package com.cloudera.nav.utils;

import com.cloudera.nav.auth.model.UserRole;
import com.cloudera.nav.cm.CmApiClient;
import com.cloudera.nav.server.NavOptions;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import java.io.File;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import org.apache.commons.io.FileUtils;
import org.javatuples.Pair;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;

/* loaded from: input_file:com/cloudera/nav/utils/SecurityUtil.class */
public class SecurityUtil {
    public static Pair<String, byte[]> getPrincipalAndKeytab(CmApiClient cmApiClient, NavOptions navOptions, boolean z, String str, String str2, byte[] bArr) throws IOException {
        String kerberosPrincipal = navOptions.getKerberosPrincipal(str2);
        String kerberosKeytab = navOptions.getKerberosKeytab(str2);
        byte[] bArr2 = null;
        if (z && kerberosPrincipal == null) {
            kerberosPrincipal = (String) cmApiClient.getKerberosPrincipals().get(str2);
            if (kerberosPrincipal == null) {
                kerberosPrincipal = (String) cmApiClient.getKerberosPrincipals().get(str);
                Preconditions.checkState(kerberosPrincipal != null, "Could not find principal for service %s.", new Object[]{str2});
            }
            bArr2 = bArr != null ? bArr : cmApiClient.getKerberosKeytab();
        }
        if (!Strings.isNullOrEmpty(kerberosKeytab)) {
            bArr2 = FileUtils.readFileToByteArray(new File(kerberosKeytab));
        }
        return new Pair<>(kerberosPrincipal, bArr2);
    }

    public static User getLoggedInUser() {
        return (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    }

    public static boolean isAdminUser() {
        return getLoggedInUser().getAuthorities().containsAll(UserRole.ROLE_FULL_ADMINISTRATOR.getGrantedAuthorities());
    }

    public static boolean hasAnyAuthority(Set<String> set) {
        Authentication authentication;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context == null || (authentication = context.getAuthentication()) == null) {
            return false;
        }
        Iterator it = authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            if (set.contains(((GrantedAuthority) it.next()).getAuthority())) {
                return true;
            }
        }
        return false;
    }
}
