package com.huawei.bigdata.om.web.security.iam.util;

import com.huawei.bigdata.om.acs.api.model.security.acs.user.ListGroupsByUserResponse;
import com.huawei.bigdata.om.client.Client;
import com.huawei.bigdata.om.common.utils.FileUtil;
import com.huawei.bigdata.om.common.utils.StringHelper;
import com.huawei.bigdata.om.controller.api.common.monitor.bean.UserPrivilageBean;
import com.huawei.bigdata.om.northbound.snmp.constdefinition.ConstDefinition;
import com.huawei.bigdata.om.web.security.iam.IAMLoginUserDetailsService;
import com.huawei.bigdata.om.web.security.iam.constant.IAMException;
import com.huawei.bigdata.om.web.security.iam.constant.IAMResourceException;
import com.huawei.bigdata.om.web.util.ApplicationConfiguration;
import com.huawei.bigdata.om.web.util.WebProperty;
import com.huawei.bigdata.om.web.util.WebSecurityUtil;
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:com/huawei/bigdata/om/web/security/iam/util/IAMUtil.class */
public class IAMUtil {
    static Properties iamPrivilegeIdToNameProperties;
    private static final String RESOURCE_ENCODING = "UTF-8";
    private static final String PRIVILEGE_ID_TO_NAME_PROPERTIES_FILE = "privilege-id-name.properties";
    private static final String PRIVILEGE_PATH_TO_ID_PROPERTIES_FILE = "privilege-path-to-id.properties";
    private static final String CONVERT_METRICGROUP_SPLIT = ",";
    private static Properties iamPrivilegePathToIdProperties;
    private static Properties iamPrivilegeIdToPathProperties;
    private static final Logger LOGGER = LoggerFactory.getLogger(IAMUtil.class);
    private static Map<String, Set<String>> resourcePrivilegesMap = new HashMap();
    private static RestTemplate restTemplate = new RestTemplate();
    private static UserDetails defaultUserDetails = null;
    private static Lock lock = new ReentrantLock();

    public static boolean isModifyPasswordCode(String str) {
        return "expireispwdmodify".equals(str) || "pwdmodify".equals(str);
    }

    public static boolean isLoginSuccessCode(String str) {
        return "success".equals(str) || isModifyPasswordCode(str) || "ispwdmodify".equals(str);
    }

    public static boolean isLogedin() {
        Authentication authentication;
        return (SecurityContextHolder.getContext() == null || (authentication = SecurityContextHolder.getContext().getAuthentication()) == null || !authentication.isAuthenticated() || authentication.getPrincipal() == null || authentication.getPrincipal().getClass() != IAMUserDetails.class) ? false : true;
    }

    public static String getCurrentLoginUsername() {
        String username = getUserDetails().getUsername();
        if (username == null) {
            throw new IAMException("username is null.");
        }
        return username;
    }

    public static String getCurrentLoginUserId() {
        String userId = getUserDetails().getUserId();
        if (userId == null) {
            throw new IAMException("userId is null.");
        }
        return userId;
    }

    public static IAMUserDetails getUserDetails() {
        LOGGER.debug("enter into getUserDetails");
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.getPrincipal() != null && authentication.getPrincipal().getClass() == IAMUserDetails.class) {
            IAMUserDetails iAMUserDetails = (IAMUserDetails) authentication.getPrincipal();
            iAMUserDetails.setRemoteAddress(((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress());
            return iAMUserDetails;
        }
        if (!WebSecurityUtil.isNotNeedSecurityControl()) {
            throw new IAMException("user details is null.");
        }
        lock.lock();
        try {
            try {
                if (defaultUserDetails == null) {
                    defaultUserDetails = new IAMLoginUserDetailsService().loadUserByUsername("admin");
                    ((IAMUserDetails) defaultUserDetails).setRemoteAddress(ConstDefinition.LOCAL_IP);
                }
                lock.unlock();
                return (IAMUserDetails) defaultUserDetails;
            } catch (Exception e) {
                throw new IAMException("default user details is null.");
            }
        } catch (Throwable th) {
            lock.unlock();
            throw th;
        }
    }

    public static Authentication getAuthentication() {
        if (null == SecurityContextHolder.getContext()) {
            LOGGER.error("Failed to getAuthentication of the current user: security context is null.");
            throw new IAMException("Failed to getAuthentication fo the current user: security context is null.");
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (null != authentication) {
            return authentication;
        }
        LOGGER.error("Failed to getAuthentication of the current user: authentication is null.");
        throw new IAMException("Failed to getAuthentication of the current user: authentication is null.");
    }

    public static String convertPrivilegeIdToName(String str, String str2) {
        if (!"en".equals(str2) && !"zh".equals(str2)) {
            throw new IAMResourceException("convertPrivilegeIdToName, locale not supported," + str2);
        }
        String str3 = str + "." + str2;
        String property = iamPrivilegeIdToNameProperties.getProperty(str3);
        if (null == property) {
            throw new IAMResourceException("convertPrivilegeIdToName failed, privilegeId not found:" + str3);
        }
        return property;
    }

    public static String convertPrivilegeIdToPath(String str) {
        return iamPrivilegeIdToPathProperties.getProperty(str);
    }

    public static String convertPrivilegePathToId(String str) {
        String property = iamPrivilegePathToIdProperties.getProperty(str);
        if (null == property) {
            throw new IAMResourceException("convertPrivilegePathToId failed, privilegePath not found:" + str);
        }
        return property;
    }

