package com.ibm.ws.wssecurity.admin.saml;

import com.ibm.websphere.management.AdminService;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.authorizer.AdminAuthorizer;
import com.ibm.websphere.management.authorizer.AdminAuthorizerFactory;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.InvalidParameterNameException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.CommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand;
import com.ibm.websphere.management.cmdframework.provider.CommandResultImpl;
import com.ibm.ws.policyset.admin.PolicyConstants;
import com.ibm.ws.sm.workspace.RepositoryContext;
import com.ibm.ws.sm.workspace.WorkSpaceException;
import com.ibm.ws.sm.workspace.WorkSpaceManagerFactory;
import com.ibm.ws.sm.workspace.metadata.RepositoryMetaDataFactory;
import com.ibm.ws.wssecurity.admin.sts.commands.Constants;
import com.ibm.ws.wssecurity.platform.util.SAMLIssuerConfigData;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.AccessControlException;
import java.text.MessageFormat;
import java.util.Iterator;
import java.util.MissingResourceException;
import java.util.Properties;
import java.util.ResourceBundle;
import javax.xml.bind.JAXBException;

/* loaded from: input_file:com/ibm/ws/wssecurity/admin/saml/SAMLIssuerConfigCommonCommandProvider.class */
public abstract class SAMLIssuerConfigCommonCommandProvider extends AbstractAdminCommand {
    private static final String SamlIssuerConfigFile = "SAMLIssuerConfig.properties";
    public static final String FFDC_ID_1 = "FFDC-1";
    public static final String FFDC_ID_2 = "FFDC-2";
    public static final String FFDC_ID_3 = "FFDC-3";
    public static final String FFDC_ID_4 = "FFDC-4";
    public static final String FFDC_ID_5 = "FFDC-5";
    public static final String FFDC_ID_6 = "FFDC-6";
    private RepositoryContext serverRepContext;
    private RepositoryContext cellRepContext;
    private boolean isSetup;
    private boolean serverRepContextLoaded;
    private boolean cellRepContextLoaded;
    protected static final String CELLS_DIR = "cells";
    protected static final String NODES_DIR = "nodes";
    protected static final String SERVERS_DIR = "servers";
    protected static final String SAML_ISSUER_CONFIG_NODE_NAME = "nodeName";
    protected static final String SAML_ISSUER_CONFIG_SERVER_NAME = "serverName";
    protected static final String BINDING_LOC = "bindingLocation";
    protected static final String BINDING_NAME = "bindingName";
    protected static final String BINDING_SCOPE = "bindingScope";
    protected static final String DOMAIN_NAME = "domainName";
    private static final String PATH_FROM_CELL = PolicyConstants.TRUST_ATTACHMENT_DIR + File.separator;
    private static String myCellName = null;
    private static AdminAuthorizer myAdminAuthorizer = null;
    protected static final String[] preDefinedProps = {SAMLIssuerConfigData.ISSUER_URI, SAMLIssuerConfigData.TIME_TO_LIVE_MILLISECONDS, SAMLIssuerConfigData.KEY_STORE_REF, SAMLIssuerConfigData.KEY_STORE_PATH, SAMLIssuerConfigData.KEY_STORE_TYPE, SAMLIssuerConfigData.KEY_STORE_PASSWORD, SAMLIssuerConfigData.KEY_ALIAS, SAMLIssuerConfigData.KEY_NAME, SAMLIssuerConfigData.KEY_PASSWORD, SAMLIssuerConfigData.TRUST_STORE_REF, SAMLIssuerConfigData.TRUST_STORE_PATH, SAMLIssuerConfigData.TRUST_STORE_TYPE, SAMLIssuerConfigData.TRUST_STORE_PASSWORD};
    private static final TraceComponent tc = Tr.register(SAMLIssuerConfigCommonCommandProvider.class, "Web Services Security", "com.ibm.ws.wssecurity.admin.resources.wssadminmsgs");
    private static final ResourceBundle resourceBundle = ResourceBundle.getBundle("com.ibm.ws.wssecurity.admin.resources.wssadminmsgs");

