package org.elasticsearch.hadoop.security;

import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.elasticsearch.hadoop.EsHadoopException;
import org.elasticsearch.hadoop.cfg.Settings;
import org.elasticsearch.hadoop.util.ClusterName;

/* loaded from: input_file:org/elasticsearch/hadoop/security/JdkUser.class */
public class JdkUser implements User {
    private final Subject subject;
    private final Settings providerSettings;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/elasticsearch/hadoop/security/JdkUser$EsTokenHolder.class */
    public static class EsTokenHolder {
        private Map<String, EsToken> creds = new HashMap();

        EsTokenHolder() {
        }

        EsToken getCred(String str) {
            return this.creds.get(str);
        }

        Collection<EsToken> getCreds() {
            return this.creds.values();
        }

        void setCred(String str, EsToken esToken) {
            this.creds.put(str, esToken);
        }
    }

    public JdkUser(Subject subject, Settings settings) {
        this.subject = subject;
        this.providerSettings = settings;
    }

    @Override // org.elasticsearch.hadoop.security.User
    public <T> T doAs(PrivilegedAction<T> privilegedAction) {
        return (T) Subject.doAs(this.subject, privilegedAction);
    }

    @Override // org.elasticsearch.hadoop.security.User
    public <T> T doAs(PrivilegedExceptionAction<T> privilegedExceptionAction) throws EsHadoopException {
        try {
            return (T) Subject.doAs(this.subject, privilegedExceptionAction);
        } catch (PrivilegedActionException e) {
            if (e.getCause() instanceof EsHadoopException) {
                throw ((EsHadoopException) e.getCause());
            }
            throw new EsHadoopException(e.getCause());
        }
    }

    @Override // org.elasticsearch.hadoop.security.User
    public EsToken getEsToken(String str) {
        if (str == null || str.equals("") || str.equals(ClusterName.UNNAMED_CLUSTER_NAME)) {
            return null;
        }
        Set privateCredentials = this.subject.getPrivateCredentials(EsTokenHolder.class);
        if (privateCredentials.isEmpty()) {
            return null;
        }
        return ((EsTokenHolder) privateCredentials.iterator().next()).getCred(str);
    }

    @Override // org.elasticsearch.hadoop.security.User
    public Iterable<EsToken> getAllEsTokens() {
        Set privateCredentials = this.subject.getPrivateCredentials(EsTokenHolder.class);
        if (privateCredentials.isEmpty()) {
            return Collections.emptyList();
        }
        EsTokenHolder esTokenHolder = (EsTokenHolder) privateCredentials.iterator().next();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(esTokenHolder.getCreds());
        return Collections.unmodifiableList(arrayList);
    }

    @Override // org.elasticsearch.hadoop.security.User
    public void addEsToken(EsToken esToken) {
        EsTokenHolder esTokenHolder;
        Iterator it = this.subject.getPrivateCredentials(EsTokenHolder.class).iterator();
        if (it.hasNext()) {
            esTokenHolder = (EsTokenHolder) it.next();
        } else {
            esTokenHolder = new EsTokenHolder();
            this.subject.getPrivateCredentials().add(esTokenHolder);
        }
        esTokenHolder.setCred(esToken.getClusterName(), esToken);
    }

    @Override // org.elasticsearch.hadoop.security.User
    public String getUserName() {
        KerberosPrincipal kerberosPrincipal = getKerberosPrincipal();
        if (kerberosPrincipal == null) {
            return null;
        }
        return kerberosPrincipal.getName();
    }

    @Override // org.elasticsearch.hadoop.security.User
    public KerberosPrincipal getKerberosPrincipal() {
        Iterator it = this.subject.getPrincipals(KerberosPrincipal.class).iterator();
        if (it.hasNext()) {
            return (KerberosPrincipal) it.next();
        }
        return null;
    }

    @Override // org.elasticsearch.hadoop.security.User
    public boolean isProxyUser() {
        return false;
    }

    @Override // org.elasticsearch.hadoop.security.User
    public UserProvider getRealUserProvider() {
        JdkUserProvider jdkUserProvider = new JdkUserProvider();
        jdkUserProvider.setSettings(this.providerSettings);
        return jdkUserProvider;
    }

    public String toString() {
        return "JdkUser{subject=" + this.subject + '}';
    }
}
