package org.apache.kerby.kerberos.kerb.admin;

import java.io.File;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Scanner;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.AdminClient;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.AdminConfig;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.AdminUtil;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.command.RemoteAddPrincipalCommand;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.command.RemoteCommand;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.command.RemoteDeletePrincipalCommand;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.command.RemoteGetprincsCommand;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.command.RemotePrintUsageCommand;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.command.RemoteRenamePrincipalCommand;
import org.apache.kerby.kerberos.kerb.common.KrbUtil;
import org.apache.kerby.kerberos.kerb.server.KdcConfig;
import org.apache.kerby.kerberos.kerb.server.KdcUtil;
import org.apache.kerby.kerberos.kerb.transport.KrbNetwork;
import org.apache.kerby.kerberos.kerb.transport.KrbTransport;
import org.apache.kerby.kerberos.kerb.transport.TransportPair;
import org.apache.kerby.util.OSUtil;
import org.apache.zookeeper.server.admin.CommandResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/kerb-admin-1.0.1.jar:org/apache/kerby/kerberos/kerb/admin/RemoteAdminClientTool.class */
public class RemoteAdminClientTool {
    private static KrbTransport transport;
    private static final String USAGE;
    private static final String LEGAL_COMMANDS = "Available commands are: \nadd_principal, addprinc\n                         Add principal\ndelete_principal, delprinc\n                         Delete principal\nrename_principal, renprinc\n                         Rename principal\nlistprincs\n          List principals\n";
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) RemoteAdminClientTool.class);
    private static final byte[] EMPTY = new byte[0];
    private static final String PROMPT = RemoteAdminClientTool.class.getSimpleName() + ".local:";

