package com.ibm.ws.security.internal;

import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.SecurityService;
import com.ibm.ws.security.authentication.AuthenticationService;
import com.ibm.ws.security.authorization.AuthorizationService;
import com.ibm.ws.security.registry.UserRegistryService;
import com.ibm.wsspi.kernel.service.utils.ConcurrentServiceReferenceMap;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.atomic.AtomicReference;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security_1.0.3.jar:com/ibm/ws/security/internal/SecurityServiceImpl.class */
public class SecurityServiceImpl implements SecurityService {
    private static final TraceComponent tc = Tr.register(SecurityServiceImpl.class);
    static final String KEY_CONFIGURATION = "configuration";
    static final String KEY_AUTHENTICATION = "authentication";
    static final String KEY_AUTHORIZATION = "authorization";
    static final String KEY_USERREGISTRY = "userRegistry";
    static final String KEY_ID = "id";
    static final String KEY_SERVICE_ID = "service.id";
    static final String KEY_CONFIG_SOURCE = "config.source";
    static final String CFG_KEY_SYSTEM_DOMAIN = "systemDomain";
    static final String CFG_KEY_DEFAULT_APP_DOMAIN = "defaultAppDomain";
    private ComponentContext cc;
    final ConcurrentServiceReferenceMap<String, SecurityConfiguration> configs = new ConcurrentServiceReferenceMap<>(KEY_CONFIGURATION);
    final ConcurrentServiceReferenceMap<String, AuthenticationService> authentication = new ConcurrentServiceReferenceMap<>("authentication");
    final ConcurrentServiceReferenceMap<String, AuthorizationService> authorization = new ConcurrentServiceReferenceMap<>("authorization");
    final ConcurrentServiceReferenceMap<String, UserRegistryService> userRegistry = new ConcurrentServiceReferenceMap<>(KEY_USERREGISTRY);
    final AtomicReference<AuthenticationService> authnService = new AtomicReference<>();
    final AtomicReference<AuthorizationService> authzService = new AtomicReference<>();
    final AtomicReference<UserRegistryService> userRegistryService = new AtomicReference<>();
    private volatile String cfgSystemDomain = null;
    private volatile String cfgDefaultAppDomain = null;
    static final long serialVersionUID = -4859547424222125124L;

    protected void setConfiguration(ServiceReference<SecurityConfiguration> serviceReference) {
        String str = (String) serviceReference.getProperty("id");
        if (str != null) {
            this.configs.putReference(str, serviceReference);
        } else {
            Tr.error(tc, "SECURITY_SERVICE_REQUIRED_SERVICE_WITHOUT_ID", "securityConfiguration");
        }
    }

    protected void unsetConfiguration(ServiceReference<SecurityConfiguration> serviceReference) {
        this.configs.removeReference((String) serviceReference.getProperty("id"), serviceReference);
    }

    private boolean hasPropertiesFromFile(ServiceReference<?> serviceReference) {
        return "file".equals(serviceReference.getProperty("config.source"));
    }

    protected void setAuthentication(ServiceReference<AuthenticationService> serviceReference) {
        if (hasPropertiesFromFile(serviceReference)) {
            String str = (String) serviceReference.getProperty("id");
            if (str != null) {
                this.authentication.putReference(str, serviceReference);
            } else {
                Tr.error(tc, "SECURITY_SERVICE_REQUIRED_SERVICE_WITHOUT_ID", "authentication");
            }
        } else {
            this.authentication.putReference(String.valueOf(serviceReference.getProperty("service.id")), serviceReference);
        }
        this.authnService.set(null);
    }

    protected void unsetAuthentication(ServiceReference<AuthenticationService> serviceReference) {
        this.authentication.removeReference((String) serviceReference.getProperty("id"), serviceReference);
        this.authentication.removeReference(String.valueOf(serviceReference.getProperty("service.id")), serviceReference);
        this.authnService.set(null);
    }

    protected void setAuthorization(ServiceReference<AuthorizationService> serviceReference) {
        if (hasPropertiesFromFile(serviceReference)) {
            String str = (String) serviceReference.getProperty("id");
            if (str != null) {
                this.authorization.putReference(str, serviceReference);
            } else {
                Tr.error(tc, "SECURITY_SERVICE_REQUIRED_SERVICE_WITHOUT_ID", "authorization");
            }
        } else {
            this.authorization.putReference(String.valueOf(serviceReference.getProperty("service.id")), serviceReference);
        }
        this.authzService.set(null);
    }

    protected void unsetAuthorization(ServiceReference<AuthorizationService> serviceReference) {
        this.authorization.removeReference((String) serviceReference.getProperty("id"), serviceReference);
        this.authorization.removeReference(String.valueOf(serviceReference.getProperty("service.id")), serviceReference);
        this.authzService.set(null);
    }

