package org.jboss.as.security.service;

import java.security.Policy;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContextException;
import org.jboss.as.security.SecurityExtension;
import org.jboss.as.security.logging.SecurityLogger;
import org.jboss.modules.ModuleLoadException;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.security.manager.WildFlySecurityManager;

/* loaded from: input_file:org/jboss/as/security/service/JaccService.class */
public abstract class JaccService<T> implements Service<PolicyConfiguration> {
    public static final ServiceName SERVICE_NAME = SecurityExtension.JBOSS_SECURITY.append("jacc");
    private final String contextId;
    private final T metaData;
    private final Boolean standalone;
    private volatile PolicyConfiguration policyConfiguration;
    private final InjectedValue<PolicyConfiguration> parentPolicy = new InjectedValue<>();

    public JaccService(String str, T t, Boolean bool) {
        if (str == null) {
            throw SecurityLogger.ROOT_LOGGER.nullArgument("JACC Context Id");
        }
        this.contextId = str;
        this.metaData = t;
        this.standalone = bool;
    }

    @Override // org.jboss.msc.value.Value
    public PolicyConfiguration getValue() throws IllegalStateException, IllegalArgumentException {
        return this.policyConfiguration;
    }

    @Override // org.jboss.msc.service.Service, org.jboss.msc.Service
    public void start(StartContext startContext) throws StartException {
        try {
            PolicyConfigurationFactory policyConfigurationFactory = getPolicyConfigurationFactory();
            synchronized (policyConfigurationFactory) {
                this.policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(this.contextId, false);
                if (this.metaData != null) {
                    createPermissions(this.metaData, this.policyConfiguration);
                } else {
                    SecurityLogger.ROOT_LOGGER.debugf("Cannot create permissions with 'null' metaData for id=%s", this.contextId);
                }
                if (this.standalone.booleanValue()) {
                    this.policyConfiguration.commit();
                } else {
                    PolicyConfiguration value = this.parentPolicy.getValue();
                    if (value != null) {
                        PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(value.getContextID(), false);
                        policyConfiguration.linkConfiguration(this.policyConfiguration);
                        this.policyConfiguration.commit();
                        policyConfiguration.commit();
                    } else {
                        SecurityLogger.ROOT_LOGGER.debugf("Could not retrieve parent policy for policy %s", this.contextId);
                    }
                }
                Policy.getPolicy().refresh();
            }
        } catch (Exception e) {
            throw SecurityLogger.ROOT_LOGGER.unableToStartException("JaccService", e);
        }
    }

    private PolicyConfigurationFactory getPolicyConfigurationFactory() throws ModuleLoadException, ClassNotFoundException, PolicyContextException {
        String propertyPrivileged = WildFlySecurityManager.getPropertyPrivileged("org.jboss.as.security.jacc-module", null);
        ClassLoader threadContextClassLoader = propertyPrivileged != null ? SecurityActions.setThreadContextClassLoader(SecurityActions.getModuleClassLoader(propertyPrivileged)) : null;
        try {
            PolicyConfigurationFactory policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
            if (threadContextClassLoader != null) {
                SecurityActions.setThreadContextClassLoader(threadContextClassLoader);
            }
            return policyConfigurationFactory;
        } catch (Throwable th) {
            if (threadContextClassLoader != null) {
                SecurityActions.setThreadContextClassLoader(threadContextClassLoader);
            }
            throw th;
        }
    }

    @Override // org.jboss.msc.service.Service, org.jboss.msc.Service
    public void stop(StopContext stopContext) {
        try {
            PolicyConfigurationFactory policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
            synchronized (policyConfigurationFactory) {
                this.policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(this.contextId, false);
                this.policyConfiguration.delete();
            }
        } catch (Exception e) {
            SecurityLogger.ROOT_LOGGER.errorDeletingJACCPolicy(e);
        }
        this.policyConfiguration = null;
    }

    public Injector<PolicyConfiguration> getParentPolicyInjector() {
        return this.parentPolicy;
    }

    public abstract void createPermissions(T t, PolicyConfiguration policyConfiguration) throws PolicyContextException;
}
