package org.apache.kerby.kerberos.tool.klist;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
import org.apache.kerby.KOptionType;
import org.apache.kerby.KOptions;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.ccache.Credential;
import org.apache.kerby.kerberos.kerb.ccache.CredentialCache;
import org.apache.kerby.kerberos.kerb.client.KrbClient;
import org.apache.kerby.kerberos.kerb.keytab.Keytab;
import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
import org.apache.kerby.kerberos.kerb.type.base.PrincipalName;
import org.apache.kerby.util.HexUtil;
import org.apache.kerby.util.OSUtil;
import org.apache.kerby.util.SysUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/kerby/kerberos/tool/klist/KlistTool.class */
public class KlistTool {
    private static final Logger LOG = LoggerFactory.getLogger(KlistTool.class);
    private static final String USAGE;
    private static String keytabFilePath;

    private static void printUsage(String str) {
        System.err.println(str + "\n");
        System.err.println(USAGE);
        System.exit(-1);
    }

    private static int printCredentialCacheInfo(KOptions kOptions) {
        CredentialCache credentialCache = new CredentialCache();
        InputStream inputStream = null;
        String ccacheName = !kOptions.contains(KlistOption.CREDENTIALS_CACHE) ? getCcacheName() : kOptions.getStringOption(KlistOption.CREDENTIALS_CACHE);
        try {
            try {
                inputStream = Files.newInputStream(Paths.get(ccacheName, new String[0]), new OpenOption[0]);
                credentialCache.load(inputStream);
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        LOG.warn("Fail to close input stream. " + e);
                    }
                }
            } catch (IOException e2) {
                LOG.error("Failed to open CredentialCache from file: " + ccacheName + ". " + e2.toString());
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e3) {
                        LOG.warn("Fail to close input stream. " + e3);
                    }
                }
            }
            List<Credential> credentials = credentialCache.getCredentials();
            System.out.println("Ticket cache: " + ccacheName);
            if (credentialCache.getPrimaryPrincipal() != null) {
                System.out.println("Default principal: " + credentialCache.getPrimaryPrincipal().getName());
            }
            if (credentials.isEmpty()) {
                System.out.println("No credential has been cached.");
                return 0;
            }
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
            System.out.println("Valid starting\t\tExpires\t\t\tService principal");
            for (Credential credential : credentials) {
                System.out.println(simpleDateFormat.format(Long.valueOf(credential.getStartTime().getTime())) + "\t" + simpleDateFormat.format(Long.valueOf(credential.getEndTime().getTime())) + "\t" + credential.getServerName() + "\n\trenew until\t" + simpleDateFormat.format(Long.valueOf(credential.getRenewTill().getTime())));
            }
            return 0;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                    LOG.warn("Fail to close input stream. " + e4);
                    throw th;
                }
            }
            throw th;
        }
    }

    private static String getCcacheName() {
        String str;
        String str2 = System.getenv("KRB5CCNAME");
        String str3 = null;
        try {
            str3 = new KrbClient(new File("/etc")).getSetting().getKrbConfig().getString("default_ccache_name");
        } catch (KrbException e) {
            System.err.println("Create krbClient failed: " + e.getMessage());
            System.exit(1);
        }
        if (str2 != null) {
            str = str2;
        } else if (str3 != null) {
            str = str3;
        } else {
            StringBuilder sb = new StringBuilder();
            try {
                InputStream inputStream = Runtime.getRuntime().exec("id -u").getInputStream();
                while (true) {
                    int read = inputStream.read();
                    if (read == -1) {
                        break;
                    }
                    sb.append((char) read);
                }
                inputStream.close();
            } catch (IOException e2) {
                System.err.println("Failed to get UID.");
                System.exit(1);
            }
            str = SysUtil.getTempDir().toString() + "/" + ("krb5cc_" + sb.toString().trim());
        }
        return str;
    }

