package weblogic.security;

import java.security.AccessController;
import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import weblogic.drs.DataIdentifier;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.principal.RealmAdapterUser;
import weblogic.security.service.AdminResource;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;
import weblogic.security.spi.WLSGroup;
import weblogic.security.utils.ESubjectImpl;
import weblogic.utils.AssertionError;

/* loaded from: input_file:weblogic.jar:weblogic/security/SubjectUtils.class */
public class SubjectUtils {
    static Class class$weblogic$security$spi$WLSUser;
    static Class class$weblogic$security$acl$UserInfo;
    static Class class$weblogic$security$spi$WLSGroup;
    static Class class$weblogic$security$principal$RealmAdapterUser;

    public static Principal getUserPrincipal(Subject subject) {
        checkSubjectNonNull(subject);
        return getUserPrincipal(AuthenticatedSubject.getFromSubject(subject));
    }

    public static Principal getUserPrincipal(AuthenticatedSubject authenticatedSubject) {
        Class cls;
        Class cls2;
        checkSubjectNonNull(authenticatedSubject);
        if (class$weblogic$security$spi$WLSUser == null) {
            cls = class$("weblogic.security.spi.WLSUser");
            class$weblogic$security$spi$WLSUser = cls;
        } else {
            cls = class$weblogic$security$spi$WLSUser;
        }
        Principal onePrincipal = getOnePrincipal(authenticatedSubject, cls);
        if (onePrincipal != null) {
            return onePrincipal;
        }
        if (class$weblogic$security$acl$UserInfo == null) {
            cls2 = class$("weblogic.security.acl.UserInfo");
            class$weblogic$security$acl$UserInfo = cls2;
        } else {
            cls2 = class$weblogic$security$acl$UserInfo;
        }
        Principal onePrincipal2 = getOnePrincipal(authenticatedSubject, cls2);
        if (onePrincipal2 != null) {
            return onePrincipal2;
        }
        Set<Principal> principals = authenticatedSubject.getPrincipals();
        if (principals.isEmpty()) {
            return null;
        }
        for (Principal principal : principals) {
            if (!(principal instanceof WLSGroup)) {
                return principal;
            }
        }
        return null;
    }

    public static String getUsername(Subject subject) {
        checkSubjectNonNull(subject);
        return getUsername(AuthenticatedSubject.getFromSubject(subject));
    }

    public static String getUsername(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        if (SecurityServiceManager.isKernelIdentity(authenticatedSubject)) {
            return WLSPrincipals.getKernelUsername();
        }
        Principal userPrincipal = getUserPrincipal(authenticatedSubject);
        return userPrincipal == null ? WLSPrincipals.getAnonymousUsername() : userPrincipal.getName();
    }

    public static String getPrincipalNames(Subject subject) {
        checkSubjectNonNull(subject);
        return getPrincipalNames(AuthenticatedSubject.getFromSubject(subject));
    }

    public static String getPrincipalNames(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        Object[] array = authenticatedSubject.getPrincipals().toArray();
        if (array == null || array.length == 0) {
            return WLSPrincipals.getAnonymousUsername();
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < array.length; i++) {
            String name = ((Principal) array[i]).getName();
            if (i > 0) {
                stringBuffer.append('/');
            }
            if (name != null) {
                stringBuffer.append(name);
            }
        }
        return stringBuffer.toString();
    }

    public static String displaySubject(Subject subject) {
        checkSubjectNonNull(subject);
        return displaySubject(AuthenticatedSubject.getFromSubject(subject));
    }

    public static String displaySubject(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        StringBuffer stringBuffer = new StringBuffer("Subject: ");
        Set principals = authenticatedSubject.getPrincipals();
        stringBuffer.append(principals.size());
        stringBuffer.append("\n");
        for (Object obj : principals.toArray()) {
            Principal principal = (Principal) obj;
            stringBuffer.append("\tPrincipal = ");
            stringBuffer.append(principal.getClass());
            stringBuffer.append("(\"");
            String name = principal.getName();
            if (name != null) {
                stringBuffer.append(name);
            }
            stringBuffer.append("\")\n");
        }
        return stringBuffer.toString();
    }

    public static Principal getOnePrincipal(Subject subject, Class cls) {
        checkSubjectNonNull(subject);
        return getOnePrincipalInternal(subject.getPrincipals(), cls);
    }

    public static Principal getOnePrincipal(AuthenticatedSubject authenticatedSubject, Class cls) {
        checkSubjectNonNull(authenticatedSubject);
        return getOnePrincipalInternal(authenticatedSubject.getPrincipals(), cls);
    }

    private static Principal getOnePrincipalInternal(Set set, Class cls) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            Principal principal = (Principal) it.next();
            if (principal.getClass().equals(cls)) {
                return principal;
            }
        }
        return null;
    }

