package org.keycloak.common.util;

import java.io.ObjectInputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.jboss.logging.Logger;

/* loaded from: input_file:WEB-INF/lib/keycloak-common-15.0.2.jar:org/keycloak/common/util/DelegatingSerializationFilter.class */
public class DelegatingSerializationFilter {
    private static final Logger LOG = Logger.getLogger(DelegatingSerializationFilter.class.getName());
    private static final SerializationFilterAdapter serializationFilterAdapter;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/keycloak-common-15.0.2.jar:org/keycloak/common/util/DelegatingSerializationFilter$EmptyFilterAdapter.class */
    public static class EmptyFilterAdapter implements SerializationFilterAdapter {
        EmptyFilterAdapter() {
        }

        @Override // org.keycloak.common.util.DelegatingSerializationFilter.SerializationFilterAdapter
        public Object getObjectInputFilter(ObjectInputStream objectInputStream) {
            return null;
        }

        @Override // org.keycloak.common.util.DelegatingSerializationFilter.SerializationFilterAdapter
        public void setObjectInputFilter(ObjectInputStream objectInputStream, String str) {
        }
    }

    /* loaded from: input_file:WEB-INF/lib/keycloak-common-15.0.2.jar:org/keycloak/common/util/DelegatingSerializationFilter$FilterPatternBuilder.class */
    public static class FilterPatternBuilder {
        private Set<Class> classes = new HashSet();
        private Set<String> patterns = new HashSet();

        public FilterPatternBuilder() {
            addAllowedPattern("java.util.*");
        }

        public FilterPatternBuilder addAllowedPattern(String str) {
            this.patterns.add(str);
            return this;
        }

        public FilterPatternBuilder addAllowedClass(Class cls) {
            this.classes.add(cls);
            return this;
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            Iterator<Class> it = this.classes.iterator();
            while (it.hasNext()) {
                sb.append(it.next().getName()).append(";");
            }
            Iterator<String> it2 = this.patterns.iterator();
            while (it2.hasNext()) {
                sb.append(it2.next()).append(";");
            }
            sb.append("!*");
            return sb.toString();
        }

        public void setFilter(ObjectInputStream objectInputStream) {
            new DelegatingSerializationFilter().setFilter(objectInputStream, toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/keycloak-common-15.0.2.jar:org/keycloak/common/util/DelegatingSerializationFilter$OnJava6To8.class */
    public static class OnJava6To8 implements SerializationFilterAdapter {
        private final Method getObjectInputFilterMethod;
        private final Method setObjectInputFilterMethod;
        private final Method createFilterMethod;

        private OnJava6To8(Method method, Method method2, Method method3) {
            this.getObjectInputFilterMethod = method;
            this.setObjectInputFilterMethod = method2;
            this.createFilterMethod = method3;
        }

        @Override // org.keycloak.common.util.DelegatingSerializationFilter.SerializationFilterAdapter
        public Object getObjectInputFilter(ObjectInputStream objectInputStream) {
            try {
                return this.getObjectInputFilterMethod.invoke(null, objectInputStream);
            } catch (IllegalAccessException | InvocationTargetException e) {
                DelegatingSerializationFilter.LOG.warn("Could not read ObjectFilter from ObjectInputStream: " + e.getMessage());
                return null;
            }
        }

        @Override // org.keycloak.common.util.DelegatingSerializationFilter.SerializationFilterAdapter
        public void setObjectInputFilter(ObjectInputStream objectInputStream, String str) {
            try {
                this.setObjectInputFilterMethod.invoke(null, objectInputStream, this.createFilterMethod.invoke(null, str));
            } catch (IllegalAccessException | InvocationTargetException e) {
                DelegatingSerializationFilter.LOG.warn("Could not set ObjectFilter: " + e.getMessage());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/keycloak-common-15.0.2.jar:org/keycloak/common/util/DelegatingSerializationFilter$OnJavaAfter8.class */
    public static class OnJavaAfter8 implements SerializationFilterAdapter {
        private final Method getObjectInputFilterMethod;
        private final Method setObjectInputFilterMethod;
        private final Method createFilterMethod;

        private OnJavaAfter8(Method method, Method method2, Method method3) {
            this.getObjectInputFilterMethod = method;
            this.setObjectInputFilterMethod = method2;
            this.createFilterMethod = method3;
        }

