package com.sun.hss.services.security.accesscontrol;

import com.sun.hss.services.security.autho.AuthorizationManagerMBean;
import com.sun.hss.services.util.Utils;
import com.sun.hss.util.event.PlatformProperties;
import com.sun.xacml.ctx.RequestCtx;
import com.sun.xacml.ctx.ResponseCtx;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Locale;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.management.MBeanServer;
import javax.management.MBeanServerInvocationHandler;
import javax.management.ObjectName;
import javax.security.auth.Subject;

/* loaded from: input_file:123175-01/SUNWn1hss-core/reloc/sun/n1gc/lib/executor14.jar:com/sun/hss/services/security/accesscontrol/HssSecurityUtils.class */
public class HssSecurityUtils {
    private static Locale locale;
    static Class class$com$sun$cacao$agent$auth$UserPrincipal;
    static Class class$com$sun$hss$services$security$accesscontrol$HssRolePrincipal;
    static Class class$com$sun$hss$services$security$autho$AuthorizationManagerMBean;
    private static String POLICY_DIRECTORY = PlatformProperties.getProperty("policy.dir");
    private static boolean RefreshPDP = false;
    private static long RefreshPDPTimeStamp = 0;
    private static boolean debug = true;
    private static String XACML_RAP_POLICYFILE = new StringBuffer().append(POLICY_DIRECTORY).append("/RoleAssignmentPolicy.xml").toString();
    private static final Logger logger = Utils.getLogger();

    public static void setRefreshPDP(boolean z) {
        RefreshPDP = z;
    }

    public static boolean getRefreshPDP(boolean z) {
        return RefreshPDP;
    }

    private static HssPDP getFreshHssPDP() {
        HssPDP hssPDP = null;
        try {
            if (debug) {
                System.out.println("getFreshHssPDP() Entered successfully");
            }
            Iterator it = HssFileListing.getFileListing(new File(POLICY_DIRECTORY)).iterator();
            ArrayList arrayList = new ArrayList();
            int i = 0;
            while (it.hasNext()) {
                String obj = it.next().toString();
                if (obj.indexOf("rps-") != -1) {
                    arrayList.add(i, obj);
                    i++;
                    if (debug) {
                        System.out.println(obj);
                    }
                }
            }
            String[] strArr = new String[arrayList.size()];
            int i2 = 0;
            Iterator it2 = arrayList.iterator();
            while (it2.hasNext()) {
                strArr[i2] = it2.next().toString();
                i2++;
            }
            hssPDP = new HssPDP(strArr);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (debug) {
            System.out.println("getFreshHssPDP() Completed successfully");
        }
        setRefreshPDP(false);
        return hssPDP;
    }

    public static boolean checkDefaultAuthorization() {
        if (debug) {
            System.out.println("checkDefaultAuthorization() Entered successfully");
        }
        boolean z = getAuthorizationResult("HDManagementSystem", "HDRead").indexOf("Permit") != -1;
        if (debug) {
            System.out.println("checkDefaultAuthorization() Completed successfully");
        }
        return z;
    }

    public static boolean checkAuthorization(String str, String str2) {
        if (debug) {
            System.out.println("checkAuthorization() Entered successfully");
        }
        boolean z = getAuthorizationResult(str, str2).indexOf("Permit") != -1;
        if (debug) {
            System.out.println("checkAuthorization() Completed successfully");
        }
        return z;
    }

    public static String getAuthorizationResult(String str, String str2) {
        return "";
    }

    public static String getPrincipalFromAccessController() {
        Class cls;
        Subject subject = Subject.getSubject(AccessController.getContext());
        if (subject == null) {
            return null;
        }
        if (class$com$sun$cacao$agent$auth$UserPrincipal == null) {
            cls = class$("com.sun.cacao.agent.auth.UserPrincipal");
            class$com$sun$cacao$agent$auth$UserPrincipal = cls;
        } else {
            cls = class$com$sun$cacao$agent$auth$UserPrincipal;
        }
        Set principals = subject.getPrincipals(cls);
        if (principals.isEmpty()) {
            return null;
        }
        if (debug) {
            System.out.println(new StringBuffer().append("principal=").append(principals.iterator().next().toString()).toString());
        }
        return principals.iterator().next().toString();
    }

