package org.geoserver.security;

import java.io.IOException;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import java.util.logging.Level;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.event.UserGroupLoadedListener;
import org.geoserver.security.impl.AbstractGeoServerSecurityService;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.security.impl.GeoServerUser;
import org.geoserver.security.impl.GeoServerUserGroup;
import org.geoserver.security.impl.RoleCalculator;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/geoserver/security/WebServiceBodyResponseUserGroupService.class */
public class WebServiceBodyResponseUserGroupService extends AbstractGeoServerSecurityService implements GeoServerUserGroupService {
    static final SortedSet<GeoServerUser> emptyUserSet = Collections.unmodifiableSortedSet(new TreeSet());
    private static final String rolePrefix = "ROLE_";
    private static final String groupPrefix = "GROUP_";
    protected String passwordEncoderName;
    protected String passwordValidatorName;
    private String roleServiceName;
    private GeoServerRoleService defaultSecurityService;
    private boolean convertToUpperCase = true;
    protected Set<UserGroupLoadedListener> listeners = Collections.synchronizedSet(new HashSet());
    Pattern searchRolesRegex = null;
    protected SortedSet<GeoServerUserGroup> availableGroups = Collections.synchronizedSortedSet(new TreeSet());

    public WebServiceBodyResponseUserGroupService(SecurityNamedServiceConfig securityNamedServiceConfig) throws IOException {
        initializeFromConfig(securityNamedServiceConfig);
    }

    public void initializeFromConfig(SecurityNamedServiceConfig securityNamedServiceConfig) throws IOException {
        super.initializeFromConfig(securityNamedServiceConfig);
        WebServiceBodyResponseUserGroupServiceConfig webServiceBodyResponseUserGroupServiceConfig = (WebServiceBodyResponseUserGroupServiceConfig) securityNamedServiceConfig;
        this.passwordEncoderName = webServiceBodyResponseUserGroupServiceConfig.getPasswordEncoderName();
        this.passwordValidatorName = webServiceBodyResponseUserGroupServiceConfig.getPasswordPolicyName();
        if (StringUtils.hasLength(webServiceBodyResponseUserGroupServiceConfig.getSearchRoles())) {
            try {
                this.searchRolesRegex = Pattern.compile(webServiceBodyResponseUserGroupServiceConfig.getSearchRoles());
            } catch (PatternSyntaxException e) {
                throw new IOException("Search Roles regex is malformed");
            }
        }
        if (StringUtils.hasLength(webServiceBodyResponseUserGroupServiceConfig.getAvailableGroups())) {
            for (String str : webServiceBodyResponseUserGroupServiceConfig.getAvailableGroups().split(",")) {
                this.availableGroups.add(new GeoServerUserGroup(this.convertToUpperCase ? str.trim().toUpperCase() : str.trim()));
            }
        }
        if (StringUtils.hasLength(webServiceBodyResponseUserGroupServiceConfig.getRoleServiceName())) {
            this.roleServiceName = webServiceBodyResponseUserGroupServiceConfig.getRoleServiceName();
        } else {
            this.roleServiceName = null;
        }
        this.defaultSecurityService = null;
    }

    public boolean canCreateStore() {
        return false;
    }

    public GeoServerUserGroupStore createStore() throws IOException {
        return null;
    }

    public void load() throws IOException {
    }

    public void registerUserGroupLoadedListener(UserGroupLoadedListener userGroupLoadedListener) {
        this.listeners.add(userGroupLoadedListener);
    }

    public void unregisterUserGroupLoadedListener(UserGroupLoadedListener userGroupLoadedListener) {
        this.listeners.remove(userGroupLoadedListener);
    }

    public GeoServerUser loadUserByUsername(String str, String str2) {
        try {
            if (str == null) {
                throw new UsernameNotFoundException(userNotFoundMessage(str));
            }
            GeoServerUser geoServerUser = new GeoServerUser(str);
            geoServerUser.setAuthorities(extractRoles(str2));
            return geoServerUser;
        } catch (IOException e) {
            throw new UsernameNotFoundException(userNotFoundMessage(str), e);
        }
    }

