package com.ibm.ws.webservices.wssecurity.token;

import com.ibm.ISecurityUtilityImpl.SecurityServer;
import com.ibm.WebSphereSecurityImpl.SecurityServerImpl;
import com.ibm.websphere.security.UserMapping;
import com.ibm.websphere.security.WebSphereRuntimePermission;
import com.ibm.ws.security.auth.BasicAuthData;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.webservices.wssecurity.core.WSSecurityPlatformContextFactory;
import com.ibm.ws.webservices.wssecurity.util.ConfigConstants;
import com.ibm.xml.soapsec.util.ConfigUtil;
import com.ibm.xml.soapsec.util.Tr;
import com.ibm.xml.soapsec.util.TraceComponent;
import java.security.Permission;
import java.security.cert.X509Certificate;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/webservices/wssecurity/token/UserRegistryProcessor.class */
public class UserRegistryProcessor {
    private static final TraceComponent tc;
    private static final String comp = "security.wssecurity";
    private static final String clsName;
    private static UserMapping _userMapping;
    private static final String USERMAPPING_IMPL = "com.ibm.ws.security.core.UserMappingImpl";
    private static final Permission PERM;
    static Class class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor;

    /* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/webservices/wssecurity/token/UserRegistryProcessor$SecServer.class */
    private static class SecServer {
        private static SecurityServer instance;

        private SecServer() {
        }

        private static void init() {
            try {
                instance = new SecurityServerImpl();
            } catch (Exception e) {
                Tr.processException(e, new StringBuffer().append(UserRegistryProcessor.clsName).append(".SecServer.init").toString(), "58");
                throw new ExceptionInInitializerError(e);
            }
        }

        static {
            init();
        }
    }

    public static boolean checkRegistry(String str, char[] cArr) throws LoginException {
        SecurityServer securityServer;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkRegistry()");
        }
        boolean z = false;
        try {
            if (ContextManagerFactory.getInstance() != null && (securityServer = SecServer.instance) != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Username [").append(str).append("], password [").append(cArr == null ? "null" : "not mull").append("]").toString());
                }
                z = securityServer.simple_authenticate(new BasicAuthData(str, new String(cArr)));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, new StringBuffer().append("checkRegistry() returns boolean[").append(z).append("]").toString());
            }
            return z;
        } catch (Exception e) {
            Tr.processException(e, new StringBuffer().append(clsName).append(".checkRegistry").toString(), "%C");
            Tr.error(tc, "security.wssecurity.UserRegistryProcessor.s01", new Object[]{str, e});
            throw new LoginException(ConfigUtil.getMessage("security.wssecurity.UserRegistryProcessor.s01", new String[]{str, e.toString()}));
        }
    }

    public static boolean checkUsername(String str) throws LoginException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("checkUsername(String username[").append(str).append("])").toString());
        }
        boolean z = false;
        try {
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            if (contextManagerFactory != null) {
                SecurityServer securityServer = SecServer.instance;
                if (securityServer != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Username [").append(str).append("]").toString());
                }
                com.ibm.websphere.security.UserRegistry registry = securityServer.getRegistry(contextManagerFactory.getDefaultRealm());
                z = registry.isValidUser(str);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("registry.isValidUser() [").append(str).append("] = ").append(z).toString());
                }
                if (!z) {
                    String userSecurityName = registry.getUserSecurityName(str);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("registry.getUserSecurityName()=").append(userSecurityName).toString());
                    }
                    z = registry.isValidUser(userSecurityName);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("registry.isValidUser() [").append(userSecurityName).append("] = ").append(z).toString());
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, new StringBuffer().append("checkUsername(String username) returns boolean[").append(z).append("]").toString());
            }
            return z;
        } catch (Exception e) {
            Tr.processException(e, new StringBuffer().append(clsName).append(".checkUsername").toString(), "%C");
            Tr.error(tc, "security.wssecurity.UserRegistryProcessor.s02", new Object[]{str, e});
            throw new LoginException(ConfigUtil.getMessage("security.wssecurity.UserRegistryProcessor.s02", new String[]{str, e.toString()}));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String mapCertificate(X509Certificate x509Certificate) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("mapCertificate(X509Certificate [").append(x509Certificate).append("])").toString());
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(PERM);
        }
        String str = null;
        UserMapping userMapping = _userMapping;
        if (userMapping != null) {
            try {
                str = userMapping.mapCertificateToName(new X509Certificate[]{x509Certificate});
            } catch (Exception e) {
                Tr.processException(e, new StringBuffer().append(clsName).append(".mapCertificate").toString(), "84");
                Tr.warning(tc, "security.wssecurity.WSEC5185W", new Object[]{x509Certificate.getSubjectDN().getName(), e});
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, new StringBuffer().append("mapCertificate(X509Certificate) returns ").append(str).toString());
        }
        return str;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor == null) {
            cls = class$("com.ibm.ws.webservices.wssecurity.token.UserRegistryProcessor");
            class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor = cls;
        } else {
            cls = class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor;
        }
        tc = Tr.register(cls, ConfigConstants.TR_GROUP, ConfigConstants.TR_NLSPROPS);
        if (class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor == null) {
            cls2 = class$("com.ibm.ws.webservices.wssecurity.token.UserRegistryProcessor");
            class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor = cls2;
        } else {
            cls2 = class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor;
        }
        clsName = cls2.getName();
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "UserMapping Init");
        }
        if (ContextManagerFactory.getInstance().isServerSecurityEnabled() && WSSecurityPlatformContextFactory.getInstance().isServer()) {
            try {
                if (class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor == null) {
                    class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor = class$("com.ibm.ws.webservices.wssecurity.token.UserRegistryProcessor");
                } else {
                    Class cls3 = class$com$ibm$ws$webservices$wssecurity$token$UserRegistryProcessor;
                }
                _userMapping = (UserMapping) Class.forName(USERMAPPING_IMPL).newInstance();
            } catch (ClassNotFoundException e) {
                Tr.processException(e, new StringBuffer().append(clsName).append(".getUserMapping").toString(), "183");
                Tr.error(tc, "security.wssecurity.WSEC5186E", new Object[]{USERMAPPING_IMPL, e});
            } catch (IllegalAccessException e2) {
                Tr.processException(e2, new StringBuffer().append(clsName).append(".getUserMapping").toString(), "186");
                Tr.error(tc, "security.wssecurity.WSEC5188E", new Object[]{USERMAPPING_IMPL, e2});
            } catch (Exception e3) {
                Tr.processException(e3, new StringBuffer().append(clsName).append(".getUserMapping").toString(), "189");
                Tr.error(tc, "security.wssecurity.WSEC5187E", new Object[]{USERMAPPING_IMPL, e3});
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "UserMapping Init");
        }
        PERM = new WebSphereRuntimePermission("wssecurity.WSUserRegistry.mapCertificate");
    }
}
