package fr.in2p3.jsaga.adaptor.security;

import fr.in2p3.jsaga.adaptor.base.defaults.Default;
import fr.in2p3.jsaga.adaptor.base.defaults.EnvironmentVariables;
import fr.in2p3.jsaga.adaptor.base.usage.U;
import fr.in2p3.jsaga.adaptor.base.usage.UAnd;
import fr.in2p3.jsaga.adaptor.base.usage.UDuration;
import fr.in2p3.jsaga.adaptor.base.usage.UFile;
import fr.in2p3.jsaga.adaptor.base.usage.UFilePath;
import fr.in2p3.jsaga.adaptor.base.usage.UHidden;
import fr.in2p3.jsaga.adaptor.base.usage.UNoPrompt;
import fr.in2p3.jsaga.adaptor.base.usage.UOptional;
import fr.in2p3.jsaga.adaptor.base.usage.UOr;
import fr.in2p3.jsaga.adaptor.base.usage.UProxyValue;
import fr.in2p3.jsaga.adaptor.base.usage.Usage;
import fr.in2p3.jsaga.adaptor.security.impl.InMemoryProxySecurityCredential;
import fr.in2p3.jsaga.adaptor.security.usage.Util;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Map;
import org.globus.common.CoGProperties;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.gridforum.jgss.ExtendedGSSManager;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.Oid;
import org.italiangrid.voms.asn1.VOMSACUtils;
import org.italiangrid.voms.clients.impl.DefaultVOMSCommandsParser;
import org.ogf.saga.error.BadParameterException;
import org.ogf.saga.error.IncorrectStateException;
import org.ogf.saga.error.NoSuccessException;
import org.ogf.saga.error.TimeoutException;

/* loaded from: input_file:fr/in2p3/jsaga/adaptor/security/VOMSSecurityAdaptor.class */
public class VOMSSecurityAdaptor implements ExpirableSecurityAdaptor {
    protected static final int USAGE_INIT_PROXY = 5;
    public static final String DEFAULT_LIFETIME = "PT12H";

    public String getType() {
        return "VOMS";
    }

    public Class getSecurityCredentialClass() {
        return VOMSSecurityCredential.class;
    }

    public Usage getUsage() {
        return new UAnd.Builder().and(new UOr.Builder().or(new UNoPrompt(3, "UserProxyObject")).or(new UProxyValue(4, VOMSContext.USERPROXYSTRING)).or(new UFile(4, "UserProxy")).or(new UAnd.Builder().and(new UFile(USAGE_INIT_PROXY, VOMSContext.INITIALPROXY)).and(getInitProxyUsages()).build()).or(new UAnd.Builder().and(Util.buildCertsUsage()).and(new UHidden("UserPass")).and(getInitProxyUsages()).build()).build()).and(new UFile("CertRepository")).build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UAnd getInitProxyUsages() {
        return new UAnd.Builder().and(new UFilePath("UserProxy")).and(new UOptional("Server")).and(new UFile(VOMSContext.VOMSDIR)).and(new UFile(VOMSContext.VOMSDIR)).and(new UOptional(VOMSContext.VOMSES)).and(new U("UserVO")).and(new UOptional(VOMSContext.USERFQAN)).and(new UDuration("LifeTime") { // from class: fr.in2p3.jsaga.adaptor.security.VOMSSecurityAdaptor.1
            protected Object throwExceptionIfInvalid(Object obj) throws Exception {
                if (obj != null) {
                    return super.throwExceptionIfInvalid(obj);
                }
                return null;
            }
        }).and(new UOptional("Delegation") { // from class: fr.in2p3.jsaga.adaptor.security.VOMSSecurityAdaptor.2
            protected Object throwExceptionIfInvalid(Object obj) throws Exception {
                if (super.throwExceptionIfInvalid(obj) == null || DelegationTypeMap.isValid((String) obj)) {
                    return obj;
                }
                throw new BadParameterException(DelegationTypeMap.getExpected());
            }
        }).and(new UOptional(VOMSContext.PROXYTYPE) { // from class: fr.in2p3.jsaga.adaptor.security.VOMSSecurityAdaptor.3
            protected Object throwExceptionIfInvalid(Object obj) throws Exception {
                if (super.throwExceptionIfInvalid(obj) == null || ProxyTypeMap.isValid((String) obj)) {
                    return obj;
                }
                throw new BadParameterException(ProxyTypeMap.getExpected());
            }
        }).build();
    }

