package com.ibm.ws.security.ejb;

import com.ibm.ejs.csi.UOWControlImpl;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.core.AccessContext;
import com.ibm.ws.security.core.PermissionRoleMap;
import com.ibm.ws.security.util.BaseWCCMHelper;
import com.ibm.wsspi.security.policy.EJBSecurityPolicy;
import java.util.Arrays;
import java.util.List;
import java.util.Vector;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;
import org.eclipse.emf.common.util.EList;
import org.eclipse.jst.j2ee.common.SecurityRole;
import org.eclipse.jst.j2ee.common.SecurityRoleRef;
import org.eclipse.jst.j2ee.ejb.MethodElement;

/* loaded from: input_file:wlp/com.ibm.ws.ejb.embeddableContainer_nls_8.5.0.jar:com/ibm/ws/security/ejb/BeanPermissionRoleMap.class */
public class BeanPermissionRoleMap extends PermissionRoleMap {
    private static TraceComponent tc = Tr.register(BeanPermissionRoleMap.class, (String) null, "com.ibm.ejs.resources.security");
    private static int MAX_ROLE_ENTRIES = UOWControlImpl.DEFAULT_AS_TIMEOUT;
    private ConcurrentHashMap<AccessContext, SecurityRole[]> requiredRolesCache;

    public BeanPermissionRoleMap() {
        this.requiredRolesCache = null;
        this.requiredRolesCache = new ConcurrentHashMap<>(MAX_ROLE_ENTRIES);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.ws.security.core.PermissionRoleMap
    public SecurityRole[] getRequiredRoles(AccessContext accessContext, String str, String str2) {
        return getRequiredRoles(accessContext, str, str2, null);
    }

    @Override // com.ibm.ws.security.core.PermissionRoleMap
    protected SecurityRole[] getRequiredRoles(AccessContext accessContext, String str, String str2, HttpServletRequest httpServletRequest) {
        SecurityRole[] securityRoleArr;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRequiredRoles(AccessContext,String,String)");
        }
        if (!(accessContext instanceof BeanAccessContext)) {
            throw new IllegalArgumentException("AccessContext received is not a BeanAccessContext: " + accessContext);
        }
        EJBSecurityPolicy eJBSecurityPolicy = ((BeanAccessContext) accessContext).getEJBSecurityPolicy();
        if (eJBSecurityPolicy == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "EJBSecurityPolicy is null, getting roles from deployment descriptor.");
            }
            securityRoleArr = getRequiredRolesFromDD(accessContext, str, str2);
        } else {
            securityRoleArr = this.requiredRolesCache.get(accessContext);
            if (securityRoleArr == null) {
                String[] rolesAllowed = eJBSecurityPolicy.getRolesAllowed();
                if (eJBSecurityPolicy.isPermitAll()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "isPermitAll = true, return NO_REQUIRED_ROLES");
                    }
                    securityRoleArr = NO_REQUIRED_ROLES;
                } else if (rolesAllowed == null || rolesAllowed.length == 0) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "getRolesAllowed = null or empty, return NO_REQUIRED_ROLES");
                    }
                    securityRoleArr = NO_REQUIRED_ROLES;
                } else {
                    securityRoleArr = new SecurityRole[rolesAllowed.length];
                    for (int i = 0; i < rolesAllowed.length; i++) {
                        securityRoleArr[i] = BaseWCCMHelper.createSecurityRole("Role description is not available.", rolesAllowed[i]);
                    }
                }
                if (this.requiredRolesCache.size() == MAX_ROLE_ENTRIES) {
                    this.requiredRolesCache.clear();
                }
                this.requiredRolesCache.put(accessContext, securityRoleArr);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRequiredRoles(AccessContext,String,String)", Arrays.asList(securityRoleArr));
        }
        return securityRoleArr;
    }

    public void clearRequiredRolesCache() {
        this.requiredRolesCache.clear();
    }

