package com.sun.identity.delegation;

import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.delegation.interfaces.DelegationInterface;
import com.sun.identity.policy.ServiceType;
import com.sun.identity.policy.ServiceTypeManager;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.sm.DNMapper;
import com.sun.identity.sm.PluginSchema;
import com.sun.identity.sm.ServiceConfig;
import com.sun.identity.sm.ServiceConfigManager;
import com.sun.identity.sm.ServiceSchema;
import com.sun.identity.sm.ServiceSchemaManager;
import java.security.AccessController;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:120954-01/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/delegation/DelegationManager.class */
public final class DelegationManager {
    public static final String DELEGATION_SERVICE = "sunAMDelegationService";
    static final String DELEGATION_PLUGIN_INTERFACE = "DelegationInterface";
    static final String PERMISSIONS = "Permissions";
    static final String DELEGATION_DEBUG = "amDelegation";
    static final String SUBJECT_ID_TYPES = "SubjectIdTypes";
    public static final Debug debug = Debug.getInstance("amDelegation");
    private static DelegationInterface pluginInstance = null;
    private static Set actions = null;
    private static Set subjectIdTypes = null;
    private String orgName;
    private SSOToken token;

    public DelegationManager(SSOToken sSOToken, String str) throws SSOException, DelegationException {
        SSOTokenManager.getInstance().validateToken(sSOToken);
        this.token = sSOToken;
        this.orgName = DNMapper.orgNameToDN(str);
        if (pluginInstance == null) {
            pluginInstance = getDelegationPlugin();
        }
    }

    public Set getConfiguredPrivilegeNames() throws DelegationException {
        Set set;
        ServiceConfig subConfig;
        ServiceConfig subConfig2;
        Set set2 = null;
        Set set3 = null;
        try {
            ServiceConfigManager serviceConfigManager = new ServiceConfigManager(DELEGATION_SERVICE, getAdminToken());
            ServiceConfig globalConfig = serviceConfigManager.getGlobalConfig(null);
            if (globalConfig != null && (subConfig2 = globalConfig.getSubConfig(PERMISSIONS)) != null) {
                set2 = subConfig2.getSubConfigNames();
            }
            ServiceConfig organizationConfig = serviceConfigManager.getOrganizationConfig(this.orgName, null);
            if (organizationConfig != null && (subConfig = organizationConfig.getSubConfig(PERMISSIONS)) != null) {
                set3 = subConfig.getSubConfigNames();
            }
            if (set2 == null || set2.isEmpty()) {
                set = set3;
            } else {
                set = set2;
                if (set3 != null && !set3.isEmpty()) {
                    set.addAll(set3);
                }
            }
            return set;
        } catch (Exception e) {
            throw new DelegationException(e);
        }
    }

    public Set getPrivileges() throws DelegationException {
        if (pluginInstance == null) {
            throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
        }
        try {
            return pluginInstance.getPrivileges(this.token, this.orgName);
        } catch (SSOException e) {
            throw new DelegationException(e);
        }
    }

    public Set getPrivileges(String str) throws DelegationException {
        Set<DelegationPrivilege> privileges = getPrivileges();
        if (str == null) {
            return privileges;
        }
        HashSet hashSet = new HashSet();
        if (privileges != null && !privileges.isEmpty()) {
            for (DelegationPrivilege delegationPrivilege : privileges) {
                Set subjects = delegationPrivilege.getSubjects();
                if (subjects != null && !subjects.isEmpty()) {
                    Iterator it = subjects.iterator();
                    while (it.hasNext()) {
                        if (str.equalsIgnoreCase((String) it.next())) {
                            hashSet.add(delegationPrivilege);
                        }
                    }
                }
            }
        }
        return hashSet;
    }

    public void addPrivilege(DelegationPrivilege delegationPrivilege) throws DelegationException {
        if (pluginInstance == null) {
            throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
        }
        try {
            pluginInstance.addPrivilege(this.token, this.orgName, delegationPrivilege);
        } catch (SSOException e) {
            throw new DelegationException(e);
        }
    }

    public void removePrivilege(String str) throws DelegationException {
        if (pluginInstance == null) {
            throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
        }
        try {
            pluginInstance.removePrivilege(this.token, this.orgName, str);
        } catch (SSOException e) {
            throw new DelegationException(e);
        }
    }

    public Set getSubjects(String str) throws DelegationException {
        if (pluginInstance == null) {
            throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
        }
        try {
            return pluginInstance.getSubjects(this.token, this.orgName, subjectIdTypes, str);
        } catch (SSOException e) {
            throw new DelegationException(e);
        }
    }

    public synchronized Set getActions() throws DelegationException {
        if (actions == null) {
            try {
                ServiceType serviceType = new ServiceTypeManager(getAdminToken()).getServiceType(DELEGATION_SERVICE);
                if (serviceType != null) {
                    actions = serviceType.getActionNames();
                }
            } catch (Exception e) {
                throw new DelegationException(e);
            }
        }
        return actions;
    }

    public Set getManageableOrganizationNames(Set set) throws DelegationException {
        if (pluginInstance == null) {
            throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
        }
        try {
            return pluginInstance.getManageableOrganizationNames(this.token, set);
        } catch (SSOException e) {
            throw new DelegationException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized DelegationInterface getDelegationPlugin() throws DelegationException {
        Map attributeDefaults;
        if (pluginInstance == null) {
            try {
                SSOToken adminToken = getAdminToken();
                ServiceSchemaManager serviceSchemaManager = new ServiceSchemaManager(DELEGATION_SERVICE, adminToken);
                ServiceSchema globalSchema = serviceSchemaManager.getGlobalSchema();
                if (globalSchema != null && (attributeDefaults = globalSchema.getAttributeDefaults()) != null) {
                    subjectIdTypes = (Set) attributeDefaults.get(SUBJECT_ID_TYPES);
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Configured Subject ID Types: ").append(subjectIdTypes).toString());
                }
                Set pluginSchemaNames = serviceSchemaManager.getPluginSchemaNames(DELEGATION_PLUGIN_INTERFACE, null);
                if (pluginSchemaNames == null) {
                    throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("pluginNames=").append(pluginSchemaNames).toString());
                }
                Iterator it = pluginSchemaNames.iterator();
                if (!it.hasNext()) {
                    throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
                }
                PluginSchema pluginSchema = serviceSchemaManager.getPluginSchema((String) it.next(), DELEGATION_PLUGIN_INTERFACE, null);
                if (pluginSchema == null) {
                    throw new DelegationException("amDelegation", "no_plugin_specified", null, null);
                }
                String className = pluginSchema.getClassName();
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Plugin class name:").append(className).toString());
                }
                pluginInstance = (DelegationInterface) Class.forName(className).newInstance();
                pluginInstance.initialize(adminToken, null);
                if (debug.messageEnabled()) {
                    debug.message("Successfully created a delegation plugin instance");
                }
            } catch (Exception e) {
                debug.error("Unable to get an instance of pluginfor delegation", e);
                pluginInstance = null;
                throw new DelegationException(e);
            }
        }
        return pluginInstance;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSOToken getAdminToken() throws SSOException {
        SSOToken sSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
        if (sSOToken == null) {
            throw new SSOException(new DelegationException("amDelegation", "getting_admin_token_failed", null, null));
        }
        return sSOToken;
    }
}
