package com.ibm.ws.container.service.security.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.config.xml.internal.XMLConfigConstants;
import com.ibm.ws.config.xml.internal.nester.Nester;
import com.ibm.ws.container.service.app.deploy.NestedConfigHelper;
import com.ibm.ws.container.service.security.SecurityRoles;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.javaee.dd.appbnd.ApplicationBnd;
import com.ibm.ws.javaee.dd.appbnd.Group;
import com.ibm.ws.javaee.dd.appbnd.RunAs;
import com.ibm.ws.javaee.dd.appbnd.SecurityRole;
import com.ibm.ws.javaee.dd.appbnd.SpecialSubject;
import com.ibm.ws.javaee.dd.appbnd.User;
import com.ibm.wsspi.adaptable.module.Container;
import com.ibm.wsspi.adaptable.module.UnableToAdaptException;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.kernel.service.utils.FilterUtils;
import com.ibm.wsspi.kernel.service.utils.SerializableProtectedString;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.openjpa.persistence.query.AbstractVisitable;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;

@TraceOptions(traceGroups = {"Security"}, traceGroup = "", messageBundle = "", traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.container.service_1.0.5.jar:com/ibm/ws/container/service/security/internal/SecurityRolesImpl.class */
class SecurityRolesImpl implements SecurityRoles {
    private static final TraceComponent tc = Tr.register(SecurityRolesImpl.class);
    private final Container appContainer;
    private final NestedConfigHelper configHelper;
    private final AtomicServiceReference<ConfigurationAdmin> configAdminSRRef;
    private List<SecurityRole> securityRolesList;
    private static final String PASSWORD = "password";
    private static final String USERID2 = "userid";
    private static final String TYPE = "type";
    private static final String ACCESS_ID = "access-id";
    private static final String RUN_AS = "run-as";
    private static final String SPECIAL_SUBJECT = "special-subject";
    private static final String GROUP = "group";
    private static final String USER = "user";
    private static final String NAME = "name";
    private static final String SECURITY_ROLE = "security-role";
    static final long serialVersionUID = -3984063688463983667L;

    /* JADX INFO: Access modifiers changed from: private */
    @TraceOptions(traceGroups = {"Security"}, traceGroup = "", messageBundle = "", traceExceptionThrow = false, traceExceptionHandling = false)
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.container.service_1.0.5.jar:com/ibm/ws/container/service/security/internal/SecurityRolesImpl$Source.class */
    public enum Source {
        EarApplicationBnd,
        ServerXMLConfig;

        static final long serialVersionUID = 4604390229837791526L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(Source.class);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public SecurityRolesImpl(Container container, NestedConfigHelper nestedConfigHelper, AtomicServiceReference<ConfigurationAdmin> atomicServiceReference) throws UnableToAdaptException {
        this.securityRolesList = null;
        this.appContainer = container;
        this.configHelper = nestedConfigHelper;
        this.configAdminSRRef = atomicServiceReference;
        this.securityRolesList = getSecurityRolesList();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v17, types: [org.osgi.service.cm.ConfigurationAdmin] */
    /* JADX WARN: Type inference failed for: r0v18 */
    /* JADX WARN: Type inference failed for: r0v21, types: [java.util.List<com.ibm.ws.javaee.dd.appbnd.SecurityRole>, java.util.List] */
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private List<SecurityRole> getSecurityRoles(Source source) throws UnableToAdaptException {
        if (source == Source.EarApplicationBnd) {
            ApplicationBnd applicationBnd = (ApplicationBnd) this.appContainer.adapt(ApplicationBnd.class);
            if (applicationBnd != null) {
                return applicationBnd.getSecurityRoles();
            }
            return null;
        }
        if (source != Source.ServerXMLConfig || this.configHelper == null) {
            return null;
        }
        String str = (String) this.configHelper.get("service.pid");
        String str2 = (String) this.configHelper.get("ibm.extends.source.pid");
        if (str2 != null) {
            str = str2;
        }
        Throwable service = this.configAdminSRRef.getService();
        try {
            service = createSecurityRoles(str, service);
            return service;
        } catch (IOException e) {
            FFDCFilter.processException(e, "com.ibm.ws.container.service.security.internal.SecurityRolesImpl", "85", this, new Object[]{source});
            throw new UnableToAdaptException(service);
        }
    }

