package com.ibm.ISecurityLocalObjectBaseL13Impl;

import com.ibm.CORBA.iiop.ORB;
import com.ibm.ISecurityL13SupportImpl.LoginPanel;
import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ISecurityL13SupportImpl.SecurityMessages;
import com.ibm.ISecurityUtilityImpl.AuthenticationTarget;
import com.ibm.ISecurityUtilityImpl.KeyFile;
import com.ibm.ISecurityUtilityImpl.KeyFileEntry;
import com.ibm.ISecurityUtilityImpl.RealmSecurityName;
import com.ibm.ISecurityUtilityImpl.SecurityConfiguration;
import com.ibm.ISecurityUtilityImpl.SourceLocation;
import com.ibm.ISecurityUtilityImpl.StdinLoginPrompt;
import com.ibm.ISecurityUtilityImpl.StringBytesConversion;
import com.ibm.websphere.security.WebSphereRuntimePermission;
import com.ibm.websphere.security.auth.WSLoginFailedException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.swing.JFrame;
import org.omg.CORBA.NO_MEMORY;
import org.omg.Security.OpaqueHolder;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.CredentialsHolder;
import org.omg.SecurityLevel2.LoginFailed;

/* loaded from: input_file:lib/sas.jar:com/ibm/ISecurityLocalObjectBaseL13Impl/LoginHelperImpl.class */
public class LoginHelperImpl extends com.ibm.IExtendedSecurityImpl.LoginHelperImpl {
    private CurrentImpl _current;
    private VaultImpl _vault;
    private ORB _orb;
    private SecurityConfiguration _secConfig;
    private int _loginSource;
    private int _loginTimeout;
    private String r_name;
    private String s_name;
    private String p_name;
    private String p_word;
    private byte[] a_data;
    private int result;
    private static KeyFile _keyFile = null;
    private static int stdinRetry = 0;
    private static final WebSphereRuntimePermission perm = new WebSphereRuntimePermission("SecOwnCredentials");

    protected LoginHelperImpl() {
        this._current = null;
        this._vault = null;
        this._orb = null;
        this._secConfig = null;
        this._loginSource = 7;
        this._loginTimeout = 300;
        this.r_name = null;
        this.s_name = null;
        this.p_name = null;
        this.p_word = null;
        this.a_data = null;
        this.result = 0;
    }

    public LoginHelperImpl(ORB orb, SecurityConfiguration securityConfiguration) {
        this._current = null;
        this._vault = null;
        this._orb = null;
        this._secConfig = null;
        this._loginSource = 7;
        this._loginTimeout = 300;
        this.r_name = null;
        this.s_name = null;
        this.p_name = null;
        this.p_word = null;
        this.a_data = null;
        this.result = 0;
        if (orb != null) {
            this._vault = VaultImpl.getInstance();
            this._orb = orb;
            this._secConfig = securityConfiguration;
            this._loginSource = this._secConfig.getloginSource();
            this._loginTimeout = this._secConfig.getloginTimeout();
            try {
                _keyFile = getKeyFileObject();
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.LoginHelperImpl", "171", this);
                SecurityLogger.traceException("LoginHelperImpl.LoginHelperImpl", e, 0, 0);
            }
        }
    }

    private CurrentImpl current() {
        return this._vault.getCurrent();
    }

    private void getEnvironmentLogin() {
    }

    private String getHostName() {
        String str;
        try {
            str = this._orb.getLocalHost();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.getHostName", "243", this);
            str = null;
        }
        if (str == null || str.length() == 0) {
            str = "localHost";
        }
        return str;
    }

