package org.apache.avalon.phoenix.components.classloader;

import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AllPermission;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Permission;
import java.security.Permissions;
import java.security.UnresolvedPermission;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.PropertyPermission;
import java.util.StringTokenizer;
import org.apache.avalon.excalibur.i18n.ResourceManager;
import org.apache.avalon.excalibur.i18n.Resources;
import org.apache.avalon.framework.configuration.Configurable;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.context.DefaultContext;
import org.apache.avalon.phoenix.components.util.ResourceUtil;
import org.apache.xalan.templates.Constants;
import org.apache.xpath.compiler.PsuedoNames;

/* loaded from: input_file:WEB-INF/lib/avalon-phoenix-engine-4.0.4.jar:org/apache/avalon/phoenix/components/classloader/DefaultPolicy.class */
class DefaultPolicy extends AbstractPolicy implements Configurable {
    private static final Resources REZ;
    private final File m_baseDirectory;
    private final File m_workDirectory;
    private DefaultContext m_context;
    static Class class$org$apache$avalon$phoenix$components$classloader$DefaultPolicy;
    static Class class$java$lang$String;

    /* JADX INFO: Access modifiers changed from: protected */
    public DefaultPolicy(File file, File file2) {
        HashMap hashMap = new HashMap();
        hashMap.putAll(System.getProperties());
        this.m_context = new DefaultContext(hashMap);
        this.m_context.put(PsuedoNames.PSEUDONAME_ROOT, File.separator);
        this.m_context.put("app.home", file);
        this.m_workDirectory = file2;
        this.m_baseDirectory = file;
    }

    @Override // org.apache.avalon.framework.configuration.Configurable
    public void configure(Configuration configuration) throws ConfigurationException {
        setupDefaultPermissions();
        HashMap configureKeyStores = configureKeyStores(configuration.getChildren("keystore"));
        Configuration[] children = configuration.getChildren("grant");
        if (0 != children.length) {
            configureGrants(children, configureKeyStores);
            return;
        }
        getLogger().info(REZ.getString("policy.notice.full-perms"));
        createPermissionSetFor(getInclusiveURL(), (Certificate[]) null).add(new AllPermission());
    }

    private URL getInclusiveURL() {
        try {
            return new URL("file:/-");
        } catch (MalformedURLException e) {
            return null;
        }
    }

    private void setupDefaultPermissions() {
        Permissions createPermissionSetFor = createPermissionSetFor(getInclusiveURL(), (Certificate[]) null);
        createPermissionSetFor.add(new PropertyPermission("os.name", "read"));
        createPermissionSetFor.add(new PropertyPermission("os.arch", "read"));
        createPermissionSetFor.add(new PropertyPermission("os.version", "read"));
        createPermissionSetFor.add(new PropertyPermission("file.separator", "read"));
        createPermissionSetFor.add(new PropertyPermission("path.separator", "read"));
        createPermissionSetFor.add(new PropertyPermission("line.separator", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.version", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vendor", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vendor.url", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.class.version", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vm.version", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vm.vendor", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vm.name", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.specification.version", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.specification.vendor", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.specification.name", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vm.specification.version", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vm.specification.vendor", "read"));
        createPermissionSetFor.add(new PropertyPermission("java.vm.specification.name", "read"));
    }

    private HashMap configureKeyStores(Configuration[] configurationArr) throws ConfigurationException {
        HashMap hashMap = new HashMap();
        for (Configuration configuration : configurationArr) {
            String attribute = configuration.getAttribute("type");
            String attribute2 = configuration.getAttribute("location");
            String attribute3 = configuration.getAttribute(Constants.ATTRNAME_NAME);
            try {
                KeyStore keyStore = KeyStore.getInstance(attribute);
                keyStore.load(new URL(attribute2).openStream(), null);
                hashMap.put(attribute3, keyStore);
            } catch (Exception e) {
                throw new ConfigurationException(REZ.getString("policy.error.keystore.config", attribute3), e);
            }
        }
        return hashMap;
    }

    private void configureGrants(Configuration[] configurationArr, HashMap hashMap) throws ConfigurationException {
        for (Configuration configuration : configurationArr) {
            configureGrant(configuration, hashMap);
        }
    }

    private void configureGrant(Configuration configuration, HashMap hashMap) throws ConfigurationException {
        String attribute = configuration.getAttribute("signed-by", null);
        String attribute2 = configuration.getAttribute("key-store", null);
        String attribute3 = configuration.getAttribute("code-base", null);
        if (null != attribute3) {
            attribute3 = ResourceUtil.expandSarURL(expand(attribute3), this.m_baseDirectory, this.m_workDirectory);
        }
        try {
            configurePermissions(configuration.getChildren("permission"), createPermissionSetFor(attribute3, getSigners(attribute, attribute2, hashMap)), hashMap);
        } catch (MalformedURLException e) {
            throw new ConfigurationException(REZ.getString("policy.error.codebase.malformed", attribute3), e);
        }
    }

