package org.jboss.ejb.plugins.cmp.jdbc.bridge;

import java.lang.reflect.UndeclaredThrowableException;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import org.jboss.security.RunAs;
import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityContextAssociation;
import org.jboss.security.SecurityContextFactory;

/* loaded from: input_file:org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.class */
class SecurityActions {

    /* loaded from: input_file:org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions$PolicyContextActions.class */
    interface PolicyContextActions {
        public static final String SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
        public static final PolicyContextActions PRIVILEGED = new PolicyContextActions() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.PolicyContextActions.1
            private final PrivilegedExceptionAction exAction = new PrivilegedExceptionAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.PolicyContextActions.1.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
                }
            };

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.PolicyContextActions
            public Subject getContextSubject() throws PolicyContextException {
                try {
                    return (Subject) AccessController.doPrivileged(this.exAction);
                } catch (PrivilegedActionException e) {
                    Exception exception = e.getException();
                    if (exception instanceof PolicyContextException) {
                        throw ((PolicyContextException) exception);
                    }
                    throw new UndeclaredThrowableException(exception);
                }
            }
        };
        public static final PolicyContextActions NON_PRIVILEGED = new PolicyContextActions() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.PolicyContextActions.2
            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.PolicyContextActions
            public Subject getContextSubject() throws PolicyContextException {
                return (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
            }
        };

        Subject getContextSubject() throws PolicyContextException;
    }

    /* loaded from: input_file:org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions$RunAsIdentityActions.class */
    interface RunAsIdentityActions {
        public static final RunAsIdentityActions PRIVILEGED = new RunAsIdentityActions() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions.1
            private final PrivilegedAction peekAction = new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions.1.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                    if (securityContext == null) {
                        throw new IllegalStateException("Security Context is null");
                    }
                    return securityContext.getOutgoingRunAs();
                }
            };
            private final PrivilegedAction popAction = new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions.1.2
                @Override // java.security.PrivilegedAction
                public Object run() {
                    SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                    if (securityContext == null) {
                        throw new IllegalStateException("Security Context is null");
                    }
                    RunAs outgoingRunAs = securityContext.getOutgoingRunAs();
                    securityContext.setOutgoingRunAs(null);
                    return outgoingRunAs;
                }
            };

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions
            public RunAs peek() {
                return (RunAs) AccessController.doPrivileged(this.peekAction);
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions
            public void push(final RunAs runAs) {
                AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions.1.3
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                        if (securityContext == null) {
                            throw new IllegalStateException("Security Context is null to push runas");
                        }
                        securityContext.setOutgoingRunAs(runAs);
                        return null;
                    }
                });
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions
            public RunAs pop() {
                return (RunAs) AccessController.doPrivileged(this.popAction);
            }
        };
        public static final RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions.2
            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions
            public RunAs peek() {
                SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                if (securityContext == null) {
                    throw new IllegalStateException("Security Context is null");
                }
                return securityContext.getOutgoingRunAs();
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions
            public void push(RunAs runAs) {
                SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                if (securityContext == null) {
                    throw new IllegalStateException("Security Context is null to push runas");
                }
                securityContext.setOutgoingRunAs(runAs);
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.RunAsIdentityActions
            public RunAs pop() {
                SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                if (securityContext == null) {
                    throw new IllegalStateException("Security Context is null");
                }
                RunAs outgoingRunAs = securityContext.getOutgoingRunAs();
                securityContext.setOutgoingRunAs(null);
                return outgoingRunAs;
            }
        };

        RunAs peek();

        void push(RunAs runAs);

        RunAs pop();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions$TCLAction.class */
    public interface TCLAction {
        public static final TCLAction NON_PRIVILEGED = new TCLAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction.1
            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public ClassLoader getContextClassLoader() {
                return Thread.currentThread().getContextClassLoader();
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public ClassLoader getContextClassLoader(Thread thread) {
                return thread.getContextClassLoader();
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public void setContextClassLoader(ClassLoader classLoader) {
                Thread.currentThread().setContextClassLoader(classLoader);
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public void setContextClassLoader(Thread thread, ClassLoader classLoader) {
                thread.setContextClassLoader(classLoader);
            }
        };
        public static final TCLAction PRIVILEGED = new TCLAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction.2
            private final PrivilegedAction getTCLPrivilegedAction = new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction.2.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    return Thread.currentThread().getContextClassLoader();
                }
            };

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public ClassLoader getContextClassLoader() {
                return (ClassLoader) AccessController.doPrivileged(this.getTCLPrivilegedAction);
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public ClassLoader getContextClassLoader(final Thread thread) {
                return (ClassLoader) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction.2.2
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        return thread.getContextClassLoader();
                    }
                });
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public void setContextClassLoader(final ClassLoader classLoader) {
                AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction.2.3
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        Thread.currentThread().setContextClassLoader(classLoader);
                        return null;
                    }
                });
            }

            @Override // org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction
            public void setContextClassLoader(final Thread thread, final ClassLoader classLoader) {
                AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.TCLAction.2.4
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        thread.setContextClassLoader(classLoader);
                        return null;
                    }
                });
            }
        };