    public SAMLIssuerConfigCommonCommandProvider(CommandMetadata commandMetadata) throws CommandNotFoundException {
        super(commandMetadata);
        reset();
    }

    public SAMLIssuerConfigCommonCommandProvider(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        reset();
    }

    protected void setup() {
        CommandResultImpl commandResultImpl = new CommandResultImpl();
        setCommandResult(commandResultImpl);
        commandResultImpl.reset();
        this.isSetup = true;
    }

    protected void reset() {
        this.cellRepContext = null;
        this.serverRepContext = null;
        this.isSetup = false;
        this.cellRepContextLoaded = false;
        this.serverRepContextLoaded = false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setResult(Object obj) {
        if (!this.isSetup) {
            setup();
        }
        ((CommandResultImpl) getCommandResult()).setResult(obj);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Properties loadConfigurationProperties(String str, String str2) throws InvalidParameterNameException, WorkSpaceException, FileNotFoundException, IOException {
        String extractFileFromWorkspace;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadConfigurationProperties(nodeName " + str + ", serverName " + str2 + " )");
        }
        if (str == null || str2 == null) {
            loadCellRepositoryContext(getConfigSession());
            extractFileFromWorkspace = extractFileFromWorkspace(PATH_FROM_CELL + SamlIssuerConfigFile, this.cellRepContext);
        } else {
            loadServerRepositoryContext(getConfigSession(), str, str2);
            extractFileFromWorkspace = extractFileFromWorkspace(SamlIssuerConfigFile, this.serverRepContext);
        }
        Properties properties = new Properties();
        FileInputStream fileInputStream = new FileInputStream(extractFileFromWorkspace);
        try {
            try {
                properties.load(fileInputStream);
                fileInputStream.close();
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "loadConfigurationProperties()");
                }
                return properties;
            } catch (IOException e) {
                fileInputStream.close();
                throw e;
            }
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    private void loadCellRepositoryContext(Session session) throws WorkSpaceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadCellRepositoryContext( Session user= " + session.getUserName() + " )");
        }
        if (!this.cellRepContextLoaded) {
            Iterator it = (session.isShareWorkspace() ? WorkSpaceManagerFactory.getManager().getWorkSpace(session.getUserName()) : WorkSpaceManagerFactory.getManager().getWorkSpace(session.toString())).findContext(RepositoryMetaDataFactory.getRepositoryMetaData().getContextType("cells")).iterator();
            if (!it.hasNext()) {
                throw new WorkSpaceException("Cannot find cell level repository context.");
            }
            this.cellRepContext = (RepositoryContext) it.next();
            this.cellRepContextLoaded = true;
        }
        validateMonitorAuthorization(this.cellRepContext);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "loadCellRepositoryContext( Session user= " + session.getUserName() + " )");
        }
    }

    private void loadServerRepositoryContext(Session session, String str, String str2) throws WorkSpaceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadServerRepositoryContext( Session user= " + session.getUserName() + " )");
        }
        if (!this.serverRepContextLoaded) {
            if (!this.cellRepContextLoaded) {
                loadCellRepositoryContext(session);
            }
            Iterator it = this.cellRepContext.findContext("nodes", str).iterator();
            if (!it.hasNext()) {
                throw new WorkSpaceException("Cannot find node level repository context.");
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "loadServerRepositoryContext find node context for " + str);
            }
            Iterator it2 = ((RepositoryContext) it.next()).findContext("servers", str2).iterator();
            if (!it2.hasNext()) {
                throw new WorkSpaceException("Cannot find server level repository context.");
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "loadServerRepositoryContext find server context for " + str2);
            }
            this.serverRepContext = (RepositoryContext) it2.next();
            this.serverRepContextLoaded = true;
        }
        validateMonitorAuthorization(this.serverRepContext);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "loadServerRepositoryContext( Session user= " + session.getUserName() + " )");
        }
    }

