package oracle.security.jazn.spi.xml;

import java.io.IOException;
import java.io.Writer;
import java.security.AccessController;
import java.util.ArrayList;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.JAZNConfigException;
import oracle.security.jazn.JAZNException;
import oracle.security.jazn.JAZNPermission;
import oracle.security.jazn.JAZNRuntimeException;
import oracle.security.jazn.action.GetJAZNConfigPropertyAction;
import oracle.security.jazn.realm.RealmUser;
import oracle.security.jazn.util.DbgWriter;
import oracle.security.jazn.util.Env;
import oracle.security.jazn.util.FormattedWriter;
import oracle.security.jazn.util.JAZNSecurityManager;
import oracle.security.jazn.util.Misc;
import oracle.security.jazn.util.Resources;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:oracle/security/jazn/spi/xml/XMLRealmUser.class */
public class XMLRealmUser extends XMLRealmPrincipal implements RealmUser {
    public static final int CRED_OBFUSCATION_FORMAT_UNSET = -1;
    public static final int CRED_OBFUSCATION_FORMAT_902 = 0;
    public static final int CRED_OBFUSCATION_FORMAT_903 = 1;
    public static final int CRED_OBFUSCATION_FORMAT_DEFAULT = 1;
    private int _format;
    private String _clrCred;
    private byte[] _cred;
    private JAZNSecurityManager _jaznSM;

    XMLRealmUser(JAZNConfig jAZNConfig, XMLRealm xMLRealm, String str, String str2, boolean z) {
        this(jAZNConfig, xMLRealm, str, str2, (String) null, (String) null, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLRealmUser(JAZNConfig jAZNConfig, XMLRealm xMLRealm, String str, String str2, String str3, String str4, boolean z) {
        this(jAZNConfig, xMLRealm, str, ob(jAZNConfig, str2), str3, str4, z);
    }

    private static byte[] ob(JAZNConfig jAZNConfig, String str) {
        if (str == null) {
            return null;
        }
        if (jAZNConfig == null) {
            throw new IllegalArgumentException();
        }
        return obScheme(jAZNConfig) == 0 ? ChecksumHelper.ob(str) : ChecksumHelper.enc(str);
    }

    XMLRealmUser(JAZNConfig jAZNConfig, XMLRealm xMLRealm, String str, byte[] bArr, boolean z) {
        this(jAZNConfig, xMLRealm, str, bArr, (String) null, (String) null, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLRealmUser(JAZNConfig jAZNConfig, XMLRealm xMLRealm, String str, byte[] bArr, String str2, String str3, boolean z) {
        super(jAZNConfig);
        this._format = -1;
        if (xMLRealm == null || str == null) {
            throw new IllegalArgumentException();
        }
        String nickName = XMLRealmPrincipal.getNickName(str);
        this._realm = xMLRealm;
        this._name = new StringBuffer().append(xMLRealm.getName()).append("/").append(nickName).toString();
        this._nickName = nickName;
        this._canonicalName = new StringBuffer().append(getClass().getName()).append(this._name).toString().toLowerCase();
        this._displayName = str2;
        this._description = str3;
        this._isAdmin = z;
        this._grantedRoles = new ArrayList();
        this._cred = bArr;
        if (obScheme(this._config) == 0) {
            this._format = 0;
        } else {
            this._format = 1;
        }
    }

    public XMLRealmUser(String str) {
        this((JAZNConfig) null, str);
    }

    public XMLRealmUser(JAZNConfig jAZNConfig, String str) {
        super(jAZNConfig);
        this._format = -1;
        if (str == null) {
            throw new IllegalArgumentException();
        }
        try {
            int indexOf = str.indexOf(47);
            if (indexOf == -1) {
                throw new IllegalArgumentException();
            }
            this._realm = (XMLRealm) ((XMLRealmManager) this._config.getRealmManager()).getRealm(str.substring(0, indexOf));
            if (this._realm == null) {
                throw new IllegalArgumentException();
            }
            this._name = str;
            this._nickName = str.substring(indexOf + 1);
            this._canonicalName = new StringBuffer().append(getClass().getName()).append(this._name).toString().toLowerCase();
            XMLRealmUser xMLRealmUser = (XMLRealmUser) this._realm.getUserManager().getUser(str);
            if (xMLRealmUser == null) {
                throw new IllegalArgumentException();
            }
            this._isAdmin = xMLRealmUser.isAdmin();
            this._grantedRoles = new ArrayList(xMLRealmUser.getGrantedRoles());
            this._cred = xMLRealmUser.getCredentials();
            if (obScheme(this._config) == 0) {
                this._format = 0;
            } else {
                this._format = 1;
            }
        } catch (JAZNException e) {
            e.printStackTrace();
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLRealmUser(JAZNConfig jAZNConfig, XMLRealm xMLRealm) {
        super(jAZNConfig, xMLRealm);
        this._format = -1;
    }

