package org.apache.kafka.common.utils;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.util.Collection;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import org.apache.kafka.common.Uuid;
import org.apache.kafka.common.acl.AccessControlEntry;
import org.apache.kafka.common.acl.AccessControlEntryFilter;
import org.apache.kafka.common.acl.AclBinding;
import org.apache.kafka.common.acl.AclBindingFilter;
import org.apache.kafka.common.acl.AclOperation;
import org.apache.kafka.common.acl.AclPermissionType;
import org.apache.kafka.common.config.AbstractConfig;
import org.apache.kafka.common.config.SecurityConfig;
import org.apache.kafka.common.config.SslConfigs;
import org.apache.kafka.common.resource.PatternType;
import org.apache.kafka.common.resource.ResourcePattern;
import org.apache.kafka.common.resource.ResourceType;
import org.apache.kafka.common.security.auth.KafkaPrincipal;
import org.apache.kafka.common.security.auth.SecurityProviderCreator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/kafka/common/utils/SecurityUtils.class */
public class SecurityUtils {
    private static final Logger LOGGER = LoggerFactory.getLogger(SecurityConfig.class);
    private static final Map<String, ResourceType> NAME_TO_RESOURCE_TYPES = new HashMap(ResourceType.values().length);
    private static final Map<String, PatternType> NAME_TO_PATTERN_TYPES = new HashMap(PatternType.values().length);
    private static final Map<String, AclOperation> NAME_TO_OPERATIONS = new HashMap(AclOperation.values().length);
    private static final Map<String, AclPermissionType> NAME_TO_PERMISSION_TYPES = new HashMap(AclPermissionType.values().length);

    public static KafkaPrincipal parseKafkaPrincipal(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("expected a string in format principalType:principalName but got " + str);
        }
        String[] split = str.split(":", 2);
        if (split.length != 2) {
            throw new IllegalArgumentException("expected a string in format principalType:principalName but got " + str);
        }
        return new KafkaPrincipal(split[0], split[1]);
    }

    public static void addConfiguredSecurityProviders(Map<String, ?> map) {
        String str = (String) map.get("security.providers");
        if (str == null || str.isEmpty()) {
            return;
        }
        try {
            String[] split = str.replaceAll("\\s+", "").split(",");
            for (int i = 0; i < split.length; i++) {
                SecurityProviderCreator securityProviderCreator = (SecurityProviderCreator) Class.forName(split[i]).getConstructor(new Class[0]).newInstance(new Object[0]);
                securityProviderCreator.configure(map);
                Security.insertProviderAt(securityProviderCreator.getProvider(), i + 1);
            }
        } catch (ClassCastException e) {
            LOGGER.error("Creators provided through security.providers are expected to be sub-classes of SecurityProviderCreator");
        } catch (ClassNotFoundException e2) {
            LOGGER.error("Unrecognized security provider creator class", e2);
        } catch (ReflectiveOperationException e3) {
            LOGGER.error("Unexpected implementation of security provider creator class", e3);
        }
    }

    public static void addConfiguredSSLProvider(AbstractConfig abstractConfig) {
        String string = abstractConfig.getString(SslConfigs.SSL_PROVIDER_CONFIG);
        String string2 = abstractConfig.getString(SslConfigs.SSL_PROTOCOL_CONFIG);
        if (string == null || string.isEmpty()) {
            return;
        }
        try {
            LOGGER.info("Initialising SSLContext for the provided provider: " + string);
            SSLContext sSLContext = SSLContext.getInstance(string2, string);
            sSLContext.init(null, null, null);
            SSLContext.setDefault(sSLContext);
            System.out.println(SSLContext.getDefault().getProvider());
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
            LOGGER.info("Set the default ssl socket factory with the provided provider");
        } catch (KeyManagementException e) {
            LOGGER.error("KeyManagement Exception", e);
        } catch (NoSuchAlgorithmException e2) {
            LOGGER.error("Unrecognized SSL protocol", e2);
        } catch (NoSuchProviderException e3) {
            LOGGER.error("Unrecognized SSL provider", e3);
        }
    }

    public static ResourceType resourceType(String str) {
        return (ResourceType) valueFromMap(NAME_TO_RESOURCE_TYPES, str, ResourceType.UNKNOWN);
    }

    public static PatternType patternType(String str) {
        return (PatternType) valueFromMap(NAME_TO_PATTERN_TYPES, str, PatternType.UNKNOWN);
    }

    public static AclOperation operation(String str) {
        return (AclOperation) valueFromMap(NAME_TO_OPERATIONS, str, AclOperation.UNKNOWN);
    }

    public static AclPermissionType permissionType(String str) {
        return (AclPermissionType) valueFromMap(NAME_TO_PERMISSION_TYPES, str, AclPermissionType.UNKNOWN);
    }

    private static <T> T valueFromMap(Map<String, T> map, String str, T t) {
        T t2 = map.get(str);
        if (t2 == null) {
            t2 = map.get(str.toUpperCase(Locale.ROOT));
        }
        return t2 == null ? t : t2;
    }

    public static String resourceTypeName(ResourceType resourceType) {
        return toPascalCase(resourceType.name());
    }

