            } else {
                StringBuilder sb2 = new StringBuilder();
                sb2.append("  <role name=\"" + roles + "\" ");
                if (description != null) {
                    sb2.append("description=\"" + description + "\" ");
                }
                sb2.append("/>" + EOL + REALME_SEPARATOR + ROLES_TOKEN);
                JReplace jReplace4 = new JReplace();
                jReplace4.setConfigurationFile(JONAS_REALM_CONF_FILE);
                jReplace4.setToken(ROLES_TOKEN);
                jReplace4.setValue(sb2.toString());
                jReplace4.setDestDir(this.destDir);
                jReplace4.setLogInfo("[JAAS] Creating a new role with name equals to '" + roles + "'  and description equals to '" + description + "'");
                jReplace4.execute();
            }
        }
        for (User user2 : this.admins) {
            String name3 = user2.getName();
            String password3 = user2.getPassword();
            User user3 = new User();
            user3.setName(name3);
            user3.setPassword(password3);
            User isUserAlreadyDefined2 = isUserAlreadyDefined(user3);
            if (isUserAlreadyDefined2 == null) {
                String str8 = "  <user name=\"" + name3 + "\" password=\"" + password3 + "\" groups=\"jonas\"/>" + EOL + REALME_SEPARATOR + USERS_TOKEN;
                JReplace jReplace5 = new JReplace();
                jReplace5.setConfigurationFile(JONAS_REALM_CONF_FILE);
                jReplace5.setToken(USERS_TOKEN);
                jReplace5.setValue(str8);
                jReplace5.setDestDir(this.destDir);
                jReplace5.setLogInfo("[JAAS] Creating a new admin user with name equals to '" + name3 + "'  and password equals to '" + password3 + "'");
                jReplace5.execute();
            } else if (isUserAlreadyDefined2.getPassword().equals(user3.getPassword())) {
                continue;
            } else {
                if (isUserAlreadyDefined2.getRoles() != null) {
                    str = "<user name=\"" + isUserAlreadyDefined2.getName() + "\" password=\"" + isUserAlreadyDefined2.getPassword() + "\" roles=\"" + isUserAlreadyDefined2.getRoles() + "\" />";
                } else {
                    if (isUserAlreadyDefined2.getGroups() == null) {
                        throw new BuildException("jonas-realm.xml template configuration file is incorrect. No 'groups' or 'roles' attribute for the user " + isUserAlreadyDefined2.getName());
                    }
                    str = "<user name=\"" + isUserAlreadyDefined2.getName() + "\" password=\"" + isUserAlreadyDefined2.getPassword() + "\" groups=\"" + isUserAlreadyDefined2.getGroups() + "\" />";
                }
                String str9 = str;
                String str10 = "<user name=\"" + name3 + "\" password=\"" + password3 + "\" groups=\"jonas\"/>";
                JReplace jReplace6 = new JReplace();
                jReplace6.setConfigurationFile(JONAS_REALM_CONF_FILE);
                jReplace6.setToken(str9);
                jReplace6.setValue(str10);
                jReplace6.setDestDir(this.destDir);
                jReplace6.setLogInfo("[JAAS] Setting password of '" + name3 + "' to '" + password3 + "'");
                jReplace6.execute();
            }
        }
        executeAllTask();
    }

    private void initUsers(File file) {
        try {
            DocumentBuilder newDocumentBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
            newDocumentBuilder.setEntityResolver(new EmptyEntityResolver());
            try {
                Document parse = newDocumentBuilder.parse(file);
                NodeList elementsByTagName = parse.getElementsByTagName("user");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    Element element = (Element) elementsByTagName.item(i);
                    User user = new User();
                    String attribute = element.getAttribute("name");
                    if (attribute != null && !"".equals(attribute)) {
                        user.setName(attribute);
                    }
                    String attribute2 = element.getAttribute("password");
                    if (attribute2 != null && !"".equals(attribute2)) {
                        user.setPassword(attribute2);
                    }
                    String attribute3 = element.getAttribute("roles");
                    if (attribute3 != null && !"".equals(attribute3)) {
                        user.setRoles(attribute3);
                    }
                    String attribute4 = element.getAttribute("groups");
                    if (attribute4 != null && !"".equals(attribute4)) {
                        user.setGroups(attribute4);
                    }
                    this.templateUsers.add(user);
                }
                NodeList elementsByTagName2 = parse.getElementsByTagName("role");
                for (int i2 = 0; i2 < elementsByTagName2.getLength(); i2++) {
                    Element element2 = (Element) elementsByTagName2.item(i2);
                    this.templateRoles.put(element2.getAttribute("name"), element2.getAttribute("description"));
                }
            } catch (IOException e) {
                throw new BuildException("Cannot parse the resource " + file, e);
            } catch (SAXException e2) {
                throw new BuildException("Cannot parse the resource " + file, e2);
            }
        } catch (ParserConfigurationException e3) {
            throw new BuildException("Cannot instanciate a new DocumentBuilder", e3);
        }
    }

    private User isUserAlreadyDefined(User user) {
        for (User user2 : this.templateUsers) {
            if (user2.getName().equals(user.getName())) {
                return user2;
            }
        }
        return null;
    }
}