    public static String getRoleFromAccessController() {
        Class cls;
        Subject subject = Subject.getSubject(AccessController.getContext());
        if (subject == null) {
            return null;
        }
        if (class$com$sun$hss$services$security$accesscontrol$HssRolePrincipal == null) {
            cls = class$("com.sun.hss.services.security.accesscontrol.HssRolePrincipal");
            class$com$sun$hss$services$security$accesscontrol$HssRolePrincipal = cls;
        } else {
            cls = class$com$sun$hss$services$security$accesscontrol$HssRolePrincipal;
        }
        Set principals = subject.getPrincipals(cls);
        if (principals.isEmpty()) {
            return null;
        }
        if (debug) {
            logger.log(Level.FINEST, new StringBuffer().append("number of objects in principal set=").append(principals.size()).toString());
        }
        String str = ((HssRolePrincipal) principals.iterator().next()).roleName;
        if (debug) {
            logger.log(Level.FINEST, new StringBuffer().append("role from access controler=").append(str).append("==").toString());
        }
        return str;
    }

    public static boolean getUserRoleAuthorizationResult(String str, String str2, String str3) {
        boolean z = false;
        if (debug) {
            System.out.println("getUserRoleAuthorizationResult() Entered successfully");
        }
        try {
            HssPDP hssPDP = new HssPDP(new String[]{new String(XACML_RAP_POLICYFILE)});
            new RequestBuilder();
            if (debug) {
                System.out.println("RequestBuilder instantiated..");
            }
            System.out.println(new StringBuffer().append(str).append(":").append(str2).append(":").append(str3).toString());
            RequestCtx requestCtx = new RequestCtx(RequestBuilder.setupSubjectsForRoleAuth(str), RequestBuilder.setupResource(str2), RequestBuilder.setupAction(str3), new HashSet());
            requestCtx.encode(System.out);
            ResponseCtx evaluate = hssPDP.evaluate(requestCtx);
            evaluate.getResults();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            evaluate.encode(byteArrayOutputStream);
            String byteArrayOutputStream2 = byteArrayOutputStream.toString();
            if (debug) {
                System.out.println(new StringBuffer().append("result=").append(byteArrayOutputStream2).toString());
            }
            byteArrayOutputStream.close();
            z = byteArrayOutputStream2.indexOf("Permit") != -1;
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (debug) {
            System.out.println("getUserRoleAuthorizationResult() Completed successfully");
        }
        return z;
    }

    private static File getActivitiesFile() throws Exception {
        File file = new File("/tmp/activities");
        file.createNewFile();
        return file;
    }

    private static File getRolesFile() throws Exception {
        File file = new File("/tmp/roles");
        file.createNewFile();
        return file;
    }

    private static File getUsersFile() throws Exception {
        File file = new File("/tmp/users");
        file.createNewFile();
        return file;
    }