    public static void main(String[] strArr) throws Exception {
        if (strArr.length < 1) {
            System.err.println(USAGE);
            System.exit(1);
        }
        String str = strArr[0];
        File file = new File(str, "adminClient.conf");
        final AdminConfig adminConfig = new AdminConfig();
        adminConfig.addKrb5Config(file);
        KdcConfig kdcConfig = KdcUtil.getKdcConfig(new File(str));
        if (kdcConfig == null) {
            kdcConfig = new KdcConfig();
        }
        try {
            new Krb5Conf(new File(str), kdcConfig).initKrb5conf();
            AdminClient adminClient = new AdminClient(adminConfig);
            File file2 = new File(adminConfig.getKeyTabFile());
            if (file2 == null || !file2.exists()) {
                System.err.println("Need the valid keytab file value in conf file.");
                return;
            }
            adminClient.setAdminRealm(adminConfig.getAdminRealm());
            adminClient.setAllowTcp(true);
            adminClient.setAllowUdp(false);
            adminClient.setAdminTcpPort(adminConfig.getAdminPort());
            adminClient.init();
            System.out.println("admin init successful");
            TransportPair transportPair = null;
            try {
                transportPair = AdminUtil.getTransportPair(adminClient.getSetting());
            } catch (KrbException e) {
                LOG.error("Fail to get transport pair. " + e);
            }
            KrbNetwork krbNetwork = new KrbNetwork();
            krbNetwork.setSocketTimeout(adminClient.getSetting().getTimeout());
            try {
                transport = krbNetwork.connect(transportPair);
                Subject subject = null;
                try {
                    subject = AuthUtil.loginUsingKeytab(KrbUtil.makeKadminPrincipal(adminClient.getSetting().getKdcRealm()).getName(), new File(adminConfig.getKeyTabFile()));
                } catch (LoginException e2) {
                    LOG.error("Fail to login using keytab. " + e2);
                }
                Subject.doAs(subject, new PrivilegedAction<Object>() { // from class: org.apache.kerby.kerberos.kerb.admin.RemoteAdminClientTool.1
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        try {
                            HashMap hashMap = new HashMap();
                            hashMap.put("javax.security.sasl.qop", "auth-conf");
                            hashMap.put("javax.security.sasl.server.authentication", "true");
                            SaslClient saslClient = null;
                            try {
                                saslClient = Sasl.createSaslClient(new String[]{"GSSAPI"}, (String) null, AdminConfig.this.getProtocol(), AdminConfig.this.getServerName(), hashMap, (CallbackHandler) null);
                            } catch (SaslException e3) {
                                RemoteAdminClientTool.LOG.error("Fail to create sasl client. " + e3);
                            }
                            if (saslClient == null) {
                                throw new KrbException("Unable to find client implementation for: GSSAPI");
                            }
                            byte[] bArr = new byte[0];
                            try {
                                bArr = saslClient.hasInitialResponse() ? saslClient.evaluateChallenge(RemoteAdminClientTool.EMPTY) : RemoteAdminClientTool.EMPTY;
                            } catch (SaslException e4) {
                                RemoteAdminClientTool.LOG.error("Sasl client evaluate challenge failed." + e4);
                            }
                            RemoteAdminClientTool.sendMessage(bArr, saslClient);
                            ByteBuffer receiveMessage = RemoteAdminClientTool.transport.receiveMessage();
                            while (!saslClient.isComplete()) {
                                if (receiveMessage.getInt() == 0) {
                                    System.out.println("Sasl Server completed");
                                }
                                byte[] bArr2 = new byte[receiveMessage.remaining()];
                                receiveMessage.get(bArr2);
                                RemoteAdminClientTool.sendMessage(saslClient.evaluateChallenge(bArr2), saslClient);
                                if (!saslClient.isComplete()) {
                                    receiveMessage = RemoteAdminClientTool.transport.receiveMessage();
                                }
                            }
                            return null;
                        } catch (Exception e5) {
                            RemoteAdminClientTool.LOG.error("Failed to run. " + e5.toString());
                            return null;
                        }
                    }
                });
                System.out.println("enter \"command\" to see legal commands.");
                Scanner scanner = new Scanner(System.in, "UTF-8");
                Throwable th = null;
                try {
                    try {
                        for (String nextLine = scanner.nextLine(); !nextLine.equals("quit") && !nextLine.equals("exit") && !nextLine.equals("q"); nextLine = scanner.nextLine()) {
                            excute(adminClient, nextLine);
                            System.out.print(PROMPT);
                        }
                        if (scanner != null) {
                            if (0 == 0) {
                                scanner.close();
                                return;
                            }
                            try {
                                scanner.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (scanner != null) {
                        if (th != null) {
                            try {
                                scanner.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            scanner.close();
                        }
                    }
                    throw th4;
                }
            } catch (IOException e3) {
                throw new KrbException("Failed to create transport", e3);
            }
        } catch (IOException e4) {
            throw new KrbException("Failed to make krb5.conf", e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void sendMessage(byte[] bArr, SaslClient saslClient) throws SaslException {
        ByteBuffer allocate = ByteBuffer.allocate(bArr.length + 8);
        allocate.putInt(bArr.length + 4);
        allocate.putInt(saslClient.isComplete() ? 0 : 1);
        allocate.put(bArr);
        allocate.flip();
        try {
            transport.sendMessage(allocate);
        } catch (IOException e) {
            LOG.error("Failed to send Kerberos message. " + e.toString());
        }
    }

    private static void excute(AdminClient adminClient, String str) throws KrbException {
        RemoteCommand remoteAddPrincipalCommand;
        String trim = str.trim();
        if (trim.startsWith(CommandResponse.KEY_COMMAND)) {
            System.out.println(LEGAL_COMMANDS);
            return;
        }
        if (trim.startsWith("add_principal") || trim.startsWith("addprinc")) {
            remoteAddPrincipalCommand = new RemoteAddPrincipalCommand(adminClient);
        } else if (trim.startsWith("delete_principal") || trim.startsWith("delprinc")) {
            remoteAddPrincipalCommand = new RemoteDeletePrincipalCommand(adminClient);
        } else if (trim.startsWith("rename_principal") || trim.startsWith("renprinc")) {
            remoteAddPrincipalCommand = new RemoteRenamePrincipalCommand(adminClient);
        } else if (trim.startsWith("list_principals")) {
            remoteAddPrincipalCommand = new RemoteGetprincsCommand(adminClient);
        } else {
            if (!trim.startsWith("listprincs")) {
                System.out.println(LEGAL_COMMANDS);
                return;
            }
            remoteAddPrincipalCommand = new RemotePrintUsageCommand();
        }
        remoteAddPrincipalCommand.execute(trim);
    }

    static {
        USAGE = (OSUtil.isWindows() ? "Usage: bin\\remote-admin-client.cmd" : "Usage: sh bin/remote-admin-client.sh") + " <conf-file>\n\tExample:\n\t\t" + (OSUtil.isWindows() ? "bin\\remote-admin-client.cmd" : "sh bin/remote-admin-client.sh") + " conf\n";
    }
}
