package org.neo4j.server.security.enterprise.auth;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.neo4j.kernel.api.KernelTransaction;
import org.neo4j.kernel.api.KernelTransactionHandle;
import org.neo4j.kernel.api.bolt.BoltConnectionTracker;
import org.neo4j.kernel.api.exceptions.Status;
import org.neo4j.kernel.enterprise.api.security.EnterpriseSecurityContext;
import org.neo4j.kernel.impl.api.KernelTransactions;
import org.neo4j.kernel.impl.core.ThreadToStatementContextBridge;
import org.neo4j.kernel.impl.security.User;
import org.neo4j.kernel.internal.GraphDatabaseAPI;
import org.neo4j.procedure.Context;
import org.neo4j.server.security.enterprise.log.SecurityLog;

/* loaded from: input_file:org/neo4j/server/security/enterprise/auth/AuthProceduresBase.class */
public class AuthProceduresBase {

    @Context
    public EnterpriseSecurityContext securityContext;

    @Context
    public GraphDatabaseAPI graph;

    @Context
    public SecurityLog securityLog;

    @Context
    public EnterpriseUserManager userManager;

    /* loaded from: input_file:org/neo4j/server/security/enterprise/auth/AuthProceduresBase$RoleResult.class */
    public static class RoleResult {
        public final String role;
        public final List<String> users = new ArrayList();

        RoleResult(String str, Set<String> set) {
            this.role = str;
            this.users.addAll(set);
        }
    }

    /* loaded from: input_file:org/neo4j/server/security/enterprise/auth/AuthProceduresBase$StringResult.class */
    public static class StringResult {
        public final String value;

        /* JADX INFO: Access modifiers changed from: package-private */
        public StringResult(String str) {
            this.value = str;
        }
    }

    /* loaded from: input_file:org/neo4j/server/security/enterprise/auth/AuthProceduresBase$UserResult.class */
    public static class UserResult {
        public final String username;
        public final List<String> roles = new ArrayList();
        public final List<String> flags;

        UserResult(String str, Set<String> set, Iterable<String> iterable) {
            this.username = str;
            this.roles.addAll(set);
            this.flags = new ArrayList();
            Iterator<String> it = iterable.iterator();
            while (it.hasNext()) {
                this.flags.add(it.next());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void kickoutUser(String str, String str2) {
        try {
            terminateTransactionsForValidUser(str);
            terminateConnectionsForValidUser(str);
        } catch (Exception e) {
            this.securityLog.error(this.securityContext.subject(), "failed to terminate running transaction and bolt connections for user `%s` following %s: %s", str, str2, e.getMessage());
            throw e;
        }
    }

    protected void terminateTransactionsForValidUser(String str) {
        KernelTransaction currentTx = getCurrentTx();
        getActiveTransactions().stream().filter(kernelTransactionHandle -> {
            return kernelTransactionHandle.subject().hasUsername(str) && !kernelTransactionHandle.isUnderlyingTransaction(currentTx);
        }).forEach(kernelTransactionHandle2 -> {
            kernelTransactionHandle2.markForTermination(Status.Transaction.Terminated);
        });
    }

    protected void terminateConnectionsForValidUser(String str) {
        getBoltConnectionTracker().getActiveConnections(str).forEach((v0) -> {
            v0.terminate();
        });
    }

    private Set<KernelTransactionHandle> getActiveTransactions() {
        return ((KernelTransactions) this.graph.getDependencyResolver().resolveDependency(KernelTransactions.class)).activeTransactions();
    }

    private BoltConnectionTracker getBoltConnectionTracker() {
        return (BoltConnectionTracker) this.graph.getDependencyResolver().resolveDependency(BoltConnectionTracker.class);
    }

    private KernelTransaction getCurrentTx() {
        return ((ThreadToStatementContextBridge) this.graph.getDependencyResolver().resolveDependency(ThreadToStatementContextBridge.class)).getKernelTransactionBoundToThisThread(true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserResult userResultForSubject() {
        String username = this.securityContext.subject().username();
        User silentlyGetUser = this.userManager.silentlyGetUser(username);
        return new UserResult(username, this.securityContext.roles(), silentlyGetUser == null ? Collections.emptyList() : silentlyGetUser.getFlags());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserResult userResultForName(String str) {
        if (str.equals(this.securityContext.subject().username())) {
            return userResultForSubject();
        }
        User silentlyGetUser = this.userManager.silentlyGetUser(str);
        return new UserResult(str, this.userManager.silentlyGetRoleNamesForUser(str), silentlyGetUser == null ? Collections.emptyList() : silentlyGetUser.getFlags());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RoleResult roleResultForName(String str) {
        return new RoleResult(str, this.userManager.silentlyGetUsernamesForRole(str));
    }
}
