package org.jboss.security.authorization.modules;

import java.util.HashMap;
import java.util.Map;
import java.util.StringTokenizer;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import org.jboss.security.PicketBoxMessages;
import org.jboss.security.authorization.AuthorizationException;
import org.jboss.security.authorization.AuthorizationModule;
import org.jboss.security.authorization.Resource;
import org.jboss.security.authorization.ResourceType;
import org.jboss.security.identity.RoleGroup;
import org.picketlink.common.constants.LDAPConstants;

/* loaded from: input_file:WEB-INF/lib/picketbox-4.0.19.SP4.jar:org/jboss/security/authorization/modules/AbstractAuthorizationModule.class */
public abstract class AbstractAuthorizationModule implements AuthorizationModule {
    protected Subject subject = null;
    protected CallbackHandler handler = null;
    protected Map<String, Object> sharedState = null;
    protected Map<String, Object> options = null;
    protected RoleGroup role = null;
    protected Map<ResourceType, String> delegateMap = new HashMap();
    protected static Map<String, Class<?>> clazzMap = new HashMap();

    @Override // org.jboss.security.authorization.AuthorizationModule
    public abstract int authorize(Resource resource);

    @Override // org.jboss.security.authorization.AuthorizationModule
    public boolean abort() throws AuthorizationException {
        return true;
    }

    @Override // org.jboss.security.authorization.AuthorizationModule
    public boolean commit() throws AuthorizationException {
        return true;
    }

    @Override // org.jboss.security.authorization.AuthorizationModule
    public boolean destroy() {
        this.subject = null;
        this.handler = null;
        this.sharedState = null;
        this.options = null;
        return true;
    }

    @Override // org.jboss.security.authorization.AuthorizationModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, Object> map, Map<String, Object> map2, RoleGroup roleGroup) {
        String str;
        this.subject = subject;
        this.handler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        if (map2 != null && (str = (String) map2.get("delegateMap")) != null && str.length() > 0) {
            populateDelegateMap(str);
        }
        this.role = roleGroup;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer("Name=" + getClass().getName());
        stringBuffer.append(":subject=" + this.subject);
        stringBuffer.append(":role=" + this.role);
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int invokeDelegate(Resource resource) {
        ResourceType layer = resource.getLayer();
        String str = this.delegateMap.get(layer);
        if (str == null) {
            throw PicketBoxMessages.MESSAGES.missingDelegateForLayer(layer != null ? layer.toString() : null);
        }
        try {
            return getDelegate(str).authorize(resource, this.subject, this.role);
        } catch (Exception e) {
            IllegalStateException illegalStateException = new IllegalStateException(e.getLocalizedMessage());
            illegalStateException.initCause(e);
            throw illegalStateException;
        }
    }

    protected AuthorizationModuleDelegate getDelegate(String str) throws Exception {
        Class<?> cls = clazzMap.get(str);
        if (cls == null) {
            try {
                cls = getClass().getClassLoader().loadClass(str);
            } catch (Exception e) {
                cls = SecurityActions.getContextClassLoader().loadClass(str);
            }
            clazzMap.put(str, cls);
        }
        return (AuthorizationModuleDelegate) cls.newInstance();
    }

    protected void populateDelegateMap(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, LDAPConstants.COMMA);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            StringTokenizer stringTokenizer2 = new StringTokenizer(nextToken, LDAPConstants.EQUAL);
            if (stringTokenizer2.countTokens() != 2) {
                throw PicketBoxMessages.MESSAGES.invalidDelegateMapEntry(nextToken);
            }
            String nextToken2 = stringTokenizer2.nextToken();
            this.delegateMap.put(ResourceType.valueOf(nextToken2), stringTokenizer2.nextToken());
        }
    }
}
