package org.jboss.web;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyContextException;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebRoleRefPermission;
import javax.security.jacc.WebUserDataPermission;
import org.jboss.logging.Logger;
import org.jboss.metadata.javaee.spec.SecurityRoleMetaData;
import org.jboss.metadata.javaee.spec.SecurityRoleRefMetaData;
import org.jboss.metadata.javaee.spec.SecurityRoleRefsMetaData;
import org.jboss.metadata.web.jboss.JBossServletMetaData;
import org.jboss.metadata.web.jboss.JBossServletsMetaData;
import org.jboss.metadata.web.jboss.JBossWebMetaData;
import org.jboss.metadata.web.spec.SecurityConstraintMetaData;
import org.jboss.metadata.web.spec.TransportGuaranteeType;
import org.jboss.metadata.web.spec.WebResourceCollectionMetaData;
import org.jboss.metadata.web.spec.WebResourceCollectionsMetaData;

/* loaded from: input_file:lib/jboss-as-server-5.1.0.GA.jar:org/jboss/web/WebPermissionMapping.class */
public class WebPermissionMapping {
    static Logger log = Logger.getLogger((Class<?>) WebPermissionMapping.class);
    private static final int PREFIX = 1;
    private static final int EXTENSION = 2;
    private static final int DEFAULT = 3;
    private static final int EXACT = 4;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/jboss-as-server-5.1.0.GA.jar:org/jboss/web/WebPermissionMapping$PatternInfo.class */
    public static class PatternInfo {
        static final HashMap<String, Set<String>> ALL_TRANSPORTS = new HashMap<>();
        String pattern;
        String qpattern;
        int type;
        HashSet<String> excludedMethods;
        HashMap<String, Set<String>> roles;
        HashMap<String, Set<String>> transports;
        boolean isOverriden;
        boolean isMissingAuthConstraint;
        ArrayList<PatternInfo> qualifiers = new ArrayList<>();
        HashSet<String> allMethods = new HashSet<>();

        PatternInfo(String str, int i) {
            this.pattern = str;
            this.type = i;
        }

        void addExcludedMethods(List<String> list) {
            Collection collection = list;
            if (collection.size() == 0) {
                collection = WebResourceCollectionMetaData.ALL_HTTP_METHODS;
            }
            if (this.excludedMethods == null) {
                this.excludedMethods = new HashSet<>();
            }
            this.excludedMethods.addAll(collection);
            this.allMethods.addAll(collection);
        }

        public String[] getExcludedMethods() {
            String[] strArr = null;
            if (this.excludedMethods != null) {
                strArr = new String[this.excludedMethods.size()];
                this.excludedMethods.toArray(strArr);
            }
            return strArr;
        }

        public void addRoles(HashSet<String> hashSet, List<String> list) {
            Collection collection = list;
            if (collection.size() == 0) {
                collection = WebResourceCollectionMetaData.ALL_HTTP_METHODS;
            }
            this.allMethods.addAll(collection);
            if (this.roles == null) {
                this.roles = new HashMap<>();
            }
            Iterator<String> it = hashSet.iterator();
            while (it.hasNext()) {
                String next = it.next();
                Set<String> set = this.roles.get(next);
                if (set == null) {
                    set = new HashSet();
                    this.roles.put(next, set);
                }
                set.addAll(collection);
            }
        }

        public Iterator<Map.Entry<String, Set<String>>> getRoleMethods() {
            HashMap<String, Set<String>> hashMap = this.roles;
            if (hashMap == null) {
                hashMap = new HashMap<>(0);
            }
            return hashMap.entrySet().iterator();
        }

        void addTransport(String str, List<String> list) {
            Collection collection = list;
            if (collection.size() == 0) {
                collection = WebResourceCollectionMetaData.ALL_HTTP_METHODS;
            }
            if (this.transports == null) {
                this.transports = new HashMap<>();
            }
            Set<String> set = this.transports.get(str);
            if (set == null) {
                set = new HashSet();
                this.transports.put(str, set);
            }
            set.addAll(collection);
        }

        public Iterator<Map.Entry<String, Set<String>>> getTransportMethods() {
            HashMap<String, Set<String>> hashMap = this.transports;
            if (hashMap == null) {
                hashMap = ALL_TRANSPORTS;
            }
            return hashMap.entrySet().iterator();
        }

        public String[] getMissingMethods() {
            String[] strArr = new String[0];
            return this.allMethods.size() == 0 ? WebResourceCollectionMetaData.ALL_HTTP_METHOD_NAMES : WebResourceCollectionMetaData.getMissingHttpMethods(this.allMethods);
        }

        void addQualifier(PatternInfo patternInfo) {
            if (this.qualifiers.contains(patternInfo)) {
                return;
            }
            if (patternInfo.type == 1 && patternInfo.matches(this)) {
                this.isOverriden = true;
            }
            this.qualifiers.add(patternInfo);
        }

