package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.csi.CSIException;
import com.ibm.websphere.management.AdminContext;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.runtime.deploy.DeployedModule;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.config.SecurityConfigResource;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.delegation.DelegationFactory;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.security.util.ServerIdentityHelper;
import com.ibm.ws.security.zOS.threadid.ThreadIdentityManager;
import com.ibm.ws.sm.workspace.impl.WorkSpaceConstant;
import java.io.IOException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Enumeration;
import javax.security.auth.Subject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jst.j2ee.internal.web.operations.CreateServletTemplateModel;
import org.eclipse.jst.j2ee.webapplication.WebApp;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/web/EJSWebCollaborator.class */
public class EJSWebCollaborator extends WebCollaborator implements WebSecurityCollaborator {
    private static final TraceComponent tc = Tr.register(EJSWebCollaborator.class, "Security", (String) null);
    private final ContextManager contextManager = ContextManagerFactory.getInstance();
    private ThreadIdentityManager threadIdManager = null;
    private WebAppCache webCache = new WebAppCache();

    public EJSWebCollaborator() throws Exception {
        init();
    }

    @Override // com.ibm.ws.security.web.WebCollaborator
    protected WebAppCache getWebCache() {
        return this.webCache;
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public Object preInvoke() throws WebSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "preInvoke");
        }
        try {
            this.contextManager.clearCallerContext();
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "preInvoke", null);
            return null;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "178", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "preInvoke", e);
            }
            throw new WebSecurityException(e.getMessage(), new DenyReply("Unable to clear caller context."), null);
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public java.lang.Object preInvoke(javax.servlet.http.HttpServletRequest r10, javax.servlet.http.HttpServletResponse r11, java.lang.String r12, java.lang.String r13, java.lang.String r14, boolean r15) throws com.ibm.ws.security.web.WebSecurityException, java.io.IOException {
        /*
            Method dump skipped, instructions count: 1478
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String, boolean):java.lang.Object");
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public Object preInvoke(String str, String str2, String str3) throws WebSecurityException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "preInvoke", new Object[]{str, str2, str3});
        }
        try {
            WebSecurityContext webSecurityContext = new WebSecurityContext(this.contextManager.getInvocationSubject(), this.contextManager.getCallerSubject(), this.contextManager.getPropagationTokens());
            try {
                AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.web.EJSWebCollaborator.1
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        EJSWebCollaborator.this.contextManager.setInvocationSubject(EJSWebCollaborator.this.contextManager.getServerSubject());
                        return null;
                    }
                });
                WebSecurityContext webSecurityContext2 = (WebSecurityContext) preInvoke(null, null, str, str2, str3, true);
                webSecurityContext.setSyncToThreadToken(webSecurityContext2.getSyncToThreadToken());
                webSecurityContext.setAppSyncToOSThreadEnabled(webSecurityContext2.isAppSyncToOSThreadEnabled());
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "preInvoke", webSecurityContext);
                }
                return webSecurityContext;
            } catch (PrivilegedActionException e) {
                FFDCFilter.processException(e.getException(), "com.ibm.ws.security.EJSWebCollaborator", "468", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception setting ServerSubject on thread : ", new Object[]{e.getException()});
                }
                throw new WebSecurityException(e.getException().getMessage(), new DenyReply("Exception setting ServerSubject on thread"));
            }
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "449", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Caught unexpected exception", e2);
            }
            throw new WebSecurityException(e2.getMessage(), new DenyReply("Unexpected exception in CntextManager."));
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public void postInvoke(java.lang.Object r6) throws com.ibm.ws.security.web.WebSecurityException {
        /*
            Method dump skipped, instructions count: 431
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.web.EJSWebCollaborator.postInvoke(java.lang.Object):void");
    }

    private Subject delegate(Subject subject, String str, String str2, String str3) throws CSIException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.DELEGATE, new Object[]{getPrivTraceData(subject), str, str2, str3});
        }
        Subject delegate = DelegationFactory.getDelegation().delegate(subject, str, this.webCache.getWebAccessContext(str3, str), str2);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, AuditConstants.DELEGATE, getPrivTraceData(delegate));
        }
        return delegate;
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public void handleException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, WebSecurityException webSecurityException) throws ServletException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "handleException", new Object[]{httpServletRequest, httpServletResponse, webSecurityException});
        }
        WebReply webReply = webSecurityException.getWebReply();
        if (webReply.getStatusCode() == 500) {
            ServletException servletException = new ServletException(Constants.nls.getString("security.web.internalservererror", "Internal Server Error"), webSecurityException);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "HandleException", servletException);
            }
            throw servletException;
        }
        WebSecurityContext webSecurityContext = (WebSecurityContext) webSecurityException.getWebSecurityContext();
        if (webSecurityContext != null) {
            if (webSecurityContext.getPushedSecurityContext()) {
                SecurityConfigResource popContext = SecurityObjectLocator.popContext();
                if (tc.isDebugEnabled()) {
                    if (popContext != null) {
                        Tr.debug(tc, "handleException popped resource " + popContext.getName() + " of type " + popContext.getType());
                    } else {
                        Tr.debug(tc, "handleException popped null resource");
                    }
                }
            }
            if (webSecurityContext.getPushedAdminContext()) {
                String pop = AdminContext.pop();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "handleException popped uuid \"" + pop + "\".");
                }
            }
        }
        webReply.writeResponse(httpServletResponse);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "handleException");
        }
    }

