package com.sun.jmx.remote.security;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
import javax.management.MBeanServer;
import javax.management.ObjectName;
import javax.security.auth.Subject;

/* loaded from: input_file:unix/1.8.0_412/lib/rt.jar:com/sun/jmx/remote/security/MBeanServerFileAccessController.class */
public class MBeanServerFileAccessController extends MBeanServerAccessController {
    static final String READONLY = "readonly";
    static final String READWRITE = "readwrite";
    static final String CREATE = "create";
    static final String UNREGISTER = "unregister";
    private Map<String, Access> accessMap;
    private Properties originalProps;
    private String accessFileName;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:unix/1.8.0_412/lib/rt.jar:com/sun/jmx/remote/security/MBeanServerFileAccessController$Access.class */
    public static class Access {
        final boolean write;
        final String[] createPatterns;
        private boolean unregister;
        private final String[] NO_STRINGS = new String[0];

        Access(boolean z, boolean z2, List<String> list) {
            this.write = z;
            int size = list == null ? 0 : list.size();
            if (size == 0) {
                this.createPatterns = this.NO_STRINGS;
            } else {
                this.createPatterns = (String[]) list.toArray(new String[size]);
            }
            this.unregister = z2;
        }
    }

    /* loaded from: input_file:unix/1.8.0_412/lib/rt.jar:com/sun/jmx/remote/security/MBeanServerFileAccessController$AccessType.class */
    private enum AccessType {
        READ,
        WRITE,
        CREATE,
        UNREGISTER
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:unix/1.8.0_412/lib/rt.jar:com/sun/jmx/remote/security/MBeanServerFileAccessController$Parser.class */
    public static class Parser {
        private static final int EOS = -1;
        private final String identity;
        private final String s;
        private final int len;
        private int i = 0;
        private int c;
        static final /* synthetic */ boolean $assertionsDisabled;

        private Parser(String str, String str2) {
            this.identity = str;
            this.s = str2;
            this.len = str2.length();
            if (this.i < this.len) {
                this.c = str2.codePointAt(this.i);
            } else {
                this.c = -1;
            }
        }

        static Access parseAccess(String str, String str2) {
            return new Parser(str, str2).parseAccess();
        }

        private Access parseAccess() {
            Access parseReadWrite;
            skipSpace();
            String parseWord = parseWord();
            if (parseWord.equals(MBeanServerFileAccessController.READONLY)) {
                parseReadWrite = new Access(false, false, null);
            } else {
                if (!parseWord.equals(MBeanServerFileAccessController.READWRITE)) {
                    throw syntax("Expected readonly or readwrite: " + parseWord);
                }
                parseReadWrite = parseReadWrite();
            }
            if (this.c != -1) {
                throw syntax("Extra text at end of line");
            }
            return parseReadWrite;
        }

        private Access parseReadWrite() {
            ArrayList arrayList = new ArrayList();
            boolean z = false;
            while (true) {
                skipSpace();
                if (this.c == -1) {
                    return new Access(true, z, arrayList);
                }
                String parseWord = parseWord();
                if (parseWord.equals(MBeanServerFileAccessController.UNREGISTER)) {
                    z = true;
                } else {
                    if (!parseWord.equals(MBeanServerFileAccessController.CREATE)) {
                        throw syntax("Unrecognized keyword " + parseWord);
                    }
                    parseCreate(arrayList);
                }
            }
        }

        private void parseCreate(List<String> list) {
            while (true) {
                skipSpace();
                list.add(parseClassName());
                skipSpace();
                if (this.c != 44) {
                    return;
                } else {
                    next();
                }
            }
        }

        private String parseClassName() {
            boolean z;
            int i = this.i;
            boolean z2 = false;
            while (true) {
                if (this.c == 46) {
                    if (!z2) {
                        throw syntax("Bad . in class name");
                    }
                    z = false;
                } else {
                    if (this.c != 42 && !Character.isJavaIdentifierPart(this.c)) {
                        String substring = this.s.substring(i, this.i);
                        if (z2) {
                            return substring;
                        }
                        throw syntax("Bad class name " + substring);
                    }
                    z = true;
                }
                z2 = z;
                next();
            }
        }

        private void next() {
            if (this.c != -1) {
                this.i += Character.charCount(this.c);
                if (this.i < this.len) {
                    this.c = this.s.codePointAt(this.i);
                } else {
                    this.c = -1;
                }
            }
        }

        private void skipSpace() {
            while (Character.isWhitespace(this.c)) {
                next();
            }
        }

        private String parseWord() {
            skipSpace();
            if (this.c == -1) {
                throw syntax("Expected word at end of line");
            }
            int i = this.i;
            while (this.c != -1 && !Character.isWhitespace(this.c)) {
                next();
            }
            String substring = this.s.substring(i, this.i);
            skipSpace();
            return substring;
        }

