package com.apusic.security;

import com.apusic.corba.ORBManager;
import com.apusic.security.auth.login.PasswordCredential;
import com.apusic.server.VMOptions;
import com.apusic.util.StringManager;
import java.rmi.RemoteException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.acl.Group;
import java.security.cert.CertPath;
import java.util.Set;
import java.util.regex.Pattern;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.kerberos.KerberosTicket;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:com/apusic/security/Security.class */
public final class Security {
    public static final String ADMIN_GROUP_NAME = "administrators";
    private static Principal currentUser;
    public static final Principal ADMIN = new PrincipalImpl("admin");
    public static final Principal CLUSTER_ADMIN = new PrincipalImpl("clusterAdmin");
    public static final Group EVERYONE = new Everyone("everyone");
    public static String customAdminName = ADMIN.getName();
    public static String customAdminpwd = ADMIN.getName() + "_aas";
    public static final Principal ANONYMOUS = new PrincipalImpl("*anonymous*");
    public static final Principal SERVER = new PrincipalImpl("*server*");
    static SecurityController primary = null;
    private static boolean creatingPrimary = false;
    private static ThreadLocal<String> realmContext = new ThreadLocal<>();
    private static ThreadLocal<Boolean> encryptedContext = new ThreadLocal<>();
    private static String defaultRealm = null;
    private static StringManager sm = StringManager.getManager();

    private Security() {
    }

    public static SecurityController getSecurityController() {
        return primary != null ? primary : (SecurityController) getSubjectCredential(SecurityController.class);
    }

    public static synchronized SecurityController getPrimarySecurityController() {
        if (primary != null) {
            return primary;
        }
        if (creatingPrimary) {
            return null;
        }
        String property = System.getProperty("com.apusic.security.authHost");
        String property2 = System.getProperty("com.apusic.security.authPort");
        if (property == null) {
            return null;
        }
        try {
            if (property2 == null) {
                return null;
            }
            try {
                creatingPrimary = true;
                primary = ORBManager.getORB(property, Integer.parseInt(property2)).resolve_initial_references("SecurityController");
                creatingPrimary = false;
            } catch (Exception e) {
                primary = null;
                creatingPrimary = false;
            }
            return primary;
        } catch (Throwable th) {
            creatingPrimary = false;
            throw th;
        }
    }

    public static SecurityAdmin getSecurityAdmin() {
        return (SecurityAdmin) getSecurityController();
    }

    public static <T extends Principal> T getSubjectPrincipal(final Class<T> cls) {
        final AccessControlContext context = AccessController.getContext();
        return (T) AccessController.doPrivileged(new PrivilegedAction<T>() { // from class: com.apusic.security.Security.1
            /* JADX WARN: Incorrect return type in method signature: ()TT; */
            @Override // java.security.PrivilegedAction
            public Principal run() {
                Subject subject = Subject.getSubject(context);
                if (subject == null) {
                    return null;
                }
                Set principals = subject.getPrincipals(cls);
                if (principals.isEmpty()) {
                    return null;
                }
                return (Principal) principals.iterator().next();
            }
        });
    }

    public static Principal getSubjectPrincipal() {
        Principal subjectPrincipal = getSubjectPrincipal(PrincipalImpl.class);
        if (subjectPrincipal != null) {
            return subjectPrincipal;
        }
        Principal subjectPrincipal2 = getSubjectPrincipal(X500Principal.class);
        if (subjectPrincipal2 != null) {
            return subjectPrincipal2;
        }
        Principal subjectPrincipal3 = getSubjectPrincipal(KerberosPrincipal.class);
        if (subjectPrincipal3 != null) {
            return subjectPrincipal3;
        }
        return null;
    }