    private SecurityRole[] getRequiredRolesFromDD(AccessContext accessContext, String str, String str2) {
        int parseInt;
        String str3;
        AssemblyDescriptorWrapper assemblyDescriptor;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRequiredRoles() resource = " + str + " method = " + str2);
        }
        Vector vector = new Vector();
        String[] strArr = new String[0];
        String substring = str.substring(str.lastIndexOf(58) + 1);
        try {
            int lastIndexOf = str2.lastIndexOf(58);
            if (lastIndexOf == -1 && tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            parseInt = Integer.parseInt(str2.substring(lastIndexOf + 1));
            String str4 = str2;
            int indexOf = str4.indexOf(58);
            int i = indexOf;
            if (indexOf == -1 && tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            int indexOf2 = str4.indexOf(44);
            if (indexOf2 == -1) {
                indexOf2 = str4.lastIndexOf(58);
            }
            if (indexOf2 == -1 && tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            if (i + 1 != indexOf2) {
                Vector vector2 = new Vector();
                int i2 = 0;
                while (true) {
                    if (i2 != 0) {
                        i = -1;
                        indexOf2 = str4.indexOf(44);
                        if (indexOf2 == -1) {
                            indexOf2 = str4.lastIndexOf(58);
                        }
                    }
                    if (indexOf2 == -1) {
                        break;
                    }
                    String substring2 = str4.substring(i + 1, indexOf2);
                    str4 = str4.substring(indexOf2 + 1);
                    vector2.add(substring2);
                    i2++;
                }
                strArr = (String[]) vector2.toArray(new String[0]);
            }
            str3 = null;
            int indexOf3 = str2.indexOf(58);
            if (indexOf3 != -1) {
                str3 = str2.substring(0, indexOf3);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            assemblyDescriptor = ((BeanAccessContext) accessContext).getAssemblyDescriptor();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.ejb.BeanPermissionRoleMap.getRequiredRoles", "219", this);
            Tr.error(tc, "security.ejb.getreqrole.exception", new Object[]{str2, str, e});
        }
        if (assemblyDescriptor == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No Assembly Descriptor");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getRequiredRoles");
            }
            return NO_REQUIRED_ROLES;
        }
        List<MethodPermissionWrapper> list = assemblyDescriptor.methodPermissions;
        if (list == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No Method Permission in Assembly Descriptor");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getRequiredRoles");
            }
            return NO_REQUIRED_ROLES;
        }
        for (MethodPermissionWrapper methodPermissionWrapper : list) {
            EList eList = methodPermissionWrapper.roleList;
            if (eList != null || methodPermissionWrapper.isUnchecked) {
                SecurityRole[] securityRoleArr = (SecurityRole[]) eList.toArray(new SecurityRole[0]);
                MethodElement[] methodElementArr = (MethodElement[]) methodPermissionWrapper.methodElementList.toArray(new MethodElement[0]);
                if (methodElementArr != null) {
                    for (int i3 = 0; i3 < methodElementArr.length; i3++) {
                        if (methodElementArr[i3].getEnterpriseBean() != null && methodElementArr[i3].getEnterpriseBean().getName().equals(substring) && (methodElementArr[i3].getName().equals(str3) || methodElementArr[i3].getName().equals("*"))) {
                            int value = methodElementArr[i3].getType() != null ? methodElementArr[i3].getType().getValue() : 0;
                            if (value == parseInt || value == 0) {
                                List methodParams = methodElementArr[i3].getMethodParams();
                                if (methodParams != null && methodElementArr[i3].hasMethodParams()) {
                                    String[] strArr2 = (String[]) methodParams.toArray(new String[0]);
                                    int i4 = 0;
                                    while (i4 < strArr2.length && i4 < strArr.length && strArr2[i4].equals(strArr[i4])) {
                                        i4++;
                                    }
                                    if (i4 != strArr2.length) {
                                        continue;
                                    } else if (i4 != strArr.length) {
                                    }
                                }
                                if (methodPermissionWrapper.isUnchecked) {
                                    return NO_REQUIRED_ROLES;
                                }
                                for (int i5 = 0; i5 < securityRoleArr.length; i5++) {
                                    if (!vector.contains(securityRoleArr[i5])) {
                                        vector.add(securityRoleArr[i5]);
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        SecurityRole[] securityRoleArr2 = (SecurityRole[]) vector.toArray(new SecurityRole[0]);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Required roles are");
            for (SecurityRole securityRole : securityRoleArr2) {
                Tr.debug(tc, securityRole.getRoleName());
            }
            Tr.debug(tc, ".");
        }
        if (securityRoleArr2.length != 0) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getRequiredRoles");
            }
            return securityRoleArr2;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Returning no Required roles");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRequiredRoles");
        }
        return NO_REQUIRED_ROLES;
    }