    private void getKeyFileLogin() {
        if (this.p_name == null) {
            this.p_name = this._secConfig.getprincipalName();
            this.p_name = RealmSecurityName.getRealmSecurityName(this.p_name);
            this.s_name = RealmSecurityName.getSecurityName(this.p_name);
            this.r_name = RealmSecurityName.getRealm(this.p_name);
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("LoginHelperImpl.getKeyFileLogin", new StringBuffer().append("Getting login information from key-file for ").append(this.p_name).toString());
        }
        if (_keyFile == null) {
            _keyFile = new KeyFile(this._secConfig.getkeyFileName());
        }
        KeyFileEntry find = _keyFile.find(this.r_name, this.s_name);
        if (find == null) {
            this.p_word = null;
            SecurityLogger.logActivity("LoginHelperImpl.getKeyFileLogin", 0, SecurityMessages.getMsgOrUseDefault("JSAS0454A", "JSAS0454A: The indicated entry was not found in the key file."));
            return;
        }
        this.p_name = find.getUserid();
        this.p_word = find.getPassword();
        this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.p_name);
        this.s_name = RealmSecurityName.getSecurityName(this.p_name);
        this.r_name = RealmSecurityName.getRealm(this.p_name);
    }

    public KeyFile getKeyFileObject() {
        String str = this._secConfig.getkeyFileName();
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("LoginHelperImpl.getKeyFileObject", "Getting an authentication key file object.");
        }
        if (_keyFile == null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("LoginHelperImpl.getKeyFileObject", new StringBuffer().append("Authentication key file is: ").append(str).toString());
            }
            _keyFile = new KeyFile(str);
        }
        if (_keyFile.isEmpty()) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("LoginHelperImpl.getKeyFileObject", "Returning authentication key file object is empty.");
            }
        } else if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("LoginHelperImpl.getKeyFileObject", "Returning authentication key file object is initialized.");
        }
        return _keyFile;
    }

    private void getPropertiesLogin() {
        this.p_name = this._secConfig.getloginUserid();
        this.p_word = (String) AccessController.doPrivileged(new PrivilegedAction(this) { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.1
            private final LoginHelperImpl this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.this$0._secConfig.getloginPassword();
            }
        });
        this.p_name = RealmSecurityName.getRealmSecurityName(this.p_name);
        this.s_name = RealmSecurityName.getSecurityName(this.p_name);
    }

    private void getStdInLogin() {
        try {
            if (stdinRetry < 1) {
                if (this.r_name.length() > 0) {
                    System.out.println(new StringBuffer().append(SecurityMessages.getMsgOrUseDefault("RealmName", "Realm (Cell) Name")).append(": ").append(this.r_name).toString());
                }
                String[] uidAndPassword = new StdinLoginPrompt().getUidAndPassword();
                if (uidAndPassword != null) {
                    this.p_word = uidAndPassword[1];
                    this.p_name = RealmSecurityName.getRealmSecurityName(uidAndPassword[0]);
                    this.s_name = RealmSecurityName.getSecurityName(uidAndPassword[0]);
                    if (this.r_name.length() == 0) {
                        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
                        System.out.print(new StringBuffer().append(SecurityMessages.getMsgOrUseDefault("RealmName", "Realm (Cell) Name")).append(": ").toString());
                        this.r_name = bufferedReader.readLine().trim();
                        if (this.r_name.length() == 0) {
                            this.r_name = getHostName();
                        }
                        this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.s_name);
                    }
                    stdinRetry = 0;
                } else {
                    stdinRetry++;
                    this.r_name = null;
                    this.s_name = null;
                    this.p_name = null;
                    this.p_word = null;
                }
            } else {
                stdinRetry = 0;
                this.r_name = null;
                this.s_name = null;
                this.p_name = null;
                this.p_word = null;
            }
        } catch (IOException e) {
            FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.getStdInLogin", "452", this);
            System.out.println("unable to get system input stream");
        }
    }

