package org.jboss.as.security.plugins;

import java.security.Principal;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.naming.InitialContext;
import javax.security.auth.callback.CallbackHandler;
import org.infinispan.Cache;
import org.infinispan.config.Configuration;
import org.infinispan.manager.EmbeddedCacheManager;
import org.jboss.as.security.SecurityLogger;
import org.jboss.as.security.SecurityMessages;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.CacheableManager;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.JSSESecurityDomain;
import org.jboss.security.audit.AuditManager;
import org.jboss.security.authentication.JBossCachedAuthenticationManager;
import org.jboss.security.identitytrust.IdentityTrustManager;
import org.jboss.security.mapping.MappingManager;

/* loaded from: input_file:org/jboss/as/security/plugins/JNDIBasedSecurityManagement.class */
public class JNDIBasedSecurityManagement implements ISecurityManagement {
    private static final long serialVersionUID = 1924631329555621041L;
    protected static SecurityLogger log = SecurityLogger.ROOT_LOGGER;
    private transient ConcurrentHashMap<String, SecurityDomainContext> securityMgrMap = new ConcurrentHashMap<>();
    private transient ConcurrentHashMap<String, AuthenticationManager> authMgrMap = new ConcurrentHashMap<>();
    private transient ConcurrentHashMap<String, AuthorizationManager> authzMgrMap = new ConcurrentHashMap<>();
    private transient ConcurrentHashMap<String, AuditManager> auditMgrMap = new ConcurrentHashMap<>();
    private transient ConcurrentHashMap<String, IdentityTrustManager> idmMgrMap = new ConcurrentHashMap<>();
    private transient ConcurrentHashMap<String, MappingManager> mappingMgrMap = new ConcurrentHashMap<>();
    private transient ConcurrentHashMap<String, JSSESecurityDomain> jsseMap = new ConcurrentHashMap<>();
    private String authenticationManagerClassName;
    private boolean deepCopySubjectMode;
    private String callbackHandlerClassName;
    private String authorizationManagerClassName;
    private String auditManagerClassName;
    private String identityTrustManagerClassName;
    private String mappingManagerClassName;

    public ConcurrentHashMap<String, SecurityDomainContext> getSecurityManagerMap() {
        return this.securityMgrMap;
    }

    public AuditManager getAuditManager(String str) {
        AuditManager auditManager = null;
        try {
            auditManager = this.auditMgrMap.get(str);
            if (auditManager == null) {
                auditManager = (AuditManager) lookUpJNDI(str + "/auditMgr");
                this.auditMgrMap.put(str, auditManager);
            }
        } catch (Exception e) {
            log.tracef("Exception getting AuditManager for domain=" + str, e);
        }
        return auditManager;
    }

    public AuthenticationManager getAuthenticationManager(String str) {
        AuthenticationManager authenticationManager = null;
        try {
            authenticationManager = this.authMgrMap.get(str);
            if (authenticationManager == null) {
                authenticationManager = (AuthenticationManager) lookUpJNDI(str + "/authenticationMgr");
                this.authMgrMap.put(str, authenticationManager);
            }
        } catch (Exception e) {
            log.tracef("Exception getting AuthenticationManager for domain=" + str, e);
        }
        return authenticationManager;
    }

    public AuthorizationManager getAuthorizationManager(String str) {
        AuthorizationManager authorizationManager = null;
        try {
            authorizationManager = this.authzMgrMap.get(str);
            if (authorizationManager == null) {
                authorizationManager = (AuthorizationManager) lookUpJNDI(str + "/authorizationMgr");
                this.authzMgrMap.put(str, authorizationManager);
            }
        } catch (Exception e) {
            log.tracef("Exception getting AuthorizationManager for domain=", e);
        }
        return authorizationManager;
    }

    public IdentityTrustManager getIdentityTrustManager(String str) {
        IdentityTrustManager identityTrustManager = null;
        try {
            identityTrustManager = this.idmMgrMap.get(str);
            if (identityTrustManager == null) {
                identityTrustManager = (IdentityTrustManager) lookUpJNDI(str + "/identityTrustMgr");
                this.idmMgrMap.put(str, identityTrustManager);
            }
        } catch (Exception e) {
            log.tracef("Exception getting IdentityTrustManager for domain=" + str, e);
        }
        return identityTrustManager;
    }