    public String getMappedRole(String str, SecurityBeanCookie securityBeanCookie) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getMappedRole, roleRef=[" + str + "], SecurityBeanCookie=" + securityBeanCookie.toString());
        }
        String str2 = null;
        EList roleRefList = securityBeanCookie.getRoleRefList();
        if (roleRefList != null) {
            SecurityRoleRef[] securityRoleRefArr = (SecurityRoleRef[]) roleRefList.toArray(new SecurityRoleRef[0]);
            int i = 0;
            while (true) {
                if (i >= securityRoleRefArr.length) {
                    break;
                }
                if (securityRoleRefArr[i].getName().equals(str)) {
                    str2 = securityRoleRefArr[i].getLink();
                    break;
                }
                i++;
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "beanName = " + securityBeanCookie.getBeanName());
            Tr.debug(tc, "Mapped Role name for " + str + "=" + str2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getMappedRole, [" + str2 + "]");
        }
        return str2;
    }

    public static boolean findMatchingMethod(String str, String str2, EList eList) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findMatchingMethod() bean = " + str + " method = " + str2);
        }
        String[] strArr = new String[0];
        try {
            int lastIndexOf = str2.lastIndexOf(58);
            if (lastIndexOf == -1 && tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            int parseInt = Integer.parseInt(str2.substring(lastIndexOf + 1));
            String str3 = str2;
            int indexOf = str3.indexOf(58);
            int i = indexOf;
            if (indexOf == -1 && tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            int indexOf2 = str3.indexOf(44);
            if (indexOf2 == -1) {
                indexOf2 = str3.lastIndexOf(58);
            }
            if (indexOf2 == -1 && tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            if (i + 1 != indexOf2) {
                Vector vector = new Vector();
                int i2 = 0;
                while (true) {
                    if (i2 != 0) {
                        i = -1;
                        indexOf2 = str3.indexOf(44);
                        if (indexOf2 == -1) {
                            indexOf2 = str3.lastIndexOf(58);
                        }
                    }
                    if (indexOf2 == -1) {
                        break;
                    }
                    String substring = str3.substring(i + 1, indexOf2);
                    str3 = str3.substring(indexOf2 + 1);
                    vector.add(substring);
                    i2++;
                }
                strArr = (String[]) vector.toArray(new String[0]);
            }
            String str4 = null;
            int indexOf3 = str2.indexOf(58);
            if (indexOf3 != -1) {
                str4 = str2.substring(0, indexOf3);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Invalid format for methodName, ", str2);
            }
            MethodElement[] methodElementArr = (MethodElement[]) eList.toArray(new MethodElement[0]);
            for (int i3 = 0; i3 < methodElementArr.length; i3++) {
                if (methodElementArr[i3].getEnterpriseBean() != null && methodElementArr[i3].getEnterpriseBean().getName().equals(str) && (methodElementArr[i3].getName().equals(str4) || methodElementArr[i3].getName().equals("*"))) {
                    int value = methodElementArr[i3].getType() != null ? methodElementArr[i3].getType().getValue() : 0;
                    if (value == parseInt || value == 0) {
                        List methodParams = methodElementArr[i3].getMethodParams();
                        if (methodParams == null || methodParams.size() <= 0) {
                            return true;
                        }
                        String[] strArr2 = (String[]) methodParams.toArray(new String[0]);
                        int i4 = 0;
                        while (i4 < strArr2.length && i4 < strArr.length && strArr2[i4].equals(strArr[i4])) {
                            i4++;
                        }
                        if (i4 == strArr2.length && i4 == strArr.length) {
                            return true;
                        }
                    }
                }
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.ejb.BeanPermissionRoleMap.findMatchingMethod", "403");
            Tr.error(tc, "security.ejb.beanperm.matchmetherr", new Object[]{str2, str, e});
        }
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "findMatchingMethod");
        return false;
    }
}
