package com.sun.enterprise.security.acl;

import com.iplanet.ias.config.ConfigContext;
import com.iplanet.ias.config.serverbeans.SecurityService;
import com.iplanet.ias.config.serverbeans.Server;
import com.iplanet.ias.config.serverbeans.ServerBeansFactory;
import com.iplanet.ias.server.ApplicationServer;
import com.sun.enterprise.Switch;
import com.sun.enterprise.security.PrincipalImpl;
import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.auth.AuthenticationInfo;
import com.sun.enterprise.security.auth.Credentials;
import com.sun.enterprise.security.auth.Privilege;
import com.sun.enterprise.security.auth.realm.Realm;
import com.sun.jdo.spi.persistence.utility.generator.JavaClassWriterHelper;
import com.sun.logging.LogDomains;
import java.io.Serializable;
import java.security.Principal;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:116286-19/SUNWascmo/reloc/$ASINSTDIR/lib/appserv-rt.jar:com/sun/enterprise/security/acl/RoleMapper.class */
public class RoleMapper implements Serializable {
    private static boolean debug;
    private static Hashtable roleMaps;
    private static final String DEFAULT_ROLE_NAME = "ANYONE";
    private static Role defaultRole;
    private static String defaultRoleName;
    private Hashtable prinTable = new Hashtable();
    private Hashtable roleTable = new Hashtable();
    private String appName;
    private static Logger _logger;
    static final boolean $assertionsDisabled;
    static Class class$com$sun$enterprise$security$acl$RoleMapper;

    private RoleMapper(String str) {
        this.appName = str;
        if (Switch.getSwitch().getContainerType() == 2) {
            initDefaultRole();
        }
    }

    private static synchronized void initDefaultRole() {
        ConfigContext configContext;
        if (defaultRole == null) {
            defaultRoleName = DEFAULT_ROLE_NAME;
            try {
                configContext = ApplicationServer.getServerContext().getConfigContext();
            } catch (Exception e) {
                _logger.log(Level.WARNING, "java_security.anonymous_role_reading_exception", (Throwable) e);
            }
            if (!$assertionsDisabled && configContext == null) {
                throw new AssertionError();
            }
            Server serverBean = ServerBeansFactory.getServerBean(configContext);
            if (!$assertionsDisabled && serverBean == null) {
                throw new AssertionError();
            }
            SecurityService securityService = serverBean.getSecurityService();
            if (!$assertionsDisabled && securityService == null) {
                throw new AssertionError();
            }
            defaultRoleName = securityService.getAnonymousRole();
            _logger.log(Level.FINE, new StringBuffer().append("Default role is: ").append(defaultRoleName).toString());
            defaultRole = new Role(defaultRoleName);
        }
    }

    public static RoleMapper getRoleMapper(String str) {
        Class cls;
        if (!roleMaps.containsKey(str)) {
            if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
                cls = class$("com.sun.enterprise.security.acl.RoleMapper");
                class$com$sun$enterprise$security$acl$RoleMapper = cls;
            } else {
                cls = class$com$sun$enterprise$security$acl$RoleMapper;
            }
            Class cls2 = cls;
            synchronized (cls) {
                roleMaps.put(str, new RoleMapper(str));
            }
        }
        return (RoleMapper) roleMaps.get(str);
    }

    public static void setRoleMapper(String str, RoleMapper roleMapper) {
        Class cls;
        if (roleMaps.containsKey(str)) {
            return;
        }
        if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
            cls = class$("com.sun.enterprise.security.acl.RoleMapper");
            class$com$sun$enterprise$security$acl$RoleMapper = cls;
        } else {
            cls = class$com$sun$enterprise$security$acl$RoleMapper;
        }
        Class cls2 = cls;
        synchronized (cls) {
            roleMaps.put(str, roleMapper);
        }
    }

    public static void removeRoleMapper(String str) {
        Class cls;
        if (roleMaps.containsKey(str)) {
            if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
                cls = class$("com.sun.enterprise.security.acl.RoleMapper");
                class$com$sun$enterprise$security$acl$RoleMapper = cls;
            } else {
                cls = class$com$sun$enterprise$security$acl$RoleMapper;
            }
            Class cls2 = cls;
            synchronized (cls) {
                roleMaps.remove(str);
            }
        }
    }

    public String getName() {
        return this.appName;
    }

    public void setName(String str) {
        Class cls;
        if (roleMaps.containsKey(this.appName)) {
            if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
                cls = class$("com.sun.enterprise.security.acl.RoleMapper");
                class$com$sun$enterprise$security$acl$RoleMapper = cls;
            } else {
                cls = class$com$sun$enterprise$security$acl$RoleMapper;
            }
            Class cls2 = cls;
            synchronized (cls) {
                roleMaps.remove(this.appName);
                this.appName = str;
                roleMaps.remove(str);
                roleMaps.put(this.appName, this);
            }
        }
    }

    public static Role getDefaultRole() {
        if (defaultRole == null) {
            initDefaultRole();
        }
        return defaultRole;
    }

    public void assignRole(Principal principal, Role role) {
        createMapping(this.prinTable, principal, role);
        createMapping(this.roleTable, role, principal);
    }

