package com.ibm.ws.ssl.commands.SSLConfig;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.ws.profile.WSProfileConstants;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.ssl.commands.ManagementScope.ManagementScopeHelper;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import com.ibm.ws.ssl.commands.utils.CommandHelper;
import com.ibm.ws.ssl.commands.utils.TraceNLSHelper;
import com.ibm.ws.ssl.config.ManagementScopeData;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.wlm.admin.ClusterConfigCommandProvider;
import java.util.Iterator;
import java.util.List;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/cryptoimpl.jar:com/ibm/ws/ssl/commands/SSLConfig/GetInheritedSSLConfig.class */
public class GetInheritedSSLConfig extends AbstractTaskCommand {
    private static TraceComponent tc = Tr.register(GetInheritedSSLConfig.class, "SSL", "com.ibm.ws.ssl.commands");
    private String direction;
    private String scopeName;
    private ObjectName sslConfigObjName;

    public GetInheritedSSLConfig(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.direction = null;
        this.scopeName = null;
        this.sslConfigObjName = null;
    }

    public GetInheritedSSLConfig(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.direction = null;
        this.scopeName = null;
        this.sslConfigObjName = null;
    }

    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.VALIDATE);
        }
        super.validate();
        ConfigService configService = ConfigServiceFactory.getConfigService();
        Session configSession = getConfigSession();
        try {
            ConfigServiceHelper.createObjectName((ConfigDataId) null, CommandConstants.SECURITY);
            ObjectName objectName = configService.resolve(configSession, "Cell=:Security=")[0];
            this.scopeName = (String) getParameter(CommandConstants.SCOPE_NAME);
            this.direction = (String) getParameter(CommandConstants.DIRECTION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "scopeName: " + this.scopeName);
                Tr.debug(tc, "direction: " + this.direction);
            }
            if (this.direction != null && !this.direction.equalsIgnoreCase("inbound") && !this.direction.equalsIgnoreCase("outbound")) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getString("ssl.command.SSLConfig.invalid.direction.CWPKI0614E", "Direction is not valid.  Should be inbound or outbound."));
            }
            if (!ManagementScopeHelper.validScopeName(configSession, configService, this.scopeName)) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Not a valid management scope name: " + this.scopeName);
                }
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.scope.not.valid.CWPKI0604E", new Object[]{this.scopeName}, "The following Management scope is not valid: " + this.scopeName));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, AuditConstants.VALIDATE);
            }
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e.getMessage());
            }
            throw new CommandValidationException(e.getMessage());
        } catch (ConfigServiceException e2) {
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e2.getMessage());
            }
            throw new CommandValidationException(e2.getMessage());
        }
    }

    protected void beforeStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "beforeStepsExecuted");
        }
        super.beforeStepsExecuted();
        TaskCommandResultImpl taskCommandResult = getTaskCommandResult();
        if (!taskCommandResult.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "beforeStepsExecuted");
                return;
            }
            return;
        }
        try {
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = getConfigSession();
            taskCommandResult.setResult(getInheritedSSLConfig(configService, configSession, configService.resolve(configSession, "Cell=:Security=")[0], this.scopeName, this.direction));
        } catch (Exception e) {
            taskCommandResult.setException(new CommandException(e, e.getMessage()));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "beforeStepsExecuted");
        }
    }

