package com.ibm.ws.security.krb5;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.kernel.service.util.JavaInfo;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.Oid;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/krb5/Krb5Common.class */
public class Krb5Common {
    private static final TraceComponent tc = Tr.register(Krb5Common.class, (String) null, (String) null);
    public static Oid SPNEGO_MECH_OID;
    public static Oid KRB5_MECH_OID;
    public static boolean isJdk18OrUp;
    public static boolean isIBMJdk18OrLower;
    public static boolean isOracleJdk18OrHigher;
    private static boolean isJdk11OrUp;
    public static boolean isOtherSupportJDKs;
    public static final String KRB5_KDC = "java.security.krb5.kdc";
    public static final String KRB5_REALM = "java.security.krb5.realm";
    public static final String KRB5_CONF = "java.security.krb5.conf";
    public static final String KRB5_KTNAME = "KRB5_KTNAME";
    public static final String USE_SUBJECT_CREDS_ONLY = "javax.security.auth.useSubjectCredsOnly";
    public static final String KRB5_NAME = "javax.security.auth.login.name";
    public static final String KRB5_PWD = "javax.security.auth.login.password";
    public static final String IBM_KRB5_PRINCIPAL = "com.ibm.security.krb5.principal";
    public static final String SUN_KRB5_PRINCIPAL = "sun.security.krb5.principal";
    public static String KRB5_PRINCIPAL;
    static final long serialVersionUID = 8988049293866327992L;

    public static String setPropertyAsNeeded(final String str, final String str2) {
        String str3 = (String) AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.krb5.Krb5Common.1
            static final long serialVersionUID = -4834476390937924568L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class, (String) null, (String) null);

            @Override // java.security.PrivilegedAction
            public String run() {
                String property = System.getProperty(str);
                if (str2 == null) {
                    System.clearProperty(str);
                } else if (!str2.equalsIgnoreCase(property)) {
                    System.setProperty(str, str2);
                }
                return property;
            }
        });
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, str + " property previous: " + (str3 != null ? str3 : "<null>") + " and now: " + str2, new Object[0]);
        }
        return str3;
    }

    public static void restorePropertyAsNeeded(final String str, final String str2, final String str3) {
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.security.krb5.Krb5Common.2
            static final long serialVersionUID = 5100485159354019883L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass2.class, (String) null, (String) null);

            @Override // java.security.PrivilegedAction
            public Object run() {
                if (str2 == null) {
                    System.clearProperty(str);
                    return null;
                }
                if (str2.equalsIgnoreCase(str3)) {
                    return null;
                }
                System.setProperty(str, str2);
                return null;
            }
        });
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Restore property " + str + " to previous value: " + str2, new Object[0]);
        }
    }

    @Trivial
    public static String getSystemProperty(final String str) {
        return (String) AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.krb5.Krb5Common.3
            static final long serialVersionUID = 2741205965536647335L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass3.class, (String) null, (String) null);

            @Override // java.security.PrivilegedAction
            public Object run() {
                return System.getProperty(str);
            }
        });
    }

    @Trivial
    public static void setSystemProperty(final String str, final String str2) {
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.krb5.Krb5Common.4
            static final long serialVersionUID = 2230919050077830887L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass4.class, (String) null, (String) null);

            @Override // java.security.PrivilegedAction
            public Object run() {
                if (str2 == null) {
                    System.clearProperty(str);
                    return null;
                }
                System.setProperty(str, str2);
                return null;
            }
        });
    }

    public static void debugKrb5LoginModule(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        if (tc.isDebugEnabled()) {
            TraceComponent traceComponent = tc;
            Object[] objArr = new Object[10];
            objArr[0] = "       subject: " + (subject == null ? "null" : subject.toString());
            objArr[1] = "       sharedState: " + (map == null ? "null" : map.toString());
            objArr[2] = "       options: " + (map2 == null ? "null" : map2.toString());
            objArr[3] = "       javax.security.auth.login.name: " + getSystemProperty(KRB5_NAME);
            objArr[4] = "       " + KRB5_PRINCIPAL + ": " + getSystemProperty(KRB5_PRINCIPAL);
            objArr[5] = "       javax.security.auth.useSubjectCredsOnly: " + getSystemProperty(USE_SUBJECT_CREDS_ONLY);
            objArr[6] = "       java.security.krb5.kdc: " + getSystemProperty(KRB5_KDC);
            objArr[7] = "       java.security.krb5.realm: " + getSystemProperty(KRB5_REALM);
            objArr[8] = "       java.security.krb5.conf: " + getSystemProperty(KRB5_CONF);
            objArr[9] = "       KRB5_KTNAME: " + getSystemProperty(KRB5_KTNAME);
            Tr.debug(traceComponent, "Krb5LoginModule ==> ", objArr);
        }
    }

    static {
        isJdk18OrUp = JavaInfo.majorVersion() >= 8;
        isIBMJdk18OrLower = JavaInfo.vendor() == JavaInfo.Vendor.IBM && JavaInfo.majorVersion() <= 8;
        isOracleJdk18OrHigher = JavaInfo.vendor() == JavaInfo.Vendor.ORACLE && JavaInfo.majorVersion() >= 8;
        isJdk11OrUp = JavaInfo.majorVersion() >= 11;
        isOtherSupportJDKs = isOracleJdk18OrHigher || isJdk11OrUp;
        KRB5_PRINCIPAL = IBM_KRB5_PRINCIPAL;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Jdk vendor: " + JavaInfo.vendor() + " and major version: " + JavaInfo.majorVersion(), new Object[0]);
        }
        if (isOtherSupportJDKs) {
            KRB5_PRINCIPAL = SUN_KRB5_PRINCIPAL;
        }
        try {
            KRB5_MECH_OID = new Oid("1.2.840.113554.1.2.2");
            SPNEGO_MECH_OID = new Oid("1.3.6.1.5.5.2");
        } catch (GSSException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.krb5.Krb5Common", "177", (Object) null, new Object[0]);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Unexpected GSSExecption: " + e, new Object[0]);
            }
        }
    }
}