    public MappingManager getMappingManager(String str) {
        MappingManager mappingManager = null;
        try {
            mappingManager = this.mappingMgrMap.get(str);
            if (mappingManager == null) {
                mappingManager = (MappingManager) lookUpJNDI(str + "/mappingMgr");
                this.mappingMgrMap.put(str, mappingManager);
            }
        } catch (Exception e) {
            log.tracef("Exception getting MappingManager for domain=" + str, e);
        }
        return mappingManager;
    }

    public JSSESecurityDomain getJSSE(String str) {
        JSSESecurityDomain jSSESecurityDomain = null;
        try {
            jSSESecurityDomain = this.jsseMap.get(str);
            if (jSSESecurityDomain == null) {
                jSSESecurityDomain = (JSSESecurityDomain) lookUpJNDI(str + "/jsse");
                this.jsseMap.put(str, jSSESecurityDomain);
            }
        } catch (Exception e) {
            log.tracef("Exception getting JSSESecurityDomain for domain=" + str, e);
        }
        return jSSESecurityDomain;
    }

    public String getAuthenticationManagerClassName() {
        return this.authenticationManagerClassName;
    }

    public void setAuthenticationManagerClassName(String str) {
        this.authenticationManagerClassName = str;
    }

    public boolean isDeepCopySubjectMode() {
        return this.deepCopySubjectMode;
    }

    public void setDeepCopySubjectMode(boolean z) {
        this.deepCopySubjectMode = z;
    }

    public String getCallbackHandlerClassName() {
        return this.callbackHandlerClassName;
    }

    public void setCallbackHandlerClassName(String str) {
        this.callbackHandlerClassName = str;
    }

    public String getAuthorizationManagerClassName() {
        return this.authorizationManagerClassName;
    }

    public void setAuthorizationManagerClassName(String str) {
        this.authorizationManagerClassName = str;
    }

    public String getAuditManagerClassName() {
        return this.auditManagerClassName;
    }

    public void setAuditManagerClassName(String str) {
        this.auditManagerClassName = str;
    }

    public String getIdentityTrustManagerClassName() {
        return this.identityTrustManagerClassName;
    }

    public void setIdentityTrustManagerClassName(String str) {
        this.identityTrustManagerClassName = str;
    }

    public String getMappingManagerClassName() {
        return this.mappingManagerClassName;
    }

    public void setMappingManagerClassName(String str) {
        this.mappingManagerClassName = str;
    }

    public void removeSecurityDomain(String str) {
        this.securityMgrMap.remove(str);
        this.auditMgrMap.remove(str);
        this.authMgrMap.remove(str);
        this.authzMgrMap.remove(str);
        this.idmMgrMap.remove(str);
        this.mappingMgrMap.remove(str);
        this.jsseMap.remove(str);
    }

    private Object lookUpJNDI(String str) {
        try {
            InitialContext initialContext = new InitialContext();
            return str.startsWith("java:jboss/jaas/") ? initialContext.lookup(str) : initialContext.lookup("java:jboss/jaas/" + str);
        } catch (Exception e) {
            log.tracef("Look up of JNDI for " + str + " failed with " + e.getLocalizedMessage(), new Object[0]);
            return null;
        }
    }

    public SecurityDomainContext createSecurityDomainContext(String str, Object obj) throws Exception {
        ConcurrentMap<Principal, JBossCachedAuthenticationManager.DomainInfo> cache;
        log.debugf("Creating SDC for domain=" + str, new Object[0]);
        CacheableManager createAuthenticationManager = createAuthenticationManager(str);
        if (obj instanceof EmbeddedCacheManager) {
            EmbeddedCacheManager embeddedCacheManager = (EmbeddedCacheManager) EmbeddedCacheManager.class.cast(obj);
            Cache cache2 = null;
            if (embeddedCacheManager != null) {
                embeddedCacheManager.defineConfiguration(str, "auth-cache", new Configuration());
                cache2 = embeddedCacheManager.getCache(str);
            }
            if (cache2 != null && (createAuthenticationManager instanceof CacheableManager)) {
                createAuthenticationManager.setCache(cache2);
            }
        } else if ((obj instanceof DefaultAuthenticationCacheFactory) && (cache = ((DefaultAuthenticationCacheFactory) DefaultAuthenticationCacheFactory.class.cast(obj)).getCache()) != null && (createAuthenticationManager instanceof CacheableManager)) {
            createAuthenticationManager.setCache(cache);
        }
        if (this.deepCopySubjectMode) {
            setDeepCopySubjectMode((AuthenticationManager) createAuthenticationManager);
        }
        SecurityDomainContext securityDomainContext = new SecurityDomainContext(createAuthenticationManager);
        securityDomainContext.setAuthorizationManager(createAuthorizationManager(str));
        securityDomainContext.setAuditManager(createAuditManager(str));
        securityDomainContext.setIdentityTrustManager(createIdentityTrustManager(str));
        securityDomainContext.setMappingManager(createMappingManager(str));
        return securityDomainContext;
    }