        public String getQualifiedPattern() {
            if (this.qpattern == null) {
                StringBuffer stringBuffer = new StringBuffer(this.pattern);
                for (int i = 0; i < this.qualifiers.size(); i++) {
                    stringBuffer.append(':');
                    stringBuffer.append(this.qualifiers.get(i).pattern);
                }
                this.qpattern = stringBuffer.toString();
            }
            return this.qpattern;
        }

        public int hashCode() {
            return this.pattern.hashCode();
        }

        public boolean equals(Object obj) {
            return this.pattern.equals(((PatternInfo) obj).pattern);
        }

        public boolean matches(PatternInfo patternInfo) {
            return this.pattern.regionMatches(0, patternInfo.pattern, 0, this.pattern.length() - 2);
        }

        public boolean isExtensionFor(PatternInfo patternInfo) {
            int lastIndexOf = patternInfo.pattern.lastIndexOf(46);
            int length = this.pattern.length() - 1;
            boolean z = false;
            if (lastIndexOf > 0) {
                z = this.pattern.regionMatches(1, patternInfo.pattern, lastIndexOf, length);
            }
            return z;
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer("PatternInfo[");
            stringBuffer.append("pattern=");
            stringBuffer.append(this.pattern);
            stringBuffer.append(",type=");
            stringBuffer.append(this.type);
            stringBuffer.append(",isOverriden=");
            stringBuffer.append(this.isOverriden);
            stringBuffer.append(",qualifiers=");
            stringBuffer.append(this.qualifiers);
            stringBuffer.append("]");
            return stringBuffer.toString();
        }

        static {
            ALL_TRANSPORTS.put("NONE", WebResourceCollectionMetaData.ALL_HTTP_METHODS);
        }
    }

