package org.fcrepo.server.security;

import java.io.File;
import java.io.FileOutputStream;
import java.io.PrintStream;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import org.fcrepo.common.PID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/fcrepo-server-3.5.jar:org/fcrepo/server/security/BackendPolicies.class */
public class BackendPolicies {
    private static final Logger logger = LoggerFactory.getLogger(BackendPolicies.class);
    public static final String FEDORA_INTERNAL_CALL = "fedoraInternalCall-1";
    public static final String BACKEND_SERVICE_CALL_UNSECURE = "fedoraInternalCall-2";
    private String inFilePath;
    private String outFilePath;
    private BackendSecuritySpec backendSecuritySpec;

    public BackendPolicies(String str, String str2) {
        this.inFilePath = null;
        this.outFilePath = null;
        this.backendSecuritySpec = null;
        this.inFilePath = str;
        this.outFilePath = str2;
    }

    public BackendPolicies(String str) {
        this(str, null);
    }

    public Hashtable generateBackendPolicies() throws Exception {
        logger.debug("in BackendPolicies.generateBackendPolicies() 1");
        Hashtable hashtable = null;
        if (this.inFilePath.endsWith(".xml")) {
            logger.debug("in BackendPolicies.generateBackendPolicies() .xml 1");
            BackendSecurityDeserializer backendSecurityDeserializer = new BackendSecurityDeserializer("UTF-8", false);
            logger.debug("in BackendPolicies.generateBackendPolicies() .xml 2");
            this.backendSecuritySpec = backendSecurityDeserializer.deserialize(this.inFilePath);
            logger.debug("in BackendPolicies.generateBackendPolicies() .xml 3");
            hashtable = writePolicies();
            logger.debug("in BackendPolicies.generateBackendPolicies() .xml 4");
        }
        return hashtable;
    }

    private static final String[] parseForSlash(String str) throws Exception {
        int lastIndexOf = str.lastIndexOf("/");
        if (lastIndexOf + 1 == str.length()) {
            throw new Exception("BackendPolicies.newWritePolicies() can't handle key ending with '/'");
        }
        if (lastIndexOf != str.indexOf("/")) {
            throw new Exception("BackendPolicies.newWritePolicies() can't handle key containing multiple instances of '/'");
        }
        return (-1 >= lastIndexOf || lastIndexOf >= str.length()) ? new String[]{str} : str.split("/");
    }

    private static final String getExcludedRolesText(String str, Set set) {
        StringBuffer stringBuffer = new StringBuffer();
        if ("default".equals(str) && set.size() > 1) {
            stringBuffer.append("\t\t<ExcludedRoles>\n");
            Iterator it = set.iterator();
            while (it.hasNext()) {
                logger.debug("in BackendPolicies.newWritePolicies() another inner it");
                String str2 = (String) it.next();
                if (!"default".equals(str2)) {
                    logger.debug("in BackendPolicies.newWritePolicies() excludedRole=" + str2);
                    stringBuffer.append("\t\t\t<ExcludedRole>");
                    stringBuffer.append(str2);
                    stringBuffer.append("</ExcludedRole>\n");
                }
            }
            stringBuffer.append("\t\t</ExcludedRoles>\n");
        }
        return stringBuffer.toString();
    }