        private IllegalArgumentException syntax(String str) {
            return new IllegalArgumentException(str + " [" + this.identity + " " + this.s + "]");
        }

        static {
            $assertionsDisabled = !MBeanServerFileAccessController.class.desiredAssertionStatus();
            if (!$assertionsDisabled && Character.isWhitespace(-1)) {
                throw new AssertionError();
            }
        }
    }

    public MBeanServerFileAccessController(String str) throws IOException {
        this.accessFileName = str;
        parseProperties(propertiesFromFile(str));
    }

    public MBeanServerFileAccessController(String str, MBeanServer mBeanServer) throws IOException {
        this(str);
        setMBeanServer(mBeanServer);
    }

    public MBeanServerFileAccessController(Properties properties) throws IOException {
        if (properties == null) {
            throw new IllegalArgumentException("Null properties");
        }
        this.originalProps = properties;
        parseProperties(properties);
    }

    public MBeanServerFileAccessController(Properties properties, MBeanServer mBeanServer) throws IOException {
        this(properties);
        setMBeanServer(mBeanServer);
    }

    @Override // com.sun.jmx.remote.security.MBeanServerAccessController
    public void checkRead() {
        checkAccess(AccessType.READ, null);
    }

    @Override // com.sun.jmx.remote.security.MBeanServerAccessController
    public void checkWrite() {
        checkAccess(AccessType.WRITE, null);
    }

    @Override // com.sun.jmx.remote.security.MBeanServerAccessController
    public void checkCreate(String str) {
        checkAccess(AccessType.CREATE, str);
    }

    @Override // com.sun.jmx.remote.security.MBeanServerAccessController
    public void checkUnregister(ObjectName objectName) {
        checkAccess(AccessType.UNREGISTER, null);
    }

    public synchronized void refresh() throws IOException {
        parseProperties(this.accessFileName == null ? this.originalProps : propertiesFromFile(this.accessFileName));
    }

    private static Properties propertiesFromFile(String str) throws IOException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            Properties properties = new Properties();
            properties.load(fileInputStream);
            fileInputStream.close();
            return properties;
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    private synchronized void checkAccess(AccessType accessType, String str) {
        boolean checkCreateAccess;
        final AccessControlContext context = AccessController.getContext();
        Subject subject = (Subject) AccessController.doPrivileged(new PrivilegedAction<Subject>() { // from class: com.sun.jmx.remote.security.MBeanServerFileAccessController.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            /* renamed from: run */
            public Subject run2() {
                return Subject.getSubject(context);
            }
        });
        if (subject == null) {
            return;
        }
        String str2 = null;
        Iterator<Principal> it = subject.getPrincipals().iterator();
        while (it.hasNext()) {
            Access access = this.accessMap.get(it.next().getName());
            if (access != null) {
                switch (accessType) {
                    case READ:
                        checkCreateAccess = true;
                        break;
                    case WRITE:
                        checkCreateAccess = access.write;
                        break;
                    case UNREGISTER:
                        checkCreateAccess = access.unregister;
                        if (!checkCreateAccess && access.write) {
                            str2 = UNREGISTER;
                            break;
                        }
                        break;
                    case CREATE:
                        checkCreateAccess = checkCreateAccess(access, str);
                        if (!checkCreateAccess && access.write) {
                            str2 = "create " + str;
                            break;
                        }
                        break;
                    default:
                        throw new AssertionError();
                }
                if (checkCreateAccess) {
                    return;
                }
            }
        }
        SecurityException securityException = new SecurityException("Access denied! Invalid access level for requested MBeanServer operation.");
        if (str2 != null) {
            securityException.initCause(new SecurityException("Access property for this identity should be similar to: readwrite " + str2));
        }
        throw securityException;
    }

    private static boolean checkCreateAccess(Access access, String str) {
        for (String str2 : access.createPatterns) {
            if (classNameMatch(str2, str)) {
                return true;
            }
        }
        return false;
    }

    private static boolean classNameMatch(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        StringTokenizer stringTokenizer = new StringTokenizer(str, "*", true);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.equals("*")) {
                sb.append("[^.]*");
            } else {
                sb.append(Pattern.quote(nextToken));
            }
        }
        return str2.matches(sb.toString());
    }

    private void parseProperties(Properties properties) {
        this.accessMap = new HashMap();
        for (Map.Entry<Object, Object> entry : properties.entrySet()) {
            String str = (String) entry.getKey();
            this.accessMap.put(str, Parser.parseAccess(str, (String) entry.getValue()));
        }
    }
}
