package jeus.ejb.container3;

import java.lang.reflect.Method;
import java.security.Principal;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.ejb.EJBAccessException;
import javax.ejb.EJBException;
import javax.security.jacc.EJBMethodPermission;
import jeus.ejb.MethodInterfaceType;
import jeus.ejb.interceptor.Interceptor;
import jeus.ejb.interceptor.Invocation;
import jeus.ejb.interceptor.InvocationType;
import jeus.ejb.metadata.BeanInfo;
import jeus.management.j2ee.DeploymentContext;
import jeus.security.base.SecurityException;
import jeus.security.base.ServiceException;
import jeus.security.base.Subject;
import jeus.security.container.ejb.EJBSecurity;
import jeus.util.logging.JeusLogger;
import jeus.util.message.JeusMessageBundles;
import jeus.util.message.JeusMessage_EJB;
import jeus.util.message.JeusMessage_EJB12;
import jeus.util.message.JeusMessage_EJB6;

/* loaded from: input_file:jeus/ejb/container3/SecurityInterceptor.class */
public class SecurityInterceptor implements Interceptor {
    protected static JeusLogger logger = (JeusLogger) JeusLogger.getLogger(SecurityInterceptor.class.getName());
    protected BaseBeanContainer container;
    private BeanInfo beanInfo;
    private String beanName;
    private Subject runAsPrincipal;
    private boolean usePermissionCache = true;
    private final ConcurrentMap<Method, EJBMethodPermissionList> permissionsCache = new ConcurrentHashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jeus/ejb/container3/SecurityInterceptor$EJBMethodPermissionList.class */
    public static class EJBMethodPermissionList {
        private EJBMethodPermission home;
        private EJBMethodPermission localHome;
        private EJBMethodPermission remote;
        private EJBMethodPermission local;
        private EJBMethodPermission serviceEndpoint;

        private EJBMethodPermissionList() {
        }

        synchronized void put(MethodInterfaceType methodInterfaceType, EJBMethodPermission eJBMethodPermission) {
            switch (methodInterfaceType) {
                case Home:
                    this.home = eJBMethodPermission;
                    return;
                case LocalHome:
                    this.localHome = eJBMethodPermission;
                    return;
                case Remote:
                    this.remote = eJBMethodPermission;
                    return;
                case Local:
                    this.local = eJBMethodPermission;
                    return;
                case ServiceEndpoint:
                    this.serviceEndpoint = eJBMethodPermission;
                    return;
                default:
                    return;
            }
        }

        EJBMethodPermission get(MethodInterfaceType methodInterfaceType) {
            switch (methodInterfaceType) {
                case Home:
                    return this.home;
                case LocalHome:
                    return this.localHome;
                case Remote:
                    return this.remote;
                case Local:
                    return this.local;
                case ServiceEndpoint:
                    return this.serviceEndpoint;
                default:
                    return null;
            }
        }
    }

    public SecurityInterceptor(BaseBeanContainer baseBeanContainer) {
        this.container = baseBeanContainer;
        this.beanInfo = baseBeanContainer.getBeanInfo();
        this.beanName = this.beanInfo.getBeanName();
        this.runAsPrincipal = baseBeanContainer.getRunAsSubject();
    }

    @Override // jeus.ejb.interceptor.Interceptor
    public String getName() {
        return "SecurityInterceptor";
    }

