package pnuts.security;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FilePermission;
import java.io.IOException;
import java.net.JarURLConnection;
import java.net.SocketPermission;
import java.net.URL;
import java.net.URLConnection;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import pnuts.ext.ImplementationAdapter;
import pnuts.lang.Context;
import pnuts.lang.Implementation;
import pnuts.lang.PnutsImpl;
import pnuts.lang.Runtime;
import pnuts.lang.SimpleNode;

/* loaded from: input_file:pnuts/security/SecurePnutsImpl.class */
public class SecurePnutsImpl extends ImplementationAdapter {
    private CodeSource codeSource;

    public SecurePnutsImpl(PnutsImpl pnutsImpl) {
        this(pnutsImpl, (CodeSource) null);
    }

    public SecurePnutsImpl(Implementation implementation) {
        this(implementation, (CodeSource) null);
    }

    public SecurePnutsImpl(PnutsImpl pnutsImpl, CodeSource codeSource) {
        super(pnutsImpl);
        this.codeSource = codeSource;
    }

    public SecurePnutsImpl(Implementation implementation, CodeSource codeSource) {
        super(implementation);
        this.codeSource = codeSource;
    }

    @Override // pnuts.ext.ImplementationAdapter, pnuts.lang.PnutsImpl, pnuts.lang.Implementation
    public Object eval(String str, Context context) {
        CodeSource codeSource = this.codeSource;
        if (codeSource == null) {
            codeSource = new CodeSource((URL) null, (Certificate[]) null);
        }
        return AccessController.doPrivileged(new PrivilegedAction(this, str, context) { // from class: pnuts.security.SecurePnutsImpl.1
            private final String val$expr;
            private final Context val$context;
            private final SecurePnutsImpl this$0;

            {
                this.this$0 = this;
                this.val$expr = str;
                this.val$context = context;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return SecurePnutsImpl.super.eval(this.val$expr, this.val$context);
            }
        }, getAccessControlContext(codeSource));
    }

    @Override // pnuts.ext.ImplementationAdapter, pnuts.lang.PnutsImpl, pnuts.lang.Implementation
    public Object accept(SimpleNode simpleNode, Context context) {
        CodeSource codeSource = this.codeSource;
        if (codeSource == null) {
            codeSource = new CodeSource((URL) null, (Certificate[]) null);
        }
        return AccessController.doPrivileged(new PrivilegedAction(this, simpleNode, context) { // from class: pnuts.security.SecurePnutsImpl.2
            private final SimpleNode val$node;
            private final Context val$context;
            private final SecurePnutsImpl this$0;

            {
                this.this$0 = this;
                this.val$node = simpleNode;
                this.val$context = context;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return SecurePnutsImpl.super.accept(this.val$node, this.val$context);
            }
        }, getAccessControlContext(codeSource));
    }

    @Override // pnuts.ext.ImplementationAdapter, pnuts.lang.PnutsImpl, pnuts.lang.Implementation
    public Object load(String str, Context context) throws FileNotFoundException {
        URL url = (URL) AccessController.doPrivileged(new PrivilegedAction(this, str, context) { // from class: pnuts.security.SecurePnutsImpl.3
            private final String val$file;
            private final Context val$context;
            private final SecurePnutsImpl this$0;

            {
                this.this$0 = this;
                this.val$file = str;
                this.val$context = context;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return Runtime.getScriptURL(this.val$file, this.val$context);
            }
        });
        if (url == null) {
            throw new FileNotFoundException(str);
        }
        boolean z = false;
        try {
            provide(str, context);
            Object load = load(url, context);
            z = true;
            if (1 == 0) {
                revoke(str, context);
            }
            return load;
        } catch (Throwable th) {
            if (!z) {
                revoke(str, context);
            }
            throw th;
        }
    }

    @Override // pnuts.ext.ImplementationAdapter, pnuts.lang.PnutsImpl, pnuts.lang.Implementation
    public Object loadFile(String str, Context context) throws FileNotFoundException {
        try {
            File file = new File(str);
            if (file.exists()) {
                return load(Runtime.fileToURL(file), context);
            }
            throw new FileNotFoundException(str);
        } catch (IOException e) {
            throw new FileNotFoundException(str);
        }
    }