    public static String operationName(AclOperation aclOperation) {
        return toPascalCase(aclOperation.name());
    }

    public static String permissionTypeName(AclPermissionType aclPermissionType) {
        return toPascalCase(aclPermissionType.name());
    }

    public static String toPascalCase(String str) {
        StringBuilder sb = new StringBuilder();
        boolean z = true;
        for (char c : str.toCharArray()) {
            if (c == '_') {
                z = true;
            } else if (z) {
                sb.append(Character.toUpperCase(c));
                z = false;
            } else {
                sb.append(Character.toLowerCase(c));
            }
        }
        return sb.toString();
    }

    public static void authorizeByResourceTypeCheckArgs(AclOperation aclOperation, ResourceType resourceType) {
        if (resourceType == ResourceType.ANY) {
            throw new IllegalArgumentException("Must specify a non-filter resource type for authorizeByResourceType");
        }
        if (resourceType == ResourceType.UNKNOWN) {
            throw new IllegalArgumentException("Unknown resource type");
        }
        if (aclOperation == AclOperation.ANY) {
            throw new IllegalArgumentException("Must specify a non-filter operation type for authorizeByResourceType");
        }
        if (aclOperation == AclOperation.UNKNOWN) {
            throw new IllegalArgumentException("Unknown operation type");
        }
    }

    public static boolean denyAll(ResourcePattern resourcePattern) {
        return resourcePattern.patternType() == PatternType.LITERAL && resourcePattern.name().equals("*");
    }

    public static String clusterLinkDescription(Collection<Uuid> collection) {
        StringBuilder sb = new StringBuilder();
        if (!collection.isEmpty()) {
            sb.append(" (managed by ");
            int i = 0;
            for (Uuid uuid : collection) {
                int i2 = i;
                i++;
                if (i2 != 0) {
                    sb.append(", ");
                }
                sb.append(Uuid.ZERO_UUID.equals(uuid) ? "LocalCluster" : "ClusterLinkId:" + uuid);
            }
            sb.append(")");
        }
        return sb.toString();
    }

    public static AccessControlEntry aceWithClusterLinkIds(AccessControlEntry accessControlEntry, Collection<Uuid> collection) {
        return new AccessControlEntry(accessControlEntry.principal(), accessControlEntry.host(), accessControlEntry.operation(), accessControlEntry.permissionType(), collection);
    }

    public static AccessControlEntry aceWithoutLinkId(AccessControlEntry accessControlEntry) {
        return new AccessControlEntry(accessControlEntry.principal(), accessControlEntry.host(), accessControlEntry.operation(), accessControlEntry.permissionType());
    }

    public static AclBinding aclWithClusterLinkIds(AclBinding aclBinding, Collection<Uuid> collection) {
        return new AclBinding(aclBinding.pattern(), aceWithClusterLinkIds(aclBinding.entry(), collection));
    }

    public static AccessControlEntryFilter aceFilterWithClusterLinkIds(AccessControlEntryFilter accessControlEntryFilter, Collection<Uuid> collection) {
        return new AccessControlEntryFilter(accessControlEntryFilter.principal(), accessControlEntryFilter.host(), accessControlEntryFilter.operation(), accessControlEntryFilter.permissionType(), collection);
    }

    public static AclBindingFilter aclFilterWithClusterLinkIds(AclBindingFilter aclBindingFilter, Collection<Uuid> collection) {
        AccessControlEntryFilter entryFilter = aclBindingFilter.entryFilter();
        return new AclBindingFilter(aclBindingFilter.patternFilter(), new AccessControlEntryFilter(entryFilter.principal(), entryFilter.host(), entryFilter.operation(), entryFilter.permissionType(), collection));
    }

    static {
        for (ResourceType resourceType : ResourceType.values()) {
            String pascalCase = toPascalCase(resourceType.name());
            NAME_TO_RESOURCE_TYPES.put(pascalCase, resourceType);
            NAME_TO_RESOURCE_TYPES.put(pascalCase.toUpperCase(Locale.ROOT), resourceType);
        }
        for (PatternType patternType : PatternType.values()) {
            String pascalCase2 = toPascalCase(patternType.name());
            NAME_TO_PATTERN_TYPES.put(pascalCase2, patternType);
            NAME_TO_PATTERN_TYPES.put(pascalCase2.toUpperCase(Locale.ROOT), patternType);
        }
        for (AclOperation aclOperation : AclOperation.values()) {
            String pascalCase3 = toPascalCase(aclOperation.name());
            NAME_TO_OPERATIONS.put(pascalCase3, aclOperation);
            NAME_TO_OPERATIONS.put(pascalCase3.toUpperCase(Locale.ROOT), aclOperation);
        }
        for (AclPermissionType aclPermissionType : AclPermissionType.values()) {
            String pascalCase4 = toPascalCase(aclPermissionType.name());
            NAME_TO_PERMISSION_TYPES.put(pascalCase4, aclPermissionType);
            NAME_TO_PERMISSION_TYPES.put(pascalCase4.toUpperCase(Locale.ROOT), aclPermissionType);
        }
    }
}
