package org.apache.ambari.server.controller;

import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.annotation.Nullable;
import org.apache.ambari.server.api.services.parsers.RequestBodyParser;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.orm.entities.PermissionEntity;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.builder.EqualsBuilder;
import org.apache.commons.lang.builder.HashCodeBuilder;

/* loaded from: input_file:org/apache/ambari/server/controller/AuthToLocalBuilder.class */
public class AuthToLocalBuilder implements Cloneable {
    public static final ConcatenationType DEFAULT_CONCATENATION_TYPE = ConcatenationType.NEW_LINES;
    private Set<Rule> setRules;
    private final String defaultRealm;
    private final Set<String> additionalRealms;
    private boolean caseInsensitiveUser;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.ambari.server.controller.AuthToLocalBuilder$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/ambari/server/controller/AuthToLocalBuilder$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$ambari$server$controller$AuthToLocalBuilder$ConcatenationType = new int[ConcatenationType.values().length];

        static {
            try {
                $SwitchMap$org$apache$ambari$server$controller$AuthToLocalBuilder$ConcatenationType[ConcatenationType.NEW_LINES.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$ambari$server$controller$AuthToLocalBuilder$ConcatenationType[ConcatenationType.NEW_LINES_ESCAPED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$ambari$server$controller$AuthToLocalBuilder$ConcatenationType[ConcatenationType.SPACES.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$ambari$server$controller$AuthToLocalBuilder$ConcatenationType[ConcatenationType.COMMA.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* loaded from: input_file:org/apache/ambari/server/controller/AuthToLocalBuilder$ConcatenationType.class */
    public enum ConcatenationType {
        NEW_LINES,
        NEW_LINES_ESCAPED,
        SPACES,
        COMMA;

        public static ConcatenationType translate(String str) {
            if (str != null) {
                String trim = str.trim();
                if (!trim.isEmpty()) {
                    return valueOf(trim.toUpperCase());
                }
            }
            return AuthToLocalBuilder.DEFAULT_CONCATENATION_TYPE;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/ambari/server/controller/AuthToLocalBuilder$MatchingRule.class */
    public static class MatchingRule {
        private final int expectedComponentCount;
        private final String matchPattern;
        private final String realmPattern;

        public static MatchingRule ignoreHostWhenComponentCountIs(int i) {
            return new MatchingRule(i, "$1", "$0");
        }

        public MatchingRule(int i, String str, @Nullable String str2) {
            this.expectedComponentCount = i;
            this.matchPattern = str;
            this.realmPattern = str2;
        }

        public int matchComponentCount() {
            return (this.matchPattern.startsWith("$") ? this.matchPattern.substring(1) : this.matchPattern).split("\\$").length;
        }

        public String toString() {
            return this.realmPattern != null ? String.format("[%d:%s@%s]", Integer.valueOf(this.expectedComponentCount), this.matchPattern, this.realmPattern) : String.format("[%d:%s]", Integer.valueOf(this.expectedComponentCount), this.matchPattern);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            MatchingRule matchingRule = (MatchingRule) obj;
            return new EqualsBuilder().append(this.expectedComponentCount, matchingRule.expectedComponentCount).append(this.matchPattern, matchingRule.matchPattern).append(this.realmPattern, matchingRule.realmPattern).isEquals();
        }

        public int hashCode() {
            return new HashCodeBuilder(17, 37).append(this.expectedComponentCount).append(this.matchPattern).append(this.realmPattern).toHashCode();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/ambari/server/controller/AuthToLocalBuilder$Principal.class */
    public static class Principal {
        private static final Pattern p = Pattern.compile("([^@]+)(?:@(.*))?");
        private String principal;
        private String realm;
        private List<String> components;

        public Principal(String str) {
            this.principal = str;
            Matcher matcher = p.matcher(str);
            if (!matcher.matches()) {
                throw new IllegalArgumentException("Invalid Principal: " + str);
            }
            String group = matcher.group(1);
            if (group == null) {
                this.components = Collections.emptyList();
            } else {
                this.components = Arrays.asList((group.startsWith(RequestBodyParser.SLASH) ? group.substring(1) : group).split(RequestBodyParser.SLASH));
            }
            this.realm = matcher.group(2);
        }

        public List<String> getComponents() {
            return this.components;
        }

        public String getComponent(int i) {
            if (i > this.components.size()) {
                return null;
            }
            return this.components.get(i - 1);
        }

        public String getRealm() {
            return this.realm;
        }

        public String toString() {
            return this.principal;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            Principal principal = (Principal) obj;
            return this.components.equals(principal.components) && this.principal.equals(principal.principal) && (this.realm == null ? principal.realm == null : this.realm.equals(principal.realm));
        }

