package com.ibm.ws.security.config;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.ws.management.cmdframework.impl.CommandSecurityUtil;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import java.util.ArrayList;
import java.util.List;
import java.util.StringTokenizer;

/* loaded from: input_file:com/ibm/ws/security/config/TrustedAuthenticationRealm.class */
public class TrustedAuthenticationRealm {
    static final String REALM_LIST = "realmList";
    static final String TRUST_ALL_REALMS = "trustAllRealms";
    private static TraceComponent tc = Tr.register((Class<?>) TrustedAuthenticationRealm.class, "SecurityConfig", AdminConstants.MSG_BUNDLE_NAME);
    private String realmList;
    private boolean trustAllRealms;
    private List<String> realms = new ArrayList();

    public TrustedAuthenticationRealm(boolean z, SecurityConfigObject securityConfigObject, GenericConfigHelper genericConfigHelper, String str) {
        this.realmList = null;
        this.trustAllRealms = false;
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "ctor" + str, new Object[]{securityConfigObject, genericConfigHelper});
        }
        String str2 = " (" + str + ")";
        if (z) {
            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "Populating outbound TrustedAuthenticationRealm" + str2);
            }
            String property = ((SecurityConfig) genericConfigHelper).getProperty("com.ibm.CSI.supportedTargetRealms");
            if ((property == null || property.length() == 0) && securityConfigObject == null) {
                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                    Tr.debug(tc, "(using defaults since both supportedATargetRealms and sco are null) trustAllRealms: " + this.trustAllRealms + " realmList: " + this.realmList + str2);
                }
            } else if ((property == null || property.length() == 0) && securityConfigObject != null) {
                this.trustAllRealms = securityConfigObject.getBoolean(TRUST_ALL_REALMS, false).booleanValue();
                if (this.trustAllRealms) {
                    this.realmList = "*";
                } else {
                    this.realmList = securityConfigObject.getString(REALM_LIST);
                }
                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                    Tr.debug(tc, "(supportedTargetRealms == null && sco != null) trustAllRealms: " + this.trustAllRealms + " realmList: " + this.realmList + str2);
                }
            } else if (property != null && property.equals("*")) {
                this.trustAllRealms = true;
                this.realmList = "*";
                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                    Tr.debug(tc, "(supportedTargetRealms.equals(\"*\")) trustAllRealms: " + this.trustAllRealms + " realmList: " + this.realmList + str2);
                }
            } else if (property != null && property.length() > 0) {
                this.trustAllRealms = false;
                this.realmList = property;
                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                    Tr.debug(tc, "(supportedTargetRealms.length() > 0) trustAllRealms: " + this.trustAllRealms + " realmList: " + this.realmList + str2);
                }
            } else if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "(using default values) trustAllRealms: " + this.trustAllRealms + " realmList: " + this.realmList + str2);
            }
        } else {
            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "Populating inbound TrustedAuthenticationRealm" + str2);
            }
            if (securityConfigObject != null) {
                this.trustAllRealms = securityConfigObject.getBoolean(TRUST_ALL_REALMS, false).booleanValue();
                this.realmList = securityConfigObject.getString(REALM_LIST);
                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                    Tr.debug(tc, "(sco != null) trustAllRealms: " + this.trustAllRealms + " realmList: " + this.realmList + str2);
                }
            } else if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "(using defaults) trustAllRealms: " + this.trustAllRealms + " realmList: " + this.realmList + str2);
            }
        }
        try {
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception loading TrustedAuthenticationRealm helper. Using default values.", new Object[]{e});
            }
            this.trustAllRealms = false;
            this.realmList = null;
            Manager.Ffdc.log(e, TrustedAuthenticationRealm.class, "com.ibm.ws.security.config.TrustedAuthenticationRealm", "1");
        }
        if (!this.trustAllRealms && this.realmList != null && this.realmList.equals("*")) {
            throw new SecurityConfigException("For entry " + (z ? "outboundTrustedAuthenticationRealm" : "inboundTrustedAuthenticationRealm") + ", trustAllRealms=false, but realmList=\"*\", contradictory assignments.");
        }
        addRealmsFoundFromConfigurationOnce(this.realmList);
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "ctor" + str2, this);
        }
    }

    public boolean getTrustAllRealms() {
        return this.trustAllRealms;
    }

    public String getRealmList() {
        return this.realmList;
    }

    public boolean isTrustedRealm(String str) {
        if (str == null) {
            return false;
        }
        return this.trustAllRealms || containsRealm(str);
    }

    private boolean containsRealm(String str) {
        return this.realms.contains(str.toLowerCase());
    }

    private void addRealmsFoundFromConfigurationOnce(String str) {
        if (str == null || !this.realms.isEmpty()) {
            return;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, CommandSecurityUtil.PARAM_DELIM);
        while (stringTokenizer.hasMoreTokens()) {
            this.realms.add(stringTokenizer.nextToken().toLowerCase());
        }
    }
}
