package com.ibm.ISecurityLocalObjectBaseL13Impl;

import com.ibm.CORBA.iiop.ORB;
import com.ibm.IExtendedSecurity.ThreadContext;
import com.ibm.IExtendedSecurity._LoginHelper;
import com.ibm.IExtendedSecurityReplaceablePriv.Vault;
import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ISecurityL13SupportImpl.SecurityMessages;
import com.ibm.ISecurityUtilityImpl.MechanismAmbiguityException;
import com.ibm.ISecurityUtilityImpl.MechanismFactory;
import com.ibm.ISecurityUtilityImpl.SecurityConfiguration;
import com.ibm.ISecurityUtilityImpl.StateofCurrObj;
import java.util.Enumeration;
import org.omg.CORBA.IntHolder;
import org.omg.CORBA.NO_IMPLEMENT;
import org.omg.CORBA.SystemException;
import org.omg.CORBA.UNKNOWN;
import org.omg.Security.Attribute;
import org.omg.Security.AttributeType;
import org.omg.Security.CommunicationDirection;
import org.omg.Security.CredentialType;
import org.omg.Security.DuplicateAttributeType;
import org.omg.Security.ExtensibleFamily;
import org.omg.Security.InvalidAttributeType;
import org.omg.Security.InvalidCommDirection;
import org.omg.Security.InvalidCredentialType;
import org.omg.Security.SecurityFeatureValue;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.CredentialsOperations;
import org.omg.SecurityLevel2.InvalidCredential;
import org.omg.SecurityLevel2.PrincipalAuthenticator;

/* loaded from: input_file:com/ibm/ISecurityLocalObjectBaseL13Impl/CurrentImpl.class */
public class CurrentImpl extends com.ibm.IExtendedSecurityPrivImpl.CurrentImpl {
    private CurrentCreator refCurrentCreator;
    private MechanismFactory refMechanismFactory;
    private ORB refORB;
    private SecurityConfiguration refSecurityConfiguration;
    private Vault refVault;
    private static IntHolder expiry_time_now = new IntHolder(0);

    protected CurrentImpl() {
        this.refCurrentCreator = null;
        this.refMechanismFactory = null;
        this.refORB = null;
        this.refSecurityConfiguration = null;
        this.refVault = null;
    }

    public CurrentImpl(ORB orb, Vault vault, CurrentCreator currentCreator, MechanismFactory mechanismFactory, SecurityConfiguration securityConfiguration) {
        this.refCurrentCreator = null;
        this.refMechanismFactory = null;
        this.refORB = null;
        this.refSecurityConfiguration = null;
        this.refVault = null;
        this.refORB = orb;
        this.refVault = vault;
        this.refCurrentCreator = currentCreator;
        this.refMechanismFactory = mechanismFactory;
        this.refSecurityConfiguration = securityConfiguration;
        setObjectStateForNewThread();
    }

    public void clearAllRequestorContexts() {
        terminateContext();
        this.refCurrentCreator.stateTableofCurrObj.clear();
    }

    public void clear_requestor_context() {
        StateofCurrObj stateFromTable = getStateFromTable();
        stateFromTable.setReceivedCreds((Credentials[]) null);
        stateFromTable.setOwnCred((Credentials) null);
        stateFromTable.setInvocationCred((Credentials) null);
        terminateContext();
        removeStateFromTable();
    }

    protected void createContext() {
        this.refCurrentCreator.threadContextList.put(Thread.currentThread(), new ThreadContextImpl());
    }

    public static void evaluateCreds(Credentials credentials) {
        try {
            AttributeType[] attributeTypeArr = {new AttributeType(new ExtensibleFamily((short) 0, (short) 1), 1)};
            if (credentials == null) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("CurrentImpl.evaluateCreds", "Credentials are null.");
                }
            } else if (!credentials.is_valid(expiry_time_now)) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("CurrentImpl.evaluateCreds", "Credentials are invalid");
                }
            } else {
                Attribute[] attributeArr = credentials.get_attributes(attributeTypeArr);
                String str = (attributeArr.length <= 0 || attributeArr[0].value == null) ? null : new String(attributeArr[0].value);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("CurrentImpl.evaluateCreds", new StringBuffer("Security name is: ").append(str).toString());
                }
            }
        } catch (Exception unused) {
        }
    }

    protected synchronized StateofCurrObj getStateFromTable() {
        StateofCurrObj stateofCurrObj = (StateofCurrObj) this.refCurrentCreator.stateTableofCurrObj.get(Thread.currentThread());
        if (stateofCurrObj == null) {
            stateofCurrObj = setObjectStateForNewThread();
        }
        return stateofCurrObj;
    }

    public ThreadContext getThreadContext() {
        return (ThreadContext) this.refCurrentCreator.threadContextList.get(Thread.currentThread());
    }