    @Override // com.ibm.ws.container.service.security.SecurityRoles
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public List<SecurityRole> getSecurityRoles() {
        return this.securityRolesList;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private List<SecurityRole> getSecurityRolesList() throws UnableToAdaptException {
        List<SecurityRole> securityRoles = getSecurityRoles(Source.ServerXMLConfig);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "The security roles from server.xml are: " + securityRoles, new Object[0]);
        }
        List<SecurityRole> securityRoles2 = getSecurityRoles(Source.EarApplicationBnd);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "The security roles from the application bind file are: " + securityRoles2, new Object[0]);
        }
        ArrayList arrayList = new ArrayList();
        if (securityRoles2 != null && !securityRoles2.isEmpty()) {
            Iterator<SecurityRole> it = securityRoles2.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next());
            }
            if (securityRoles != null) {
                ArrayList arrayList2 = new ArrayList();
                for (SecurityRole securityRole : securityRoles) {
                    boolean z = false;
                    int i = 0;
                    while (true) {
                        if (i >= arrayList.size()) {
                            break;
                        }
                        if (securityRole.getName().equals(((SecurityRole) arrayList.get(i)).getName())) {
                            arrayList.set(i, securityRole);
                            z = true;
                            break;
                        }
                        i++;
                    }
                    if (!z) {
                        arrayList2.add(securityRole);
                    }
                }
                Iterator it2 = arrayList2.iterator();
                while (it2.hasNext()) {
                    arrayList.add((SecurityRole) it2.next());
                }
            }
        } else if (securityRoles != null) {
            Iterator<SecurityRole> it3 = securityRoles.iterator();
            while (it3.hasNext()) {
                arrayList.add(it3.next());
            }
        }
        return arrayList;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private static synchronized List<SecurityRole> createSecurityRoles(String str, ConfigurationAdmin configurationAdmin) throws IOException {
        RunAs runAs;
        Configuration[] listConfigurations;
        StringBuilder sb = new StringBuilder(200);
        sb.append("(&");
        sb.append(FilterUtils.createPropertyFilter(ConfigurationAdmin.SERVICE_FACTORYPID, "com.ibm.ws.javaee.dd.appbnd"));
        sb.append(FilterUtils.createPropertyFilter(XMLConfigConstants.CFG_PARENT_PID, str));
        sb.append(')');
        Throwable th = null;
        Configuration configuration = null;
        try {
            listConfigurations = configurationAdmin.listConfigurations(sb.toString());
        } catch (InvalidSyntaxException e) {
            FFDCFilter.processException(e, "com.ibm.ws.container.service.security.internal.SecurityRolesImpl", "178", null, new Object[]{str, configurationAdmin});
            th.getCause();
        }
        if (listConfigurations == null || listConfigurations.length != 1) {
            return Collections.emptyList();
        }
        configuration = listConfigurations[0];
        if (configuration == null || configuration.getProperties() == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (Map<String, Object> map : Nester.nest("security-role", configuration.getProperties())) {
            final String str2 = (String) map.get("name");
            if (str2 != null) {
                Map<String, List<Map<String, Object>>> nest = Nester.nest(map, "user", "group", SPECIAL_SUBJECT, "run-as");
                final ArrayList arrayList2 = new ArrayList();
                for (Map<String, Object> map2 : nest.get("user")) {
                    final String str3 = (String) map2.get("name");
                    final String str4 = (String) map2.get(ACCESS_ID);
                    if (str3 != null && !str3.trim().isEmpty()) {
                        arrayList2.add(new User() { // from class: com.ibm.ws.container.service.security.internal.SecurityRolesImpl.1
                            static final long serialVersionUID = -4985322486248561898L;
                            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class);

                            @Override // com.ibm.ws.javaee.dd.appbnd.Subject
                            @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                            public String getName() {
                                return str3;
                            }

                            @Override // com.ibm.ws.javaee.dd.appbnd.Subject
                            @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                            public String getAccessId() {
                                return str4;
                            }

                            public String toString() {
                                return str3 + AbstractVisitable.OPEN_BRACE + str4 + AbstractVisitable.CLOSE_BRACE;
                            }
                        });
                    }
                }
                final ArrayList arrayList3 = new ArrayList();
                for (Map<String, Object> map3 : nest.get("group")) {
                    final String str5 = (String) map3.get("name");
                    final String str6 = (String) map3.get(ACCESS_ID);
                    if (str5 != null && !str5.trim().isEmpty()) {
                        arrayList3.add(new Group() { // from class: com.ibm.ws.container.service.security.internal.SecurityRolesImpl.2
                            static final long serialVersionUID = -5901164018887936278L;
                            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass2.class);