    private static boolean autoObf(JAZNConfig jAZNConfig) {
        return !getJAZNProperty(jAZNConfig, Env.XML_CRED_AUTO_OBFUSCATE, Env.XML_CRED_AUTO_OBFUSCATE_DEFAULT).equalsIgnoreCase("OFF");
    }

    private static boolean autoMigrate903(JAZNConfig jAZNConfig) {
        return !getJAZNProperty(jAZNConfig, Env.XML_CRED_AUTO_MIGRATE_903, Env.XML_CRED_AUTO_MIGRATE_903_DEFAULT).equalsIgnoreCase("OFF");
    }

    private static int obScheme(JAZNConfig jAZNConfig) {
        String jAZNProperty = getJAZNProperty(jAZNConfig, Env.XML_CRED_OBFUSCATION_FORMAT, "");
        int i = -1;
        if (jAZNProperty.equalsIgnoreCase("902")) {
            i = 0;
        } else if (jAZNProperty.equalsIgnoreCase("903")) {
            i = 1;
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.jazn.spi.xml.XMLRealmPrincipal
    public void init(Node node) throws JAZNException {
        super.init(node);
        try {
            NodeList childNodes = node.getChildNodes();
            for (int i = 0; i < childNodes.getLength(); i++) {
                Node item = childNodes.item(i);
                if (item.getNodeType() == 1 && item.getNodeName().equalsIgnoreCase("credentials")) {
                    String nodeValue = item.getFirstChild() != null ? item.getFirstChild().getNodeValue() : null;
                    if (nodeValue != null) {
                        Node namedItem = item.getAttributes().getNamedItem("clear");
                        if (nodeValue.charAt(0) == '!' || (namedItem != null && namedItem.getNodeValue().equalsIgnoreCase("true"))) {
                            String str = nodeValue;
                            if (nodeValue.charAt(0) == '!') {
                                str = nodeValue.substring(1);
                            }
                            if (obScheme(getJAZNConfig()) == 0) {
                                this._cred = ChecksumHelper.ob(str);
                                this._format = 0;
                            } else {
                                this._cred = ChecksumHelper.enc(str);
                                this._format = 1;
                            }
                            String jAZNProperty = getJAZNProperty(Env.XML_CRED_AUTO_OBFUSCATE);
                            if (jAZNProperty == null || !jAZNProperty.equalsIgnoreCase("OFF")) {
                                getJAZNConfig().getJAZNProvider().setDirtyBit();
                            } else {
                                this._clrCred = str;
                            }
                        } else {
                            BASE64Decoder bASE64Decoder = new BASE64Decoder();
                            if (nodeValue.startsWith("{903}")) {
                                this._cred = bASE64Decoder.decodeBuffer(nodeValue.substring(5));
                                this._format = 1;
                            } else {
                                byte[] decodeBuffer = bASE64Decoder.decodeBuffer(nodeValue);
                                if (autoMigrate903(getJAZNConfig())) {
                                    try {
                                        try {
                                            this._cred = ChecksumHelper.enc(ChecksumHelper.db(decodeBuffer));
                                            this._format = 1;
                                            getJAZNConfig().getJAZNProvider().setDirtyBit();
                                        } catch (JAZNConfigException e) {
                                            throw new JAZNConfigException(new StringBuffer().append("Malformatted credentials for user ").append(getName()).append(". Please check your JAZN repository.").toString(), e.getCause());
                                        }
                                    } catch (ArrayIndexOutOfBoundsException e2) {
                                        throw new IllegalStateException(new StringBuffer().append("Malformatted credentials for user ").append(getName()).append(". Please check your JAZN repository.").toString());
                                    }
                                } else {
                                    this._format = 0;
                                    this._cred = decodeBuffer;
                                }
                            }
                        }
                    } else {
                        continue;
                    }
                }
            }
        } catch (IOException e3) {
            e3.printStackTrace();
            throw new IllegalStateException(e3.getMessage());
        }
    }

    private String getJAZNProperty(String str) {
        return getJAZNProperty(str, null);
    }

    private String getJAZNProperty(String str, String str2) {
        return getJAZNProperty(getJAZNConfig(), str, str2);
    }

    private static String getJAZNProperty(JAZNConfig jAZNConfig, String str, String str2) {
        return (String) AccessController.doPrivileged(new GetJAZNConfigPropertyAction(jAZNConfig, str, str2));
    }

    public byte[] getClrCredentials() {
        JAZNPermission jAZNPermission = new JAZNPermission("getClrCredentials");
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(jAZNPermission);
        } else {
            String jAZNProperty = getJAZNProperty("jazn.authz.enable");
            if (jAZNProperty != null && jAZNProperty.equalsIgnoreCase("true")) {
                if (this._jaznSM == null) {
                    this._jaznSM = new JAZNSecurityManager(getJAZNConfig());
                }
                this._jaznSM.verifyPermission(jAZNPermission, null);
            }
        }
        return ChecksumHelper.db(this._cred);
    }

