package de.mhus.karaf.commands.impl;

import de.mhus.lib.core.M;
import de.mhus.lib.core.MApi;
import de.mhus.lib.core.console.Console;
import de.mhus.lib.core.shiro.AccessApi;
import de.mhus.lib.core.shiro.AccessUtil;
import de.mhus.lib.core.shiro.SubjectEnvironment;
import de.mhus.osgi.api.karaf.AbstractCmd;
import de.mhus.osgi.api.karaf.CmdInterceptor;
import de.mhus.osgi.api.karaf.CmdInterceptorUtil;
import java.util.Locale;
import org.apache.karaf.shell.api.action.Argument;
import org.apache.karaf.shell.api.action.Command;
import org.apache.karaf.shell.api.action.lifecycle.Reference;
import org.apache.karaf.shell.api.action.lifecycle.Service;
import org.apache.karaf.shell.api.console.Session;
import org.apache.shiro.subject.Subject;

@Service
@Command(scope = "mhus", name = "access", description = "Access Control")
/* loaded from: input_file:de/mhus/karaf/commands/impl/CmdAccess.class */
public class CmdAccess extends AbstractCmd {

    @Reference
    Session session;

    @Argument(index = 0, name = "cmd", required = true, description = "Command to execute\n  admin - try to login as admin\n  login <user> [password]\n  logout\n  id - print current id\n  subject - print current subject and session information\n  restart - restart engine", multiValued = false)
    String cmd;

    @Argument(index = 1, name = "paramteters", required = false, description = "Parameters", multiValued = true)
    String[] parameters;

    /* loaded from: input_file:de/mhus/karaf/commands/impl/CmdAccess$AaaInterceptor.class */
    private static class AaaInterceptor implements CmdInterceptor {
        private Subject subject;
        private SubjectEnvironment env;

        public AaaInterceptor(Subject subject) {
            this.subject = subject;
        }

        public void onCmdStart(Session session) {
            if (this.subject != null) {
                this.env = AccessUtil.useSubject(this.subject);
            }
        }

        public void onCmdEnd(Session session) {
            if (this.env != null) {
                this.env.close();
            }
            this.env = null;
        }
    }

    public Object execute2() throws Exception {
        if (this.cmd.equals("restart")) {
            ((AccessApi) M.l(AccessApi.class)).restart();
            System.out.println("OK");
            return null;
        }
        if (this.cmd.equals("admin")) {
            String cfgString = MApi.get().getCfgString(AccessApi.class, "adminPassword", "secret");
            Subject createSubject = ((AccessApi) M.l(AccessApi.class)).createSubject();
            AccessUtil.login(createSubject, "admin", cfgString, true, Locale.getDefault());
            CmdInterceptorUtil.setInterceptor(this.session, new AaaInterceptor(createSubject));
            System.out.println("OK");
            return null;
        }
        if (this.cmd.equals("logout")) {
            CmdInterceptorUtil.removeInterceptor(this.session, AaaInterceptor.class);
            System.out.println("OK");
            return null;
        }
        if (this.cmd.equals("login")) {
            String str = this.parameters[0];
            String readPassword = this.parameters.length > 1 ? this.parameters[1] : Console.get().readPassword();
            Subject createSubject2 = ((AccessApi) M.l(AccessApi.class)).createSubject();
            AccessUtil.login(createSubject2, str, readPassword, true, Locale.getDefault());
            CmdInterceptorUtil.setInterceptor(this.session, new AaaInterceptor(createSubject2));
            System.out.println("OK");
            return null;
        }
        if (this.cmd.equals("id")) {
            System.out.println(AccessUtil.getPrincipal());
            return null;
        }
        if (!this.cmd.equals("subject")) {
            return null;
        }
        Subject subject = AccessUtil.getSubject();
        System.out.println("Subject: " + subject);
        System.out.println("Principal: " + String.valueOf(subject.getPrincipal()));
        System.out.println("Authenticated: " + subject.isAuthenticated());
        System.out.println("Session: " + subject.getSession(false));
        return null;
    }
}
