package com.ibm.ws.batch;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.repository.ConfigChangeNotifier;
import com.ibm.websphere.management.repository.ConfigRepositoryEvent;
import com.ibm.websphere.models.config.ipc.ssl.ManagementScope;
import com.ibm.websphere.models.config.security.SSLConfigGroup;
import com.ibm.websphere.models.config.security.impl.SecurityImpl;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.management.service.Admin;
import com.ibm.ws.management.service.ConfigChangeListener;
import com.ibm.ws.odc.util.ServiceHandle;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.util.XDConstants;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;

/* loaded from: input_file:com/ibm/ws/batch/SSLConfigHelper.class */
public class SSLConfigHelper implements ConfigChangeListener {
    private static SSLConfigHelper sslConfigHelper;
    private static final String USE_HTTPS_CONNECTION = "UseHTTPSConnection";
    private static Map<String, String> _SSL_CONFIG_ALIAS_MAP;
    private static final String className = SSLConfigHelper.class.getName();
    private static final String bundle = "com.ibm.ws.bjee.resources.batchMessages";
    private static final TraceComponent tc = Tr.register(className, "Batch_Container", bundle);
    private static String cellName = AdminServiceFactory.getAdminService().getCellName();
    private static GridSchedulerConfigFileHelper gridConfigFileHelper = GridSchedulerConfigFileHelper.getInstance();
    private static final byte[] tableLock = new byte[0];

    private SSLConfigHelper() {
        populateSSLConfiguration();
        registerConfigChangeListener();
    }

    public static synchronized SSLConfigHelper getInstance() {
        if (sslConfigHelper == null) {
            sslConfigHelper = new SSLConfigHelper();
        }
        return sslConfigHelper;
    }

    private void populateSSLConfiguration() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "populateSSLConfiguration");
        }
        try {
            synchronized (tableLock) {
                _SSL_CONFIG_ALIAS_MAP = new HashMap();
                SecurityImpl securityImpl = getSecurityImpl();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Default SSL config alias = " + securityImpl.getDefaultSSLSettings().getAlias());
                    for (ManagementScope managementScope : securityImpl.getManagementScopes()) {
                        Tr.debug(tc, "ManagementScope name = " + managementScope.getScopeName() + " type=" + managementScope.getScopeType());
                    }
                }
                for (SSLConfigGroup sSLConfigGroup : securityImpl.getSslConfigGroups()) {
                    String parseManagementScope = parseManagementScope(sSLConfigGroup.getManagementScope().getScopeName());
                    if (sSLConfigGroup.getDirection().equals("inbound")) {
                        String alias = sSLConfigGroup.getSslConfig().getAlias();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "_SSL_CONFIG_ALIAS_MAP : Adding " + parseManagementScope + " -> " + alias);
                        }
                        _SSL_CONFIG_ALIAS_MAP.put(parseManagementScope, alias);
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "SSL Group name = " + sSLConfigGroup.getName());
                        Tr.debug(tc, "    Management Scope  = " + sSLConfigGroup.getManagementScope().getScopeName());
                        Tr.debug(tc, "    SSL config alias  = " + sSLConfigGroup.getSslConfig().getAlias());
                        Tr.debug(tc, "    Certificate alias = " + sSLConfigGroup.getCertificateAlias());
                        Tr.debug(tc, "    Direction         = *** " + sSLConfigGroup.getDirection() + " ***");
                    }
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "populateSSLConfiguration");
        }
    }

    private SecurityImpl getSecurityImpl() {
        SecurityImpl securityImpl = null;
        try {
            securityImpl = (SecurityImpl) Class.forName("com.ibm.ws.batch.admin.utils.ConfigUtils").getMethod("getTopLevelWCCMObject", String.class).invoke(null, "cells/" + cellName + BatchFileLoggerInfo.CLASS_FILE_INFO_SEP + "security.xml");
        } catch (Exception e) {
            e.printStackTrace();
        }
        return securityImpl;
    }

