package org.apache.nifi.authorization.single.user;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.XMLEvent;
import javax.xml.transform.stream.StreamSource;
import org.apache.nifi.authentication.single.user.SingleUserLoginIdentityProvider;
import org.apache.nifi.authorization.AuthorizationRequest;
import org.apache.nifi.authorization.AuthorizationResult;
import org.apache.nifi.authorization.Authorizer;
import org.apache.nifi.authorization.AuthorizerConfigurationContext;
import org.apache.nifi.authorization.AuthorizerInitializationContext;
import org.apache.nifi.authorization.annotation.AuthorizerContext;
import org.apache.nifi.authorization.exception.AuthorizationAccessException;
import org.apache.nifi.authorization.exception.AuthorizerCreationException;
import org.apache.nifi.util.NiFiProperties;
import org.apache.nifi.xml.processing.stream.StandardXMLEventReaderProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/nifi/authorization/single/user/SingleUserAuthorizer.class */
public class SingleUserAuthorizer implements Authorizer {
    private static final Logger LOGGER = LoggerFactory.getLogger(SingleUserAuthorizer.class);
    private static final String REQUIRED_PROVIDER = SingleUserLoginIdentityProvider.class.getName();
    private static final String IDENTIFIER_TAG = "identifier";
    private static final String CLASS_TAG = "class";
    private static final String BLANK_PROVIDER = "provider";
    private NiFiProperties niFiProperties;

    @AuthorizerContext
    public void setProperties(NiFiProperties niFiProperties) {
        this.niFiProperties = niFiProperties;
    }

    public AuthorizationResult authorize(AuthorizationRequest authorizationRequest) throws AuthorizationAccessException {
        return AuthorizationResult.approved();
    }

    public void initialize(AuthorizerInitializationContext authorizerInitializationContext) {
        LOGGER.info("Initializing Authorizer");
        if (authorizerInitializationContext.getIdentifier().equals(this.niFiProperties.getProperty("nifi.security.user.authorizer"))) {
            if (!isSingleUserLoginIdentityProviderConfigured(this.niFiProperties.getProperty("nifi.security.user.login.identity.provider", BLANK_PROVIDER), this.niFiProperties.getLoginIdentityProviderConfigurationFile())) {
                throw new AuthorizerCreationException(String.format("%s requires %s to be configured", getClass().getSimpleName(), REQUIRED_PROVIDER));
            }
            LOGGER.debug("Required Login Identity Provider Configured [{}]", REQUIRED_PROVIDER);
        }
    }

    public void onConfigured(AuthorizerConfigurationContext authorizerConfigurationContext) {
        LOGGER.info("Configuring Authorizer");
    }

    public void preDestruction() {
        LOGGER.info("Destroying Authorizer");
    }

    private boolean isSingleUserLoginIdentityProviderConfigured(String str, File file) {
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            Throwable th = null;
            try {
                try {
                    XMLEventReader providersReader = getProvidersReader(fileInputStream);
                    boolean isSingleUserLoginIdentityProviderConfigured = isSingleUserLoginIdentityProviderConfigured(str, providersReader);
                    providersReader.close();
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return isSingleUserLoginIdentityProviderConfigured;
                } finally {
                }
            } finally {
            }
        } catch (XMLStreamException | IOException e) {
            throw new AuthorizerCreationException("Failed to read Login Identity Providers Configuration", e);
        }
    }

    private boolean isSingleUserLoginIdentityProviderConfigured(String str, XMLEventReader xMLEventReader) throws XMLStreamException {
        boolean z = false;
        boolean z2 = false;
        while (xMLEventReader.hasNext()) {
            XMLEvent nextEvent = xMLEventReader.nextEvent();
            if (isStartElement(nextEvent, IDENTIFIER_TAG)) {
                z2 = str.equals(xMLEventReader.getElementText().trim());
            }
            if (z2 && isStartElement(nextEvent, CLASS_TAG)) {
                z = REQUIRED_PROVIDER.equals(xMLEventReader.getElementText().trim());
            }
        }
        return z;
    }

    private boolean isStartElement(XMLEvent xMLEvent, String str) {
        boolean z = false;
        if (xMLEvent.isStartElement()) {
            z = str.equals(xMLEvent.asStartElement().getName().getLocalPart());
        }
        return z;
    }

    private XMLEventReader getProvidersReader(InputStream inputStream) throws XMLStreamException {
        return new StandardXMLEventReaderProvider().getEventReader(new StreamSource(inputStream));
    }
}
