package com.ibm.ws.messaging.security.authentication.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.security.audit.context.AuditManager;
import com.ibm.ws.messaging.security.MessagingSecurityConstants;
import com.ibm.ws.messaging.security.MessagingSecurityException;
import com.ibm.ws.messaging.security.authentication.MessagingAuthenticationException;
import com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService;
import com.ibm.ws.messaging.security.authentication.actions.MessagingLoginAction;
import com.ibm.ws.messaging.security.internal.MessagingSecurityServiceImpl;
import com.ibm.ws.messaging.security.utility.MessagingSecurityUtility;
import com.ibm.ws.security.audit.Audit;
import com.ibm.ws.security.authentication.AuthenticationData;
import com.ibm.ws.security.authentication.WSAuthenticationData;
import com.ibm.ws.sib.jfapchannel.ConversationMetaData;
import com.ibm.ws.sib.utils.ras.SibTr;
import java.security.AccessController;
import java.security.cert.Certificate;
import javax.security.auth.Subject;

/* loaded from: input_file:com/ibm/ws/messaging/security/authentication/internal/MessagingAuthenticationServiceImpl.class */
public class MessagingAuthenticationServiceImpl implements MessagingAuthenticationService, MessagingSecurityConstants {
    private static TraceComponent tc = SibTr.register(MessagingAuthenticationServiceImpl.class, "MessagingSecurity", "com.ibm.ws.messaging.security.CWWKMMessages");
    private static final String CLASS_NAME = "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpl";
    private MessagingSecurityServiceImpl _messagingSecurityService;
    private final AuthenticationData authenticationDataForSubject = new WSAuthenticationData();
    private final AuditManager auditManager = new AuditManager();

    public MessagingAuthenticationServiceImpl(MessagingSecurityServiceImpl messagingSecurityServiceImpl) {
        this._messagingSecurityService = null;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImplconstructor", messagingSecurityServiceImpl);
        }
        this._messagingSecurityService = messagingSecurityServiceImpl;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImplconstructor");
        }
    }

    public Subject login(Subject subject) throws MessagingAuthenticationException {
        String str = null;
        String str2 = null;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        if (this.auditManager != null) {
            if (this.auditManager.getJMSBusName() != null) {
                str = this.auditManager.getJMSBusName();
            }
            if (this.auditManager.getJMSMessagingEngine() != null) {
                str2 = this.auditManager.getJMSMessagingEngine();
            }
        }
        Subject subject2 = (Subject) AccessController.doPrivileged(new MessagingLoginAction(this.authenticationDataForSubject, "SUBJECT", this._messagingSecurityService.getSecurityService(), subject));
        if (subject2 == null) {
            String str3 = null;
            try {
                str3 = this._messagingSecurityService.getUniqueUserName(subject);
            } catch (MessagingSecurityException e) {
            }
            if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str3, null, null, null, str, str2, "User subject", Integer.valueOf("201")});
            } else {
                ConversationMetaData conversationMetaData = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str3, conversationMetaData.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData.getRemotePort()).toString(), conversationMetaData.getChainName(), str, str2, "User subject", Integer.valueOf("201")});
            }
            throwAuthenticationException(str3);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject2);
        }
        if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{subject.getPrincipals().iterator().next().getName(), null, null, null, str, str2, "User subject", Integer.valueOf("200")});
        } else {
            ConversationMetaData conversationMetaData2 = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{subject.getPrincipals().iterator().next().getName(), conversationMetaData2.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData2.getRemotePort()).toString(), conversationMetaData2.getChainName(), str, str2, "User subject", Integer.valueOf("200")});
        }
        return subject2;
    }

    public Subject login(String str, String str2) throws MessagingAuthenticationException {
        String str3 = null;
        String str4 = null;
        if (this.auditManager != null) {
            if (this.auditManager.getJMSBusName() != null) {
                str3 = this.auditManager.getJMSBusName();
            }
            if (this.auditManager.getJMSMessagingEngine() != null) {
                str4 = this.auditManager.getJMSMessagingEngine();
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", new Object[]{str, "Password Not Traced"});
        }
        Subject subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(str, str2), "USERID", this._messagingSecurityService.getSecurityService()));
        if (subject == null) {
            if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, null, null, null, str3, str4, "Userid+Password", Integer.valueOf("201")});
            } else {
                ConversationMetaData conversationMetaData = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, conversationMetaData.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData.getRemotePort()).toString(), conversationMetaData.getChainName(), str3, str4, "Userid+Password", Integer.valueOf("201")});
            }
            throwAuthenticationException(str);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, null, null, null, str3, str4, "Userid+Password", Integer.valueOf("200")});
        } else {
            ConversationMetaData conversationMetaData2 = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, conversationMetaData2.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData2.getRemotePort()).toString(), conversationMetaData2.getChainName(), str3, str4, "Userid+Password", Integer.valueOf("200")});
        }
        return subject;
    }

