package com.ibm.ws.security.registry.internal;

import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.kernel.service.util.ServiceRegistrationModifier;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.registry.ExternalUserRegistryWrapper;
import com.ibm.ws.security.registry.FederationRegistry;
import com.ibm.ws.security.registry.RegistryException;
import com.ibm.ws.security.registry.UserRegistry;
import com.ibm.ws.security.registry.UserRegistryChangeListener;
import com.ibm.ws.security.registry.UserRegistryService;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.kernel.service.utils.ConcurrentServiceReferenceMap;
import com.ibm.wsspi.kernel.service.utils.ConcurrentServiceReferenceSet;
import com.ibm.wsspi.kernel.service.utils.FrameworkState;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicReference;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(immediate = true, configurationPid = {"com.ibm.ws.security.registry.internal.UserRegistryRefConfig", "com.ibm.ws.security.registry"}, configurationPolicy = ConfigurationPolicy.OPTIONAL, property = {"service.vendor=IBM"}, service = {})
/* loaded from: input_file:com/ibm/ws/security/registry/internal/UserRegistryServiceImpl.class */
public class UserRegistryServiceImpl implements UserRegistryService, ServiceRegistrationModifier.ServicePropertySupplier {
    private static final TraceComponent tc = Tr.register(UserRegistryServiceImpl.class, "UserRegistry", TraceConstants.MESSAGE_BUNDLE);
    static final String KEY_FEDERATION_REGISTRY = "FederationRegistry";
    static final String KEY_USER_REGISTRY = "UserRegistry";
    static final String KEY_LISTENER = "UserRegistryChangeListener";
    static final String KEY_CONFIG_ID = "config.id";
    static final String KEY_TYPE = "com.ibm.ws.security.registry.type";
    static final String KEY_COMPONENT_NAME = "component.name";
    static final String UNKNOWN_TYPE = "UNKNOWN";
    static final String CFG_KEY_REFID = "refId";
    static final String CFG_KEY_REALM = "realm";
    private static final String CFG_KEY_UR_COUNT = "UserRegistry.cardinality.minimum";
    private static final String FEDERATION_REGISTRY_TYPE = "WIM";
    private String[] refId;
    private String realm;
    private int urCount;
    static final String SERVICE_PROPERTY_USER_REGISTRY_CONFIGURED = "userRegistryConfigured";
    private static final String SERVICE_PROPERTY_REALM = "realm";
    private volatile Map<String, Object> props;
    private volatile Hashtable<String, Object> userRegistryServiceProps;
    static final long serialVersionUID = 5131035484648058722L;
    final ConcurrentServiceReferenceMap<String, UserRegistry> userRegistries = new ConcurrentServiceReferenceMap<>("UserRegistry");
    private final ConcurrentServiceReferenceSet<UserRegistryChangeListener> listeners = new ConcurrentServiceReferenceSet<>(KEY_LISTENER);
    private final AtomicServiceReference<FederationRegistry> federationRegistryServiceRef = new AtomicServiceReference<>(KEY_FEDERATION_REGISTRY);
    private final AtomicReference<UserRegistry> userRegistry = new AtomicReference<>();
    private final Object userRegistrySync = new Object() { // from class: com.ibm.ws.security.registry.internal.UserRegistryServiceImpl.1
        static final long serialVersionUID = 4146229960389327208L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.registry.internal.UserRegistryServiceImpl$1", AnonymousClass1.class, "UserRegistry", TraceConstants.MESSAGE_BUNDLE);
    };
    private final List<String> registryTypes = new ArrayList();
    private boolean isFederationActive = false;
    private final ServiceRegistrationModifier<UserRegistryService> userRegistryServiceRegistration = new ServiceRegistrationModifier<>(UserRegistryService.class, this, this);