    private synchronized boolean getPromptLogin() {
        boolean z = false;
        boolean z2 = false;
        while (!z) {
            JFrame jFrame = new JFrame();
            LoginPanel loginPanel = new LoginPanel(this.s_name, this.r_name, this.p_word, this._loginTimeout, jFrame);
            this.result = loginPanel.showPanel();
            if (this.result == 2) {
                String id = loginPanel.getId();
                if (id == null || id.length() <= 0) {
                    this.s_name = "";
                    this.r_name = "";
                    this.p_name = "";
                    this.p_word = "";
                } else {
                    this.s_name = new String(id.trim());
                    if (this.s_name == null || this.s_name.length() <= 0) {
                        this.r_name = "";
                        this.p_name = "";
                        this.p_word = "";
                    } else {
                        String cell = loginPanel.getCell();
                        if (cell == null || cell.length() <= 0) {
                            this.r_name = "";
                        } else {
                            this.r_name = new String(cell.trim());
                        }
                        this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.s_name);
                        String password = loginPanel.getPassword();
                        if (password == null || password.length() <= 0) {
                            this.p_word = "";
                        } else {
                            this.p_word = new String(password);
                        }
                        loginPanel.dispose();
                        loginPanel = null;
                        z = true;
                    }
                }
                if (!z) {
                    loginPanel.dispose();
                    z = true;
                }
            } else {
                z2 = true;
                loginPanel.dispose();
                this.r_name = null;
                this.s_name = null;
                this.p_name = null;
                this.p_word = null;
                z = true;
            }
            if (jFrame != null) {
                jFrame.dispose();
            }
        }
        return !z2;
    }

    public synchronized Credentials request_login(int i, byte[] bArr) throws LoginFailed {
        Credentials credentials;
        if (i == 262144) {
            i = 1;
        }
        String str = (String) AuthenticationTarget.strings.get(new Integer(i));
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("LoginHelperImpl.request_login", new StringBuffer().append("Logging in by validating the ").append(str).append(" credential token.").toString());
        }
        switch (i) {
            case 1:
            case 2:
            case 6:
                if (bArr == null || bArr.length == 0) {
                    SecurityLogger.logError("security.JSAS0052E", new Object[]{"LoginHelperImpl.request_login"});
                    throw new LoginFailed();
                }
                CurrentImpl current = current();
                if (current == null) {
                    SecurityLogger.logError("security.JSAS0030E", new Object[]{"LoginHelperImpl.request_login"});
                    throw new LoginFailed();
                }
                try {
                    current.setServerCredBeforeClientSideOperation(i, bArr);
                    try {
                        credentials = request_login_controlled(null, null, null, bArr, null, null, true, i, true);
                    } catch (Exception e) {
                        FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login", "716", this);
                        credentials = null;
                    }
                    try {
                        current.resetServerCredAfterClientSideOperation();
                        if (credentials != null) {
                            return credentials;
                        }
                        SecurityLogger.logError("security.JSAS0053E", new Object[]{"LoginHelperImpl.request_login"});
                        throw new LoginFailed();
                    } catch (Exception e2) {
                        FFDCFilter.processException(e2, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login", "729", this);
                        SecurityLogger.debugMessage("LoginHelperImpl.request_login", "Unable to reset the server credentials after a client-side operation.");
                        throw new LoginFailed();
                    }
                } catch (Exception e3) {
                    FFDCFilter.processException(e3, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login", "693", this);
                    SecurityLogger.debugMessage("LoginHelperImpl.request_login", "Unable to set the server credentials before a client-side operation.");
                    throw new LoginFailed();
                }
            default:
                SecurityLogger.logError("security.JSAS0051E", new Object[]{"LoginHelperImpl.request_login"});
                throw new LoginFailed();
        }
    }

    @Override // com.ibm.IExtendedSecurityImpl.LoginHelperImpl, com.ibm.IExtendedSecurity.__LoginHelperImplBase, com.ibm.IExtendedSecurity._LoginHelperOperations
    public synchronized Credentials request_login(String str, String str2, String str3, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder) throws LoginFailed {
        if (str == null || str.equals("") || str3 == null || str3.equals("")) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("LoginHelperImpl.request_login", "Security name and/or password not specified.  Login Failed.");
            }
            throw new LoginFailed();
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("LoginHelperImpl.request_login", new StringBuffer().append("Logging in:  Security Name ").append(str).append(" Realm Name ").append(str2).toString());
        }
        return request_login_controlled(str, str2, str3, credentialsHolder, opaqueHolder, false);
    }