    public static <T> T getSubjectCredential(final Class<T> cls) {
        final AccessControlContext context = AccessController.getContext();
        return (T) AccessController.doPrivileged(new PrivilegedAction<T>() { // from class: com.apusic.security.Security.2
            @Override // java.security.PrivilegedAction
            public T run() {
                Subject subject = Subject.getSubject(context);
                if (subject == null) {
                    return null;
                }
                Set<T> privateCredentials = subject.getPrivateCredentials(cls);
                if (!privateCredentials.isEmpty()) {
                    return privateCredentials.iterator().next();
                }
                Set<T> publicCredentials = subject.getPublicCredentials(cls);
                if (publicCredentials.isEmpty()) {
                    return null;
                }
                return publicCredentials.iterator().next();
            }
        });
    }

    public static Object getSubjectCredential() {
        Object subjectCredential = getSubjectCredential(PasswordCredential.class);
        if (subjectCredential != null) {
            return subjectCredential;
        }
        Object subjectCredential2 = getSubjectCredential(CertPath.class);
        if (subjectCredential2 != null) {
            return subjectCredential2;
        }
        Object subjectCredential3 = getSubjectCredential(KerberosTicket.class);
        if (subjectCredential3 != null) {
            return subjectCredential3;
        }
        return null;
    }

    public static Principal getCurrentUser() {
        if (currentUser != null) {
            return currentUser;
        }
        Principal currentUser2 = primary != null ? primary.getCurrentUser() : getSubjectPrincipal();
        if (currentUser2 == null) {
            currentUser2 = ANONYMOUS;
            String str = realmContext.get();
            if (str == null) {
                str = getDefaultRealm();
            }
            ((PrincipalImpl) currentUser2).setRealmName(str);
        }
        return currentUser2;
    }

    public static void setCurrentUser(Principal principal) {
        currentUser = principal;
    }

    public static String getDefaultRealm() {
        return defaultRealm;
    }

    public static void setDefaultRealm(String str) {
        defaultRealm = str;
        ((PrincipalImpl) ADMIN).setRealmName(str);
        ((PrincipalImpl) CLUSTER_ADMIN).setRealmName(str);
    }

    public static String getCurrentRealm() {
        return realmContext.get();
    }

    public static void setCurrentRealm(String str) {
        if (str == null) {
            str = defaultRealm;
        }
        realmContext.set(str);
    }

    public static boolean getPwdTransEncrypted() {
        Boolean bool = encryptedContext.get();
        if (bool != null) {
            return bool.booleanValue();
        }
        return true;
    }

    public static void setPwdTransEncrypted(boolean z) {
        encryptedContext.set(Boolean.valueOf(z));
    }

    public static Principal getPrincipal(String str) throws RemoteException {
        SecurityController securityController = getSecurityController();
        if (securityController != null) {
            return securityController.getPrincipal(str);
        }
        return null;
    }

    public static Principal getUser(String str) throws RemoteException {
        SecurityController securityController = getSecurityController();
        if (securityController != null) {
            return securityController.getUser(str);
        }
        return null;
    }

    public static Group getGroup(String str) throws RemoteException {
        SecurityController securityController = getSecurityController();
        if (securityController != null) {
            return securityController.getGroup(str);
        }
        return null;
    }

    public static boolean checkPasswordComplexity(String str) throws SecurityAdminException {
        int minLengthOfPassword = VMOptions.minLengthOfPassword();
        if (str.length() < minLengthOfPassword) {
            throw new SecurityAdminException(sm.get("password.invalid.length", String.valueOf(minLengthOfPassword)));
        }
        if (!VMOptions.isCheckPasswordComplexity()) {
            return true;
        }
        Pattern compile = Pattern.compile(".*[a-z]+.*");
        Pattern compile2 = Pattern.compile(".*[A-Z]+.*");
        Pattern compile3 = Pattern.compile(".*[0-9]+.*");
        Pattern compile4 = Pattern.compile(".*[^a-zA-Z0-9]+.*");
        int i = 0;
        if (compile.matcher(str).matches()) {
            i = 0 + 1;
        }
        if (compile2.matcher(str).matches()) {
            i++;
        }
        if (compile3.matcher(str).matches()) {
            i++;
        }
        if (compile4.matcher(str).matches()) {
            i++;
        }
        if (i < 3) {
            throw new SecurityAdminException(sm.get("password.invalid.complexity"));
        }
        return true;
    }
}