    protected void createCustomConfiguration(Properties properties, String str, String str2) throws InvalidParameterNameException, WorkSpaceException, FileNotFoundException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createCustomConfiguration()");
        }
        loadServerRepositoryContext(getConfigSession(), str, str2);
        String constructAbsolutePath = constructAbsolutePath(this.serverRepContext, SamlIssuerConfigFile);
        validateServerLevelAdminAuthorization(str, str2);
        createFileInWorkspace(properties, constructAbsolutePath, SamlIssuerConfigFile, this.serverRepContext);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createCustomConfiguration()");
        }
    }

    private void createFileInWorkspace(Properties properties, String str, String str2, RepositoryContext repositoryContext) throws WorkSpaceException, FileNotFoundException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "updateFileInWorkspace()");
        }
        OutputStream outputStream = repositoryContext.getOutputStream(str2);
        repositoryContext.notifyChanged(0, str2);
        properties.store(outputStream, "");
        if (repositoryContext.isAvailable(str2)) {
            repositoryContext.notifyChanged(1, str2);
        } else {
            repositoryContext.notifyChanged(0, str2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "updateFileInWorkspace()");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void udpateConfiguration(Properties properties, String str, String str2) throws InvalidParameterNameException, WorkSpaceException, FileNotFoundException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "udpateConfiguration()");
        }
        if (str == null || str2 == null) {
            loadCellRepositoryContext(getConfigSession());
            String extractFileFromWorkspace = extractFileFromWorkspace(PATH_FROM_CELL + SamlIssuerConfigFile, this.cellRepContext);
            validateCellLevelAdminAuthorization();
            updateFileInWorkspace(properties, extractFileFromWorkspace, PATH_FROM_CELL + SamlIssuerConfigFile, this.cellRepContext);
        } else {
            loadServerRepositoryContext(getConfigSession(), str, str2);
            String extractFileFromWorkspace2 = extractFileFromWorkspace(SamlIssuerConfigFile, this.serverRepContext);
            validateServerLevelAdminAuthorization(str, str2);
            updateFileInWorkspace(properties, extractFileFromWorkspace2, SamlIssuerConfigFile, this.serverRepContext);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "udpateConfiguration()");
        }
    }

    private void updateFileInWorkspace(Properties properties, String str, String str2, RepositoryContext repositoryContext) throws WorkSpaceException, FileNotFoundException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "updateFileInWorkspace()");
        }
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(str);
                properties.store(fileOutputStream, "");
                if (repositoryContext.isAvailable(str2)) {
                    repositoryContext.notifyChanged(1, str2);
                }
                fileOutputStream.close();
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "updateFileInWorkspace()");
                }
            } catch (Exception e) {
                fileOutputStream.close();
                throw new IOException(e.getCause());
            }
        } catch (Throwable th) {
            fileOutputStream.close();
            throw th;
        }
    }

    private String extractFileFromWorkspace(String str, RepositoryContext repositoryContext) throws WorkSpaceException, FileNotFoundException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "extractFileFromWorkspace(fileName " + str + ", RepositoryContext " + repositoryContext + " )");
        }
        if (!repositoryContext.isAvailable(str)) {
            throw new FileNotFoundException(str);
        }
        if (!repositoryContext.isExtracted(str)) {
            repositoryContext.extract(str, true);
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "extractFileFromWorkspace(fileName " + str + ", RepositoryContext " + repositoryContext + " )");
        }
        return constructAbsolutePath(repositoryContext, str);
    }

    private static String constructAbsolutePath(RepositoryContext repositoryContext, String str) {
        return repositoryContext.getPath() + File.separator + str;
    }

    public static void validateMonitorAuthorization(RepositoryContext repositoryContext) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateMonitorAuthorization", repositoryContext);
        }
        validateAuthorization(repositoryContext.toString(), AdminAuthorizer.MONITOR_ROLE);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validateMonitorAuthorization");
        }
    }

