package com.greenhat.server.container.server.security;

import com.greenhat.server.container.server.capability.CapabilityCreator;
import com.greenhat.server.container.server.capability.ServerCapabilityFactory;
import com.greenhat.server.container.server.security.actors.Actor;
import com.greenhat.server.container.server.security.actors.ActorRef;
import com.greenhat.server.container.server.security.actors.Actors;
import com.greenhat.server.container.server.security.util.SecurityEnablementService;
import com.greenhat.server.container.server.security.util.SecurityUtils;
import com.greenhat.server.container.shared.capability.CapabilityContext;
import com.greenhat.server.container.shared.capability.CapabilityPaths;
import com.greenhat.server.container.shared.capability.MutableCapability;
import com.greenhat.server.container.shared.datamodel.User;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;

/* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore.class */
public final class FileCredentialsStore implements CredentialsStore {
    private final Map<String, String> credentialsCache = new ConcurrentHashMap();
    private final Map<String, Set<String>> rolesCache = new ConcurrentHashMap();
    private final ActorRef credentialsActor;
    private final ActorRef rolesActor;
    private final SecurityEnablementService securityEnablementService;

    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore$CredentialsActor.class */
    private class CredentialsActor extends PropertyStoreActor {
        private CredentialsActor(String str) {
            super(SecurityUtils.getCredentialsFile(str), CredentialsMutatorMessage.class, "RTCP password store");
        }

        @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyStoreActor
        protected void onStart() {
            for (String str : this.properties.stringPropertyNames()) {
                FileCredentialsStore.this.credentialsCache.put(str, this.properties.getProperty(str));
            }
        }

        @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyStoreActor
        protected final void createNewFile() {
            try {
                this.file.createNewFile();
                FileCredentialsStore.this.saveCredentials("admin", "admin");
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
    }

    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore$CredentialsMutatorMessage.class */
    private interface CredentialsMutatorMessage extends PropertyMutatorMessage {
    }

    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore$PropertyMutatorMessage.class */
    private interface PropertyMutatorMessage {
        void execute(Properties properties);
    }

    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore$PropertyStoreActor.class */
    public abstract class PropertyStoreActor implements Actor {
        protected final File file;
        protected final Properties properties = new Properties();
        private final Class<? extends PropertyMutatorMessage> messageType;
        private final String comment;

        protected PropertyStoreActor(File file, Class<? extends PropertyMutatorMessage> cls, String str) {
            this.file = file;
            this.messageType = cls;
            this.comment = str;
        }

        @Override // com.greenhat.server.container.server.security.actors.Actor
        public void onReceive(Object obj) throws Exception {
            if (!this.messageType.isInstance(obj)) {
                throw new IllegalArgumentException("Message of type " + obj.getClass() + " is not supported by " + getClass());
            }
            ((PropertyMutatorMessage) obj).execute(this.properties);
            saveProperties();
        }

        protected abstract void createNewFile();

        protected final void saveProperties() {
            try {
                FileWriter fileWriter = new FileWriter(this.file);
                this.properties.store(fileWriter, this.comment);
                fileWriter.close();
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }

        protected final Properties loadProperties() {
            try {
                FileReader fileReader = new FileReader(this.file);
                this.properties.load(fileReader);
                fileReader.close();
                return this.properties;
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }

        @Override // com.greenhat.server.container.server.security.actors.Actor
        public void preStart() {
            if (!this.file.exists()) {
                createNewFile();
            }
            loadProperties();
            onStart();
        }

        protected abstract void onStart();

        @Override // com.greenhat.server.container.server.security.actors.Actor
        public void preRestart(Throwable th) {
            loadProperties();
        }
    }

    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore$RolesActor.class */
    private class RolesActor extends PropertyStoreActor {
        RolesActor(String str) {
            super(SecurityUtils.getRolesFile(str), RolesMutatorMessage.class, "RTCP authorisation store");
        }

        @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyStoreActor
        protected void createNewFile() {
            try {
                this.file.createNewFile();
                FileCredentialsStore.this.addRole("admin", "admin");
                FileCredentialsStore.this.addRole("admin", "user");
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }

        protected final Set<String> parseRoles(String str) {
            HashSet hashSet = new HashSet();
            if (str != null) {
                for (String str2 : str.split(",")) {
                    hashSet.add(str2);
                }
            }
            return hashSet;
        }

        @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyStoreActor
        protected void onStart() {
            for (String str : this.properties.stringPropertyNames()) {
                FileCredentialsStore.this.rolesCache.put(str, parseRoles(this.properties.getProperty(str)));
            }
        }
    }

    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore$RolesMutatorMessage.class */
    private abstract class RolesMutatorMessage implements PropertyMutatorMessage {
        private final Set<String> roles;

        RolesMutatorMessage(FileCredentialsStore fileCredentialsStore) {
            this(Collections.emptySet());
        }