    private String getInheritedSSLConfig(ConfigService configService, Session session, ObjectName objectName, String str, String str2) throws Exception {
        String str3;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getInheritedSSLConfig");
        }
        ObjectName objectName2 = null;
        ManagementScopeData managementScopeData = new ManagementScopeData(str);
        if (managementScopeData == null) {
            throw new Exception(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.scope.not.valid.CWPKI0604E", new Object[]{this.scopeName}, "The following Management scope is not valid: " + this.scopeName));
        }
        String scopeType = managementScopeData.getScopeType();
        if (scopeType.equalsIgnoreCase(Constants.SCOPE_ENDPOINT)) {
            objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formProcessScope());
            if (objectName2 == null) {
                String serversClusterName = getServersClusterName(configService, session, managementScopeData.getProcessName());
                if (serversClusterName != null) {
                    String str4 = managementScopeData.formCellScope() + ":(cluster):" + serversClusterName;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Cluster scope is " + str4);
                    }
                    objectName2 = getSSLConfigGrp(configService, session, objectName, str2, str4);
                }
                if (objectName2 == null) {
                    objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formNodeScope());
                    if (objectName2 == null) {
                        objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formCellScope());
                    }
                }
            }
        } else if (scopeType.equalsIgnoreCase("server")) {
            String serversClusterName2 = getServersClusterName(configService, session, managementScopeData.getProcessName());
            if (serversClusterName2 != null) {
                String str5 = managementScopeData.formCellScope() + ":(cluster):" + serversClusterName2;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Cluster scope is " + str5);
                }
                objectName2 = getSSLConfigGrp(configService, session, objectName, str2, str5);
            }
            if (objectName2 == null) {
                objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formNodeScope());
                if (objectName2 == null) {
                    String nodeNodeGroup = getNodeNodeGroup(configService, session, managementScopeData.getNodeName());
                    if (nodeNodeGroup != null) {
                        String str6 = managementScopeData.formCellScope() + ":(nodeGroup):" + nodeNodeGroup;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Built node group scope is " + str6);
                        }
                        objectName2 = getSSLConfigGrp(configService, session, objectName, str2, str6);
                    }
                    if (objectName2 == null) {
                        objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formCellScope());
                    }
                }
            }
        } else if (scopeType.equalsIgnoreCase("cluster")) {
            String clusterNodeGroup = getClusterNodeGroup(configService, session, managementScopeData.getClusterName());
            if (clusterNodeGroup != null) {
                String str7 = managementScopeData.formCellScope() + ":(nodeGroup):" + clusterNodeGroup;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Built node scope is " + str7);
                }
                objectName2 = getSSLConfigGrp(configService, session, objectName, str2, str7);
            }
            if (objectName2 == null) {
                objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formCellScope());
            }
        } else if (scopeType.equalsIgnoreCase("node")) {
            String nodeNodeGroup2 = getNodeNodeGroup(configService, session, managementScopeData.getNodeName());
            if (nodeNodeGroup2 != null) {
                String str8 = managementScopeData.formCellScope() + ":(nodeGroup):" + nodeNodeGroup2;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Built node scope is " + str8);
                }
                objectName2 = getSSLConfigGrp(configService, session, objectName, str2, str8);
            }
            if (objectName2 == null) {
                objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formCellScope());
            }
        } else if (scopeType.equalsIgnoreCase("cell") || scopeType.equalsIgnoreCase("nodeGroup")) {
            objectName2 = getSSLConfigGrp(configService, session, objectName, str2, managementScopeData.formCellScope());
        }
        if (objectName2 != null) {
            String str9 = null;
            ObjectName objectName3 = (ObjectName) configService.getAttribute(session, objectName2, "sslConfig");
            if (objectName3 != null) {
                str9 = (String) configService.getAttribute(session, objectName3, "alias");
            }
            str3 = new String(str9 + "," + ((String) configService.getAttribute(session, objectName2, "certificateAlias")));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Inherited SSL Config is " + str3);
            }
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "There seems to be no SSL config group so let's get the default SSL Config");
            }
            str3 = new String(SSLConfigManager.getInstance().getDefaultSSLConfig().getProperty("com.ibm.ssl.alias"));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Inherited SSL Config is " + str3);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getInheritedSSLConfig");
        }
        return str3;
    }

    private ObjectName getSSLConfigGrp(ConfigService configService, Session session, ObjectName objectName, String str, String str2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLConfigGrp");
        }
        ObjectName objectName2 = null;
        CommandHelper commandHelper = new CommandHelper();
        AttributeList attributeList = new AttributeList();
        try {
            ConfigServiceHelper.setAttributeValue(attributeList, CommandConstants.DIRECTION, str);
            objectName2 = commandHelper.getObjectName(configService, session, objectName, CommandConstants.SSL_CONFIG_GROUPS, attributeList, str2);
        } catch (Exception e) {
            throw e;
        } catch (CommandValidationException e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "There is no ssl config group for direction " + str + " and management scope " + str2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSSLConfigGrp");
        }
        return objectName2;
    }

    private String getServersClusterName(ConfigService configService, Session session, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServersClusterName");
        }
        String str2 = null;
        try {
            ObjectName[] resolve = configService.resolve(session, "ServerCluster=");
            if (resolve.length > 0) {
                for (int i = 0; i < resolve.length; i++) {
                    Iterator it = ((List) configService.getAttribute(session, resolve[i], ClusterConfigCommandProvider.MEMBERS_STEP_NAME)).iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (str.equalsIgnoreCase((String) ConfigServiceHelper.getAttributeValue((AttributeList) it.next(), "memberName"))) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Server found in cluster");
                            }
                            str2 = (String) configService.getAttribute(session, resolve[i], "name");
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "member is null");
                        }
                    }
                }
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while trying to find out if the server is in a cluster " + e.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getServersClusterName");
        }
        return str2;
    }

    private String getClusterNodeGroup(ConfigService configService, Session session, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getClusterNodeGroup");
        }
        String str2 = null;
        try {
            ObjectName objectName = configService.resolve(session, "ServerCluster=" + str)[0];
            if (objectName != null) {
                str2 = (String) configService.getAttribute(session, objectName, "nodeGroupName");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "cluster's node group name is" + str2);
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "cluster not found");
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while trying to find out the node group of the cluster " + e.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getClusterNodeGroup");
        }
        return str2;
    }

    private String getNodeNodeGroup(ConfigService configService, Session session, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getNodeNodeGroup");
        }
        String str2 = null;
        try {
            ObjectName[] resolve = configService.resolve(session, "NodeGroup=");
            if (resolve.length > 0) {
                for (int i = 0; i < resolve.length; i++) {
                    Iterator it = ((List) configService.getAttribute(session, resolve[i], ClusterConfigCommandProvider.MEMBERS_STEP_NAME)).iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (str.equalsIgnoreCase((String) ConfigServiceHelper.getAttributeValue((AttributeList) it.next(), WSProfileConstants.S_NODE_NAME_ARG))) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Node found in nodeGroup");
                            }
                            str2 = (String) configService.getAttribute(session, resolve[i], "name");
                        }
                    }
                }
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while trying to find out nodeGroup of the node " + e.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getNodeNodeGroup");
        }
        return str2;
    }
}
