package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.WebSphereBaseTrustAssociationInterceptor;
import com.ibm.websphere.security.WebTrustAssociationException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.core.SecurityConfig;
import com.ibm.wsspi.security.tai.TrustAssociationInterceptor;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:eclipse/plugins/com.ibm.websphere.v61_6.1.1/ws_runtime.jar:com/ibm/ws/security/web/TrustAssociationManager.class */
public final class TrustAssociationManager {
    public static final String TRUSTED_SERVER_TYPE_WEBSEAL36 = "WebSeal3.6";
    private static TraceComponent tc;
    private static TrustAssociationManager myInstance;
    private static String secondPassList;
    private TAIWrapper[] interceptors = null;
    private int interceptorCount = 0;
    private boolean isTrustAssociationEnabled = false;
    static Class class$com$ibm$ws$security$web$TrustAssociationManager;

    public static void create() {
        if (myInstance == null) {
            myInstance = new TrustAssociationManager();
        }
    }

    public static TrustAssociationManager getInstance() {
        return myInstance;
    }

    private TrustAssociationManager() {
        initialize();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TAIWrapper getInterceptor(HttpServletRequest httpServletRequest, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getInterceptor()");
        }
        for (int i = 0; i < this.interceptorCount; i++) {
            TAIWrapper tAIWrapper = this.interceptors[i];
            if ((z && secondPassList.indexOf(tAIWrapper.getClassName()) == -1) || !(z || secondPassList.indexOf(tAIWrapper.getClassName()) == -1)) {
                try {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Check if target interceptor [").append(i).append("]: ").append(tAIWrapper.getName()).append(" ...").toString());
                    }
                    if (tAIWrapper.isTargetInterceptor(httpServletRequest)) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("Found interceptor: ").append(tAIWrapper.getName()).toString());
                        }
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "getInterceptor()");
                        }
                        return tAIWrapper;
                    }
                    continue;
                } catch (WebTrustAssociationException e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("interceptor ").append(tAIWrapper.getName()).append(" throws exception").toString(), e);
                    }
                    FFDCFilter.processException(e, "com.ibm.ws.security.web.TrustAssociationManager.getInterceptor", "93");
                }
            } else if (tc.isEntryEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Interceptor ").append(tAIWrapper.getClassName()).append(" skipped.  Second pass list = '").append(secondPassList).append("' First pass: ").append(z).toString());
            }
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getInterceptor");
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isTrustAssociationEnabled() {
        return this.isTrustAssociationEnabled;
    }

    int getInterceptorsCount() {
        return this.interceptorCount;
    }

    public void cleanTAInterceptors() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "cleanTAInterceptor");
        }
        for (int i = 0; i < this.interceptorCount; i++) {
            this.interceptors[i].cleanup();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "cleanTAInterceptor");
        }
    }