    public Subject login(byte[] bArr, String str) throws MessagingAuthenticationException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", new Object[]{bArr, str});
        }
        String str2 = null;
        String str3 = null;
        if (this.auditManager != null) {
            if (this.auditManager.getJMSBusName() != null) {
                str2 = this.auditManager.getJMSBusName();
            }
            if (this.auditManager.getJMSMessagingEngine() != null) {
                str3 = this.auditManager.getJMSMessagingEngine();
            }
        }
        if (!"LTPA".equals(str)) {
            SibTr.error(tc, "SECURITY_TOKEN_TYPE_NOT_SUPPORTED_MSE1002", str);
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{new String(bArr), this.auditManager.getJMSConversationMetaData(), str2, str3, "Token", Integer.valueOf("201")});
            throw new MessagingAuthenticationException(Tr.formatMessage(tc, "SECURITY_TOKEN_TYPE_NOT_SUPPORTED_MSE1002", new Object[0]));
        }
        Subject subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(bArr), "LTPA", this._messagingSecurityService.getSecurityService()));
        if (subject == null) {
            String str4 = null;
            try {
                str4 = this._messagingSecurityService.getUniqueUserName(subject);
            } catch (MessagingSecurityException e) {
            }
            if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str4, null, null, null, str2, str3, "Token", Integer.valueOf("201")});
            } else {
                ConversationMetaData conversationMetaData = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str4, conversationMetaData.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData.getRemotePort()).toString(), conversationMetaData.getChainName(), str2, str3, "Token", Integer.valueOf("201")});
            }
            throwAuthenticationException(str4);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{new String(bArr), null, null, null, str2, str3, "Token", Integer.valueOf("200")});
        } else {
            ConversationMetaData conversationMetaData2 = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{new String(bArr), conversationMetaData2.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData2.getRemotePort()).toString(), conversationMetaData2.getChainName(), str2, str3, "Token", Integer.valueOf("200")});
        }
        return subject;
    }

    public Subject login(String str) throws MessagingAuthenticationException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", str);
        }
        String str2 = null;
        String str3 = null;
        if (this.auditManager != null) {
            if (this.auditManager.getJMSBusName() != null) {
                str2 = this.auditManager.getJMSBusName();
            }
            if (this.auditManager.getJMSMessagingEngine() != null) {
                str3 = this.auditManager.getJMSMessagingEngine();
            }
        }
        Subject subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(str, this._messagingSecurityService.getUserRegistry()), "IDASSERTION", this._messagingSecurityService.getSecurityService()));
        if (subject == null) {
            if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, null, null, null, str2, str3, "UserId", Integer.valueOf("201")});
            } else {
                ConversationMetaData conversationMetaData = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
                Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, conversationMetaData.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData.getRemotePort()).toString(), conversationMetaData.getChainName(), str2, str3, "UserId", Integer.valueOf("201")});
            }
            throwAuthenticationException(str);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, null, null, null, str2, str3, "UserId", Integer.valueOf("200")});
        } else {
            ConversationMetaData conversationMetaData2 = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str, conversationMetaData2.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData2.getRemotePort()).toString(), conversationMetaData2.getChainName(), str2, str3, "UserId", Integer.valueOf("200")});
        }
        return subject;
    }

    public Subject login(Certificate[] certificateArr) throws MessagingAuthenticationException {
        Subject subject;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", certificateArr);
        }
        String str = null;
        String str2 = null;
        if (this.auditManager != null) {
            if (this.auditManager.getJMSBusName() != null) {
                str = this.auditManager.getJMSBusName();
            }
            if (this.auditManager.getJMSMessagingEngine() != null) {
                str2 = this.auditManager.getJMSMessagingEngine();
            }
        }
        if (certificateArr == null) {
            subject = null;
        } else {
            subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(certificateArr, this._messagingSecurityService.getUserRegistry()), "CLIENTSSL", this._messagingSecurityService.getSecurityService()));
            if (subject == null) {
                String str3 = null;
                try {
                    str3 = this._messagingSecurityService.getUniqueUserName(subject);
                } catch (MessagingSecurityException e) {
                }
                if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
                    Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str3, null, null, null, str, str2, "Certificates", Integer.valueOf("201")});
                } else {
                    ConversationMetaData conversationMetaData = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
                    Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{str3, conversationMetaData.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData.getRemotePort()).toString(), conversationMetaData.getChainName(), str, str2, "Certificates", Integer.valueOf("201")});
                }
                throwAuthenticationException(str3);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{certificateArr.toString(), null, null, null, str, str2, "Certificates", Integer.valueOf("200")});
        } else {
            ConversationMetaData conversationMetaData2 = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_01, new Object[]{certificateArr.toString(), conversationMetaData2.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData2.getRemotePort()).toString(), conversationMetaData2.getChainName(), str, str2, "Certificates", Integer.valueOf("200")});
        }
        return subject;
    }

    public void logout(Subject subject) {
        String str = null;
        try {
            str = this._messagingSecurityService.getUniqueUserName(subject);
        } catch (MessagingSecurityException e) {
        }
        if (this.auditManager == null || this.auditManager.getJMSConversationMetaData() == null) {
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_TERMINATE_01, new Object[]{str, null, null, null, this.auditManager.getJMSBusName(), this.auditManager.getJMSMessagingEngine(), null, Integer.valueOf("200")});
        } else {
            ConversationMetaData conversationMetaData = (ConversationMetaData) this.auditManager.getJMSConversationMetaData();
            Audit.audit(Audit.EventID.SECURITY_JMS_AUTHN_TERMINATE_01, new Object[]{str, conversationMetaData.getRemoteAddress().getHostAddress(), new Integer(conversationMetaData.getRemotePort()).toString(), conversationMetaData.getChainName(), this.auditManager.getJMSBusName(), this.auditManager.getJMSMessagingEngine(), null, Integer.valueOf("200")});
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogout", subject);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogout");
        }
    }

    private void throwAuthenticationException(String str) throws MessagingAuthenticationException {
        throw new MessagingAuthenticationException(Tr.formatMessage(tc, "USER_NOT_AUTHENTICATED_MSE1009", new Object[]{str}));
    }
}