    public static boolean getRoleMgtAuthorization(MBeanServer mBeanServer, String str, String str2) {
        Class cls;
        Class cls2;
        String principalFromAccessController = getPrincipalFromAccessController();
        if (debug) {
            System.out.println("getRoleMgtAuthorization() Entered successfully");
        }
        try {
            new RequestBuilder();
            if (debug) {
                System.out.println("RequestBuilder instantiated..");
            }
            ObjectName objectName = new ObjectName("com.sun.hss.services.security.autho:type=com.sun.hss.services.security.autho.AuthorizationManagerMBean");
            Logger logger2 = logger;
            Level level = Level.FINEST;
            StringBuffer append = new StringBuffer().append("Class Name=");
            if (class$com$sun$hss$services$security$autho$AuthorizationManagerMBean == null) {
                cls = class$("com.sun.hss.services.security.autho.AuthorizationManagerMBean");
                class$com$sun$hss$services$security$autho$AuthorizationManagerMBean = cls;
            } else {
                cls = class$com$sun$hss$services$security$autho$AuthorizationManagerMBean;
            }
            logger2.log(level, append.append(cls.getPackage().getName()).toString());
            if (class$com$sun$hss$services$security$autho$AuthorizationManagerMBean == null) {
                cls2 = class$("com.sun.hss.services.security.autho.AuthorizationManagerMBean");
                class$com$sun$hss$services$security$autho$AuthorizationManagerMBean = cls2;
            } else {
                cls2 = class$com$sun$hss$services$security$autho$AuthorizationManagerMBean;
            }
            AuthorizationManagerMBean authorizationManagerMBean = (AuthorizationManagerMBean) MBeanServerInvocationHandler.newProxyInstance(mBeanServer, objectName, cls2, false);
            String cLISessionRole = authorizationManagerMBean.getCLISessionRole();
            if (cLISessionRole == null || cLISessionRole.equals("")) {
                if (debug) {
                    logger.log(Level.FINEST, "Role from access controller is NULL");
                }
                if (principalFromAccessController == null || principalFromAccessController.equals("")) {
                    logger.log(Level.FINEST, "HssSecurityUtils: user from getPrincipalFromAccessController() is null");
                    principalFromAccessController = XacmlAuthorization.getPrincipalFromCalbackHandler();
                    if (principalFromAccessController == null || principalFromAccessController.equals("")) {
                        logger.log(Level.FINEST, "HssSecurityUtils: user from getPrincipalFromCalbackHandler() is null");
                        return true;
                    }
                }
                String userID = authorizationManagerMBean.getUserID(principalFromAccessController);
                if (debug) {
                    logger.log(Level.FINEST, new StringBuffer().append("name of user=").append(principalFromAccessController).append("==").append(userID).toString());
                }
                cLISessionRole = authorizationManagerMBean.retrieveUser(userID).getDefaultRole();
                if (debug) {
                    logger.log(Level.FINEST, new StringBuffer().append("default role=").append(cLISessionRole).append("==").toString());
                }
                if (cLISessionRole == null || cLISessionRole.equals("")) {
                    throw new SecurityException("Session role and default role are NULL,please set your session role");
                }
            }
            logger.log(Level.FINEST, new StringBuffer().append(cLISessionRole).append(":").append(str).append(":").append(str2).toString());
            ResponseCtx evaluate = getFreshHssPDP().evaluate(new RequestCtx(RequestBuilder.setupSubjects(cLISessionRole), RequestBuilder.setupResource(str), RequestBuilder.setupAction(str2), new HashSet()));
            evaluate.getResults();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            evaluate.encode(byteArrayOutputStream);
            String byteArrayOutputStream2 = byteArrayOutputStream.toString();
            if (debug) {
                logger.log(Level.FINEST, new StringBuffer().append("result=").append(byteArrayOutputStream2).toString());
            }
            byteArrayOutputStream.close();
            if (debug) {
                logger.log(Level.FINEST, "Closed the ByteArrayOutputStream");
            }
            boolean z = byteArrayOutputStream2.indexOf("Permit") != -1;
            if (debug) {
                logger.log(Level.FINEST, new StringBuffer().append("returning boolean value").append(z).toString());
            }
            if (debug) {
                logger.log(Level.FINEST, "getRoleMgtAuthorization() Completed successfully");
            }
            return z;
        } catch (Exception e) {
            logger.log(Level.FINEST, new StringBuffer().append("Exception in getRoleMgtAuthorization() thus failing the authorization check :").append(e).toString());
            return false;
        }
    }

    private static boolean refreshPDP() {
        long lastModified = new File(POLICY_DIRECTORY).lastModified();
        if (RefreshPDPTimeStamp == 0) {
            logger.finest("Policy dir timestap checked for the first time. Need to refresh PDP");
            RefreshPDPTimeStamp = lastModified;
            return true;
        }
        if (RefreshPDPTimeStamp == lastModified) {
            logger.finest("Timestamp for policy dir has not changed. NO Need to refresh PDP");
            return false;
        }
        logger.finest("Timestamp for policy dir has changed. Need to refresh PDP");
        RefreshPDPTimeStamp = lastModified;
        return true;
    }

    public static String getUserRole(MBeanServer mBeanServer) {
        Class cls;
        String str = "";
        try {
            ObjectName objectName = new ObjectName("com.sun.hss.services.security.autho:type=com.sun.hss.services.security.autho.AuthorizationManagerMBean");
            if (class$com$sun$hss$services$security$autho$AuthorizationManagerMBean == null) {
                cls = class$("com.sun.hss.services.security.autho.AuthorizationManagerMBean");
                class$com$sun$hss$services$security$autho$AuthorizationManagerMBean = cls;
            } else {
                cls = class$com$sun$hss$services$security$autho$AuthorizationManagerMBean;
            }
            AuthorizationManagerMBean authorizationManagerMBean = (AuthorizationManagerMBean) MBeanServerInvocationHandler.newProxyInstance(mBeanServer, objectName, cls, false);
            String principalFromAccessController = getPrincipalFromAccessController();
            logger.log(Level.FINEST, new StringBuffer().append("USER**=").append(principalFromAccessController).toString());
            str = authorizationManagerMBean.getUser(authorizationManagerMBean.getUserID(principalFromAccessController)).getDefaultRole();
            logger.log(Level.FINEST, new StringBuffer().append("ROLE**=").append(str).toString());
            return str;
        } catch (Exception e) {
            logger.log(Level.FINEST, new StringBuffer().append("Exception in getUserRole():").append(e).toString());
            logger.log(Level.FINEST, new StringBuffer().append("ROLE1**=").append(str).toString());
            return str;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
