package org.apache.sling.serviceusermapping.impl;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.SortedMap;
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.apache.batik.util.XMLConstants;
import org.apache.sling.serviceusermapping.Mapping;
import org.apache.sling.serviceusermapping.ServicePrincipalsValidator;
import org.apache.sling.serviceusermapping.ServiceUserMapped;
import org.apache.sling.serviceusermapping.ServiceUserMapper;
import org.apache.sling.serviceusermapping.ServiceUserValidator;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Designate(ocd = Config.class)
@Component(service = {ServiceUserMapper.class, ServiceUserMapperImpl.class})
/* loaded from: input_file:resources/install/0/org.apache.sling.serviceusermapper-1.4.2.jar:org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.class */
public class ServiceUserMapperImpl implements ServiceUserMapper {
    private String defaultUser;
    private boolean useDefaultMapping;
    private BundleContext bundleContext;
    private ExecutorService executorService;
    private final Logger log = LoggerFactory.getLogger(getClass());
    private Mapping[] globalServiceUserMappings = new Mapping[0];
    private Map<Long, MappingConfigAmendment> amendments = new HashMap();
    private Mapping[] activeMappings = new Mapping[0];
    private final List<ServiceUserValidator> userValidators = new CopyOnWriteArrayList();
    private final List<ServicePrincipalsValidator> principalsValidators = new CopyOnWriteArrayList();
    private SortedMap<Mapping, Registration> activeRegistrations = new TreeMap();
    public boolean registerAsync = true;

    @ObjectClassDefinition(name = "Apache Sling Service User Mapper Service", description = "Configuration for the service mapping service names to names of users.")
    /* loaded from: input_file:resources/install/0/org.apache.sling.serviceusermapper-1.4.2.jar:org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl$Config.class */
    public @interface Config {
        @AttributeDefinition(name = "Service Mappings", description = "Provides mappings from service name to user names. Each entry is of the form 'bundleId [ \":\" subServiceName ] \"=\" userName' | \"[\" principalNames \"]\" where bundleId and subServiceName identify the service and userName defines the name of the user to provide to the service; alternative the the mappingcan define a comma separated set of principalNames instead of the userName. Invalid entries are logged and ignored.")
        String[] user_mapping() default {};

        @AttributeDefinition(name = "Default User", description = "The name of the user to use as the default if no service mapping applies. If this property is missing or empty no default user is defined.")
        String user_default();

        @AttributeDefinition(name = "Default Mapping", description = "If enabled and no mapping for a requested service user exists and no  default user is defined, a default mapping is applied which uses the service user \"serviceuser@\" + {bundleId} + [\":\" + subServiceName]")
        boolean user_enable_default_mapping() default true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:resources/install/0/org.apache.sling.serviceusermapper-1.4.2.jar:org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl$Registration.class */
    public class Registration {
        private Mapping mapping;
        private ServiceRegistration serviceRegistration = null;

        Registration(Mapping mapping) {
            this.mapping = mapping;
        }

        synchronized ServiceRegistration setService(ServiceRegistration serviceRegistration) {
            ServiceRegistration serviceRegistration2 = this.serviceRegistration;
            this.serviceRegistration = serviceRegistration;
            return serviceRegistration2;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:resources/install/0/org.apache.sling.serviceusermapper-1.4.2.jar:org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl$RegistrationSet.class */
    public class RegistrationSet {
        Collection<Registration> added = new ArrayList();
        Collection<Registration> removed = new ArrayList();

        RegistrationSet() {
        }
    }

    @Activate
    @Modified
    synchronized void configure(BundleContext bundleContext, Config config) {
        if (this.registerAsync && this.executorService == null) {
            this.executorService = Executors.newSingleThreadExecutor();
        }
        String[] user_mapping = config.user_mapping();
        if (user_mapping != null) {
            ArrayList arrayList = new ArrayList(user_mapping.length);
            for (String str : user_mapping) {
                if (str != null && str.trim().length() > 0) {
                    try {
                        arrayList.add(new Mapping(str.trim()));
                    } catch (IllegalArgumentException e) {
                        this.log.error("configure: Ignoring '{}': {}", str, e.getMessage());
                    }
                }
            }
            this.globalServiceUserMappings = (Mapping[]) arrayList.toArray(new Mapping[arrayList.size()]);
        } else {
            this.globalServiceUserMappings = new Mapping[0];
        }
        this.defaultUser = config.user_default();
        this.useDefaultMapping = config.user_enable_default_mapping();
        this.bundleContext = bundleContext;
        executeServiceRegistrationsAsync(updateMappings());
    }