    protected void setUserRegistry(ServiceReference<UserRegistryService> serviceReference) {
        if (hasPropertiesFromFile(serviceReference)) {
            String str = (String) serviceReference.getProperty("id");
            if (str != null) {
                this.userRegistry.putReference(str, serviceReference);
            } else {
                Tr.error(tc, "SECURITY_SERVICE_REQUIRED_SERVICE_WITHOUT_ID", KEY_USERREGISTRY);
            }
        } else {
            this.userRegistry.putReference(String.valueOf(serviceReference.getProperty("service.id")), serviceReference);
        }
        this.userRegistryService.set(null);
    }

    protected void unsetUserRegistry(ServiceReference<UserRegistryService> serviceReference) {
        this.userRegistry.removeReference((String) serviceReference.getProperty("id"), serviceReference);
        this.userRegistry.removeReference(String.valueOf(serviceReference.getProperty("service.id")), serviceReference);
        this.userRegistryService.set(null);
    }

    protected void activate(ComponentContext componentContext) {
        this.cc = componentContext;
        this.configs.activate(componentContext);
        this.authentication.activate(componentContext);
        this.authorization.activate(componentContext);
        this.userRegistry.activate(componentContext);
        setAndValidateProperties((String) componentContext.getProperties().get(CFG_KEY_SYSTEM_DOMAIN), (String) componentContext.getProperties().get(CFG_KEY_DEFAULT_APP_DOMAIN));
    }

    protected void modify(Map<String, Object> map) {
        this.authnService.set(null);
        this.authzService.set(null);
        this.userRegistryService.set(null);
        setAndValidateProperties((String) map.get(CFG_KEY_SYSTEM_DOMAIN), (String) map.get(CFG_KEY_DEFAULT_APP_DOMAIN));
    }

    protected void deactivate(ComponentContext componentContext) {
        this.cc = null;
        this.configs.deactivate(componentContext);
        this.authentication.deactivate(componentContext);
        this.authorization.deactivate(componentContext);
        this.userRegistry.deactivate(componentContext);
        this.cfgSystemDomain = null;
        this.cfgDefaultAppDomain = null;
    }

    private boolean isConfigurationDefinedInFile() {
        return "file".equals(this.cc.getProperties().get("config.source"));
    }

    private void setAndValidateProperties(String str, String str2) {
        if (isConfigurationDefinedInFile()) {
            if (str == null || str.isEmpty()) {
                Tr.error(tc, "SECURITY_SERVICE_ERROR_MISSING_ATTRIBUTE", CFG_KEY_SYSTEM_DOMAIN);
                throw new IllegalArgumentException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_ERROR_MISSING_ATTRIBUTE", new Object[]{CFG_KEY_SYSTEM_DOMAIN}, "CWWKS0002E: A configuration error has occurred. No {0} attribute is defined for the <security> element."));
            }
            this.cfgSystemDomain = str;
            if (str2 == null || str2.isEmpty()) {
                this.cfgDefaultAppDomain = str;
            } else {
                this.cfgDefaultAppDomain = str2;
            }
        }
    }

    private SecurityConfiguration getEffectiveSecurityConfiguration() {
        SecurityConfiguration service = this.configs.getService(this.cfgSystemDomain);
        if (service != null) {
            return service;
        }
        Tr.error(tc, "SECURITY_SERVICE_ERROR_BAD_DOMAIN", this.cfgSystemDomain, CFG_KEY_SYSTEM_DOMAIN);
        throw new IllegalArgumentException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_ERROR_BAD_DOMAIN", new Object[]{this.cfgSystemDomain, CFG_KEY_SYSTEM_DOMAIN}, "CWWKS0003E: A configuration error has occurred. The specified security configuration referenced by identifier {0} for attribute {1} in the <security> element is not defined."));
    }

    private void throwIllegalArgumentExceptionInvalidAttributeValue(String str, String str2) {
        Tr.error(tc, "SECURITY_SERVICE_ERROR_BAD_REFERENCE", str2, str);
        throw new IllegalArgumentException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_ERROR_BAD_REFERENCE", new Object[]{str2, str}, "CWWKS0004E: A configuration error has occurred. The specified element referenced by identifier {0} for attribute {1} in the <securityConfiguration> element is not defined."));
    }

    private <V> V autoDetectService(String str, ConcurrentServiceReferenceMap<String, V> concurrentServiceReferenceMap) {
        Iterator<V> services = concurrentServiceReferenceMap.getServices();
        if (!services.hasNext()) {
            Tr.error(tc, "SECURITY_SERVICE_NO_SERVICE_AVAILABLE", str);
            throw new IllegalStateException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_NO_SERVICE_AVAILABLE", new Object[]{str}, "CWWKS0005E: A configuration error has occurred. No available {0} service."));
        }
        V next = services.next();
        if (!services.hasNext()) {
            return next;
        }
        Tr.error(tc, "SECURITY_SERVICE_MULTIPLE_SERVICE_AVAILABLE", str);
        throw new IllegalStateException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_MULTIPLE_SERVICE_AVAILABLE", new Object[]{str}, "CWWKS0006E: A configuration error has occurred. Multiple available {0} services, unable to determine which to use."));
    }

