package org.apache.kerby.kerberos.tool.admin.local;

import java.io.File;
import java.io.IOException;
import java.security.Principal;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.login.LoginException;
import org.apache.kerby.KOptions;
import org.apache.kerby.has.common.HasException;
import org.apache.kerby.has.server.admin.LocalHadmin;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.admin.kadmin.KadminOption;
import org.apache.kerby.kerberos.kerb.admin.kadmin.local.LocalKadmin;
import org.apache.kerby.kerberos.kerb.admin.kadmin.local.LocalKadminImpl;
import org.apache.kerby.kerberos.tool.admin.local.cmd.AddPrincipalsCommand;
import org.apache.kerby.kerberos.tool.admin.local.cmd.DeployHTTPSCertsCommand;
import org.apache.kerby.kerberos.tool.admin.local.cmd.DisableConfigureCommand;
import org.apache.kerby.kerberos.tool.admin.local.cmd.EnableConfigureCommand;
import org.apache.kerby.kerberos.tool.admin.local.cmd.ExportKeytabsCommand;
import org.apache.kerby.kerberos.tool.admin.local.cmd.GetHostRolesCommand;
import org.apache.kerby.kerberos.tool.admin.local.cmd.HadminCommand;
import org.apache.kerby.kerberos.tool.admin.local.cmd.KeytabCommand;
import org.apache.kerby.kerberos.tool.kadmin.AuthUtil;
import org.apache.kerby.kerberos.tool.kadmin.Krb5Conf;
import org.apache.kerby.kerberos.tool.kadmin.ToolUtil;
import org.apache.kerby.kerberos.tool.kadmin.command.AddPrincipalCommand;
import org.apache.kerby.kerberos.tool.kadmin.command.ChangePasswordCommand;
import org.apache.kerby.kerberos.tool.kadmin.command.DeletePrincipalCommand;
import org.apache.kerby.kerberos.tool.kadmin.command.GetPrincipalCommand;
import org.apache.kerby.kerberos.tool.kadmin.command.KeytabAddCommand;
import org.apache.kerby.kerberos.tool.kadmin.command.ListPrincipalCommand;
import org.apache.kerby.kerberos.tool.kadmin.command.RenamePrincipalCommand;
import org.apache.kerby.util.OSUtil;
import org.jline.reader.LineReader;
import org.jline.reader.LineReaderBuilder;
import org.jline.reader.impl.completer.StringsCompleter;
import org.jline.terminal.Terminal;
import org.jline.terminal.TerminalBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/kerby/kerberos/tool/admin/local/AdminLocalTool.class */
public class AdminLocalTool {
    private static final Logger LOG = LoggerFactory.getLogger(AdminLocalTool.class);
    private static File confDir;
    private static final String PROMPT = "admin.local";
    private static final String USAGE;
    private static final String LEGAL_COMMANDS = "Available commands are: \nadd_principal, addprinc\n                         Add principal\ndelete_principal, delprinc\n                         Delete principal\nrename_principal, renprinc\n                         Rename principal\nchange_password, cpw\n                         Change password\nget_principal, getprinc\n                         Get principal\nlist_principals, listprincs\n                         List principals\nktadd, xst\n                         Add entry(s) to a keytab\nget_hostroles, hostroles\n                         Get hostRoles\nexport_keytabs, expkeytabs\n                         Export keytabs\ncreate_principals, creprincs\n                         Create principals\nenable_configure, enable\n                         Enable configure\ndisable_configure, disable\n                         Disable configure\nkeytab\n                         Add principals, export keytabs, and deploy keytabs\ndeploy_https, dephttps\n                         Deploy https\n";

    private static void printUsage(String str) {
        System.err.println(str + "\n");
        System.err.println(USAGE);
        System.exit(-1);
    }

    private static void execute(LocalKadmin localKadmin, LocalHadmin localHadmin, String str) throws HasException {
        String trim = str.trim();
        if (trim.startsWith("cmd")) {
            System.out.println(LEGAL_COMMANDS);
            return;
        }
        String[] split = trim.split("\\s+");
        String str2 = split[0];
        HadminCommand hadminCommand = null;
        KeytabAddCommand keytabAddCommand = null;
        if (str2.startsWith("add_principal") || str2.startsWith("addprinc")) {
            keytabAddCommand = new AddPrincipalCommand(localKadmin);
        } else if (str2.startsWith("delete_principal") || str2.startsWith("delprinc")) {
            keytabAddCommand = new DeletePrincipalCommand(localKadmin);
        } else if (str2.startsWith("rename_principal") || str2.startsWith("renprinc")) {
            keytabAddCommand = new RenamePrincipalCommand(localKadmin);
        } else if (str2.startsWith("change_password") || str2.startsWith("cpw")) {
            keytabAddCommand = new ChangePasswordCommand(localKadmin);
        } else if (str2.startsWith("list_principals") || str2.startsWith("listprincs")) {
            keytabAddCommand = new ListPrincipalCommand(localKadmin);
        } else if (str2.startsWith("get_principal") || str2.startsWith("getprinc")) {
            keytabAddCommand = new GetPrincipalCommand(localKadmin);
        } else if (str2.startsWith("ktadd") || str2.startsWith("xst")) {
            keytabAddCommand = new KeytabAddCommand(localKadmin);
        } else if (str2.startsWith("get_hostroles") || str2.startsWith("hostroles")) {
            hadminCommand = new GetHostRolesCommand(localHadmin);
        } else if (str2.startsWith("create_principals") || str2.startsWith("creprincs")) {
            hadminCommand = new AddPrincipalsCommand(localHadmin);
        } else if (str2.startsWith("export_keytabs") || str2.startsWith("expkeytabs")) {
            hadminCommand = new ExportKeytabsCommand(localHadmin);
        } else if (str2.startsWith("enable_configure") || str2.startsWith("enable")) {
            hadminCommand = new EnableConfigureCommand(localHadmin);
        } else if (str2.startsWith("disable_configure") || str2.startsWith("disable")) {
            hadminCommand = new DisableConfigureCommand(localHadmin);
        } else if (str2.startsWith("keytab")) {
            hadminCommand = new KeytabCommand(localHadmin);
        } else {
            if (!str2.startsWith("deploy_https") && !str2.startsWith("dephttps")) {
                System.out.println(LEGAL_COMMANDS);
                return;
            }
            hadminCommand = new DeployHTTPSCertsCommand(localHadmin);
        }
        if (keytabAddCommand != null) {
            keytabAddCommand.execute(trim);
        } else if (hadminCommand != null) {
            hadminCommand.execute(split);
        }
    }

