package org.geoserver.security.xml;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Properties;
import java.util.SortedSet;
import java.util.TreeSet;
import java.util.logging.Logger;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.geoserver.security.GeoServerUserGroupStore;
import org.geoserver.security.KeyStoreProvider;
import org.geoserver.security.config.FileBasedSecurityServiceConfig;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.config.SecurityUserGroupServiceConfig;
import org.geoserver.security.impl.AbstractUserGroupService;
import org.geoserver.security.impl.GeoServerUser;
import org.geoserver.security.impl.GeoServerUserGroup;
import org.geoserver.security.impl.Util;
import org.geoserver.security.password.GeoServerPasswordEncoder;
import org.geoserver.security.password.PasswordEncodingType;
import org.geotools.util.logging.Logging;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:WEB-INF/lib/main-2.4-SNAPSHOT.jar:org/geoserver/security/xml/XMLUserGroupService.class */
public class XMLUserGroupService extends AbstractUserGroupService {
    static Logger LOGGER = Logging.getLogger("org.geoserver.security.xml");
    protected DocumentBuilder builder;
    protected File userFile;
    private boolean validatingXMLSchema = true;

    public XMLUserGroupService() throws IOException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        newInstance.setIgnoringComments(true);
        try {
            this.builder = newInstance.newDocumentBuilder();
        } catch (ParserConfigurationException e) {
            throw new IOException(e);
        }
    }

    @Override // org.geoserver.security.impl.AbstractGeoServerSecurityService, org.geoserver.security.GeoServerSecurityService
    public void initializeFromConfig(SecurityNamedServiceConfig securityNamedServiceConfig) throws IOException {
        this.name = securityNamedServiceConfig.getName();
        this.validatingXMLSchema = false;
        this.passwordEncoderName = ((SecurityUserGroupServiceConfig) securityNamedServiceConfig).getPasswordEncoderName();
        this.passwordValidatorName = ((SecurityUserGroupServiceConfig) securityNamedServiceConfig).getPasswordPolicyName();
        GeoServerPasswordEncoder loadPasswordEncoder = getSecurityManager().loadPasswordEncoder(this.passwordEncoderName);
        if (loadPasswordEncoder.getEncodingType() == PasswordEncodingType.ENCRYPT) {
            KeyStoreProvider keyStoreProvider = getSecurityManager().getKeyStoreProvider();
            if (!keyStoreProvider.containsAlias(keyStoreProvider.aliasForGroupService(this.name))) {
                keyStoreProvider.setUserGroupKey(this.name, getSecurityManager().getRandomPassworddProvider().getRandomPasswordWithDefaultLength());
                keyStoreProvider.storeKeyStore();
            }
        }
        loadPasswordEncoder.initializeFor(this);
        if (securityNamedServiceConfig instanceof XMLSecurityServiceConfig) {
            this.validatingXMLSchema = ((XMLSecurityServiceConfig) securityNamedServiceConfig).isValidating();
            File file = new File(getConfigRoot(), XMLConstants.FILE_UR_SCHEMA);
            if (!file.exists()) {
                FileUtils.copyURLToFile(getClass().getResource(XMLConstants.FILE_UR_SCHEMA), file);
            }
        }
        if (!(securityNamedServiceConfig instanceof FileBasedSecurityServiceConfig)) {
            throw new IOException("Cannot initialize from " + securityNamedServiceConfig.getClass().getName());
        }
        String fileName = ((FileBasedSecurityServiceConfig) securityNamedServiceConfig).getFileName();
        this.userFile = new File(fileName);
        if (!this.userFile.isAbsolute()) {
            this.userFile = new File(getConfigRoot(), fileName);
        }
        if (!this.userFile.exists()) {
            FileUtils.copyURLToFile(getClass().getResource("usersTemplate.xml"), this.userFile);
        }
        deserialize();
    }

    @Override // org.geoserver.security.impl.AbstractGeoServerSecurityService, org.geoserver.security.GeoServerSecurityService
    public boolean canCreateStore() {
        return true;
    }

    @Override // org.geoserver.security.impl.AbstractUserGroupService, org.geoserver.security.GeoServerUserGroupService
    public GeoServerUserGroupStore createStore() throws IOException {
        XMLUserGroupStore xMLUserGroupStore = new XMLUserGroupStore();
        xMLUserGroupStore.initializeFromService(this);
        return xMLUserGroupStore;
    }

    public boolean isValidatingXMLSchema() {
        return this.validatingXMLSchema;
    }

    public void setValidatingXMLSchema(boolean z) {
        this.validatingXMLSchema = z;
    }