                            @Override // com.ibm.ws.javaee.dd.appbnd.Subject
                            @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                            public String getName() {
                                return str5;
                            }

                            @Override // com.ibm.ws.javaee.dd.appbnd.Subject
                            @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                            public String getAccessId() {
                                return str6;
                            }

                            public String toString() {
                                return str5 + AbstractVisitable.OPEN_BRACE + str6 + AbstractVisitable.CLOSE_BRACE;
                            }
                        });
                    }
                }
                final ArrayList arrayList4 = new ArrayList();
                Iterator<Map<String, Object>> it = nest.get(SPECIAL_SUBJECT).iterator();
                while (it.hasNext()) {
                    final String str7 = (String) it.next().get("type");
                    if (str7 != null && !str7.trim().isEmpty()) {
                        final SpecialSubject.Type valueOf = SpecialSubject.Type.valueOf(str7.trim());
                        arrayList4.add(new SpecialSubject() { // from class: com.ibm.ws.container.service.security.internal.SecurityRolesImpl.3
                            static final long serialVersionUID = 5792894843512960675L;
                            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass3.class);

                            @Override // com.ibm.ws.javaee.dd.appbnd.SpecialSubject
                            @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                            public SpecialSubject.Type getType() {
                                return SpecialSubject.Type.this;
                            }

                            public String toString() {
                                return str7;
                            }
                        });
                    }
                }
                List<Map<String, Object>> list = nest.get("run-as");
                if (list.isEmpty()) {
                    runAs = null;
                } else {
                    Map<String, Object> map4 = list.get(0);
                    String str8 = (String) map4.get(USERID2);
                    Object obj = map4.get("password");
                    runAs = new RunAs(str8, obj != null ? obj instanceof SerializableProtectedString ? new String(((SerializableProtectedString) obj).getChars()) : (String) obj : null) { // from class: com.ibm.ws.container.service.security.internal.SecurityRolesImpl.1SecurityRoleRunAs
                        private final String userid;
                        private final String password;
                        static final long serialVersionUID = -1340697577086842657L;
                        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(C1SecurityRoleRunAs.class);

                        {
                            this.userid = str8;
                            this.password = r5;
                        }

                        @Override // com.ibm.ws.javaee.dd.appbnd.RunAs
                        @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                        public String getUserid() {
                            return this.userid;
                        }

                        @Override // com.ibm.ws.javaee.dd.appbnd.RunAs
                        @Sensitive
                        @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                        public String getPassword() {
                            return this.password;
                        }

                        public String toString() {
                            return this.userid;
                        }
                    };
                }
                final RunAs runAs2 = runAs;
                arrayList.add(new SecurityRole() { // from class: com.ibm.ws.container.service.security.internal.SecurityRolesImpl.4
                    static final long serialVersionUID = 4685332436146105129L;
                    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass4.class);

                    @Override // com.ibm.ws.javaee.dd.appbnd.SecurityRole
                    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                    public String getName() {
                        return str2;
                    }

                    @Override // com.ibm.ws.javaee.dd.appbnd.SecurityRole
                    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                    public List<User> getUsers() {
                        return arrayList2;
                    }

                    @Override // com.ibm.ws.javaee.dd.appbnd.SecurityRole
                    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                    public List<Group> getGroups() {
                        return arrayList3;
                    }

                    @Override // com.ibm.ws.javaee.dd.appbnd.SecurityRole
                    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                    public List<SpecialSubject> getSpecialSubjects() {
                        return arrayList4;
                    }

                    @Override // com.ibm.ws.javaee.dd.appbnd.SecurityRole
                    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
                    public RunAs getRunAs() {
                        return runAs2;
                    }

                    public String toString() {
                        return "Role=" + str2 + "(users=" + arrayList2 + " groups=" + arrayList3 + " specialSubjects=" + arrayList4 + " runAs=" + runAs2 + AbstractVisitable.CLOSE_BRACE;
                    }
                });
            }
        }
        return arrayList;
    }
}
