package net.corda.node.internal.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.login.FailedLoginException;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.jdk7.AutoCloseableKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import net.corda.core.context.AuthServiceId;
import net.corda.core.internal.NamedCacheFactory;
import net.corda.node.services.config.AuthDataSourceType;
import net.corda.node.services.config.NodeConfigurationImpl;
import net.corda.node.services.config.SecurityConfiguration;
import net.corda.nodeapi.internal.config.User;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: RPCSecurityManagerImpl.kt */
@Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = NodeConfigurationImpl.Defaults.lazyBridgeStart, d1 = {"��F\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0002\u0018�� \u00172\u00020\u0001:\u0001\u0017B\u0019\u0012\n\u0010\u0002\u001a\u00060\u0003j\u0002`\u0004\u0012\u0006\u0010\u0005\u001a\u00020\u0006¢\u0006\u0002\u0010\u0007J\u0018\u0010\u000e\u001a\u00020\u000f2\u0006\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u0013H\u0016J\u0010\u0010\u0014\u001a\u00020\u000f2\u0006\u0010\u0010\u001a\u00020\u0011H\u0016J\b\u0010\u0015\u001a\u00020\u0016H\u0016R\u0014\u0010\b\u001a\u00020\tX\u0096\u0004¢\u0006\b\n��\u001a\u0004\b\n\u0010\u000bR\u000e\u0010\f\u001a\u00020\rX\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0018"}, d2 = {"Lnet/corda/node/internal/security/RPCSecurityManagerImpl;", "Lnet/corda/node/internal/security/RPCSecurityManager;", "config", "Lnet/corda/node/services/config/SecurityConfiguration$AuthService;", "Lnet/corda/node/internal/security/AuthServiceConfig;", "cacheFactory", "Lnet/corda/core/internal/NamedCacheFactory;", "(Lnet/corda/node/services/config/SecurityConfiguration$AuthService;Lnet/corda/core/internal/NamedCacheFactory;)V", "id", "Lnet/corda/core/context/AuthServiceId;", "getId", "()Lnet/corda/core/context/AuthServiceId;", "manager", "Lorg/apache/shiro/mgt/DefaultSecurityManager;", "authenticate", "Lnet/corda/node/internal/security/AuthorizingSubject;", "principal", "", "password", "Lnet/corda/node/internal/security/Password;", "buildSubject", "close", "", "Companion", "node"})
/* loaded from: input_file:net/corda/node/internal/security/RPCSecurityManagerImpl.class */
public final class RPCSecurityManagerImpl implements RPCSecurityManager {

    @NotNull
    private final AuthServiceId id;
    private final DefaultSecurityManager manager;
    private static final Logger logger;
    public static final Companion Companion = new Companion(null);

    /* compiled from: RPCSecurityManagerImpl.kt */
    @Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = NodeConfigurationImpl.Defaults.lazyBridgeStart, d1 = {"��(\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u001c\u0010\u0005\u001a\u00020\u00062\n\u0010\u0007\u001a\u00060\bj\u0002`\t2\u0006\u0010\n\u001a\u00020\u000bH\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\u0002\n��¨\u0006\f"}, d2 = {"Lnet/corda/node/internal/security/RPCSecurityManagerImpl$Companion;", "", "()V", "logger", "Lorg/slf4j/Logger;", "buildImpl", "Lorg/apache/shiro/mgt/DefaultSecurityManager;", "config", "Lnet/corda/node/services/config/SecurityConfiguration$AuthService;", "Lnet/corda/node/internal/security/AuthServiceConfig;", "cacheFactory", "Lnet/corda/core/internal/NamedCacheFactory;", "node"})
    /* loaded from: input_file:net/corda/node/internal/security/RPCSecurityManagerImpl$Companion.class */
    public static final class Companion {

        @Metadata(mv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, NodeConfigurationImpl.Defaults.lazyBridgeStart, 11}, bv = {NodeConfigurationImpl.Defaults.lazyBridgeStart, 0, 2}, k = 3)
        /* loaded from: input_file:net/corda/node/internal/security/RPCSecurityManagerImpl$Companion$WhenMappings.class */
        public final /* synthetic */ class WhenMappings {
            public static final /* synthetic */ int[] $EnumSwitchMapping$0 = new int[AuthDataSourceType.values().length];