        public int hashCode() {
            return (31 * ((31 * this.principal.hashCode()) + (this.realm != null ? this.realm.hashCode() : 0))) + this.components.hashCode();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/ambari/server/controller/AuthToLocalBuilder$Rule.class */
    public static class Rule implements Comparable<Rule> {
        private static final Pattern PATTERN_RULE_PARSE = Pattern.compile("RULE:\\s*\\[\\s*(\\d)\\s*:\\s*(.+?)(?:@(.+?))??\\s*\\]\\s*\\((.+?)\\)\\s*s/(.*?)/(.*?)/([a-zA-Z]*)((/L)?)(?:.|\n)*");
        private final MatchingRule matchingRule;
        private final Principal principal;
        private final Substitution substitution;

        public static Rule parse(String str) {
            Matcher matcher = PATTERN_RULE_PARSE.matcher(str);
            if (!matcher.matches()) {
                throw new IllegalArgumentException("Invalid rule: " + str);
            }
            return new Rule(new MatchingRule(Integer.valueOf(matcher.group(1)).intValue(), matcher.group(2), matcher.group(3)), new Principal(matcher.group(4)), new Substitution(matcher.group(5), matcher.group(6), matcher.group(7), !matcher.group(8).isEmpty()));
        }

        public Rule(MatchingRule matchingRule, Principal principal, Substitution substitution) {
            this.matchingRule = matchingRule;
            this.principal = principal;
            this.substitution = substitution;
        }

        public String toString() {
            return String.format("RULE:%s(%s)%s", this.matchingRule, this.principal, this.substitution);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            Rule rule = (Rule) obj;
            return new EqualsBuilder().append(this.matchingRule, rule.matchingRule).append(this.principal, rule.principal).append(this.substitution, rule.substitution).isEquals();
        }

        public int hashCode() {
            return new HashCodeBuilder(17, 37).append(this.matchingRule).append(this.principal).append(this.substitution).toHashCode();
        }

        @Override // java.lang.Comparable
        public int compareTo(Rule rule) {
            int i = this.matchingRule.expectedComponentCount - rule.matchingRule.expectedComponentCount;
            if (i == 0) {
                i = rule.matchingRule.matchComponentCount() - this.matchingRule.matchComponentCount();
                if (i == 0) {
                    if (this.principal.equals(rule.principal)) {
                        i = toString().compareTo(rule.toString());
                    } else {
                        i = compareValueWithWildcards(this.principal.getRealm(), rule.principal.getRealm());
                        if (i == 0) {
                            for (int i2 = 1; i2 <= this.matchingRule.matchComponentCount(); i2++) {
                                i = compareValueWithWildcards(this.principal.getComponent(1), rule.principal.getComponent(1));
                                if (i != 0) {
                                    break;
                                }
                            }
                        }
                    }
                }
            }
            return i;
        }

        private int compareValueWithWildcards(String str, String str2) {
            if (str == null) {
                return str2 == null ? 0 : -1;
            }
            if (str2 == null) {
                return 1;
            }
            if (str.equals(str2)) {
                return 0;
            }
            if (str.equals(".*")) {
                return 1;
            }
            if (str2.equals(".*")) {
                return -1;
            }
            return str.compareTo(str2);
        }

        public Rule caseSensitivityInverted() {
            return new Rule(this.matchingRule, this.principal, this.substitution.caseSensitivityInverted());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/ambari/server/controller/AuthToLocalBuilder$Substitution.class */
    public static class Substitution {
        private final String pattern;
        private final String replacement;
        private final String modifier;
        private final boolean caseInsensitiveUser;

        public Substitution(String str, String str2, String str3, boolean z) {
            this.pattern = str;
            this.replacement = str2;
            this.modifier = str3;
            this.caseInsensitiveUser = z;
        }

        public String toString() {
            Object[] objArr = new Object[4];
            objArr[0] = this.pattern;
            objArr[1] = this.replacement;
            objArr[2] = this.modifier;
            objArr[3] = this.caseInsensitiveUser ? "/L" : Configuration.JDBC_IN_MEMORY_PASSWORD;
            return String.format("s/%s/%s/%s%s", objArr);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            Substitution substitution = (Substitution) obj;
            return new EqualsBuilder().append(this.caseInsensitiveUser, substitution.caseInsensitiveUser).append(this.pattern, substitution.pattern).append(this.replacement, substitution.replacement).append(this.modifier, substitution.modifier).isEquals();
        }

        public int hashCode() {
            return new HashCodeBuilder(17, 37).append(this.pattern).append(this.replacement).append(this.modifier).append(this.caseInsensitiveUser).toHashCode();
        }

        public Substitution caseSensitivityInverted() {
            return new Substitution(this.pattern, this.replacement, this.modifier, !this.caseInsensitiveUser);
        }
    }