    public static void validateServerLevelAdminAuthorization(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateServerLevelAdminAuthorization", new Object[]{str, str2});
        }
        validateAuthorization("cells/" + getCellName() + "/nodes/" + str + "/servers/" + str2, AdminAuthorizer.ADMIN_ROLE);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validateServerLevelAdminAuthorization");
        }
    }

    public static void validateCellLevelAdminAuthorization() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateCellLevelAdminAuthorization");
        }
        validateAuthorization("cells/" + getCellName() + "/", AdminAuthorizer.ADMIN_ROLE);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validateCellLevelAdminAuthorization");
        }
    }

    private static String getCellName() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCellName");
        }
        if (myCellName != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getCellName", myCellName);
            }
            return myCellName;
        }
        AdminService adminService = AdminServiceFactory.getAdminService();
        if (adminService != null) {
            myCellName = adminService.getCellName();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCellName", myCellName);
        }
        return myCellName;
    }

    private static AdminAuthorizer getAdminAuthorizer() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAdminAuthorizer");
        }
        if (myAdminAuthorizer != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getAdminAuthorizer", myAdminAuthorizer);
            }
            return myAdminAuthorizer;
        }
        myAdminAuthorizer = AdminAuthorizerFactory.getAdminAuthorizer();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getAdminAuthorizer", myAdminAuthorizer);
        }
        return myAdminAuthorizer;
    }

    private static void validateAuthorization(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateAuthorization", new Object[]{str, str2});
        }
        if (getAdminAuthorizer() != null && !getAdminAuthorizer().checkAccess(str, str2)) {
            throw new AccessControlException(getMessage("CWWSI9113E", new String[]{str, str2}));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validateAuthorization");
        }
    }

    public static String getMessage(String str) {
        String str2 = str;
        if (resourceBundle != null) {
            try {
                str2 = resourceBundle.getString(str);
            } catch (MissingResourceException e) {
                str2 = str;
            }
        }
        return str2;
    }

    public static String getMessage(String str, String[] strArr) {
        String message = getMessage(str);
        if (strArr != null && strArr.length > 0) {
            message = MessageFormat.format(message, strArr);
        }
        return message;
    }

    protected static CommandException instantiateCommandException(String str) {
        return new CommandException(getMessage(str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static CommandException instantiateCommandException(String str, String[] strArr) {
        return new CommandException(getMessage(str, strArr));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processError(Throwable th) {
        if (th instanceof InvalidParameterNameException) {
            processError(th, Constants.ERROR_CODE_USER_ERROR, new String[]{th.getMessage()}, "FFDC-1");
            return;
        }
        if (th instanceof CommandException) {
            processError(th, Constants.ERROR_CODE_USER_ERROR, new String[]{th.getMessage()}, "FFDC-2");
            return;
        }
        if (th instanceof FileNotFoundException) {
            processError(th, Constants.ERROR_CODE_PROCESSING_ERROR, new String[]{th.getMessage()}, "FFDC-3");
            return;
        }
        if (th instanceof JAXBException) {
            processError(th, Constants.ERROR_CODE_PROCESSING_ERROR, new String[]{th.getMessage()}, "FFDC-4");
        } else if (th instanceof WorkSpaceException) {
            processError(th, Constants.ERROR_CODE_PROCESSING_ERROR, new String[]{th.getMessage()}, "FFDC-5");
        } else {
            processError(th, Constants.ERROR_CODE_INTERNAL_ERROR, new String[]{th.getMessage()}, "FFDC-6");
        }
    }

    protected void processError(Throwable th, String str, String[] strArr, String str2) {
        if (!this.isSetup) {
            setup();
        }
        ((CommandResultImpl) getCommandResult()).setException(th);
        Tr.error(tc, str, strArr);
    }
}
