package com.sun.identity.policy.jaas;

import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.service.SSOTokenPrincipal;
import com.sun.identity.policy.client.PolicyEvaluator;
import com.sun.identity.policy.client.PolicyEvaluatorFactory;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import javax.security.auth.Subject;

/* loaded from: input_file:115766-08/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/policy/jaas/ISPermission.class */
public class ISPermission extends Permission {
    private Subject subject;
    private CodeSource codesource;
    private String serviceName;
    private String resourceName;
    private String actions;
    private Set actionSet;
    private Map envParams;
    private PolicyEvaluatorFactory policyEvalFactory;
    static Debug debug = Debug.getInstance("amPolicy");
    static Class class$com$sun$identity$authentication$service$SSOTokenPrincipal;

    public ISPermission(Subject subject, CodeSource codeSource) {
        super("ISPermission");
        this.envParams = Collections.synchronizedMap(Collections.EMPTY_MAP);
        if (debug.messageEnabled()) {
            debug.message("ISPermission(subject,codesource) constructor called ");
        }
        this.subject = subject;
        this.codesource = codeSource;
    }

    public ISPermission(String str, String str2, String str3) {
        super("ISPermission");
        this.envParams = Collections.synchronizedMap(Collections.EMPTY_MAP);
        this.serviceName = str;
        this.resourceName = str2;
        this.actions = str3;
        debug.message("ISPermission:: Constructor called");
    }

    public ISPermission(String str, String str2, String str3, Map map) {
        super("ISPermission");
        this.envParams = Collections.synchronizedMap(Collections.EMPTY_MAP);
        this.serviceName = str;
        this.resourceName = str2;
        this.actions = str3;
        this.envParams = map;
        debug.message("ISPermission:: Constructor called");
    }

    public String getServiceName() {
        debug.message("ISPermission: getServiceName called");
        return this.serviceName;
    }

    public String getResourceName() {
        debug.message("ISPermission: getResourceName called");
        return this.resourceName;
    }

    public Map getEnvParams() {
        return this.envParams;
    }

    @Override // java.security.Permission
    public String getActions() {
        debug.message("ISPermission: getActions called");
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("returning actions:").append(this.actions).toString());
        }
        return this.actions;
    }

    private boolean actionEquals(String str, String str2) {
        Set synchronizedSet = Collections.synchronizedSet(new HashSet());
        Set synchronizedSet2 = Collections.synchronizedSet(new HashSet());
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
            while (stringTokenizer.hasMoreTokens()) {
                synchronizedSet.add(stringTokenizer.nextToken().trim());
            }
        }
        if (str2 != null) {
            StringTokenizer stringTokenizer2 = new StringTokenizer(str2, ",");
            while (stringTokenizer2.hasMoreTokens()) {
                synchronizedSet2.add(stringTokenizer2.nextToken().trim());
            }
        }
        return synchronizedSet.equals(synchronizedSet2);
    }

    private Set actionSet(String str) {
        if (this.actionSet != null) {
            return this.actionSet;
        }
        this.actionSet = Collections.synchronizedSet(new HashSet());
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
            while (stringTokenizer.hasMoreTokens()) {
                this.actionSet.add(stringTokenizer.nextToken());
            }
        }
        return this.actionSet;
    }

    public Subject getSubject() {
        debug.message("ISPermission:: getSubject called ");
        return this.subject;
    }

    public CodeSource getCodeSource() {
        debug.message("ISPermission:: getCodeSource called ");
        return this.codesource;
    }

    public boolean equals(Object obj) {
        boolean z = true;
        debug.message("ISPermission:: equals(Object) called ");
        if (obj == this) {
            if (!debug.messageEnabled()) {
                return true;
            }
            debug.message(new StringBuffer().append("ISPermission::equals::this ").append(true).toString());
            return true;
        }
        if (obj instanceof ISPermission) {
            ISPermission iSPermission = (ISPermission) obj;
            Subject subject = iSPermission.getSubject();
            if (subject != null) {
                z = subject.equals(this.subject);
            } else if (this.subject != null) {
                z = false;
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("ISPermission::subject equals:").append(z).toString());
            }
            if (z) {
                CodeSource codeSource = iSPermission.getCodeSource();
                if (codeSource != null) {
                    z = codeSource.equals(this.codesource);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("ISPermission::codesource equals:").append(codeSource.equals(this.codesource)).toString());
                    }
                } else if (this.codesource != null) {
                    z = false;
                }
            }
            if (z) {
                String serviceName = iSPermission.getServiceName();
                if (serviceName != null) {
                    z = serviceName.equals(this.serviceName);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("ISPermission::servicename equals:").append(serviceName.equals(this.serviceName)).toString());
                    }
                } else if (this.serviceName != null) {
                    z = false;
                }
            }
            if (z) {
                String resourceName = iSPermission.getResourceName();
                if (resourceName != null) {
                    z = resourceName.equals(this.resourceName);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("ISPermission::resourceName equals:").append(resourceName.equals(this.resourceName)).toString());
                    }
                } else if (this.resourceName != null) {
                    z = false;
                }
            }
            if (z) {
                String actions = iSPermission.getActions();
                if (actions != null) {
                    z = actionEquals(actions, this.actions);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("ISPermission::Actions equals:").append(actionEquals(actions, this.actions)).toString());
                    }
                } else if (this.actions != null) {
                    z = false;
                }
            }
            if (z) {
                Map envParams = iSPermission.getEnvParams();
                if (envParams != null && !envParams.isEmpty()) {
                    z = envParams.equals(this.envParams);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("ISPermission::equals::envMap").append(envParams.equals(this.envParams)).toString());
                    }
                } else if (this.envParams != null && !this.envParams.isEmpty()) {
                    z = false;
                }
            }
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("ISPermission::equals::returning ").append(z).toString());
        }
        return z;
    }

    public int hashCode() {
        int i = 0;
        if (this.subject != null) {
            i = 0 + this.subject.hashCode();
        }
        if (this.codesource != null) {
            i += this.codesource.hashCode();
        }
        if (this.serviceName != null) {
            i += this.serviceName.hashCode();
        }
        if (this.resourceName != null) {
            i += this.resourceName.hashCode();
        }
        if (this.actions != null) {
            i += actionSet(this.actions).hashCode();
        }
        if (this.envParams != null) {
            i += this.envParams.hashCode();
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("ISPermission::hashCode::").append(i).toString());
        }
        return i;
    }