    private void createMapping(Hashtable hashtable, Principal principal, Principal principal2) {
        if (!hashtable.containsKey(principal)) {
            synchronized (hashtable) {
                hashtable.put(principal, new HashSet());
            }
        }
        HashSet hashSet = (HashSet) hashtable.get(principal);
        synchronized (hashSet) {
            hashSet.add(principal2);
        }
    }

    private void removeKey(Hashtable hashtable, Principal principal) {
        hashtable.remove(principal);
    }

    private void removeValue(Hashtable hashtable, Principal principal) {
        Enumeration elements = hashtable.elements();
        while (elements.hasMoreElements()) {
            HashSet hashSet = (HashSet) elements.nextElement();
            synchronized (hashSet) {
                hashSet.remove(principal);
            }
        }
    }

    private void removeValueFromSetWithKey(Hashtable hashtable, Object obj, Object obj2) {
        Set set = (Set) hashtable.get(obj);
        if (set != null) {
            set.remove(obj2);
            if (set.isEmpty()) {
                hashtable.remove(obj);
            }
        }
    }

    public void unassignRole(Role role) {
        removeKey(this.roleTable, role);
        removeValue(this.prinTable, role);
    }

    public void unassignAllRoles() {
        this.roleTable.clear();
        this.prinTable.clear();
    }

    public void unassignPrincipalFromRole(Role role, Principal principal) {
        removeValueFromSetWithKey(this.prinTable, principal, role);
        removeValueFromSetWithKey(this.roleTable, role, principal);
    }

    private void unassignPrincipalFromRole(Hashtable hashtable, Role role, Principal principal) {
    }

    private Iterator getRoles(Principal principal) {
        if (_logger.isLoggable(Level.FINEST)) {
            _logger.log(Level.FINEST, toString());
            _logger.log(Level.FINEST, new StringBuffer().append("In roleMapper.getRoles(").append(principal).append(JavaClassWriterHelper.parenright_).toString());
        }
        HashSet hashSet = (HashSet) this.prinTable.get(principal);
        if (debug) {
            _logger.log(Level.FINEST, new StringBuffer().append("Set of roles = ").append(hashSet).toString());
        }
        if (hashSet != null) {
            return hashSet.iterator();
        }
        return null;
    }

    public boolean hasRole(Principal principal, String str) {
        if (_logger.isLoggable(Level.FINEST)) {
            _logger.log(Level.FINEST, new StringBuffer().append("PRINCIPAL : ").append(principal).append(" hasRole?: ").append(str).toString());
            _logger.log(Level.FINEST, new StringBuffer().append("PRINCIPAL TABLE: ").append(this.prinTable).toString());
        }
        if (str != null && str.equals(defaultRoleName)) {
            return true;
        }
        HashSet hashSet = (HashSet) this.prinTable.get(principal);
        if (debug) {
            _logger.log(Level.FINEST, new StringBuffer().append("For principal: ").append(principal).append(", set of roles= ").append(hashSet).toString());
        }
        Role role = new Role(str);
        if (hashSet == null || !hashSet.contains(role)) {
            return arePrincipalsGroupsInRole(principal.getName(), role);
        }
        return true;
    }

    private Enumeration getGroupsForPrincipal(String str) {
        try {
            return Realm.getInstance(Realm.getDefaultRealm()).getGroupNames(str);
        } catch (Exception e) {
            _logger.log(Level.SEVERE, "java_security.retrieving_group_membership_exception", new Object[]{str, e.toString()});
            return new Vector().elements();
        }
    }

    private boolean arePrincipalsGroupsInRole(String str, Role role) {
        Enumeration groupsForPrincipal = getGroupsForPrincipal(str);
        HashSet hashSet = (HashSet) this.roleTable.get(role);
        if (hashSet == null) {
            return false;
        }
        while (groupsForPrincipal.hasMoreElements()) {
            if (hashSet.contains(new PrincipalImpl((String) groupsForPrincipal.nextElement()))) {
                return true;
            }
        }
        return false;
    }

    public Enumeration getRoles() {
        return this.roleTable.keys();
    }

    public Enumeration getGroupsAssignedTo(Role role) {
        Vector vector = new Vector();
        HashSet hashSet = (HashSet) this.roleTable.get(role);
        if (hashSet != null) {
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                Object next = it.next();
                if (next instanceof Group) {
                    vector.add(next);
                }
            }
        }
        return vector.elements();
    }

    public Enumeration getUsersAssignedTo(Role role) {
        Vector vector = new Vector();
        HashSet hashSet = (HashSet) this.roleTable.get(role);
        if (hashSet != null) {
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                Object next = it.next();
                if (!(next instanceof Group)) {
                    vector.add(next);
                }
            }
        }
        return vector.elements();
    }