    @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.MULTIPLE, target = "(!(objectClass=com.ibm.ws.security.registry.FederationRegistry))")
    protected void setUserRegistry(ServiceReference<UserRegistry> serviceReference) {
        String str = (String) serviceReference.getProperty(KEY_CONFIG_ID);
        String str2 = (String) serviceReference.getProperty("com.ibm.ws.security.registry.type");
        if (str == null || str2 == null) {
            if (str2 == null) {
                Tr.error(tc, "USER_REGISTRY_SERVICE_WITHOUT_TYPE", new Object[]{serviceReference.getProperty(KEY_COMPONENT_NAME)});
            }
            if (str == null) {
                if (str2 != null) {
                    Tr.error(tc, "USER_REGISTRY_SERVICE_CONFIGURATION_WITHOUT_ID", new Object[]{str2});
                } else {
                    Tr.error(tc, "USER_REGISTRY_SERVICE_CONFIGURATION_WITHOUT_ID", new Object[]{UNKNOWN_TYPE});
                }
            }
        } else {
            this.userRegistries.putReference(parseIdFromConfigID(str), serviceReference);
        }
        if (str2 != null) {
            this.registryTypes.add(str2);
        } else {
            this.registryTypes.add(UNKNOWN_TYPE);
        }
        notifyListeners();
        updateUserRegistryServiceRegistration();
    }

    private String parseIdFromConfigID(String str) {
        Matcher matcher = Pattern.compile("\\Q[\\E(.+?)\\Q]\\E").matcher(str);
        return matcher.find() ? matcher.group(1) : str;
    }

    protected void updatedUserRegistry(ServiceReference<UserRegistry> serviceReference) {
        notifyListeners();
        updateUserRegistryServiceRegistration();
    }

    protected void unsetUserRegistry(ServiceReference<UserRegistry> serviceReference) {
        this.userRegistries.removeReference(parseIdFromConfigID((String) serviceReference.getProperty(KEY_CONFIG_ID)), serviceReference);
        notifyListeners();
        String str = (String) serviceReference.getProperty("com.ibm.ws.security.registry.type");
        if (str != null) {
            this.registryTypes.remove(str);
        } else {
            this.registryTypes.remove(UNKNOWN_TYPE);
        }
        if (FrameworkState.isStopping()) {
            return;
        }
        updateUserRegistryServiceRegistration();
    }

    @Reference(name = KEY_FEDERATION_REGISTRY, policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
    protected void setFederationRegistry(ServiceReference<FederationRegistry> serviceReference) {
        this.federationRegistryServiceRef.setReference(serviceReference);
        updateUserRegistryServiceRegistration();
    }

    protected void unsetFederationRegistry(ServiceReference<FederationRegistry> serviceReference) {
        this.federationRegistryServiceRef.unsetReference(serviceReference);
        if (FrameworkState.isStopping()) {
            return;
        }
        updateUserRegistryServiceRegistration();
    }

    @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.MULTIPLE)
    protected void setUserRegistryChangeListener(ServiceReference<UserRegistryChangeListener> serviceReference) {
        this.listeners.addReference(serviceReference);
    }

    protected void unsetUserRegistryChangeListener(ServiceReference<UserRegistryChangeListener> serviceReference) {
        this.listeners.removeReference(serviceReference);
    }

    @Activate
    protected void activate(ComponentContext componentContext, Map<String, Object> map) {
        this.props = map;
        this.refId = (String[]) map.get(CFG_KEY_REFID);
        this.realm = (String) map.get("realm");
        this.urCount = map.get(CFG_KEY_UR_COUNT) == null ? -1 : Integer.valueOf((String) map.get(CFG_KEY_UR_COUNT)).intValue();
        this.userRegistries.activate(componentContext);
        this.listeners.activate(componentContext);
        this.federationRegistryServiceRef.activate(componentContext);
        updateServiceProperties();
        this.userRegistryServiceRegistration.registerOrUpdate(componentContext.getBundleContext());
    }

