package weblogic.security.service;

import java.security.AccessController;
import java.util.ArrayList;
import java.util.Vector;
import javax.security.auth.Subject;
import weblogic.common.internal.LogOutputStream;
import weblogic.management.security.ProviderMBean;
import weblogic.management.security.RealmMBean;
import weblogic.management.security.credentials.CredentialMapperMBean;
import weblogic.management.security.credentials.DeployableCredentialMapperMBean;
import weblogic.security.SecurityLogger;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.internal.ForceDDOnly;
import weblogic.security.spi.ApplicationLifecycleProviderMixin;
import weblogic.security.spi.CredentialMapper;
import weblogic.security.spi.CredentialProvider;
import weblogic.security.spi.DeployableCredentialProvider;
import weblogic.security.spi.Resource;

/* loaded from: input_file:weblogic.jar:weblogic/security/service/CredentialManager.class */
public class CredentialManager implements SecurityService {
    private int credMapperList;
    private String realmName;
    private int mapperList;
    private CredentialProvider[] credentialProviders;
    private CredentialMapperMBean[] credentialMBeans;
    private boolean initialized;
    private Vector deployableCredMapProviderVector;
    private boolean debug;
    private LogOutputStream log;
    private RealmMBean realmMBean;
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private static ArrayList credentialMappers = null;

    public CredentialManager() {
        this.credMapperList = 0;
        this.realmName = null;
        this.mapperList = 0;
        this.credentialProviders = null;
        this.credentialMBeans = null;
        this.initialized = false;
        this.deployableCredMapProviderVector = null;
        this.debug = false;
        this.log = null;
        this.realmMBean = null;
    }

    public CredentialManager(String str, ProviderMBean[] providerMBeanArr) {
        this.credMapperList = 0;
        this.realmName = null;
        this.mapperList = 0;
        this.credentialProviders = null;
        this.credentialMBeans = null;
        this.initialized = false;
        this.deployableCredMapProviderVector = null;
        this.debug = false;
        this.log = null;
        this.realmMBean = null;
        this.realmName = str;
        initialize(str, providerMBeanArr);
        if (this.debug) {
            this.log = SecurityServiceManager.getSecurityDebugLog();
        }
    }

    @Override // weblogic.security.service.SecurityService
    public void initialize(String str, ProviderMBean[] providerMBeanArr) throws InvalidParameterException, ProviderException {
        if (null == str || !SecurityServiceManager.doesRealmExistInternal(str)) {
            throw new InvalidParameterException(SecurityLogger.getValidRealmNameMustBeSpecifed());
        }
        CredentialMapperMBean[] credentialMapperMBeanArr = (CredentialMapperMBean[]) providerMBeanArr;
        if (null == credentialMapperMBeanArr || 0 == credentialMapperMBeanArr.length) {
            throw new InvalidParameterException(SecurityLogger.getInvCredMgrConfigMBean());
        }
        this.deployableCredMapProviderVector = new Vector(credentialMapperMBeanArr.length - 1);
        this.credentialProviders = new CredentialProvider[credentialMapperMBeanArr.length];
        for (int i = 0; i < credentialMapperMBeanArr.length; i++) {
            if (credentialMapperMBeanArr[i].getProviderClassName() != null) {
                this.credentialProviders[i] = (CredentialProvider) SecurityServiceManager.createSecurityProvider(credentialMapperMBeanArr[i], null);
            }
            if (this.realmMBean == null) {
                this.realmMBean = credentialMapperMBeanArr[i].getRealm();
            }
            if ((credentialMapperMBeanArr[i] instanceof DeployableCredentialMapperMBean) && ((DeployableCredentialMapperMBean) credentialMapperMBeanArr[i]).isCredentialMappingDeploymentEnabled()) {
                this.deployableCredMapProviderVector.add((DeployableCredentialProvider) this.credentialProviders[i]);
            }
        }
        if (!composeMappers()) {
            throw new NotYetInitializedException(SecurityLogger.getCredMgrInitFailed());
        }
        this.initialized = true;
    }

    public Vector getCredentials(AuthenticatedSubject authenticatedSubject, AuthenticatedSubject authenticatedSubject2, Resource resource, String[] strArr) throws NotYetInitializedException, InvalidParameterException {
        if (!this.initialized) {
            throw new NotYetInitializedException(SecurityLogger.getCredMgrNotYetInit());
        }
        if (strArr == null) {
            throw new InvalidParameterException(SecurityLogger.getCredentialsTypeNull());
        }
        Vector vector = new Vector();
        Subject subject = authenticatedSubject != null ? SecurityServiceManager.seal(kernelId, authenticatedSubject).getSubject() : null;
        Subject subject2 = authenticatedSubject2 != null ? SecurityServiceManager.seal(kernelId, authenticatedSubject2).getSubject() : null;
        for (int i = 0; i < this.mapperList; i++) {
            try {
                Vector credentials = ((CredentialMapper) credentialMappers.get(i)).getCredentials(subject, subject2, resource, strArr);
                if (null != credentials && 0 != credentials.size()) {
                    for (int i2 = 0; i2 < credentials.size(); i2++) {
                        vector.add(credentials.get(i2));
                    }
                }
            } catch (SecurityException e) {
            } catch (SecurityServiceRuntimeException e2) {
            }
        }
        return vector;
    }

    public Vector getCredentials(AuthenticatedSubject authenticatedSubject, String str, Resource resource, String[] strArr) {
        if (!this.initialized) {
            throw new NotYetInitializedException(SecurityLogger.getCredMgrNotYetInit());
        }
        if (strArr == null) {
            throw new InvalidParameterException(SecurityLogger.getCredentialsTypeNull());
        }
        Vector vector = new Vector();
        Subject subject = authenticatedSubject != null ? authenticatedSubject.getSubject() : null;
        for (int i = 0; i < this.mapperList; i++) {
            try {
                Object credentials = ((CredentialMapper) credentialMappers.get(i)).getCredentials(subject, str, resource, strArr);
                if (null != credentials) {
                    vector.add(credentials);
                }
            } catch (SecurityException e) {
            } catch (SecurityServiceRuntimeException e2) {
            }
        }
        return vector;
    }

