package de.gwdg.cdstar.auth.realm;

import de.gwdg.cdstar.Utils;
import de.gwdg.cdstar.auth.simple.Account;
import de.gwdg.cdstar.auth.simple.SimpleAuthorizer;
import de.gwdg.cdstar.runtime.Config;
import de.gwdg.cdstar.runtime.ConfigException;
import de.gwdg.cdstar.runtime.Plugin;
import de.gwdg.cdstar.runtime.client.CDStarAttribute;
import de.gwdg.cdstar.runtime.client.CDStarSnapshot;
import de.gwdg.cdstar.runtime.lts.bagit.BagitTarget;
import java.io.Console;
import java.util.Arrays;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Plugin
/* loaded from: input_file:de/gwdg/cdstar/auth/realm/StaticRealm.class */
public class StaticRealm extends SimpleAuthorizer {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) StaticRealm.class);

    public StaticRealm(Config config) throws ConfigException {
        super(config.get("domain", config.get("_name", "static")));
        Config with = config.with("role");
        for (String str : with.keySet()) {
            if (str.contains(".")) {
                log.warn("Role names must not contain dots: {}", str);
            } else {
                addRole(str, with.getArray(str));
                log.info("Added role '{}' to realm '{}'", str, getName());
            }
        }
        Config with2 = config.with("group");
        for (String str2 : with2.keySet()) {
            if (str2.contains(".")) {
                log.warn("Group names must not contain dots: {}", str2);
            } else {
                addGroup(str2, with2.getArray(str2));
                log.info("Added group '{}' to realm '{}'", str2, getName());
            }
        }
        for (Map.Entry<String, Config> entry : config.getTable("user").entrySet()) {
            Config value = entry.getValue();
            String key = value.hasKey(BagitTarget.PARAM_NAME) ? value.get(BagitTarget.PARAM_NAME) : entry.getKey();
            int lastIndexOf = key.lastIndexOf(CDStarSnapshot.ID_SEP);
            Account account = lastIndexOf != -1 ? account(key.substring(0, lastIndexOf), key.substring(lastIndexOf + 1)) : account(key);
            if (value.hasKey("password")) {
                String str3 = value.get("password");
                int indexOf = str3.indexOf(CDStarAttribute.SCHEMA_SEPARATOR);
                if (indexOf == -1) {
                    throw new ConfigException("Invalid pasword hash for user: " + key);
                }
                account.password(Utils.base64decode(str3.substring(indexOf + 1)), Utils.base64decode(str3.substring(0, indexOf)));
            }
            if (value.hasKey("roles")) {
                account.withRoles(value.getArray("roles"));
            }
            if (value.hasKey("groups")) {
                account.withGroups(value.getArray("groups"));
            }
            if (value.hasKey("permissions")) {
                account.withPermissions(value.getArray("permissions"));
            }
            log.info("Added user '{}' to realm '{}'", account.getFullId(), getName());
        }
    }

    public static String hashPassword(char[] cArr) {
        byte[] randomBytes = Utils.randomBytes(32);
        return Utils.base64encode(randomBytes) + ":" + Utils.base64encode(Utils.sign(Utils.toBytesAndBurnAfterReading(cArr), randomBytes));
    }

    public static void main(String[] strArr) {
        Console console = System.console();
        if (console == null) {
            System.out.println("Couldn't get Console instance");
            System.exit(0);
            return;
        }
        char[] readPassword = console.readPassword("Enter password: ", new Object[0]);
        if (Arrays.equals(readPassword, console.readPassword("Repeat password: ", new Object[0]))) {
            console.printf("Password hash: %s%n", hashPassword(readPassword));
        } else {
            console.printf("Passwords do not match.%n", new Object[0]);
            System.exit(1);
        }
    }
}