    @Modified
    protected void modify(Map<String, Object> map) {
        this.refId = (String[]) map.get(CFG_KEY_REFID);
        this.realm = (String) map.get("realm");
        this.urCount = map.get(CFG_KEY_UR_COUNT) == null ? -1 : Integer.valueOf((String) map.get(CFG_KEY_UR_COUNT)).intValue();
        this.props = map;
        notifyListeners();
        updateUserRegistryServiceRegistration();
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) {
        this.userRegistryServiceRegistration.unregister();
        this.refId = null;
        this.realm = null;
        this.userRegistries.deactivate(componentContext);
        this.listeners.deactivate(componentContext);
        this.federationRegistryServiceRef.deactivate(componentContext);
    }

    private void notifyListeners() {
        Iterator it = this.listeners.services().iterator();
        while (it.hasNext()) {
            ((UserRegistryChangeListener) it.next()).notifyOfUserRegistryChange();
        }
    }

    private boolean isConfigured() {
        return this.refId != null;
    }

    private UserRegistry determineActiveUserRegistry(boolean z) throws RegistryException {
        UserRegistry userRegistry;
        synchronized (this.userRegistrySync) {
            UserRegistry userRegistry2 = this.userRegistry.get();
            if (userRegistry2 == null) {
                userRegistry2 = isConfigured() ? getUserRegistryFromConfiguration() : autoDetectUserRegistry(z);
                this.userRegistry.set(userRegistry2);
            }
            userRegistry = userRegistry2;
        }
        return userRegistry;
    }

    @Override // com.ibm.ws.security.registry.UserRegistryService
    public boolean isUserRegistryConfigured() throws RegistryException {
        return null != determineActiveUserRegistry(false);
    }

    @Override // com.ibm.ws.security.registry.UserRegistryService
    public UserRegistry getUserRegistry() throws RegistryException {
        return determineActiveUserRegistry(true);
    }

    private UserRegistry autoDetectUserRegistry(boolean z) throws RegistryException {
        UserRegistry federationRegistry = getFederationRegistry();
        synchronized (this.userRegistrySync) {
            if (federationRegistry != null) {
                setRegistriesToBeFederated((FederationRegistry) federationRegistry, z);
                this.isFederationActive = true;
                return federationRegistry;
            }
            this.isFederationActive = false;
            if (this.userRegistries.isEmpty()) {
                if (!z) {
                    return null;
                }
                Tr.error(tc, "USER_REGISTRY_SERVICE_NO_USER_REGISTRY_AVAILABLE", new Object[0]);
                throw new RegistryException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "USER_REGISTRY_SERVICE_NO_USER_REGISTRY_AVAILABLE", new Object[0], "CWWKS3005E: A configuration exception has occurred. No UserRegistry implementation service is available.  Ensure that you have a user registry configured."));
            }
            if (this.urCount <= 1) {
                return getUserRegistry((String) this.userRegistries.keySet().iterator().next(), z);
            }
            if (!z) {
                return null;
            }
            Tr.error(tc, "USER_REGISTRY_SERVICE_MULTIPLE_USER_REGISTRY_AVAILABLE", new Object[0]);
            throw new RegistryException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "USER_REGISTRY_SERVICE_MULTIPLE_USER_REGISTRY_AVAILABLE", new Object[0], "CWWKS3006E: A configuration error has occurred. Multiple available UserRegistry implementation services, unable to determine which to use."));
        }
    }

    private UserRegistry getFederationRegistry() throws RegistryException {
        return (UserRegistry) this.federationRegistryServiceRef.getService();
    }

    private UserRegistry getUserRegistryFromConfiguration() throws RegistryException {
        String[] strArr = this.refId;
        if (strArr == null || strArr.length == 0) {
            Tr.error(tc, "USER_REGISTRY_SERVICE_CONFIG_ERROR_NO_REFID", new Object[0]);
            throw new RegistryException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "USER_REGISTRY_SERVICE_CONFIG_ERROR_NO_REFID", (Object[]) null, "CWWKS3000E: A configuration error has occurred. There is no configured refId parameter for the userRegistry configuration."));
        }
        if (strArr.length == 1) {
            return getUserRegistry(strArr[0]);
        }
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            arrayList.add(getUserRegistry(str));
        }
        return new UserRegistryProxy(this.realm, arrayList);
    }

