package de.rcenvironment.core.embedded.ssh.internal;

import de.rcenvironment.core.configuration.ConfigurationException;
import de.rcenvironment.core.configuration.ConfigurationSegment;
import de.rcenvironment.core.embedded.ssh.api.SshAccount;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:de/rcenvironment/core/embedded/ssh/internal/SshConfiguration.class */
public class SshConfiguration {
    protected static final int DEFAULT_PORT = 31005;
    protected static final String DEFAULT_HOST = "127.0.0.1";
    protected static final Integer DEFAULT_IDLE_TIMEOUT_SECONDS = 60;
    private static final String CONFIG_PROPERTY_IDLE_TIMEOUT_SECONDS = "idleTimeoutSeconds";
    private static final String STATIC_ACCOUNT_DATA_SOURCE_INFO = "the main configuration file";
    private static final String DYNAMIC_ACCOUNTS_FILENAME = "accounts.json";
    private boolean enabled;
    private String host;
    private int port;
    private Integer idleTimeoutSeconds;
    private List<SshAccountImpl> staticAccounts;
    private List<SshAccountImpl> dynamicAccounts;
    private Map<String, SshAccountImpl> currentAccountMap;
    private final List<SshAccountRole> roles;
    private final Log log;
    private String accountDataOriginInfo;

    public SshConfiguration() {
        this.enabled = false;
        this.staticAccounts = new ArrayList();
        this.dynamicAccounts = new ArrayList();
        this.currentAccountMap = new HashMap();
        this.log = LogFactory.getLog(getClass());
        this.host = DEFAULT_HOST;
        this.port = DEFAULT_PORT;
        this.roles = createPredefinedRoles();
    }

    public SshConfiguration(ConfigurationSegment configurationSegment) throws ConfigurationException, IOException {
        this.enabled = false;
        this.staticAccounts = new ArrayList();
        this.dynamicAccounts = new ArrayList();
        this.currentAccountMap = new HashMap();
        this.log = LogFactory.getLog(getClass());
        this.roles = createPredefinedRoles();
        this.enabled = configurationSegment.getBoolean("enabled", false).booleanValue();
        this.idleTimeoutSeconds = configurationSegment.getInteger(CONFIG_PROPERTY_IDLE_TIMEOUT_SECONDS, DEFAULT_IDLE_TIMEOUT_SECONDS);
        if (this.idleTimeoutSeconds.intValue() <= 0) {
            LogFactory.getLog(getClass()).warn("Invalid value for SSH server setting 'idleTimeoutSeconds' - using default of " + DEFAULT_IDLE_TIMEOUT_SECONDS);
            this.idleTimeoutSeconds = DEFAULT_IDLE_TIMEOUT_SECONDS;
        }
        String string = configurationSegment.getString("host");
        String string2 = configurationSegment.getString("ip");
        if (string != null) {
            LogFactory.getLog(getClass()).warn("Deprecated SSH server configuration parameter \"host\" used - use \"ip\" instead");
            this.host = string;
        }
        if (string2 != null) {
            if (string != null) {
                LogFactory.getLog(getClass()).error("Both \"host\" and \"ip\" settings of SSH server used; ignoring deprecated \"host\" setting");
            }
            this.host = string2;
        }
        if (this.host == null) {
            this.host = DEFAULT_HOST;
        }
        this.port = configurationSegment.getInteger("port", Integer.valueOf(DEFAULT_PORT)).intValue();
        try {
            this.staticAccounts = parseAccountData(configurationSegment.listElements("accounts"), STATIC_ACCOUNT_DATA_SOURCE_INFO);
        } catch (ConfigurationException unused) {
            this.log.warn("Failed to parse the list of SSH accounts; the SSH server will remain disabled");
            this.staticAccounts = new ArrayList();
        }
        this.dynamicAccounts = new ArrayList();
        this.accountDataOriginInfo = "static";
        updateEffectiveAccountLookup();
        if (configurationSegment.getSubSegment("roles").isPresentInCurrentConfiguration()) {
            this.log.warn("Deprecated \"roles\" configuration used. The roles will not be applied. Only predefined roles can be used. A list of available roles can be found in the configuration reference or the user guide.");
        }
    }

    private List<SshAccountRole> createPredefinedRoles() {
        ArrayList arrayList = new ArrayList();
        for (String str : SshConstants.PREDEFINED_ROLE_NAMES) {
            arrayList.add(new SshAccountRole(str));
        }
        return arrayList;
    }

    public synchronized boolean validateConfiguration(Log log) {
        boolean z = true;
        ArrayList arrayList = new ArrayList();
        if (this.host == null || this.host.isEmpty()) {
            log.warn("SSH server host can not be empty");
        }
        if (this.port < 0 || this.port > 65535) {
            log.warn("sshContactPoint must be between 0 and 65535");
            z = false;
        }
        if (this.staticAccounts != null && !this.staticAccounts.isEmpty()) {
            for (SshAccountImpl sshAccountImpl : this.staticAccounts) {
                z = sshAccountImpl.validate(this.roles, log) && z;
                if (arrayList.contains(sshAccountImpl)) {
                    log.warn("User names must be distinct. Found two users with name: " + sshAccountImpl.getLoginName());
                    z = false;
                } else {
                    arrayList.add(sshAccountImpl);
                }
            }
        }
        if (!z) {
            log.error("Embedded SSH server will not be started due to an error in the configuration.");
        }
        return z;
    }

    public synchronized void applyDynamicSshAccountData(Map<String, ConfigurationSegment> map) {
        try {
            this.dynamicAccounts = parseAccountData(map, DYNAMIC_ACCOUNTS_FILENAME);
            updateEffectiveAccountLookup();
        } catch (ConfigurationException unused) {
            this.log.warn("Failed to read the dynamic list of SSH accounts from accounts.json; no changes applied");
        }
    }

