package org.geoserver.security;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.apache.batik.util.XMLConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.geoserver.security.impl.RESTAccessRuleDAO;
import org.geowebcache.rest.RESTDispatcher;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
import org.springframework.security.util.StringSplitUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.support.WebContentGenerator;

/* loaded from: input_file:WEB-INF/lib/main-2.1.4-TECGRAF-2.jar:org/geoserver/security/RESTfulDefinitionSource.class */
public class RESTfulDefinitionSource implements FilterInvocationDefinitionSource {
    private static Log log = LogFactory.getLog(RESTfulDefinitionSource.class);
    private static final String[] validMethodNames = {WebContentGenerator.METHOD_GET, RESTDispatcher.METHOD_PUT, "DELETE", WebContentGenerator.METHOD_POST};
    private RESTfulPathBasedFilterInvocationDefinitionMap delegate;
    private RESTAccessRuleDAO dao;

    /* loaded from: input_file:WEB-INF/lib/main-2.1.4-TECGRAF-2.jar:org/geoserver/security/RESTfulDefinitionSource$RESTfulDefinitionSourceMapping.class */
    public static class RESTfulDefinitionSourceMapping {
        private String url = null;
        private List configAttributes = new ArrayList();
        private String[] httpMethods = null;

        public void setHttpMethods(String[] strArr) {
            this.httpMethods = strArr;
        }

        public String[] getHttpMethods() {
            return this.httpMethods;
        }

        public void setUrl(String str) {
            this.url = str;
        }

        public String getUrl() {
            return this.url;
        }

        public void setConfigAttributes(List list) {
            this.configAttributes = list;
        }

        public List getConfigAttributes() {
            return this.configAttributes;
        }

        public void addConfigAttribute(String str) {
            this.configAttributes.add(str);
        }
    }

    @Override // org.springframework.security.intercept.ObjectDefinitionSource
    public ConfigAttributeDefinition getAttributes(Object obj) throws IllegalArgumentException {
        if (obj == null || !supports(obj.getClass())) {
            throw new IllegalArgumentException("Object must be a FilterInvocation");
        }
        String requestUrl = ((FilterInvocation) obj).getRequestUrl();
        return delegate().lookupAttributes(cleanURL(requestUrl), ((FilterInvocation) obj).getHttpRequest().getMethod());
    }

    public ConfigAttributeDefinition lookupAttributes(String str) {
        throw new IllegalArgumentException("lookupAttributes(String url) is INVALID for RESTfulDefinitionSource");
    }

    public ConfigAttributeDefinition lookupAttributes(String str, String str2) {
        return delegate().lookupAttributes(cleanURL(str), str2);
    }

    @Override // org.springframework.security.intercept.ObjectDefinitionSource
    public Collection getConfigAttributeDefinitions() {
        return delegate().getConfigAttributeDefinitions();
    }

    @Override // org.springframework.security.intercept.ObjectDefinitionSource
    public boolean supports(Class cls) {
        return FilterInvocation.class.isAssignableFrom(cls);
    }

    public RESTfulDefinitionSource(String str) throws IllegalArgumentException {
        this.delegate = null;
        this.delegate = new RESTfulPathBasedFilterInvocationDefinitionMap();
        processPathList(str);
    }

    public RESTfulDefinitionSource(RESTAccessRuleDAO rESTAccessRuleDAO) {
        this.delegate = null;
        this.dao = rESTAccessRuleDAO;
        rESTAccessRuleDAO.reload();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11 */
    /* JADX WARN: Type inference failed for: r0v2 */
    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable] */
    RESTfulPathBasedFilterInvocationDefinitionMap delegate() {
        if (this.delegate == null || this.dao.isModified()) {
            ?? r0 = this;
            synchronized (r0) {
                this.delegate = new RESTfulPathBasedFilterInvocationDefinitionMap();
                Iterator<String> it2 = this.dao.getRules().iterator();
                while (it2.hasNext()) {
                    processPathList(it2.next());
                }
                r0 = r0;
            }
        }
        return this.delegate;
    }