    @Override // pnuts.ext.ImplementationAdapter, pnuts.lang.PnutsImpl, pnuts.lang.Implementation
    public Object load(URL url, Context context) {
        CodeSource codeSource = this.codeSource;
        if (codeSource == null) {
            codeSource = getCodeSource(url);
        }
        return AccessController.doPrivileged(new PrivilegedAction(this, url, context) { // from class: pnuts.security.SecurePnutsImpl.4
            private final URL val$scriptURL;
            private final Context val$context;
            private final SecurePnutsImpl this$0;

            {
                this.this$0 = this;
                this.val$scriptURL = url;
                this.val$context = context;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return SecurePnutsImpl.super.load(this.val$scriptURL, this.val$context);
            }
        }, getAccessControlContext(codeSource));
    }

    private static CodeSource getCodeSource(URL url) {
        return (CodeSource) AccessController.doPrivileged(new PrivilegedAction(url) { // from class: pnuts.security.SecurePnutsImpl.5
            private final URL val$url;

            {
                this.val$url = url;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    URLConnection openConnection = this.val$url.openConnection();
                    if (openConnection instanceof JarURLConnection) {
                        JarURLConnection jarURLConnection = (JarURLConnection) openConnection;
                        return new CodeSource(jarURLConnection.getJarFileURL(), jarURLConnection.getCertificates());
                    }
                } catch (IOException e) {
                }
                return new CodeSource(this.val$url, (Certificate[]) null);
            }
        });
    }

    protected PermissionCollection getPolicyPermissions(CodeSource codeSource) {
        PermissionCollection permissionCollection = (PermissionCollection) AccessController.doPrivileged(new PrivilegedAction(this, codeSource) { // from class: pnuts.security.SecurePnutsImpl.6
            private final CodeSource val$codesource;
            private final SecurePnutsImpl this$0;

            {
                this.this$0 = this;
                this.val$codesource = codeSource;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                Policy policy = Policy.getPolicy();
                if (policy != null) {
                    return policy.getPermissions(this.val$codesource);
                }
                return null;
            }
        });
        if (permissionCollection == null) {
            permissionCollection = new Permissions();
        }
        return permissionCollection;
    }

    protected void addSandBoxPermissions(URL url, PermissionCollection permissionCollection) {
        Permission permission = null;
        if (url != null) {
            try {
                permission = url.openConnection().getPermission();
            } catch (IOException e) {
            }
        }
        if (permission instanceof FilePermission) {
            String name = permission.getName();
            int lastIndexOf = name.lastIndexOf(File.separatorChar);
            permissionCollection.add(permission);
            if (lastIndexOf != -1) {
                String substring = name.substring(0, lastIndexOf + 1);
                if (substring.endsWith(File.separator)) {
                    substring = new StringBuffer().append(substring).append("-").toString();
                }
                permissionCollection.add(new FilePermission(substring, "read"));
                return;
            }
            return;
        }
        if (url != null) {
            String host = url.getHost();
            if (host == null) {
                host = "localhost";
            }
            permissionCollection.add(new SocketPermission(host, "connect, accept"));
            if (permission != null) {
                permissionCollection.add(permission);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PermissionCollection getPermissions(CodeSource codeSource) {
        PermissionCollection policyPermissions = getPolicyPermissions(codeSource);
        addSandBoxPermissions(codeSource.getLocation(), policyPermissions);
        return policyPermissions;
    }

    private AccessControlContext getAccessControlContext(CodeSource codeSource) {
        return new AccessControlContext(new ProtectionDomain[]{new ProtectionDomain(codeSource, getPermissions(codeSource))});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CodeSource getCodeSource() {
        return this.codeSource;
    }

    public String toString() {
        return new StringBuffer().append(getClass().getName()).append("[").append(getBaseImpl()).append(", ").append(this.codeSource).append("]").toString();
    }
}