    public static void createPermissions(JBossWebMetaData jBossWebMetaData, PolicyConfiguration policyConfiguration) throws PolicyContextException {
        WebResourcePermission webResourcePermission;
        HashMap<String, PatternInfo> qualifyURLPatterns = qualifyURLPatterns(jBossWebMetaData);
        log.debug("Qualified url patterns: " + qualifyURLPatterns);
        List<SecurityConstraintMetaData> securityContraints = jBossWebMetaData.getSecurityContraints();
        if (securityContraints != null) {
            for (SecurityConstraintMetaData securityConstraintMetaData : securityContraints) {
                WebResourceCollectionsMetaData resourceCollections = securityConstraintMetaData.getResourceCollections();
                TransportGuaranteeType transportGuarantee = securityConstraintMetaData.getTransportGuarantee();
                if (securityConstraintMetaData.isExcluded() || securityConstraintMetaData.isUnchecked()) {
                    if (resourceCollections != null) {
                        Iterator it = resourceCollections.iterator();
                        while (it.hasNext()) {
                            WebResourceCollectionMetaData webResourceCollectionMetaData = (WebResourceCollectionMetaData) it.next();
                            List<String> httpMethods = webResourceCollectionMetaData.getHttpMethods();
                            List urlPatterns = webResourceCollectionMetaData.getUrlPatterns();
                            int size = urlPatterns != null ? urlPatterns.size() : 0;
                            for (int i = 0; i < size; i++) {
                                PatternInfo patternInfo = qualifyURLPatterns.get((String) urlPatterns.get(i));
                                if (securityConstraintMetaData.isExcluded()) {
                                    patternInfo.addExcludedMethods(httpMethods);
                                }
                            }
                        }
                    }
                } else if (resourceCollections != null) {
                    Iterator it2 = resourceCollections.iterator();
                    while (it2.hasNext()) {
                        WebResourceCollectionMetaData webResourceCollectionMetaData2 = (WebResourceCollectionMetaData) it2.next();
                        List<String> httpMethods2 = webResourceCollectionMetaData2.getHttpMethods();
                        List urlPatterns2 = webResourceCollectionMetaData2.getUrlPatterns();
                        int size2 = urlPatterns2 != null ? urlPatterns2.size() : 0;
                        for (int i2 = 0; i2 < size2; i2++) {
                            PatternInfo patternInfo2 = qualifyURLPatterns.get((String) urlPatterns2.get(i2));
                            HashSet<String> hashSet = new HashSet<>();
                            if (securityConstraintMetaData.getRoleNames() != null) {
                                for (String str : securityConstraintMetaData.getRoleNames()) {
                                    if (!str.equals("*")) {
                                        hashSet.add(str);
                                    } else if (jBossWebMetaData.isJaccAllStoreRole()) {
                                        hashSet.add("*");
                                    } else {
                                        Iterator it3 = jBossWebMetaData.getSecurityRoles().iterator();
                                        while (it3.hasNext()) {
                                            hashSet.add(((SecurityRoleMetaData) it3.next()).getRoleName());
                                        }
                                    }
                                }
                            }
                            patternInfo2.addRoles(hashSet, httpMethods2);
                            patternInfo2.addTransport(transportGuarantee.name(), httpMethods2);
                            if (securityConstraintMetaData.getAuthConstraint() == null) {
                                patternInfo2.isMissingAuthConstraint = true;
                            }
                        }
                    }
                }
            }
        }
        for (PatternInfo patternInfo3 : qualifyURLPatterns.values()) {
            String qualifiedPattern = patternInfo3.getQualifiedPattern();
            if (patternInfo3.isOverriden) {
                log.debug("Dropping overriden pattern: " + patternInfo3);
            } else {
                String[] excludedMethods = patternInfo3.getExcludedMethods();
                if (excludedMethods != null) {
                    WebResourcePermission webResourcePermission2 = new WebResourcePermission(qualifiedPattern, excludedMethods);
                    WebUserDataPermission webUserDataPermission = new WebUserDataPermission(qualifiedPattern, excludedMethods, null);
                    policyConfiguration.addToExcludedPolicy(webResourcePermission2);
                    policyConfiguration.addToExcludedPolicy(webUserDataPermission);
                    String str2 = "!" + getCommaSeparatedString(excludedMethods);
                    WebResourcePermission webResourcePermission3 = new WebResourcePermission(patternInfo3.pattern, str2);
                    WebUserDataPermission webUserDataPermission2 = new WebUserDataPermission(patternInfo3.pattern, str2);
                    policyConfiguration.addToUncheckedPolicy(webResourcePermission3);
                    policyConfiguration.addToUncheckedPolicy(webUserDataPermission2);
                }
                Iterator<Map.Entry<String, Set<String>>> roleMethods = patternInfo3.getRoleMethods();
                while (roleMethods.hasNext()) {
                    Map.Entry<String, Set<String>> next = roleMethods.next();
                    String key = next.getKey();
                    if ("*".equals(key)) {
                        webResourcePermission = new WebResourcePermission(qualifiedPattern, (String) null);
                    } else {
                        Set<String> value = next.getValue();
                        excludedMethods = new String[value.size()];
                        value.toArray(excludedMethods);
                        webResourcePermission = new WebResourcePermission(qualifiedPattern, excludedMethods);
                    }
                    policyConfiguration.addToRole(key, webResourcePermission);
                    if (excludedMethods != null) {
                        policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(patternInfo3.pattern, "!" + getCommaSeparatedString(excludedMethods)));
                    }
                }
                String[] missingMethods = patternInfo3.getMissingMethods();
                if (missingMethods.length > 0) {
                    policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(qualifiedPattern, missingMethods));
                } else {
                    policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(qualifiedPattern, (String) null));
                }
                if (patternInfo3.isMissingAuthConstraint) {
                    policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(qualifiedPattern, (String) null));
                }
                Iterator<Map.Entry<String, Set<String>>> transportMethods = patternInfo3.getTransportMethods();
                while (transportMethods.hasNext()) {
                    Map.Entry<String, Set<String>> next2 = transportMethods.next();
                    String key2 = next2.getKey();
                    Set<String> value2 = next2.getValue();
                    String[] strArr = new String[value2.size()];
                    value2.toArray(strArr);
                    policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(qualifiedPattern, strArr, key2));
                    if ("NONE".equals(key2)) {
                        policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(patternInfo3.pattern, null));
                    } else if (strArr != null) {
                        policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(patternInfo3.pattern, "!" + getCommaSeparatedString(strArr)));
                    }
                }
            }
        }
        JBossServletsMetaData servlets = jBossWebMetaData.getServlets();
        Iterator it4 = servlets.iterator();
        while (it4.hasNext()) {
            JBossServletMetaData jBossServletMetaData = (JBossServletMetaData) it4.next();
            String servletName = jBossServletMetaData.getServletName();
            SecurityRoleRefsMetaData securityRoleRefs = jBossServletMetaData.getSecurityRoleRefs();
            Set<String> securityRoleNames = jBossWebMetaData.getSecurityRoleNames();
            if (securityRoleRefs != null) {
                Iterator it5 = securityRoleRefs.iterator();
                while (it5.hasNext()) {
                    SecurityRoleRefMetaData securityRoleRefMetaData = (SecurityRoleRefMetaData) it5.next();
                    String roleLink = securityRoleRefMetaData.getRoleLink();
                    policyConfiguration.addToRole(roleLink, new WebRoleRefPermission(servletName, securityRoleRefMetaData.getName()));
                    policyConfiguration.addToRole(securityRoleRefMetaData.getName(), new WebRoleRefPermission(servletName, roleLink));
                    securityRoleNames.remove(roleLink);
                }
            }
            if (securityRoleNames != null) {
                for (String str3 : securityRoleNames) {
                    policyConfiguration.addToRole(str3, new WebRoleRefPermission(servletName, str3));
                }
            }
        }
        Set<String> securityRoleNames2 = jBossWebMetaData.getSecurityRoleNames();
        if (securityRoleNames2 != null) {
            for (String str4 : securityRoleNames2) {
                policyConfiguration.addToRole(str4, new WebRoleRefPermission("", str4));
            }
        }
        Set<String> keySet = servlets.keySet();
        if (keySet != null) {
            for (String str5 : keySet) {
                if (securityRoleNames2 != null) {
                    for (String str6 : securityRoleNames2) {
                        policyConfiguration.addToRole(str6, new WebRoleRefPermission(str5, str6));
                    }
                }
            }
        }
        if (securityRoleNames2 != null) {
            for (String str7 : securityRoleNames2) {
                policyConfiguration.addToRole(str7, new WebRoleRefPermission("", str7));
            }
        }
    }