    private Set<? extends GrantedAuthority> extractRoles(String str) throws IOException {
        HashSet hashSet = new HashSet();
        Matcher matcher = this.searchRolesRegex.matcher(str);
        if (matcher.find()) {
            for (int i = 1; i <= matcher.groupCount(); i++) {
                for (String str2 : matcher.group(i).split(",")) {
                    hashSet.add(createAuthorityObject(str2.trim()));
                }
            }
        }
        if (hashSet.isEmpty()) {
            LOGGER.log(Level.WARNING, "Error in WebServiceAuthenticationKeyMapper, cannot find any Role in response adding anonymous role");
            hashSet.add(GeoServerRole.ANONYMOUS_ROLE);
        }
        RoleCalculator roleCalculator = new RoleCalculator(this, getDefaultSecurityService());
        if (roleCalculator != null) {
            TreeSet<GeoServerUserGroup> treeSet = new TreeSet();
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                treeSet.add(createGroupObject(((GrantedAuthority) it.next()).getAuthority(), true));
            }
            for (GeoServerUserGroup geoServerUserGroup : treeSet) {
                if (geoServerUserGroup.isEnabled()) {
                    for (GeoServerRole geoServerRole : roleCalculator.calculateRoles(geoServerUserGroup)) {
                        if (!hashSet.contains(geoServerRole)) {
                            hashSet.add(geoServerRole);
                        }
                    }
                }
            }
        }
        if (!hashSet.isEmpty()) {
            Iterator it2 = hashSet.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                GrantedAuthority grantedAuthority = (GrantedAuthority) it2.next();
                if (!grantedAuthority.equals(GeoServerRole.ADMIN_ROLE) && !grantedAuthority.equals(GeoServerRole.GROUP_ADMIN_ROLE) && !grantedAuthority.getAuthority().equals(DEFAULT_LOCAL_ADMIN_ROLE) && !grantedAuthority.getAuthority().equals(DEFAULT_LOCAL_GROUP_ADMIN_ROLE)) {
                    if (hashSet.size() > 1 && grantedAuthority.equals(GeoServerRole.ANONYMOUS_ROLE)) {
                        hashSet.remove(grantedAuthority);
                        break;
                    }
                } else {
                    break;
                }
            }
        }
        return Collections.unmodifiableSet(hashSet);
    }

    protected String userNotFoundMessage(String str) {
        return "User  " + str + " not found in usergroupservice: " + getName();
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        return loadUserByUsername(str, WebServiceAuthenticationKeyMapper.RECORDED_RESPONSE.get());
    }

    public GeoServerUserGroup getGroupByGroupname(String str) throws IOException {
        for (GeoServerUserGroup geoServerUserGroup : this.availableGroups) {
            if (geoServerUserGroup.getGroupname().equalsIgnoreCase(str)) {
                return geoServerUserGroup;
            }
        }
        return new GeoServerUserGroup(this.convertToUpperCase ? str.trim().toUpperCase() : str.trim());
    }

    public GeoServerUser getUserByUsername(String str) throws IOException {
        return null;
    }

    public GeoServerUser createUserObject(String str, String str2, boolean z) throws IOException {
        return null;
    }

    public GeoServerUserGroup createGroupObject(String str, boolean z) throws IOException {
        String upperCase = this.convertToUpperCase ? str.trim().toUpperCase() : str.trim();
        if (!upperCase.contains(groupPrefix)) {
            upperCase = upperCase.equals(GeoServerRole.ADMIN_ROLE.getAuthority()) ? GeoServerRole.GROUP_ADMIN_ROLE.getAuthority().substring(rolePrefix.length()) : "GROUP_" + upperCase.substring(rolePrefix.length());
        }
        GeoServerUserGroup geoServerUserGroup = new GeoServerUserGroup(upperCase);
        geoServerUserGroup.setEnabled(z);
        return geoServerUserGroup;
    }

    protected GrantedAuthority createAuthorityObject(String str) throws IOException {
        return new GeoServerRole("ROLE_" + (this.convertToUpperCase ? str.toUpperCase() : str));
    }

    public SortedSet<GeoServerUser> getUsers() throws IOException {
        return emptyUserSet;
    }

    public SortedSet<GeoServerUserGroup> getUserGroups() throws IOException {
        return this.availableGroups;
    }

    public SortedSet<GeoServerUser> getUsersForGroup(GeoServerUserGroup geoServerUserGroup) throws IOException {
        return emptyUserSet;
    }

    public SortedSet<GeoServerUserGroup> getGroupsForUser(GeoServerUser geoServerUser) throws IOException {
        TreeSet treeSet = new TreeSet();
        if (geoServerUser.getAuthorities() != null) {
            Iterator it = geoServerUser.getAuthorities().iterator();
            while (it.hasNext()) {
                treeSet.add(createGroupObject(((GrantedAuthority) it.next()).getAuthority(), true));
            }
        }
        return Collections.unmodifiableSortedSet(treeSet);
    }

    public String getPasswordEncoderName() {
        return this.passwordEncoderName;
    }

    public String getPasswordValidatorName() {
        return this.passwordValidatorName;
    }

    public String getRoleServiceName() {
        return this.roleServiceName;
    }

    public void setRoleServiceName(String str) {
        this.roleServiceName = str;
    }