    private static File getConfDir(String[] strArr) {
        String str;
        confDir = new File(strArr[0]);
        if (confDir == null || !confDir.exists()) {
            try {
                str = System.getenv().get("KRB5_KDC_DIR");
            } catch (SecurityException e) {
                str = null;
            }
            if (str != null) {
                confDir = new File(str);
            } else {
                confDir = new File("/etc/kerby/");
            }
            if (!confDir.exists()) {
                throw new RuntimeException("Can not locate KDC backend directory " + confDir.getAbsolutePath());
            }
        }
        LOG.info("Conf dir:" + confDir.getAbsolutePath());
        return confDir;
    }

    public static void main(String[] strArr) {
        String readLine;
        if (strArr.length < 2) {
            System.err.println(USAGE);
            return;
        }
        try {
            LocalKadminImpl localKadminImpl = new LocalKadminImpl(getConfDir(strArr));
            try {
                LocalHadmin localHadmin = new LocalHadmin(getConfDir(strArr));
                try {
                    new Krb5Conf(confDir, localKadminImpl.getKdcConfig()).initKrb5conf();
                } catch (IOException e) {
                    System.err.println("Failed to make krb5.conf." + e.getMessage());
                }
                String kadminPrincipal = localKadminImpl.getKadminPrincipal();
                KOptions parseOptions = ToolUtil.parseOptions(strArr, 1, strArr.length - 1);
                if (parseOptions == null) {
                    System.err.println(USAGE);
                    return;
                }
                Subject subject = null;
                if (parseOptions.contains(KadminOption.CCACHE)) {
                    File fileOption = parseOptions.getFileOption(KadminOption.CCACHE);
                    if (fileOption == null || !fileOption.exists()) {
                        printUsage("Need the valid credentials cache file.");
                        return;
                    }
                    try {
                        subject = AuthUtil.loginUsingTicketCache(kadminPrincipal, fileOption);
                    } catch (LoginException e2) {
                        System.err.println("Could not login with: " + kadminPrincipal + e2.getMessage());
                        return;
                    }
                } else if (parseOptions.contains(KadminOption.K)) {
                    File file = new File(parseOptions.getStringOption(KadminOption.K));
                    if (file == null || !file.exists()) {
                        printUsage("Need the valid keytab file.");
                        return;
                    }
                    try {
                        subject = AuthUtil.loginUsingKeytab(kadminPrincipal, file);
                    } catch (LoginException e3) {
                        System.err.println("Could not login with: " + kadminPrincipal + e3.getMessage());
                        return;
                    }
                } else {
                    printUsage("No credentials cache file or keytab file for authentication.");
                }
                if (subject == null) {
                    printUsage("The subject is null, login failure for " + kadminPrincipal);
                    return;
                }
                KerberosPrincipal kerberosPrincipal = new KerberosPrincipal(kadminPrincipal);
                Set<Principal> principals = subject.getPrincipals();
                if (principals == null || principals.isEmpty()) {
                    printUsage("The principals in subject is empty.");
                    return;
                }
                if (!principals.contains(kerberosPrincipal)) {
                    printUsage("Login failure for " + kadminPrincipal);
                    return;
                }
                System.out.println("Login successful for user: " + kadminPrincipal);
                System.out.println("enter \"cmd\" to see legal commands.");
                StringsCompleter stringsCompleter = new StringsCompleter(new String[]{"add_principal", "delete_principal", "rename_principal", "change_password", "list_principals", "get_principal", "ktadd", "get_hostroles", "export_keytabs", "add_principals", "enable_configure", "disable_configure", "keytab", "deploy_https"});
                Terminal terminal = null;
                try {
                    terminal = TerminalBuilder.terminal();
                } catch (IOException e4) {
                    e4.printStackTrace();
                }
                LineReader build = LineReaderBuilder.builder().completer(stringsCompleter).terminal(terminal).build();
                while (true) {
                    try {
                        readLine = build.readLine("admin.local: ");
                    } catch (HasException e5) {
                        System.err.println(e5.getMessage());
                    }
                    if ("quit".equals(readLine) || "exit".equals(readLine) || "q".equals(readLine)) {
                        break;
                    } else {
                        execute(localKadminImpl, localHadmin, readLine);
                    }
                }
            } catch (KrbException e6) {
                System.err.println("Failed to init Hadmin due to " + e6.getMessage());
            }
        } catch (KrbException e7) {
            System.err.println("Failed to init Kadmin due to " + e7.getMessage());
        }
    }

    static {
        USAGE = (OSUtil.isWindows() ? "Usage: bin\\admin-local.cmd" : "Usage: sh bin/admin-local.sh") + " <conf-dir> <-c cache_name>|<-k keytab>\n\tExample:\n\t\t" + (OSUtil.isWindows() ? "bin\\admin-local.cmd" : "sh bin/admin-local.sh") + " conf -k admin.keytab\n";
    }
}