            static {
                $EnumSwitchMapping$0[AuthDataSourceType.DB.ordinal()] = 1;
                $EnumSwitchMapping$0[AuthDataSourceType.INMEMORY.ordinal()] = 2;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final DefaultSecurityManager buildImpl(SecurityConfiguration.AuthService authService, NamedCacheFactory namedCacheFactory) {
            AuthorizingRealm inMemoryRealm;
            CaffeineCacheManager caffeineCacheManager;
            SecurityConfiguration.AuthService.Options.Cache cache;
            switch (WhenMappings.$EnumSwitchMapping$0[authService.getDataSource().getType().ordinal()]) {
                case NodeConfigurationImpl.Defaults.lazyBridgeStart /* 1 */:
                    RPCSecurityManagerImpl.logger.info("Constructing DB-backed security data source: " + authService.getDataSource().getConnection());
                    inMemoryRealm = new NodeJdbcRealm(authService.getDataSource());
                    break;
                case 2:
                    Logger logger = RPCSecurityManagerImpl.logger;
                    StringBuilder append = new StringBuilder().append("Constructing realm from list of users in config ");
                    List<User> users = authService.getDataSource().getUsers();
                    if (users == null) {
                        Intrinsics.throwNpe();
                    }
                    logger.info(append.append(users).toString());
                    inMemoryRealm = new InMemoryRealm(authService.getDataSource().getUsers(), authService.getId().getValue(), authService.getDataSource().getPasswordEncryption());
                    break;
                default:
                    throw new NoWhenBranchMatchedException();
            }
            DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager((Realm) inMemoryRealm);
            DefaultSecurityManager defaultSecurityManager2 = defaultSecurityManager;
            SecurityConfiguration.AuthService.Options options = authService.getOptions();
            if (options == null || (cache = options.getCache()) == null) {
                caffeineCacheManager = null;
            } else {
                defaultSecurityManager2 = defaultSecurityManager2;
                caffeineCacheManager = new CaffeineCacheManager(cache.getMaxEntries(), cache.getExpireAfterSecs(), namedCacheFactory);
            }
            defaultSecurityManager2.setCacheManager(caffeineCacheManager);
            return defaultSecurityManager;
        }

        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    @Override // net.corda.node.internal.security.RPCSecurityManager
    @NotNull
    public AuthServiceId getId() {
        return this.id;
    }

    @Override // net.corda.node.internal.security.RPCSecurityManager
    @NotNull
    public AuthorizingSubject authenticate(@NotNull String str, @NotNull Password password) throws FailedLoginException {
        Intrinsics.checkParameterIsNotNull(str, "principal");
        Intrinsics.checkParameterIsNotNull(password, "password");
        Password password2 = password;
        Throwable th = (Throwable) null;
        try {
            try {
                this.manager.authenticate(new UsernamePasswordToken(str, password2.getValue()));
                ShiroAuthorizingSubject shiroAuthorizingSubject = new ShiroAuthorizingSubject(new SimplePrincipalCollection(str, getId().getValue()), this.manager);
                AutoCloseableKt.closeFinally(password2, th);
                return shiroAuthorizingSubject;
            } catch (AuthenticationException e) {
                throw new FailedLoginException(e.toString());
            }
        } catch (Throwable th2) {
            AutoCloseableKt.closeFinally(password2, th);
            throw th2;
        }
    }

    @Override // net.corda.node.internal.security.RPCSecurityManager
    @NotNull
    public AuthorizingSubject buildSubject(@NotNull String str) {
        Intrinsics.checkParameterIsNotNull(str, "principal");
        return new ShiroAuthorizingSubject(new SimplePrincipalCollection(str, getId().getValue()), this.manager);
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        Collection realms = this.manager.getRealms();
        if (realms != null) {
            Collection collection = realms;
            ArrayList arrayList = new ArrayList();
            for (Object obj : collection) {
                if (obj instanceof AutoCloseable) {
                    arrayList.add(obj);
                }
            }
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                ((AutoCloseable) it.next()).close();
            }
        }
        this.manager.destroy();
    }

    public RPCSecurityManagerImpl(@NotNull SecurityConfiguration.AuthService authService, @NotNull NamedCacheFactory namedCacheFactory) {
        Intrinsics.checkParameterIsNotNull(authService, "config");
        Intrinsics.checkParameterIsNotNull(namedCacheFactory, "cacheFactory");
        this.id = authService.getId();
        this.manager = Companion.buildImpl(authService, namedCacheFactory);
    }

    static {
        Logger logger2 = LoggerFactory.getLogger(RPCSecurityManagerImpl.class);
        Intrinsics.checkExpressionValueIsNotNull(logger2, "LoggerFactory.getLogger(T::class.java)");
        logger = logger2;
    }
}
