package ca.nrc.cadc.cred.server.actions;

import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.PrincipalExtractor;
import ca.nrc.cadc.auth.X509CertificateChain;
import ca.nrc.cadc.cred.server.CertificateDAO;
import ca.nrc.cadc.net.ResourceNotFoundException;
import ca.nrc.cadc.profiler.Profiler;
import java.security.Principal;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;

/* loaded from: input_file:ca/nrc/cadc/cred/server/actions/DelegationActionFactory.class */
public class DelegationActionFactory {
    private static final Logger log = Logger.getLogger(DelegationActionFactory.class);
    private HttpServletRequest request;
    private Map<X500Principal, Float> trustedPrincipals;
    private String dataSource;
    private String catalog;
    private String schema;

    /* loaded from: input_file:ca/nrc/cadc/cred/server/actions/DelegationActionFactory$NotFoundAction.class */
    static final class NotFoundAction extends DelegationAction {
        public NotFoundAction(X500Principal x500Principal, Map<X500Principal, Float> map) {
            super(x500Principal, Float.valueOf(Float.MIN_VALUE), map, null);
        }

        @Override // ca.nrc.cadc.cred.server.actions.DelegationAction
        public X509CertificateChain getCertificate(X500Principal x500Principal) throws Exception {
            throw new ResourceNotFoundException("not found: " + x500Principal.getName());
        }
    }

    /* loaded from: input_file:ca/nrc/cadc/cred/server/actions/DelegationActionFactory$UnsupportedOperationAction.class */
    static final class UnsupportedOperationAction extends DelegationAction {
        public UnsupportedOperationAction(X500Principal x500Principal, Map<X500Principal, Float> map) {
            super(x500Principal, Float.valueOf(Float.MIN_VALUE), map, null);
        }

        @Override // ca.nrc.cadc.cred.server.actions.DelegationAction
        public X509CertificateChain getCertificate(X500Principal x500Principal) throws Exception {
            throw new UnsupportedOperationException();
        }
    }

    public DelegationActionFactory(HttpServletRequest httpServletRequest, Map<X500Principal, Float> map, String str, String str2, String str3) {
        this.request = httpServletRequest;
        if (map == null || map.isEmpty()) {
            throw new IllegalArgumentException("Null or empty trusted principals");
        }
        this.trustedPrincipals = map;
        this.dataSource = str;
        this.catalog = str2;
        this.schema = str3;
    }

    private CertificateDAO getDAO() {
        return new CertificateDAO(new CertificateDAO.CertificateSchema(this.dataSource, this.catalog, this.schema));
    }

    public DelegationAction getDelegationAction() {
        Float f = null;
        X500Principal x500Principal = null;
        String parameter = this.request.getParameter("daysValid");
        if (parameter != null) {
            try {
                f = new Float(parameter);
                if (f.floatValue() < 0.0d) {
                    throw new IllegalArgumentException("invalid daysValid param:" + parameter + " expected: number > 0.0");
                }
            } catch (NumberFormatException e) {
                throw new IllegalArgumentException("invalid daysValid param:" + parameter + " expected: number > 0.0");
            }
        }
        String pathInfo = this.request.getPathInfo();
        if (pathInfo != null) {
            String replace = pathInfo.replace("+", " ");
            if (replace.startsWith("/")) {
                replace = replace.substring(1);
            }
            String[] split = replace.split("/");
            if (split.length > 2) {
                return new NotFoundAction(null, this.trustedPrincipals);
            }
            if (split[0].equalsIgnoreCase("dn")) {
                log.debug("GetProxyCertByDN: " + split[1]);
                x500Principal = new X500Principal(split[1]);
            } else if (split[0].equalsIgnoreCase("userid")) {
                log.debug("GetProxyCertByUserid: " + split[1]);
                try {
                    x500Principal = getX500FromUserID(split[1]);
                } catch (ResourceNotFoundException e2) {
                    return new NotFoundAction(null, this.trustedPrincipals);
                }
            }
        }
        return new GetProxyCertByDN(x500Principal, f, this.trustedPrincipals, getDAO());
    }

    protected X500Principal getX500FromUserID(final String str) throws ResourceNotFoundException {
        Profiler profiler = new Profiler(DelegationActionFactory.class);
        Subject subject = AuthenticationUtil.getSubject(new PrincipalExtractor() { // from class: ca.nrc.cadc.cred.server.actions.DelegationActionFactory.1
            public Set<Principal> getPrincipals() {
                HashSet hashSet = new HashSet();
                hashSet.add(new HttpPrincipal(str));
                return hashSet;
            }

            public X509CertificateChain getCertificateChain() {
                return null;
            }
        });
        log.debug("augmented: " + subject);
        profiler.checkpoint("getUser");
        Set principals = subject.getPrincipals(X500Principal.class);
        if (principals.isEmpty()) {
            throw new ResourceNotFoundException("user not found: " + str);
        }
        return (X500Principal) principals.iterator().next();
    }
}
