package com.sun.enterprise.security.jauth;

import com.sun.enterprise.Switch;
import com.sun.enterprise.config.ConfigContext;
import com.sun.enterprise.config.ConfigException;
import com.sun.enterprise.config.ConfigFactory;
import com.sun.enterprise.config.clientbeans.ClientBeansResolver;
import com.sun.enterprise.config.clientbeans.ClientContainer;
import com.sun.enterprise.config.serverbeans.Config;
import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.config.serverbeans.MessageSecurityConfig;
import com.sun.enterprise.config.serverbeans.ProviderConfig;
import com.sun.enterprise.config.serverbeans.RequestPolicy;
import com.sun.enterprise.config.serverbeans.ResponsePolicy;
import com.sun.enterprise.deployment.phasing.DeploymentServiceUtils;
import com.sun.enterprise.security.jauth.ConfigFile;
import com.sun.logging.LogDomains;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.logging.Logger;
import javax.security.auth.login.AppConfigurationEntry;
import sun.security.util.Debug;
import sun.security.util.PropertyExpander;

/* loaded from: input_file:119166-17/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/security/jauth/ConfigXMLParser.class */
class ConfigXMLParser implements ConfigParser {
    private static Logger _logger;
    private HashMap configMap;
    private static final String SUNACC_XML_URL = "sun-acc.xml.url";
    private static final Debug debug = Debug.getInstance("configxmlparser", "[ConfigXMLParser]");
    static Class class$com$sun$enterprise$config$clientbeans$ClientContainer;

    ConfigXMLParser() throws IOException {
        HashMap hashMap = new HashMap();
        if (Switch.getSwitch().getContainerType() == 2) {
            readDomainXML(hashMap);
        } else {
            readSunAccXML(hashMap);
        }
        this.configMap = hashMap;
    }

    private static void readDomainXML(HashMap hashMap) throws IOException {
        try {
            ConfigContext configContext = DeploymentServiceUtils.getConfigContext();
            if (configContext == null) {
                return;
            }
            for (Config config : ((Domain) configContext.getRootConfigBean()).getConfigs().getConfig()) {
                MessageSecurityConfig[] messageSecurityConfig = config.getSecurityService().getMessageSecurityConfig();
                for (int i = 0; messageSecurityConfig != null && i < messageSecurityConfig.length; i++) {
                    String parseInterceptEntry = parseInterceptEntry(messageSecurityConfig[i], hashMap);
                    ProviderConfig[] providerConfig = messageSecurityConfig[i].getProviderConfig();
                    for (int i2 = 0; providerConfig != null && i2 < providerConfig.length; i2++) {
                        parseIDEntry(providerConfig[i2], hashMap, parseInterceptEntry);
                    }
                }
            }
        } catch (ConfigException e) {
            IOException iOException = new IOException();
            iOException.initCause(e);
            throw iOException;
        }
    }

    private static void readSunAccXML(HashMap hashMap) throws IOException {
        Class cls;
        try {
            String property = System.getProperty(SUNACC_XML_URL);
            if (class$com$sun$enterprise$config$clientbeans$ClientContainer == null) {
                cls = class$("com.sun.enterprise.config.clientbeans.ClientContainer");
                class$com$sun$enterprise$config$clientbeans$ClientContainer = cls;
            } else {
                cls = class$com$sun$enterprise$config$clientbeans$ClientContainer;
            }
            com.sun.enterprise.config.clientbeans.MessageSecurityConfig[] messageSecurityConfig = ((ClientContainer) ConfigFactory.createConfigContext(property, true, false, false, cls, new ClientBeansResolver()).getRootConfigBean()).getMessageSecurityConfig();
            int i = 0;
            while (messageSecurityConfig != null) {
                if (i >= messageSecurityConfig.length) {
                    break;
                }
                String parseInterceptEntry = parseInterceptEntry(messageSecurityConfig[i], hashMap);
                com.sun.enterprise.config.clientbeans.ProviderConfig[] providerConfig = messageSecurityConfig[i].getProviderConfig();
                for (int i2 = 0; providerConfig != null && i2 < providerConfig.length; i2++) {
                    parseIDEntry(providerConfig[i2], hashMap, parseInterceptEntry);
                }
                i++;
            }
        } catch (ConfigException e) {
            IOException iOException = new IOException();
            iOException.initCause(e);
            throw iOException;
        }
    }