    public void init() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, CreateServletTemplateModel.INIT);
        }
        try {
            createAuthorizationManager();
            if (this.contextManager.getPlatformHelper().isZOS()) {
                this.threadIdManager = ThreadIdentityManager.getThreadIdentityManager();
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.init", "630", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Unexpected exception", e);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, CreateServletTemplateModel.INIT);
        }
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public void addWebAppConfig(String str, WebApp webApp, String str2, Object obj) throws WebSecurityConfigException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addWebAppConfig", new Object[]{str, webApp, str2, obj});
        }
        try {
            addWebApp(str2, str, webApp, (DeployedModule) obj);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.addWebAppConfig", "597", this);
            throw new WebSecurityConfigException(e.getMessage(), null);
        }
    }

    private String debugGetAllParms(HttpServletRequest httpServletRequest) {
        StringBuffer stringBuffer = new StringBuffer(512);
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            stringBuffer.append(str).append("=");
            String[] parameterValues = httpServletRequest.getParameterValues(str);
            if (parameterValues.length == 1) {
                String str2 = parameterValues[0];
                String lowerCase = str.toLowerCase();
                if (str2.length() == 0) {
                    stringBuffer.append("[No Value]\n");
                } else if (lowerCase.indexOf("password") != -1) {
                    stringBuffer.append("[XXXXXXXX]\n");
                } else {
                    stringBuffer.append(WorkSpaceConstant.FIELD_SEPERATOR).append(str2).append("]\n");
                }
            } else {
                for (String str3 : parameterValues) {
                    stringBuffer.append(WorkSpaceConstant.FIELD_SEPERATOR).append(str3).append("] ");
                }
                stringBuffer.append("\n");
            }
        }
        return stringBuffer.toString();
    }

    private String debugGetAllHttpHdrs(HttpServletRequest httpServletRequest) {
        StringBuffer stringBuffer = new StringBuffer(512);
        try {
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                String str = (String) headerNames.nextElement();
                stringBuffer.append(str).append("=");
                stringBuffer.append(WorkSpaceConstant.FIELD_SEPERATOR).append(WebAuthenticator.getHeader(httpServletRequest, str)).append("]\n");
            }
        } catch (Throwable th) {
        }
        return stringBuffer.toString();
    }

    private Object setOSThreadIdentity(Subject subject, String str, boolean z, String str2) throws CSIException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setOSThreadIdentity", new Object[]{subject, str, new Boolean(z), str2});
        }
        Object obj = null;
        WebAttributes webAttributes = this.webCache.getWebAccessContext(str2, str).getWebAttributes();
        if (webAttributes != null) {
            boolean isApplicationSyncToOSThreadEnabled = webAttributes.isApplicationSyncToOSThreadEnabled();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Sync to thread enabled: " + isApplicationSyncToOSThreadEnabled);
            }
            try {
            } catch (Throwable th) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unexpected exception", th);
                }
            }
            if (isApplicationSyncToOSThreadEnabled) {
                obj = this.threadIdManager.setAppLocalOSThreadID(subject);
            } else {
                if (z) {
                    obj = ServerIdentityHelper.getServerIdentityHelper().push();
                }
                this.threadIdManager.setThreadLocalApplicationSyncEnabled(isApplicationSyncToOSThreadEnabled);
            }
            this.threadIdManager.setThreadLocalApplicationSyncEnabled(isApplicationSyncToOSThreadEnabled);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setOSThreadIdentity", obj);
        }
        return obj;
    }

    private static String getPrivTraceData(final Object obj) {
        String str = null;
        if (obj != null) {
            try {
                str = (String) AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.web.EJSWebCollaborator.2
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        return obj.toString();
                    }
                });
            } catch (Exception e) {
                str = "Exception in toString: " + e.getMessage();
            }
        }
        return str;
    }
}
