package com.ibm.ws.console.core;

import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.authorizer.AdminAuthorizer;
import com.ibm.websphere.management.authorizer.AdminAuthorizerFactory;
import com.ibm.websphere.management.repository.ConfigRepositoryFactory;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.models.config.security.UserRegistry;
import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.EntryNotFoundException;
import com.ibm.ws.console.core.abstracted.AbstractConstants;
import com.ibm.ws.console.core.servlet.WSCUrlFilter;
import com.ibm.ws.logging.LoggerHelper;
import com.ibm.ws.runtime.service.RepositoryFactory;
import java.rmi.RemoteException;
import java.util.StringTokenizer;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import org.eclipse.emf.common.util.EList;

/* loaded from: input_file:com/ibm/ws/console/core/SecurityHelper.class */
public final class SecurityHelper {
    protected static Logger logger;
    private static AdminAuthorizer adminAuthorizer;

    private static AdminAuthorizer getAdminAuthorizer() {
        if (adminAuthorizer == null) {
            adminAuthorizer = AdminAuthorizerFactory.getAdminAuthorizer();
        }
        return adminAuthorizer;
    }

    public static boolean checkAccess(String str, String str2) {
        return WSCUrlFilter.checkAccess(str, str2);
    }

    public static boolean checkAccessToScope(String str, String str2) {
        boolean z = false;
        AdminAuthorizer adminAuthorizer2 = getAdminAuthorizer();
        String[] split = str.equalsIgnoreCase("all") ? new String[]{"Server", "Cluster", "Node", "Application", "Cell", "BLA", "ASSET"} : str.split(",");
        if (adminAuthorizer2 == null) {
            z = true;
        }
        int i = 0;
        while (true) {
            if (i < split.length) {
                if (adminAuthorizer2 != null && getAdminAuthorizer().isCallerInRole(split[i].trim() + "-" + str2)) {
                    z = true;
                    break;
                }
                i++;
            } else {
                break;
            }
        }
        return z;
    }

    public static UserRegistry getUserRegistry() throws Exception {
        Security security = null;
        EList contents = RepositoryFactory.createRepository("ws-server", (String) ConfigRepositoryFactory.getConfigRepository().getConfig().get("was.repository.root"), AdminServiceFactory.getAdminService().getCellName(), (String) null, (String) null).getConfigRoot().getResource(0, Constants.SECURITY_RESOURCE).getContents();
        for (int i = 0; i < contents.size(); i++) {
            Object obj = contents.get(i);
            if (obj instanceof Security) {
                security = (Security) obj;
            }
        }
        return security.getActiveUserRegistry();
    }

    public static String[] getLDAPUserNames(String str) throws NamingException, EntryNotFoundException, CustomRegistryException, RemoteException {
        String[] strArr = new String[2];
        strArr[0] = ((com.ibm.websphere.security.UserRegistry) new InitialContext().lookup("AdminUserRegistry")).getUserDisplayName(str);
        String str2 = str;
        try {
            if (str.contains("cn=")) {
                StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
                String nextToken = stringTokenizer.nextToken();
                while (!nextToken.startsWith("cn=")) {
                    nextToken = stringTokenizer.nextToken();
                }
                str2 = new StringTokenizer(nextToken, "cn=").nextToken();
            } else if (str.contains("=")) {
                str2 = new StringTokenizer(str, ",").nextToken().split("=")[1];
            }
        } catch (Exception e) {
            if (logger.isLoggable(Level.SEVERE)) {
                logger.severe("Error getting LDAP common name from distinguished name");
            }
            if (logger.isLoggable(Level.SEVERE)) {
                logger.severe(e.getMessage());
            }
        }
        strArr[1] = str2;
        return strArr;
    }

    static {
        logger = null;
        logger = Logger.getLogger(SecurityHelper.class.getName());
        LoggerHelper.addLoggerToGroup(logger, AbstractConstants.TRACE_COMPONENT);
        adminAuthorizer = null;
    }
}
