package org.gcube.common.core.security.context.impl;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.StringReader;
import javax.security.auth.Subject;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.axis.ConfigurationException;
import org.gcube.common.core.contexts.GHNClientContext;
import org.gcube.common.core.contexts.GHNContext;
import org.gcube.common.core.security.GCUBEClientSecurityManager;
import org.gcube.common.core.security.GCUBESecurityManager;
import org.gcube.common.core.security.context.SecurityContext;
import org.gcube.common.core.security.utils.ClientCredentialsBean;
import org.gcube.common.core.security.utils.ProxyUtil;
import org.gcube.common.core.utils.logging.GCUBELog;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.gsi.jaas.JaasGssUtil;
import org.globus.wsrf.impl.security.descriptor.CredentialParamsParser;
import org.globus.wsrf.impl.security.descriptor.SecurityConfig;
import org.ietf.jgss.GSSCredential;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:WEB-INF/lib/gcf-1.6.2-3.8.0.jar:org/gcube/common/core/security/context/impl/DefaultGHNClientSecurityContext.class */
public class DefaultGHNClientSecurityContext extends DefaultGHNSecurityContext {
    private GCUBELog logger = new GCUBELog(this);

    public DefaultGHNClientSecurityContext() {
        init();
    }

    private void init() {
        String str = null;
        try {
            this.logger.debug("Loading client mode default security configuration");
            str = (String) ((GHNClientContext) GHNContext.getContext()).getServerWsddDocument().getDeployment().getGlobalOptions().get(SecurityContext.DEFAULT_SECURITY_CONFIGURATION);
            this.logger.debug(str);
        } catch (ConfigurationException e) {
            this.logger.error("Server.wsdd configuration error", e);
        }
        super.init(str);
    }

    @Override // org.gcube.common.core.security.context.SecurityContext
    public Subject getDefaultSubject() {
        if (this.defaultCredentials == null) {
            this.defaultCredentials = getDefaultCredentials();
        }
        if (this.defaultSubject == null && this.defaultCredentials != null) {
            try {
                this.defaultSubject = JaasGssUtil.createSubject(this.defaultCredentials);
            } catch (Exception e) {
                this.logger.error("Error in loading the subject ", e);
            }
        }
        return this.defaultSubject;
    }

    @Override // org.gcube.common.core.security.context.SecurityContext
    public GSSCredential getDefaultCredentials() {
        if (this.defaultCredentials == null) {
            try {
                this.logger.debug("Loading client mode container credentials");
                String str = GHNContext.getContext().getLocation() + File.separatorChar + ((GHNClientContext) GHNContext.getContext()).getServerWsddDocument().getDeployment().getGlobalConfiguration().getParameter(SecurityConfig.CONT_SEC_DESCRIPTOR);
                this.logger.debug(str);
                BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
                StringBuilder sb = new StringBuilder();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                }
                this.logger.debug("Sec desc " + sb.toString());
                Element stringToElement = stringToElement(sb.toString());
                NodeList elementsByTagName = stringToElement.getElementsByTagName(CredentialParamsParser.CREDENTIAL_NAME);
                if (elementsByTagName == null || elementsByTagName.getLength() == 0) {
                    elementsByTagName = stringToElement.getElementsByTagName(CredentialParamsParser.PROXY_FILE_NAME);
                }
                if (elementsByTagName != null && elementsByTagName.getLength() > 0) {
                    Element element = (Element) elementsByTagName.item(0);
                    ClientCredentialsBean clientCredentialsBean = new ClientCredentialsBean();
                    new CredentialParamsParser(clientCredentialsBean).parse(element);
                    String proxyFile = clientCredentialsBean.getProxyFile();
                    this.logger.debug("Proxy file = " + proxyFile);
                    if (proxyFile != null) {
                        this.defaultCredentials = ProxyUtil.loadProxyCredentials(proxyFile);
                    } else if (clientCredentialsBean.getCertFile() != null && clientCredentialsBean.getKeyFile() != null) {
                        String certFile = clientCredentialsBean.getCertFile();
                        String keyFile = clientCredentialsBean.getKeyFile();
                        this.logger.debug("Cert file = " + certFile);
                        this.logger.debug("Key file = " + keyFile);
                        this.defaultCredentials = new GlobusGSSCredentialImpl(new GlobusCredential(certFile, keyFile), 0);
                    }
                }
            } catch (Exception e) {
                this.logger.error("Unable to load container credentials, some operations could be not available", e);
            }
        }
        return this.defaultCredentials;
    }

    @Override // org.gcube.common.core.security.context.SecurityContext
    public GCUBESecurityManager getDefaultSecurityManager() throws Exception {
        this.logger.debug("Generate default security manager");
        this.logger.debug("Client mode: generating a Client security manager");
        return (GCUBESecurityManager) GHNContext.getImplementation(GCUBEClientSecurityManager.class);
    }

    private Element stringToElement(String str) throws Exception {
        return string2Document(str).getDocumentElement();
    }

    private Document string2Document(String str) {
        Document document = null;
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            document = newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return document;
    }
}
