package com.ibm.stf.config;

import com.ibm.stf.Constants;
import com.ibm.stf.exception.NLSExceptionMessageKeys;
import com.ibm.stf.exception.STFException;
import com.ibm.websphere.security.auth.WSSubject;
import com.ibm.websphere.security.auth.callback.WSCallbackHandlerImpl;
import com.ibm.ws.security.core.ContextManagerFactory;
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:ComponentTestExplorer.ear:STFForWID.war:WEB-INF/classes/com/ibm/stf/config/STFSecurityManager.class */
public class STFSecurityManager {
    public static final String SECURITY_CONFIGURATION_INDEX_WAS_LOGIN = "WSLogin";
    public static final STFSecurityManager INSTANCE = new STFSecurityManager();

    private STFSecurityManager() {
    }

    public String getUserId(HttpSession httpSession) {
        return (String) httpSession.getAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_ID);
    }

    public String getUserPassword(HttpSession httpSession) {
        return (String) httpSession.getAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_PASSWORD);
    }

    public void login(HttpSession httpSession, String str, String str2) throws STFException {
        try {
            LoginContext loginContext = new LoginContext(SECURITY_CONFIGURATION_INDEX_WAS_LOGIN, new WSCallbackHandlerImpl(str, str2));
            loginContext.login();
            httpSession.setAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_ID, str);
            httpSession.setAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_PASSWORD, str2);
            loginContext.logout();
        } catch (LoginException e) {
            throw new STFException("fail to login WAS", e);
        }
    }

    public boolean isServerSecurityEnabled() {
        return ContextManagerFactory.getInstance().isServerSecurityEnabled();
    }

    public void reset(HttpSession httpSession) {
        httpSession.removeAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_ID);
        httpSession.removeAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_PASSWORD);
    }

    public Object doAs(HttpSession httpSession, PrivilegedExceptionAction privilegedExceptionAction) throws STFException {
        try {
            LoginContext loginContext = new LoginContext(SECURITY_CONFIGURATION_INDEX_WAS_LOGIN, new WSCallbackHandlerImpl((String) httpSession.getAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_ID), (String) httpSession.getAttribute(Constants.SESSION_ATTRIBUTE_KEY_USER_PASSWORD)));
            loginContext.login();
            Subject subject = loginContext.getSubject();
            if (subject == null) {
                throw new com.ibm.stf.exception.LoginException(NLSExceptionMessageKeys.SECURITY_NEED_LOGIN);
            }
            Object doAs = WSSubject.doAs(subject, privilegedExceptionAction);
            loginContext.logout();
            return doAs;
        } catch (Exception e) {
            throw new STFException(e);
        }
    }
}
