package com.ibm.ws.security.credentials.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.credentials.CredentialProvider;
import com.ibm.ws.security.credentials.CredentialsService;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.kernel.service.utils.ConcurrentServiceReferenceSet;
import com.ibm.wsspi.kernel.service.utils.SerializableProtectedString;
import java.util.Hashtable;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.login.CredentialException;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;

@InjectedFFDC
@TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.credentials_1.0.11.jar:com/ibm/ws/security/credentials/internal/CredentialsServiceImpl.class */
public class CredentialsServiceImpl implements CredentialsService {
    private static final String KEY_BASIC_AUTH_REALM = "com.ibm.ws.security.cred.realm";
    private static final String KEY_BASIC_AUTH_USER = "com.ibm.ws.security.cred.user";
    private static final String KEY_BASIC_AUTH_PASSWORD = "com.ibm.ws.security.cred.password";
    static final String KEY_CREDENTIAL_PROVIDER = "credentialProvider";
    public static final String KEY_BASIC_AUTH_CREDENTIAL_PROVIDER = "basicAuthCredentialProvider";
    private final ConcurrentServiceReferenceSet<CredentialProvider> credentialProviders = new ConcurrentServiceReferenceSet<>(KEY_CREDENTIAL_PROVIDER);
    private final AtomicServiceReference<CredentialProvider> basicAuthCredentialProvider = new AtomicServiceReference<>(KEY_BASIC_AUTH_CREDENTIAL_PROVIDER);
    private String unauthenticatedUser = "UNAUTHENTICATED";
    static final long serialVersionUID = -5877378954712003958L;
    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(CredentialsServiceImpl.class);

    protected void setCredentialProvider(ServiceReference<CredentialProvider> serviceReference) {
        this.credentialProviders.addReference(serviceReference);
    }

    protected void unsetCredentialProvider(ServiceReference<CredentialProvider> serviceReference) {
        this.credentialProviders.removeReference(serviceReference);
    }

    public void setBasicAuthCredentialProvider(ServiceReference<CredentialProvider> serviceReference) {
        this.basicAuthCredentialProvider.setReference(serviceReference);
    }

    protected void unsetBasicAuthCredentialProvider(ServiceReference<CredentialProvider> serviceReference) {
        this.basicAuthCredentialProvider.unsetReference(serviceReference);
    }

    public void activate(ComponentContext componentContext) {
        this.credentialProviders.activate(componentContext);
        this.basicAuthCredentialProvider.activate(componentContext);
    }

    protected void deactivate(ComponentContext componentContext) {
        this.credentialProviders.deactivate(componentContext);
        this.basicAuthCredentialProvider.deactivate(componentContext);
    }

    @Override // com.ibm.ws.security.credentials.CredentialsService
    public void setCredentials(Subject subject) throws CredentialException {
        Iterator<CredentialProvider> services = this.credentialProviders.getServices();
        while (services.hasNext()) {
            services.next().setCredential(subject);
        }
    }

    @Override // com.ibm.ws.security.credentials.CredentialsService
    public void setBasicAuthCredential(Subject subject, String str, String str2, @Sensitive String str3) throws CredentialException {
        CredentialProvider service = this.basicAuthCredentialProvider.getService();
        if (service != null) {
            Hashtable hashtable = new Hashtable();
            hashtable.put(KEY_BASIC_AUTH_REALM, str);
            hashtable.put(KEY_BASIC_AUTH_USER, str2);
            hashtable.put(KEY_BASIC_AUTH_PASSWORD, new SerializableProtectedString(str3.toCharArray()));
            subject.getPrivateCredentials().add(hashtable);
            service.setCredential(subject);
        }
    }

    @Override // com.ibm.ws.security.credentials.CredentialsService
    public void setUnauthenticatedUserid(String str) {
        this.unauthenticatedUser = str;
    }

    @Override // com.ibm.ws.security.credentials.CredentialsService
    public String getUnauthenticatedUserid() {
        return this.unauthenticatedUser;
    }

    @Override // com.ibm.ws.security.credentials.CredentialsService
    public boolean isSubjectValid(Subject subject) {
        boolean z = true;
        Iterator<CredentialProvider> services = this.credentialProviders.getServices();
        while (services.hasNext()) {
            z = z && services.next().isSubjectValid(subject);
            if (!z) {
                break;
            }
        }
        return z;
    }
}