    private void initialize() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize");
        }
        if (((String) SecurityConfig.getConfig().getValue("security.activeAuthMechanism")).equals("LTPA")) {
            Boolean bool = (Boolean) SecurityConfig.getConfig().getValue("security.ltpa.trustAssociationEnabled");
            if (bool == null || !bool.booleanValue()) {
                this.isTrustAssociationEnabled = false;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Trust Association not enabled");
                }
            } else {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Trust Association enabled: Trying to load the interceptors");
                }
                secondPassList = (String) SecurityConfig.getConfig().getValue("com.ibm.websphere.security.DeferTAItoSSO");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Second pass list: ").append(secondPassList).toString());
                }
                String str = null;
                try {
                    List list = (List) SecurityConfig.getConfig().getValue("security.ltpa.trustAssociations");
                    if (list.size() == 0) {
                        this.isTrustAssociationEnabled = false;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "No interceptors provided for Trust Association");
                        }
                    } else {
                        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
                        if (contextClassLoader == null) {
                            Tr.error(tc, "security.web.ta.classloaderr");
                            this.isTrustAssociationEnabled = false;
                        } else {
                            ArrayList arrayList = new ArrayList(list.size());
                            for (int i = 0; i < list.size(); i++) {
                                Properties properties = (Properties) list.get(i);
                                str = (String) properties.get("com.ibm.wsspi.security.TAIClassName");
                                if (str == null) {
                                    Tr.error(tc, "security.web.ta.nointclass", new Object[]{str});
                                } else {
                                    try {
                                        try {
                                            Object newInstance = contextClassLoader.loadClass(str).newInstance();
                                            Tr.audit(tc, "security.web.ta.loadclass", new Object[]{str});
                                            if (newInstance instanceof WebSphereBaseTrustAssociationInterceptor) {
                                                if (properties != null && properties.size() > 0) {
                                                    if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, "Trust Properties = ", properties);
                                                    }
                                                    int init = ((WebSphereBaseTrustAssociationInterceptor) newInstance).init(properties);
                                                    int i2 = 0;
                                                    String str2 = (String) properties.get(CommonConstants.TAI_IGNORE_STATUS);
                                                    if (str2 == null || !str2.equalsIgnoreCase("true")) {
                                                        String str3 = (String) properties.get(CommonConstants.TAI_ERROR_STATUS);
                                                        if (str3 != null) {
                                                            i2 = Integer.valueOf(str3).intValue();
                                                            if (tc.isDebugEnabled()) {
                                                                Tr.debug(tc, new StringBuffer().append("Success Status for TAI is : ").append(i2).toString());
                                                            }
                                                        }
                                                        if (init != i2) {
                                                            Tr.error(tc, "security.web.ta.initerr", new Object[]{str, Integer.toString(init)});
                                                            if (tc.isDebugEnabled()) {
                                                                Tr.debug(tc, new StringBuffer().append("The Trust Association Implementation file ").append(str).append(" init method returned error status: ").append(init).append(". The expected status for success is ").append(i2).toString());
                                                            }
                                                        }
                                                    } else if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, new StringBuffer().append("The Trust Association Implementation file ").append(str).append(" init method returned status: ").append(init).toString());
                                                    }
                                                }
                                                Tr.audit(tc, "security.web.ta.intsig", new Object[]{((WebSphereBaseTrustAssociationInterceptor) newInstance).getVersion()});
                                            } else if (newInstance instanceof TrustAssociationInterceptor) {
                                                if (properties != null && properties.size() > 0) {
                                                    if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, "Trust Properties = ", properties);
                                                    }
                                                    int initialize = ((TrustAssociationInterceptor) newInstance).initialize(properties);
                                                    int i3 = 0;
                                                    String str4 = (String) properties.get(CommonConstants.TAI_IGNORE_STATUS);
                                                    if (str4 == null || !str4.equalsIgnoreCase("true")) {
                                                        String str5 = (String) properties.get(CommonConstants.TAI_ERROR_STATUS);
                                                        if (str5 != null) {
                                                            i3 = Integer.valueOf(str5).intValue();
                                                            if (tc.isDebugEnabled()) {
                                                                Tr.debug(tc, new StringBuffer().append("Success Status for TAI is : ").append(i3).toString());
                                                            }
                                                        }
                                                        if (initialize != i3) {
                                                            Tr.error(tc, "security.web.ta.initerr", new Object[]{str, Integer.toString(initialize)});
                                                            if (tc.isDebugEnabled()) {
                                                                Tr.debug(tc, new StringBuffer().append("The Trust Association Implementation file ").append(str).append(" init method returned error status: ").append(initialize).append(". The expected status for success is ").append(i3).toString());
                                                            }
                                                        }
                                                    } else if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, new StringBuffer().append("The Trust Association Implementation file ").append(str).append(" init method returned status: ").append(initialize).toString());
                                                    }
                                                }
                                                Tr.audit(tc, "security.web.ta.intsig", new Object[]{((TrustAssociationInterceptor) newInstance).getVersion()});
                                            }
                                            arrayList.add(newInstance);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, new StringBuffer().append("Adding Interceptor: ").append(str).toString());
                                            }
                                        } catch (ClassNotFoundException e) {
                                            FFDCFilter.processException(e, "com.ibm.ws.security.web.TrustAssociationManager.initialize", "178", this);
                                            Tr.error(tc, "security.web.ta.loadclasserr", new Object[]{str});
                                        }
                                    } catch (NoClassDefFoundError e2) {
                                        FFDCFilter.processException(e2, "com.ibm.ws.security.web.TrustAssociationManager.initialize", "178", this);
                                        Tr.error(tc, "security.web.ta.loadclasserr", new Object[]{str});
                                    } catch (Throwable th) {
                                        FFDCFilter.processException(th, "com.ibm.ws.security.web.TrustAssociationManager.initialize", "197", this);
                                        Tr.error(tc, "security.web.ta.initerr", new Object[]{str, th});
                                    }
                                }
                            }
                            this.interceptorCount = arrayList.size();
                            if (this.interceptorCount != 0) {
                                this.interceptors = new TAIWrapper[this.interceptorCount];
                                for (int i4 = 0; i4 < this.interceptorCount; i4++) {
                                    this.interceptors[i4] = new TAIWrapper(arrayList.get(i4));
                                }
                                this.isTrustAssociationEnabled = true;
                            } else {
                                this.isTrustAssociationEnabled = false;
                            }
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Number of Interceptors added are: ").append(this.interceptorCount).toString());
                            }
                        }
                    }
                } catch (Exception e3) {
                    FFDCFilter.processException(e3, "com.ibm.ws.security.web.TrustAssociationManager.initialize", "207", this);
                    this.isTrustAssociationEnabled = false;
                    Tr.error(tc, "security.web.ta.initerr", new Object[]{str, e3});
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initialize");
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$security$web$TrustAssociationManager == null) {
            cls = class$("com.ibm.ws.security.web.TrustAssociationManager");
            class$com$ibm$ws$security$web$TrustAssociationManager = cls;
        } else {
            cls = class$com$ibm$ws$security$web$TrustAssociationManager;
        }
        tc = Tr.register(cls, (String) null, "com.ibm.ejs.resources.security");
        myInstance = null;
        secondPassList = "";
    }
}