    @Override // jeus.ejb.interceptor.Interceptor
    public Object invoke(Invocation invocation) throws Exception {
        boolean z = false;
        boolean z2 = false;
        try {
            DeploymentContext currentContext = DeploymentContext.currentContext();
            boolean z3 = (currentContext == null || currentContext.getEARDeployer() == null || currentContext.getEARDeployer() != this.container.getModuleDeployer().getEARDeployer()) ? false : true;
            if (currentContext == null || !z3) {
                if (invocation.getType() == InvocationType.BUSINESS_METHOD || invocation.getType() == InvocationType.EJBOBJECT_METHOD) {
                    if (logger.isLoggable(JeusMessage_EJB6._4246_LEVEL)) {
                        Principal currentEJBPrincipal = EJBSecurity.getCurrentEJBPrincipal();
                        if (currentEJBPrincipal != null) {
                            logger.logp(JeusMessage_EJB6._4246_LEVEL, "SessionContainer", "preInvoke", JeusMessage_EJB6._4246, currentEJBPrincipal.getName());
                        } else {
                            logger.logp(JeusMessage_EJB6._4247_LEVEL, "SessionContainer", "preInvoke", JeusMessage_EJB6._4247);
                        }
                    }
                    try {
                        EJBSecurity.setEJBSecurityContext(this.beanInfo.getSecurityPolicyID(), invocation.getInstance(), invocation.getParameters(), null);
                        z = true;
                        checkPermission(invocation);
                    } catch (Exception e) {
                        EJBException eJBException = new EJBException(JeusMessageBundles.getMessage(JeusMessage_EJB._8023));
                        eJBException.initCause(e);
                        throw eJBException;
                    }
                }
                try {
                    if (this.runAsPrincipal != null) {
                        EJBSecurity.setEJBRunAsIdentity(this.runAsPrincipal);
                        z2 = true;
                    }
                } catch (Exception e2) {
                    EJBAccessException eJBAccessException = new EJBAccessException(JeusMessageBundles.getMessage(JeusMessage_EJB._8024));
                    eJBAccessException.initCause(e2);
                    throw eJBAccessException;
                }
            }
            Object invokeNext = invocation.invokeNext();
            if (z2) {
                try {
                    EJBSecurity.clearEJBRunAsIdentity();
                } catch (Throwable th) {
                    logger.log(JeusMessage_EJB12._9027_LEVEL, JeusMessage_EJB12._9027, th);
                }
            }
            if (z) {
                try {
                    EJBSecurity.clearEJBSecurityContext();
                } catch (Throwable th2) {
                    logger.log(JeusMessage_EJB12._9027_LEVEL, JeusMessage_EJB12._9027, th2);
                }
            }
            return invokeNext;
        } catch (Throwable th3) {
            if (z2) {
                try {
                    EJBSecurity.clearEJBRunAsIdentity();
                } catch (Throwable th4) {
                    logger.log(JeusMessage_EJB12._9027_LEVEL, JeusMessage_EJB12._9027, th4);
                }
            }
            if (z) {
                try {
                    EJBSecurity.clearEJBSecurityContext();
                } catch (Throwable th5) {
                    logger.log(JeusMessage_EJB12._9027_LEVEL, JeusMessage_EJB12._9027, th5);
                }
            }
            throw th3;
        }
    }

    private void checkPermission(Invocation invocation) {
        EJBMethodPermission eJBMethodPermission;
        MethodInterfaceType methodInterfaceType = invocation.getMethodInterfaceType();
        String str = null;
        if (methodInterfaceType != null) {
            str = methodInterfaceType.name();
        }
        Method method = invocation.getMethod();
        if (this.usePermissionCache) {
            EJBMethodPermissionList eJBMethodPermissionList = this.permissionsCache.get(method);
            if (eJBMethodPermissionList == null) {
                eJBMethodPermissionList = new EJBMethodPermissionList();
                this.permissionsCache.putIfAbsent(method, eJBMethodPermissionList);
            }
            eJBMethodPermission = eJBMethodPermissionList.get(methodInterfaceType);
            if (eJBMethodPermission == null) {
                eJBMethodPermission = new EJBMethodPermission(this.beanName, str, method);
                eJBMethodPermissionList.put(methodInterfaceType, eJBMethodPermission);
            }
        } else {
            eJBMethodPermission = new EJBMethodPermission(this.beanName, str, method);
        }
        try {
            EJBSecurity.checkEJBMethodPermission(eJBMethodPermission);
        } catch (SecurityException e) {
            EJBAccessException eJBAccessException = new EJBAccessException(e.getMessage());
            eJBAccessException.initCause(e);
            throw eJBAccessException;
        } catch (ServiceException e2) {
            throw new EJBException(JeusMessage_EJB._8025_MSG, e2);
        }
    }
}
