package net.jxta.impl.access.simpleACL;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.logging.Level;
import java.util.logging.Logger;
import net.jxta.access.AccessService;
import net.jxta.credential.Credential;
import net.jxta.credential.PrivilegedOperation;
import net.jxta.document.Advertisement;
import net.jxta.document.Attributable;
import net.jxta.document.Attribute;
import net.jxta.document.Element;
import net.jxta.document.MimeMediaType;
import net.jxta.document.StructuredDocument;
import net.jxta.document.StructuredDocumentFactory;
import net.jxta.document.StructuredDocumentUtils;
import net.jxta.document.TextElement;
import net.jxta.exception.PeerGroupException;
import net.jxta.id.ID;
import net.jxta.id.IDFactory;
import net.jxta.impl.endpoint.EndpointServiceImpl;
import net.jxta.impl.protocol.ResolverSrdiMsgImpl;
import net.jxta.logging.Logging;
import net.jxta.peergroup.PeerGroup;
import net.jxta.platform.ModuleSpecID;
import net.jxta.protocol.ModuleImplAdvertisement;
import net.jxta.service.Service;

/* loaded from: input_file:META-INF/lib/shoal-jxta-1.1_09292008.jar:net/jxta/impl/access/simpleACL/SimpleACLAccessService.class */
public class SimpleACLAccessService implements AccessService {
    private static final Logger LOG = Logger.getLogger(SimpleACLAccessService.class.getName());
    public static final ModuleSpecID simpleACLAccessSpecID = (ModuleSpecID) ID.create(URI.create("urn:jxta:uuid-DeadBeefDeafBabaFeedBabe000000100206"));
    PeerGroup group;
    ModuleImplAdvertisement implAdvertisement;
    private final Map<String, Set<String>> ACLs = new HashMap();

    /* loaded from: input_file:META-INF/lib/shoal-jxta-1.1_09292008.jar:net/jxta/impl/access/simpleACL/SimpleACLAccessService$SimpleACLOperation.class */
    private static class SimpleACLOperation implements PrivilegedOperation {
        SimpleACLAccessService source;
        String op;
        Credential offerer;

        protected SimpleACLOperation(SimpleACLAccessService simpleACLAccessService, String str, Credential credential) {
            this.source = simpleACLAccessService;
            this.op = str;
            this.offerer = credential;
        }

        protected SimpleACLOperation(SimpleACLAccessService simpleACLAccessService, Element element) {
            this.source = simpleACLAccessService;
            initialize(element);
        }

        @Override // net.jxta.credential.Credential
        public ID getPeerGroupID() {
            return this.source.getPeerGroup().getPeerGroupID();
        }

        @Override // net.jxta.credential.Credential
        public ID getPeerID() {
            return null;
        }

        @Override // net.jxta.credential.Credential
        public boolean isExpired() {
            return false;
        }

        @Override // net.jxta.credential.Credential
        public boolean isValid() {
            return true;
        }

        @Override // net.jxta.credential.Credential
        public String getSubject() {
            return this.op;
        }

        @Override // net.jxta.credential.Credential
        public Service getSourceService() {
            return this.source;
        }

        @Override // net.jxta.credential.Credential
        public StructuredDocument getDocument(MimeMediaType mimeMediaType) throws Exception {
            StructuredDocument newStructuredDocument = StructuredDocumentFactory.newStructuredDocument(mimeMediaType, ResolverSrdiMsgImpl.credentialTag);
            if (newStructuredDocument instanceof Attributable) {
                ((Attributable) newStructuredDocument).addAttribute("xmlns:jxta", "http://jxta.org");
                ((Attributable) newStructuredDocument).addAttribute("xml:space", "preserve");
                ((Attributable) newStructuredDocument).addAttribute("type", "jxta:SimpleACLOp");
            }
            newStructuredDocument.appendChild(newStructuredDocument.createElement("PeerGroupID", getPeerGroupID().toString()));
            newStructuredDocument.appendChild(newStructuredDocument.createElement("Operation", this.op));
            StructuredDocumentUtils.copyElements(newStructuredDocument, newStructuredDocument, this.offerer.getDocument(mimeMediaType), "Offerer");
            return newStructuredDocument;
        }

        @Override // net.jxta.credential.PrivilegedOperation
        public Credential getOfferer() {
            return this.offerer;
        }

        protected boolean handleElement(TextElement textElement) {
            if (textElement.getName().equals("PeerGroupID")) {
                try {
                    ID fromURI = IDFactory.fromURI(new URI(textElement.getTextValue().trim()));
                    if (fromURI.equals(getPeerGroupID())) {
                        return true;
                    }
                    throw new IllegalArgumentException("Operation is from a different group. " + fromURI + " != " + getPeerGroupID());
                } catch (ClassCastException e) {
                    throw new IllegalArgumentException("Id is not a group id: " + textElement.getTextValue());
                } catch (URISyntaxException e2) {
                    throw new IllegalArgumentException("Unusable ID in advertisement: " + textElement.getTextValue());
                }
            }
            if (textElement.getName().equals("Operation")) {
                this.op = textElement.getTextValue();
                return true;
            }
            if (!textElement.getName().equals("Offerer")) {
                return false;
            }
            try {
                this.offerer = this.source.getPeerGroup().getMembershipService().makeCredential(textElement);
                return true;
            } catch (Throwable th) {
                throw new IllegalArgumentException("Offerer credential could not be constructed" + th);
            }
        }