    public synchronized void injectAccount(SshAccountImpl sshAccountImpl) {
        this.currentAccountMap.put(sshAccountImpl.getLoginName(), sshAccountImpl);
    }

    public synchronized SshAccount getAccountByName(String str, boolean z) {
        SshAccountImpl sshAccountImpl = this.currentAccountMap.get(str);
        if (sshAccountImpl == null) {
            return null;
        }
        if (sshAccountImpl.isEnabled()) {
            return sshAccountImpl;
        }
        if (z) {
            this.log.debug("Returning disabled account '" + sshAccountImpl.getLoginName() + "' on explicit query");
            return sshAccountImpl;
        }
        this.log.debug("Default query for disabled account '" + sshAccountImpl.getLoginName() + "'; responding as if it did not exist");
        return null;
    }

    public SshAccountRole getRoleByName(String str) {
        SshAccountRole sshAccountRole = null;
        Iterator<SshAccountRole> it = this.roles.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SshAccountRole next = it.next();
            if (next.getRoleName().equals(str)) {
                sshAccountRole = next;
                break;
            }
        }
        if (sshAccountRole == null) {
            sshAccountRole = getRoleByName(SshConstants.ROLE_NAME_DEFAULT);
        }
        return sshAccountRole;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setEnabled(boolean z) {
        this.enabled = z;
    }

    public String getHost() {
        return this.host;
    }

    public int getPort() {
        return this.port;
    }

    public Integer getIdleTimeoutSeconds() {
        return this.idleTimeoutSeconds;
    }

    public void setIdleTimeoutSeconds(Integer num) {
        this.idleTimeoutSeconds = num;
    }

    public void setPort(int i) {
        this.port = i;
    }

    protected synchronized List<SshAccountImpl> listAccounts() {
        return Collections.unmodifiableList(new ArrayList(this.currentAccountMap.values()));
    }

    protected synchronized void setStaticAccounts(List<SshAccountImpl> list) {
        this.staticAccounts = list;
        if (this.staticAccounts == null) {
            this.staticAccounts = new ArrayList();
        }
        updateEffectiveAccountLookup();
    }

    public List<SshAccountRole> getRoles() {
        return this.roles;
    }

    public synchronized int getCurrentNumberOfAccouts() {
        return this.currentAccountMap.size();
    }

    public synchronized String getAccountDataOriginInfo() {
        return this.accountDataOriginInfo;
    }

    public synchronized List<SshAccountImpl> getStaticAccounts() {
        return Collections.unmodifiableList(new ArrayList(this.staticAccounts));
    }

    private List<SshAccountImpl> parseAccountData(Map<String, ConfigurationSegment> map, String str) throws ConfigurationException {
        ArrayList arrayList = new ArrayList();
        if (map == null) {
            return arrayList;
        }
        for (Map.Entry<String, ConfigurationSegment> entry : map.entrySet()) {
            try {
                SshAccountImpl sshAccountImpl = (SshAccountImpl) entry.getValue().mapToObject(SshAccountImpl.class);
                sshAccountImpl.setLoginName(entry.getKey());
                arrayList.add(sshAccountImpl);
            } catch (IOException unused) {
                throw new ConfigurationException("Error parsing the SSH account entry \"" + entry.getKey() + "\" loaded from " + str);
            }
        }
        return arrayList;
    }

    private void updateEffectiveAccountLookup() {
        HashMap hashMap = new HashMap();
        if (this.staticAccounts.isEmpty()) {
            this.accountDataOriginInfo = "dynamic";
        } else if (this.dynamicAccounts.isEmpty()) {
            this.accountDataOriginInfo = "static";
        } else {
            this.log.warn("Merging " + this.staticAccounts.size() + " initial SSH accounts with " + this.dynamicAccounts.size() + " loaded from " + DYNAMIC_ACCOUNTS_FILENAME + "; accounts from the latter take precedence");
            this.accountDataOriginInfo = "merged";
        }
        for (SshAccountImpl sshAccountImpl : this.staticAccounts) {
            SshAccountImpl sshAccountImpl2 = (SshAccountImpl) hashMap.put(sshAccountImpl.getLoginName(), sshAccountImpl);
            if (sshAccountImpl2 != null) {
                this.log.warn("Found multiple static SSH accounts with login name '" + sshAccountImpl.getLoginName() + "'");
                if (sshAccountImpl.isEnabled() != sshAccountImpl2.isEnabled()) {
                    this.log.warn("The SSH accounts with the same login name '" + sshAccountImpl.getLoginName() + "' have different 'enabled' settings (current account: " + sshAccountImpl.isEnabled() + "). Unless this is intentional, it is highly recommended to check your configuration!");
                }
            }
        }
        for (SshAccountImpl sshAccountImpl3 : this.dynamicAccounts) {
            SshAccountImpl sshAccountImpl4 = (SshAccountImpl) hashMap.put(sshAccountImpl3.getLoginName(), sshAccountImpl3);
            if (sshAccountImpl4 != null) {
                this.log.warn("SSH account '" + sshAccountImpl3.getLoginName() + "' loaded from " + DYNAMIC_ACCOUNTS_FILENAME + " replaces a previous account with the same login name");
                if (sshAccountImpl3.isEnabled() != sshAccountImpl4.isEnabled()) {
                    this.log.warn("The SSH accounts with the same login name '" + sshAccountImpl3.getLoginName() + "' have different 'enabled' settings (current account: " + sshAccountImpl3.isEnabled() + "). Unless this is intentional, it is highly recommended to check your configuration!");
                }
            }
        }
        this.currentAccountMap = hashMap;
    }
}
