package org.phoebus.security.store;

import java.util.ArrayList;
import java.util.List;
import java.util.ServiceLoader;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.phoebus.security.PhoebusSecurity;
import org.phoebus.security.tokens.AuthenticationScope;
import org.phoebus.security.tokens.ScopedAuthenticationToken;

/* loaded from: input_file:org/phoebus/security/store/SecureStore.class */
public class SecureStore {
    private final Store<String, String> store;
    public static final String USERNAME_TAG = "username";
    public static final String PASSWORD_TAG = "password";
    private static final Logger LOGGER = Logger.getLogger(SecureStore.class.getName());

    public SecureStore() throws Exception {
        switch (PhoebusSecurity.secure_store_target) {
            case FILE:
            default:
                this.store = new FileBasedStore();
                return;
            case IN_MEMORY:
                this.store = MemoryBasedStore.getInstance();
                return;
        }
    }

    SecureStore(Store<String, String> store) {
        this.store = store;
    }

    public String get(String str) throws Exception {
        return this.store.get(str);
    }

    public void set(String str, String str2) throws Exception {
        this.store.set(str, str2);
    }

    public void delete(String str) throws Exception {
        LOGGER.log(Level.INFO, "Deleting entry " + str + " from secure store");
        this.store.delete(str);
    }

    public ScopedAuthenticationToken getScopedAuthenticationToken(AuthenticationScope authenticationScope) throws Exception {
        String str;
        String str2;
        if (authenticationScope == null || authenticationScope.getName().trim().isEmpty()) {
            str = get(USERNAME_TAG);
            str2 = get(PASSWORD_TAG);
        } else {
            str = get(authenticationScope.getName().toLowerCase() + ".username");
            str2 = get(authenticationScope.getName().toLowerCase() + ".password");
        }
        if (str == null || str2 == null) {
            return null;
        }
        return new ScopedAuthenticationToken(authenticationScope, str, str2);
    }

    public void deleteScopedAuthenticationToken(AuthenticationScope authenticationScope) throws Exception {
        LOGGER.log(Level.INFO, "Deleting authentication token for scope: " + authenticationScope);
        if (authenticationScope == null || authenticationScope.getName().trim().isEmpty()) {
            delete(USERNAME_TAG);
            delete(PASSWORD_TAG);
        } else {
            delete(authenticationScope.getName() + ".username");
            delete(authenticationScope.getName() + ".password");
        }
        notifyChangeListeners();
    }

    public void deleteAllScopedAuthenticationTokens() throws Exception {
        getAuthenticationTokens().stream().forEach(scopedAuthenticationToken -> {
            try {
                deleteScopedAuthenticationToken(scopedAuthenticationToken.getAuthenticationScope());
            } catch (Exception e) {
                LOGGER.log(Level.WARNING, "Failed to delete scoped authentication token " + scopedAuthenticationToken.toString(), (Throwable) e);
            }
        });
    }

    public void setScopedAuthentication(ScopedAuthenticationToken scopedAuthenticationToken) throws Exception {
        String username = scopedAuthenticationToken.getUsername();
        String password = scopedAuthenticationToken.getPassword();
        if (username == null || username.trim().isEmpty() || password == null || password.trim().isEmpty()) {
            throw new RuntimeException("Username and password must both be non-null and non-empty");
        }
        AuthenticationScope authenticationScope = scopedAuthenticationToken.getAuthenticationScope();
        if (authenticationScope == null || authenticationScope.getName().trim().isEmpty()) {
            set(USERNAME_TAG, username);
            set(PASSWORD_TAG, password);
        } else {
            set(authenticationScope.getName() + ".username", username);
            set(authenticationScope.getName() + ".password", password);
        }
        notifyChangeListeners();
        LOGGER.log(Level.INFO, "Storing scoped authentication token " + scopedAuthenticationToken);
    }

    public List<ScopedAuthenticationToken> getAuthenticationTokens() throws Exception {
        return matchEntries(new ArrayList(this.store.getKeys()));
    }

    private List<ScopedAuthenticationToken> matchEntries(List<String> list) throws Exception {
        String str;
        String str2;
        ArrayList arrayList = new ArrayList();
        for (String str3 : list) {
            if (!str3.endsWith(PASSWORD_TAG)) {
                String[] split = str3.split("\\.");
                AuthenticationScope authenticationScope = null;
                if (split.length == 1 && USERNAME_TAG.equals(split[0])) {
                    str = get(split[0]);
                    str2 = get(PASSWORD_TAG);
                } else {
                    authenticationScope = AuthenticationScope.fromString(split[0]);
                    str = get(authenticationScope.getName() + ".username");
                    str2 = get(authenticationScope.getName() + ".password");
                }
                if (str2 != null) {
                    arrayList.add(new ScopedAuthenticationToken(authenticationScope, str, str2));
                }
            }
        }
        return arrayList;
    }

    private void notifyChangeListeners() {
        ServiceLoader.load(SecureStoreChangeHandler.class).stream().forEach(provider -> {
            try {
                ((SecureStoreChangeHandler) provider.get()).secureStoreChanged(getAuthenticationTokens());
            } catch (Exception e) {
                LOGGER.log(Level.WARNING, "Unable to notify secure store change handlers", (Throwable) e);
            }
        });
    }
}