    private Vector computeCurrentRoles() {
        if (debug) {
            _logger.log(Level.FINE, "Within roleMapper.getCurrentRoles()");
        }
        Vector vector = new Vector();
        SecurityContext current = SecurityContext.getCurrent();
        if (debug) {
            _logger.log(Level.FINE, new StringBuffer().append("roleMapper.SecurityContext=").append(current).toString());
        }
        if (getDefaultRole() != null) {
            if (debug) {
                _logger.log(Level.FINE, new StringBuffer().append("roleMapper.adding the default role=").append(getDefaultRole()).toString());
            }
            vector.add(getDefaultRole());
        }
        try {
            if (current == null) {
                return vector;
            }
            try {
                Credentials credentials = current.getCredentials();
                if (debug) {
                    _logger.log(Level.FINE, new StringBuffer().append("roleMapper.credential = ").append(credentials).toString());
                }
                if (debug) {
                }
                AuthenticationInfo[] authenticationInfo = credentials.getAuthenticationInfo();
                if (debug) {
                    _logger.log(Level.FINE, new StringBuffer().append("AuthInfoList = ").append(authenticationInfo.length).toString());
                }
                for (AuthenticationInfo authenticationInfo2 : authenticationInfo) {
                    if (debug) {
                        _logger.log(Level.FINE, new StringBuffer().append("AuthInfo = ").append(authenticationInfo2).toString());
                    }
                    if (authenticationInfo2.isAuthenticated()) {
                        Iterator roles = getRoles(new PrincipalImpl(authenticationInfo2.getPrincipalName()));
                        if (roles != null) {
                            while (roles.hasNext()) {
                                vector.add(roles.next());
                            }
                        }
                        for (Privilege privilege : authenticationInfo2.getAttribute("Groups")) {
                            Iterator roles2 = getRoles(new Group(privilege.getName()));
                            if (roles2 != null) {
                                while (roles2.hasNext()) {
                                    vector.add(roles2.next());
                                }
                            }
                        }
                    }
                }
                if (_logger.isLoggable(Level.FINER)) {
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append("Current principal has roles:");
                    for (int i = 0; i < vector.size(); i++) {
                        stringBuffer.append(" ");
                        stringBuffer.append(vector.get(i).toString());
                    }
                    _logger.finer(stringBuffer.toString());
                }
                return vector;
            } catch (Exception e) {
                _logger.log(Level.SEVERE, "java_security.credential_exception", (Throwable) e);
                if (_logger.isLoggable(Level.FINER)) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("Current principal has roles:");
                    for (int i2 = 0; i2 < vector.size(); i2++) {
                        stringBuffer2.append(" ");
                        stringBuffer2.append(vector.get(i2).toString());
                    }
                    _logger.finer(stringBuffer2.toString());
                }
                return vector;
            }
        } catch (Throwable th) {
            if (_logger.isLoggable(Level.FINER)) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("Current principal has roles:");
                for (int i3 = 0; i3 < vector.size(); i3++) {
                    stringBuffer3.append(" ");
                    stringBuffer3.append(vector.get(i3).toString());
                }
                _logger.finer(stringBuffer3.toString());
            }
            return vector;
        }
    }

    public Enumeration getCurrentRoles() {
        SecurityContext current = SecurityContext.getCurrent();
        Vector userRolesByApp = current.getUserRolesByApp(this.appName);
        if (userRolesByApp == null) {
            synchronized (current) {
                userRolesByApp = computeCurrentRoles();
                current.setUserRolesByApp(this.appName, userRolesByApp);
            }
        }
        return userRolesByApp.elements();
    }

    public String toString() {
        String str = "RoleMapper";
        Enumeration roles = getRoles();
        while (roles.hasMoreElements()) {
            Role role = (Role) roles.nextElement();
            String stringBuffer = new StringBuffer().append(str).append(" : ").append(role).append(JavaClassWriterHelper.parenleft_).toString();
            Enumeration groupsAssignedTo = getGroupsAssignedTo(role);
            while (groupsAssignedTo.hasMoreElements()) {
                stringBuffer = new StringBuffer().append(stringBuffer).append(groupsAssignedTo.nextElement()).toString();
                if (groupsAssignedTo.hasMoreElements()) {
                    stringBuffer = new StringBuffer().append(stringBuffer).append(",").toString();
                }
            }
            String stringBuffer2 = new StringBuffer().append(stringBuffer).append(")(").toString();
            Enumeration usersAssignedTo = getUsersAssignedTo(role);
            while (usersAssignedTo.hasMoreElements()) {
                stringBuffer2 = new StringBuffer().append(stringBuffer2).append(usersAssignedTo.nextElement()).toString();
                if (usersAssignedTo.hasMoreElements()) {
                    stringBuffer2 = new StringBuffer().append(stringBuffer2).append(",").toString();
                }
            }
            str = new StringBuffer().append(stringBuffer2).append(JavaClassWriterHelper.parenright_).toString();
        }
        return str;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
            cls = class$("com.sun.enterprise.security.acl.RoleMapper");
            class$com$sun$enterprise$security$acl$RoleMapper = cls;
        } else {
            cls = class$com$sun$enterprise$security$acl$RoleMapper;
        }
        $assertionsDisabled = !cls.desiredAssertionStatus();
        debug = false;
        roleMaps = new Hashtable();
        defaultRole = null;
        defaultRoleName = null;
        _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
    }
}
