package com.ibm.ws.kernel.security.thread;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.ws.ffdc.FFDCFilter;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;

/* loaded from: input_file:wlp/lib/com.ibm.ws.kernel.boot_1.0.6.jar:com/ibm/ws/kernel/security/thread/ThreadIdentityManager.class */
public class ThreadIdentityManager {
    private static final TraceComponent tc = Tr.register(ThreadIdentityManager.class, "Security");
    private static final String thisClass = ThreadIdentityManager.class.getName();
    private static final ThreadLocal<Boolean> recursionMarker = new ThreadLocal<Boolean>() { // from class: com.ibm.ws.kernel.security.thread.ThreadIdentityManager.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        @Trivial
        public synchronized Boolean initialValue() {
            return Boolean.FALSE;
        }
    };
    private static Set<com.ibm.wsspi.kernel.security.thread.ThreadIdentityService> threadIdentityServices = Collections.synchronizedSet(new HashSet());
    private static Set<J2CIdentityService> j2cIdentityServices = Collections.synchronizedSet(new HashSet());

    public static void addThreadIdentityService(com.ibm.wsspi.kernel.security.thread.ThreadIdentityService threadIdentityService) {
        if (threadIdentityService != null) {
            threadIdentityServices.add(threadIdentityService);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "A ThreadIdentityService implementation was added.", threadIdentityService.getClass().getName());
            }
        }
    }

    public static void addJ2CIdentityService(J2CIdentityService j2CIdentityService) {
        if (j2CIdentityService != null) {
            j2cIdentityServices.add(j2CIdentityService);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "A J2CIdentityService implementation was added.", j2CIdentityService.getClass().getName());
            }
        }
    }

    public static void removeThreadIdentityService(com.ibm.wsspi.kernel.security.thread.ThreadIdentityService threadIdentityService) {
        if (threadIdentityService != null) {
            threadIdentityServices.remove(threadIdentityService);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "A ThreadIdentityService implementation was removed.", threadIdentityService.getClass().getName());
            }
        }
    }

    public static void removeJ2CIdentityService(J2CIdentityService j2CIdentityService) {
        if (j2CIdentityService != null) {
            j2cIdentityServices.remove(j2CIdentityService);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "A J2CIdentityService implementation was removed.", j2CIdentityService.getClass().getName());
            }
        }
    }

    public static void removeAllThreadIdentityServices() {
        threadIdentityServices.clear();
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "All the ThreadIdentityService implementations were removed.", new Object[0]);
        }
    }

    public static void removeAllJ2CIdentityServices() {
        j2cIdentityServices.clear();
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "All the J2CIdentityService implementations were removed.", new Object[0]);
        }
    }

    public static boolean isThreadIdentityEnabled() {
        return isAppThreadIdentityEnabled() || isJ2CThreadIdentityEnabled();
    }

    public static boolean isAppThreadIdentityEnabled() {
        Iterator<com.ibm.wsspi.kernel.security.thread.ThreadIdentityService> it = threadIdentityServices.iterator();
        while (it.hasNext()) {
            if (it.next().isAppThreadIdentityEnabled()) {
                return true;
            }
        }
        return false;
    }

    public static boolean isJ2CThreadIdentityEnabled() {
        Iterator<J2CIdentityService> it = j2cIdentityServices.iterator();
        while (it.hasNext()) {
            if (it.next().isJ2CThreadIdentityEnabled()) {
                return true;
            }
        }
        return false;
    }

    public static Object setJ2CThreadIdentity(Subject subject) {
        HashMap hashMap = new HashMap();
        for (J2CIdentityService j2CIdentityService : j2cIdentityServices) {
            if (j2CIdentityService.isJ2CThreadIdentityEnabled()) {
                tryToSetJ2CIdentity(hashMap, j2CIdentityService, subject);
            }
        }
        if (hashMap.isEmpty()) {
            return null;
        }
        return hashMap;
    }

    public static Object setAppThreadIdentity(Subject subject) {
        HashMap hashMap = new HashMap();
        for (com.ibm.wsspi.kernel.security.thread.ThreadIdentityService threadIdentityService : threadIdentityServices) {
            if (threadIdentityService.isAppThreadIdentityEnabled()) {
                tryToSetIdentity(hashMap, threadIdentityService, subject);
            }
        }
        if (hashMap.isEmpty()) {
            return null;
        }
        return hashMap;
    }

    private static void tryToSetIdentity(Map<com.ibm.wsspi.kernel.security.thread.ThreadIdentityService, Object> map, com.ibm.wsspi.kernel.security.thread.ThreadIdentityService threadIdentityService, Subject subject) {
        try {
            Object obj = threadIdentityService.set(subject);
            if (obj != null) {
                map.put(threadIdentityService, obj);
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, thisClass, "%C%");
        }
    }

    private static void tryToSetJ2CIdentity(Map<J2CIdentityService, Object> map, J2CIdentityService j2CIdentityService, Subject subject) {
        try {
            Object obj = j2CIdentityService.set(subject);
            if (obj != null) {
                map.put(j2CIdentityService, obj);
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, thisClass, "%C%");
        }
    }

    private static boolean checkForRecursionAndSet() {
        if (recursionMarker.get() != Boolean.FALSE) {
            return true;
        }
        recursionMarker.set(Boolean.TRUE);
        return false;
    }

    private static void resetRecursionCheck() {
        recursionMarker.set(Boolean.FALSE);
    }

    public static Object runAsServer() {
        HashMap hashMap = new HashMap();
        if (!checkForRecursionAndSet()) {
            for (com.ibm.wsspi.kernel.security.thread.ThreadIdentityService threadIdentityService : threadIdentityServices) {
                if (threadIdentityService.isAppThreadIdentityEnabled()) {
                    hashMap.put(threadIdentityService, threadIdentityService.runAsServer());
                }
            }
            resetRecursionCheck();
        }
        return hashMap;
    }

    public static void reset(Object obj) {
        if ((threadIdentityServices.isEmpty() && j2cIdentityServices.isEmpty()) || checkForRecursionAndSet()) {
            return;
        }
        for (Map.Entry entry : ((Map) obj).entrySet()) {
            Object key = entry.getKey();
            if (key instanceof com.ibm.wsspi.kernel.security.thread.ThreadIdentityService) {
                ((com.ibm.wsspi.kernel.security.thread.ThreadIdentityService) key).reset(entry.getValue());
            } else if (key instanceof J2CIdentityService) {
                ((J2CIdentityService) key).reset(entry.getValue());
            }
        }
        resetRecursionCheck();
    }

    public static Subject getJ2CInvocationSubject() {
        Subject j2CInvocationSubject;
        Subject subject = null;
        Iterator<J2CIdentityService> it = j2cIdentityServices.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            J2CIdentityService next = it.next();
            if (next.isJ2CThreadIdentityEnabled() && (j2CInvocationSubject = next.getJ2CInvocationSubject()) != null) {
                subject = j2CInvocationSubject;
                break;
            }
        }
        return subject;
    }
}