    public synchronized Credentials request_login_controlled(String str, String str2, String str3, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, boolean z) throws LoginFailed {
        return request_login_controlled(str, str2, str3, credentialsHolder, opaqueHolder, z, 0);
    }

    public synchronized Credentials request_login_controlled(String str, String str2, String str3, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, boolean z, int i) throws LoginFailed {
        return request_login_controlled(str, str2, str3, credentialsHolder, opaqueHolder, z, i, true);
    }

    public synchronized Credentials request_login_controlled(String str, String str2, String str3, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, boolean z, boolean z2) throws LoginFailed {
        return request_login_controlled(str, str2, str3, credentialsHolder, opaqueHolder, z, 0, z2);
    }

    public synchronized Credentials request_login_controlled(String str, String str2, String str3, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, boolean z, int i, boolean z2) throws LoginFailed {
        return request_login_controlled(str, str2, str3, null, credentialsHolder, opaqueHolder, z, i, z2);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:149:0x0733
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public synchronized org.omg.SecurityLevel2.Credentials request_login_controlled(java.lang.String r10, java.lang.String r11, java.lang.String r12, byte[] r13, org.omg.SecurityLevel2.CredentialsHolder r14, org.omg.Security.OpaqueHolder r15, boolean r16, int r17, boolean r18) throws org.omg.SecurityLevel2.LoginFailed {
        /*
            Method dump skipped, instructions count: 1959
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login_controlled(java.lang.String, java.lang.String, java.lang.String, byte[], org.omg.SecurityLevel2.CredentialsHolder, org.omg.Security.OpaqueHolder, boolean, int, boolean):org.omg.SecurityLevel2.Credentials");
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:118:0x01e0. Please report as an issue. */
    public synchronized Subject request_login_controlled(String str, String str2, String str3, byte[] bArr, boolean z) throws WSLoginFailedException {
        SecurityManager securityManager;
        Subject login;
        if ((str == null || str.equals("") || str3 == null || str3.equals("")) && (securityManager = System.getSecurityManager()) != null) {
            SecurityLogger.debugMessage("LoginHelperImpl.request_login_controlled", new StringBuffer().append("Performing Java 2 Security Permission Check ...Expecting : ").append(perm.toString()).toString());
            securityManager.checkPermission(perm);
        }
        ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
        this.r_name = null;
        this.s_name = null;
        this.p_name = null;
        this.p_word = null;
        this.a_data = null;
        if (bArr == null) {
            if (str != null) {
                this.s_name = new String(str.trim());
                if (this.s_name == null) {
                    throw new NO_MEMORY();
                }
            }
            if (str2 != null) {
                this.r_name = new String(str2.trim());
                if (this.r_name == null) {
                    throw new NO_MEMORY();
                }
            }
            if (str3 != null) {
                this.p_word = new String(str3);
                if (this.p_word == null) {
                    throw new NO_MEMORY();
                }
            }
            if (this.s_name == null && this.p_word == null) {
                String property = this._orb.getProperty("com.ibm.CORBA.BVTestPrincipalName");
                if (property != null && property.length() > 0) {
                    this.s_name = new String(RealmSecurityName.getSecurityName(property));
                    if (this.s_name == null) {
                        throw new NO_MEMORY();
                    }
                    this.r_name = new String(RealmSecurityName.getRealm(property));
                    if (this.r_name == null) {
                        throw new NO_MEMORY();
                    }
                }
                String property2 = this._orb.getProperty("com.ibm.CORBA.BVTestPassword");
                if (property2 != null && property2.length() > 0) {
                    this.p_word = new String(property2);
                    if (this.p_word == null) {
                        throw new NO_MEMORY();
                    }
                }
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("LoginHelperImpl.request_login_controlled", new StringBuffer().append("s_name: ").append(this.s_name).append(", p_word: ").append(SecurityConfiguration.mask(this.p_word)).append(", r_name: ").append(this.r_name).toString());
            }
            if (this.s_name == null || this.s_name.length() == 0 || this.p_word == null || this.p_word.length() == 0) {
