package com.ibm.ws.security.core;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.cache.DistributedMap;
import com.ibm.websphere.management.AdminService;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.MBeanFactory;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.collaborator.DefaultRuntimeCollaborator;
import com.ibm.ws.security.auth.DistributedMapFactory;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.util.ByteArray;
import com.ibm.wsspi.security.token.TokenHolder;
import java.lang.reflect.Method;
import java.lang.reflect.UndeclaredThrowableException;
import java.util.Iterator;
import java.util.Properties;
import java.util.Set;
import javax.management.ObjectName;
import javax.management.QueryExp;

/* loaded from: input_file:com/ibm/ws/security/core/SecurityAdminHelper.class */
public final class SecurityAdminHelper {
    private static final TraceComponent tc = Tr.register((Class<?>) SecurityAdminHelper.class, (String) null, AdminConstants.MSG_BUNDLE_NAME);
    private static String servantId;
    private static final String OBJNAME_PREFIX = "WebSphere:type=SecurityAdminHelper,";
    private static SecurityAdminHelper thisObj;
    private static ObjectName thisMBean;
    private static AdminService adminServ;

    private SecurityAdminHelper() {
    }

    public static boolean initialize() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize SecurityAdminHelper", thisMBean);
        }
        if (thisMBean == null) {
            MBeanFactory mBeanFactory = AdminServiceFactory.getMBeanFactory();
            adminServ = AdminServiceFactory.getAdminService();
            if (tc.isEntryEnabled()) {
                Tr.entry(tc, "Set the AdminService for this process");
            }
            if (thisObj == null) {
                thisObj = new SecurityAdminHelper();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Create an instance of this class if not already in existence");
                }
            }
            DefaultRuntimeCollaborator defaultRuntimeCollaborator = new DefaultRuntimeCollaborator(thisObj, "SecurityAdminHelper");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Register SecurityAdminHelper mbean");
            }
            Properties properties = new Properties();
            properties.setProperty("servantId", getServantIdentifier());
            try {
                thisMBean = mBeanFactory.activateMBean("SecurityAdminHelper", defaultRuntimeCollaborator, "SecurityAdminHelper", "com/ibm/ws/management/descriptor/xml/SecurityAdminHelper.xml", properties);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Use servantId as one of the extra property to distinguish each");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityAdminHelper.initialize", "001");
                Tr.error(tc, "security.init.mbeanerror", new Object[]{"SecurityAdminHelper", e});
                if (!tc.isEntryEnabled()) {
                    return false;
                }
                Tr.exit(tc, "initialize returning false", thisMBean);
                return false;
            }
        }
        if (!tc.isEntryEnabled()) {
            return true;
        }
        Tr.exit(tc, "initialize returning true", thisMBean);
        return true;
    }

    public static String getServantIdentifier() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServantIdentifier", servantId);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getServantIdentifier", servantId);
        }
        return servantId;
    }

    public static TokenHolder getOpaqueToken(ByteArray byteArray, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOpaqueToken(ssoToken, servantId)", new Object[]{byteArray, str});
        }
        if (servantId.equals(str)) {
            if (thisObj == null && !initialize()) {
                if (!tc.isEntryEnabled()) {
                    return null;
                }
                Tr.exit(tc, "getOpaqueToken(ssoToken, servantId) returning null");
                return null;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getOpaqueToken(ssoToken, servantId) invoking getOpaqueToken locally", thisObj);
            }
            TokenHolder opaqueToken = thisObj.getOpaqueToken(byteArray);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getOpaqueToken(ssoToken, servantId) returning", opaqueToken);
            }
            return opaqueToken;
        }
        TokenHolder tokenHolder = null;
        try {
            if (adminServ == null) {
                if (!tc.isEntryEnabled()) {
                    return null;
                }
                Tr.exit(tc, "getOpaqueToken(ssoToken, servantId) AdminService isn't set", adminServ);
                return null;
            }
            ObjectName objectName = new ObjectName("WebSphere:type=SecurityAdminHelper,servantId=" + str + ",*");
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "scope: " + objectName);
            }
            Set queryNames = adminServ.queryNames(objectName, (QueryExp) null);
            if (queryNames.size() == 1) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getOpaqueToken(ssoToken, servantId) one MBean found", String.valueOf(queryNames.size()));
                }
                ObjectName objectName2 = (ObjectName) queryNames.iterator().next();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getOpaqueToken(ssoToken, servantId) invoking MBean", objectName2);
                }
                tokenHolder = (TokenHolder) adminServ.invoke(objectName2, "getOpaqueToken", new Object[]{byteArray}, new String[]{ByteArray.class.getName()});
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getOpaqueToken(ssoToken, servantId) returning", tokenHolder);
                }
            } else {
                if (queryNames.size() == 0) {
                    if (!tc.isEntryEnabled()) {
                        return null;
                    }
                    Tr.exit(tc, "getOpaqueToken(ssoToken, servantId) no MBean found", objectName);
                    return null;
                }
                if (queryNames.size() > 1) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "getOpaqueToken(ssoToken, servantId) more than one MBean found", String.valueOf(queryNames.size()));
                    }
                    Iterator it = queryNames.iterator();
                    ObjectName objectName3 = (ObjectName) it.next();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "getOpaqueToken(ssoToken, servantId) using MBean", objectName3);
                        while (it.hasNext()) {
                            Tr.debug(tc, "getOpaqueToken(ssoToken, servantId) found MBean", it.next());
                        }
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "getOpaqueToken(ssoToken, servantId) invoking MBean", objectName3);
                    }
                    tokenHolder = (TokenHolder) adminServ.invoke(objectName3, "getOpaqueToken", new Object[]{byteArray}, new String[]{ByteArray.class.getName()});
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "getOpaqueToken(ssoToken, servantId) returning", tokenHolder);
                    }
                }
            }
            return tokenHolder;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityAdminHelper.getOpaqueToken", "002");
            Tr.error(tc, "security.invoke.mbeanerror", new Object[]{"SecurityAdminHelper", e});
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getOpaqueToken(ssoToken, servantId) returning null");
            return null;
        }
    }

    public TokenHolder getOpaqueToken(ByteArray byteArray) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOpaqueToken");
        }
        byte[] bArr = null;
        TokenHolder tokenHolder = null;
        try {
            DistributedMap map = DistributedMapFactory.getMap("WSSecureMap");
            if (map != null) {
                bArr = (byte[]) map.get(byteArray);
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityAdminHelper.getOpaqueToken", "003", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "Exception occurred getting opaque token from distributed map.", new Object[]{e});
            }
        }
        if (bArr != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getOpaqueToken returns opaque token.");
            }
            tokenHolder = new TokenHolder(bArr, "WS_OPAQUE", 1);
        } else if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOpaqueToken returns null.");
        }
        return tokenHolder;
    }

    static {
        servantId = null;
        try {
            Class<?> cls = Class.forName("com.ibm.ws.management.AdminServiceImpl");
            if (cls != null) {
                Method method = cls.getMethod("getPlatformUtils", new Class[0]);
                cls.newInstance();
                if (method != null) {
                    servantId = (String) Class.forName("com.ibm.ws.management.util.PlatformUtils").getMethod("getPrintableStoken", new Class[0]).invoke(method.invoke(cls, new Object[0]), new Object[0]);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "servantId:", servantId);
                    }
                }
            }
            thisObj = null;
            thisMBean = null;
            adminServ = null;
        } catch (Exception e) {
            Tr.error(tc, "exception " + e.toString() + " in SecurityAdminHelper static initializer");
            throw new UndeclaredThrowableException(e);
        }
    }
}
