package de.fzj.unicore.wsrflite.impl;

import de.fzj.unicore.wsrflite.Home;
import de.fzj.unicore.wsrflite.Kernel;
import de.fzj.unicore.wsrflite.Resource;
import de.fzj.unicore.wsrflite.exceptions.UnableToSetTerminationTimeException;
import de.fzj.unicore.wsrflite.messaging.PullPoint;
import de.fzj.unicore.wsrflite.persistence.Persist;
import de.fzj.unicore.wsrflite.persistence.PersistenceManager;
import de.fzj.unicore.wsrflite.persistence.PersistenceSettings;
import de.fzj.unicore.wsrflite.security.SecurityManager;
import de.fzj.unicore.wsrflite.utils.Utilities;
import eu.unicore.security.AuthorisationException;
import eu.unicore.security.Client;
import eu.unicore.security.SecurityTokens;
import eu.unicore.security.etd.TrustDelegation;
import eu.unicore.security.util.Log;
import java.io.Serializable;
import java.lang.reflect.Field;
import java.security.cert.CertPath;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;

/* loaded from: input_file:de/fzj/unicore/wsrflite/impl/ResourceImpl.class */
public abstract class ResourceImpl implements Resource {
    private String serviceName;
    protected transient Home home;

    @Persist
    private Calendar terminationTime;

    @Persist
    private X500Principal owner;
    public static final String INIT_INITIAL_TERMINATION_TIME = "de.fzj.unicore.wsrflite.terminationtime.initialvalue";
    private static final Logger logger = Log.getLogger("unicore.wsrflite", ResourceImpl.class);
    private static int defaultLifetime = -1;
    public static final String INIT_UNIQUE_ID = ResourceImpl.class.getName() + ".init.uniqueid";
    public static final String INITPARAM_SECURITYCONTEXT = ResourceImpl.class.getName() + ".init.securityContext";
    public static final String INITPARAM_PUBLISH_TO_REGISTRY = ResourceImpl.class.getName() + ".init.publish";
    public static final String INITPARAM_CLIENT = ResourceImpl.class.getName() + ".init.clientReference";
    private transient InheritableThreadLocal<Map<String, Object>> securityContexts = new InheritableThreadLocal<>();
    protected boolean isDirty = false;
    private transient boolean isDestroyed = false;

    @Persist
    protected String initialXlogin = null;
    private String uniqueID = Utilities.newUniqueID();

    public void setDirty() {
        this.isDirty = true;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void clearChangeFlag() {
        this.isDirty = false;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void postActivate() {
        getClient();
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public String getUniqueID() {
        return this.uniqueID;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public String getServiceName() {
        return this.serviceName;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void setServiceName(String str) {
        this.serviceName = str;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public boolean isExpired() {
        return this.terminationTime != null && this.terminationTime.compareTo(Calendar.getInstance()) <= 0;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public Calendar getTerminationTime() {
        return this.terminationTime;
    }

    public void setTerminationTime(Calendar calendar) throws UnableToSetTerminationTimeException {
        String perServiceProperty = Kernel.getKernel().getPerServiceProperty(DefaultHome.MAXIMUM_LIFETIME, this.serviceName, null);
        try {
            if (perServiceProperty != null) {
                try {
                    int parseInt = Integer.parseInt(perServiceProperty);
                    boolean z = false;
                    if (calendar == null) {
                        z = true;
                    } else if ((calendar.getTimeInMillis() - System.currentTimeMillis()) / 1000 > parseInt) {
                        z = true;
                    }
                    if (z) {
                        throw new IllegalArgumentException("Requested lifetime is larger than maximum configured on the system.");
                    }
                } catch (NumberFormatException e) {
                    throw new IllegalArgumentException("Server error: configured maximum lifetime is not valid.");
                }
            }
            this.terminationTime = calendar;
            if (this.home != null) {
                this.home.setTerminationTime(this.uniqueID, calendar);
            }
        } catch (Exception e2) {
            Log.logException("Error setting tt.", e2, logger);
            throw new UnableToSetTerminationTimeException(e2);
        }
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public boolean hasChanged() {
        return this.isDirty;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void destroy() {
        try {
            X500Principal owner = getOwner();
            if (owner != null) {
                ((DefaultHome) this.home).instanceDestroyed(owner.toString());
            }
        } catch (Exception e) {
            Log.logException("Error decreasing number of service instances.", e, logger);
        }
        this.isDestroyed = true;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public final boolean isDestroyed() {
        return this.isDestroyed;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void setHome(Home home) {
        this.home = home;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public Home getHome() {
        return this.home;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void initialise(String str, Map<String, Object> map) throws Exception {
        setServiceName(str);
        if (map == null) {
            map = new HashMap();
        }
        String str2 = (String) map.get(INIT_UNIQUE_ID);
        if (str2 != null) {
            setUniqueID(str2);
        }
        Calendar calendar = (Calendar) map.get(INIT_INITIAL_TERMINATION_TIME);
        if (calendar == null) {
            calendar = new GregorianCalendar();
            calendar.add(13, getDefaultLifetime());
        }
        setTerminationTime(calendar);
        Map<String, Object> map2 = (Map) map.get(INITPARAM_SECURITYCONTEXT);
        if (map2 != null) {
            setSecurityContext(map2);
            setDefaultOwner();
        }
        Client client = (Client) map.get(INITPARAM_CLIENT);
        if (client != null) {
            this.initialXlogin = client.getUserName();
            logger.debug("Set xlogin to " + this.initialXlogin);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Initialised <" + getServiceName() + ">" + str2 + ", TT = " + calendar.getTime());
        }
    }

