package io.pravega.controller.server.rpc.auth;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import io.grpc.ServerBuilder;
import io.pravega.auth.AuthHandler;
import io.pravega.common.auth.AuthenticationException;
import io.pravega.controller.server.rpc.grpc.GRPCServerConfig;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.stream.Collectors;
import javax.annotation.concurrent.GuardedBy;
import javax.ws.rs.core.MultivaluedMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/pravega/controller/server/rpc/auth/PravegaAuthManager.class */
public class PravegaAuthManager {

    @SuppressFBWarnings(justification = "generated code")
    private static final Logger log = LoggerFactory.getLogger(PravegaAuthManager.class);
    private final GRPCServerConfig serverConfig;

    @GuardedBy("this")
    private final Map<String, AuthHandler> handlerMap = new HashMap();

    public PravegaAuthManager(GRPCServerConfig gRPCServerConfig) {
        this.serverConfig = gRPCServerConfig;
    }

    private AuthHandler getHandler(String str) throws AuthenticationException {
        AuthHandler authHandler;
        synchronized (this) {
            authHandler = this.handlerMap.get(str);
        }
        if (authHandler == null) {
            throw new AuthenticationException("Handler does not exist for method " + str);
        }
        return authHandler;
    }

    public boolean authenticate(String str, MultivaluedMap<String, String> multivaluedMap, AuthHandler.Permissions permissions) throws AuthenticationException {
        return authenticate(str, (Map<String, String>) multivaluedMap.entrySet().stream().collect(Collectors.toMap(entry -> {
            return (String) entry.getKey();
        }, entry2 -> {
            return (String) ((List) entry2.getValue()).get(0);
        })), permissions);
    }

    public boolean authenticate(String str, Map<String, String> map, AuthHandler.Permissions permissions) throws AuthenticationException {
        try {
            AuthHandler handler = getHandler(map.get("method"));
            if (handler.authenticate(map)) {
                return handler.authorize(str, map).ordinal() >= permissions.ordinal();
            }
            throw new AuthenticationException("Authentication failure");
        } catch (RuntimeException e) {
            throw new AuthenticationException(e);
        }
    }

    public void registerInterceptors(ServerBuilder<?> serverBuilder) {
        try {
            if (this.serverConfig.isAuthorizationEnabled()) {
                Iterator it = ServiceLoader.load(AuthHandler.class).iterator();
                while (it.hasNext()) {
                    AuthHandler authHandler = (AuthHandler) it.next();
                    try {
                        authHandler.initialize(this.serverConfig);
                    } catch (Exception e) {
                        log.warn("Exception while initializing auth handler {}", authHandler, e);
                    }
                    synchronized (this) {
                        if (this.handlerMap.putIfAbsent(authHandler.getHandlerName(), authHandler) != null) {
                            log.warn("Handler with name {} already exists. Not replacing it with the latest handler");
                        } else {
                            serverBuilder.intercept(new PravegaInterceptor(authHandler));
                        }
                    }
                }
            }
        } catch (Throwable th) {
            log.warn("Exception while loading the auth handlers", th);
        }
    }
}