    public AuthToLocalBuilder(String str, String str2, boolean z) {
        this(str, splitDelimitedString(str2), z);
    }

    public AuthToLocalBuilder(String str, Collection<String> collection, boolean z) {
        this.setRules = new TreeSet();
        this.defaultRealm = str;
        this.additionalRealms = collection == null ? Collections.emptySet() : Collections.unmodifiableSet(new HashSet(collection));
        this.caseInsensitiveUser = z;
    }

    public Object clone() throws CloneNotSupportedException {
        AuthToLocalBuilder authToLocalBuilder = (AuthToLocalBuilder) super.clone();
        authToLocalBuilder.setRules = new TreeSet(this.setRules);
        return authToLocalBuilder;
    }

    public AuthToLocalBuilder addRules(String str) {
        if (!StringUtils.isEmpty(str)) {
            for (String str2 : str.split("RULE:|DEFAULT")) {
                String trim = str2.trim();
                if (!trim.isEmpty()) {
                    Rule createRule = createRule(trim);
                    if (!this.setRules.contains(createRule.caseSensitivityInverted())) {
                        this.setRules.add(createRule);
                    }
                }
            }
        }
        return this;
    }

    public AuthToLocalBuilder addRule(String str, String str2) {
        if (!StringUtils.isEmpty(str) && !StringUtils.isEmpty(str2)) {
            Principal principal = new Principal(str);
            if (principal.getRealm() == null) {
                throw new IllegalArgumentException("Attempted to add a rule for a principal with no realm: " + str);
            }
            this.setRules.add(createHostAgnosticRule(principal, str2));
        }
        return this;
    }

    public String generate() {
        return generate(null);
    }

    public String generate(ConcatenationType concatenationType) {
        StringBuilder sb = new StringBuilder();
        if (!StringUtils.isEmpty(this.defaultRealm)) {
            this.setRules.remove(createDefaultRealmRule(this.defaultRealm, !this.caseInsensitiveUser));
            this.setRules.add(createDefaultRealmRule(this.defaultRealm, this.caseInsensitiveUser));
        }
        for (String str : this.additionalRealms) {
            this.setRules.remove(createDefaultRealmRule(str, !this.caseInsensitiveUser));
            this.setRules.add(createDefaultRealmRule(str, this.caseInsensitiveUser));
        }
        if (concatenationType == null) {
            concatenationType = DEFAULT_CONCATENATION_TYPE;
        }
        Iterator<Rule> it = this.setRules.iterator();
        while (it.hasNext()) {
            appendRule(sb, it.next().toString(), concatenationType);
        }
        appendRule(sb, "DEFAULT", concatenationType);
        return sb.toString();
    }

    private void appendRule(StringBuilder sb, String str, ConcatenationType concatenationType) {
        if (sb.length() > 0) {
            switch (AnonymousClass1.$SwitchMap$org$apache$ambari$server$controller$AuthToLocalBuilder$ConcatenationType[concatenationType.ordinal()]) {
                case 1:
                    sb.append('\n');
                    break;
                case 2:
                    sb.append("\\\n");
                    break;
                case 3:
                    sb.append(" ");
                    break;
                case PermissionEntity.VIEW_USER_PERMISSION /* 4 */:
                    sb.append(",");
                    break;
                default:
                    throw new UnsupportedOperationException(String.format("The auth-to-local rule concatenation type is not supported: %s", concatenationType.name()));
            }
        }
        sb.append(str);
    }

    private Rule createHostAgnosticRule(Principal principal, String str) {
        return new Rule(MatchingRule.ignoreHostWhenComponentCountIs(principal.getComponents().size()), new Principal(principal.getComponent(1) + "@" + principal.getRealm()), new Substitution(".*", str, Configuration.JDBC_IN_MEMORY_PASSWORD, false));
    }

    private Rule createDefaultRealmRule(String str, boolean z) {
        return new Rule(MatchingRule.ignoreHostWhenComponentCountIs(1), new Principal(".*@" + str), new Substitution("@.*", Configuration.JDBC_IN_MEMORY_PASSWORD, Configuration.JDBC_IN_MEMORY_PASSWORD, z));
    }

    private Rule createRule(String str) {
        return Rule.parse(str.startsWith("RULE:") ? str : String.format("RULE:%s", str));
    }

    private static Collection<String> splitDelimitedString(String str) {
        HashSet hashSet = null;
        if (!StringUtils.isEmpty(str)) {
            hashSet = new HashSet();
            for (String str2 : str.split("\\s*(?:\\r?\\n|,)\\s*")) {
                String trim = str2.trim();
                if (!trim.isEmpty()) {
                    hashSet.add(trim);
                }
            }
        }
        return hashSet;
    }
}