    private static final String writeRules(String str, String str2, String str3, String str4, Set set) throws Exception {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("\t<Rule RuleId=\"1\" Effect=\"Permit\">\n");
        stringBuffer.append(getExcludedRolesText(str4, set));
        if ("true".equals(str)) {
            stringBuffer.append("\t\t<AuthnRequired/>\n");
        }
        if ("true".equals(str2)) {
            stringBuffer.append("\t\t<SslRequired/>\n");
        }
        logger.debug("DEBUGGING IPREGEX0 [" + str3 + "]");
        String[] strArr = new String[0];
        if (str3 != null && !"".equals(str3.trim())) {
            strArr = str3.trim().split("\\s");
        }
        logger.debug("DEBUGGING IPREGEX1 [" + str3.trim() + "]");
        if (strArr.length != 0) {
            stringBuffer.append("\t\t<IpRegexes>\n");
            for (String str5 : strArr) {
                logger.debug("DEBUGGING IPREGEX2 " + str5);
                stringBuffer.append("\t\t\t<IpRegex>");
                stringBuffer.append(str5);
                stringBuffer.append("</IpRegex>\n");
            }
            stringBuffer.append("\t\t</IpRegexes>\n");
        }
        stringBuffer.append("\t</Rule>\n");
        if ("true".equals(str) || "true".equals(str2) || strArr.length != 0) {
            stringBuffer.append("\t<Rule RuleId=\"2\" Effect=\"Deny\">\n");
            stringBuffer.append(getExcludedRolesText(str4, set));
            stringBuffer.append("\t</Rule>\n");
        }
        return stringBuffer.toString();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:5:0x0047. Please report as an issue. */
    private Hashtable writePolicies() throws Exception {
        logger.debug("in BackendPolicies.newWritePolicies() 1");
        Hashtable hashtable = new Hashtable();
        for (String str : this.backendSecuritySpec.listRoleKeys()) {
            String[] parseForSlash = parseForSlash(str);
            String str2 = "";
            switch (parseForSlash.length) {
                case 2:
                    str2 = "-method-" + parseForSlash[1];
                case 1:
                    String str3 = -1 == parseForSlash[0].indexOf(":") ? "callback-by:" + parseForSlash[0] : "callback-by-sdep-" + parseForSlash[0];
                    if ("".equals(str2) && !"default".equals(parseForSlash[0])) {
                        str2 = "-other-methods";
                    }
                    StringBuffer stringBuffer = new StringBuffer();
                    logger.debug("in BackendPolicies.newWritePolicies() another outer it, key={}", str);
                    Hashtable<String, String> securitySpec = this.backendSecuritySpec.getSecuritySpec(str);
                    logger.debug("in BackendPolicies.newWritePolicies() properties.size()=" + securitySpec.size());
                    logger.debug("in BackendPolicies.newWritePolicies() properties.get(BackendSecurityDeserializer.ROLE)=" + ((Object) securitySpec.get("role")));
                    String str4 = securitySpec.get(BackendSecurityDeserializer.CALLBACK_BASIC_AUTH);
                    if (str4 == null) {
                        str4 = "false";
                    }
                    logger.debug("in BackendPolicies.newWritePolicies() CallbackBasicAuth=" + str4);
                    String str5 = securitySpec.get(BackendSecurityDeserializer.CALLBACK_SSL);
                    if (str5 == null) {
                        str5 = "false";
                    }
                    String str6 = securitySpec.get(BackendSecurityDeserializer.IPLIST);
                    if (str6 == null) {
                        str6 = "";
                    }
                    logger.debug("in BackendPolicies.newWritePolicies() coarseIplist=" + str6);
                    String str7 = "generated_for_" + str.replace(':', '-');
                    logger.debug("in BackendPolicies.newWritePolicies() id=" + str7);
                    logger.debug("in BackendPolicies.newWritePolicies() " + str3 + " " + str2);
                    String str8 = str3 + str2;
                    logger.debug("in BackendPolicies.newWritePolicies() " + str8);
                    PID pid = new PID(str8);
                    logger.debug("in BackendPolicies.newWritePolicies() got PID " + pid);
                    String filename = pid.toFilename();
                    logger.debug("in BackendPolicies.newWritePolicies() filename=" + filename);
                    stringBuffer.append("<Policy xmlns=\"urn:oasis:names:tc:xacml:1.0:policy\" PolicyId=\"" + str7 + "\">\n");
                    stringBuffer.append("\t<Description>this policy is machine-generated at each Fedora server startup.  edit beSecurity.xml to change this policy.</Description>\n");
                    stringBuffer.append("\t<Target>\n");
                    stringBuffer.append("\t\t<Subjects>\n");
                    if ("default".equals(str)) {
                        stringBuffer.append("\t\t\t<AnySubject/>\n");
                    } else {
                        stringBuffer.append("\t\t\t<Subject>\n");
                        stringBuffer.append("\t\t\t\t<SubjectMatch>\n");
                        stringBuffer.append("\t\t\t\t\t<AttributeValue>" + str + "</AttributeValue>\n");
                        stringBuffer.append("\t\t\t\t</SubjectMatch>\n");
                        stringBuffer.append("\t\t\t</Subject>\n");
                    }
                    stringBuffer.append("\t\t</Subjects>\n");
                    stringBuffer.append("\t</Target>\n");
                    stringBuffer.append(writeRules(str4, str5, str6, str, this.backendSecuritySpec.listRoleKeys()));
                    stringBuffer.append("</Policy>\n");
                    logger.debug("\ndumping policy\n" + ((Object) stringBuffer) + "\n");
                    File createTempFile = this.outFilePath == null ? File.createTempFile(filename, ".xml") : new File(this.outFilePath + File.separator + filename + ".xml");
                    hashtable.put(filename + ".xml", createTempFile.getAbsolutePath());
                    PrintStream printStream = new PrintStream(new FileOutputStream(createTempFile));
                    printStream.println(stringBuffer);
                    printStream.close();
                    break;
                default:
                    throw new Exception("BackendPolicies.newWritePolicies() didn't correctly parse key " + str);
            }
        }
        logger.debug("finished writing temp files");
        return hashtable;
    }

    public static void main(String[] strArr) throws Exception {
        new BackendPolicies(strArr[0], strArr[1]).generateBackendPolicies();
    }
}