    @Override // com.ibm.ws.security.SecurityService
    public AuthenticationService getAuthenticationService() {
        AuthenticationService authenticationService = this.authnService.get();
        if (authenticationService == null) {
            authenticationService = isConfigurationDefinedInFile() ? getAuthenticationService(getEffectiveSecurityConfiguration().getAuthenticationServiceId()) : (AuthenticationService) autoDetectService("authentication", this.authentication);
            this.authnService.set(authenticationService);
        }
        return authenticationService;
    }

    private AuthenticationService getAuthenticationService(String str) {
        AuthenticationService service = this.authentication.getService(str);
        if (service == null) {
            throwIllegalArgumentExceptionInvalidAttributeValue("authenticationRef", str);
        }
        return service;
    }

    @Override // com.ibm.ws.security.SecurityService
    public AuthorizationService getAuthorizationService() {
        AuthorizationService authorizationService = this.authzService.get();
        if (authorizationService == null) {
            authorizationService = isConfigurationDefinedInFile() ? getAuthorizationService(getEffectiveSecurityConfiguration().getAuthorizationServiceId()) : autoDetectAuthorizationService();
            this.authzService.set(authorizationService);
        }
        return authorizationService;
    }

    private AuthorizationService autoDetectAuthorizationService() {
        Iterator<AuthorizationService> services = this.authorization.getServices();
        if (!services.hasNext()) {
            Tr.error(tc, "SECURITY_SERVICE_NO_SERVICE_AVAILABLE", "authorization");
            throw new IllegalStateException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_NO_SERVICE_AVAILABLE", new Object[]{"authorization"}, "CWWKS0005E: A configuration error has occurred. No available {0} service."));
        }
        AuthorizationService next = services.next();
        if (services.hasNext()) {
            next = null;
            services.next();
            if (services.hasNext()) {
                Tr.error(tc, "SECURITY_SERVICE_MULTIPLE_SERVICE_AVAILABLE", "authorization");
                throw new IllegalStateException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_MULTIPLE_SERVICE_AVAILABLE", new Object[]{"authorization"}, "CWWKS0006E: A configuration error has occurred. Multiple available {0} services, unable to determine which to use."));
            }
            boolean z = false;
            for (String str : this.authorization.keySet()) {
                if ("Builtin".equals((String) this.authorization.getReference(str).getProperty(AuthorizationService.AUTHORIZATION_TYPE))) {
                    z = true;
                } else {
                    next = this.authorization.getService(str);
                }
            }
            if (!z) {
                Tr.error(tc, "SECURITY_SERVICE_MULTIPLE_SERVICE_AVAILABLE", "authorization");
                throw new IllegalStateException(TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "SECURITY_SERVICE_MULTIPLE_SERVICE_AVAILABLE", new Object[]{"authorization"}, "CWWKS0006E: A configuration error has occurred. Multiple available {0} services, unable to determine which to use."));
            }
        }
        return next;
    }

    private AuthorizationService getAuthorizationService(String str) {
        AuthorizationService service = this.authorization.getService(str);
        if (service == null) {
            throwIllegalArgumentExceptionInvalidAttributeValue("authorizationRef", str);
        }
        return service;
    }

    @Override // com.ibm.ws.security.SecurityService
    public UserRegistryService getUserRegistryService() {
        UserRegistryService userRegistryService = this.userRegistryService.get();
        if (userRegistryService == null) {
            userRegistryService = isConfigurationDefinedInFile() ? getUserRegistryService(getEffectiveSecurityConfiguration().getUserRegistryServiceId()) : (UserRegistryService) autoDetectService(KEY_USERREGISTRY, this.userRegistry);
            this.userRegistryService.set(userRegistryService);
        }
        return userRegistryService;
    }

    private UserRegistryService getUserRegistryService(String str) {
        UserRegistryService service = this.userRegistry.getService(str);
        if (service == null) {
            throwIllegalArgumentExceptionInvalidAttributeValue("userRegistryRef", str);
        }
        return service;
    }
}