    @Override // weblogic.security.service.SecurityService
    public void shutdown() {
        for (int i = 0; i < this.credMapperList; i++) {
            this.credentialProviders[i].shutdown();
        }
    }

    @Override // weblogic.security.service.SecurityService
    public void start() {
    }

    @Override // weblogic.security.service.SecurityService
    public void suspend() {
    }

    public boolean isDeployCredentialMappingIgnored() {
        if (ForceDDOnly.isForceDDOnly()) {
            return false;
        }
        return this.realmMBean.isDeployCredentialMappingIgnored();
    }

    private boolean composeMappers() {
        if (this.credentialProviders == null) {
            return false;
        }
        int length = this.credentialProviders.length;
        credentialMappers = new ArrayList(length);
        for (int i = 0; i < length; i++) {
            CredentialMapper credentialProvider = this.credentialProviders[i].getCredentialProvider();
            ArrayList arrayList = credentialMappers;
            int i2 = this.mapperList;
            this.mapperList = i2 + 1;
            arrayList.add(i2, credentialProvider);
        }
        return true;
    }

    public void deployCredentialMapping(Resource resource, String str, String str2, String str3) throws weblogic.security.spi.ResourceCreationException {
        if (isDeployCredentialMappingIgnored()) {
            if (this.debug) {
                this.log.debug("CredentialManager will not deploy credential mapping, isDeployCredentialMappingIgnored is true.");
            }
        } else {
            if (this.deployableCredMapProviderVector == null || this.deployableCredMapProviderVector.isEmpty()) {
                SecurityLogger.logUnableToDeploySecurityInformation(this.realmMBean.wls_getDisplayName(), "DeployableCredentialProvider");
                return;
            }
            for (int i = 0; i < this.deployableCredMapProviderVector.size(); i++) {
                ((DeployableCredentialProvider) this.deployableCredMapProviderVector.get(i)).deployCredentialMapping(resource, str, str2, str3);
            }
        }
    }

    public void undeployCredentialMappings(Resource resource) throws weblogic.security.spi.ResourceRemovalException {
        if (isDeployCredentialMappingIgnored()) {
            if (this.debug) {
                this.log.debug("CredentialManager will not undeploy credential mapping, isDeployCredentialMappingIgnored is true.");
            }
        } else {
            if (this.deployableCredMapProviderVector == null || this.deployableCredMapProviderVector.isEmpty()) {
                SecurityLogger.logUnableToUndeploySecurityInformation(this.realmMBean.wls_getDisplayName(), "DeployableCredentialProvider");
                return;
            }
            for (int i = 0; i < this.deployableCredMapProviderVector.size(); i++) {
                ((DeployableCredentialProvider) this.deployableCredMapProviderVector.get(i)).undeployCredentialMappings(resource);
            }
        }
    }

    public void applicationDeleted(String str, int i, String str2) {
        for (int i2 = 0; i2 < this.deployableCredMapProviderVector.size(); i2++) {
            DeployableCredentialProvider deployableCredentialProvider = (DeployableCredentialProvider) this.deployableCredMapProviderVector.elementAt(i2);
            if (deployableCredentialProvider instanceof ApplicationLifecycleProviderMixin) {
                try {
                    ((ApplicationLifecycleProviderMixin) deployableCredentialProvider).applicationDeleted(str, i, str2);
                } catch (Exception e) {
                    if (this.debug) {
                        this.log.debug(new StringBuffer().append("CredentialManager.applicationDeleted got an exception: ").append(e).toString());
                    }
                }
            }
        }
    }

    public void applicationDeployBegun(String str, int i, String str2) {
        if (isDeployCredentialMappingIgnored()) {
            return;
        }
        for (int i2 = 0; i2 < this.deployableCredMapProviderVector.size(); i2++) {
            DeployableCredentialProvider deployableCredentialProvider = (DeployableCredentialProvider) this.deployableCredMapProviderVector.elementAt(i2);
            if (deployableCredentialProvider instanceof ApplicationLifecycleProviderMixin) {
                try {
                    ((ApplicationLifecycleProviderMixin) deployableCredentialProvider).applicationDeployBegun(str, i, str2);
                } catch (Exception e) {
                    if (this.debug) {
                        this.log.debug(new StringBuffer().append("CredentialManager.applicationDeployBegun got an exception: ").append(e).toString());
                    }
                }
            }
        }
    }

    public void applicationDeployEnded(String str, int i, String str2) {
        if (isDeployCredentialMappingIgnored()) {
            return;
        }
        for (int i2 = 0; i2 < this.deployableCredMapProviderVector.size(); i2++) {
            DeployableCredentialProvider deployableCredentialProvider = (DeployableCredentialProvider) this.deployableCredMapProviderVector.elementAt(i2);
            if (deployableCredentialProvider instanceof ApplicationLifecycleProviderMixin) {
                try {
                    ((ApplicationLifecycleProviderMixin) deployableCredentialProvider).applicationDeployEnded(str, i, str2);
                } catch (Exception e) {
                    if (this.debug) {
                        this.log.debug(new StringBuffer().append("CredentialManager.applicationDeployBegun got an exception: ").append(e).toString());
                    }
                }
            }
        }
    }
}
