package io.openliberty.security.authorization.jacc.internal.proxy;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.authorization.jacc.PolicyConfigurationManager;
import com.ibm.ws.security.authorization.jacc.common.PolicyProxy;
import com.ibm.ws.security.authorization.jacc.common.ProviderServiceProxy;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.security.authorization.jacc.ProviderService;
import jakarta.security.jacc.PolicyConfigurationFactory;
import java.security.AccessController;
import java.security.Policy;
import java.security.PrivilegedAction;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {ProviderServiceProxy.class}, immediate = true, name = "io.openliberty.security.authorization.jacc.provider.proxy", configurationPolicy = ConfigurationPolicy.IGNORE, property = {"service.vendor=IBM"})
@TraceOptions
/* loaded from: input_file:io/openliberty/security/authorization/jacc/internal/proxy/ProviderServiceProxyImpl.class */
public class ProviderServiceProxyImpl implements ProviderServiceProxy {
    private static final TraceComponent tc = Tr.register(ProviderServiceProxyImpl.class, (String) null, (String) null);
    private static final String JACC_FACTORY = "jakarta.security.jacc.PolicyConfigurationFactory.provider";
    private static final String JACC_FACTORY_EE9 = "jakarta.security.jacc.PolicyConfigurationFactory.provider";
    private static final String JACC_POLICY_PROVIDER = "javax.security.jacc.policy.provider";
    private static final String JACC_POLICY_PROVIDER_EE9 = "jakarta.security.jacc.policy.provider";
    static final String KEY_JACC_PROVIDER_SERVICE = "jaccProviderService";
    private final AtomicServiceReference<ProviderService> jaccProviderService = new AtomicServiceReference<>(KEY_JACC_PROVIDER_SERVICE);
    private String policyName = null;
    private String factoryName = null;
    private String originalSystemPolicyName = null;
    private String originalSystemFactoryName = null;
    static final long serialVersionUID = -8132550692454607631L;

    @Reference(service = ProviderService.class, policy = ReferencePolicy.DYNAMIC, name = KEY_JACC_PROVIDER_SERVICE)
    protected void setJaccProviderService(ServiceReference<ProviderService> serviceReference) {
        this.jaccProviderService.setReference(serviceReference);
        initializeSystemProperties(serviceReference);
    }

    protected void unsetJaccProviderService(ServiceReference<ProviderService> serviceReference) {
        this.jaccProviderService.unsetReference(serviceReference);
        restoreSystemProperties();
    }

    public PolicyProxy getPolicyProxy(PolicyConfigurationManager policyConfigurationManager) {
        Policy policy;
        ProviderService providerService = (ProviderService) this.jaccProviderService.getService();
        if (providerService == null || (policy = providerService.getPolicy()) == null) {
            return null;
        }
        return new JavaSePolicyProxyImpl(policy);
    }

    public PolicyConfigurationFactory getPolicyConfigFactory() {
        ProviderService providerService = (ProviderService) this.jaccProviderService.getService();
        if (providerService == null) {
            return null;
        }
        return providerService.getPolicyConfigFactory();
    }

    public Object getProperty(String str) {
        ServiceReference reference = this.jaccProviderService.getReference();
        if (reference == null) {
            return null;
        }
        return reference.getProperty(str);
    }

    public String getPolicyName() {
        return this.policyName;
    }

    public String getFactoryName() {
        return this.factoryName;
    }

    protected void activate(ComponentContext componentContext) {
        this.jaccProviderService.activate(componentContext);
    }

    protected void deactivate(ComponentContext componentContext) {
        this.jaccProviderService.deactivate(componentContext);
    }

    private void initializeSystemProperties(ServiceReference<ProviderService> serviceReference) {
        Object property;
        Object property2;
        Object property3 = serviceReference.getProperty(JACC_POLICY_PROVIDER);
        if (property3 != null && (property3 instanceof String)) {
            this.policyName = (String) property3;
        }
        if (this.policyName == null && (property2 = serviceReference.getProperty(JACC_POLICY_PROVIDER_EE9)) != null && (property2 instanceof String)) {
            this.policyName = (String) property2;
        }
        Object property4 = serviceReference.getProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider");
        if (property4 != null && (property4 instanceof String)) {
            this.factoryName = (String) property4;
        }
        if (this.factoryName == null && (property = serviceReference.getProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider")) != null && (property instanceof String)) {
            this.factoryName = (String) property;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Meta data : policyName : " + this.policyName + " factoryName : " + this.factoryName, new Object[0]);
        }
        this.originalSystemPolicyName = null;
        this.originalSystemFactoryName = null;
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.openliberty.security.authorization.jacc.internal.proxy.ProviderServiceProxyImpl.1
            static final long serialVersionUID = 1084073018360095051L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("io.openliberty.security.authorization.jacc.internal.proxy.ProviderServiceProxyImpl$1", AnonymousClass1.class, (String) null, (String) null);

