package fr.in2p3.jsaga.adaptor.security;

import fr.in2p3.jsaga.adaptor.base.defaults.Default;
import fr.in2p3.jsaga.adaptor.base.defaults.EnvironmentVariables;
import fr.in2p3.jsaga.adaptor.base.usage.UAnd;
import fr.in2p3.jsaga.adaptor.base.usage.UDuration;
import fr.in2p3.jsaga.adaptor.base.usage.UFile;
import fr.in2p3.jsaga.adaptor.base.usage.UFilePath;
import fr.in2p3.jsaga.adaptor.base.usage.UHidden;
import fr.in2p3.jsaga.adaptor.base.usage.UNoPrompt;
import fr.in2p3.jsaga.adaptor.base.usage.UOptional;
import fr.in2p3.jsaga.adaptor.base.usage.UOr;
import fr.in2p3.jsaga.adaptor.base.usage.Usage;
import fr.in2p3.jsaga.adaptor.security.impl.InMemoryProxySecurityCredential;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Map;
import org.bouncycastle.jce.provider.X509CertificateObject;
import org.globus.common.CoGProperties;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.util.Util;
import org.gridforum.jgss.ExtendedGSSManager;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.Oid;
import org.ogf.saga.error.BadParameterException;
import org.ogf.saga.error.IncorrectStateException;
import org.ogf.saga.error.NoSuccessException;

/* loaded from: input_file:fr/in2p3/jsaga/adaptor/security/GlobusSecurityAdaptor.class */
public abstract class GlobusSecurityAdaptor implements ExpirableSecurityAdaptor {
    private static final int USAGE_INIT_PKCS12 = 1;
    private static final int USAGE_INIT_PEM = 2;
    private static final int USAGE_MEMORY = 3;
    private static final int USAGE_LOAD = 4;

    public abstract String getType();

    protected abstract int getGlobusType();

    protected abstract boolean checkType(GSSCredential gSSCredential);

    public Class getSecurityCredentialClass() {
        return GlobusSecurityCredential.class;
    }

    public Usage getUsage() {
        return new UAnd(new Usage[]{new UOr(new Usage[]{new UAnd(new Usage[]{new UOr(new Usage[]{new UFile(USAGE_INIT_PKCS12, GlobusContext.USERCERTKEY), new UAnd(2, new Usage[]{new UFile("UserCert"), new UFile("UserKey")})}), new UFilePath("UserProxy"), new UHidden("UserPass"), new UDuration("LifeTime"), new UOptional(GlobusContext.DELEGATION) { // from class: fr.in2p3.jsaga.adaptor.security.GlobusSecurityAdaptor.1
            protected Object throwExceptionIfInvalid(Object obj) throws Exception {
                if (super.throwExceptionIfInvalid(obj) != null) {
                    String str = (String) obj;
                    if (!str.equalsIgnoreCase("limited") && !str.equalsIgnoreCase("full")) {
                        throw new BadParameterException("Expected: limited | full");
                    }
                }
                return obj;
            }
        }}), new UNoPrompt(3, GlobusContext.USERPROXYOBJECT), new UFile(4, "UserProxy")}), new UFile("CertRepository")});
    }

