package org.kie.server.services.impl.security.adapters;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.naming.InitialContext;
import javax.security.auth.Subject;
import org.kie.server.api.security.SecurityAdapter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/kie-server-services-common-7.56.0-SNAPSHOT.jar:org/kie/server/services/impl/security/adapters/WebSphereSecurityAdapter.class */
public class WebSphereSecurityAdapter implements SecurityAdapter {
    private static final Logger logger = LoggerFactory.getLogger(WebSphereSecurityAdapter.class);
    private Object registry;
    private Class subject;
    private boolean active;

    public WebSphereSecurityAdapter() {
        try {
            this.registry = InitialContext.doLookup("UserRegistry");
            this.subject = Class.forName("com.ibm.websphere.security.auth.WSSubject");
            this.active = true;
        } catch (Exception e) {
            this.active = false;
            logger.debug("Unable to look up UserRegistry in JNDI under key 'UserRegistry', disabling websphere adapter");
        }
    }

    @Override // org.kie.server.api.security.SecurityAdapter
    public String getUser(Object... objArr) {
        if (!this.active) {
            return null;
        }
        try {
            String principalFromSubject = getPrincipalFromSubject(objArr);
            if (principalFromSubject == null) {
                principalFromSubject = (String) this.subject.getMethod("getCallerPrincipal", new Class[0]).invoke(null, new Object[0]);
            }
            return principalFromSubject;
        } catch (Exception e) {
            logger.debug("Unable to get user from subject due to {}", e.getMessage(), e);
            return null;
        }
    }

    @Override // org.kie.server.api.security.SecurityAdapter
    public List<String> getRoles(Object... objArr) {
        ArrayList arrayList = new ArrayList();
        if (this.active) {
            if (this.registry == null) {
                return arrayList;
            }
            try {
                List list = (List) this.registry.getClass().getMethod("getGroupsForUser", String.class).invoke(this.registry, getUser(objArr));
                if (list != null) {
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        arrayList.add(it.next().toString());
                    }
                }
            } catch (Exception e) {
                logger.debug("Unable to get groups from registry due to {}", e.getMessage(), e);
            }
        }
        return arrayList;
    }

    protected String getPrincipalFromSubject(Object[] objArr) {
        Principal next;
        if (objArr == null || objArr.length <= 0) {
            return null;
        }
        try {
            for (Object obj : objArr) {
                if ((obj instanceof Subject) && (next = ((Subject) obj).getPrincipals().iterator().next()) != null) {
                    try {
                        return (String) next.getClass().getMethod("getUserName", new Class[0]).invoke(next, new Object[0]);
                    } catch (Exception e) {
                        return next.getName();
                    }
                }
            }
            return null;
        } catch (Exception e2) {
            logger.debug("Not able to find principal in params due to {}", e2.getMessage());
            return null;
        }
    }
}
