package cern.accsoft.security.rba.spi;

import cern.accsoft.commons.util.Assert;
import cern.accsoft.security.rba.login.LoginPolicy;
import java.net.InetAddress;
import java.net.URL;
import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.AppConfigurationEntry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cern/accsoft/security/rba/spi/Configuration.class */
public final class Configuration {
    private static final Logger LOGGER = LoggerFactory.getLogger(Configuration.class);
    public static final String SYSTEM_PROPERTY_RBAC_SETUP = "rbac.setup";
    private static final String SYSTEM_PROPERTY_APP_TIMEOUT_ENABLED = "rbac.app-timeout.enabled";
    private static final String UNKNOWN_USERNAME = "unknown";
    private static final String CONTEXT_NAME_SEPARATOR = "-";
    private static Configuration singleton;
    private RuntimeSetup runtimeSetup;
    private String username;
    private String userHome;
    private String userKeystore;
    private String tokenCache;
    private boolean appTimeoutEnabled;
    private List<String> serversList;
    private String sslKeystoreName;
    private String sslKeystorePass;

    /* loaded from: input_file:cern/accsoft/security/rba/spi/Configuration$RuntimeSetup.class */
    public enum RuntimeSetup {
        PRO,
        DEV,
        TEST,
        LOCAL
    }

    private Configuration() {
        initialize();
    }

    public static Configuration getInstance() {
        Configuration configuration;
        if (singleton != null) {
            return singleton;
        }
        synchronized (Configuration.class) {
            if (singleton == null) {
                singleton = new Configuration();
            }
            configuration = singleton;
        }
        return configuration;
    }

    public String getUsername() {
        return this.username;
    }

    public String getUserHome() {
        return this.userHome;
    }

    public String getUserKeystore() {
        return this.userKeystore;
    }

    public String getTokenCache() {
        return this.tokenCache;
    }

    public boolean isAppTimeoutEnabled() {
        return this.appTimeoutEnabled;
    }

    public RuntimeSetup getRuntimeSetup() {
        return this.runtimeSetup;
    }

    public List<String> getRemoteServers() {
        return this.serversList;
    }

    public String getSslKeystoreName() {
        return this.sslKeystoreName;
    }

    public String getSslKeystorePass() {
        return this.sslKeystorePass;
    }

    public String prepareContextName(String str) {
        Assert.hasText(str, "Login context name is null/empty");
        String lowerCase = str.trim().toLowerCase();
        warnUseOfObsoleteContext(lowerCase);
        return prepareContextNameImpl(lowerCase);
    }

    private static void warnUseOfObsoleteContext(String str) {
        boolean z = false;
        LoginPolicy[] values = LoginPolicy.values();
        int length = values.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (values[i].name().equalsIgnoreCase(str)) {
                z = true;
                break;
            }
            i++;
        }
        if (z) {
            return;
        }
        LOGGER.warn("RBA login context name '{}' is deprecated --> use instead LoginPolicy enum.", str);
        System.err.println("RBA login context name '" + str + "' is deprecated --> use instead LoginPolicy enum.");
    }

    private String prepareContextNameImpl(String str) {
        return (this.runtimeSetup == RuntimeSetup.PRO || str.indexOf(CONTEXT_NAME_SEPARATOR) > 0) ? str : this.runtimeSetup.name().toLowerCase() + CONTEXT_NAME_SEPARATOR + str.toLowerCase();
    }

    private void initialize() {
        initRuntimeSetup();
        initCurrentUsername();
        initUserDirectories();
        initLoginServersConfig();
    }

    private void initRuntimeSetup() {
        String property = System.getProperty(SYSTEM_PROPERTY_RBAC_SETUP);
        if (property == null) {
            System.setProperty(SYSTEM_PROPERTY_RBAC_SETUP, RuntimeSetup.PRO.name());
            property = RuntimeSetup.PRO.name();
        }
        this.runtimeSetup = RuntimeSetup.valueOf(property.trim().toUpperCase());
        this.appTimeoutEnabled = Boolean.getBoolean(SYSTEM_PROPERTY_APP_TIMEOUT_ENABLED);
    }

    private void initCurrentUsername() {
        this.username = retrieveUsername();
    }

    private void initUserDirectories() {
        String property = System.getProperty("user.home");
        String property2 = System.getProperty("file.separator");
        if (property.indexOf(this.username) >= 0) {
            this.userHome = property + property2;
        } else {
            if (!property.endsWith(property2)) {
                property = property + property2;
            }
            this.userHome = property + this.username + property2;
        }
        this.userKeystore = this.userHome + "keystore";
        String str = "";
        try {
            if (InetAddress.getLocalHost() != null) {
                str = "." + InetAddress.getLocalHost().getHostName();
            }
        } catch (UnknownHostException e) {
            LOGGER.warn("Failed to get hostname: {}", e.getMessage(), e);
        }
        this.tokenCache = this.userHome + str + ".rba.cache";
    }

    private void initLoginServersConfig() {
        javax.security.auth.login.Configuration configuration = javax.security.auth.login.Configuration.getConfiguration();
        String prepareContextNameImpl = prepareContextNameImpl(LoginPolicy.DEFAULT.name().toLowerCase());
        AppConfigurationEntry[] appConfigurationEntry = configuration.getAppConfigurationEntry(prepareContextNameImpl);
        Assert.notEmpty(appConfigurationEntry, "Login configuration not found for login context: " + prepareContextNameImpl);
        String str = null;
        int length = appConfigurationEntry.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Map options = appConfigurationEntry[i].getOptions();
            if (options != null) {
                String str2 = (String) options.get("server");
                str = str2;
                if (str2 != null) {
                    this.sslKeystoreName = (String) options.get("sslKeystoreName");
                    this.sslKeystorePass = (String) options.get("sslKeystorePass");
                    break;
                }
            }
            i++;
        }
        Assert.hasText(str, "Remote servers list not found for login context: " + prepareContextNameImpl);
        this.serversList = Collections.unmodifiableList(Arrays.asList(str.split(",")));
    }

    private static String retrieveUsername() {
        return System.getProperty("os.name").indexOf("Windows") != -1 ? retrieveUsernameFromModule("com.sun.security.auth.module.NTSystem", "getName") : retrieveUsernameFromModule("com.sun.security.auth.module.UnixSystem", "getUsername");
    }

    private static String retrieveUsernameFromModule(String str, String str2) {
        try {
            Class<?> cls = Class.forName(str);
            String str3 = (String) cls.getMethod(str2, (Class[]) null).invoke(cls.newInstance(), (Object[]) null);
            return (str3 == null || str3.isEmpty()) ? UNKNOWN_USERNAME : str3.toLowerCase();
        } catch (Exception e) {
            LOGGER.error("Failed to retrieve the currently logged in username: {}", e.getMessage(), e);
            throw new RuntimeException("Failed to retrieve the currently logged in username: " + e.getMessage(), e);
        }
    }

    static {
        URL resource = Thread.currentThread().getContextClassLoader().getResource(Constants.LOGIN_CONFIG_FILE_NAME);
        if (resource == null) {
            throw new RuntimeException("RBA login config file not found: cern/accsoft/security/rba/spi/login/rba-login.properties");
        }
        System.setProperty("java.security.auth.login.config", resource.toString());
    }
}