    public Attribute[] get_attributes(AttributeType[] attributeTypeArr) throws InvalidAttributeType, DuplicateAttributeType {
        Attribute[] attributeArr = null;
        if (attributeTypeArr == null) {
            throw new InvalidAttributeType();
        }
        CredentialsOperations[] received_credentials = received_credentials();
        if (received_credentials != null && received_credentials.length > 0 && received_credentials[0] != null) {
            try {
                attributeArr = received_credentials[0].get_attributes(attributeTypeArr);
            } catch (SystemException unused) {
                throw new UNKNOWN();
            } catch (DuplicateAttributeType unused2) {
                throw new DuplicateAttributeType();
            } catch (InvalidAttributeType unused3) {
                throw new InvalidAttributeType();
            }
        }
        return attributeArr;
    }

    public Credentials get_credentials(CredentialType credentialType) throws InvalidCredentialType {
        return get_credentials(credentialType, true, this.refSecurityConfiguration.principalName);
    }

    public Credentials get_credentials(CredentialType credentialType, boolean z, String str) throws InvalidCredentialType {
        return get_credentials(credentialType, false, z, str);
    }

    public Credentials get_credentials(CredentialType credentialType, boolean z, boolean z2, String str) throws InvalidCredentialType {
        Credentials[] received_credentials;
        if (credentialType == null) {
            throw new InvalidCredentialType();
        }
        StateofCurrObj stateFromTable = getStateFromTable();
        if (!credentialType.equals(CredentialType.SecInvocationCredentials)) {
            if (credentialType.equals(CredentialType.SecOwnCredentials)) {
                Credentials ownCred = stateFromTable.getOwnCred();
                return ownCred == null ? this.refVault.get_default_credentials(z2, str) : ownCred;
            }
            if (credentialType.equals(CredentialType.SecNRCredentials)) {
                throw new NO_IMPLEMENT();
            }
            throw new InvalidCredentialType();
        }
        Credentials invocationCred = stateFromTable.getInvocationCred();
        if (invocationCred != null || !z) {
            return invocationCred;
        }
        if (this.refSecurityConfiguration.delegateCredentials == 1) {
            return get_credentials(CredentialType.SecOwnCredentials, z, z2, str);
        }
        if ((this.refSecurityConfiguration.delegateCredentials != 2 && this.refSecurityConfiguration.delegateCredentials != 3 && this.refSecurityConfiguration.delegateCredentials != 4) || (received_credentials = received_credentials(z2, str)) == null || received_credentials.length == 0) {
            return null;
        }
        return received_credentials[0];
    }

    public Credentials get_unauthenticated_credential() {
        CredentialsImpl credentialsImpl = null;
        PrincipalAuthenticatorImpl principal_authenticator = principal_authenticator();
        if (principal_authenticator != null) {
            credentialsImpl = principal_authenticator.createUnauthenticatedCred();
        } else if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("CurrentImpl.get_unauthenticated_credential", "Failed to get PrincipalAuthenticator.");
        }
        return credentialsImpl;
    }

    public synchronized void initialize_requestor_context(Credentials[] credentialsArr) {
        StateofCurrObj stateFromTable = getStateFromTable();
        stateFromTable.setReceivedCreds(credentialsArr);
        stateFromTable.setOwnCred((Credentials) null);
        stateFromTable.setInvocationCred((Credentials) null);
        createContext();
        if (credentialsArr == null || credentialsArr.length <= 0 || credentialsArr[0] == null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("CurrentImpl.initialize_requestor_context", "Requestor context being initialized with null credentials.");
            }
        } else {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("CurrentImpl.initialize_requestor_context", new StringBuffer("Requestor context being initialized for credentials ").append(credentialsArr[0]).toString());
            }
            evaluateCreds(credentialsArr[0]);
        }
    }

    public boolean isSecurityEnabled() {
        return this.refSecurityConfiguration.securityEnabled;
    }

    public boolean isServerCred(Credentials credentials) {
        VaultImpl vaultImpl = this.refVault;
        return VaultImpl.isServerCred(credentials);
    }

    public _LoginHelper login_helper() {
        return new LoginHelperImpl(this.refORB, this.refSecurityConfiguration);
    }

    public PrincipalAuthenticator principal_authenticator() {
        return principal_authenticator(0);
    }

    public PrincipalAuthenticator principal_authenticator(int i) {
        getStateFromTable();
        PrincipalAuthenticator principalAuthenticator = null;
        try {
            principalAuthenticator = i == 0 ? this.refMechanismFactory.getPrincipalAuthenticator(this.refVault) : this.refMechanismFactory.getPrincipalAuthenticator(this.refVault, i);
        } catch (MechanismAmbiguityException unused) {
            SecurityLogger.logError("CurrentImpl.principal_authenticator", SecurityMessages.getMsgOrUseDefault("ErrMsg436", "The configuration is ambiguous about which security mechanism to use."));
        }
        return principalAuthenticator;
    }

