package com.mapr.web.security;

import java.util.Arrays;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import org.apache.hive.jdbc.Utils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.io.FileSystemResource;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.kerberos.authentication.KerberosTicketValidation;
import org.springframework.security.kerberos.authentication.KerberosTicketValidator;
import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator;

/* loaded from: input_file:WEB-INF/lib/mapr-security-web-6.1.1-mapr.jar:com/mapr/web/security/MapRKerberosTicketValidator.class */
public class MapRKerberosTicketValidator implements KerberosTicketValidator, InitializingBean {
    private SunJaasKerberosTicketValidator kerberosTicketValidator;

    public MapRKerberosTicketValidator() {
        String property = System.getProperty(WebSecurityConfig.CONFIG.getProcessName() + ".mapr.rest.auth.methods");
        AppConfigurationEntry[] appConfigurationEntry = Configuration.getConfiguration().getAppConfigurationEntry("MAPR_WEBSERVER_KERBEROS");
        if (property == null || appConfigurationEntry == null || !Arrays.asList(property.split(",")).contains("kerberos") || appConfigurationEntry.length <= 0 || !appConfigurationEntry[0].getOptions().containsKey(Utils.JdbcConnectionParams.AUTH_PRINCIPAL) || !appConfigurationEntry[0].getOptions().containsKey("keyTab")) {
            return;
        }
        this.kerberosTicketValidator = new SunJaasKerberosTicketValidator();
        this.kerberosTicketValidator.setServicePrincipal((String) appConfigurationEntry[0].getOptions().get(Utils.JdbcConnectionParams.AUTH_PRINCIPAL));
        this.kerberosTicketValidator.setKeyTabLocation(new FileSystemResource((String) appConfigurationEntry[0].getOptions().get("keyTab")));
    }

    public void afterPropertiesSet() throws Exception {
        if (this.kerberosTicketValidator != null) {
            this.kerberosTicketValidator.afterPropertiesSet();
        }
    }

    public KerberosTicketValidation validateTicket(byte[] bArr) throws BadCredentialsException {
        if (this.kerberosTicketValidator == null) {
            return null;
        }
        return this.kerberosTicketValidator.validateTicket(bArr);
    }

    public void setDebug(boolean z) {
        if (this.kerberosTicketValidator != null) {
            this.kerberosTicketValidator.setDebug(z);
        }
    }
}
