package pl.edu.icm.yadda.aal.authentication;

import com.opensymphony.oscache.base.Cache;
import com.opensymphony.oscache.base.NeedsRefreshException;
import java.net.Inet4Address;
import java.net.UnknownHostException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.log4j.Logger;
import pl.edu.icm.yadda.aal.AalConstants;
import pl.edu.icm.yadda.aal.AalException;
import pl.edu.icm.yadda.aal.AalSession;
import pl.edu.icm.yadda.aal.Authentication;
import pl.edu.icm.yadda.aal.AuthenticationRequest;
import pl.edu.icm.yadda.aal.model.GroupAddress;
import pl.edu.icm.yadda.aal.service.AalReaderService;
import pl.edu.icm.yadda.aas.ipparser.model.IPart;
import pl.edu.icm.yadda.common.YaddaException;

/* loaded from: input_file:pl/edu/icm/yadda/aal/authentication/AddressModule.class */
public class AddressModule extends AbstractAuthenticationModule implements AuthenticationModule {
    private boolean allowResolver = false;
    private static final int REFRESH_RATE = 3600;
    private static final String NAME = "Address";
    public static final String IP_ADDR = "IP_ADDR";
    public static final String HOST_NAME = "HOST_NAME";
    private Cache cache;
    private AalReaderService reader;
    private static final Logger log = Logger.getLogger(AddressModule.class);
    private static Map ipCache = new HashMap();
    public static final String MODE = "address";
    private static final String[] modes = {MODE};

    /* loaded from: input_file:pl/edu/icm/yadda/aal/authentication/AddressModule$AddressCache.class */
    public class AddressCache {
        public Map<String, Set<String>> allowed = new HashMap();
        public Map<String, Set<String>> denied = new HashMap();

        public AddressCache() {
        }
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String getName() {
        return NAME;
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String getDescription() {
        return "Address based authentication";
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String[] getModes() {
        return modes;
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String[] getDependencies() {
        return null;
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public boolean authenticate(AalSession aalSession, AuthenticationRequest authenticationRequest) throws AalException {
        log.debug("Authentication request received");
        if (!authenticationRequest.containsKey(IP_ADDR) && !authenticationRequest.containsKey(HOST_NAME)) {
            log.debug("Nither ip address nor host name defined");
            makeProblem(aalSession, authenticationRequest, new AalException("Nether ip address nor host name defined"));
            return true;
        }
        String str = null;
        String str2 = null;
        if (authenticationRequest.containsKey(IP_ADDR)) {
            str = (String) authenticationRequest.get(IP_ADDR);
        }
        if (authenticationRequest.containsKey(HOST_NAME)) {
            str2 = (String) authenticationRequest.get(HOST_NAME);
        }
        if (this.allowResolver || str != null) {
            if (str == null) {
                try {
                    if (ipCache.containsKey(str2)) {
                        str = (String) ipCache.get(str2);
                    } else {
                        str = Inet4Address.getByName(str2).getHostAddress();
                        synchronized (ipCache) {
                            ipCache.put(str2, str);
                        }
                    }
                } catch (UnknownHostException e) {
                    log.warn("Unknown host :ip(" + str + ") host(" + str2 + ")", e);
                }
            }
            if (str2 == null) {
                if (ipCache.containsKey(str)) {
                    str2 = (String) ipCache.get(str);
                } else {
                    str2 = Inet4Address.getByName(str).getHostName();
                    synchronized (ipCache) {
                        ipCache.put(str, str2);
                    }
                }
            }
        } else {
            log.warn("Host authentication (" + str2 + ")but resolver turned off.");
        }
        aalSession.getGroups().clear(MODE);
        if (str != null) {
            authenticateIP(aalSession, str);
        }
        if (str2 != null) {
            authenticateHost(aalSession, str2);
        }
        Authentication authentication = new Authentication();
        long currentTimeMillis = System.currentTimeMillis();
        authentication.setCreationTime(currentTimeMillis);
        authentication.setExpireTime(currentTimeMillis + 3600000);
        authentication.put(IP_ADDR, str);
        authentication.put(HOST_NAME, str2);
        authentication.setMode(MODE);
        Iterator it = aalSession.getAuthentications().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Authentication authentication2 = (Authentication) it.next();
            if (MODE.equals(authentication2.getMode()) && authentication2.containsKey(IP_ADDR) && str.equals(authentication2.get(IP_ADDR)) && authentication2.containsKey(HOST_NAME) && str2.equals(authentication2.get(HOST_NAME))) {
                authentication2.setDeleted(true);
                break;
            }
        }
        if (1 == 0) {
            return true;
        }
        aalSession.getAuthentications().add(authentication);
        return true;
    }