    @Override // com.ibm.ws.security.registry.UserRegistryService
    public UserRegistry getUserRegistry(String str) throws RegistryException {
        return getUserRegistry(str, true);
    }

    private UserRegistry getUserRegistry(String str, boolean z) throws RegistryException {
        if (str == null) {
            throw new IllegalArgumentException("getUserRegistry(String) does not support null id");
        }
        UserRegistry userRegistry = (UserRegistry) this.userRegistries.getService(str);
        if (userRegistry != null) {
            return userRegistry;
        }
        Tr.error(tc, "USER_REGISTRY_SERVICE_CONFIG_ERROR_NO_SUCH_ID", new Object[]{str});
        if (z) {
            throw new RegistryException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "USER_REGISTRY_SERVICE_CONFIG_ERROR_NO_SUCH_ID", new Object[]{str}, "CWWKS3001E: A configuration error has occurred. The requested UserRegistry instance with id {0} could not be found."));
        }
        return null;
    }

    @Override // com.ibm.ws.security.registry.UserRegistryService
    public String getUserRegistryType() {
        synchronized (this.userRegistrySync) {
            return (!this.isFederationActive || this.userRegistry == null) ? (this.registryTypes.isEmpty() || this.registryTypes.size() > 1) ? UNKNOWN_TYPE : this.registryTypes.get(0) : FEDERATION_REGISTRY_TYPE;
        }
    }

    public Hashtable<String, Object> getServiceProperties() {
        return this.userRegistryServiceProps;
    }

    private void updateUserRegistryServiceRegistration() {
        updateServiceProperties();
        this.userRegistryServiceRegistration.update();
    }

    private void updateServiceProperties() {
        synchronized (this.userRegistrySync) {
            this.userRegistry.set(null);
            this.userRegistryServiceProps = getServiceProperties0();
        }
    }

    @FFDCIgnore({RegistryException.class})
    private Hashtable<String, Object> getServiceProperties0() {
        Map<String, Object> map = this.props;
        if (map == null) {
            return null;
        }
        Hashtable<String, Object> hashtable = new Hashtable<>(map);
        try {
            UserRegistry determineActiveUserRegistry = determineActiveUserRegistry(false);
            if (determineActiveUserRegistry == null) {
                hashtable.put(SERVICE_PROPERTY_USER_REGISTRY_CONFIGURED, false);
            } else {
                hashtable.put(SERVICE_PROPERTY_USER_REGISTRY_CONFIGURED, true);
                if (determineActiveUserRegistry.getRealm() != null) {
                    hashtable.put("realm", determineActiveUserRegistry.getRealm());
                }
            }
        } catch (RegistryException e) {
        }
        return hashtable;
    }

    private void setRegistriesToBeFederated(FederationRegistry federationRegistry, boolean z) throws RegistryException {
        federationRegistry.removeAllFederatedRegistries();
        try {
            ArrayList arrayList = new ArrayList();
            Iterator it = this.userRegistries.keySet().iterator();
            while (it.hasNext()) {
                arrayList.add((UserRegistry) this.userRegistries.getServiceWithException((String) it.next()));
            }
            federationRegistry.addFederationRegistries(arrayList);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.internal.UserRegistryServiceImpl", "581", this, new Object[]{federationRegistry, Boolean.valueOf(z)});
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Unable to federate user registries.", new Object[0]);
            }
            Tr.error(tc, "USER_REGISTRY_SERVICE_FEDERATION_FAILED", new Object[]{e});
            throw new RegistryException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "USER_REGISTRY_SERVICE_FEDERATION_FAILED", new Object[]{e}, "CWWKS3010E: An unexpected exception occurred federating user registries: " + e), e);
        }
    }

    @Override // com.ibm.ws.security.registry.UserRegistryService
    public com.ibm.websphere.security.UserRegistry getExternalUserRegistry(UserRegistry userRegistry) {
        return userRegistry instanceof ExternalUserRegistryWrapper ? ((ExternalUserRegistryWrapper) userRegistry).getExternalUserRegistry() : new UserRegistryWrapper(userRegistry);
    }
}