    public Default[] getDefaults(Map map) throws IncorrectStateException {
        EnvironmentVariables environmentVariables = EnvironmentVariables.getInstance();
        Default[] defaultArr = new Default[9];
        String[] strArr = new String[2];
        strArr[0] = environmentVariables.getProperty("X509_USER_PROXY");
        strArr[1] = String.valueOf(System.getProperty("java.io.tmpdir")) + System.getProperty("file.separator") + "x509up_u" + (System.getProperty("os.name").toLowerCase().startsWith("windows") ? "_" + System.getProperty("user.name").toLowerCase() : environmentVariables.getProperty("UID") != null ? environmentVariables.getProperty("UID") : getUnixUID());
        defaultArr[0] = new Default("UserProxy", strArr);
        defaultArr[1] = new Default("UserCert", new File[]{new File(new StringBuilder(String.valueOf(environmentVariables.getProperty("X509_USER_CERT"))).toString()), new File(String.valueOf(System.getProperty("user.home")) + "/.globus/usercert.pem")});
        defaultArr[2] = new Default("UserKey", new File[]{new File(new StringBuilder(String.valueOf(environmentVariables.getProperty("X509_USER_KEY"))).toString()), new File(String.valueOf(System.getProperty("user.home")) + "/.globus/userkey.pem")});
        defaultArr[3] = new Default("CertRepository", new File[]{new File(new StringBuilder(String.valueOf(environmentVariables.getProperty("CADIR"))).toString()), new File(new StringBuilder(String.valueOf(environmentVariables.getProperty("X509_CERT_DIR"))).toString()), new File(String.valueOf(System.getProperty("user.home")) + "/.globus/certificates/"), new File("/etc/grid-security/certificates/")});
        defaultArr[4] = new Default(VOMSContext.VOMSDIR, new File[]{new File(new StringBuilder(String.valueOf(environmentVariables.getProperty("X509_VOMS_DIR"))).toString()), new File(String.valueOf(System.getProperty("user.home")) + "/.globus/vomsdir/"), new File("/etc/grid-security/vomsdir/")});
        defaultArr[USAGE_INIT_PROXY] = new Default(VOMSContext.VOMSES, new File[]{new File(String.valueOf(System.getProperty("user.home")) + "/.glite/vomses/"), new File("/etc/vomses/")});
        defaultArr[6] = new Default("LifeTime", DEFAULT_LIFETIME);
        defaultArr[7] = new Default("Delegation", "NONE");
        defaultArr[8] = new Default(VOMSContext.PROXYTYPE, ProxyTypeMap.TYPE_RFC3820);
        return defaultArr;
    }

    protected static String getUnixUID() throws IncorrectStateException {
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(Runtime.getRuntime().exec("id -u").getInputStream()));
            String readLine = bufferedReader.readLine();
            bufferedReader.close();
            return readLine;
        } catch (IOException e) {
            throw new IncorrectStateException(e);
        }
    }

    public SecurityCredential createSecurityCredential(int i, Map map, String str) throws IncorrectStateException, TimeoutException, NoSuccessException {
        try {
            switch (i) {
                case 1:
                case 2:
                case USAGE_INIT_PROXY /* 5 */:
                    JSAGAProxyInitParams jSAGAProxyInitParams = new JSAGAProxyInitParams(map);
                    if (i == USAGE_INIT_PROXY) {
                        jSAGAProxyInitParams.setCertFile((String) map.get(VOMSContext.INITIALPROXY));
                        jSAGAProxyInitParams.setNoRegen(true);
                    } else {
                        jSAGAProxyInitParams.setNoRegen(false);
                        if (i == 1) {
                            jSAGAProxyInitParams.setCertFile((String) map.get("UserCertKey"));
                        } else if (i == 2) {
                            jSAGAProxyInitParams.setCertFile((String) map.get("UserCert"));
                            jSAGAProxyInitParams.setKeyFile((String) map.get("UserKey"));
                        }
                    }
                    VOMSProxyListener vOMSProxyListener = new VOMSProxyListener();
                    new JSAGAVOMSProxyInitBehaviour(new DefaultVOMSCommandsParser(), vOMSProxyListener).initProxy(jSAGAProxyInitParams);
                    return createSecurityAdaptor(vOMSProxyListener.getProxy(), map);
                case 3:
                    return createSecurityAdaptor(InMemoryProxySecurityCredential.toGSSCredential((String) map.get("UserProxyObject")), map);
                case 4:
                    CoGProperties.getDefault().setCaCertLocations((String) map.get("CertRepository"));
                    return createSecurityAdaptor(map.containsKey(VOMSContext.USERPROXYSTRING) ? load((String) map.get(VOMSContext.USERPROXYSTRING)) : load(new File((String) map.get("UserProxy"))), map);
                default:
                    throw new NoSuccessException("INTERNAL ERROR: unexpected exception");
            }
        } catch (IncorrectStateException e) {
            throw e;
        } catch (NoSuccessException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new NoSuccessException(e3);
        }
    }

    protected SecurityCredential createSecurityAdaptor(GSSCredential gSSCredential, Map map) throws IncorrectStateException {
        if (!(gSSCredential instanceof GlobusGSSCredentialImpl)) {
            throw new IncorrectStateException("The provided GSSCredential is not instance of GlobusGSSCredentialImpl");
        }
        try {
            if (VOMSACUtils.getACsFromCertificate(((GlobusGSSCredentialImpl) gSSCredential).getX509Credential().getCertificateChain()[0]).isEmpty()) {
                throw new IncorrectStateException("Security context is not of type: " + getType());
            }
            return new VOMSSecurityCredential(gSSCredential, map);
        } catch (IOException e) {
            throw new IncorrectStateException("Unable to determine if the provided GSSCredentialis a VOMS certificate or not", e);
        }
    }

    public void destroySecurityAdaptor(Map map, String str) throws Exception {
        org.globus.util.Util.destroy((String) map.get("UserProxy"));
    }

    protected static GSSCredential load(String str) throws IOException, GSSException {
        return realLoad(str.getBytes());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static GSSCredential load(File file) throws IOException, GSSException {
        byte[] bArr = new byte[(int) file.length()];
        FileInputStream fileInputStream = new FileInputStream(file);
        fileInputStream.read(bArr);
        fileInputStream.close();
        return realLoad(bArr);
    }

    private static GSSCredential realLoad(byte[] bArr) throws IOException, GSSException {
        return ExtendedGSSManager.getInstance().createCredential(bArr, 0, 0, (Oid) null, 0);
    }
}