    protected AddressCache loadGroupAddresses() {
        log.debug("reading GroupAddresses from database");
        try {
            AddressCache addressCache = new AddressCache();
            List<GroupAddress> allGroupAddresses = this.reader.getAllGroupAddresses();
            for (int i = 0; i < allGroupAddresses.size(); i++) {
                GroupAddress groupAddress = allGroupAddresses.get(i);
                if (groupAddress.getGroup().isActive()) {
                    String name = groupAddress.getGroup().getName();
                    String ipAddr = groupAddress.getIpAddr();
                    String hostName = groupAddress.getHostName();
                    if (ipAddr != null) {
                        ipAddr = ipAddr.trim();
                        if (!ipAddr.endsWith(IPart.PART_DELIMITER)) {
                            ipAddr = ipAddr + IPart.PART_DELIMITER;
                        }
                    }
                    if (hostName != null) {
                        hostName = hostName.trim();
                        if (!hostName.endsWith(IPart.PART_DELIMITER)) {
                            hostName = hostName + IPart.PART_DELIMITER;
                        }
                    }
                    log.info("GAD:" + ipAddr + ":" + hostName + ":" + name);
                    Map<String, Set<String>> map = groupAddress.isAllowed() ? addressCache.allowed : addressCache.denied;
                    if (ipAddr != null) {
                        if (!map.containsKey(ipAddr)) {
                            map.put(ipAddr, new HashSet());
                        }
                        map.get(ipAddr).add(name);
                    }
                    if (hostName != null) {
                        if (!map.containsKey(hostName)) {
                            map.put(hostName, new HashSet());
                        }
                        map.get(hostName).add(name);
                    }
                }
            }
            return addressCache;
        } catch (YaddaException e) {
            log.error("Error loading all GroupAddresses!");
            return new AddressCache();
        }
    }

    protected AddressCache getAddressMap() {
        AddressCache loadGroupAddresses;
        try {
            loadGroupAddresses = (AddressCache) this.cache.getFromCache("AddressModule/map", REFRESH_RATE);
        } catch (NeedsRefreshException e) {
            loadGroupAddresses = loadGroupAddresses();
            boolean z = false;
            try {
                this.cache.putInCache("AddressModule/map", loadGroupAddresses, new String[]{AalConstants.CACHE_GROUP_GROUP, AalConstants.CACHE_LICENSE_GROUP});
                z = true;
                if (1 == 0) {
                    this.cache.cancelUpdate("AddressModule/map");
                }
            } catch (Throwable th) {
                if (!z) {
                    this.cache.cancelUpdate("AddressModule/map");
                }
                throw th;
            }
        }
        return loadGroupAddresses;
    }

    protected void authenticateIP(AalSession aalSession, String str) {
        String[] split = str.split("[.]");
        AddressCache addressMap = getAddressMap();
        String str2 = "";
        HashSet hashSet = new HashSet();
        for (String str3 : split) {
            str2 = str2 + str3 + IPart.PART_DELIMITER;
            if (addressMap.allowed.get(str2) != null) {
                aalSession.getGroups().addAll(addressMap.allowed.get(str2));
            }
            if (addressMap.denied.get(str2) != null) {
                hashSet.addAll(addressMap.denied.get(str2));
            }
        }
        aalSession.getGroups().removeAll(hashSet, "__any__");
    }

    protected void authenticateHost(AalSession aalSession, String str) {
        String[] split = str.split("[.]");
        AddressCache addressMap = getAddressMap();
        String str2 = "";
        HashSet hashSet = new HashSet();
        for (int i = 0; i < split.length; i++) {
            str2 = str2 + split[(split.length - i) - 1] + IPart.PART_DELIMITER;
            if (addressMap.allowed.containsKey(str2)) {
                aalSession.getGroups().addAll(addressMap.allowed.get(str2), MODE);
                hashSet.addAll(addressMap.denied.get(str2));
            }
        }
        aalSession.getGroups().removeAll(hashSet, "__any__");
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public boolean reauthenticate(AalSession aalSession, Authentication authentication) {
        if (!authentication.containsKey(IP_ADDR) && !authentication.containsKey(HOST_NAME)) {
            log.debug("Nither ip address nor host name defined");
            makeProblem(aalSession, new AalException("Niether ip address nor host name defined"));
            return false;
        }
        String str = null;
        String str2 = null;
        if (authentication.containsKey(IP_ADDR)) {
            str = (String) authentication.get(IP_ADDR);
        }
        if (authentication.containsKey(HOST_NAME)) {
            str2 = (String) authentication.get(HOST_NAME);
        }
        if (this.allowResolver) {
            if (str == null) {
                try {
                    str = Inet4Address.getByName(str2).getHostAddress();
                } catch (UnknownHostException e) {
                    log.warn("Unknown host :ip(" + str + ") host(" + str2 + ")", e);
                }
            }
            if (str2 == null) {
                str2 = Inet4Address.getByName(str).getHostName();
            }
        }
        aalSession.getGroups().clear(MODE);
        if (str != null) {
            authenticateIP(aalSession, str);
        }
        if (str2 == null) {
            return true;
        }
        authenticateHost(aalSession, str2);
        return true;
    }

    public boolean isAllowResolver() {
        return this.allowResolver;
    }

    public void setAllowResolver(boolean z) {
        this.allowResolver = z;
    }

    public Cache getCache() {
        return this.cache;
    }

    public void setCache(Cache cache) {
        this.cache = cache;
    }

    public AalReaderService getReader() {
        return this.reader;
    }

    public void setReader(AalReaderService aalReaderService) {
        this.reader = aalReaderService;
    }
}
