package com.ibm.ws.security.token.ltpa.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.filemonitor.FileBasedActionable;
import com.ibm.ws.security.filemonitor.SecurityFileMonitor;
import com.ibm.wsspi.kernel.filemonitor.FileMonitor;
import com.ibm.wsspi.kernel.service.location.WsLocationAdmin;
import com.ibm.wsspi.kernel.service.location.WsResource;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.kernel.service.utils.SerializableProtectedString;
import com.ibm.wsspi.security.ltpa.TokenFactory;
import java.io.File;
import java.util.Arrays;
import java.util.Collection;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceReference;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.ComponentContext;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.token.ltpa_1.0.11.jar:com/ibm/ws/security/token/ltpa/internal/LTPAConfigurationImpl.class */
public class LTPAConfigurationImpl implements LTPAConfiguration, FileBasedActionable {
    private static final TraceComponent tc = Tr.register((Class<?>) LTPAConfigurationImpl.class, "Token", TraceConstants.MESSAGE_BUNDLE);
    static final String KEY_LOCATION_SERVICE = "locationService";
    static final String KEY_EXECUTOR_SERVICE = "executorService";
    static final String KEY_CHANGE_SERVICE = "ltpaKeysChangeNotifier";
    static final String DEFAULT_CONFIG_LOCATION = "${server.config.dir}/resources/security/ltpa.keys";
    static final String DEFAULT_OUTPUT_LOCATION = "${server.output.dir}/resources/security/ltpa.keys";
    private LTPAKeyCreator creator;
    private TokenFactory factory;
    private LTPAKeyInfoManager ltpaKeyInfoManager;
    private String keyImportFile;
    private String keyPassword;
    private long keyTokenExpiration;
    private long monitorInterval;
    private SecurityFileMonitor ltpaFileMonitor;
    private ServiceRegistration<FileMonitor> ltpaFileMonitorRegistration;
    static final long serialVersionUID = -7559011658314909677L;
    private final AtomicServiceReference<WsLocationAdmin> locationService = new AtomicServiceReference<>("locationService");
    private final AtomicServiceReference<ExecutorService> executorService = new AtomicServiceReference<>(KEY_EXECUTOR_SERVICE);
    private final AtomicServiceReference<LTPAKeysChangeNotifier> ltpaKeysChangeNotifierService = new AtomicServiceReference<>(KEY_CHANGE_SERVICE);
    private ServiceRegistration<LTPAConfiguration> registration = null;
    private volatile ComponentContext cc = null;
    private final ReentrantReadWriteLock reentrantReadWriteLock = new ReentrantReadWriteLock();
    private final ReentrantReadWriteLock.WriteLock writeLock = this.reentrantReadWriteLock.writeLock();
    private final ReentrantReadWriteLock.ReadLock readLock = this.reentrantReadWriteLock.readLock();

    protected void setExecutorService(ServiceReference<ExecutorService> serviceReference) {
        this.executorService.setReference(serviceReference);
    }

    protected void unsetExecutorService(ServiceReference<ExecutorService> serviceReference) {
        this.executorService.unsetReference(serviceReference);
    }

    protected void setLocationService(ServiceReference<WsLocationAdmin> serviceReference) {
        this.locationService.setReference(serviceReference);
    }

    protected void unsetLocationService(ServiceReference<WsLocationAdmin> serviceReference) {
        this.locationService.unsetReference(serviceReference);
    }

    protected void setLtpaKeysChangeNotifier(ServiceReference<LTPAKeysChangeNotifier> serviceReference) {
        this.ltpaKeysChangeNotifierService.setReference(serviceReference);
    }

    protected void unsetLtpaKeysChangeNotifier(ServiceReference<LTPAKeysChangeNotifier> serviceReference) {
        this.ltpaKeysChangeNotifierService.unsetReference(serviceReference);
    }

    protected void activate(ComponentContext componentContext, Map<String, Object> map) {
        this.cc = componentContext;
        this.locationService.activate(componentContext);
        this.executorService.activate(componentContext);
        this.ltpaKeysChangeNotifierService.activate(componentContext);
        loadConfig(map);
        setupRuntimeLTPAInfrastructure();
    }

    private void loadConfig(Map<String, Object> map) {
        this.keyImportFile = (String) map.get(LTPAConfiguration.CFG_KEY_IMPORT_FILE);
        SerializableProtectedString serializableProtectedString = (SerializableProtectedString) map.get(LTPAConfiguration.CFG_KEY_PASSWORD);
        this.keyPassword = serializableProtectedString == null ? null : new String(serializableProtectedString.getChars());
        this.keyTokenExpiration = ((Long) map.get(LTPAConfiguration.CFG_KEY_TOKEN_EXPIRATION)).longValue();
        this.monitorInterval = ((Long) map.get(LTPAConfiguration.CFG_KEY_MONITOR_INTERVAL)).longValue();
        resolveActualKeysFileLocation();
    }

    private void resolveActualKeysFileLocation() {
        WsResource resolveResource;
        if (isInDefaultOutputLocation() && (resolveResource = this.locationService.getServiceWithException().resolveResource(DEFAULT_CONFIG_LOCATION)) != null && resolveResource.exists()) {
            this.keyImportFile = this.locationService.getServiceWithException().resolveString(DEFAULT_CONFIG_LOCATION);
        }
    }