    private AuthenticationManager createAuthenticationManager(String str) throws Exception {
        int lastIndexOf = this.callbackHandlerClassName.lastIndexOf(":");
        if (lastIndexOf == -1) {
            throw SecurityMessages.MESSAGES.missingModuleName("default-callback-handler-class-name attribute");
        }
        CallbackHandler callbackHandler = (CallbackHandler) SecurityActions.getModuleClassLoader(this.callbackHandlerClassName.substring(0, lastIndexOf)).loadClass(this.callbackHandlerClassName.substring(lastIndexOf + 1)).newInstance();
        int lastIndexOf2 = this.authenticationManagerClassName.lastIndexOf(":");
        if (lastIndexOf2 == -1) {
            throw SecurityMessages.MESSAGES.missingModuleName("authentication-manager-class-name attribute");
        }
        return (AuthenticationManager) SecurityActions.getModuleClassLoader(this.authenticationManagerClassName.substring(0, lastIndexOf2)).loadClass(this.authenticationManagerClassName.substring(lastIndexOf2 + 1)).getConstructor(String.class, CallbackHandler.class).newInstance(str, callbackHandler);
    }

    private AuthorizationManager createAuthorizationManager(String str) throws Exception {
        int lastIndexOf = this.authorizationManagerClassName.lastIndexOf(":");
        if (lastIndexOf == -1) {
            throw SecurityMessages.MESSAGES.missingModuleName("authorization manager class");
        }
        return (AuthorizationManager) SecurityActions.getModuleClassLoader(this.authorizationManagerClassName.substring(0, lastIndexOf)).loadClass(this.authorizationManagerClassName.substring(lastIndexOf + 1)).getConstructor(String.class).newInstance(str);
    }

    private AuditManager createAuditManager(String str) throws Exception {
        int lastIndexOf = this.auditManagerClassName.lastIndexOf(":");
        if (lastIndexOf == -1) {
            throw SecurityMessages.MESSAGES.missingModuleName("audit manager class");
        }
        return (AuditManager) SecurityActions.getModuleClassLoader(this.auditManagerClassName.substring(0, lastIndexOf)).loadClass(this.auditManagerClassName.substring(lastIndexOf + 1)).getConstructor(String.class).newInstance(str);
    }

    private IdentityTrustManager createIdentityTrustManager(String str) throws Exception {
        int lastIndexOf = this.identityTrustManagerClassName.lastIndexOf(":");
        if (lastIndexOf == -1) {
            throw SecurityMessages.MESSAGES.missingModuleName("identity trust manager class");
        }
        return (IdentityTrustManager) SecurityActions.getModuleClassLoader(this.identityTrustManagerClassName.substring(0, lastIndexOf)).loadClass(this.identityTrustManagerClassName.substring(lastIndexOf + 1)).getConstructor(String.class).newInstance(str);
    }

    private MappingManager createMappingManager(String str) throws Exception {
        int lastIndexOf = this.mappingManagerClassName.lastIndexOf(":");
        if (lastIndexOf == -1) {
            throw SecurityMessages.MESSAGES.missingModuleName("mapping manager class");
        }
        return (MappingManager) SecurityActions.getModuleClassLoader(this.mappingManagerClassName.substring(0, lastIndexOf)).loadClass(this.mappingManagerClassName.substring(lastIndexOf + 1)).getConstructor(String.class).newInstance(str);
    }

    private static void setDeepCopySubjectMode(AuthenticationManager authenticationManager) {
        try {
            authenticationManager.getClass().getMethod("setDeepCopySubjectOption", Boolean.class).invoke(authenticationManager, Boolean.TRUE);
        } catch (Exception e) {
            log.tracef("Optional setDeepCopySubjectMode failed: " + e.getLocalizedMessage(), new Object[0]);
        }
    }
}
