package com.ibm.ws.wssecurity.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.SecurityService;
import com.ibm.ws.wssecurity.cxf.interceptor.WSSecurityLibertyPluginInterceptor;
import com.ibm.ws.wssecurity.cxf.validator.UsernameTokenValidator;
import com.ibm.wsspi.kernel.service.utils.SerializableProtectedString;
import java.io.IOException;
import java.util.Collections;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.cm.ConfigurationEvent;
import org.osgi.service.cm.ConfigurationListener;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;

@TraceOptions(traceGroups = {WSSecurityConstants.TR_GROUP}, traceGroup = "", messageBundle = WSSecurityConstants.TR_RESOURCE_BUNDLE, traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(configurationPid = "com.ibm.ws.wssecurity.client.config", configurationPolicy = ConfigurationPolicy.OPTIONAL, service = {WSSecurityClientConfiguration.class, ConfigurationListener.class}, immediate = true, property = {"service.vendor=IBM"})
/* loaded from: input_file:wlp/lib/com.ibm.ws.wssecurity_1.0.4.jar:com/ibm/ws/wssecurity/internal/WSSecurityClientConfiguration.class */
public class WSSecurityClientConfiguration implements ConfigurationListener {
    protected volatile ConfigurationAdmin configAdmin;
    private volatile SecurityService securityService;
    static final String KEY_ID = "id";
    static final String CFG_KEY_USER = "user";
    static final String CFG_KEY_USER_NAME = "name";
    static final String CFG_KEY_PASSWORD = "password";
    static final String CFG_KEY_PASSWORD_VALUE = "value";
    static final String CFG_KEY_CALLBACK = "callback";
    static final String CFG_KEY_NAME = "name";
    static final String CFG_KEY_PROVIDER = "provider";
    static final String CFG_KEY_ENTRY = "entry";
    static final String CFG_KEY_ENTRY_KEY = "key";
    static final String CFG_KEY_ENTRY_VALUE = "value";
    static final String WSSEC = "ws-security";
    static final String CXF_USER_NAME = "ws-security.username";
    static final String CXF_USER_PASSWORD = "ws-security.password";
    static final String CXF_CBH = "ws-security.callback-handler";
    private volatile String cfgUser;
    private volatile SerializableProtectedString cfgPassword;
    private volatile String cfgCallback;
    private volatile Map<String, Object> properties;
    static final long serialVersionUID = 3481285481316424682L;
    private static final TraceComponent tc = Tr.register(WSSecurityClientConfiguration.class, WSSecurityConstants.TR_GROUP, WSSecurityConstants.TR_RESOURCE_BUNDLE);
    static final String[] SPECIAL_CFG_KEYS = {"component.name", "component.id", "config.source", "config.id", "id", "service.factoryPid", "service.vendor", "service.pid"};
    private volatile Map<String, Object> defaultConfigMap = Collections.synchronizedMap(new HashMap());
    private final Set<String> pids = new HashSet();

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public WSSecurityClientConfiguration() {
    }

    @Reference(policy = ReferencePolicy.DYNAMIC)
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void setConfigurationAdmin(ConfigurationAdmin configurationAdmin) {
        this.configAdmin = configurationAdmin;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void unsetConfigurationAdmin(ConfigurationAdmin configurationAdmin) {
        if (this.configAdmin == configurationAdmin) {
            this.configAdmin = null;
        }
    }

    @Reference(policy = ReferencePolicy.DYNAMIC)
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void unsetSecurityService(SecurityService securityService) {
        if (this.securityService == securityService) {
            this.securityService = null;
        }
    }

    @Activate
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void activate(Map<String, Object> map) {
        this.properties = map;
        setAndValidateProperties();
        WSSecurityLibertyPluginInterceptor.setClientBindingsConfiguration(this.defaultConfigMap);
        UsernameTokenValidator.setSecurityService(this.securityService);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    @Modified
    protected void modify(Map<String, Object> map) {
        this.properties = map;
        internalModify();
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private synchronized void internalModify() {
        this.cfgUser = null;
        this.cfgPassword = null;
        this.cfgCallback = null;
        this.defaultConfigMap.clear();
        setAndValidateProperties();
        WSSecurityLibertyPluginInterceptor.setClientBindingsConfiguration(this.defaultConfigMap);
    }

    @Deactivate
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    protected void deactivate() {
        UsernameTokenValidator.setSecurityService(null);
        WSSecurityLibertyPluginInterceptor.setClientBindingsConfiguration(null);
        this.cfgUser = null;
        this.cfgPassword = null;
        this.cfgCallback = null;
        this.defaultConfigMap.clear();
    }