    /* JADX WARN: Code restructure failed: missing block: B:16:0x003c, code lost:
    
        r4.defaultSecurityService = r4.securityManager.loadRoleService(r4.roleServiceName);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.geoserver.security.GeoServerRoleService getDefaultSecurityService() {
        /*
            r4 = this;
            r0 = r4
            org.geoserver.security.GeoServerRoleService r0 = r0.defaultSecurityService
            if (r0 != 0) goto L6c
            r0 = r4
            java.lang.String r0 = r0.roleServiceName
            boolean r0 = org.springframework.util.StringUtils.hasLength(r0)
            if (r0 == 0) goto L5a
            r0 = r4
            org.geoserver.security.GeoServerSecurityManager r0 = r0.securityManager     // Catch: java.io.IOException -> L54
            java.util.SortedSet r0 = r0.listRoleServices()     // Catch: java.io.IOException -> L54
            java.util.Iterator r0 = r0.iterator()     // Catch: java.io.IOException -> L54
            r5 = r0
        L1e:
            r0 = r5
            boolean r0 = r0.hasNext()     // Catch: java.io.IOException -> L54
            if (r0 == 0) goto L51
            r0 = r5
            java.lang.Object r0 = r0.next()     // Catch: java.io.IOException -> L54
            java.lang.String r0 = (java.lang.String) r0     // Catch: java.io.IOException -> L54
            r6 = r0
            r0 = r6
            r1 = r4
            java.lang.String r1 = r1.roleServiceName     // Catch: java.io.IOException -> L54
            boolean r0 = r0.equals(r1)     // Catch: java.io.IOException -> L54
            if (r0 == 0) goto L4e
            r0 = r4
            r1 = r4
            org.geoserver.security.GeoServerSecurityManager r1 = r1.securityManager     // Catch: java.io.IOException -> L54
            r2 = r4
            java.lang.String r2 = r2.roleServiceName     // Catch: java.io.IOException -> L54
            org.geoserver.security.GeoServerRoleService r1 = r1.loadRoleService(r2)     // Catch: java.io.IOException -> L54
            r0.defaultSecurityService = r1     // Catch: java.io.IOException -> L54
            goto L51
        L4e:
            goto L1e
        L51:
            goto L5a
        L54:
            r5 = move-exception
            r0 = r4
            r1 = 0
            r0.defaultSecurityService = r1
        L5a:
            r0 = r4
            org.geoserver.security.GeoServerRoleService r0 = r0.defaultSecurityService
            if (r0 != 0) goto L6c
            r0 = r4
            r1 = r4
            org.geoserver.security.GeoServerSecurityManager r1 = r1.securityManager
            org.geoserver.security.GeoServerRoleService r1 = r1.getActiveRoleService()
            r0.defaultSecurityService = r1
        L6c:
            r0 = r4
            org.geoserver.security.GeoServerRoleService r0 = r0.defaultSecurityService
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.geoserver.security.WebServiceBodyResponseUserGroupService.getDefaultSecurityService():org.geoserver.security.GeoServerRoleService");
    }

    public void setDefaultSecurityService(GeoServerRoleService geoServerRoleService) {
        this.defaultSecurityService = geoServerRoleService;
    }

    public int getUserCount() throws IOException {
        return 0;
    }

    public int getGroupCount() throws IOException {
        return this.availableGroups.size();
    }

    public SortedSet<GeoServerUser> getUsersHavingProperty(String str) throws IOException {
        return emptyUserSet;
    }

    public int getUserCountHavingProperty(String str) throws IOException {
        return 0;
    }

    public SortedSet<GeoServerUser> getUsersNotHavingProperty(String str) throws IOException {
        return emptyUserSet;
    }

    public int getUserCountNotHavingProperty(String str) throws IOException {
        return 0;
    }

    public SortedSet<GeoServerUser> getUsersHavingPropertyValue(String str, String str2) throws IOException {
        return emptyUserSet;
    }

    public int getUserCountHavingPropertyValue(String str, String str2) throws IOException {
        return 0;
    }
}