    @Override // com.sun.enterprise.security.jauth.ConfigParser
    public HashMap getConfigMap() {
        return this.configMap;
    }

    private static String parseInterceptEntry(MessageSecurityConfig messageSecurityConfig, HashMap hashMap) throws IOException {
        String authLayer = messageSecurityConfig.getAuthLayer();
        String defaultProvider = messageSecurityConfig.getDefaultProvider();
        String defaultClientProvider = messageSecurityConfig.getDefaultClientProvider();
        if (debug != null) {
            debug.println(new StringBuffer().append("Intercept Entry: \n    intercept: ").append(authLayer).append("\n    defaultServerID: ").append(defaultProvider).append("\n    defaultClientID:  ").append(defaultClientProvider).toString());
        }
        if (((ConfigFile.InterceptEntry) hashMap.get(authLayer)) != null) {
            throw new IOException("found multiple MessageSecurityConfig entries with the same auth-layer");
        }
        hashMap.put(authLayer, new ConfigFile.InterceptEntry(defaultClientProvider, defaultProvider, null));
        return authLayer;
    }

    private static void parseIDEntry(ProviderConfig providerConfig, HashMap hashMap, String str) throws IOException {
        String providerId = providerConfig.getProviderId();
        String providerType = providerConfig.getProviderType();
        String className = providerConfig.getClassName();
        ArrayList arrayList = new ArrayList();
        AuthPolicy parseRequestPolicy = parseRequestPolicy(providerConfig.getRequestPolicy());
        AuthPolicy parseResponsePolicy = parseResponsePolicy(providerConfig.getResponsePolicy());
        HashMap hashMap2 = new HashMap();
        for (int i = 0; i < providerConfig.sizeElementProperty(); i++) {
            try {
                hashMap2.put(providerConfig.getElementProperty(i).getName(), PropertyExpander.expand(providerConfig.getElementProperty(i).getValue(), true));
            } catch (PropertyExpander.ExpandException e) {
                _logger.warning("Container-auth: unable to expand provider property value - unexpanded value passed to provider");
                hashMap2.put(providerConfig.getElementProperty(i).getName(), providerConfig.getElementProperty(i).getValue());
            }
        }
        if (debug != null) {
            debug.println(new StringBuffer().append("ID Entry: \n    id: ").append(providerId).append("\n    type: ").append(providerType).append("\n    request policy: ").append(parseRequestPolicy).append("\n    response policy: ").append(parseResponsePolicy).append("\n    module class: ").append(className).append("\n        options: ").append(hashMap2).toString());
        }
        arrayList.add(new AppConfigurationEntry(providerConfig.getClassName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap2));
        ConfigFile.IDEntry iDEntry = new ConfigFile.IDEntry(providerType, parseRequestPolicy, parseResponsePolicy, arrayList);
        ConfigFile.InterceptEntry interceptEntry = (ConfigFile.InterceptEntry) hashMap.get(str);
        if (interceptEntry == null) {
            throw new IOException(new StringBuffer().append("intercept entry for ").append(str).append(" must be specified before ID entries").toString());
        }
        if (interceptEntry.idMap == null) {
            interceptEntry.idMap = new HashMap();
        }
        interceptEntry.idMap.put(providerId, iDEntry);
    }

    private static AuthPolicy parseRequestPolicy(RequestPolicy requestPolicy) {
        if (requestPolicy == null) {
            return null;
        }
        int i = 0;
        boolean z = true;
        String authSource = requestPolicy.getAuthSource();
        if (AuthPolicy.SENDER.equals(authSource)) {
            i = 1;
        } else if (AuthPolicy.CONTENT.equals(authSource)) {
            i = 2;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth source: ").append(authSource).toString());
            }
            z = false;
        }
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = true;
        String authRecipient = requestPolicy.getAuthRecipient();
        if (AuthPolicy.BEFORE_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = true;
        } else if (AuthPolicy.AFTER_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = false;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth recipient: ").append(authRecipient).toString());
            }
            z4 = false;
        }
        if (z || z4) {
            return new AuthPolicy(i, z2, z3);
        }
        return null;
    }

    private static AuthPolicy parseResponsePolicy(ResponsePolicy responsePolicy) {
        if (responsePolicy == null) {
            return null;
        }
        int i = 0;
        boolean z = true;
        String authSource = responsePolicy.getAuthSource();
        if (AuthPolicy.SENDER.equals(authSource)) {
            i = 1;
        } else if (AuthPolicy.CONTENT.equals(authSource)) {
            i = 2;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth source: ").append(authSource).toString());
            }
            z = false;
        }
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = true;
        String authRecipient = responsePolicy.getAuthRecipient();
        if (AuthPolicy.BEFORE_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = true;
        } else if (AuthPolicy.AFTER_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = false;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth recipient: ").append(authRecipient).toString());
            }
            z4 = false;
        }
        if (z || z4) {
            return new AuthPolicy(i, z2, z3);
        }
        return null;
    }