    @Deactivate
    synchronized void deactivate() {
        updateServiceRegistrations(new Mapping[0]);
        this.bundleContext = null;
        if (this.executorService != null) {
            this.executorService.shutdown();
            this.executorService = null;
        }
    }

    private void restartAllActiveServiceUserMappedServices() {
        RegistrationSet registrationSet = new RegistrationSet();
        registrationSet.removed = this.activeRegistrations.values();
        registrationSet.added = this.activeRegistrations.values();
        executeServiceRegistrationsAsync(registrationSet);
    }

    @Reference(cardinality = ReferenceCardinality.MULTIPLE, policy = ReferencePolicy.DYNAMIC)
    protected synchronized void bindServiceUserValidator(ServiceUserValidator serviceUserValidator) {
        this.userValidators.add(serviceUserValidator);
        restartAllActiveServiceUserMappedServices();
    }

    protected synchronized void unbindServiceUserValidator(ServiceUserValidator serviceUserValidator) {
        this.userValidators.remove(serviceUserValidator);
        restartAllActiveServiceUserMappedServices();
    }

    @Reference(cardinality = ReferenceCardinality.MULTIPLE, policy = ReferencePolicy.DYNAMIC)
    protected synchronized void bindServicePrincipalsValidator(ServicePrincipalsValidator servicePrincipalsValidator) {
        this.principalsValidators.add(servicePrincipalsValidator);
        restartAllActiveServiceUserMappedServices();
    }

    protected synchronized void unbindServicePrincipalsValidator(ServicePrincipalsValidator servicePrincipalsValidator) {
        this.principalsValidators.remove(servicePrincipalsValidator);
        restartAllActiveServiceUserMappedServices();
    }

    @Override // org.apache.sling.serviceusermapping.ServiceUserMapper
    public String getServiceUserID(Bundle bundle, String str) {
        String serviceName = getServiceName(bundle);
        String internalGetUserId = internalGetUserId(serviceName, str);
        boolean isValidUser = isValidUser(internalGetUserId, serviceName, str);
        String str2 = isValidUser ? internalGetUserId : null;
        this.log.debug("getServiceUserID(bundle {}, subServiceName {}) returns [{}] (raw userId={}, valid={})", bundle, str, str2, internalGetUserId, Boolean.valueOf(isValidUser));
        return str2;
    }

    @Override // org.apache.sling.serviceusermapping.ServiceUserMapper
    public Iterable<String> getServicePrincipalNames(Bundle bundle, String str) {
        String serviceName = getServiceName(bundle);
        Iterable<String> internalGetPrincipalNames = internalGetPrincipalNames(serviceName, str);
        boolean areValidPrincipals = areValidPrincipals(internalGetPrincipalNames, serviceName, str);
        Iterable<String> iterable = areValidPrincipals ? internalGetPrincipalNames : null;
        this.log.debug("getServicePrincipalNames(bundle {}, subServiceName {}) returns [{}] (raw principalNames={}, valid={})", bundle, str, iterable, internalGetPrincipalNames, Boolean.valueOf(areValidPrincipals));
        return iterable;
    }

