package com.ibm.ws.security.registry.basic.internal;

import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.crypto.PasswordUtil;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.registry.UserRegistry;
import com.ibm.ws.security.registry.UserRegistryFactory;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.kernel.service.utils.SerializableProtectedString;
import java.io.IOException;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.bcel.Constants;
import org.osgi.framework.ServiceReference;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.component.ComponentContext;

@TraceOptions(traceGroups = {com.ibm.ws.security.registry.internal.TraceConstants.TRACE_GROUP, "BasicRegistry"}, traceGroup = "", messageBundle = "com.ibm.ws.security.registry.basic.internal.resources.LoggingMessages", traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.security.registry.basic_1.0.1.jar:com/ibm/ws/security/registry/basic/internal/BasicRegistryFactory.class */
public class BasicRegistryFactory implements UserRegistryFactory {
    private static final TraceComponent tc = Tr.register(BasicRegistryFactory.class);
    static final String KEY_CONFIG_ADMIN = "configurationAdmin";
    static final String CFG_KEY_ID = "id";
    static final String CFG_KEY_REALM = "realm";
    static final String CFG_KEY_USER = "user";
    static final String CFG_KEY_GROUP = "group";
    static final String CFG_KEY_MEMBER = "member";
    static final String CFG_KEY_NAME = "name";
    static final String CFG_KEY_PASSWORD = "password";
    private final AtomicServiceReference<ConfigurationAdmin> configAdminRef = new AtomicServiceReference<>(KEY_CONFIG_ADMIN);
    static final long serialVersionUID = 3444159487432995512L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public BasicRegistryFactory() {
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void setConfigurationAdmin(ServiceReference<ConfigurationAdmin> serviceReference) {
        this.configAdminRef.setReference(serviceReference);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void unsetConfigurationAdmin(ServiceReference<ConfigurationAdmin> serviceReference) {
        this.configAdminRef.unsetReference(serviceReference);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void activate(ComponentContext componentContext) {
        this.configAdminRef.activate(componentContext);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void deactivate(ComponentContext componentContext) {
        this.configAdminRef.deactivate(componentContext);
    }

