package com.facebook.airlift.http.server;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Maps;
import com.google.inject.Inject;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import java.util.Set;
import java.util.regex.Pattern;

/* loaded from: input_file:com/facebook/airlift/http/server/ConfigurationBasedAuthorizer.class */
public class ConfigurationBasedAuthorizer implements Authorizer {
    private final Map<String, Pattern> roleRegexMap;

    @Inject
    public ConfigurationBasedAuthorizer(ConfigurationBasedAuthorizerConfig configurationBasedAuthorizerConfig) throws IOException {
        this(configurationBasedAuthorizerConfig.getRoleMapFilePath());
    }

    @VisibleForTesting
    public ConfigurationBasedAuthorizer(String str) throws IOException {
        Objects.requireNonNull(str, "roleMapFilePath is null");
        Properties properties = new Properties();
        FileInputStream fileInputStream = new FileInputStream(str);
        Throwable th = null;
        try {
            properties.load(fileInputStream);
            if (fileInputStream != null) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            this.roleRegexMap = (Map) Maps.fromProperties(properties).entrySet().stream().collect(ImmutableMap.toImmutableMap((v0) -> {
                return v0.getKey();
            }, entry -> {
                return Pattern.compile((String) entry.getValue());
            }));
        } catch (Throwable th3) {
            if (fileInputStream != null) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            throw th3;
        }
    }

    @Override // com.facebook.airlift.http.server.Authorizer
    public AuthorizationResult authorize(Principal principal, Set<String> set, String str) {
        for (String str2 : set) {
            if (this.roleRegexMap.containsKey(str2) && isPrincipalAuthorized(principal, this.roleRegexMap.get(str2))) {
                return AuthorizationResult.success();
            }
        }
        return AuthorizationResult.failure(String.format("%s is not a member of the allowed roles: %s", principal.getName(), set));
    }

    private boolean isPrincipalAuthorized(Principal principal, Pattern pattern) {
        return pattern.matcher(principal.getName()).matches();
    }
}
