package com.ibm.ws.messaging.security.authentication.internal;

import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.ws.messaging.security.MSTraceConstants;
import com.ibm.ws.messaging.security.MessagingSecurityConstants;
import com.ibm.ws.messaging.security.MessagingSecurityException;
import com.ibm.ws.messaging.security.authentication.MessagingAuthenticationException;
import com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService;
import com.ibm.ws.messaging.security.authentication.actions.MessagingLoginAction;
import com.ibm.ws.messaging.security.internal.MessagingSecurityServiceImpl;
import com.ibm.ws.messaging.security.utility.MessagingSecurityUtility;
import com.ibm.ws.security.authentication.AuthenticationData;
import com.ibm.ws.security.authentication.WSAuthenticationData;
import com.ibm.ws.sib.utils.ras.SibTr;
import java.security.AccessController;
import java.security.cert.Certificate;
import javax.security.auth.Subject;

/* loaded from: input_file:wlp/lib/com.ibm.ws.messaging.security_1.0.9.jar:com/ibm/ws/messaging/security/authentication/internal/MessagingAuthenticationServiceImpl.class */
public class MessagingAuthenticationServiceImpl implements MessagingAuthenticationService, MessagingSecurityConstants {
    private static final String CLASS_NAME = "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpl";
    private MessagingSecurityServiceImpl _messagingSecurityService;
    private final AuthenticationData authenticationDataForSubject = new WSAuthenticationData();
    private static TraceComponent tc = SibTr.register(MessagingAuthenticationServiceImpl.class, MSTraceConstants.MESSAGING_SECURITY_TRACE_GROUP, MSTraceConstants.MESSAGING_SECURITY_RESOURCE_BUNDLE);
    private static final TraceNLS nls = TraceNLS.getTraceNLS(MessagingAuthenticationServiceImpl.class, MSTraceConstants.MESSAGING_SECURITY_RESOURCE_BUNDLE);

    public MessagingAuthenticationServiceImpl(MessagingSecurityServiceImpl messagingSecurityServiceImpl) {
        this._messagingSecurityService = null;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImplconstructor", messagingSecurityServiceImpl);
        }
        this._messagingSecurityService = messagingSecurityServiceImpl;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImplconstructor");
        }
    }

    @Override // com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService
    public Subject login(Subject subject) throws MessagingAuthenticationException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        Subject subject2 = (Subject) AccessController.doPrivileged(new MessagingLoginAction(this.authenticationDataForSubject, MessagingSecurityConstants.SUBJECT, this._messagingSecurityService.getSecurityService(), subject));
        if (subject2 == null) {
            String str = null;
            try {
                str = this._messagingSecurityService.getUniqueUserName(subject);
            } catch (MessagingSecurityException e) {
            }
            throwAuthenticationException(str);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject2);
        }
        return subject2;
    }

    @Override // com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService
    public Subject login(String str, String str2) throws MessagingAuthenticationException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", new Object[]{str, "Password Not Traced"});
        }
        Subject subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(str, str2), MessagingSecurityConstants.USERID, this._messagingSecurityService.getSecurityService()));
        if (subject == null) {
            throwAuthenticationException(str);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        return subject;
    }

    @Override // com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService
    public Subject login(byte[] bArr, String str) throws MessagingAuthenticationException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", new Object[]{bArr, str});
        }
        if (!"LTPA".equals(str)) {
            SibTr.error(tc, "SECURITY_TOKEN_TYPE_NOT_SUPPORTED_MSE1002", str);
            throw new MessagingAuthenticationException(nls.getFormattedMessage("SECURITY_TOKEN_TYPE_NOT_SUPPORTED_MSE1002", (Object[]) null, "Security Token Type is not valid"));
        }
        Subject subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(bArr), "LTPA", this._messagingSecurityService.getSecurityService()));
        if (subject == null) {
            String str2 = null;
            try {
                str2 = this._messagingSecurityService.getUniqueUserName(subject);
            } catch (MessagingSecurityException e) {
            }
            throwAuthenticationException(str2);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        return subject;
    }

    @Override // com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService
    public Subject login(String str) throws MessagingAuthenticationException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", str);
        }
        Subject subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(str, this._messagingSecurityService.getUserRegistry()), MessagingSecurityConstants.IDASSERTION, this._messagingSecurityService.getSecurityService()));
        if (subject == null) {
            throwAuthenticationException(str);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        return subject;
    }

    @Override // com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService
    public Subject login(Certificate[] certificateArr) throws MessagingAuthenticationException {
        Subject subject;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", certificateArr);
        }
        if (certificateArr == null) {
            subject = null;
        } else {
            subject = (Subject) AccessController.doPrivileged(new MessagingLoginAction(MessagingSecurityUtility.createAuthenticationData(certificateArr, this._messagingSecurityService.getUserRegistry()), MessagingSecurityConstants.CLIENTSSL, this._messagingSecurityService.getSecurityService()));
            if (subject == null) {
                String str = null;
                try {
                    str = this._messagingSecurityService.getUniqueUserName(subject);
                } catch (MessagingSecurityException e) {
                }
                throwAuthenticationException(str);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogin", subject);
        }
        return subject;
    }

    @Override // com.ibm.ws.messaging.security.authentication.MessagingAuthenticationService
    public void logout(Subject subject) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogout", subject);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "com.ibm.ws.messaging.security.authentication.internal.MessagingAuthenticationServiceImpllogout");
        }
    }

    private void throwAuthenticationException(String str) throws MessagingAuthenticationException {
        throw new MessagingAuthenticationException(nls.getFormattedMessage("USER_NOT_AUTHENTICATED_MSE1009", new Object[]{str}, "User " + str + " is not authenticated"));
    }
}