        RolesMutatorMessage(Set<String> set) {
            this.roles = Collections.unmodifiableSet(set);
        }

        protected final String serialiseRoles() {
            StringBuilder sb = new StringBuilder();
            Iterator<String> it = this.roles.iterator();
            while (it.hasNext()) {
                sb.append(it.next()).append(",");
            }
            return sb.toString();
        }
    }

    public FileCredentialsStore(String str, SecurityEnablementService securityEnablementService) {
        this.securityEnablementService = securityEnablementService;
        this.credentialsActor = Actors.make(new CredentialsActor(str));
        this.rolesActor = Actors.make(new RolesActor(str));
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public void saveCredentials(final String str, String str2) {
        final String hash = getHash(str + str2);
        getCredentialsCache().put(str, hash);
        this.credentialsActor.sendOneWay(new CredentialsMutatorMessage() { // from class: com.greenhat.server.container.server.security.FileCredentialsStore.1
            @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyMutatorMessage
            public void execute(Properties properties) {
                properties.setProperty(str, hash);
            }
        });
    }

    protected String getPasswordHash(String str) {
        return getCredentialsCache().get(str);
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public Set<String> getUsers() {
        return getCredentialsCache().keySet();
    }

    private Map<String, String> getCredentialsCache() {
        return this.credentialsCache;
    }

    private Map<String, Set<String>> getRolesCache() {
        return this.rolesCache;
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public void addRole(final String str, String str2) {
        Map<String, Set<String>> rolesCache = getRolesCache();
        Set<String> hashSet = rolesCache.containsKey(str) ? rolesCache.get(str) : new HashSet<>();
        hashSet.add(str2);
        rolesCache.put(str, hashSet);
        this.rolesActor.sendOneWay(new RolesMutatorMessage(hashSet) { // from class: com.greenhat.server.container.server.security.FileCredentialsStore.2
            @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyMutatorMessage
            public void execute(Properties properties) {
                properties.setProperty(str, serialiseRoles());
            }
        });
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public void removeRole(final String str, String str2) {
        Map<String, Set<String>> rolesCache = getRolesCache();
        Set<String> hashSet = rolesCache.containsKey(str) ? rolesCache.get(str) : new HashSet<>();
        hashSet.remove(str2);
        rolesCache.put(str, hashSet);
        this.rolesActor.sendOneWay(new RolesMutatorMessage(hashSet) { // from class: com.greenhat.server.container.server.security.FileCredentialsStore.3
            @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyMutatorMessage
            public void execute(Properties properties) {
                properties.setProperty(str, serialiseRoles());
            }
        });
    }

    protected String getHash(String str) {
        return SecurityUtils.getHash(str);
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public boolean userExists(String str) {
        return getCredentialsCache().containsKey(str);
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public boolean hasMatch(String str, String str2) {
        return getHash(str + str2).equals(getPasswordHash(str));
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public boolean deleteUser(final String str) {
        boolean z = getCredentialsCache().remove(str) != null;
        this.credentialsActor.sendOneWay(new CredentialsMutatorMessage() { // from class: com.greenhat.server.container.server.security.FileCredentialsStore.4
            @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyMutatorMessage
            public void execute(Properties properties) {
                properties.remove(str);
            }
        });
        getRolesCache().remove(str);
        this.rolesActor.sendOneWay(new RolesMutatorMessage() { // from class: com.greenhat.server.container.server.security.FileCredentialsStore.5
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(FileCredentialsStore.this);
            }

            @Override // com.greenhat.server.container.server.security.FileCredentialsStore.PropertyMutatorMessage
            public void execute(Properties properties) {
                properties.remove(str);
            }
        });
        return z;
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public Set<String> getRoles(String str) {
        return getRolesCache().containsKey(str) ? getRolesCache().get(str) : Collections.emptySet();
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public void close() {
        this.credentialsActor.stop();
        this.rolesActor.stop();
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public void init() {
        this.credentialsActor.start();
        this.rolesActor.start();
    }

    @Override // com.greenhat.server.container.server.capability.CapabilityProvider
    public Map<String, MutableCapability> getCapabilities(final CapabilityCreator capabilityCreator) {
        HashMap hashMap = new HashMap();
        hashMap.put(CapabilityPaths.ADMINISTRATION_SECURITY_ADMIN, capabilityCreator.makeCapability(new ServerCapabilityFactory() { // from class: com.greenhat.server.container.server.security.FileCredentialsStore.6
            @Override // com.greenhat.server.container.server.capability.ServerCapabilityFactory
            public Map<String, MutableCapability> getCapabilities(CapabilityContext capabilityContext) {
                HashMap hashMap2 = new HashMap();
                User user = capabilityContext.getUser();
                if (FileCredentialsStore.this.securityEnablementService.isSecurityEnabled()) {
                    if (user.hasRole("admin")) {
                        hashMap2.put(CapabilityPaths.Fragments.ADMINISTER_USER, capabilityCreator.makeCapability());
                        hashMap2.put(CapabilityPaths.Fragments.CREATE_USER, capabilityCreator.makeCapability());
                    }
                    hashMap2.put(CapabilityPaths.Fragments.CHANGE_PASSWORD, capabilityCreator.makeCapability());
                }
                return hashMap2;
            }
        }, true));
        return hashMap;
    }
}
