package org.apache.kerby.kerberos.kdc.identitybackend;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.reflect.TypeToken;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.TreeMap;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import org.apache.kerby.config.Config;
import org.apache.kerby.kerberos.kdc.identitybackend.typeAdapter.EncryptionKeyAdapter;
import org.apache.kerby.kerberos.kdc.identitybackend.typeAdapter.KerberosTimeAdapter;
import org.apache.kerby.kerberos.kdc.identitybackend.typeAdapter.PrincipalNameAdapter;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.identity.BatchTrans;
import org.apache.kerby.kerberos.kerb.identity.backend.AbstractIdentityBackend;
import org.apache.kerby.kerberos.kerb.request.KrbIdentity;
import org.apache.kerby.kerberos.kerb.type.KerberosTime;
import org.apache.kerby.kerberos.kerb.type.base.EncryptionKey;
import org.apache.kerby.kerberos.kerb.type.base.PrincipalName;
import org.apache.kerby.util.IOUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.class */
public class JsonIdentityBackend extends AbstractIdentityBackend {
    private static final Logger LOG = LoggerFactory.getLogger(JsonIdentityBackend.class);
    public static final String JSON_IDENTITY_BACKEND_DIR = "backend.json.dir";
    private File jsonKdbFile;
    private Gson gson;
    private final Map<String, KrbIdentity> identities = new ConcurrentHashMap(new TreeMap());
    private long kdbFileUpdateTime = -1;
    private Lock lock = new ReentrantLock();

    /* loaded from: input_file:org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend$JsonBatchTrans.class */
    class JsonBatchTrans implements BatchTrans {
        JsonBatchTrans() {
        }

        public void commit() throws KrbException {
            try {
                JsonIdentityBackend.this.persistToFile();
            } finally {
                JsonIdentityBackend.this.lock.unlock();
            }
        }

        public void rollback() throws KrbException {
            try {
                JsonIdentityBackend.this.load();
            } finally {
                JsonIdentityBackend.this.lock.unlock();
            }
        }

        public BatchTrans addIdentity(KrbIdentity krbIdentity) throws KrbException {
            if (krbIdentity != null && JsonIdentityBackend.this.identities.containsKey(krbIdentity.getPrincipalName())) {
                JsonIdentityBackend.this.identities.put(krbIdentity.getPrincipalName(), krbIdentity);
            }
            return this;
        }

        public BatchTrans updateIdentity(KrbIdentity krbIdentity) throws KrbException {
            if (krbIdentity != null && JsonIdentityBackend.this.identities.containsKey(krbIdentity.getPrincipalName())) {
                JsonIdentityBackend.this.identities.put(krbIdentity.getPrincipalName(), krbIdentity);
            }
            return this;
        }

        public BatchTrans deleteIdentity(String str) throws KrbException {
            if (str != null && JsonIdentityBackend.this.identities.containsKey(str)) {
                JsonIdentityBackend.this.identities.remove(str);
            }
            return this;
        }
    }

    public JsonIdentityBackend() {
    }

    public JsonIdentityBackend(Config config) {
        setConfig(config);
    }

    public boolean supportBatchTrans() {
        return true;
    }

    public BatchTrans startBatchTrans() throws KrbException {
        if (!this.lock.tryLock()) {
            return null;
        }
        checkAndReload();
        return new JsonBatchTrans();
    }