    private byte[] getCredentials() {
        return this._cred;
    }

    public boolean hasCredentials() {
        return getCredentials() != null;
    }

    public void setCredentials(String str, String str2) {
        try {
            SecurityManager securityManager = System.getSecurityManager();
            if (securityManager != null) {
                securityManager.checkPermission(new JAZNPermission("setCredentials"));
            }
            if (!authenticate(str)) {
                throw new SecurityException(Misc.getResourceBundle().getString(Resources.Key.WRONG_PASSWORD));
            }
            if (this._format == 0) {
                this._cred = ChecksumHelper.ob(str2);
            } else {
                this._cred = ChecksumHelper.enc(str2);
            }
            if (this._clrCred != null) {
                this._clrCred = new StringBuffer().append("!").append(str2).toString();
            }
            conditionalPersist();
        } catch (JAZNException e) {
            e.printStackTrace();
            throw new JAZNRuntimeException(e.getMessage(), e);
        }
    }

    public void setCredentialsNoCheck(String str) {
        try {
            SecurityManager securityManager = System.getSecurityManager();
            if (securityManager != null) {
                securityManager.checkPermission(new JAZNPermission("setCredentialsNoCheck"));
            }
            if (this._format == 0) {
                this._cred = ChecksumHelper.ob(str);
            } else {
                this._cred = ChecksumHelper.enc(str);
            }
            conditionalPersist();
        } catch (JAZNException e) {
            e.printStackTrace();
            throw new JAZNRuntimeException(e.getMessage(), e);
        }
    }

    public synchronized boolean authenticate(char[] cArr) {
        return authenticate(new String(cArr));
    }

    public synchronized boolean authenticate(String str) {
        if (this._cred == null) {
            return true;
        }
        if (str == null && this._cred != null) {
            return false;
        }
        if (str.equals("") && this._cred != null) {
            return false;
        }
        try {
            byte[] bArr = new byte[8];
            System.arraycopy(this._cred, 0, bArr, 0, bArr.length);
            byte[] ob = this._format == 0 ? ChecksumHelper.ob(str.getBytes(), bArr) : ChecksumHelper.encWithSalt(str.getBytes(), bArr);
            if (ob.length != this._cred.length) {
                return false;
            }
            for (int i = 0; i < ob.length; i++) {
                if (ob[i] != this._cred[i]) {
                    return false;
                }
            }
            return true;
        } catch (Exception e) {
            e.printStackTrace(DbgWriter.getDbgWriter());
            return false;
        }
    }

    @Override // oracle.security.jazn.spi.xml.XMLRealmPrincipal, java.security.Principal
    public boolean equals(Object obj) {
        if (!(obj instanceof XMLRealmUser)) {
            return false;
        }
        XMLRealmUser xMLRealmUser = (XMLRealmUser) obj;
        return getRealm().equals(xMLRealmUser.getRealm()) && getName().equals(xMLRealmUser.getName());
    }

    @Override // oracle.security.jazn.spi.xml.XMLRealmPrincipal, java.security.Principal
    public String toString() {
        return new StringBuffer().append("RealmUser: ").append(getName()).toString();
    }

    public void writeXML(int i, Writer writer) throws IOException {
        if (i < 0 || writer == null) {
            throw new IllegalArgumentException();
        }
        FormattedWriter formattedWriter = new FormattedWriter(writer, i);
        FormattedWriter formattedWriter2 = new FormattedWriter(writer, i + 1);
        formattedWriter.writeln("<user>");
        formattedWriter2.writeln(new StringBuffer().append("<name>").append(getNickName()).append("</name>").toString());
        if (getDisplayName() != null) {
            formattedWriter2.writeln(new StringBuffer().append("<display-name>").append(getDisplayName()).append("</display-name>").toString());
        }
        if (getDescription() != null) {
            formattedWriter2.writeln(new StringBuffer().append("<description>").append(getDescription()).append("</description>").toString());
        }
        if (hasCredentials()) {
            StringBuffer stringBuffer = new StringBuffer("<credentials>");
            if (this._format == 1) {
                stringBuffer.append("{903}");
            }
            if (autoObf(getJAZNConfig()) || this._clrCred == null) {
                stringBuffer.append(new BASE64Encoder().encode(this._cred));
            } else {
                stringBuffer.append(this._clrCred);
            }
            stringBuffer.append("</credentials>");
            formattedWriter2.writeln(stringBuffer.toString());
        }
        formattedWriter.writeln("</user>");
    }

    public void writeXML(Writer writer) throws IOException {
        writeXML(0, writer);
    }
}