    /* JADX WARN: Removed duplicated region for block: B:48:0x0133 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.util.Properties loadIAMResource(java.lang.String r5, java.lang.String r6) {
        /*
            Method dump skipped, instructions count: 381
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.huawei.bigdata.om.web.security.iam.util.IAMUtil.loadIAMResource(java.lang.String, java.lang.String):java.util.Properties");
    }

    public static List<String> searchUserGroup(String str) {
        AnnotationConfigApplicationContext annotationConfigApplicationContext = new AnnotationConfigApplicationContext(new Class[]{ApplicationConfiguration.class});
        ArrayList arrayList = new ArrayList();
        try {
            ListGroupsByUserResponse listGroupsByUserResponse = (ListGroupsByUserResponse) restTemplate.getForObject(annotationConfigApplicationContext.getEnvironment().getProperty("acs.rest.server.url") + "/user/xml/listgn?username=" + URLEncoder.encode(str, RESOURCE_ENCODING), ListGroupsByUserResponse.class, new Object[0]);
            LOGGER.info("userInfo ,{}", listGroupsByUserResponse);
            if (listGroupsByUserResponse != null) {
                arrayList.addAll(listGroupsByUserResponse.getGroupNames());
            }
            return arrayList;
        } catch (UnsupportedEncodingException e) {
            LOGGER.error("The user name is invalid.");
            return arrayList;
        }
    }

    private static void initResourcePrivilegesProperties() {
        String str = WebProperty.getWebPropertyReader().getWebHome() + File.separator + ConstDefinition.RESOURCE_CONF_FILE_PATH;
        LOGGER.debug("resource to privileges config path:{}", StringHelper.replaceBlank(str));
        resourcePrivilegesMap.clear();
        Properties loadProperties = FileUtil.loadProperties(str);
        if (null == loadProperties) {
            LOGGER.error("Get resources from file failed.");
            return;
        }
        for (Map.Entry entry : loadProperties.entrySet()) {
            String str2 = (String) entry.getKey();
            String str3 = (String) entry.getValue();
            Set<String> set = resourcePrivilegesMap.get(str2);
            String[] split = str3.split(",");
            if (null != split) {
                for (String str4 : split) {
                    if (set != null) {
                        set.add(str4);
                    } else {
                        set = new HashSet();
                        set.add(str4);
                        resourcePrivilegesMap.put(str2, set);
                    }
                }
            }
        }
    }

    public static Set<String> convertUserPrivilegesToId(UserPrivilageBean userPrivilageBean) {
        if (userPrivilageBean == null) {
            return new HashSet();
        }
        ArrayList privilages = userPrivilageBean.getPrivilages();
        HashSet hashSet = new HashSet();
        Iterator it = privilages.iterator();
        while (it.hasNext()) {
            Set<String> set = resourcePrivilegesMap.get((String) it.next());
            if (set != null) {
                hashSet.addAll(set);
            }
        }
        return hashSet;
    }

    public static Set<String> getUserPrivleges(Client client, String str, String str2) {
        UserPrivilageBean userPrivilages = client.getUserPrivilages(str, str2);
        return userPrivilages == null ? new HashSet() : convertUserPrivilegesToId(userPrivilages);
    }

    public static Set<String> getAllUserPrivilegs(Client client, String str, String str2) {
        List<String> searchUserGroup = searchUserGroup(str);
        HashSet hashSet = new HashSet();
        Set<String> userPrivleges = getUserPrivleges(client, str, str2);
        if (searchUserGroup != null) {
            Iterator<String> it = searchUserGroup.iterator();
            while (it.hasNext()) {
                hashSet.addAll(getUserPrivleges(client, it.next(), "1"));
            }
        }
        userPrivleges.addAll(hashSet);
        return userPrivleges;
    }

    static {
        initResourcePrivilegesProperties();
        LOGGER.info("Initialize iamPrivilegeIdToNameProperties, iamPrivilegePathToIdProperties , and iamPrivilegeIdToPathProperties from resource files.");
        iamPrivilegeIdToNameProperties = loadIAMResource(PRIVILEGE_ID_TO_NAME_PROPERTIES_FILE, RESOURCE_ENCODING);
        iamPrivilegePathToIdProperties = loadIAMResource(PRIVILEGE_PATH_TO_ID_PROPERTIES_FILE, RESOURCE_ENCODING);
        iamPrivilegeIdToPathProperties = new Properties();
        for (Map.Entry entry : iamPrivilegePathToIdProperties.entrySet()) {
            iamPrivilegeIdToPathProperties.put(entry.getValue(), entry.getKey());
        }
    }
}
