package org.apache.excalibur.policy.verifier;

import org.apache.avalon.excalibur.i18n.ResourceManager;
import org.apache.avalon.excalibur.i18n.Resources;
import org.apache.excalibur.policy.metadata.GrantMetaData;
import org.apache.excalibur.policy.metadata.KeyStoreMetaData;
import org.apache.excalibur.policy.metadata.PermissionMetaData;
import org.apache.excalibur.policy.metadata.PolicyMetaData;

/* loaded from: input_file:org/apache/excalibur/policy/verifier/PolicyVerifier.class */
public class PolicyVerifier {
    private static final Resources REZ;
    static Class class$org$apache$excalibur$policy$verifier$PolicyVerifier;

    public void verifyPolicy(PolicyMetaData policyMetaData) throws Exception {
        info(REZ.getString("valid-names.notice"));
        verifyNames(policyMetaData);
        info(REZ.getString("valid-signedBy.notice"));
        verifySignedBy(policyMetaData);
        info(REZ.getString("valid-keyStoreReferences.notice"));
        verifyKeyStoreReferences(policyMetaData);
        info(REZ.getString("valid-actions.notice"));
        verifyActions(policyMetaData);
    }

    protected void info(String str) {
    }

    private void verifyNames(PolicyMetaData policyMetaData) throws Exception {
        for (KeyStoreMetaData keyStoreMetaData : policyMetaData.getKeyStores()) {
            verifyName(keyStoreMetaData.getName());
        }
    }

    private void verifySignedBy(PolicyMetaData policyMetaData) throws Exception {
        for (GrantMetaData grantMetaData : policyMetaData.getGrants()) {
            verifySignedBy(grantMetaData);
        }
    }

    private void verifySignedBy(GrantMetaData grantMetaData) throws Exception {
        String signedBy = grantMetaData.getSignedBy();
        String keyStore = grantMetaData.getKeyStore();
        if (null != signedBy && null == keyStore) {
            throw new Exception(REZ.getString("grant-missing-keystore.error", grantMetaData.getCodebase()));
        }
        if (null == signedBy && null != keyStore) {
            throw new Exception(REZ.getString("grant-extra-keystore.error", grantMetaData.getCodebase()));
        }
        for (PermissionMetaData permissionMetaData : grantMetaData.getPermissions()) {
            verifySignedBy(grantMetaData, permissionMetaData);
        }
    }

    private void verifySignedBy(GrantMetaData grantMetaData, PermissionMetaData permissionMetaData) throws Exception {
        String signedBy = permissionMetaData.getSignedBy();
        String keyStore = permissionMetaData.getKeyStore();
        if (null != signedBy && null == keyStore) {
            throw new Exception(REZ.getString("permission-missing-keystore.error", grantMetaData.getCodebase(), permissionMetaData.getClassname()));
        }
        if (null == signedBy && null != keyStore) {
            throw new Exception(REZ.getString("permission-extra-keystore.error", grantMetaData.getCodebase(), permissionMetaData.getClassname()));
        }
    }

    private void verifyKeyStoreReferences(PolicyMetaData policyMetaData) throws Exception {
        for (GrantMetaData grantMetaData : policyMetaData.getGrants()) {
            verifyKeyStore(policyMetaData, grantMetaData);
        }
    }

    private void verifyKeyStore(PolicyMetaData policyMetaData, GrantMetaData grantMetaData) throws Exception {
        verifyKeyStoreReference(policyMetaData, grantMetaData.getKeyStore());
        for (PermissionMetaData permissionMetaData : grantMetaData.getPermissions()) {
            verifyKeyStoreReference(policyMetaData, permissionMetaData.getKeyStore());
        }
    }

    private void verifyKeyStoreReference(PolicyMetaData policyMetaData, String str) throws Exception {
        if (null == str) {
            return;
        }
        for (KeyStoreMetaData keyStoreMetaData : policyMetaData.getKeyStores()) {
            if (keyStoreMetaData.getName().equals(str)) {
                return;
            }
        }
        throw new Exception(REZ.getString("bad-keystore-reference.error", str));
    }

    private void verifyName(String str) throws Exception {
        int length = str.length();
        if (0 == length) {
            throw new Exception(REZ.getString("empty-name.error", str));
        }
        char charAt = str.charAt(0);
        if (!Character.isLetter(charAt) && '_' != charAt) {
            throw new Exception(REZ.getString("name-invalid-start.error", str));
        }
        for (int i = 1; i < length; i++) {
            char charAt2 = str.charAt(i);
            if (!Character.isLetterOrDigit(charAt2) && '_' != charAt2 && '-' != charAt2 && '.' != charAt2) {
                throw new Exception(REZ.getString("name-invalid-char.error", str, String.valueOf(charAt2)));
            }
        }
    }

    private void verifyActions(PolicyMetaData policyMetaData) throws Exception {
        for (GrantMetaData grantMetaData : policyMetaData.getGrants()) {
            for (PermissionMetaData permissionMetaData : grantMetaData.getPermissions()) {
                String target = permissionMetaData.getTarget();
                String action = permissionMetaData.getAction();
                if (null == target && null != action) {
                    throw new Exception(REZ.getString("permission-missing-action.error", grantMetaData.getCodebase(), permissionMetaData.getClassname()));
                }
            }
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$excalibur$policy$verifier$PolicyVerifier == null) {
            cls = class$("org.apache.excalibur.policy.verifier.PolicyVerifier");
            class$org$apache$excalibur$policy$verifier$PolicyVerifier = cls;
        } else {
            cls = class$org$apache$excalibur$policy$verifier$PolicyVerifier;
        }
        REZ = ResourceManager.getPackageResources(cls);
    }
}
