package org.geonode.security;

import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.util.logging.Level;
import org.apache.commons.dbcp.BasicDataSource;
import org.geonode.security.GeoNodeSecurityClient;
import org.geoserver.platform.GeoServerExtensions;
import org.geoserver.security.GeoServerSecurityFilterChain;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.GeoServerSecurityProvider;
import org.geoserver.security.config.SecurityManagerConfig;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.validation.SecurityConfigException;
import org.geotools.util.logging.Logging;
import org.vfny.geoserver.global.GeoserverDataDirectory;

/* loaded from: input_file:WEB-INF/classes/org/geonode/security/GeoNodeSecurityProvider.class */
public class GeoNodeSecurityProvider extends GeoServerSecurityProvider implements GeoNodeSecurityClient.Provider {
    private GeoNodeSecurityClient client;

    @Override // org.geoserver.security.GeoServerSecurityProvider
    public Class<GeoNodeAuthenticationProvider> getAuthenticationProviderClass() {
        return GeoNodeAuthenticationProvider.class;
    }

    @Override // org.geoserver.security.GeoServerSecurityProvider
    public GeoNodeAuthenticationProvider createAuthenticationProvider(SecurityNamedServiceConfig securityNamedServiceConfig) {
        this.client = configuredClient(((GeoNodeAuthProviderConfig) securityNamedServiceConfig).getBaseUrl());
        return new GeoNodeAuthenticationProvider(this.client);
    }

    @Override // org.geoserver.security.GeoServerSecurityProvider
    public Class<GeoNodeCookieProcessingFilter> getFilterClass() {
        return GeoNodeCookieProcessingFilter.class;
    }

    @Override // org.geoserver.security.GeoServerSecurityProvider
    public GeoNodeCookieProcessingFilter createFilter(SecurityNamedServiceConfig securityNamedServiceConfig) {
        return new GeoNodeCookieProcessingFilter();
    }

    @Override // org.geonode.security.GeoNodeSecurityClient.Provider
    public GeoNodeSecurityClient getSecurityClient() {
        return this.client;
    }

    protected GeoNodeSecurityClient configuredClient(String str) {
        GeoNodeSecurityClient databaseSecurityClient;
        HTTPClient hTTPClient = new HTTPClient(10, 1000, 1000);
        String property = GeoServerExtensions.getProperty("org.geonode.security.databaseSecurityClient.url");
        Object obj = "default";
        if (property == null) {
            databaseSecurityClient = new DefaultSecurityClient(str, hTTPClient);
        } else {
            obj = "database";
            BasicDataSource basicDataSource = new BasicDataSource();
            basicDataSource.setDriverClassName("org.postgresql.Driver");
            basicDataSource.setUrl(property);
            databaseSecurityClient = new DatabaseSecurityClient(basicDataSource, str, hTTPClient);
        }
        Logging.getLogger(getClass()).log(Level.INFO, "using geonode {0} security client", obj);
        return databaseSecurityClient;
    }

    @Override // org.geoserver.security.GeoServerSecurityProvider
    public void init(GeoServerSecurityManager geoServerSecurityManager) {
        try {
            File geonodeCookie = geonodeCookie();
            if (!geonodeCookie.exists()) {
                configureGeoNodeSecurity(geoServerSecurityManager);
                writeCookie(geonodeCookie);
            }
        } catch (Exception e) {
            throw new RuntimeException("Failed to initialize GeoNode settings", e);
        }
    }

    private static File geonodeCookie() throws IOException {
        return new File(GeoserverDataDirectory.accessor().findOrCreateDir("geonode"), "geonode_initialized");
    }

    private static void writeCookie(File file) throws IOException {
        FileWriter fileWriter = new FileWriter(file);
        fileWriter.write("This file was created to flag that the GeoNode extensions have been configured in this server.");
        fileWriter.write("If you delete it, the GeoNode settings will be applied again the next time you restart GeoServer.");
        fileWriter.close();
    }

    private static void configureGeoNodeSecurity(GeoServerSecurityManager geoServerSecurityManager) throws Exception {
        addServices(geoServerSecurityManager);
        configureChains(geoServerSecurityManager);
    }

    private static void addServices(GeoServerSecurityManager geoServerSecurityManager) throws IOException, SecurityConfigException {
        GeoNodeAuthProviderConfig geoNodeAuthProviderConfig = new GeoNodeAuthProviderConfig();
        geoNodeAuthProviderConfig.setName("geonodeAuthProvider");
        geoNodeAuthProviderConfig.setClassName(GeoNodeAuthenticationProvider.class.getCanonicalName());
        geoNodeAuthProviderConfig.setBaseUrl("http://localhost/");
        geoServerSecurityManager.saveAuthenticationProvider(geoNodeAuthProviderConfig);
        SecurityNamedServiceConfig geoNodeAuthFilterConfig = new GeoNodeAuthFilterConfig();
        geoNodeAuthFilterConfig.setName("geonodeCookieFilter");
        geoNodeAuthFilterConfig.setClassName(GeoNodeCookieProcessingFilter.class.getCanonicalName());
        geoServerSecurityManager.saveFilter(geoNodeAuthFilterConfig);
        SecurityNamedServiceConfig geoNodeAnonymousAuthFilterConfig = new GeoNodeAnonymousAuthFilterConfig();
        geoNodeAnonymousAuthFilterConfig.setName("geonodeAnonymousFilter");
        geoNodeAnonymousAuthFilterConfig.setClassName(GeoNodeAnonymousProcessingFilter.class.getCanonicalName());
        geoServerSecurityManager.saveFilter(geoNodeAnonymousAuthFilterConfig);
    }

    private static void configureChains(GeoServerSecurityManager geoServerSecurityManager) throws Exception {
        SecurityManagerConfig securityConfig = geoServerSecurityManager.getSecurityConfig();
        securityConfig.getAuthProviderNames().add(0, "geonodeAuthProvider");
        GeoServerSecurityFilterChain filterChain = securityConfig.getFilterChain();
        for (String str : new String[]{GeoServerSecurityFilterChain.WEB_CHAIN, GeoServerSecurityFilterChain.REST_CHAIN, GeoServerSecurityFilterChain.GWC_WEB_CHAIN, GeoServerSecurityFilterChain.GWC_REST_CHAIN, GeoServerSecurityFilterChain.DEFAULT_CHAIN}) {
            filterChain.insertFirst(str, "geonodeCookieFilter");
        }
        filterChain.insertBefore(GeoServerSecurityFilterChain.DEFAULT_CHAIN, "geonodeAnonymousFilter", "anonymous");
        geoServerSecurityManager.saveSecurityConfig(securityConfig);
    }
}