    protected void doInitialize() throws KrbException {
        File confDir;
        LOG.info("Initializing the Json identity backend.");
        initGsonBuilder();
        String string = getConfig().getString(JSON_IDENTITY_BACKEND_DIR);
        if (string == null || string.isEmpty()) {
            confDir = getBackendConfig().getConfDir();
        } else {
            confDir = new File(string);
            if (!confDir.exists() && !confDir.mkdirs()) {
                throw new KrbException("Failed to create json file dir " + confDir);
            }
        }
        this.jsonKdbFile = new File(confDir, "json-backend.json");
        if (this.jsonKdbFile.exists()) {
            return;
        }
        try {
            this.jsonKdbFile.createNewFile();
        } catch (IOException e) {
            throw new KrbException("Failed to create " + this.jsonKdbFile.getAbsolutePath());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Type inference failed for: r2v1, types: [org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend$1] */
    public void load() throws KrbException {
        LOG.info("Loading the identities from json file.");
        long lastModified = this.jsonKdbFile.lastModified();
        if (this.lock.tryLock()) {
            try {
                try {
                    Map<? extends String, ? extends KrbIdentity> map = (Map) this.gson.fromJson(IOUtil.readFile(this.jsonKdbFile), new TypeToken<HashMap<String, KrbIdentity>>() { // from class: org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend.1
                    }.getType());
                    if (map != null) {
                        this.identities.clear();
                        this.identities.putAll(map);
                    }
                    this.kdbFileUpdateTime = lastModified;
                    this.lock.unlock();
                } catch (IOException e) {
                    throw new KrbException("Failed to read file", e);
                }
            } catch (Throwable th) {
                this.lock.unlock();
                throw th;
            }
        }
    }

    private void checkAndReload() throws KrbException {
        if (this.jsonKdbFile.lastModified() != this.kdbFileUpdateTime) {
            load();
        }
    }

    protected KrbIdentity doGetIdentity(String str) throws KrbException {
        checkAndReload();
        return this.identities.get(str);
    }

    protected KrbIdentity doAddIdentity(KrbIdentity krbIdentity) throws KrbException {
        checkAndReload();
        if (this.lock.tryLock()) {
            try {
                this.identities.put(krbIdentity.getPrincipalName(), krbIdentity);
                persistToFile();
            } finally {
                this.lock.unlock();
            }
        }
        return doGetIdentity(krbIdentity.getPrincipalName());
    }

    protected KrbIdentity doUpdateIdentity(KrbIdentity krbIdentity) throws KrbException {
        checkAndReload();
        if (this.lock.tryLock()) {
            try {
                this.identities.put(krbIdentity.getPrincipalName(), krbIdentity);
                persistToFile();
            } finally {
                this.lock.unlock();
            }
        }
        return doGetIdentity(krbIdentity.getPrincipalName());
    }

    protected void doDeleteIdentity(String str) throws KrbException {
        checkAndReload();
        if (this.identities.containsKey(str) && this.lock.tryLock()) {
            try {
                this.identities.remove(str);
                persistToFile();
            } finally {
                this.lock.unlock();
            }
        }
    }

    protected Iterable<String> doGetIdentities() throws KrbException {
        load();
        ArrayList arrayList = new ArrayList(this.identities.keySet());
        Collections.sort(arrayList);
        return arrayList;
    }

    private void initGsonBuilder() {
        GsonBuilder gsonBuilder = new GsonBuilder();
        gsonBuilder.registerTypeAdapter(EncryptionKey.class, new EncryptionKeyAdapter());
        gsonBuilder.registerTypeAdapter(PrincipalName.class, new PrincipalNameAdapter());
        gsonBuilder.registerTypeAdapter(KerberosTime.class, new KerberosTimeAdapter());
        gsonBuilder.enableComplexMapKeySerialization();
        gsonBuilder.setPrettyPrinting();
        this.gson = gsonBuilder.create();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void persistToFile() throws KrbException {
        String json = this.gson.toJson(this.identities);
        try {
            File file = Files.createTempFile(this.jsonKdbFile.getParentFile().toPath(), "kerby-kdb", ".json", new FileAttribute[0]).toFile();
            IOUtil.writeFile(json, file);
            if (!this.jsonKdbFile.delete()) {
                throw new RuntimeException("File delete error!");
            }
            if (!file.renameTo(this.jsonKdbFile)) {
                throw new RuntimeException("File rename error!");
            }
            this.kdbFileUpdateTime = this.jsonKdbFile.lastModified();
        } catch (IOException e) {
            LOG.error("Error occurred while writing identities to file: " + this.jsonKdbFile);
            throw new KrbException("Failed to write file", e);
        }
    }
}