    private static int printKeytabInfo(KOptions kOptions) {
        String[] strArr = {"KVNO Principal\n---- --------------------------------------------------------------------------", strArr[0], "KVNO Timestamp           Principal\n---- ------------------- ------------------------------------------------------", strArr[2]};
        boolean z = kOptions.contains(KlistOption.SHOW_KTAB_ENTRY_TS) ? (0 | 2) == true ? 1 : 0 : false;
        boolean z2 = z;
        if (kOptions.contains(KlistOption.SHOW_KTAB_ENTRY_KEY)) {
            z2 = z | true;
        }
        System.out.println("Keytab name: FILE:" + keytabFilePath);
        try {
            File file = new File(keytabFilePath);
            if (!file.exists()) {
                System.out.println("klist: Key table file '" + keytabFilePath + "' not found. ");
                return 0;
            }
            System.out.println(strArr[z2 ? 1 : 0]);
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
            Keytab loadKeytab = Keytab.loadKeytab(file);
            for (PrincipalName principalName : loadKeytab.getPrincipals()) {
                for (KeytabEntry keytabEntry : loadKeytab.getKeytabEntries(principalName)) {
                    StringBuilder sb = new StringBuilder();
                    sb.append(String.format("%-4d ", Integer.valueOf(keytabEntry.getKvno())));
                    if (((z2 ? 1 : 0) & 2) != 0) {
                        sb.append(simpleDateFormat.format(new Date(keytabEntry.getTimestamp().getTime())));
                        sb.append(' ');
                    }
                    sb.append(String.format("%s ", principalName.getName()));
                    if (z2 & true) {
                        sb.append("(0x");
                        sb.append(HexUtil.bytesToHex(keytabEntry.getKey().getKeyData()));
                        sb.append(")");
                    }
                    System.out.println(sb);
                }
            }
            return 0;
        } catch (IOException e) {
            System.err.println("klist: Error while scan key table file '" + keytabFilePath + "'");
            return 0;
        }
    }

    private static int printInfo(KOptions kOptions) {
        return kOptions.contains(KlistOption.KEYTAB) ? printKeytabInfo(kOptions) : printCredentialCacheInfo(kOptions);
    }

    public static void main(String[] strArr) throws Exception {
        KOptions kOptions = new KOptions();
        int i = 0;
        while (true) {
            if (i >= strArr.length) {
                break;
            }
            String str = null;
            int i2 = i;
            i++;
            String str2 = strArr[i2];
            if (str2.startsWith("-")) {
                KlistOption fromName = KlistOption.fromName(str2);
                if (fromName == KlistOption.NONE) {
                    str = "Invalid option:" + str2;
                }
                if (str == null && fromName.getOptionInfo().getType() != KOptionType.NOV) {
                    String str3 = null;
                    if (i < strArr.length) {
                        i++;
                        str3 = strArr[i];
                    }
                    if (str3 != null) {
                        KOptions.parseSetValue(fromName.getOptionInfo(), str3);
                    } else {
                        str = "Option" + fromName + "requires a following value";
                    }
                }
                if (str != null) {
                    printUsage(str);
                }
                kOptions.add(fromName);
                if (kOptions.contains(KlistOption.KEYTAB) && kOptions.contains(KlistOption.CREDENTIALS_CACHE)) {
                    printUsage("Can not use '-c' and '-k' at the same time ");
                }
            } else if (keytabFilePath == null && kOptions.contains(KlistOption.KEYTAB)) {
                keytabFilePath = str2;
            }
        }
        if (keytabFilePath == null) {
            keytabFilePath = "/etc/krb5.keytab";
        }
        System.exit(printInfo(kOptions));
    }

    static {
        USAGE = (OSUtil.isWindows() ? "Usage: bin\\klist.cmd" : "Usage: sh bin/klist.sh") + " [-e] [-V] [[-c] [-l] [-A] [-d] [-f] [-s] [-a [-n]]] [-k [-t] [-K]] [name]\n\t-c specifies credentials cache\n\t-k specifies keytab\n\t   (Default is credentials cache)\n\t-i uses default client keytab if no name given\n\t-l lists credential caches in collection\n\t-A shows content of all credential caches\n\t-e shows the encryption type\n\t-V shows the Kerberos version and exits\n\toptions for credential caches:\n\t\t-d shows the submitted authorization data types\n\t\t-f shows credentials flags\n\t\t-s sets exit status based on valid tgt existence\n\t\t-a displays the address list\n\t\t\t-n do not reverse-resolve\n\toptions for keytabs:\n\t\t-t shows keytab entry timestamps\n\t\t-K shows keytab entry keys\n";
        keytabFilePath = null;
    }
}
