package org.elasticsearch.shield.authc.esusers;

import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.env.Environment;
import org.elasticsearch.shield.User;
import org.elasticsearch.shield.authc.Realm;
import org.elasticsearch.shield.authc.RealmConfig;
import org.elasticsearch.shield.authc.support.CachingUsernamePasswordRealm;
import org.elasticsearch.shield.authc.support.RefreshListener;
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
import org.elasticsearch.watcher.ResourceWatcherService;

/* loaded from: input_file:org/elasticsearch/shield/authc/esusers/FileRealm.class */
public class FileRealm extends CachingUsernamePasswordRealm {
    public static final String OLD_TYPE = "esusers";
    public static final String TYPE = "file";
    final FileUserPasswdStore userPasswdStore;
    final FileUserRolesStore userRolesStore;

    /* loaded from: input_file:org/elasticsearch/shield/authc/esusers/FileRealm$Factory.class */
    public static class Factory extends Realm.Factory<FileRealm> {
        private final Settings settings;
        private final Environment env;
        private final ResourceWatcherService watcherService;

        @Inject
        public Factory(Settings settings, Environment environment, ResourceWatcherService resourceWatcherService) {
            super(FileRealm.TYPE, true);
            this.settings = settings;
            this.env = environment;
            this.watcherService = resourceWatcherService;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.elasticsearch.shield.authc.Realm.Factory
        public FileRealm create(RealmConfig realmConfig) {
            return new FileRealm(realmConfig, new FileUserPasswdStore(realmConfig, this.watcherService), new FileUserRolesStore(realmConfig, this.watcherService));
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.elasticsearch.shield.authc.Realm.Factory
        public FileRealm createDefault(String str) {
            return create(new RealmConfig(str, Settings.EMPTY, this.settings, this.env));
        }
    }

    /* loaded from: input_file:org/elasticsearch/shield/authc/esusers/FileRealm$Listener.class */
    class Listener implements RefreshListener {
        Listener() {
        }

        @Override // org.elasticsearch.shield.authc.support.RefreshListener
        public void onRefresh() {
            FileRealm.this.expireAll();
        }
    }

    public FileRealm(RealmConfig realmConfig, FileUserPasswdStore fileUserPasswdStore, FileUserRolesStore fileUserRolesStore) {
        super(TYPE, realmConfig);
        Listener listener = new Listener();
        this.userPasswdStore = fileUserPasswdStore;
        fileUserPasswdStore.addListener(listener);
        this.userRolesStore = fileUserRolesStore;
        fileUserRolesStore.addListener(listener);
    }

    @Override // org.elasticsearch.shield.authc.support.CachingUsernamePasswordRealm
    protected User doAuthenticate(UsernamePasswordToken usernamePasswordToken) {
        if (!this.userPasswdStore.verifyPassword(usernamePasswordToken.principal(), usernamePasswordToken.credentials())) {
            return null;
        }
        return new User(usernamePasswordToken.principal(), this.userRolesStore.roles(usernamePasswordToken.principal()));
    }

    @Override // org.elasticsearch.shield.authc.support.CachingUsernamePasswordRealm
    public User doLookupUser(String str) {
        if (this.userPasswdStore.userExists(str)) {
            return new User(str, this.userRolesStore.roles(str));
        }
        return null;
    }

    @Override // org.elasticsearch.shield.authc.Realm
    public boolean userLookupSupported() {
        return true;
    }
}
