package com.dbeaver.db.postgresql.krb5;

import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.sql.Connection;
import java.util.Iterator;
import java.util.Properties;
import javax.security.auth.login.Configuration;
import org.jkiss.dbeaver.Log;
import org.jkiss.dbeaver.model.connection.DBPConnectionConfiguration;
import org.jkiss.dbeaver.model.exec.DBCException;
import org.jkiss.dbeaver.model.impl.jdbc.JDBCConnectionConfigurer;
import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
import org.jkiss.utils.CommonUtils;

/* loaded from: input_file:com/dbeaver/db/postgresql/krb5/PostgreKerberosConnectionConfigurer.class */
public class PostgreKerberosConnectionConfigurer implements JDBCConnectionConfigurer {
    private static final String JAVA_SECURITY_KRB5_CONF = "java.security.krb5.conf";
    private static final String JAVA_SECURITY_AUTH_LOGIN_CONFIG = "java.security.auth.login.config";
    private static final String JAVA_SECURITY_KRB5_REALM = "java.security.krb5.realm";
    private static final String JAVA_SECURITY_KRB5_KDC = "java.security.krb5.kdc";
    private static final Log log = Log.getLog(PostgreKerberosConnectionConfigurer.class);

    public void beforeConnection(DBRProgressMonitor dBRProgressMonitor, DBPConnectionConfiguration dBPConnectionConfiguration, Properties properties) throws DBCException {
        try {
            initKerberos(dBPConnectionConfiguration);
        } catch (IOException e) {
            throw new DBCException("IO error", e);
        }
    }

    public void afterConnection(DBRProgressMonitor dBRProgressMonitor, DBPConnectionConfiguration dBPConnectionConfiguration, Properties properties, Connection connection, Throwable th) {
        System.clearProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG);
        System.clearProperty(JAVA_SECURITY_KRB5_CONF);
        System.clearProperty(JAVA_SECURITY_KRB5_REALM);
        System.clearProperty(JAVA_SECURITY_KRB5_KDC);
    }

    private void initKerberos(DBPConnectionConfiguration dBPConnectionConfiguration) throws IOException, DBCException {
        DBWHandlerConfiguration dBWHandlerConfiguration = null;
        Iterator it = dBPConnectionConfiguration.getHandlers().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            DBWHandlerConfiguration dBWHandlerConfiguration2 = (DBWHandlerConfiguration) it.next();
            if (dBWHandlerConfiguration2.getId().equals("postgres_kerberos") && dBWHandlerConfiguration2.isEnabled()) {
                dBWHandlerConfiguration = dBWHandlerConfiguration2;
                break;
            }
        }
        if (dBWHandlerConfiguration != null) {
            String userName = dBPConnectionConfiguration.getUserName();
            String createJaasFile = createJaasFile(dBWHandlerConfiguration, userName);
            log.debug("Setting kerberos properties");
            System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, createJaasFile);
            if (!((Boolean) dBWHandlerConfiguration.getProperties().get(KerberosConstants.USE_KINIT)).booleanValue()) {
                Boolean valueOf = Boolean.valueOf(CommonUtils.getBoolean(dBWHandlerConfiguration.getProperties().get(KerberosConstants.SPECIFY_KRB5_CONF), Boolean.FALSE.booleanValue()));
                Boolean valueOf2 = Boolean.valueOf(CommonUtils.getBoolean(dBWHandlerConfiguration.getProperties().get(KerberosConstants.KRB5_KDC_OVER_TCP), Boolean.FALSE.booleanValue()));
                if (valueOf.booleanValue()) {
                    String commonUtils = CommonUtils.toString(dBWHandlerConfiguration.getProperties().get(KerberosConstants.KRB5_CONF_PATH));
                    if (!CommonUtils.isEmpty(commonUtils)) {
                        System.setProperty(JAVA_SECURITY_KRB5_CONF, commonUtils);
                    }
                } else if (valueOf2.booleanValue()) {
                    File createTempFile = File.createTempFile("dbeaver.krb5-", ".conf");
                    FileWriter fileWriter = new FileWriter(createTempFile);
                    fileWriter.write("[libdefaults]\n");
                    fileWriter.write("  udp_preference_limit=1\n");
                    fileWriter.close();
                    System.setProperty(JAVA_SECURITY_KRB5_CONF, createTempFile.getAbsolutePath());
                }
                String commonUtils2 = CommonUtils.toString(dBWHandlerConfiguration.getProperties().get(KerberosConstants.REALM));
                String commonUtils3 = CommonUtils.toString(dBWHandlerConfiguration.getProperties().get(KerberosConstants.KDC_SERVER));
                boolean isEmpty = CommonUtils.isEmpty(commonUtils2);
                boolean isEmpty2 = CommonUtils.isEmpty(commonUtils3);
                if (isEmpty) {
                    if (userName.contains("@")) {
                        commonUtils2 = userName.substring(userName.lastIndexOf(64) + 1);
                    }
                    if (!CommonUtils.isEmpty(commonUtils3)) {
                        System.setProperty(JAVA_SECURITY_KRB5_KDC, commonUtils3);
                    }
                }
                boolean isEmpty3 = CommonUtils.isEmpty(commonUtils2);
                if (isEmpty3) {
                    throw new DBCException(KerberosResources.exception_specify_realm);
                }
                System.setProperty(JAVA_SECURITY_KRB5_REALM, commonUtils2);
                if (!isEmpty2) {
                    System.setProperty(JAVA_SECURITY_KRB5_KDC, commonUtils3);
                }
                if (isEmpty3 ^ isEmpty2) {
                    throw new DBCException(KerberosResources.exception_specify_kdc_and_realm);
                }
            }
            Configuration.getConfiguration().refresh();
        }
    }

