package org.geoserver.security.impl;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.geoserver.config.GeoServer;
import org.geoserver.config.GeoServerInfo;
import org.geoserver.platform.GeoServerExtensions;
import org.geoserver.platform.GeoServerResourceLoader;
import org.geoserver.platform.resource.Resource;
import org.geoserver.security.PropertyFileWatcher;
import org.geotools.util.logging.Logging;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.DataAccessResourceFailureException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.core.userdetails.memory.UserAttribute;
import org.springframework.security.core.userdetails.memory.UserAttributeEditor;

/* loaded from: input_file:WEB-INF/lib/gs-main-2.25.3-georchestra.jar:org/geoserver/security/impl/GeoServerUserDao.class */
public class GeoServerUserDao implements UserDetailsService {
    static Logger LOGGER = Logging.getLogger("org.geoserver.security");
    TreeMap<String, User> userMap;
    PropertyFileWatcher userDefinitionsFile;

    public static GeoServerUserDao get() {
        return (GeoServerUserDao) GeoServerExtensions.bean(GeoServerUserDao.class);
    }

    @Override // org.springframework.security.core.userdetails.UserDetailsService
    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException, DataAccessException {
        checkUserMap();
        User user = this.userMap.get(str);
        if (user == null) {
            throw new UsernameNotFoundException("Could not find user: " + str);
        }
        return user;
    }

    void checkUserMap() throws DataAccessResourceFailureException {
        try {
            if (this.userMap == null || this.userDefinitionsFile == null || this.userDefinitionsFile.isStale()) {
                if (this.userDefinitionsFile == null) {
                    this.userDefinitionsFile = new PropertyFileWatcher(findUserProperties());
                }
                this.userMap = loadUsersFromProperties(this.userDefinitionsFile.getProperties());
            }
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "An error occurred loading user definitions", (Throwable) e);
        }
    }

    private Resource findUserProperties() throws IOException {
        GeoServerResourceLoader geoServerResourceLoader = (GeoServerResourceLoader) GeoServerExtensions.bean(GeoServerResourceLoader.class);
        Resource resource = geoServerResourceLoader.get("security/users.properties");
        if (resource.getType() != Resource.Type.RESOURCE) {
            throw new FileNotFoundException("Unable to find security/users.properties");
        }
        Properties properties = new Properties();
        GeoServerInfo global = ((GeoServer) GeoServerExtensions.bean(GeoServer.class)).getGlobal();
        if (global == null || global.getAdminUsername() == null || global.getAdminUsername().trim().equals("")) {
            properties.put(GeoServerUser.ADMIN_USERNAME, "geoserver,ROLE_ADMINISTRATOR");
        } else {
            properties.put(global.getAdminUsername(), global.getAdminPassword() + ",ROLE_ADMINISTRATOR");
        }
        OutputStream out = resource.out();
        try {
            properties.store(out, "Format: name=password,ROLE1,...,ROLEN");
            if (out != null) {
                out.close();
            }
            Resource resource2 = geoServerResourceLoader.get("security/service.properties");
            InputStream resourceAsStream = GeoServerUserDao.class.getResourceAsStream("serviceTemplate.properties");
            try {
                OutputStream out2 = resource2.out();
                try {
                    byte[] bArr = new byte[1024];
                    while (true) {
                        int read = resourceAsStream.read(bArr);
                        if (read <= 0) {
                            break;
                        }
                        out2.write(bArr, 0, read);
                    }
                    if (out2 != null) {
                        out2.close();
                    }
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                    return resource;
                } catch (Throwable th) {
                    if (out2 != null) {
                        try {
                            out2.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Throwable th3) {
                if (resourceAsStream != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        } catch (Throwable th5) {
            if (out != null) {
                try {
                    out.close();
                } catch (Throwable th6) {
                    th5.addSuppressed(th6);
                }
            }
            throw th5;
        }
    }

    public List<String> getRoles() {
        checkUserMap();
        TreeSet treeSet = new TreeSet();
        treeSet.add("ROLE_ADMINISTRATOR");
        Iterator<User> it2 = getUsers().iterator();
        while (it2.hasNext()) {
            Iterator<GrantedAuthority> it3 = it2.next().getAuthorities().iterator();
            while (it3.hasNext()) {
                treeSet.add(it3.next().getAuthority());
            }
        }
        return new ArrayList(treeSet);
    }

    public List<User> getUsers() {
        checkUserMap();
        return new ArrayList(this.userMap.values());
    }

    public void putUser(User user) {
        checkUserMap();
        if (this.userMap.containsKey(user.getUsername())) {
            throw new IllegalArgumentException("The user " + user.getUsername() + " already exists");
        }
        this.userMap.put(user.getUsername(), user);
    }

    public void setUser(User user) {
        checkUserMap();
        if (!this.userMap.containsKey(user.getUsername())) {
            throw new IllegalArgumentException("The user " + user.getUsername() + " already exists");
        }
        this.userMap.put(user.getUsername(), user);
    }

    public boolean removeUser(String str) {
        checkUserMap();
        return this.userMap.remove(str) != null;
    }

    public void storeUsers() throws IOException {
        Properties storeUsersToProperties = storeUsersToProperties(this.userMap);
        try {
            OutputStream out = this.userDefinitionsFile.getResource().out();
            try {
                storeUsersToProperties.store(out, (String) null);
                if (out != null) {
                    out.close();
                }
            } finally {
            }
        } catch (Exception e) {
            if (!(e instanceof IOException)) {
                throw ((IOException) new IOException("Could not write updated users list to file system").initCause(e));
            }
            throw ((IOException) e);
        }
    }

    public void reload() {
        this.userDefinitionsFile = null;
    }

    TreeMap<String, User> loadUsersFromProperties(Properties properties) {
        TreeMap<String, User> treeMap = new TreeMap<>();
        UserAttributeEditor userAttributeEditor = new UserAttributeEditor();
        for (String str : properties.keySet()) {
            userAttributeEditor.setAsText(properties.getProperty(str));
            UserAttribute userAttribute = (UserAttribute) userAttributeEditor.getValue();
            if (userAttribute != null) {
                treeMap.put(str, createUserObject(str, userAttribute.getPassword(), userAttribute.isEnabled(), userAttribute.getAuthorities()));
            }
        }
        return treeMap;
    }

    protected User createUserObject(String str, String str2, boolean z, List<GrantedAuthority> list) {
        return new User(str, str2, z, true, true, true, list);
    }

    Properties storeUsersToProperties(Map<String, User> map) {
        Properties properties = new Properties();
        for (User user : map.values()) {
            properties.setProperty(user.getUsername(), serializeUser(user));
        }
        return properties;
    }

    String serializeUser(User user) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(user.getPassword());
        stringBuffer.append(",");
        Iterator<GrantedAuthority> it2 = user.getAuthorities().iterator();
        while (it2.hasNext()) {
            stringBuffer.append(it2.next().getAuthority());
            stringBuffer.append(",");
        }
        stringBuffer.append(user.isEnabled() ? "enabled" : "disabled");
        return stringBuffer.toString();
    }
}
