package com.ibm.ws.sib.security.auth.login;

import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.WSSecurityHelper;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.sib.security.BusSecurityAction;
import com.ibm.ws.sib.security.BusSecurityConstants;
import com.ibm.ws.sib.security.auth.AuditMetaData;
import com.ibm.ws.sib.security.auth.AuthUtilsImpl;
import com.ibm.ws.sib.security.auth.LoginType;
import com.ibm.ws.sib.security.auth.SIBPrincipal;
import com.ibm.ws.sib.security.auth.SIBSubject;
import com.ibm.ws.sib.security.auth.SIBSubjectImpl;
import com.ibm.ws.sib.security.impl.BusUtilities;
import com.ibm.ws.sib.utils.ras.SibTr;
import com.ibm.ws.wim.util.DomainManagerUtils;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.login.CredentialException;

/* loaded from: input_file:com/ibm/ws/sib/security/auth/login/AbstractLoginAction.class */
public abstract class AbstractLoginAction implements PrivilegedAction<SIBSubject> {
    private static final TraceComponent _tc = SibTr.register(AbstractLoginAction.class, BusSecurityConstants.TRC_GROUP, BusSecurityConstants.MSG_BUNDLE);
    public static final String $sccsid = "@(#) 1.25 SIB/ws/code/sib.security.impl/src/com/ibm/ws/sib/security/auth/login/AbstractLoginAction.java, SIB.security, WAS855.SIB, cf111646.01 13/08/18 23:10:36 [11/14/16 16:16:49]";
    private String _busName;

    public AbstractLoginAction() {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(this, _tc, "AbstractLoginAction");
        }
        this._busName = null;
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(this, _tc, "AbstractLoginAction", this);
        }
    }

    public AbstractLoginAction(String str) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(this, _tc, "AbstractLoginAction", str);
        }
        this._busName = str;
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(this, _tc, "AbstractLoginAction", this);
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.security.PrivilegedAction
    public final SIBSubject run() {
        SIBSubject login;
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(this, _tc, "run");
        }
        if (this._busName != null) {
            String str = AuthUtilsImpl.getbusDomainName(this._busName);
            if (str != null) {
                if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                    SibTr.debug(this, _tc, "AbstractLoginAction", "pushing custom security domain");
                }
                pushDomain(str);
            } else if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                SibTr.debug(this, _tc, "AbstractLoginAction", "domainName null, in the admin domain");
            }
            login = (SIBSubject) BusUtilities.doInBusDomain(this._busName, new BusSecurityAction<SIBSubject>() { // from class: com.ibm.ws.sib.security.auth.login.AbstractLoginAction.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.ibm.ws.sib.security.BusSecurityAction
                public SIBSubject run() {
                    return AbstractLoginAction.this.login();
                }
            });
            if (str != null) {
                if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                    SibTr.debug(this, _tc, "AbstractLoginAction", "popping custom security domain");
                }
                popDomain();
            }
        } else {
            login = login();
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(this, _tc, "run", login);
        }
        return login;
    }

    private static void pushDomain(String str) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "pushDomain");
        }
        DomainManagerUtils.setVMMThreadDomainContext(str);
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "pushDomain");
        }
    }

    private static void popDomain() {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "popDomain");
        }
        DomainManagerUtils.cleanUpVMMThreadDomainContext();
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "popDomain");
        }
    }

    protected abstract SIBSubject login();

    public abstract String getUserName();

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUniqueUserName(SIBSubject sIBSubject) throws GeneralSecurityException {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(this, _tc, "getUniqueUserName", sIBSubject);
        }
        if (sIBSubject == null) {
            if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                SibTr.debug(this, _tc, "A null subject was supplied");
            }
            if (!TraceComponent.isAnyTracingEnabled() || !_tc.isEntryEnabled()) {
                return null;
            }
            SibTr.exit(this, _tc, "getUniqueUserName", (Object) null);
            return null;
        }
        WSCredential wSCredentialFromSubject = SubjectHelper.getWSCredentialFromSubject(sIBSubject.getSubject());
        String str = null;
        if (wSCredentialFromSubject != null) {
            try {
                str = wSCredentialFromSubject.getUniqueSecurityName();
            } catch (CredentialException e) {
                FFDCFilter.processException(e, "com.ibm.ws.sib.security.auth.login.AbstractLoginAction.getUniqueUserName", "196", this);
                if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                    SibTr.exit(this, _tc, "getUniqueUserName", "GeneralSecurityException");
                }
                throw new GeneralSecurityException((Throwable) e);
            }
        } else if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
            SibTr.debug(this, _tc, "No WSCredential in the subject");
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(this, _tc, "getUniqueUserName", str);
        }
        return str;
    }

    public abstract LoginType getLoginType();

    public static final SIBSubject createHostServerSubject() {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "createHostServerSubject");
        }
        Subject createBasicAuthSubject = SubjectHelper.createBasicAuthSubject(BusSecurityConstants.SIB_REALM_NAME, BusSecurityConstants.HOST_ID_NAME, "");
        createBasicAuthSubject.getPrincipals().add(new SIBPrincipal(BusSecurityConstants.HOST_ID_NAME, true, true));
        SIBSubject create = SIBSubjectImpl.create(createBasicAuthSubject);
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "createHostServerSubject", create);
        }
        return create;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SIBSubject convertSubject(SIBSubject sIBSubject, SIBPrincipal sIBPrincipal) {
        SIBSubject sIBSubject2;
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "convertSubject", new Object[]{sIBSubject, sIBPrincipal});
        }
        if (sIBSubject == null || sIBSubject.isSIBAuthenticated()) {
            sIBSubject2 = null;
        } else {
            sIBSubject2 = SIBSubjectImpl.create();
            Set<Principal> principals = sIBSubject2.getPrincipals();
            for (Principal principal : sIBSubject.getPrincipals()) {
                if (!(principal instanceof SIBPrincipal)) {
                    principals.add(principal);
                }
            }
            sIBSubject2.getPrincipals().add(sIBPrincipal);
            sIBSubject2.getPublicCredentials().addAll(sIBSubject.getPublicCredentials());
            Set<Object> privateCredentials = sIBSubject2.getPrivateCredentials();
            for (Object obj : sIBSubject.getPrivateCredentials()) {
                if (!(obj instanceof AuditMetaData)) {
                    privateCredentials.add(obj);
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "convertSubject", sIBSubject2);
        }
        return sIBSubject2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SIBSubject getUnauthenticatedSubject() throws GeneralSecurityException {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "getUnauthenticatedSubject");
        }
        SIBSubject create = WSSecurityHelper.isGlobalSecurityEnabled() ? SIBSubjectImpl.create(ContextManagerFactory.getInstance().createUnauthenticatedSubject()) : SIBSubjectImpl.create();
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "getUnauthenticatedSubject", create);
        }
        return create;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SIBSubject getAnonymousSubject() throws GeneralSecurityException {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "getAnonymousSubject");
        }
        SIBSubject convertSubject = convertSubject(getUnauthenticatedSubject(), new SIBPrincipal(""));
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "getAnonymousSubject", convertSubject);
        }
        return convertSubject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static ContextManager getContextManager() {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "getContextManager");
        }
        ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "getContextManager", contextManagerFactory);
        }
        return contextManagerFactory;
    }

    static {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
            SibTr.debug(_tc, "Source Info: @(#) 1.25 SIB/ws/code/sib.security.impl/src/com/ibm/ws/sib/security/auth/login/AbstractLoginAction.java, SIB.security, WAS855.SIB, cf111646.01 13/08/18 23:10:36 [11/14/16 16:16:49]");
        }
    }
}