    public Default[] getDefaults(Map map) throws IncorrectStateException {
        EnvironmentVariables environmentVariables = EnvironmentVariables.getInstance();
        Default[] defaultArr = new Default[6];
        String[] strArr = new String[2];
        strArr[0] = environmentVariables.getProperty("X509_USER_PROXY");
        strArr[USAGE_INIT_PKCS12] = System.getProperty("java.io.tmpdir") + System.getProperty("file.separator") + "x509up_u" + (System.getProperty("os.name").toLowerCase().startsWith("windows") ? "_" + System.getProperty("user.name").toLowerCase() : environmentVariables.getProperty("UID") != null ? environmentVariables.getProperty("UID") : getUnixUID());
        defaultArr[0] = new Default("UserProxy", strArr);
        defaultArr[USAGE_INIT_PKCS12] = new Default("UserCert", new File[]{new File(environmentVariables.getProperty("X509_USER_CERT") + ""), new File(System.getProperty("user.home") + "/.globus/usercert.pem")});
        defaultArr[2] = new Default("UserKey", new File[]{new File(environmentVariables.getProperty("X509_USER_KEY") + ""), new File(System.getProperty("user.home") + "/.globus/userkey.pem")});
        defaultArr[3] = new Default("CertRepository", new File[]{new File(environmentVariables.getProperty("X509_CERT_DIR") + ""), new File(System.getProperty("user.home") + "/.globus/certificates/"), new File("/etc/grid-security/certificates/")});
        defaultArr[4] = new Default("LifeTime", "PT12H");
        defaultArr[5] = new Default(GlobusContext.DELEGATION, "full");
        return defaultArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getUnixUID() throws IncorrectStateException {
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(Runtime.getRuntime().exec("id -u").getInputStream()));
            String readLine = bufferedReader.readLine();
            bufferedReader.close();
            return readLine;
        } catch (IOException e) {
            throw new IncorrectStateException(e);
        }
    }

    public SecurityCredential createSecurityCredential(int i, Map map, String str) throws IncorrectStateException, NoSuccessException {
        try {
            switch (i) {
                case USAGE_INIT_PKCS12 /* 1 */:
                    return createSecurityAdaptor(new GlobusProxyFactory(map, getGlobusType(), USAGE_INIT_PKCS12).createProxy(), map);
                case 2:
                    return createSecurityAdaptor(new GlobusProxyFactory(map, getGlobusType(), 0).createProxy(), map);
                case 3:
                    return createSecurityAdaptor(InMemoryProxySecurityCredential.toGSSCredential((String) map.get(GlobusContext.USERPROXYOBJECT)), map);
                case 4:
                    CoGProperties.getDefault().setCaCertLocations((String) map.get("CertRepository"));
                    return createSecurityAdaptor(load(new File((String) map.get("UserProxy"))), map);
                default:
                    throw new NoSuccessException("INTERNAL ERROR: unexpected exception");
            }
        } catch (IncorrectStateException e) {
            throw e;
        } catch (Exception e2) {
            throw new NoSuccessException(e2);
        } catch (NoSuccessException e3) {
            throw e3;
        }
    }

    private SecurityCredential createSecurityAdaptor(GSSCredential gSSCredential, Map map) throws IncorrectStateException {
        if (!checkType(gSSCredential) || hasNonCriticalExtensions(gSSCredential)) {
            throw new IncorrectStateException("Security context is not of type: " + getType());
        }
        return new GlobusSecurityCredential(gSSCredential, new File((String) map.get("CertRepository")));
    }

    public void destroySecurityAdaptor(Map map, String str) throws Exception {
        Util.destroy((String) map.get("UserProxy"));
    }

    private static GSSCredential load(File file) throws IOException, GSSException {
        byte[] bArr = new byte[(int) file.length()];
        FileInputStream fileInputStream = new FileInputStream(file);
        fileInputStream.read(bArr);
        fileInputStream.close();
        return ExtendedGSSManager.getInstance().createCredential(bArr, 0, 0, (Oid) null, 0);
    }

    private static boolean hasNonCriticalExtensions(GSSCredential gSSCredential) {
        if (!(gSSCredential instanceof GlobusGSSCredentialImpl)) {
            return false;
        }
        X509CertificateObject x509CertificateObject = ((GlobusGSSCredentialImpl) gSSCredential).getX509Credential().getCertificateChain()[0];
        if (!(x509CertificateObject instanceof X509CertificateObject)) {
            return false;
        }
        X509CertificateObject x509CertificateObject2 = x509CertificateObject;
        return (x509CertificateObject2.getNonCriticalExtensionOIDs() == null || x509CertificateObject2.getNonCriticalExtensionOIDs().isEmpty()) ? false : true;
    }
}
