package com.greenhat.server.container.server.security;

import com.greenhat.server.container.server.security.util.SecurityEnablementService;
import com.greenhat.server.container.server.security.util.SecurityUtils;
import com.greenhat.server.container.shared.datamodel.Role;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;

/* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore.class */
public final class FileCredentialsStore implements CredentialsStore {
    protected final File credentialsFile;
    protected final File roleFile;
    private final Map<String, String> credentialsCache = new ConcurrentHashMap();
    private final Map<String, Set<Role>> rolesCache = new ConcurrentHashMap();
    protected final Properties credentialsProperties = new Properties();
    protected final Properties roleProperties = new Properties();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/FileCredentialsStore$PasswordHashScheme.class */
    public enum PasswordHashScheme {
        MD5,
        INTERIM,
        SHA256_SALTED;

        /* JADX INFO: Access modifiers changed from: private */
        public static String interimHash(String str, String str2) {
            return INTERIM.name() + SecurityUtils.digestToHex(SecurityUtils.digest(SecurityUtils.digest(null, str.trim().getBytes(), 16), str2.trim().getBytes(), -1));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static String sha256SaltedHash(String str, String str2) {
            return SHA256_SALTED.name() + SecurityUtils.digestToHex(SecurityUtils.digest(SecurityUtils.digest(null, str.trim().getBytes(), -1), str2.trim().getBytes(), -1));
        }
    }

    public FileCredentialsStore(String str, SecurityEnablementService securityEnablementService) {
        this.credentialsFile = SecurityUtils.getCredentialsFile(str);
        this.roleFile = SecurityUtils.getRolesFile(str);
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public void init() {
        if (!this.credentialsFile.exists()) {
            createCredentialsFile();
        }
        if (!this.roleFile.exists()) {
            createRolesFile();
        }
        loadPropertiesFromFile(this.roleFile, this.roleProperties);
        for (String str : this.roleProperties.stringPropertyNames()) {
            this.rolesCache.put(str, parseRoles(this.roleProperties.getProperty(str)));
        }
        loadPropertiesFromFile(this.credentialsFile, this.credentialsProperties);
        for (String str2 : this.credentialsProperties.stringPropertyNames()) {
            this.credentialsCache.put(str2, this.credentialsProperties.getProperty(str2));
        }
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public synchronized void saveCredentials(String str, String str2) {
        String sha256SaltedHash = PasswordHashScheme.sha256SaltedHash(str, str2);
        getCredentialsCache().put(str, sha256SaltedHash);
        this.credentialsProperties.setProperty(str, sha256SaltedHash);
        savePropertiesToFile(this.credentialsFile, this.credentialsProperties);
    }

    protected String getPasswordHash(String str) {
        return getCredentialsCache().get(str);
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public Set<String> getUsers() {
        return getCredentialsCache().keySet();
    }

    private Map<String, String> getCredentialsCache() {
        return this.credentialsCache;
    }

    private Map<String, Set<Role>> getRolesCache() {
        return this.rolesCache;
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public synchronized void addRole(String str, Role role) {
        Map<String, Set<Role>> rolesCache = getRolesCache();
        Set<Role> hashSet = rolesCache.containsKey(str) ? rolesCache.get(str) : new HashSet<>();
        hashSet.add(role);
        rolesCache.put(str, hashSet);
        this.roleProperties.setProperty(str, serialiseRoles(hashSet));
        savePropertiesToFile(this.roleFile, this.roleProperties);
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public synchronized void removeRole(String str, Role role) {
        Map<String, Set<Role>> rolesCache = getRolesCache();
        Set<Role> hashSet = rolesCache.containsKey(str) ? rolesCache.get(str) : new HashSet<>();
        hashSet.remove(role);
        rolesCache.put(str, hashSet);
        this.roleProperties.setProperty(str, serialiseRoles(hashSet));
        savePropertiesToFile(this.roleFile, this.roleProperties);
    }

    protected String getHash(String str) {
        return SecurityUtils.getHash(str);
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public String userExists(String str) {
        if (getCredentialsCache().containsKey(str)) {
            return str;
        }
        return null;
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public String hasMatch(String str, String str2) {
        String passwordHash = getPasswordHash(str);
        if (passwordHash == null) {
            return null;
        }
        if (passwordHash.startsWith(PasswordHashScheme.SHA256_SALTED.name())) {
            if (passwordHash.equals(PasswordHashScheme.sha256SaltedHash(str, str2))) {
                return str;
            }
            return null;
        }
        if (!passwordHash.startsWith(PasswordHashScheme.INTERIM.name()) || !passwordHash.equals(PasswordHashScheme.interimHash(str, getHash(str + str2)))) {
            return null;
        }
        String sha256SaltedHash = PasswordHashScheme.sha256SaltedHash(str, str2);
        getCredentialsCache().put(str, sha256SaltedHash);
        this.credentialsProperties.setProperty(str, sha256SaltedHash);
        savePropertiesToFile(this.credentialsFile, this.credentialsProperties);
        return str;
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public synchronized boolean deleteUser(String str) {
        boolean z = getCredentialsCache().remove(str) != null;
        this.credentialsProperties.remove(str);
        savePropertiesToFile(this.credentialsFile, this.credentialsProperties);
        getRolesCache().remove(str);
        this.roleProperties.remove(str);
        savePropertiesToFile(this.roleFile, this.roleProperties);
        return z;
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public Set<Role> getRoles(String str) {
        return getRolesCache().containsKey(str) ? getRolesCache().get(str) : Collections.emptySet();
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public boolean canAlterUsers() {
        return true;
    }

    @Override // com.greenhat.server.container.server.security.CredentialsStore
    public void close() {
    }

    private Properties loadPropertiesFromFile(File file, Properties properties) {
        try {
            InputStreamReader inputStreamReader = new InputStreamReader(new FileInputStream(file), "UTF-8");
            properties.load(inputStreamReader);
            inputStreamReader.close();
            return properties;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private final void savePropertiesToFile(File file, Properties properties) {
        try {
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(new FileOutputStream(file), "UTF-8");
            properties.store(outputStreamWriter, "RTCP");
            outputStreamWriter.close();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private final void createCredentialsFile() {
        try {
            this.credentialsFile.createNewFile();
            saveCredentials("admin", "admin");
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private final void createRolesFile() {
        try {
            this.roleFile.createNewFile();
            addRole("admin", Role.SERVER_ADMIN);
            addRole("admin", Role.USER);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private final Set<Role> parseRoles(String str) {
        HashSet hashSet = new HashSet();
        if (str != null) {
            for (String str2 : str.split(",")) {
                hashSet.add(Role.fromString(str2));
            }
        }
        return hashSet;
    }

    private final String serialiseRoles(Set<Role> set) {
        StringBuilder sb = new StringBuilder();
        Iterator<Role> it = set.iterator();
        while (it.hasNext()) {
            sb.append(it.next().getId()).append(",");
        }
        return sb.toString();
    }

    public void updateMd5ToInterim() {
        boolean z = false;
        for (String str : getUsers()) {
            String passwordHash = getPasswordHash(str);
            if (!passwordHash.startsWith(PasswordHashScheme.INTERIM.name()) && !passwordHash.startsWith(PasswordHashScheme.SHA256_SALTED.name())) {
                z = true;
                String interimHash = PasswordHashScheme.interimHash(str, passwordHash);
                getCredentialsCache().put(str, interimHash);
                this.credentialsProperties.setProperty(str, interimHash);
            }
        }
        if (z) {
            savePropertiesToFile(this.credentialsFile, this.credentialsProperties);
        }
    }
}