    public Credentials[] received_credentials() {
        return received_credentials(true, this.refSecurityConfiguration.principalName);
    }

    public Credentials[] received_credentials(boolean z, String str) {
        Credentials[] receivedCreds = getStateFromTable().getReceivedCreds();
        if (receivedCreds == null || receivedCreds.length == 0) {
            return null;
        }
        return receivedCreds;
    }

    public SecurityFeatureValue[] received_security_features() {
        SecurityFeatureValue[] securityFeatureValueArr = null;
        StateofCurrObj stateFromTable = getStateFromTable();
        CredentialsImpl[] receivedCreds = stateFromTable.getReceivedCreds();
        if (receivedCreds == null || receivedCreds.length == 0) {
            return null;
        }
        CredentialsImpl credentialsImpl = receivedCreds[0];
        if (this.refSecurityConfiguration.delegateCredentials != 5) {
            Credentials ownCred = stateFromTable.getOwnCred();
            if (ownCred != null) {
                credentialsImpl = (CredentialsImpl) ownCred;
            } else {
                Credentials credentials = this.refVault.get_default_credentials();
                if (credentials != null) {
                    credentialsImpl = (CredentialsImpl) credentials;
                }
            }
        }
        if (credentialsImpl != null) {
            try {
                securityFeatureValueArr = credentialsImpl.get_security_features(CommunicationDirection.SecDirectionBoth);
            } catch (InvalidCommDirection unused) {
            }
        }
        return securityFeatureValueArr;
    }

    public synchronized void removeCredFromThreadTable(Credentials credentials) {
        Enumeration keys = this.refCurrentCreator.stateTableofCurrObj.keys();
        while (keys.hasMoreElements()) {
            StateofCurrObj stateofCurrObj = (StateofCurrObj) this.refCurrentCreator.stateTableofCurrObj.get((Thread) keys.nextElement());
            Credentials ownCred = stateofCurrObj.getOwnCred();
            if (ownCred != null && ownCred.equals(credentials)) {
                stateofCurrObj.setOwnCred((Credentials) null);
            }
            Credentials invocationCred = stateofCurrObj.getInvocationCred();
            if (invocationCred != null && invocationCred.equals(credentials)) {
                stateofCurrObj.setInvocationCred((Credentials) null);
            }
        }
    }

    protected synchronized void removeStateFromTable() {
        this.refCurrentCreator.stateTableofCurrObj.remove(Thread.currentThread());
    }

    protected synchronized void resetServerCredAfterClientSideOperation() {
        this.refVault.resetServerCredAfterClientSideOperation();
    }

    protected synchronized StateofCurrObj setObjectStateForNewThread() {
        Thread currentThread = Thread.currentThread();
        StateofCurrObj stateofCurrObj = (StateofCurrObj) this.refCurrentCreator.stateTableofCurrObj.get(currentThread);
        if (stateofCurrObj == null) {
            stateofCurrObj = new StateofCurrObj((Credentials[]) null, (Credentials) null, (Credentials) null);
            this.refCurrentCreator.stateTableofCurrObj.put(currentThread, stateofCurrObj);
        }
        return stateofCurrObj;
    }

    protected synchronized void setServerCredBeforeClientSideOperation(int i, byte[] bArr) {
        this.refVault.setServerCredBeforeClientSideOperation(i, bArr);
    }

    public synchronized void set_credentials(CredentialType credentialType, Credentials credentials) throws InvalidCredential, InvalidCredentialType {
        if (credentials != null && (!(credentials instanceof Credentials) || !credentials.is_valid(expiry_time_now))) {
            throw new InvalidCredential();
        }
        StateofCurrObj stateFromTable = getStateFromTable();
        if (credentialType.equals(CredentialType.SecInvocationCredentials)) {
            terminateContext();
            stateFromTable.setInvocationCred(credentials);
        } else {
            if (!credentialType.equals(CredentialType.SecOwnCredentials)) {
                throw new InvalidCredentialType();
            }
            terminateContext();
            stateFromTable.setOwnCred(credentials);
        }
        createContext();
    }

    protected synchronized void set_invocation_credentials(Credentials credentials) throws InvalidCredential {
        if (credentials != null && (!(credentials instanceof Credentials) || !credentials.is_valid(expiry_time_now))) {
            throw new InvalidCredential();
        }
        StateofCurrObj stateFromTable = getStateFromTable();
        terminateContext();
        stateFromTable.setInvocationCred(credentials);
        createContext();
    }

    public void set_received_credentials(Credentials[] credentialsArr) {
        terminateContext();
        getStateFromTable().setReceivedCreds(credentialsArr);
    }

    protected void terminateContext() {
        com.ibm.IExtendedSecurityPriv.ThreadContext threadContext = (com.ibm.IExtendedSecurityPriv.ThreadContext) this.refCurrentCreator.threadContextList.remove(Thread.currentThread());
        if (threadContext != null) {
            threadContext.terminateContext();
        }
    }
}
