package com.ibm.ws.wim.registry.util;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.wim.ConfigConstants;
import com.ibm.websphere.wim.exception.PasswordCheckFailedException;
import com.ibm.websphere.wim.exception.WIMException;
import com.ibm.websphere.wim.model.Context;
import com.ibm.websphere.wim.model.Entity;
import com.ibm.websphere.wim.model.LoginAccount;
import com.ibm.websphere.wim.model.Root;
import com.ibm.websphere.wim.ras.WIMMessageHelper;
import com.ibm.websphere.wim.ras.WIMMessageKey;
import com.ibm.websphere.wim.util.PasswordUtil;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.security.registry.CertificateMapFailedException;
import com.ibm.ws.security.registry.CertificateMapNotSupportedException;
import com.ibm.ws.security.registry.RegistryException;
import com.ibm.ws.wim.registry.dataobject.IDAndRealm;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.List;

@TraceOptions(traceGroups = {TraceConstants.TRACE_GROUP}, traceGroup = "", messageBundle = TraceConstants.MESSAGE_BUNDLE, traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.wim.registry_1.0.3.jar:com/ibm/ws/wim/registry/util/LoginBridge.class */
public class LoginBridge {
    private static final String COPYRIGHT_NOTICE = "(c) Copyright International Business Machines Corporation 2012";
    private static final TraceComponent tc = Tr.register(LoginBridge.class);
    private TypeMappings propertyMap;
    private BridgeUtils mappingUtils;
    static final long serialVersionUID = 8627830610993554491L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public LoginBridge(BridgeUtils bridgeUtils) {
        this.propertyMap = null;
        this.mappingUtils = null;
        this.mappingUtils = bridgeUtils;
        this.propertyMap = new TypeMappings(bridgeUtils);
    }

    @FFDCIgnore({WIMException.class})
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public String checkPassword(String str, @Sensitive String str2) throws RegistryException {
        StringBuffer stringBuffer = new StringBuffer();
        try {
            this.mappingUtils.validateId(str);
            IDAndRealm seperateIDAndRealm = this.mappingUtils.seperateIDAndRealm(str);
            Root createRootObject = this.mappingUtils.getWimService().createRootObject();
            if (seperateIDAndRealm.isRealmDefined()) {
                this.mappingUtils.createRealmDataObject(createRootObject, seperateIDAndRealm.getRealm());
                List<Context> contexts = createRootObject.getContexts();
                if (contexts != null) {
                    Context context = new Context();
                    context.setKey(ConfigConstants.CONFIG_PROP_ALLOW_OPERATION_IF_REPOS_DOWN);
                    context.setValue(Boolean.valueOf(this.mappingUtils.getCoreConfiguration().isAllowOpIfRepoDown(seperateIDAndRealm.getRealm())));
                    contexts.add(context);
                }
            }
            if (!this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()))) {
                this.mappingUtils.createLoginControlDataObject(createRootObject, this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()));
            }
            List<Entity> entities = createRootObject.getEntities();
            LoginAccount loginAccount = new LoginAccount();
            if (entities != null) {
                entities.add(loginAccount);
            }
            loginAccount.setPrincipalName(seperateIDAndRealm.getId());
            loginAccount.setPassword(PasswordUtil.getByteArrayPassword(str2));
            List<Entity> entities2 = this.mappingUtils.getWimService().login(createRootObject).getEntities();
            if (entities2.isEmpty()) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new PasswordCheckFailedException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            Entity entity = entities2.get(0);
            if (this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()))) {
                stringBuffer.append(entity.getIdentifier().get(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm())));
            } else {
                stringBuffer.append(entity.get(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm())));
            }
            if (seperateIDAndRealm.isRealmDefined() && !this.mappingUtils.getDefaultRealmName().equals(seperateIDAndRealm.getRealm())) {
                stringBuffer.append(seperateIDAndRealm.getDelimiter() + seperateIDAndRealm.getRealm());
            }
            return stringBuffer.toString();
        } catch (WIMException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, e.getMessage(), new Object[0]);
            }
            throw new RegistryException(e.getMessage(), e);
        }
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [java.lang.StringBuffer, java.security.cert.CertificateEncodingException] */
    @FFDCIgnore({WIMException.class})
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public String mapCertificate(X509Certificate x509Certificate) throws CertificateMapNotSupportedException, CertificateMapFailedException, RegistryException {
        ?? stringBuffer = new StringBuffer();
        try {
            this.mappingUtils.validateCertificate(x509Certificate);
            IDAndRealm seperateIDAndRealm = this.mappingUtils.seperateIDAndRealm("");
            Root createRootObject = this.mappingUtils.getWimService().createRootObject();
            if (!this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()))) {
                this.mappingUtils.createLoginControlDataObject(createRootObject, this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()));
            }
            List<Entity> entities = createRootObject.getEntities();
            LoginAccount loginAccount = new LoginAccount();
            if (entities != null) {
                entities.add(loginAccount);
            }
            loginAccount.getCertificate().add(x509Certificate.getEncoded());
            List<Entity> entities2 = this.mappingUtils.getWimService().login(createRootObject).getEntities();
            if (entities2.isEmpty()) {
                throw new com.ibm.websphere.wim.exception.CertificateMapFailedException();
            }
            Entity entity = entities2.get(0);
            if (this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()))) {
                stringBuffer.append(entity.getIdentifier().get(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm())));
            } else {
                stringBuffer.append(entity.get(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm())));
            }
            if (seperateIDAndRealm.isRealmDefined() && !this.mappingUtils.getDefaultRealmName().equals(seperateIDAndRealm.getRealm())) {
                stringBuffer.append(seperateIDAndRealm.getDelimiter() + seperateIDAndRealm.getRealm());
            }
            return stringBuffer.toString();
        } catch (WIMException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, e.getMessage(), new Object[0]);
            }
            if (e instanceof com.ibm.websphere.wim.exception.CertificateMapNotSupportedException) {
                throw new CertificateMapNotSupportedException(e.getMessage());
            }
            if (e instanceof com.ibm.websphere.wim.exception.CertificateMapFailedException) {
                throw new CertificateMapFailedException(e.getMessage(), e);
            }
            throw new RegistryException(e.getMessage(), e);
        } catch (CertificateEncodingException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.wim.registry.util.LoginBridge", "251", this, new Object[]{x509Certificate});
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, stringBuffer.getMessage(), new Object[0]);
            }
            throw new RegistryException(stringBuffer.getMessage());
        }
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public String getRealmName() throws WIMException {
        return this.mappingUtils.getWimService().getRealmName();
    }
}