    private String parseManagementScope(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, XDConstants.DEFAULT_POLICY_FIELD_DELIMITER);
        stringTokenizer.nextToken();
        String nextToken = stringTokenizer.nextToken();
        while (true) {
            String str2 = nextToken;
            if (!stringTokenizer.hasMoreTokens()) {
                return str2;
            }
            stringTokenizer.nextToken();
            nextToken = str2 + BatchFileLoggerInfo.CLASS_FILE_INFO_SEP + stringTokenizer.nextToken();
        }
    }

    private void registerConfigChangeListener() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "registerConfigChangeListener");
        }
        ServiceHandle obtain = ServiceHandle.obtain(Admin.class);
        if (obtain != null) {
            Admin admin = (Admin) obtain.getService();
            if (admin != null) {
                admin.addConfigChangeListener(this);
            } else {
                Tr.warning(tc, "listener.config.add.class.failure", className);
            }
            obtain.release();
        } else {
            Tr.warning(tc, "Listener.class.failure.to.get.servicehandle", className);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "registerConfigChangeListener");
        }
    }

    public void configChanged(ConfigRepositoryEvent configRepositoryEvent) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "onChangeCompletion");
        }
        try {
            ConfigChangeNotifier[] changes = configRepositoryEvent.getChanges();
            if (changes != null) {
                for (int i = 0; i < changes.length; i++) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Config change on file " + changes[i].getUri());
                    }
                    if (changes[i].getChangeType() == 2) {
                        StringTokenizer stringTokenizer = new StringTokenizer(changes[i].getUri(), BatchFileLoggerInfo.CLASS_FILE_INFO_SEP);
                        if (stringTokenizer.countTokens() == 3) {
                            String[] strArr = new String[stringTokenizer.countTokens()];
                            int i2 = 0;
                            while (stringTokenizer.hasMoreElements()) {
                                strArr[i2] = stringTokenizer.nextToken();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "  Token " + i2 + " value is " + strArr[i2]);
                                }
                                i2++;
                            }
                            if (strArr[2].equals("security.xml")) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Security configuration has changed.");
                                }
                                populateSSLConfiguration();
                            }
                        }
                    }
                }
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                e.printStackTrace();
            }
        } catch (Throwable th) {
            if (tc.isDebugEnabled()) {
                th.printStackTrace();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "onChangeCompletion");
        }
    }

    private boolean isUseHTTPSConnection() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isUseHTTPSConnection");
        }
        boolean z = false;
        String customPropertyValue = gridConfigFileHelper.getCustomPropertyValue(USE_HTTPS_CONNECTION);
        if (customPropertyValue != null && customPropertyValue.equalsIgnoreCase("true")) {
            z = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isUseHTTPSConnection " + z);
        }
        return z;
    }

    public Properties getSSLConfigProperties(final String str) throws PrivilegedActionException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLConfigProperties " + str);
        }
        Properties properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.ws.batch.SSLConfigHelper.1
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLException {
                return SSLConfigManager.getInstance().getSSLConfig(str);
            }
        });
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSSLConfigProperties");
        }
        return properties;
    }

    public String[] getSSLConfigAliases() throws PrivilegedActionException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLConfigAliases");
        }
        String[] strArr = (String[]) AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.ws.batch.SSLConfigHelper.2
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLException {
                return SSLConfigManager.getInstance().getSSLConfigAliases();
            }
        });
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSSLConfigAliases");
        }
        return strArr;
    }

    public String discoverSSLConfigAlias(String str, String str2) {
        String str3;
        String str4 = cellName + BatchFileLoggerInfo.CLASS_FILE_INFO_SEP + str + BatchFileLoggerInfo.CLASS_FILE_INFO_SEP + str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "discoverSSLConfigAlias key=[" + str4 + "]");
        }
        synchronized (tableLock) {
            while (!_SSL_CONFIG_ALIAS_MAP.containsKey(str4)) {
                str4 = str4.substring(0, str4.lastIndexOf(BatchFileLoggerInfo.CLASS_FILE_INFO_SEP));
            }
            str3 = _SSL_CONFIG_ALIAS_MAP.get(str4);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "discoverSSLConfigAlias configAlias=[" + str3 + "]");
        }
        return str3;
    }
}