    private void processPathList(String str) throws IllegalArgumentException {
        String trim;
        this.delegate.setConvertUrlToLowercaseBeforeComparison(true);
        BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
        int i = 0;
        ArrayList arrayList = new ArrayList();
        while (true) {
            i++;
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    setMappings(arrayList);
                    return;
                }
                trim = readLine.trim();
                if (log.isDebugEnabled()) {
                    log.debug("Line " + i + ": " + trim);
                }
                if (!trim.startsWith("//") && trim.lastIndexOf(61) != -1) {
                    if (trim.lastIndexOf("==") != -1) {
                        throw new IllegalArgumentException("Only single equals should be used in line " + trim);
                    }
                    String substringBeforeLast = StringSplitUtils.substringBeforeLast(trim, XMLConstants.XML_EQUAL_SIGN);
                    String substringAfterLast = StringSplitUtils.substringAfterLast(trim, XMLConstants.XML_EQUAL_SIGN);
                    if (!StringUtils.hasText(substringBeforeLast) || !StringUtils.hasText(substringAfterLast)) {
                        break;
                    }
                    String str2 = substringBeforeLast;
                    String str3 = null;
                    int indexOf = substringBeforeLast.indexOf(":");
                    if (log.isDebugEnabled()) {
                        log.debug("~~~~~~~~~~ name= " + substringBeforeLast + " firstColonIndex= " + indexOf);
                    }
                    if (indexOf != -1) {
                        str2 = substringBeforeLast.substring(0, indexOf);
                        str3 = substringBeforeLast.substring(indexOf + 1, substringBeforeLast.length());
                    }
                    if (log.isDebugEnabled()) {
                        log.debug("~~~~~~~~~~ name= " + substringBeforeLast + " antPath= " + str2 + " methods= " + str3);
                    }
                    String[] strArr = (String[]) null;
                    if (str3 != null) {
                        strArr = str3.split(",");
                        for (int i2 = 0; i2 < strArr.length; i2++) {
                            boolean z = false;
                            int i3 = 0;
                            while (true) {
                                if (i3 >= validMethodNames.length) {
                                    break;
                                }
                                if (strArr[i2].equals(validMethodNames[i3])) {
                                    z = true;
                                    break;
                                }
                                i3++;
                            }
                            if (!z) {
                                throw new IllegalArgumentException("The HTTP Method Name (" + strArr[i2] + " does NOT equal a valid name (GET,PUT,POST,DELETE)");
                            }
                        }
                    }
                    if (log.isDebugEnabled()) {
                        log.debug("methodList = " + strArr);
                        if (strArr != null) {
                            for (int i4 = 0; i4 < strArr.length; i4++) {
                                log.debug("method[" + i4 + "]: " + strArr[i4]);
                            }
                        }
                    }
                    for (int i5 = 0; i5 < str2.length(); i5++) {
                        String substring = str2.substring(i5, i5 + 1);
                        if (!substring.toLowerCase().equals(substring)) {
                            throw new IllegalArgumentException("You are using Ant Paths, yet you have specified an uppercase character in line: " + trim + " (character '" + substring + "')");
                        }
                    }
                    RESTfulDefinitionSourceMapping rESTfulDefinitionSourceMapping = new RESTfulDefinitionSourceMapping();
                    rESTfulDefinitionSourceMapping.setUrl(str2);
                    rESTfulDefinitionSourceMapping.setHttpMethods(strArr);
                    for (String str4 : StringUtils.commaDelimitedListToStringArray(substringAfterLast)) {
                        rESTfulDefinitionSourceMapping.addConfigAttribute(str4.trim());
                    }
                    arrayList.add(rESTfulDefinitionSourceMapping);
                }
            } catch (IOException e) {
                throw new IllegalArgumentException(e.getMessage());
            }
        }
        throw new IllegalArgumentException("Failed to parse a valid name/value pair from " + trim);
    }

    public void setMappings(List list) {
        Iterator it2 = list.iterator();
        while (it2.hasNext()) {
            RESTfulDefinitionSourceMapping rESTfulDefinitionSourceMapping = (RESTfulDefinitionSourceMapping) it2.next();
            String[] strArr = new String[rESTfulDefinitionSourceMapping.getConfigAttributes().size()];
            rESTfulDefinitionSourceMapping.configAttributes.toArray(strArr);
            this.delegate.addSecureUrl(rESTfulDefinitionSourceMapping.getUrl(), rESTfulDefinitionSourceMapping.getHttpMethods(), new ConfigAttributeDefinition(strArr));
        }
    }

    String cleanURL(String str) {
        return str.replaceAll("/+$", "");
    }
}
