package com.ibm.ws.security.mp.jwt.principal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.ManualTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.context.SubjectManager;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Optional;
import java.util.Set;
import javax.annotation.Priority;
import javax.enterprise.context.RequestScoped;
import javax.enterprise.inject.Alternative;
import javax.security.auth.Subject;
import org.eclipse.microprofile.jwt.JsonWebToken;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Alternative
@Priority(100)
@RequestScoped
/* loaded from: input_file:com/ibm/ws/security/mp/jwt/principal/PrincipalBean.class */
public class PrincipalBean implements JsonWebToken {
    private static final TraceComponent tc = Tr.register(PrincipalBean.class);
    Principal principal;
    JsonWebToken jsonWebToken;
    private final PrivilegedExceptionAction getCallerSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.mp.jwt.principal.PrincipalBean.1
        static final long serialVersionUID = -725788710681712112L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class);

        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws Exception {
            return new SubjectManager().getCallerSubject();
        }
    };
    static final long serialVersionUID = -2538428211128229945L;

    @ManualTrace
    public PrincipalBean() {
        this.principal = null;
        this.jsonWebToken = null;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "PrincipalBean", new Object[0]);
        }
        Subject callerSubject = getCallerSubject();
        if (callerSubject != null) {
            Set principals = callerSubject.getPrincipals(JsonWebToken.class);
            if (!principals.isEmpty()) {
                JsonWebToken jsonWebToken = (JsonWebToken) principals.iterator().next();
                this.jsonWebToken = jsonWebToken;
                this.principal = jsonWebToken;
            }
            if (this.jsonWebToken == null) {
                Set principals2 = callerSubject.getPrincipals(Principal.class);
                if (!principals2.isEmpty()) {
                    this.principal = (Principal) principals2.iterator().next();
                }
            }
        }
        if (this.principal == null) {
            Tr.error(tc, "MPJWT_CDI_PRINCIPAL_UNAVAILABLE", new Object[0]);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "PrincipalBean", this.principal);
        }
    }

    public <T> Optional<T> claim(String str) {
        return Optional.ofNullable(getClaim(str));
    }

    public Object getClaim(String str) {
        if (this.jsonWebToken != null) {
            return this.jsonWebToken.getClaim(str);
        }
        return null;
    }

    public Set<String> getClaimNames() {
        if (this.jsonWebToken != null) {
            return this.jsonWebToken.getClaimNames();
        }
        return null;
    }

    public String getName() {
        if (this.principal != null) {
            return this.principal.getName();
        }
        return null;
    }

    public Set<String> getAudience() {
        if (this.jsonWebToken != null) {
            return this.jsonWebToken.getAudience();
        }
        return null;
    }

    public Set<String> getGroups() {
        if (this.jsonWebToken != null) {
            return this.jsonWebToken.getGroups();
        }
        return null;
    }

    public String toString() {
        if (this.jsonWebToken != null) {
            return this.jsonWebToken.toString();
        }
        if (this.principal != null) {
            return this.principal.toString();
        }
        return null;
    }

    private Subject getCallerSubject() {
        Subject subject = null;
        try {
            subject = (Subject) AccessController.doPrivileged(this.getCallerSubjectAction);
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.mp.jwt.principal.PrincipalBean", "137", this, new Object[0]);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "getCallerSubject(PrivilegedAction) Exception caught: " + e, new Object[0]);
            }
        }
        return subject;
    }
}