        /* loaded from: input_file:org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions$TCLAction$UTIL.class */
        public static class UTIL {
            static TCLAction getTCLAction() {
                return System.getSecurityManager() == null ? TCLAction.NON_PRIVILEGED : TCLAction.PRIVILEGED;
            }

            static ClassLoader getContextClassLoader() {
                return getTCLAction().getContextClassLoader();
            }

            static ClassLoader getContextClassLoader(Thread thread) {
                return getTCLAction().getContextClassLoader(thread);
            }

            static void setContextClassLoader(ClassLoader classLoader) {
                getTCLAction().setContextClassLoader(classLoader);
            }

            static void setContextClassLoader(Thread thread, ClassLoader classLoader) {
                getTCLAction().setContextClassLoader(thread, classLoader);
            }
        }

        ClassLoader getContextClassLoader();

        ClassLoader getContextClassLoader(Thread thread);

        void setContextClassLoader(ClassLoader classLoader);

        void setContextClassLoader(Thread thread, ClassLoader classLoader);
    }

    SecurityActions() {
    }

    static ClassLoader getContextClassLoader() {
        return TCLAction.UTIL.getContextClassLoader();
    }

    static void setContextClassLoader(ClassLoader classLoader) {
        TCLAction.UTIL.setContextClassLoader(classLoader);
    }

    static RunAs peekRunAsIdentity() {
        return System.getSecurityManager() == null ? RunAsIdentityActions.NON_PRIVILEGED.peek() : RunAsIdentityActions.PRIVILEGED.peek();
    }

    static void pushRunAsIdentity(RunAs runAs) {
        if (System.getSecurityManager() == null) {
            RunAsIdentityActions.NON_PRIVILEGED.push(runAs);
        } else {
            RunAsIdentityActions.PRIVILEGED.push(runAs);
        }
    }

    static RunAs popRunAsIdentity() {
        return System.getSecurityManager() == null ? RunAsIdentityActions.NON_PRIVILEGED.pop() : RunAsIdentityActions.PRIVILEGED.pop();
    }

    static Subject getContextSubject() throws PolicyContextException {
        return System.getSecurityManager() == null ? PolicyContextActions.NON_PRIVILEGED.getContextSubject() : PolicyContextActions.PRIVILEGED.getContextSubject();
    }

    static void createAndSetSecurityContext(final Principal principal, final Object obj, final String str) throws PrivilegedActionException {
        AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.1
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                SecurityContextAssociation.setSecurityContext(SecurityContextFactory.createSecurityContext(principal, obj, null, str));
                return null;
            }
        });
    }

    static void createAndSetSecurityContext(final Principal principal, final Object obj, final String str, final Subject subject) throws PrivilegedActionException {
        AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.2
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                SecurityContext createSecurityContext = SecurityContextFactory.createSecurityContext(str);
                createSecurityContext.getUtil().createSubjectInfo(principal, obj, subject);
                SecurityContextAssociation.setSecurityContext(createSecurityContext);
                return null;
            }
        });
    }

    static void clearSecurityContext() {
        AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.3
            @Override // java.security.PrivilegedAction
            public Object run() {
                SecurityContextAssociation.setSecurityContext(null);
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecurityContext getSecurityContext() {
        return (SecurityContext) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.4
            @Override // java.security.PrivilegedAction
            public Object run() {
                return SecurityContextAssociation.getSecurityContext();
            }
        });
    }

    static Exception getContextException() {
        return (Exception) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.5
            static final String EX_KEY = "org.jboss.security.exception";

            @Override // java.security.PrivilegedAction
            public Object run() {
                return SecurityActions.getSecurityContext().getData().get("org.jboss.security.exception");
            }
        });
    }

    static void pushSubjectContext(final Principal principal, final Object obj, final Subject subject) {
        AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.6
            @Override // java.security.PrivilegedAction
            public Object run() {
                SecurityContext securityContext = SecurityActions.getSecurityContext();
                if (securityContext == null) {
                    throw new IllegalStateException("Security Context is null");
                }
                securityContext.getUtil().createSubjectInfo(principal, obj, subject);
                return null;
            }
        });
    }

    static void popSubjectContext() {
        AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.7
            @Override // java.security.PrivilegedAction
            public Object run() {
                SecurityContext securityContext = SecurityActions.getSecurityContext();
                if (securityContext == null) {
                    throw new IllegalStateException("Security Context is null");
                }
                securityContext.getUtil().createSubjectInfo(securityContext.getUtil().getUserPrincipal(), securityContext.getUtil().getCredential(), null);
                return null;
            }
        });
    }

    static void pushCallerRunAsIdentity(final RunAs runAs) {
        AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.8
            @Override // java.security.PrivilegedAction
            public Object run() {
                SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                if (securityContext == null) {
                    throw new IllegalStateException("Security Context is null");
                }
                securityContext.setIncomingRunAs(RunAs.this);
                return null;
            }
        });
    }

    static void popCallerRunAsIdentity() {
        AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.ejb.plugins.cmp.jdbc.bridge.SecurityActions.9
            @Override // java.security.PrivilegedAction
            public Object run() {
                SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                if (securityContext == null) {
                    throw new IllegalStateException("Security Context is null");
                }
                securityContext.setIncomingRunAs(null);
                return null;
            }
        });
    }
}