    public static boolean isUserInGroup(Subject subject, String str) {
        checkSubjectNonNull(subject);
        return isUserInGroup(AuthenticatedSubject.getFromSubject(subject), str);
    }

    private static boolean isUserInGroup(AuthenticatedSubject authenticatedSubject, String str) {
        Class cls;
        Class cls2;
        checkSubjectNonNull(authenticatedSubject);
        if ("users".equals(str)) {
            return !authenticatedSubject.getPrincipals().isEmpty();
        }
        if (ESubjectImpl.EVERYONE_GROUP.equals(str)) {
            return true;
        }
        if (class$weblogic$security$spi$WLSGroup == null) {
            cls = class$("weblogic.security.spi.WLSGroup");
            class$weblogic$security$spi$WLSGroup = cls;
        } else {
            cls = class$weblogic$security$spi$WLSGroup;
        }
        Iterator it = authenticatedSubject.getPrincipals(cls).iterator();
        while (it.hasNext()) {
            String name = ((WLSGroup) it.next()).getName();
            if (name == str) {
                return true;
            }
            if (name != null && name.equals(str)) {
                return true;
            }
        }
        if (class$weblogic$security$principal$RealmAdapterUser == null) {
            cls2 = class$("weblogic.security.principal.RealmAdapterUser");
            class$weblogic$security$principal$RealmAdapterUser = cls2;
        } else {
            cls2 = class$weblogic$security$principal$RealmAdapterUser;
        }
        Principal onePrincipal = getOnePrincipal(authenticatedSubject, cls2);
        return onePrincipal != null && ((RealmAdapterUser) onePrincipal).isUserInGroup(str);
    }

    public static Subject getAnonymousUser() {
        return getAnonymousSubject().getSubject();
    }

    public static AuthenticatedSubject getAnonymousSubject() {
        return AuthenticatedSubject.ANON;
    }

    public static boolean isUserAnonymous(Subject subject) {
        checkSubjectNonNull(subject);
        return isUserAnonymous(AuthenticatedSubject.getFromSubject(subject));
    }

    public static boolean isUserAnonymous(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        return authenticatedSubject == AuthenticatedSubject.ANON || authenticatedSubject.getPrincipals().size() == 0;
    }

    public static boolean isUserAnAdministrator(Subject subject) {
        checkSubjectNonNull(subject);
        return isUserAnAdministrator(AuthenticatedSubject.getFromSubject(subject));
    }

    public static boolean isUserAnAdministrator(AuthenticatedSubject authenticatedSubject) {
        return isUserInAdminRoles(authenticatedSubject, new String[]{"Admin"});
    }

    public static boolean doesUserHaveAnyAdminRoles(AuthenticatedSubject authenticatedSubject) {
        return isUserInAdminRoles(authenticatedSubject, new String[]{"Admin", "Deployer", "Operator", "Monitor"});
    }

    public static boolean isUserInAdminRoles(AuthenticatedSubject authenticatedSubject, String[] strArr) {
        Class cls;
        checkSubjectNonNull(authenticatedSubject);
        if (SecurityServiceManager.isKernelIdentity(authenticatedSubject)) {
            return true;
        }
        Map roles = SecurityServiceManager.getRoleManager((AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction()), SecurityServiceManager.getDefaultRealmName()).getRoles(authenticatedSubject, new AdminResource(DataIdentifier.CONFIGURATION, null, null), null);
        for (String str : strArr) {
            if (SecurityServiceManager.isUserInRole(authenticatedSubject, str, roles)) {
                return true;
            }
        }
        if (class$weblogic$security$principal$RealmAdapterUser == null) {
            cls = class$("weblogic.security.principal.RealmAdapterUser");
            class$weblogic$security$principal$RealmAdapterUser = cls;
        } else {
            cls = class$weblogic$security$principal$RealmAdapterUser;
        }
        Principal onePrincipal = getOnePrincipal(authenticatedSubject, cls);
        return onePrincipal != null && "system".equals(onePrincipal.getName());
    }

    public static void checkSubjectNonNull(Object obj) {
        if (obj == null) {
            throw new AssertionError(SecurityLogger.getIllegalNullSubject());
        }
    }

    public static AuthenticatedSubject combineSubjects(AuthenticatedSubject[] authenticatedSubjectArr) {
        if (authenticatedSubjectArr == null || authenticatedSubjectArr.length == 0) {
            return getAnonymousSubject();
        }
        if (authenticatedSubjectArr.length == 1) {
            return authenticatedSubjectArr[0];
        }
        new AuthenticatedSubject();
        HashSet hashSet = new HashSet();
        for (AuthenticatedSubject authenticatedSubject : authenticatedSubjectArr) {
            Iterator it = authenticatedSubject.getPrincipals().iterator();
            while (it.hasNext()) {
                hashSet.add(it.next());
            }
        }
        return new AuthenticatedSubject(true, hashSet);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
