package com.ibm.ws.soa.sca.security;

import com.ibm.ejs.models.base.bindings.applicationbnd.ApplicationbndFactory;
import com.ibm.ejs.models.base.bindings.applicationbnd.AuthorizationTable;
import com.ibm.ejs.models.base.bindings.applicationbnd.RoleAssignment;
import com.ibm.ejs.models.base.bindings.applicationbnd.RunAsMap;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.exception.RuntimeWarning;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.bind.ApplicationBindingAdapter;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.WSAccessManager;
import com.ibm.ws.security.ejb.RunAsMapTable;
import com.ibm.wsspi.container.security.AccessManager;
import com.ibm.wsspi.container.security.AccessManagerFactory;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import org.eclipse.emf.common.util.EList;
import org.eclipse.jst.j2ee.common.CommonFactory;
import org.eclipse.jst.j2ee.common.SecurityRole;

/* loaded from: input_file:com/ibm/ws/soa/sca/security/SCASecurityAppManagement.class */
public class SCASecurityAppManagement {
    private static final String CLASSNAME = SCASecurityAppManagement.class.getName();
    private static TraceComponent tc = Tr.register(SCASecurityAppManagement.class, "Security", "com.ibm.ejs.resources.security");
    private boolean securityEnabled;
    private AccessManager accessManager;

    /* loaded from: input_file:com/ibm/ws/soa/sca/security/SCASecurityAppManagement$SCASecurityAppManagementHolder.class */
    private static class SCASecurityAppManagementHolder {
        private static final SCASecurityAppManagement instance = new SCASecurityAppManagement();

        private SCASecurityAppManagementHolder() {
        }
    }

    private SCASecurityAppManagement() {
        this.securityEnabled = SecurityObjectLocator.getSecurityConfig().getBoolean("enabled");
        this.accessManager = AccessManagerFactory.getAccessManager();
    }

    public static SCASecurityAppManagement getInstance() {
        return SCASecurityAppManagementHolder.instance;
    }

    public void startModule(String str, String str2, boolean z) throws RuntimeWarning {
        if (this.securityEnabled) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.entry(tc, "startModule", new Object[]{str, str2, Boolean.valueOf(z)});
            }
            FileInputStream fileInputStream = null;
            String str3 = str2 + File.separator + "META-INF/ibm-application-bnd.xml";
            try {
                fileInputStream = new FileInputStream(str3);
            } catch (FileNotFoundException e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, str3 + " not found");
                }
            }
            if (fileInputStream == null && !z) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                    Tr.exit(tc, "startModule", (Object) null);
                    return;
                }
                return;
            }
            AuthorizationTable authorizationTable = null;
            RunAsMap runAsMap = null;
            try {
                if (fileInputStream != null) {
                    try {
                        ApplicationBindingAdapter applicationBindingAdapter = new ApplicationBindingAdapter(fileInputStream);
                        authorizationTable = applicationBindingAdapter.getAuthorizationTable();
                        runAsMap = applicationBindingAdapter.getRunAsMap();
                        fileInputStream.close();
                    } catch (IOException e2) {
                        FFDCFilter.processException(e2, CLASSNAME + ".startModule", "156");
                        Tr.debug(tc, "Exception occurred in application install", new Object[]{e2});
                        throw new RuntimeWarning(e2);
                    }
                }
                this.accessManager.pushApplicationContext(str);
                if (SecurityObjectLocator.getSecurityConfig().getBoolean("boolNativeAuthz")) {
                    if (z) {
                        CommonFactory commonFactory = CommonFactory.eINSTANCE;
                        ApplicationbndFactory applicationbndFactory = ApplicationbndFactory.eINSTANCE;
                        SecurityRole createSecurityRole = commonFactory.createSecurityRole();
                        createSecurityRole.setRoleName("scaAllAuthorizedUsers");
                        if (authorizationTable == null) {
                            authorizationTable = applicationbndFactory.createAuthorizationTable();
                        }
                        EList authorizations = authorizationTable.getAuthorizations();
                        RoleAssignment createRoleAssignment = applicationbndFactory.createRoleAssignment();
                        createRoleAssignment.setRole(createSecurityRole);
                        authorizations.add(createRoleAssignment);
                        createRoleAssignment.getSpecialSubjects().add(applicationbndFactory.createAllAuthenticatedUsers());
                    }
                    if (authorizationTable != null) {
                        WSAccessManager.addAuthorizationTable(str, authorizationTable);
                    }
                }
                if (runAsMap != null) {
                    RunAsMapTable.addRunAsMap(str, runAsMap);
                }
                if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                    Tr.exit(tc, "startModule", (Object) null);
                }
            } finally {
                if (0 != 0) {
                    this.accessManager.popApplicationContext(str);
                }
            }
        }
    }

    public void stopModule(String str) {
        if (this.securityEnabled) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.entry(tc, "stopModule", (Object) null);
            }
            if (SecurityObjectLocator.getSecurityConfig().getBoolean("boolNativeAuthz")) {
                WSAccessManager.removeAuthorizationTable(str);
            }
            RunAsMapTable.removeRunAsMap(str);
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "stopModule", (Object) null);
            }
        }
    }
}