    private static String parseInterceptEntry(com.sun.enterprise.config.clientbeans.MessageSecurityConfig messageSecurityConfig, HashMap hashMap) throws IOException {
        String authLayer = messageSecurityConfig.getAuthLayer();
        String defaultProvider = messageSecurityConfig.getDefaultProvider();
        String defaultClientProvider = messageSecurityConfig.getDefaultClientProvider();
        if (debug != null) {
            debug.println(new StringBuffer().append("Intercept Entry: \n    intercept: ").append(authLayer).append("\n    defaultServerID: ").append(defaultProvider).append("\n    defaultClientID:  ").append(defaultClientProvider).toString());
        }
        if (((ConfigFile.InterceptEntry) hashMap.get(authLayer)) != null) {
            throw new IOException("found multiple MessageSecurityConfig entries with the same auth-layer");
        }
        hashMap.put(authLayer, new ConfigFile.InterceptEntry(defaultClientProvider, defaultProvider, null));
        return authLayer;
    }

    private static void parseIDEntry(com.sun.enterprise.config.clientbeans.ProviderConfig providerConfig, HashMap hashMap, String str) throws IOException {
        String providerId = providerConfig.getProviderId();
        String providerType = providerConfig.getProviderType();
        String className = providerConfig.getClassName();
        ArrayList arrayList = new ArrayList();
        AuthPolicy parseRequestPolicy = parseRequestPolicy(providerConfig.getRequestPolicy());
        AuthPolicy parseResponsePolicy = parseResponsePolicy(providerConfig.getResponsePolicy());
        HashMap hashMap2 = new HashMap();
        for (int i = 0; i < providerConfig.sizeElementProperty(); i++) {
            try {
                hashMap2.put(providerConfig.getElementProperty(i).getName(), PropertyExpander.expand(providerConfig.getElementProperty(i).getValue(), true));
            } catch (PropertyExpander.ExpandException e) {
                _logger.warning("Container-auth: unable to expand provider property value - unexpanded value passed to provider");
                hashMap2.put(providerConfig.getElementProperty(i).getName(), providerConfig.getElementProperty(i).getValue());
            }
        }
        if (debug != null) {
            debug.println(new StringBuffer().append("ID Entry: \n    id: ").append(providerId).append("\n    type: ").append(providerType).append("\n    request policy: ").append(parseRequestPolicy).append("\n    response policy: ").append(parseResponsePolicy).append("\n    module class: ").append(className).append("\n        options: ").append(hashMap2).toString());
        }
        arrayList.add(new AppConfigurationEntry(providerConfig.getClassName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap2));
        ConfigFile.IDEntry iDEntry = new ConfigFile.IDEntry(providerType, parseRequestPolicy, parseResponsePolicy, arrayList);
        ConfigFile.InterceptEntry interceptEntry = (ConfigFile.InterceptEntry) hashMap.get(str);
        if (interceptEntry == null) {
            throw new IOException(new StringBuffer().append("intercept entry for ").append(str).append(" must be specified before ID entries").toString());
        }
        if (interceptEntry.idMap == null) {
            interceptEntry.idMap = new HashMap();
        }
        interceptEntry.idMap.put(providerId, iDEntry);
    }

    private static AuthPolicy parseRequestPolicy(com.sun.enterprise.config.clientbeans.RequestPolicy requestPolicy) {
        if (requestPolicy == null) {
            return null;
        }
        int i = 0;
        boolean z = true;
        String authSource = requestPolicy.getAuthSource();
        if (AuthPolicy.SENDER.equals(authSource)) {
            i = 1;
        } else if (AuthPolicy.CONTENT.equals(authSource)) {
            i = 2;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth source: ").append(authSource).toString());
            }
            z = false;
        }
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = true;
        String authRecipient = requestPolicy.getAuthRecipient();
        if (AuthPolicy.BEFORE_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = true;
        } else if (AuthPolicy.AFTER_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = false;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth recipient: ").append(authRecipient).toString());
            }
            z4 = false;
        }
        if (z || z4) {
            return new AuthPolicy(i, z2, z3);
        }
        return null;
    }

    private static AuthPolicy parseResponsePolicy(com.sun.enterprise.config.clientbeans.ResponsePolicy responsePolicy) {
        if (responsePolicy == null) {
            return null;
        }
        int i = 0;
        boolean z = true;
        String authSource = responsePolicy.getAuthSource();
        if (AuthPolicy.SENDER.equals(authSource)) {
            i = 1;
        } else if (AuthPolicy.CONTENT.equals(authSource)) {
            i = 2;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth source: ").append(authSource).toString());
            }
            z = false;
        }
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = true;
        String authRecipient = responsePolicy.getAuthRecipient();
        if (AuthPolicy.BEFORE_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = true;
        } else if (AuthPolicy.AFTER_CONTENT.equals(authRecipient)) {
            z2 = true;
            z3 = false;
        } else {
            if (debug != null) {
                debug.println(new StringBuffer().append("invalid or null auth recipient: ").append(authRecipient).toString());
            }
            z4 = false;
        }
        if (z || z4) {
            return new AuthPolicy(i, z2, z3);
        }
        return null;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        _logger = null;
        _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
    }
}