    @Override // org.geoserver.security.impl.AbstractUserGroupService
    protected void deserialize() throws IOException {
        FileInputStream fileInputStream = null;
        try {
            try {
                try {
                    fileInputStream = new FileInputStream(this.userFile);
                    Document parse = this.builder.parse(fileInputStream);
                    IOUtils.closeQuietly((InputStream) fileInputStream);
                    if (isValidatingXMLSchema()) {
                        XMLValidator.Singleton.validateUserGroupRegistry(parse);
                    }
                    UserGroupXMLXpath userGroupXMLXpath = XMLXpathFactory.Singleton.getUserGroupXMLXpath(XMLXpathFactory.Singleton.getVersionExpressionUR().evaluate(parse));
                    clearMaps();
                    NodeList nodeList = (NodeList) userGroupXMLXpath.getUserListExpression().evaluate(parse, XPathConstants.NODESET);
                    for (int i = 0; i < nodeList.getLength(); i++) {
                        Node item = nodeList.item(i);
                        boolean convertToBoolean = Util.convertToBoolean(userGroupXMLXpath.getUserEnabledExpression().evaluate(item), true);
                        String evaluate = item.getAttributes().getNamedItem("password") != null ? userGroupXMLXpath.getUserPasswordExpression().evaluate(item) : null;
                        String evaluate2 = userGroupXMLXpath.getUserNameExpression().evaluate(item);
                        NodeList nodeList2 = (NodeList) userGroupXMLXpath.getUserPropertiesExpression().evaluate(item, XPathConstants.NODESET);
                        Properties properties = new Properties();
                        for (int i2 = 0; i2 < nodeList2.getLength(); i2++) {
                            Node item2 = nodeList2.item(i2);
                            properties.put(userGroupXMLXpath.getPropertyNameExpression().evaluate(item2), userGroupXMLXpath.getPropertyValueExpression().evaluate(item2));
                        }
                        GeoServerUser createUserObject = createUserObject(evaluate2, evaluate, convertToBoolean);
                        this.helper.userMap.put(createUserObject.getUsername(), createUserObject);
                        createUserObject.getProperties().clear();
                        for (Object obj : properties.keySet()) {
                            createUserObject.getProperties().put(obj, properties.get(obj));
                            SortedSet<GeoServerUser> sortedSet = this.helper.propertyMap.get(obj);
                            if (sortedSet == null) {
                                sortedSet = new TreeSet();
                                this.helper.propertyMap.put((String) obj, sortedSet);
                            }
                            sortedSet.add(createUserObject);
                        }
                    }
                    NodeList nodeList3 = (NodeList) userGroupXMLXpath.getGroupListExpression().evaluate(parse, XPathConstants.NODESET);
                    for (int i3 = 0; i3 < nodeList3.getLength(); i3++) {
                        Node item3 = nodeList3.item(i3);
                        String evaluate3 = userGroupXMLXpath.getGroupNameExpression().evaluate(item3);
                        GeoServerUserGroup createGroupObject = createGroupObject(evaluate3, Util.convertToBoolean(userGroupXMLXpath.getGroupEnabledExpression().evaluate(item3), true));
                        this.helper.groupMap.put(evaluate3, createGroupObject);
                        NodeList nodeList4 = (NodeList) userGroupXMLXpath.getGroupMemberListExpression().evaluate(item3, XPathConstants.NODESET);
                        for (int i4 = 0; i4 < nodeList4.getLength(); i4++) {
                            GeoServerUser geoServerUser = this.helper.userMap.get(userGroupXMLXpath.getGroupMemberNameExpression().evaluate(nodeList4.item(i4)));
                            SortedSet<GeoServerUser> sortedSet2 = this.helper.group_userMap.get(createGroupObject);
                            if (sortedSet2 == null) {
                                sortedSet2 = new TreeSet();
                                this.helper.group_userMap.put(createGroupObject, sortedSet2);
                            }
                            sortedSet2.add(geoServerUser);
                            SortedSet<GeoServerUserGroup> sortedSet3 = this.helper.user_groupMap.get(geoServerUser);
                            if (sortedSet3 == null) {
                                sortedSet3 = new TreeSet();
                                this.helper.user_groupMap.put(geoServerUser, sortedSet3);
                            }
                            sortedSet3.add(createGroupObject);
                        }
                    }
                } catch (SAXException e) {
                    throw new IOException(e);
                }
            } catch (Throwable th) {
                IOUtils.closeQuietly((InputStream) fileInputStream);
                throw th;
            }
        } catch (XPathExpressionException e2) {
            throw new IOException(e2);
        }
    }

    @Override // org.geoserver.security.impl.AbstractUserGroupService, org.geoserver.security.GeoServerUserGroupService
    public GeoServerUser createUserObject(String str, String str2, boolean z) throws IOException {
        XMLGeoserverUser xMLGeoserverUser = new XMLGeoserverUser(str);
        xMLGeoserverUser.setEnabled(z);
        xMLGeoserverUser.setPassword(str2);
        return xMLGeoserverUser;
    }
}
