package id.onyx.obdp.server.security.authentication.kerberos;

import id.onyx.obdp.server.configuration.Configuration;
import id.onyx.obdp.server.orm.entities.UserAuthenticationEntity;
import id.onyx.obdp.server.orm.entities.UserEntity;
import id.onyx.obdp.server.security.authentication.AccountDisabledException;
import id.onyx.obdp.server.security.authentication.AmbariAuthenticationException;
import id.onyx.obdp.server.security.authentication.InvalidUsernamePasswordCombinationException;
import id.onyx.obdp.server.security.authentication.OBDPUserDetailsImpl;
import id.onyx.obdp.server.security.authentication.TooManyLoginFailuresException;
import id.onyx.obdp.server.security.authentication.UserNotFoundException;
import id.onyx.obdp.server.security.authorization.User;
import id.onyx.obdp.server.security.authorization.UserAuthenticationType;
import id.onyx.obdp.server.security.authorization.Users;
import java.io.IOException;
import java.util.Collection;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:id/onyx/obdp/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.class */
public class AmbariAuthToLocalUserDetailsService implements UserDetailsService {
    private static final Logger LOG = LoggerFactory.getLogger(AmbariAuthToLocalUserDetailsService.class);
    private final Configuration configuration;
    private final Users users;
    private final String authToLocalRules;

    AmbariAuthToLocalUserDetailsService(Configuration configuration, Users users) {
        String authToLocalRules = configuration.getKerberosAuthenticationProperties().getAuthToLocalRules();
        authToLocalRules = StringUtils.isEmpty(authToLocalRules) ? "DEFAULT" : authToLocalRules;
        this.configuration = configuration;
        this.users = users;
        this.authToLocalRules = authToLocalRules;
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        Collection<UserAuthenticationEntity> userAuthenticationEntities = this.users.getUserAuthenticationEntities(UserAuthenticationType.KERBEROS, str);
        if (!CollectionUtils.isEmpty(userAuthenticationEntities)) {
            if (userAuthenticationEntities.size() != 1) {
                throw new AmbariAuthenticationException(Configuration.JDBC_IN_MEMORY_PASSWORD, "Unexpected error due to collisions on the principal name", false);
            }
            UserEntity user = userAuthenticationEntities.iterator().next().getUser();
            LOG.trace("Found KERBEROS authentication method for {} using principal {}", user.getUserName(), str);
            return createUserDetails(user);
        }
        String translatePrincipalName = translatePrincipalName(str);
        if (translatePrincipalName != null) {
            LOG.info("Translated {} to {} using auth-to-local rules during Kerberos authentication.", str, translatePrincipalName);
            return createUser(translatePrincipalName, str);
        }
        String format = String.format("Failed to translate %s to a local username during Kerberos authentication.", str);
        LOG.warn(format);
        throw new UsernameNotFoundException(format);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:10:0x0067. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:32:0x010a A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.springframework.security.core.userdetails.UserDetails createUser(java.lang.String r10, java.lang.String r11) throws org.springframework.security.core.AuthenticationException {
        /*
            Method dump skipped, instructions count: 329
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: id.onyx.obdp.server.security.authentication.kerberos.AmbariAuthToLocalUserDetailsService.createUser(java.lang.String, java.lang.String):org.springframework.security.core.userdetails.UserDetails");
    }

    private UserDetails createUserDetails(UserEntity userEntity) {
        String userName = userEntity.getUserName();
        try {
            this.users.validateLogin(userEntity, userName);
            return new OBDPUserDetailsImpl(new User(userEntity), null, this.users.getUserAuthorities(userEntity));
        } catch (AccountDisabledException | TooManyLoginFailuresException e) {
            if (this.configuration.showLockedOutUserMessage()) {
                throw e;
            }
            throw new InvalidUsernamePasswordCombinationException(userName, false, e);
        }
    }

    /* JADX WARN: Type inference failed for: r8v2, types: [java.lang.Throwable, id.onyx.obdp.server.security.authentication.UserNotFoundException] */
    public String translatePrincipalName(String str) {
        String shortName;
        if (!StringUtils.isNotEmpty(str) || !str.contains("@")) {
            return str;
        }
        try {
            synchronized (KerberosName.class) {
                KerberosName.setRules(this.authToLocalRules);
                shortName = new KerberosName(str).getShortName();
            }
            return shortName;
        } catch (UserNotFoundException e) {
            throw new UsernameNotFoundException(e.getMessage(), (Throwable) e);
        } catch (IOException e2) {
            String format = String.format("Failed to translate %s to a local username during Kerberos authentication: %s", str, e2.getLocalizedMessage());
            LOG.warn(format);
            throw new UsernameNotFoundException(format, e2);
        }
    }
}
