package org.apache.geronimo.security.util;

import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import javax.security.jacc.EJBMethodPermission;
import javax.security.jacc.EJBRoleRefPermission;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.security.jacc.PolicyContextHandler;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;
import org.apache.geronimo.security.GeronimoSecurityException;
import org.apache.geronimo.security.PrimaryRealmPrincipal;
import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.deploy.Principal;
import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType;
import org.apache.geronimo.xbeans.j2ee.EjbJarType;
import org.apache.geronimo.xbeans.j2ee.EnterpriseBeansType;
import org.apache.geronimo.xbeans.j2ee.EntityBeanType;
import org.apache.geronimo.xbeans.j2ee.ExcludeListType;
import org.apache.geronimo.xbeans.j2ee.HttpMethodType;
import org.apache.geronimo.xbeans.j2ee.JavaTypeType;
import org.apache.geronimo.xbeans.j2ee.MethodPermissionType;
import org.apache.geronimo.xbeans.j2ee.MethodType;
import org.apache.geronimo.xbeans.j2ee.RoleNameType;
import org.apache.geronimo.xbeans.j2ee.SecurityConstraintType;
import org.apache.geronimo.xbeans.j2ee.SecurityRoleRefType;
import org.apache.geronimo.xbeans.j2ee.SecurityRoleType;
import org.apache.geronimo.xbeans.j2ee.SessionBeanType;
import org.apache.geronimo.xbeans.j2ee.UrlPatternType;
import org.apache.geronimo.xbeans.j2ee.WebAppType;
import org.apache.geronimo.xbeans.j2ee.WebResourceCollectionType;

/* loaded from: input_file:org/apache/geronimo/security/util/ConfigurationUtil.class */
public class ConfigurationUtil {
    static Class class$java$lang$String;

    public static RealmPrincipal generateRealmPrincipal(Principal principal, String str) {
        try {
            return (RealmPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction(principal, str) { // from class: org.apache.geronimo.security.util.ConfigurationUtil.1
                private final Principal val$principal;
                private final String val$realmName;

                {
                    this.val$principal = principal;
                    this.val$realmName = str;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Class<?> cls;
                    Class<?> cls2 = Class.forName(this.val$principal.getClassName());
                    Class<?>[] clsArr = new Class[1];
                    if (ConfigurationUtil.class$java$lang$String == null) {
                        cls = ConfigurationUtil.class$("java.lang.String");
                        ConfigurationUtil.class$java$lang$String = cls;
                    } else {
                        cls = ConfigurationUtil.class$java$lang$String;
                    }
                    clsArr[0] = cls;
                    return new RealmPrincipal(this.val$realmName, (java.security.Principal) cls2.getDeclaredConstructor(clsArr).newInstance(this.val$principal.getPrincipalName()));
                }
            });
        } catch (PrivilegedActionException e) {
            return null;
        }
    }

    public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(Principal principal, String str) {
        try {
            return (PrimaryRealmPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction(principal, str) { // from class: org.apache.geronimo.security.util.ConfigurationUtil.2
                private final Principal val$principal;
                private final String val$realmName;

                {
                    this.val$principal = principal;
                    this.val$realmName = str;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Class<?> cls;
                    Class<?> cls2 = Class.forName(this.val$principal.getClassName());
                    Class<?>[] clsArr = new Class[1];
                    if (ConfigurationUtil.class$java$lang$String == null) {
                        cls = ConfigurationUtil.class$("java.lang.String");
                        ConfigurationUtil.class$java$lang$String = cls;
                    } else {
                        cls = ConfigurationUtil.class$java$lang$String;
                    }
                    clsArr[0] = cls;
                    return new PrimaryRealmPrincipal(this.val$realmName, (java.security.Principal) cls2.getDeclaredConstructor(clsArr).newInstance(this.val$principal.getPrincipalName()));
                }
            });
        } catch (PrivilegedActionException e) {
            return null;
        }
    }

    public static void registerPolicyContextHandler(PolicyContextHandler policyContextHandler, boolean z) throws PolicyContextException {
        for (String str : policyContextHandler.getKeys()) {
            PolicyContext.registerHandler(str, policyContextHandler, z);
        }
    }