    @Override // java.security.Permission
    public boolean implies(Permission permission) {
        Class cls;
        debug.message("ISPermission: implies called");
        boolean z = false;
        if (permission instanceof ISPermission) {
            debug.message("ISPermission:passed perm is of type ISPermission");
            if (this.subject != null) {
                debug.message("ISPermission:implies:subj not null");
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("ISPermission::implies: subject:").append(this.subject.toString()).toString());
                }
                String serviceName = ((ISPermission) permission).getServiceName();
                String resourceName = ((ISPermission) permission).getResourceName();
                String actions = ((ISPermission) permission).getActions();
                Map envParams = ((ISPermission) permission).getEnvParams();
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("ISPermission: resourceName=").append(resourceName).toString());
                    debug.message(new StringBuffer().append("ISPermission: serviceName=").append(serviceName).toString());
                    debug.message(new StringBuffer().append("ISPermission: actions=").append(actions).toString());
                }
                try {
                    Subject subject = this.subject;
                    if (class$com$sun$identity$authentication$service$SSOTokenPrincipal == null) {
                        cls = class$("com.sun.identity.authentication.service.SSOTokenPrincipal");
                        class$com$sun$identity$authentication$service$SSOTokenPrincipal = cls;
                    } else {
                        cls = class$com$sun$identity$authentication$service$SSOTokenPrincipal;
                    }
                    Set principals = subject.getPrincipals(cls);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("ISPermission::implies:principals:").append(principals.toString()).toString());
                    }
                    SSOTokenPrincipal sSOTokenPrincipal = (SSOTokenPrincipal) principals.iterator().next();
                    if (sSOTokenPrincipal != null) {
                        SSOToken createSSOToken = SSOTokenManager.getInstance().createSSOToken(sSOTokenPrincipal.getName());
                        if (this.policyEvalFactory == null) {
                            this.policyEvalFactory = PolicyEvaluatorFactory.getInstance();
                        }
                        PolicyEvaluator policyEvaluator = this.policyEvalFactory.getPolicyEvaluator(serviceName);
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("ISPermission::implies::created PolicyEvaluator for ").append(serviceName).toString());
                        }
                        if (actions != null) {
                            StringTokenizer stringTokenizer = new StringTokenizer(actions, ",");
                            while (stringTokenizer.hasMoreTokens()) {
                                String nextToken = stringTokenizer.nextToken();
                                z = policyEvaluator.isAllowed(createSSOToken, resourceName, nextToken, envParams);
                                if (!z) {
                                    break;
                                }
                                if (debug.messageEnabled()) {
                                    debug.message(new StringBuffer().append("ISPermission::result for ").append(nextToken).append(" is :").append(z).toString());
                                }
                            }
                            if (debug.messageEnabled()) {
                                debug.message(new StringBuffer().append("ISPermission::result for ").append(actions).append(" is :").append(z).toString());
                            }
                        } else if (debug.messageEnabled()) {
                            debug.message("ISPermission:: actions is null");
                        }
                    } else if (debug.messageEnabled()) {
                        debug.error("ISPermission::implies: Principal is null");
                    }
                } catch (SSOException e) {
                    if (debug.messageEnabled()) {
                        debug.error(new StringBuffer().append("ISPermission::SSOException:").append(e.getMessage()).toString());
                        e.printStackTrace();
                    }
                } catch (Exception e2) {
                    if (debug.messageEnabled()) {
                        debug.error(new StringBuffer().append("ISPermission::Exception:").append(e2.getMessage()).toString());
                        e2.printStackTrace();
                    }
                }
            } else {
                debug.message("ISPermission:: subject was null");
            }
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("ISPermission: allowed::").append(z).toString());
        }
        return z;
    }

    @Override // java.security.Permission
    public PermissionCollection newPermissionCollection() {
        debug.message("ISPermission:: newISPermissionCollection() called");
        return new ISPermissionCollection();
    }

    public String toString() {
        StringBuffer append = new StringBuffer(200).append("(").append(getClass().getName()).append("\n");
        String actions = getActions();
        if (this.subject != null) {
            append = append.append(this.subject.toString()).append("\n");
        }
        if (this.codesource != null) {
            append = append.append(this.codesource.toString()).append("\n");
        }
        if (this.serviceName != null && this.serviceName.length() != 0) {
            append = append.append("serviceName=").append(this.serviceName).append("\n");
        }
        if (this.resourceName != null && this.resourceName.length() != 0) {
            append = append.append("resourceName=").append(this.resourceName).append("\n");
        }
        if (actions != null && actions.length() != 0) {
            append = append.append("actions=").append(actions).append("\n");
        }
        if (this.envParams != null && !this.envParams.isEmpty()) {
            append = append.append("envParams=").append(this.envParams.values()).append("\n");
        }
        append.append(")");
        return append.toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