    private boolean isInDefaultOutputLocation() {
        return this.keyImportFile.equals(this.locationService.getServiceWithException().resolveString(DEFAULT_OUTPUT_LOCATION));
    }

    private void setupRuntimeLTPAInfrastructure() {
        optionallyCreateFileMonitor();
        this.creator = new LTPAKeyCreator(this.locationService.getService(), this);
        submitTaskToCreateLTPAKeys();
    }

    private void optionallyCreateFileMonitor() {
        if (this.monitorInterval > 0) {
            createFileMonitor();
        }
    }

    private void createFileMonitor() {
        try {
            this.ltpaFileMonitor = new SecurityFileMonitor(this);
            setFileMonitorRegistration(this.ltpaFileMonitor.monitorFiles(Arrays.asList(this.keyImportFile), this.monitorInterval));
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.token.ltpa.internal.LTPAConfigurationImpl", "160", this, new Object[0]);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception creating the LTPA file monitor.", e);
            }
        }
    }

    @Override // com.ibm.ws.security.filemonitor.FileBasedActionable
    public void performFileBasedAction(Collection<File> collection) {
        Tr.audit(tc, "LTPA_KEYS_TO_LOAD", this.keyImportFile);
        submitTaskToCreateLTPAKeys();
    }

    private void submitTaskToCreateLTPAKeys() {
        this.executorService.getService().execute(this.creator);
    }

    protected void modified(Map<String, Object> map) {
        String str = this.keyImportFile;
        Long valueOf = Long.valueOf(this.keyTokenExpiration);
        Long valueOf2 = Long.valueOf(this.monitorInterval);
        loadConfig(map);
        if (isKeysConfigChanged(str, valueOf)) {
            unsetFileMonitorRegistration();
            Tr.audit(tc, "LTPA_KEYS_TO_LOAD", this.keyImportFile);
            setupRuntimeLTPAInfrastructure();
        } else if (isMonitorIntervalChanged(valueOf2)) {
            unsetFileMonitorRegistration();
            optionallyCreateFileMonitor();
        }
    }

    private boolean isKeysConfigChanged(String str, Long l) {
        return (str.equals(this.keyImportFile) && l.longValue() == this.keyTokenExpiration) ? false : true;
    }

    private boolean isMonitorIntervalChanged(Long l) {
        return l.longValue() != this.monitorInterval;
    }

    protected void deactivate(ComponentContext componentContext) {
        this.cc = null;
        if (this.registration != null) {
            this.registration.unregister();
            this.registration = null;
        }
        unsetFileMonitorRegistration();
        this.executorService.deactivate(componentContext);
        this.locationService.deactivate(componentContext);
        this.ltpaKeysChangeNotifierService.deactivate(componentContext);
    }

    protected void unsetFileMonitorRegistration() {
        if (this.ltpaFileMonitorRegistration != null) {
            this.ltpaFileMonitorRegistration.unregister();
            this.ltpaFileMonitorRegistration = null;
        }
    }

    protected void setFileMonitorRegistration(ServiceRegistration<FileMonitor> serviceRegistration) {
        this.ltpaFileMonitorRegistration = serviceRegistration;
    }

    @Override // com.ibm.ws.security.filemonitor.FileBasedActionable
    public BundleContext getBundleContext() {
        if (this.cc != null) {
            return this.cc.getBundleContext();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setRegistration(ServiceRegistration<LTPAConfiguration> serviceRegistration) {
        this.registration = serviceRegistration;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setTokenFactory(TokenFactory tokenFactory) {
        this.writeLock.lock();
        try {
            this.factory = tokenFactory;
            this.writeLock.unlock();
        } catch (Throwable th) {
            this.writeLock.unlock();
            throw th;
        }
    }

    @Override // com.ibm.ws.security.token.ltpa.internal.LTPAConfiguration
    public TokenFactory getTokenFactory() {
        this.readLock.lock();
        try {
            TokenFactory tokenFactory = this.factory;
            this.readLock.unlock();
            return tokenFactory;
        } catch (Throwable th) {
            this.readLock.unlock();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setLTPAKeyInfoManager(LTPAKeyInfoManager lTPAKeyInfoManager) {
        this.ltpaKeyInfoManager = lTPAKeyInfoManager;
    }

    @Override // com.ibm.ws.security.token.ltpa.internal.LTPAConfiguration
    public LTPAKeyInfoManager getLTPAKeyInfoManager() {
        return this.ltpaKeyInfoManager;
    }

    @Override // com.ibm.ws.security.token.ltpa.internal.LTPAConfiguration
    public String getKeyFile() {
        return this.keyImportFile;
    }

    @Override // com.ibm.ws.security.token.ltpa.internal.LTPAConfiguration
    @Sensitive
    public String getKeyPassword() {
        return this.keyPassword;
    }

    @Override // com.ibm.ws.security.token.ltpa.internal.LTPAConfiguration
    public long getTokenExpiration() {
        return this.keyTokenExpiration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void configReady() {
        LTPAKeysChangeNotifier lTPAKeysChangeNotifier = getLTPAKeysChangeNotifier();
        if (lTPAKeysChangeNotifier != null) {
            lTPAKeysChangeNotifier.notifyListeners();
        }
    }

    protected LTPAKeysChangeNotifier getLTPAKeysChangeNotifier() {
        return this.ltpaKeysChangeNotifierService.getService();
    }
}