    static String getCommaSeparatedString(String[] strArr) {
        int length = strArr.length;
        Arrays.sort(strArr);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < length; i++) {
            if (i > 0) {
                sb.append(",");
            }
            sb.append(strArr[i]);
        }
        return sb.toString();
    }

    static int getPatternType(String str) {
        int i = 4;
        if (str.startsWith("*.")) {
            i = 2;
        } else if (str.startsWith("/") && str.endsWith("/*")) {
            i = 1;
        } else if (str.equals("/")) {
            i = 3;
        }
        return i;
    }

    static HashMap<String, PatternInfo> qualifyURLPatterns(JBossWebMetaData jBossWebMetaData) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        HashMap<String, PatternInfo> hashMap = new HashMap<>();
        PatternInfo patternInfo = null;
        List securityContraints = jBossWebMetaData.getSecurityContraints();
        if (securityContraints != null) {
            Iterator it = securityContraints.iterator();
            while (it.hasNext()) {
                Iterator it2 = ((SecurityConstraintMetaData) it.next()).getResourceCollections().iterator();
                while (it2.hasNext()) {
                    List urlPatterns = ((WebResourceCollectionMetaData) it2.next()).getUrlPatterns();
                    int size = urlPatterns != null ? urlPatterns.size() : 0;
                    for (int i = 0; i < size; i++) {
                        String str = (String) urlPatterns.get(i);
                        int patternType = getPatternType(str);
                        if (hashMap.get(str) == null) {
                            PatternInfo patternInfo2 = new PatternInfo(str, patternType);
                            hashMap.put(str, patternInfo2);
                            switch (patternType) {
                                case 1:
                                    arrayList.add(patternInfo2);
                                    break;
                                case 2:
                                    arrayList2.add(patternInfo2);
                                    break;
                                case 3:
                                    patternInfo = patternInfo2;
                                    break;
                                case 4:
                                    arrayList3.add(patternInfo2);
                                    break;
                            }
                        }
                    }
                }
            }
        }
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            PatternInfo patternInfo3 = (PatternInfo) arrayList.get(i2);
            for (int i3 = 0; i3 < arrayList.size(); i3++) {
                if (i2 != i3) {
                    PatternInfo patternInfo4 = (PatternInfo) arrayList.get(i3);
                    if (patternInfo3.matches(patternInfo4)) {
                        patternInfo3.addQualifier(patternInfo4);
                    }
                }
            }
            for (int i4 = 0; i4 < arrayList3.size(); i4++) {
                PatternInfo patternInfo5 = (PatternInfo) arrayList3.get(i4);
                if (patternInfo3.matches(patternInfo5)) {
                    patternInfo3.addQualifier(patternInfo5);
                }
            }
        }
        for (int i5 = 0; i5 < arrayList2.size(); i5++) {
            PatternInfo patternInfo6 = (PatternInfo) arrayList2.get(i5);
            for (int i6 = 0; i6 < arrayList.size(); i6++) {
                patternInfo6.addQualifier((PatternInfo) arrayList.get(i6));
            }
            for (int i7 = 0; i7 < arrayList3.size(); i7++) {
                PatternInfo patternInfo7 = (PatternInfo) arrayList3.get(i7);
                if (patternInfo6.isExtensionFor(patternInfo7)) {
                    patternInfo6.addQualifier(patternInfo7);
                }
            }
        }
        if (patternInfo == null) {
            patternInfo = new PatternInfo("/", 3);
            hashMap.put("/", patternInfo);
        }
        for (PatternInfo patternInfo8 : hashMap.values()) {
            if (patternInfo8 != patternInfo) {
                patternInfo.addQualifier(patternInfo8);
            }
        }
        return hashMap;
    }
}
