package org.eclipse.jetty.policy;

import java.io.File;
import java.security.KeyStore;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:org/eclipse/jetty/policy/PolicyContext.class */
public class PolicyContext {
    private Map<String, String> properties = new HashMap();
    private Principal[] principals;
    private KeyStore keystore;

    public PolicyContext() {
        this.properties.put("/", File.separator);
    }

    public void addProperty(String str, String str2) {
        this.properties.put(str, str2);
    }

    public void setProperties(Map<String, String> map) {
        this.properties.putAll(map);
    }

    public KeyStore getKeystore() {
        return this.keystore;
    }

    public void setKeystore(KeyStore keyStore) {
        this.keystore = keyStore;
    }

    public Principal[] getPrincipals() {
        return this.principals;
    }

    public void setPrincipals(Principal[] principalArr) {
        this.principals = principalArr;
    }

    public String evaluate(String str) throws PolicyException {
        int indexOf;
        int indexOf2;
        String processProtocols = processProtocols(str);
        while (processProtocols != null && (indexOf = processProtocols.indexOf("${")) >= 0 && (indexOf2 = processProtocols.indexOf("}", indexOf + 2)) >= 0) {
            processProtocols = processProtocols.substring(0, indexOf) + getProperty(processProtocols.substring(indexOf + 2, indexOf2)) + processProtocols.substring(indexOf2 + 1);
        }
        return processProtocols;
    }

    private String processProtocols(String str) throws PolicyException {
        int indexOf;
        int indexOf2;
        String resolve;
        while (str != null && (indexOf = str.indexOf("${{")) >= 0 && (indexOf2 = str.indexOf("}}", indexOf + 2)) >= 0) {
            String substring = str.substring(indexOf + 3, indexOf2);
            if (substring.indexOf(":") >= 0) {
                String[] split = substring.split(":");
                resolve = resolve(split[0], split[1]);
            } else {
                resolve = resolve(substring, null);
            }
            str = str.substring(0, indexOf) + resolve + str.substring(indexOf2 + 2);
        }
        return str;
    }

    public String getProperty(String str) {
        return this.properties.containsKey(str) ? this.properties.get(str) : System.getProperty(str);
    }

    private String resolve(String str, String str2) throws PolicyException {
        if ("self".equals(str)) {
            if (this.principals == null || this.principals.length == 0) {
                throw new PolicyException("self can not be expanded, missing principals");
            }
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < this.principals.length; i++) {
                sb.append(this.principals[i].getClass().getName());
                sb.append(" \"");
                sb.append(this.principals[i].getName());
                sb.append("\" ");
            }
            return sb.toString();
        }
        if (!"alias".equals(str)) {
            throw new PolicyException("unknown protocol: " + str);
        }
        try {
            Certificate certificate = this.keystore.getCertificate(str2);
            if (!(certificate instanceof X509Certificate)) {
                throw new PolicyException("alias can not be expanded, bad cert");
            }
            X500Principal subjectX500Principal = ((X509Certificate) certificate).getSubjectX500Principal();
            return subjectX500Principal.getClass().getName() + " \"" + subjectX500Principal.getName() + "\" ";
        } catch (Exception e) {
            throw new PolicyException("alias can not be expanded: " + str2);
        }
    }
}