                switch (this._loginSource) {
                    case 1:
                        try {
                            if (!getPromptLogin() || (this.s_name != null && this.s_name.length() != 0 && this.p_word != null && this.p_word.length() != 0)) {
                                break;
                            } else {
                                throw new WSLoginFailedException("username and/or password is null");
                            }
                        } catch (WSLoginFailedException e) {
                            throw e;
                        } catch (Throwable th) {
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("LoginHelperImpl.request_login_controlled", "Error occurred with GUI prompt, logging in with console prompt.");
                            }
                            getStdInLogin();
                            break;
                        }
                        break;
                    case 3:
                        getKeyFileLogin();
                        break;
                    case 4:
                        getEnvironmentLogin();
                        break;
                    case 5:
                        getPropertiesLogin();
                        break;
                    case 6:
                        getStdInLogin();
                        break;
                    case 7:
                        if (this.s_name == null || this.s_name.length() == 0 || this.p_word == null || this.p_word.length() == 0) {
                            return SubjectHelper.createUnauthenticatedSubject();
                        }
                        break;
                }
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("LoginHelperImpl.request_login_controlled", new StringBuffer().append("Login source is ").append(SourceLocation.strings.get(new Integer(this._loginSource))).append(".").toString());
            }
            this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.s_name);
            this.a_data = StringBytesConversion.getConvertedBytes(this.p_word);
        } else {
            this.a_data = bArr;
        }
        if (this.result == 3) {
            return SubjectHelper.createUnauthenticatedSubject();
        }
        if (this.a_data == null || this.a_data.length == 0) {
            String msgOrUseDefault = SecurityMessages.getMsgOrUseDefault("JSAS0455A", "JSAS0455A: Unable to login principal, invalid authentication information.");
            SecurityLogger.logActivity("LoginHelperImpl.request_login_controlled", 0, msgOrUseDefault);
            throw new WSLoginFailedException(msgOrUseDefault);
        }
        try {
            if (bArr == null) {
                login = contextManagerFactory.login(this.r_name, this.s_name, this.p_word);
                SubjectHelper.getWSCredentialFromSubject(login);
            } else {
                login = contextManagerFactory.login(this.r_name, this.a_data);
                SubjectHelper.getWSCredentialFromSubject(login);
            }
            if (login == null) {
                SecurityLogger.logError("security.JSAS0240E", new Object[]{"LoginHelperImpl.request_login_controlled"});
                throw new WSLoginFailedException(SecurityMessages.getMsgOrUseDefault("JSAS0240E", "JSAS0240E: Login failed.  Verify the userid/password is correct.  Check the properties file to ensure the login source is valid.  If this error occurs on the server, check the server properties to ensure the principalName has a valid realm and userid."));
            }
            if (z) {
                try {
                    contextManagerFactory.setInvocationSubject(login);
                } catch (Exception e2) {
                    FFDCFilter.processException(e2, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login_controlled", "1294", this);
                    SecurityLogger.logError("security.JSAS0054E", new Object[]{"LoginHelperImpl.request_login_controlled", e2});
                    if (e2 instanceof WSLoginFailedException) {
                        throw ((WSLoginFailedException) e2);
                    }
                    throw new WSLoginFailedException(e2.getMessage(), e2);
                }
            }
            if (!contextManagerFactory.processIsServer()) {
                this._vault.set_default_subject(login);
            }
            return login;
        } catch (Exception e3) {
            FFDCFilter.processException(e3, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login_controlled", "1161", this);
            if (SecurityLogger.traceEnabled) {
                SecurityLogger.traceException("LoginHelperImpl.request_login_controlled", e3, 0, 0);
            }
            if (e3 instanceof WSLoginFailedException) {
                throw ((WSLoginFailedException) e3);
            }
            throw new WSLoginFailedException(e3.getMessage(), e3);
        }
    }
}