            @Override // java.security.PrivilegedAction
            public Object run() {
                String property5 = System.getProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER);
                if (property5 == null) {
                    property5 = System.getProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER_EE9);
                }
                String property6 = System.getProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider");
                if (property6 == null) {
                    property6 = System.getProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider");
                }
                if (ProviderServiceProxyImpl.tc.isDebugEnabled()) {
                    Tr.debug(ProviderServiceProxyImpl.tc, "System properties : policyName : " + property5 + " factoryName : " + property6, new Object[0]);
                }
                if (property5 == null) {
                    if (ProviderServiceProxyImpl.this.policyName != null) {
                        System.setProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER, ProviderServiceProxyImpl.this.policyName);
                        System.setProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER_EE9, ProviderServiceProxyImpl.this.policyName);
                    } else if (ProviderServiceProxyImpl.this.policyName == null) {
                        Tr.error(ProviderServiceProxyImpl.tc, "JACC_POLICY_IS_NOT_SET", new Object[0]);
                        return null;
                    }
                } else if (ProviderServiceProxyImpl.this.policyName == null) {
                    ProviderServiceProxyImpl.this.policyName = property5;
                } else if (!property5.equals(ProviderServiceProxyImpl.this.policyName)) {
                    Tr.warning(ProviderServiceProxyImpl.tc, "JACC_INCONSISTENT_POLICY_CLASS", new Object[]{property5, ProviderServiceProxyImpl.this.policyName});
                    System.setProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER, ProviderServiceProxyImpl.this.policyName);
                    System.setProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER_EE9, ProviderServiceProxyImpl.this.policyName);
                    ProviderServiceProxyImpl.this.originalSystemPolicyName = property5;
                }
                if (property6 == null) {
                    if (ProviderServiceProxyImpl.this.factoryName != null) {
                        System.setProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider", ProviderServiceProxyImpl.this.factoryName);
                        System.setProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider", ProviderServiceProxyImpl.this.factoryName);
                        return null;
                    }
                    if (ProviderServiceProxyImpl.this.factoryName != null) {
                        return null;
                    }
                    Tr.error(ProviderServiceProxyImpl.tc, "JACC_FACTORY_IS_NOT_SET", new Object[0]);
                    return null;
                }
                if (ProviderServiceProxyImpl.this.factoryName == null) {
                    ProviderServiceProxyImpl.this.factoryName = property6;
                    return null;
                }
                if (property6.equals(ProviderServiceProxyImpl.this.factoryName)) {
                    return null;
                }
                Tr.warning(ProviderServiceProxyImpl.tc, "JACC_INCONSISTENT_FACTORY_CLASS", new Object[]{property6, ProviderServiceProxyImpl.this.factoryName});
                System.setProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider", ProviderServiceProxyImpl.this.factoryName);
                System.setProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider", ProviderServiceProxyImpl.this.factoryName);
                ProviderServiceProxyImpl.this.originalSystemFactoryName = property6;
                return null;
            }
        });
    }

    private void restoreSystemProperties() {
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.openliberty.security.authorization.jacc.internal.proxy.ProviderServiceProxyImpl.2
            static final long serialVersionUID = -9108951242981663231L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("io.openliberty.security.authorization.jacc.internal.proxy.ProviderServiceProxyImpl$2", AnonymousClass2.class, (String) null, (String) null);

            @Override // java.security.PrivilegedAction
            public Object run() {
                if (ProviderServiceProxyImpl.this.originalSystemPolicyName != null) {
                    System.setProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER, ProviderServiceProxyImpl.this.originalSystemPolicyName);
                    System.setProperty(ProviderServiceProxyImpl.JACC_POLICY_PROVIDER_EE9, ProviderServiceProxyImpl.this.originalSystemPolicyName);
                    if (ProviderServiceProxyImpl.tc.isDebugEnabled()) {
                        Tr.debug(ProviderServiceProxyImpl.tc, "PolicyName system property is restored by : " + ProviderServiceProxyImpl.this.originalSystemPolicyName, new Object[0]);
                    }
                }
                if (ProviderServiceProxyImpl.this.originalSystemFactoryName == null) {
                    return null;
                }
                System.setProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider", ProviderServiceProxyImpl.this.originalSystemFactoryName);
                System.setProperty("jakarta.security.jacc.PolicyConfigurationFactory.provider", ProviderServiceProxyImpl.this.originalSystemFactoryName);
                if (!ProviderServiceProxyImpl.tc.isDebugEnabled()) {
                    return null;
                }
                Tr.debug(ProviderServiceProxyImpl.tc, "PolicyName system property is restored by : " + ProviderServiceProxyImpl.this.originalSystemFactoryName, new Object[0]);
                return null;
            }
        });
    }
}