        @Override // org.keycloak.common.util.DelegatingSerializationFilter.SerializationFilterAdapter
        public Object getObjectInputFilter(ObjectInputStream objectInputStream) {
            try {
                return this.getObjectInputFilterMethod.invoke(objectInputStream, new Object[0]);
            } catch (IllegalAccessException | InvocationTargetException e) {
                DelegatingSerializationFilter.LOG.warn("Could not read ObjectFilter from ObjectInputStream: " + e.getMessage());
                return null;
            }
        }

        @Override // org.keycloak.common.util.DelegatingSerializationFilter.SerializationFilterAdapter
        public void setObjectInputFilter(ObjectInputStream objectInputStream, String str) {
            try {
                this.setObjectInputFilterMethod.invoke(objectInputStream, this.createFilterMethod.invoke(objectInputStream, str));
            } catch (IllegalAccessException | InvocationTargetException e) {
                DelegatingSerializationFilter.LOG.warn("Could not set ObjectFilter: " + e.getMessage());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/keycloak-common-15.0.2.jar:org/keycloak/common/util/DelegatingSerializationFilter$SerializationFilterAdapter.class */
    public interface SerializationFilterAdapter {
        Object getObjectInputFilter(ObjectInputStream objectInputStream);

        void setObjectInputFilter(ObjectInputStream objectInputStream, String str);
    }

    private static boolean isJava6To8() {
        return Arrays.asList("1.6", "1.7", "1.8").contains(System.getProperty("java.specification.version"));
    }

    private DelegatingSerializationFilter() {
    }

    public static FilterPatternBuilder builder() {
        return new FilterPatternBuilder();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setFilter(ObjectInputStream objectInputStream, String str) {
        LOG.debug("Using: " + serializationFilterAdapter.getClass().getSimpleName());
        if (serializationFilterAdapter.getObjectInputFilter(objectInputStream) == null) {
            serializationFilterAdapter.setObjectInputFilter(objectInputStream, str);
        }
    }

    private static SerializationFilterAdapter createOnJava6To8Adapter() {
        try {
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            Class<?> loadClass = contextClassLoader.loadClass("sun.misc.ObjectInputFilter");
            Class<?> loadClass2 = contextClassLoader.loadClass("sun.misc.ObjectInputFilter$Config");
            Method declaredMethod = loadClass2.getDeclaredMethod("getObjectInputFilter", ObjectInputStream.class);
            Method declaredMethod2 = loadClass2.getDeclaredMethod("setObjectInputFilter", ObjectInputStream.class, loadClass);
            Method declaredMethod3 = loadClass2.getDeclaredMethod("createFilter", String.class);
            LOG.info("Using OnJava6To8 serialization filter adapter");
            return new OnJava6To8(declaredMethod, declaredMethod2, declaredMethod3);
        } catch (ClassNotFoundException | NoSuchMethodException e) {
            LOG.warn("Could not configure SerializationFilterAdapter. For better security, it is highly recommended to upgrade to newer JDK version update!");
            LOG.warn("For the Java 7, the recommended update is at least 131 (1.7.0_131 or newer). For the Java 8, the recommended update is at least 121 (1.8.0_121 or newer).");
            LOG.warn("Error details", e);
            return new EmptyFilterAdapter();
        }
    }

    private static SerializationFilterAdapter createOnJavaAfter8Adapter() {
        try {
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            Class<?> loadClass = contextClassLoader.loadClass("java.io.ObjectInputFilter");
            Class<?> loadClass2 = contextClassLoader.loadClass("java.io.ObjectInputFilter$Config");
            Class<?> loadClass3 = contextClassLoader.loadClass("java.io.ObjectInputStream");
            Method declaredMethod = loadClass3.getDeclaredMethod("getObjectInputFilter", new Class[0]);
            Method declaredMethod2 = loadClass3.getDeclaredMethod("setObjectInputFilter", loadClass);
            Method declaredMethod3 = loadClass2.getDeclaredMethod("createFilter", String.class);
            LOG.info("Using OnJavaAfter8 serialization filter adapter");
            return new OnJavaAfter8(declaredMethod, declaredMethod2, declaredMethod3);
        } catch (ClassNotFoundException | NoSuchMethodException e) {
            LOG.warn("Could not configure SerializationFilterAdapter. For better security, it is highly recommended to upgrade to newer JDK version update!");
            LOG.warn("Error details", e);
            return new EmptyFilterAdapter();
        }
    }

    static {
        serializationFilterAdapter = isJava6To8() ? createOnJava6To8Adapter() : createOnJavaAfter8Adapter();
    }
}