    @Reference(cardinality = ReferenceCardinality.MULTIPLE, policy = ReferencePolicy.DYNAMIC, updated = "updateAmendment")
    protected synchronized void bindAmendment(MappingConfigAmendment mappingConfigAmendment, Map<String, Object> map) {
        this.amendments.put((Long) map.get("service.id"), mappingConfigAmendment);
        executeServiceRegistrationsAsync(updateMappings());
    }

    protected synchronized void unbindAmendment(MappingConfigAmendment mappingConfigAmendment, Map<String, Object> map) {
        RegistrationSet registrationSet = null;
        if (this.amendments.remove((Long) map.get("service.id")) != null) {
            registrationSet = updateMappings();
        }
        executeServiceRegistrationsAsync(registrationSet);
    }

    protected void updateAmendment(MappingConfigAmendment mappingConfigAmendment, Map<String, Object> map) {
        bindAmendment(mappingConfigAmendment, map);
    }

    protected RegistrationSet updateMappings() {
        ArrayList arrayList = new ArrayList();
        Iterator<MappingConfigAmendment> it = this.amendments.values().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next());
        }
        Collections.sort(arrayList);
        ArrayList arrayList2 = new ArrayList();
        for (Mapping mapping : this.globalServiceUserMappings) {
            arrayList2.add(mapping);
        }
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            for (Mapping mapping2 : ((MappingConfigAmendment) it2.next()).getServiceUserMappings()) {
                arrayList2.add(mapping2);
            }
        }
        this.activeMappings = (Mapping[]) arrayList2.toArray(new Mapping[arrayList2.size()]);
        this.log.debug("Active mappings updated: {} mappings active", Integer.valueOf(arrayList2.size()));
        return updateServiceRegistrations(this.activeMappings);
    }

    RegistrationSet updateServiceRegistrations(Mapping[] mappingArr) {
        RegistrationSet registrationSet = new RegistrationSet();
        if (this.bundleContext == null) {
            return registrationSet;
        }
        TreeSet<Mapping> treeSet = new TreeSet(Arrays.asList(mappingArr));
        TreeMap treeMap = new TreeMap();
        for (Map.Entry<Mapping, Registration> entry : this.activeRegistrations.entrySet()) {
            boolean z = true;
            if (!treeSet.contains(entry.getKey())) {
                registrationSet.removed.add(entry.getValue());
                z = false;
            }
            if (z) {
                treeMap.put(entry.getKey(), entry.getValue());
            }
        }
        for (Mapping mapping : treeSet) {
            if (!treeMap.containsKey(mapping)) {
                Registration registration = new Registration(mapping);
                treeMap.put(mapping, registration);
                registrationSet.added.add(registration);
            }
        }
        this.activeRegistrations = treeMap;
        return registrationSet;
    }

    private void executeServiceRegistrationsAsync(final RegistrationSet registrationSet) {
        if (this.executorService == null) {
            executeServiceRegistrations(registrationSet);
        } else {
            this.executorService.submit(new Runnable() { // from class: org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.1
                @Override // java.lang.Runnable
                public void run() {
                    ServiceUserMapperImpl.this.executeServiceRegistrations(registrationSet);
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void executeServiceRegistrations(RegistrationSet registrationSet) {
        if (registrationSet == null) {
            return;
        }
        for (Registration registration : registrationSet.removed) {
            ServiceRegistration service = registration.setService(null);
            if (service != null) {
                try {
                    service.unregister();
                    this.log.debug("Unregistered ServiceUserMapped {}", registration.mapping);
                } catch (IllegalStateException e) {
                }
            }
        }
        BundleContext bundleContext = this.bundleContext;
        if (bundleContext == null) {
            return;
        }
        for (Registration registration2 : registrationSet.added) {
            Mapping mapping = registration2.mapping;
            Hashtable hashtable = new Hashtable();
            if (mapping.getSubServiceName() != null) {
                hashtable.put(ServiceUserMapped.SUBSERVICENAME, mapping.getSubServiceName());
            }
            hashtable.put(Mapping.SERVICENAME, mapping.getServiceName());
            ServiceRegistration service2 = registration2.setService(bundleContext.registerService(ServiceUserMappedImpl.SERVICEUSERMAPPED, new ServiceUserMappedImpl(), hashtable));
            this.log.debug("Activated ServiceUserMapped {}", registration2.mapping);
            if (service2 != null) {
                try {
                    service2.unregister();
                } catch (IllegalStateException e2) {
                }
            }
        }
    }