    public static void configure(PolicyConfiguration policyConfiguration, WebAppType webAppType) throws GeronimoSecurityException {
        HashSet hashSet = new HashSet();
        for (SecurityRoleType securityRoleType : webAppType.getSecurityRoleArray()) {
            hashSet.add(securityRoleType.getRoleName());
        }
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        HashSet hashSet2 = new HashSet();
        HashMap hashMap4 = new HashMap();
        SecurityConstraintType[] securityConstraintArray = webAppType.getSecurityConstraintArray();
        for (int i = 0; i < securityConstraintArray.length; i++) {
            HashMap hashMap5 = securityConstraintArray[i].getAuthConstraint() == null ? hashMap : securityConstraintArray[i].getAuthConstraint().getRoleNameArray().length == 0 ? hashMap2 : hashMap3;
            String stringValue = securityConstraintArray[i].getUserDataConstraint() != null ? securityConstraintArray[i].getUserDataConstraint().getTransportGuarantee().getStringValue() : "";
            WebResourceCollectionType[] webResourceCollectionArray = securityConstraintArray[i].getWebResourceCollectionArray();
            for (int i2 = 0; i2 < webResourceCollectionArray.length; i2++) {
                HttpMethodType[] httpMethodArray = webResourceCollectionArray[i2].getHttpMethodArray();
                UrlPatternType[] urlPatternArray = webResourceCollectionArray[i2].getUrlPatternArray();
                for (int i3 = 0; i3 < urlPatternArray.length; i3++) {
                    URLPattern uRLPattern = (URLPattern) hashMap5.get(urlPatternArray[i3]);
                    if (uRLPattern == null) {
                        uRLPattern = new URLPattern(urlPatternArray[i3].getStringValue());
                        hashMap5.put(urlPatternArray[i3].getStringValue(), uRLPattern);
                    }
                    URLPattern uRLPattern2 = (URLPattern) hashMap4.get(urlPatternArray[i3].getStringValue());
                    if (uRLPattern2 == null) {
                        uRLPattern2 = new URLPattern(urlPatternArray[i3].getStringValue());
                        hashSet2.add(uRLPattern2);
                        hashMap4.put(urlPatternArray[i3].getStringValue(), uRLPattern2);
                    }
                    for (int i4 = 0; i4 < httpMethodArray.length; i4++) {
                        uRLPattern.addMethod(httpMethodArray[i4].getStringValue());
                        uRLPattern2.addMethod(httpMethodArray[i4].getStringValue());
                    }
                    if (httpMethodArray.length == 0) {
                        uRLPattern.addMethod("");
                        uRLPattern2.addMethod("");
                    }
                    if (hashMap5 == hashMap3) {
                        RoleNameType[] roleNameArray = securityConstraintArray[i].getAuthConstraint().getRoleNameArray();
                        for (int i5 = 0; i5 < roleNameArray.length; i5++) {
                            if (roleNameArray[i5].getStringValue().equals("*")) {
                                uRLPattern.addAllRoles(hashSet);
                            } else {
                                uRLPattern.addRole(roleNameArray[i5].getStringValue());
                            }
                        }
                    }
                    uRLPattern.setTransport(stringValue);
                }
            }
        }
        try {
            Iterator it = hashMap2.keySet().iterator();
            while (it.hasNext()) {
                URLPattern uRLPattern3 = (URLPattern) hashMap2.get(it.next());
                String qualifiedPattern = uRLPattern3.getQualifiedPattern(hashSet2);
                String methods = uRLPattern3.getMethods();
                policyConfiguration.addToExcludedPolicy(new WebResourcePermission(qualifiedPattern, methods));
                policyConfiguration.addToExcludedPolicy(new WebUserDataPermission(qualifiedPattern, methods));
            }
            Iterator it2 = hashMap3.keySet().iterator();
            while (it2.hasNext()) {
                URLPattern uRLPattern4 = (URLPattern) hashMap3.get(it2.next());
                WebResourcePermission webResourcePermission = new WebResourcePermission(uRLPattern4.getQualifiedPattern(hashSet2), uRLPattern4.getMethods());
                Iterator it3 = uRLPattern4.getRoles().iterator();
                while (it3.hasNext()) {
                    policyConfiguration.addToRole((String) it3.next(), webResourcePermission);
                }
            }
            Iterator it4 = hashMap.keySet().iterator();
            while (it4.hasNext()) {
                URLPattern uRLPattern5 = (URLPattern) hashMap.get(it4.next());
                policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(uRLPattern5.getQualifiedPattern(hashSet2), uRLPattern5.getMethods()));
            }
            Iterator it5 = hashMap3.keySet().iterator();
            while (it5.hasNext()) {
                URLPattern uRLPattern6 = (URLPattern) hashMap3.get(it5.next());
                policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(uRLPattern6.getQualifiedPattern(hashSet2), uRLPattern6.getMethodsWithTransport()));
            }
            Iterator it6 = hashMap.keySet().iterator();
            while (it6.hasNext()) {
                URLPattern uRLPattern7 = (URLPattern) hashMap.get(it6.next());
                policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(uRLPattern7.getQualifiedPattern(hashSet2), uRLPattern7.getMethodsWithTransport()));
            }
            Iterator it7 = hashSet2.iterator();
            while (it7.hasNext()) {
                URLPattern uRLPattern8 = (URLPattern) it7.next();
                String qualifiedPattern2 = uRLPattern8.getQualifiedPattern(hashSet2);
                String complementedMethods = uRLPattern8.getComplementedMethods();
                if (complementedMethods.length() != 0) {
                    policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(qualifiedPattern2, complementedMethods));
                    policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(qualifiedPattern2, complementedMethods));
                }
            }
            URLPattern uRLPattern9 = new URLPattern("/");
            if (!hashSet2.contains(uRLPattern9)) {
                String qualifiedPattern3 = uRLPattern9.getQualifiedPattern(hashSet2);
                String complementedMethods2 = uRLPattern9.getComplementedMethods();
                policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(qualifiedPattern3, complementedMethods2));
                policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(qualifiedPattern3, complementedMethods2));
            }
        } catch (PolicyContextException e) {
            throw new GeronimoSecurityException((Throwable) e);
        }
    }