    /* JADX WARN: Multi-variable type inference failed */
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private void setAndValidateProperties() {
        Object value;
        this.pids.clear();
        String str = (String) this.properties.get("id");
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Default config id = ", new Object[]{str});
        }
        for (Map.Entry<String, Object> entry : this.properties.entrySet()) {
            String key = entry.getKey();
            boolean equals = "signatureProperties".equals(key);
            if (equals != 0) {
                try {
                    String str2 = (String) entry.getValue();
                    this.pids.add(str2);
                    Map<String, Object> convertToMap = convertToMap(str2);
                    equals = convertToMap;
                    if (equals != 0 && !convertToMap.isEmpty()) {
                        for (String str3 : SPECIAL_CFG_KEYS) {
                            convertToMap.remove(str3);
                        }
                        this.defaultConfigMap.put("ws-security.signature.properties", convertToMap);
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "signature configuration type = ", new Object[]{convertToMap.get("org.apache.ws.security.crypto.merlin.keystore.type")});
                            Tr.debug(tc, "signature configuration alias = ", new Object[]{convertToMap.get("org.apache.ws.security.crypto.merlin.keystore.alias")});
                            Tr.debug(tc, "signature configuration ks file = ", new Object[]{convertToMap.get("org.apache.ws.security.crypto.merlin.keystore.file")});
                            Tr.debug(tc, "signature configuration password = ", new Object[]{convertToMap.get("org.apache.ws.security.crypto.merlin.keystore.password")});
                            Tr.debug(tc, "signature configuration provider = ", new Object[]{convertToMap.get(WSSecurityConstants.WSS4J_CRYPTO_PROVIDER)});
                        }
                    } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "Empty ws-security client signature configuration ", new Object[]{str2});
                    }
                } catch (IOException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.wssecurity.internal.WSSecurityClientConfiguration", "203", this, new Object[0]);
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "Invalid ws-security client signature configuration ", new Object[0]);
                    }
                }
            } else {
                boolean equals2 = "encryptionProperties".equals(key);
                if (equals2 != 0) {
                    try {
                        String str4 = (String) entry.getValue();
                        this.pids.add(str4);
                        Map<String, Object> convertToMap2 = convertToMap(str4);
                        equals2 = convertToMap2;
                        if (equals2 != 0 && !convertToMap2.isEmpty()) {
                            for (String str5 : SPECIAL_CFG_KEYS) {
                                convertToMap2.remove(str5);
                            }
                            this.defaultConfigMap.put("ws-security.encryption.properties", convertToMap2);
                            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                Tr.debug(tc, "encryption configuration type = ", new Object[]{convertToMap2.get("org.apache.ws.security.crypto.merlin.keystore.type")});
                                Tr.debug(tc, "encryption configuration alias = ", new Object[]{convertToMap2.get("org.apache.ws.security.crypto.merlin.keystore.alias")});
                                Tr.debug(tc, "encryption configuration ks file = ", new Object[]{convertToMap2.get("org.apache.ws.security.crypto.merlin.keystore.file")});
                                Tr.debug(tc, "encryption configuration password = ", new Object[]{convertToMap2.get("org.apache.ws.security.crypto.merlin.keystore.password")});
                                Tr.debug(tc, "encryption configuration provider = ", new Object[]{convertToMap2.get(WSSecurityConstants.WSS4J_CRYPTO_PROVIDER)});
                            }
                        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "Empty ws-security client encryption configuration ", new Object[]{str4});
                        }
                    } catch (IOException e2) {
                        FFDCFilter.processException(e2, "com.ibm.ws.wssecurity.internal.WSSecurityClientConfiguration", "234", this, new Object[0]);
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "Invalid ws-security client encryption configuration ", new Object[0]);
                        }
                    }
                } else if (key != null && !key.startsWith(".") && !key.startsWith("config.") && !key.startsWith("service.") && !key.equals("id") && (value = entry.getValue()) != null) {
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "ws-security provider configuration entry key = ", new Object[]{key});
                        Tr.debug(tc, "ws-security provider configuration entry value = ", new Object[]{value});
                    }
                    this.defaultConfigMap.put(key, value);
                    if ("ws-security.username".equals(key)) {
                        this.cfgUser = (String) value;
                    } else if ("ws-security.password".equals(key)) {
                        this.cfgPassword = (SerializableProtectedString) value;
                    } else if ("ws-security.callback-handler".equals(key)) {
                        this.cfgCallback = (String) value;
                    }
                }
            }
        }
        if (this.defaultConfigMap.isEmpty()) {
            Tr.info(tc, "WSSECURITY_NO_CONFIG_DEFINED", new Object[0]);
        }
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    String getUser() {
        return this.cfgUser;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    SerializableProtectedString getPassword() {
        return this.cfgPassword;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    String getCallback() {
        return this.cfgCallback;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    Map<String, Object> getDefaultConfiguration() {
        return this.defaultConfigMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [java.util.Map<java.lang.String, java.lang.Object>, java.util.Map, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r0v1 */
    /* JADX WARN: Type inference failed for: r0v26, types: [boolean] */
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private Map<String, Object> convertToMap(String str) throws IOException {
        Dictionary properties;
        ?? hashMap = new HashMap();
        try {
            Configuration[] listConfigurations = this.configAdmin.listConfigurations("(service.pid=" + str + ")");
            if (listConfigurations != null && listConfigurations.length != 0 && (properties = this.configAdmin.getConfiguration(str).getProperties()) != null) {
                Enumeration keys = properties.keys();
                while (true) {
                    hashMap = keys.hasMoreElements();
                    if (hashMap == 0) {
                        return hashMap;
                    }
                    String str2 = (String) keys.nextElement();
                    hashMap.put(str2, properties.get(str2));
                }
            }
        } catch (InvalidSyntaxException e) {
            FFDCFilter.processException(e, "com.ibm.ws.wssecurity.internal.WSSecurityClientConfiguration", "319", this, new Object[]{str});
            InvalidSyntaxException invalidSyntaxException = hashMap;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Syntax error accesssing configuration for pid " + str + ": " + invalidSyntaxException.getMessage(), new Object[0]);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "No configuration for pid " + str, new Object[0]);
        }
        return hashMap;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public synchronized void configurationEvent(ConfigurationEvent configurationEvent) {
        if (configurationEvent.getType() == 1 && this.pids.contains(configurationEvent.getPid())) {
            internalModify();
        }
    }
}
