package com.ibm.ws.security;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.registry.RegistryException;
import com.ibm.ws.security.registry.UserRegistry;
import com.ibm.ws.security.registry.UserRegistryChangeListener;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {AccessIdUtil.class, UserRegistryChangeListener.class}, immediate = true, configurationPolicy = ConfigurationPolicy.IGNORE, property = {"service.vendor=IBM"})
/* loaded from: input_file:wlp/lib/com.ibm.ws.security_1.0.9.jar:com/ibm/ws/security/AccessIdUtil.class */
public final class AccessIdUtil implements UserRegistryChangeListener {
    public static final String TYPE_SERVER = "server";
    public static final String TYPE_USER = "user";
    public static final String TYPE_GROUP = "group";
    public static final String TYPE_SEPARATOR = ":";
    public static final String REALM_SEPARATOR = "/";
    public static final String KEY_SECURITY_SERVICE = "securityService";
    static final long serialVersionUID = 3918093541208125713L;
    static final TraceComponent tc = Tr.register(AccessIdUtil.class);
    private static final AtomicServiceReference<SecurityService> securityServiceRef = new AtomicServiceReference<>("securityService");
    private static String realm = null;
    private static boolean hasRegistryChanged = true;
    private static boolean isRegistryAvailable = false;

    @Reference(service = SecurityService.class, name = "securityService", policy = ReferencePolicy.DYNAMIC)
    protected void setSecurityService(ServiceReference<SecurityService> serviceReference) {
        securityServiceRef.setReference(serviceReference);
    }

    protected void unsetSecurityService(ServiceReference<SecurityService> serviceReference) {
        securityServiceRef.unsetReference(serviceReference);
        hasRegistryChanged = true;
    }

    @FFDCIgnore({RegistryException.class})
    @Activate
    protected void activate(ComponentContext componentContext) throws RegistryException {
        securityServiceRef.activate(componentContext);
        SecurityService service = securityServiceRef.getService();
        if (service != null) {
            try {
                isRegistryAvailable = service.getUserRegistryService().isUserRegistryConfigured();
            } catch (RegistryException e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "No registry available during activate.", e);
                }
                isRegistryAvailable = false;
            }
        }
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) {
        securityServiceRef.deactivate(componentContext);
        hasRegistryChanged = true;
    }

    public static String createAccessId(String str, String str2, String str3) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("An internal error occured. type is null");
        }
        if (str2 == null || str2.isEmpty()) {
            throw new IllegalArgumentException("An internal error occured. realm is null");
        }
        if (str3 == null || str3.isEmpty()) {
            throw new IllegalArgumentException("An internal error occured. uniqueId is null");
        }
        return str + ":" + str2 + "/" + str3;
    }

    private static void setRegistryFlags() {
        isRegistryAvailable = true;
        hasRegistryChanged = true;
    }

    @FFDCIgnore({RegistryException.class})
    private static String getRealmFromRegistry() {
        SecurityService service = securityServiceRef.getService();
        if (service != null) {
            try {
                UserRegistry userRegistry = service.getUserRegistryService().getUserRegistry();
                isRegistryAvailable = true;
                return userRegistry.getRealm();
            } catch (RegistryException e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "RegistryException in getRealmFromRegistry.", e);
                }
            }
        }
        isRegistryAvailable = false;
        return null;
    }

    private static boolean isCompleteAccessId(String str) {
        int indexOf;
        boolean z;
        if (str == null || str.isEmpty()) {
            return false;
        }
        if (isRegistryAvailable && hasRegistryChanged) {
            realm = getRealmFromRegistry();
            hasRegistryChanged = false;
        }
        int indexOf2 = str.indexOf(":");
        if (realm == null || str.indexOf(realm) <= -1) {
            indexOf = str.indexOf("/");
            z = (indexOf2 + 1 == indexOf || indexOf == str.length() - 1) ? false : true;
        } else {
            indexOf = str.indexOf(realm);
            z = indexOf + realm.length() != str.length() - 1;
        }
        return indexOf2 > 0 && indexOf > 1 && indexOf2 < indexOf && z;
    }

    public static String getEntityType(String str) {
        if (isCompleteAccessId(str)) {
            return str.substring(0, str.indexOf(":"));
        }
        return null;
    }

    public static String getRealm(String str) {
        if (isCompleteAccessId(str)) {
            return (realm == null || str.indexOf(realm) <= -1) ? str.substring(str.indexOf(":") + 1, str.indexOf("/")) : realm;
        }
        return null;
    }

    public static String getUniqueId(String str) {
        if (isCompleteAccessId(str)) {
            return (realm == null || str.indexOf(realm) <= -1) ? str.substring(str.indexOf("/") + 1) : str.substring(str.indexOf(realm) + realm.length() + 1);
        }
        return null;
    }

    public static boolean isAccessId(String str) {
        return isCompleteAccessId(str);
    }

    public static boolean isServerAccessId(String str) {
        return isAccessId(str) && str.startsWith("server:");
    }

    public static boolean isUserAccessId(String str) {
        return isAccessId(str) && str.startsWith("user:");
    }

    public static boolean isGroupAccessId(String str) {
        return isAccessId(str) && str.startsWith("group:");
    }

    @Override // com.ibm.ws.security.registry.UserRegistryChangeListener
    public synchronized void notifyOfUserRegistryChange() {
        setRegistryFlags();
    }
}