    public static void configure(PolicyConfiguration policyConfiguration, EjbJarType ejbJarType) throws GeronimoSecurityException {
        EnterpriseBeansType enterpriseBeans = ejbJarType.getEnterpriseBeans();
        EntityBeanType[] entityArray = enterpriseBeans.getEntityArray();
        SessionBeanType[] sessionArray = enterpriseBeans.getSessionArray();
        AssemblyDescriptorType assemblyDescriptor = ejbJarType.getAssemblyDescriptor();
        MethodPermissionType[] methodPermissionArray = assemblyDescriptor.getMethodPermissionArray();
        ExcludeListType excludeList = assemblyDescriptor.getExcludeList();
        for (MethodPermissionType methodPermissionType : methodPermissionArray) {
            for (MethodType methodType : methodPermissionType.getMethodArray()) {
                EJBMethodPermission eJBMethodPermission = new EJBMethodPermission(methodType.getEjbName().getStringValue(), methodType.getMethodName().getStringValue(), methodType.getMethodIntf().getStringValue(), toStringArray(methodType.getMethodParams().getMethodParamArray()));
                try {
                    if (methodPermissionType.getUnchecked() != null) {
                        policyConfiguration.addToUncheckedPolicy(eJBMethodPermission);
                    } else {
                        for (RoleNameType roleNameType : methodPermissionType.getRoleNameArray()) {
                            policyConfiguration.addToRole(roleNameType.getStringValue(), eJBMethodPermission);
                        }
                    }
                } catch (PolicyContextException e) {
                    throw new GeronimoSecurityException((Throwable) e);
                }
            }
        }
        if (excludeList != null) {
            MethodType[] methodArray = excludeList.getMethodArray();
            for (int i = 0; i < methodArray.length; i++) {
                try {
                    policyConfiguration.addToExcludedPolicy(new EJBMethodPermission(methodArray[i].getEjbName().getStringValue(), methodArray[i].getMethodName().getStringValue(), methodArray[i].getMethodIntf().getStringValue(), toStringArray(methodArray[i].getMethodParams().getMethodParamArray())));
                } catch (PolicyContextException e2) {
                    throw new GeronimoSecurityException((Throwable) e2);
                }
            }
        }
        for (int i2 = 0; i2 < entityArray.length; i2++) {
            translateSecurityRoleRefs(policyConfiguration, entityArray[i2].getSecurityRoleRefArray(), entityArray[i2].getEjbName().getStringValue());
        }
        for (int i3 = 0; i3 < sessionArray.length; i3++) {
            translateSecurityRoleRefs(policyConfiguration, sessionArray[i3].getSecurityRoleRefArray(), sessionArray[i3].getEjbName().getStringValue());
        }
    }

    public static String[] toStringArray(JavaTypeType[] javaTypeTypeArr) {
        String[] strArr = new String[javaTypeTypeArr.length];
        for (int i = 0; i < javaTypeTypeArr.length; i++) {
            strArr[i] = javaTypeTypeArr[i].getStringValue();
        }
        return strArr;
    }

    private static void translateSecurityRoleRefs(PolicyConfiguration policyConfiguration, SecurityRoleRefType[] securityRoleRefTypeArr, String str) throws GeronimoSecurityException {
        for (int i = 0; i < securityRoleRefTypeArr.length; i++) {
            try {
                policyConfiguration.addToRole(securityRoleRefTypeArr[i].getRoleLink().getStringValue(), new EJBRoleRefPermission(str, securityRoleRefTypeArr[i].getRoleName().getStringValue()));
            } catch (PolicyContextException e) {
                throw new GeronimoSecurityException((Throwable) e);
            }
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