    protected int getDefaultLifetime() {
        if (defaultLifetime == -1) {
            try {
                String perServiceProperty = Kernel.getKernel().getPerServiceProperty(DefaultHome.DEFAULT_LIFETIME, this.serviceName, "86400");
                if (perServiceProperty != null) {
                    defaultLifetime = Integer.parseInt(perServiceProperty);
                    if (defaultLifetime <= 0) {
                        throw new IllegalArgumentException("Specified lifetime is not valid.");
                    }
                } else {
                    defaultLifetime = 86400;
                }
            } catch (Exception e) {
                logger.debug("Error parsing/using specified lifetime, fallback to default (24 hours).");
                defaultLifetime = 86400;
            }
        }
        return defaultLifetime;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public Map<String, Serializable> passivate() {
        this.securityContexts.remove();
        HashMap hashMap = new HashMap();
        PersistenceSettings persistenceSettings = PersistenceManager.getPersistenceSettings(getClass());
        for (String str : persistenceSettings.getPersistentFieldKeys()) {
            Field field = persistenceSettings.getField(str);
            try {
                hashMap.put(str, (Serializable) field.get(this));
            } catch (Exception e) {
                Log.logException("INTERNAL ERROR persisting: " + field.getName() + " for service " + getServiceName(), e, logger);
            }
        }
        return hashMap;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void activate(Map<String, Serializable> map) {
        PersistenceSettings persistenceSettings = PersistenceManager.getPersistenceSettings(getClass());
        for (String str : persistenceSettings.getPersistentFieldKeys()) {
            Field field = persistenceSettings.getField(str);
            try {
                field.set(this, map.get(str));
            } catch (IllegalAccessException e) {
                Log.logException("INTERNAL ERROR writing: " + field.getName(), e, logger);
            }
        }
        this.isDirty = false;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void setUniqueID(String str) {
        this.uniqueID = str;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void processMessages(PullPoint pullPoint) {
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public Map<String, Object> getSecurityContext() {
        return this.securityContexts.get();
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void setSecurityContext(Map<String, Object> map) {
        this.securityContexts.set(map);
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void clearSecurityContext() {
        this.securityContexts.remove();
    }

    public synchronized Client getClient() throws AuthorisationException {
        if (getSecurityContext() == null) {
            return null;
        }
        Client client = (Client) getSecurityContext().get("unicore.authz.client");
        if (client == null) {
            client = SecurityManager.createAndAuthoriseClient(getSecurityTokens());
            getSecurityContext().put("unicore.authz.client", client);
            if (this.initialXlogin != null) {
                try {
                    if (client.getXlogin().isValid(this.initialXlogin)) {
                        client.setUserName(this.initialXlogin);
                        if (logger.isDebugEnabled()) {
                            logger.debug("Using user name <" + this.initialXlogin + ">");
                        }
                    }
                } catch (Exception e) {
                    Log.logException("Error setting user name.", e, logger);
                }
            }
        }
        return client;
    }

    public X500Principal getOwner() {
        if (this.owner != null) {
            return this.owner;
        }
        try {
            this.owner = SecurityManager.getServerIdentity();
            logger.debug("Setting server as owner of " + getServiceName() + "<" + getUniqueID() + ">");
            return this.owner;
        } catch (Exception e) {
            Log.logException("Error setting owner attribute.", e, logger);
            return null;
        }
    }

    protected void setDefaultOwner() {
        SecurityTokens securityTokens = getSecurityTokens();
        if (securityTokens != null) {
            X500Principal effectiveUserName = securityTokens.getEffectiveUserName();
            if (SecurityManager.isProxyModeEnabled()) {
                try {
                    effectiveUserName = SecurityManager.getProxiedUserCert(securityTokens).getSubjectX500Principal();
                } catch (CertificateException e) {
                    Log.logException("Invalid certs for request?", e, logger);
                }
            }
            if (effectiveUserName != null) {
                setOwner(effectiveUserName);
            }
        }
        if (logger.isDebugEnabled()) {
            if (this.owner != null) {
                logger.debug("Owner: " + getOwner().getName());
            } else {
                logger.debug("Owner could not be assigned.");
            }
        }
    }

    public SecurityTokens getSecurityTokens() {
        try {
            return (SecurityTokens) getSecurityContext().get(SecurityTokens.KEY);
        } catch (NullPointerException e) {
            return null;
        }
    }

    public List<TrustDelegation> getTrustDelegationTokens() {
        return getSecurityTokens().getTrustDelegationTokens();
    }

    public void setOwner(CertPath certPath) {
        this.owner = ((X509Certificate) certPath.getCertificates().get(0)).getSubjectX500Principal();
    }

    public void setOwner(X509Certificate x509Certificate) {
        this.owner = x509Certificate.getSubjectX500Principal();
    }

    public void setOwner(X500Principal x500Principal) {
        this.owner = x500Principal;
    }

    public void setOwner(String str) {
        this.owner = new X500Principal(str);
    }
}