    private void configurePermissions(Configuration[] configurationArr, Permissions permissions, HashMap hashMap) throws ConfigurationException {
        for (Configuration configuration : configurationArr) {
            configurePermission(configuration, permissions, hashMap);
        }
    }

    private void configurePermission(Configuration configuration, Permissions permissions, HashMap hashMap) throws ConfigurationException {
        String attribute = configuration.getAttribute(Constants.ATTRNAME_CLASS);
        String attribute2 = configuration.getAttribute("actions", null);
        String attribute3 = configuration.getAttribute("signed-by", null);
        String attribute4 = configuration.getAttribute("key-store", null);
        String attribute5 = configuration.getAttribute("target", null);
        if (null != attribute5) {
            attribute5 = expand(attribute5);
        }
        permissions.add(createPermission(attribute, attribute5, attribute2, getSigners(attribute3, attribute4, hashMap)));
    }

    private String expand(String str) throws ConfigurationException {
        try {
            return PropertyUtil.resolveProperty(str, this.m_context, false).toString();
        } catch (Exception e) {
            throw new ConfigurationException(REZ.getString("policy.error.property.resolve", str), e);
        }
    }

    private Permission createPermission(String str, String str2, String str3, Certificate[] certificateArr) throws ConfigurationException {
        Class<?>[] clsArr;
        Class<?> cls;
        Class<?> cls2;
        Object[] objArr;
        Class<?> cls3;
        if (null != certificateArr) {
            return createUnresolvedPermission(str, str2, str3, certificateArr);
        }
        try {
            Class<?> cls4 = Class.forName(str);
            if (null == str3 && null == str2) {
                clsArr = new Class[0];
                objArr = new Object[0];
            } else if (null == str3) {
                clsArr = new Class[1];
                if (class$java$lang$String == null) {
                    cls3 = class$("java.lang.String");
                    class$java$lang$String = cls3;
                } else {
                    cls3 = class$java$lang$String;
                }
                clsArr[0] = cls3;
                objArr = new Object[]{str2};
            } else {
                clsArr = new Class[2];
                if (class$java$lang$String == null) {
                    cls = class$("java.lang.String");
                    class$java$lang$String = cls;
                } else {
                    cls = class$java$lang$String;
                }
                clsArr[0] = cls;
                if (class$java$lang$String == null) {
                    cls2 = class$("java.lang.String");
                    class$java$lang$String = cls2;
                } else {
                    cls2 = class$java$lang$String;
                }
                clsArr[1] = cls2;
                objArr = new Object[]{str2, str3};
            }
            return (Permission) cls4.getConstructor(clsArr).newInstance(objArr);
        } catch (ClassNotFoundException e) {
            return createUnresolvedPermission(str, str2, str3, certificateArr);
        } catch (Exception e2) {
            throw new ConfigurationException(REZ.getString("policy.error.permission.create", str), e2);
        }
    }

    private Permission createUnresolvedPermission(String str, String str2, String str3, Certificate[] certificateArr) {
        return new UnresolvedPermission(str, str2, str3, certificateArr);
    }

    private Certificate[] getSigners(String str, String str2, HashMap hashMap) throws ConfigurationException {
        if (null != str && null == str2) {
            str2 = Constants.ATTRNAME_DEFAULT;
        }
        Certificate[] certificateArr = null;
        if (null != str) {
            certificateArr = getCertificates(str, str2, hashMap);
        }
        return certificateArr;
    }

    private Certificate[] getCertificates(String str, String str2, HashMap hashMap) throws ConfigurationException {
        KeyStore keyStore = (KeyStore) hashMap.get(str2);
        if (null == keyStore) {
            throw new ConfigurationException(REZ.getString("policy.error.keystore.aquire", str2));
        }
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            try {
                Certificate certificate = keyStore.getCertificate(trim);
                if (null == certificate) {
                    throw new ConfigurationException(REZ.getString("policy.error.alias.missing", trim, str2));
                }
                if (!arrayList.contains(certificate)) {
                    arrayList.add(certificate);
                }
            } catch (KeyStoreException e) {
                throw new ConfigurationException(REZ.getString("policy.error.certificate.aquire", trim), e);
            }
        }
        return (Certificate[]) arrayList.toArray(new Certificate[0]);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$avalon$phoenix$components$classloader$DefaultPolicy == null) {
            cls = class$("org.apache.avalon.phoenix.components.classloader.DefaultPolicy");
            class$org$apache$avalon$phoenix$components$classloader$DefaultPolicy = cls;
        } else {
            cls = class$org$apache$avalon$phoenix$components$classloader$DefaultPolicy;
        }
        REZ = ResourceManager.getPackageResources(cls);
    }
}