    private String createJaasFile(DBWHandlerConfiguration dBWHandlerConfiguration, String str) throws IOException {
        log.debug("Creating JAAS file for kerberos");
        Boolean valueOf = Boolean.valueOf(CommonUtils.getBoolean(dBWHandlerConfiguration.getProperties().get(KerberosConstants.USE_KINIT), Boolean.FALSE.booleanValue()));
        Boolean valueOf2 = Boolean.valueOf(CommonUtils.getBoolean(dBWHandlerConfiguration.getProperties().get(KerberosConstants.USE_KEYTAB), Boolean.FALSE.booleanValue()));
        Boolean valueOf3 = Boolean.valueOf(CommonUtils.getBoolean(dBWHandlerConfiguration.getProperties().get(KerberosConstants.KRB5_DEBUG), Boolean.FALSE.booleanValue()));
        String str2 = null;
        if (dBWHandlerConfiguration.getProperties().containsKey(KerberosConstants.KEYTAB_PATH)) {
            str2 = CommonUtils.toString(dBWHandlerConfiguration.getProperties().get(KerberosConstants.KEYTAB_PATH));
        }
        File createTempFile = File.createTempFile("dbeaver.jaas-", ".conf");
        FileWriter fileWriter = new FileWriter(createTempFile);
        fileWriter.write("pgjdbc {\n");
        fileWriter.write("  com.sun.security.auth.module.Krb5LoginModule required\n");
        fileWriter.write("  useTicketCache=true\n");
        fileWriter.write("  renewTGT=true\n");
        fileWriter.write(String.format("  principal=\"%s\"\n", str));
        if (valueOf2.booleanValue() || valueOf.booleanValue()) {
            fileWriter.write("  doNotPrompt=true\n");
        } else {
            fileWriter.write("  doNotPrompt=false\n");
        }
        if (valueOf2.booleanValue()) {
            fileWriter.write("  useKeyTab=true\n");
            fileWriter.write(String.format("  keyTab=\"%s\"\n", str2.replace("\\", "\\\\")));
        }
        fileWriter.write("  client=true\n");
        fileWriter.write("  refreshKrb5Config=true\n");
        fileWriter.write("  debug=" + valueOf3 + ";\n");
        fileWriter.write("};\n");
        fileWriter.flush();
        fileWriter.close();
        return createTempFile.getAbsolutePath();
    }
}
