package org.dcache.gridsite;

import com.google.common.base.Throwables;
import com.google.common.net.InetAddresses;
import diskCacheV111.util.CacheException;
import diskCacheV111.util.PermissionDeniedCacheException;
import diskCacheV111.util.TimeoutCacheException;
import java.rmi.RemoteException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Calendar;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Future;
import javax.security.auth.Subject;
import javax.xml.rpc.holders.StringHolder;
import org.dcache.auth.LoginStrategy;
import org.dcache.auth.Origin;
import org.dcache.cells.CellStub;
import org.dcache.delegation.gridsite2.Delegation;
import org.dcache.delegation.gridsite2.DelegationException;
import org.dcache.srm.util.Axis;
import org.dcache.util.CertificateFactories;
import org.dcache.util.Version;
import org.springframework.beans.factory.annotation.Required;

/* loaded from: input_file:org/dcache/gridsite/DelegationHandler.class */
public class DelegationHandler implements Delegation {
    private static final String INTERFACE_VERSION = "2.0.0";
    private static final String VERSION = Version.of(DelegationHandler.class).getVersion();
    private final CertificateFactory cf = CertificateFactories.newX509CertificateFactory();
    private CellStub delegationServiceStub;
    private LoginStrategy loginStrategy;

    @Required
    public void setDelegationServiceStub(CellStub cellStub) {
        this.delegationServiceStub = cellStub;
    }

    @Required
    public void setLoginStrategy(LoginStrategy loginStrategy) {
        this.loginStrategy = loginStrategy;
    }

    public String getVersion() {
        return VERSION;
    }

    public String getInterfaceVersion() {
        return INTERFACE_VERSION;
    }

    private Subject login() throws DelegationException {
        try {
            Subject subject = new Subject();
            subject.getPublicCredentials().add(this.cf.generateCertPath(Arrays.asList((X509Certificate[]) Axis.getCertificateChain().orElseThrow(() -> {
                return new DelegationException("User supplied no certificate.");
            }))));
            subject.getPrincipals().add(new Origin(InetAddresses.forString(Axis.getRemoteAddress())));
            return this.loginStrategy.login(subject).getSubject();
        } catch (PermissionDeniedCacheException e) {
            throw new DelegationException("User is not authorized.");
        } catch (CacheException e2) {
            throw new DelegationException(e2.getMessage());
        } catch (CertificateException e3) {
            throw new DelegationException("Failed to process certificate chain.");
        } catch (TimeoutCacheException e4) {
            throw new DelegationException("Internal timeout.");
        }
    }

    private <T> T get(Future<T> future) throws RemoteException, DelegationException {
        try {
            return future.get();
        } catch (InterruptedException e) {
            throw new DelegationException("Server shutdown.");
        } catch (ExecutionException e2) {
            Throwables.propagateIfInstanceOf(e2.getCause(), RemoteException.class);
            throw Throwables.propagate(e2.getCause());
        }
    }

    public String getServiceMetadata(String str) throws RemoteException, DelegationException {
        return ((GetServiceMetaDataResponse) get(this.delegationServiceStub.send(new GetServiceMetaDataRequest(str), GetServiceMetaDataResponse.class))).getMetaData();
    }

    public String getProxyReq(String str) throws RemoteException, DelegationException {
        return ((GetProxyReqResponse) get(this.delegationServiceStub.send(new GetProxyReqRequest(login(), str), GetProxyReqResponse.class))).getProxyReq();
    }

    public void getNewProxyReq(StringHolder stringHolder, StringHolder stringHolder2) throws RemoteException, DelegationException {
        GetNewProxyReqResponse getNewProxyReqResponse = (GetNewProxyReqResponse) get(this.delegationServiceStub.send(new GetNewProxyReqRequest(login()), GetNewProxyReqResponse.class));
        stringHolder.value = getNewProxyReqResponse.getProxyRequest();
        stringHolder2.value = getNewProxyReqResponse.getDelegationID();
    }

    public void putProxy(String str, String str2) throws RemoteException, DelegationException {
        get(this.delegationServiceStub.send(new PutProxyRequest(login(), str, str2), PutProxyResponse.class));
    }

    public String renewProxyReq(String str) throws RemoteException, DelegationException {
        return ((RenewProxyReqResponse) get(this.delegationServiceStub.send(new RenewProxyReqRequest(login(), str), RenewProxyReqResponse.class))).getCertificateSigningRequest();
    }

    public Calendar getTerminationTime(String str) throws RemoteException, DelegationException {
        return ((GetTerminationTimeResponse) get(this.delegationServiceStub.send(new GetTerminationTimeRequest(login(), str), GetTerminationTimeResponse.class))).getTerminationTime();
    }

    public void destroy(String str) throws RemoteException, DelegationException {
        get(this.delegationServiceStub.send(new DestroyRequest(login(), str), DestroyResponse.class));
    }
}
