package com.ibm.ws.security.authentication.internal.cache;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.authentication.cache.AuthCacheService;
import com.ibm.ws.security.authentication.cache.CacheObject;
import com.ibm.wsspi.kernel.service.utils.FrameworkState;
import io.openliberty.jcache.CacheService;
import io.openliberty.jcache.DeserializationException;
import io.openliberty.jcache.SerializationException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.cache.Cache;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/authentication/internal/cache/JCacheAuthCache.class */
public class JCacheAuthCache implements AuthCache {
    private CacheService cacheService;
    private final AuthCacheService authCacheService;
    private AuthCache inMemoryCache;
    private final Set<String> notSerializableClassesLogged = new HashSet();
    static final long serialVersionUID = -4824315519263848994L;
    private static final TraceComponent tc = Tr.register(JCacheAuthCache.class, "Authentication", "com.ibm.ws.security.authentication.internal.resources.AuthenticationMessages");
    private static final Set<String> NOT_SERIALIZABLE_CREDS = new HashSet();

    public JCacheAuthCache(CacheService cacheService, AuthCache authCache, AuthCacheService authCacheService) {
        this.cacheService = null;
        this.inMemoryCache = null;
        this.cacheService = cacheService;
        this.inMemoryCache = authCache;
        this.authCacheService = authCacheService;
    }

    @Override // com.ibm.ws.security.authentication.internal.cache.AuthCache
    public void clearAllEntries(boolean z) {
        Cache<Object, Object> jCache;
        if (!z && !this.authCacheService.getAutoClearCache()) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "The authentication cache was not cleared. Force clear? " + z + ", Auto-clear enabled? " + this.authCacheService.getAutoClearCache(), new Object[0]);
                return;
            }
            return;
        }
        this.inMemoryCache.clearAllEntries(z);
        if (FrameworkState.isStopping() || !this.authCacheService.isServerStarted() || (jCache = getJCache()) == null) {
            return;
        }
        try {
            jCache.removeAll();
            Tr.info(tc, "JCACHE_AUTH_CACHE_CLEARED_ALL_ENTRIES", new Object[]{jCache.getName()});
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.authentication.internal.cache.JCacheAuthCache", "109", this, new Object[]{Boolean.valueOf(z)});
            Tr.error(tc, "JCACHE_AUTH_CACHE_CLEAR_FAILED", new Object[]{jCache.getName(), e});
        }
    }

    @Override // com.ibm.ws.security.authentication.internal.cache.AuthCache
    public Object get(Object obj) {
        Object obj2 = null;
        Cache<Object, Object> jCache = getJCache();
        if (jCache != null) {
            try {
                obj2 = jCache.get(obj);
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    if (obj2 == null) {
                        Tr.debug(tc, "JCache MISS for key " + obj, new Object[0]);
                    } else {
                        Tr.debug(tc, "JCache HIT for key " + obj, new Object[0]);
                    }
                }
            } catch (DeserializationException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.authentication.internal.cache.JCacheAuthCache", "141", this, new Object[]{obj});
                Tr.error(tc, e.getMessage(), new Object[0]);
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.authentication.internal.cache.JCacheAuthCache", "148", this, new Object[]{obj});
                Tr.error(tc, "JCACHE_AUTH_CACHE_GET_FAILED", new Object[]{obj, jCache.getName(), e2});
            }
        }
        if (obj2 == null) {
            obj2 = this.inMemoryCache.get(obj);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                if (obj2 == null) {
                    Tr.debug(tc, "In-memory cache MISS for key " + obj, new Object[0]);
                } else {
                    Tr.debug(tc, "In-memory cache HIT for key " + obj, new Object[0]);
                }
            }
        }
        return obj2;
    }

    @Override // com.ibm.ws.security.authentication.internal.cache.AuthCache
    @FFDCIgnore({SerializationException.class})
    public void insert(Object obj, CacheObject cacheObject) {
        boolean z = false;
        Iterator<Object> it = cacheObject.getSubject().getPrivateCredentials().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Checking private credential: " + next.getClass(), new Object[0]);
            }
            if (NOT_SERIALIZABLE_CREDS.contains(next.getClass().getName())) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Private credential: " + next.getClass() + " will be stored to the in-memory cache.", new Object[0]);
                }
                z = true;
            }
        }
        if (z) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Refused to insert value for key " + obj + " into " + getJCache().getName() + "JCache due to known limitation. Inserting into in-memory cache instead.", new Object[0]);
            }
            this.inMemoryCache.insert(obj, cacheObject);
            return;
        }
        Cache<Object, Object> jCache = getJCache();
        if (jCache != null) {
            try {
                jCache.put(obj, cacheObject);
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.authentication.internal.cache.JCacheAuthCache", "222", this, new Object[]{obj, cacheObject});
                Tr.error(tc, "JCACHE_AUTH_CACHE_INSERT_FAILED", new Object[]{obj, jCache.getName(), e});
            } catch (SerializationException e2) {
                String notSerializableClass = e2.getNotSerializableClass();
                if (notSerializableClass == null || !this.notSerializableClassesLogged.contains(notSerializableClass)) {
                    if (notSerializableClass != null) {
                        this.notSerializableClassesLogged.add(notSerializableClass);
                    }
                    Tr.warning(tc, "JCACHE_AUTH_CACHE_SERIALIZATION_FAILED", new Object[]{obj, jCache.getName(), e2.getMessage()});
                } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Insertion of entry for the " + obj + " key into the " + jCache.getName() + " JCache failed due to a serialization error. The entry will be inserted into the in-memory cache instead.", new Object[]{e2});
                }
                this.inMemoryCache.insert(obj, cacheObject);
            }
        }
    }

    @Override // com.ibm.ws.security.authentication.internal.cache.AuthCache
    public void remove(Object obj) {
        this.inMemoryCache.remove(obj);
        Cache<Object, Object> jCache = getJCache();
        if (jCache != null) {
            try {
                jCache.remove(obj);
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.authentication.internal.cache.JCacheAuthCache", "254", this, new Object[]{obj});
                Tr.error(tc, "JCACHE_AUTH_CACHE_REMOVE_FAILED", new Object[]{obj, jCache.getName(), e});
            }
        }
    }

    private Cache<Object, Object> getJCache() {
        Cache<Object, Object> cache = null;
        if (this.cacheService != null) {
            cache = this.cacheService.getCache();
        }
        return cache;
    }

    @Override // com.ibm.ws.security.authentication.internal.cache.AuthCache
    @Trivial
    public void stopEvictionTask() {
        if (this.inMemoryCache != null) {
            this.inMemoryCache.stopEvictionTask();
        }
    }

    static {
        NOT_SERIALIZABLE_CREDS.add("sun.security.jgss.GSSCredentialImpl");
        NOT_SERIALIZABLE_CREDS.add("com.ibm.security.jgss.GSSCredentialImpl");
        NOT_SERIALIZABLE_CREDS.add("com.sun.security.jgss.ExtendedGSSCredentialImpl");
    }
}