        protected void initialize(Element element) {
            Attribute attribute;
            if (!TextElement.class.isInstance(element)) {
                throw new IllegalArgumentException(getClass().getName() + " only supports TextElement");
            }
            TextElement textElement = (TextElement) element;
            String str = EndpointServiceImpl.MESSAGE_EMPTY_NS;
            if ((element instanceof Attributable) && null != (attribute = ((Attributable) element).getAttribute("type"))) {
                str = attribute.getValue();
            }
            if (!textElement.getName().equals("jxta:SimpleACLOp") && !str.equals("jxta:SimpleACLOp")) {
                throw new IllegalArgumentException("Could not construct : " + getClass().getName() + "from doc containing a " + textElement.getName());
            }
            Enumeration<T> children = textElement.getChildren();
            while (children.hasMoreElements()) {
                TextElement textElement2 = (TextElement) children.nextElement();
                if (!handleElement(textElement2) && Logging.SHOW_WARNING && SimpleACLAccessService.LOG.isLoggable(Level.WARNING)) {
                    SimpleACLAccessService.LOG.warning("Unhandled element '" + textElement2.getName() + "' in " + textElement.getName());
                }
            }
            if (null == this.op) {
                throw new IllegalArgumentException("operation was never initialized.");
            }
            if (null == this.offerer) {
                throw new IllegalArgumentException("offerer was never initialized.");
            }
        }
    }

    @Override // net.jxta.platform.Module
    public void init(PeerGroup peerGroup, ID id, Advertisement advertisement) throws PeerGroupException {
        String textValue;
        int indexOf;
        this.group = peerGroup;
        this.implAdvertisement = (ModuleImplAdvertisement) advertisement;
        if (Logging.SHOW_CONFIG && LOG.isLoggable(Level.CONFIG)) {
            StringBuilder sb = new StringBuilder("Configuring Access Service : " + id);
            sb.append("\n\tImplementation:");
            sb.append("\n\t\tImpl Description: " + this.implAdvertisement.getDescription());
            sb.append("\n\t\tImpl URI : " + this.implAdvertisement.getUri());
            sb.append("\n\t\tImpl Code : " + this.implAdvertisement.getCode());
            sb.append("\n\tGroup Params:");
            sb.append("\n\t\tGroup: " + peerGroup.getPeerGroupName());
            sb.append("\n\t\tGroup ID: " + peerGroup.getPeerGroupID());
            sb.append("\n\t\tPeer ID: " + peerGroup.getPeerID());
            LOG.config(sb.toString());
        }
        TextElement textElement = (TextElement) peerGroup.getPeerGroupAdvertisement().getServiceParam(id);
        if (null == textElement) {
            throw new PeerGroupException("parameters for group access controls missing.");
        }
        Enumeration<T> children = textElement.getChildren();
        while (children.hasMoreElements()) {
            TextElement textElement2 = (TextElement) children.nextElement();
            if (textElement2.getName().equals("perm") && -1 != (indexOf = (textValue = textElement2.getTextValue()).indexOf(58))) {
                String trim = textValue.substring(0, indexOf).trim();
                if ("<<DEFAULT>>".equals(trim)) {
                    trim = null;
                }
                String substring = textValue.substring(indexOf + 1);
                HashSet hashSet = new HashSet();
                StringTokenizer stringTokenizer = new StringTokenizer(substring, ",");
                while (stringTokenizer.hasMoreTokens()) {
                    String trim2 = stringTokenizer.nextToken().trim();
                    if ("<<ALL>>".equals(trim2)) {
                        trim2 = null;
                    }
                    hashSet.add(trim2);
                }
                if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
                    LOG.fine("Adding operation  : '" + (null == trim ? "<<DEFAULT>>" : trim) + "' with " + hashSet.size() + " identities.");
                }
                this.ACLs.put(trim, hashSet);
            }
        }
    }

    @Override // net.jxta.platform.Module
    public int startApp(String[] strArr) {
        return 0;
    }

    @Override // net.jxta.platform.Module
    public void stopApp() {
    }

    @Override // net.jxta.service.Service
    public ModuleImplAdvertisement getImplAdvertisement() {
        return this.implAdvertisement;
    }

    @Override // net.jxta.service.Service
    public SimpleACLAccessService getInterface() {
        return this;
    }

    @Override // net.jxta.access.AccessService
    public AccessService.AccessResult doAccessCheck(PrivilegedOperation privilegedOperation, Credential credential) {
        if (null != credential && !credential.isValid()) {
            return AccessService.AccessResult.DISALLOWED;
        }
        if (null != privilegedOperation && !privilegedOperation.isValid()) {
            return AccessService.AccessResult.DISALLOWED;
        }
        Set<String> set = this.ACLs.get(null != privilegedOperation ? privilegedOperation.getSubject() : null);
        if (null == set) {
            set = this.ACLs.get(null);
            if (null == set) {
                return AccessService.AccessResult.DISALLOWED;
            }
        }
        return (set.contains(null != credential ? credential.getSubject().toString() : null) || set.contains(null)) ? AccessService.AccessResult.PERMITTED : AccessService.AccessResult.DISALLOWED;
    }

    @Override // net.jxta.access.AccessService
    public PrivilegedOperation newPrivilegedOperation(Object obj, Credential credential) {
        if (!(obj instanceof String)) {
            throw new IllegalArgumentException(getClass().getName() + " only supports String subjects.");
        }
        if (credential.isValid()) {
            return new SimpleACLOperation(this, (String) obj, credential);
        }
        throw new IllegalArgumentException("offerer is not a valid credential");
    }

    @Override // net.jxta.access.AccessService
    public PrivilegedOperation newPrivilegedOperation(Element element) {
        return new SimpleACLOperation(this, element);
    }

    PeerGroup getPeerGroup() {
        return this.group;
    }
}