    private String internalGetUserId(String str, String str2) {
        this.log.debug("internalGetUserId: {} active mappings, looking for mapping for {}/{}", Integer.valueOf(this.activeMappings.length), str, str2);
        for (Mapping mapping : this.activeMappings) {
            String map = mapping.map(str, str2);
            if (map != null) {
                this.log.debug("Got userId [{}] from {}/{}", map, str, str2);
                return map;
            }
        }
        this.log.debug("internalGetUserId: {} active mappings, looking for mapping for {}/<no subServiceName>", Integer.valueOf(this.activeMappings.length), str);
        for (Mapping mapping2 : this.activeMappings) {
            String map2 = mapping2.map(str, null);
            if (map2 != null) {
                this.log.debug("Got userId [{}] from {}/<no subServiceName>", map2, str);
                return map2;
            }
        }
        if (this.defaultUser != null && !this.defaultUser.isEmpty()) {
            this.log.debug("internalGetUserId: no mapping found, fallback to default user [{}]", this.defaultUser);
            return this.defaultUser;
        }
        String str3 = "serviceuser--" + str + (str2 == null ? "" : XMLConstants.XML_DOUBLE_DASH + str2);
        this.log.debug("internalGetUserId: no mapping found, using default mapping [{}]", str3);
        return str3;
    }

    private boolean isValidUser(String str, String str2, String str3) {
        if (str == null) {
            this.log.debug("isValidUser: userId is null -> invalid");
            return false;
        }
        if (this.userValidators.isEmpty()) {
            this.log.debug("isValidUser: No active validators for userId [{}] -> valid", str);
            return true;
        }
        for (ServiceUserValidator serviceUserValidator : this.userValidators) {
            if (serviceUserValidator.isValid(str, str2, str3)) {
                this.log.debug("isValidUser: Validator {} accepts userId [{}] -> valid", serviceUserValidator, str);
                return true;
            }
        }
        this.log.debug("isValidUser: No validator accepted userId [{}] -> invalid", str);
        return false;
    }

    private boolean areValidPrincipals(Iterable<String> iterable, String str, String str2) {
        if (iterable == null) {
            this.log.debug("areValidPrincipals: principalNames are null -> invalid");
            return false;
        }
        if (this.principalsValidators.isEmpty()) {
            this.log.debug("areValidPrincipals: No active validators for principal names [{}] -> valid", iterable);
            return true;
        }
        for (ServicePrincipalsValidator servicePrincipalsValidator : this.principalsValidators) {
            if (servicePrincipalsValidator.isValid(iterable, str, str2)) {
                this.log.debug("areValidPrincipals: Validator {} accepts principal names [{}] -> valid", servicePrincipalsValidator, iterable);
                return true;
            }
        }
        this.log.debug("areValidPrincipals: No validator accepted principal names [{}] -> invalid", iterable);
        return false;
    }

    private Iterable<String> internalGetPrincipalNames(String str, String str2) {
        this.log.debug("internalGetPrincipalNames: {} active mappings, looking for mapping for {}/{}", Integer.valueOf(this.activeMappings.length), str, str2);
        for (Mapping mapping : this.activeMappings) {
            Iterable<String> mapPrincipals = mapping.mapPrincipals(str, str2);
            if (mapPrincipals != null) {
                this.log.debug("Got principalNames [{}] from {}/{}", mapPrincipals, str, str2);
                return mapPrincipals;
            }
        }
        this.log.debug("internalGetPrincipalNames: {} active mappings, looking for mapping for {}/<no subServiceName>", Integer.valueOf(this.activeMappings.length), str);
        for (Mapping mapping2 : this.activeMappings) {
            Iterable<String> mapPrincipals2 = mapping2.mapPrincipals(str, null);
            if (mapPrincipals2 != null) {
                this.log.debug("Got principalNames [{}] from {}/<no subServiceName>", mapPrincipals2, str);
                return mapPrincipals2;
            }
        }
        this.log.debug("internalGetPrincipalNames: no mapping found.");
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getServiceName(Bundle bundle) {
        return bundle.getSymbolicName();
    }

    @Override // org.apache.sling.serviceusermapping.ServiceUserMapper
    public List<Mapping> getActiveMappings() {
        return Collections.unmodifiableList(Arrays.asList(this.activeMappings));
    }
}