    @Trivial
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private boolean valueIsUndefined(String str) {
        return str == null || str.trim().isEmpty();
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private Set<BasicUser> createBasicUserSet(ConfigurationAdmin configurationAdmin, Map<String, Object> map) {
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        String[] strArr = (String[]) map.get("user");
        if (strArr == null || strArr.length == 0) {
            Tr.warning(tc, "BASIC_REGISTRY_NO_USERS_DEFINED", map.get("id"));
            return hashSet;
        }
        for (int i = 0; i < strArr.length; i++) {
            Configuration configuration = null;
            try {
                configuration = configurationAdmin.getConfiguration(strArr[i]);
                if (configuration == null || configuration.getProperties() == null) {
                    Tr.error(tc, "BASIC_REGISTRY_INVALID_USER_DEFINITION", strArr[i]);
                } else {
                    String str = (String) configuration.getProperties().get("name");
                    Object obj = configuration.getProperties().get("password");
                    String str2 = obj != null ? obj instanceof SerializableProtectedString ? new String(((SerializableProtectedString) obj).getChars()) : (String) obj : null;
                    if (valueIsUndefined(str)) {
                        hashSet2.add(str);
                        Tr.error(tc, "BASIC_REGISTRY_INVALID_USER_DEFINITION", TraceNLS.getStringFromBundle(getClass(), "com.ibm.ws.security.registry.basic.internal.resources.LoggingMessages", "USER_MUST_DEFINE_NAME", "A user element must define a name."));
                    } else if (valueIsUndefined(str2)) {
                        hashSet2.add(str);
                        Tr.error(tc, "BASIC_REGISTRY_INVALID_USER_DEFINITION", TraceNLS.getFormattedMessage(getClass(), "com.ibm.ws.security.registry.basic.internal.resources.LoggingMessages", "USER_MUST_DEFINE_PASSWORD", new Object[]{str}, "The user element with name ''{0}'' must define a password."));
                    } else {
                        String trim = str.trim();
                        if (!hashSet2.contains(trim)) {
                            String passwordDecode = PasswordUtil.passwordDecode(str2.trim());
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Adding entry for user \"" + trim + "\"", new Object[0]);
                            }
                            BasicUser basicUser = new BasicUser(trim, passwordDecode);
                            if (!hashSet.add(basicUser)) {
                                hashSet2.add(trim);
                                Tr.error(tc, "BASIC_REGISTRY_SAME_USER_DEFINITION", trim);
                                hashSet.remove(basicUser);
                            }
                        }
                    }
                }
            } catch (IOException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.registry.basic.internal.BasicRegistryFactory", "113", this, new Object[]{configurationAdmin, map});
                Tr.error(tc, "BASIC_REGISTRY_INVALID_USER_DEFINITION", strArr[i]);
            }
        }
        if (hashSet.size() != 0) {
            return hashSet;
        }
        Tr.warning(tc, "BASIC_REGISTRY_NO_USERS_DEFINED", map.get("id"));
        return hashSet;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private Set<BasicGroup> createBasicGroupSet(ConfigurationAdmin configurationAdmin, Map<String, Object> map) {
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        String[] strArr = (String[]) map.get("group");
        if (strArr == null || strArr.length == 0) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No groups were defined", new Object[0]);
            }
            return hashSet;
        }
        for (int i = 0; i < strArr.length; i++) {
            Configuration configuration = null;
            try {
                configuration = configurationAdmin.getConfiguration(strArr[i]);
                if (configuration == null || configuration.getProperties() == null) {
                    Tr.error(tc, "BASIC_REGISTRY_INVALID_GROUP_DEFINITION", strArr[i]);
                } else {
                    String str = (String) configuration.getProperties().get("name");
                    if (valueIsUndefined(str)) {
                        hashSet2.add(str);
                        Tr.error(tc, "BASIC_REGISTRY_INVALID_GROUP_DEFINITION", TraceNLS.getStringFromBundle(getClass(), "com.ibm.ws.security.registry.basic.internal.resources.LoggingMessages", "GROUP_MUST_DEFINE_NAME", "A group element must define a name."));
                    } else {
                        String trim = str.trim();
                        if (!hashSet2.contains(trim)) {
                            Set<String> createMemberSet = createMemberSet(trim, configurationAdmin, configuration);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Adding entry for group \"" + trim + "\" with members " + createMemberSet, new Object[0]);
                            }
                            BasicGroup basicGroup = new BasicGroup(trim, createMemberSet);
                            if (!hashSet.add(basicGroup)) {
                                hashSet2.add(trim);
                                Tr.error(tc, "BASIC_REGISTRY_SAME_GROUP_DEFINITION", trim);
                                hashSet.remove(basicGroup);
                            }
                        }
                    }
                }
            } catch (IOException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.registry.basic.internal.BasicRegistryFactory", "204", this, new Object[]{configurationAdmin, map});
                Tr.error(tc, "BASIC_REGISTRY_INVALID_GROUP_DEFINITION", strArr[i]);
            }
        }
        return hashSet;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private Set<String> createMemberSet(String str, ConfigurationAdmin configurationAdmin, Configuration configuration) {
        HashSet hashSet = new HashSet();
        String[] strArr = (String[]) configuration.getProperties().get("member");
        if (strArr == null || strArr.length == 0) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No members were defined", new Object[0]);
            }
            return hashSet;
        }
        for (int i = 0; i < strArr.length; i++) {
            Configuration configuration2 = null;
            try {
                configuration2 = configurationAdmin.getConfiguration(strArr[i]);
                if (configuration2 == null || configuration2.getProperties() == null) {
                    Tr.error(tc, "BASIC_REGISTRY_INVALID_MEMBER_DEFINITION", strArr[i]);
                } else {
                    String str2 = (String) configuration2.getProperties().get("name");
                    if (valueIsUndefined(str2)) {
                        Tr.error(tc, "BASIC_REGISTRY_INVALID_MEMBER_DEFINITION", TraceNLS.getStringFromBundle(getClass(), "com.ibm.ws.security.registry.basic.internal.resources.LoggingMessages", "MEMBER_MUST_DEFINE_NAME", "A member element must define a name."));
                    } else {
                        String trim = str2.trim();
                        if (!hashSet.add(trim)) {
                            Tr.warning(tc, "BASIC_REGISTRY_SAME_MEMBER_DEFINITION", trim, str);
                        }
                    }
                }
            } catch (IOException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.registry.basic.internal.BasicRegistryFactory", "267", this, new Object[]{str, configurationAdmin, configuration});
                Tr.error(tc, "BASIC_REGISTRY_INVALID_MEMBER_DEFINITION", strArr[i]);
            }
        }
        return hashSet;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private void validateGroupMembersExist(Set<BasicGroup> set, Set<BasicUser> set2) {
        for (BasicGroup basicGroup : set) {
            for (String str : basicGroup.getMembers()) {
                if (!set2.contains(new BasicUser(str, ""))) {
                    Tr.warning(tc, "BASIC_REGISTRY_UNKNOWN_MEMBER_DEFINITION", str, basicGroup.getName());
                }
            }
        }
    }

    @Override // com.ibm.ws.security.registry.UserRegistryFactory
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public UserRegistry getUserRegistry(Map<String, Object> map) {
        String str = (String) map.get("realm");
        ConfigurationAdmin service = this.configAdminRef.getService();
        Set<BasicUser> createBasicUserSet = createBasicUserSet(service, map);
        Set<BasicGroup> createBasicGroupSet = createBasicGroupSet(service, map);
        validateGroupMembersExist(createBasicGroupSet, createBasicUserSet);
        return new BasicRegistry(str, createBasicUserSet, createBasicGroupSet);
    }

    static {
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.entry(tc, Constants.STATIC_INITIALIZER_NAME, new Object[0]);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.exit(tc, Constants.STATIC_INITIALIZER_NAME);
        }
    }
}
