package com.ibm.ejs.security;

import com.ibm.CORBA.iiop.ORB;
import com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl;
import com.ibm.ISecurityLocalObjectBaseL13Impl.CurrentImpl;
import com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl;
import com.ibm.ISecurityUtilityImpl.StringBytesConversion;
import com.ibm.ejs.oa.EJSORB;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ejs.security.util.Constants;
import org.omg.Security.AttributeType;
import org.omg.Security.CredentialType;
import org.omg.Security.ExtensibleFamily;
import org.omg.Security.InvalidCredentialType;
import org.omg.SecurityLevel2.Credentials;

/* loaded from: input_file:lib/security.jar:com/ibm/ejs/security/SecurityContext.class */
public class SecurityContext {
    private static final TraceComponent tc;
    private static CurrentImpl current;
    private static Credentials[] creds;
    protected static AttributeType[] accessIdAttr;
    protected static AttributeType[] publicAttr;
    public static final String REALM_DELIMITER = "/";
    static Class class$com$ibm$ejs$security$SecurityContext;

    public static CurrentImpl getCurrent() {
        return current;
    }

    public static Credentials getActualCreds() throws Exception {
        if (!isSecurityEnabled()) {
            return null;
        }
        Credentials actualCredential = SecurityCollaborator.getActualCredential(current.get_credentials(CredentialType.SecOwnCredentials, false, false, null));
        if (actualCredential != null) {
            return actualCredential;
        }
        Tr.error(tc, Constants.nls.getString("security.authn.error.owncred", "Authentication failed. Unable to get the mapped credential for SecOwnCredentials"));
        throw new Exception("Authentication Failed");
    }

    public static void restoreOriginalCred(Credentials credentials) {
        if (current == null) {
            return;
        }
        try {
            current.set_credentials(CredentialType.SecInvocationCredentials, credentials);
        } catch (Exception e) {
            Tr.error(tc, "Error restoring original credentials");
        }
    }

    public static Credentials setSystemCred() {
        Credentials credentials;
        Credentials credentials2 = null;
        if (current == null) {
            return null;
        }
        try {
            credentials2 = current.get_credentials(CredentialType.SecInvocationCredentials, false, false, null);
            credentials = current.get_credentials(CredentialType.SecOwnCredentials, false, false, null);
        } catch (Exception e) {
            Tr.error(tc, "Error setting to system credentials");
        }
        if (credentials == null) {
            return null;
        }
        current.set_credentials(CredentialType.SecInvocationCredentials, credentials);
        return credentials2;
    }

    public static void enable() {
        enable(false);
    }

    public static void enable(boolean z) {
        if (creds == null && isSecurityEnabled()) {
            Tr.entry(tc, "enable");
            EJSORB.getORBInstance();
            try {
                PrincipalAuthenticatorImpl.enableSecurity(z);
                creds = new Credentials[]{current.get_credentials(CredentialType.SecOwnCredentials)};
            } catch (InvalidCredentialType e) {
                Tr.debug(tc, "", e);
                current = null;
            }
            Tr.exit(tc, "enable");
        }
    }

    public static void initialize() {
        if (current != null) {
            current.initialize_requestor_context(creds);
        }
    }

    public static void destroy() {
        if (current != null) {
            current.clear_requestor_context();
        }
    }

    public static boolean isSecurityEnabled() {
        return current != null && current.isSecurityEnabled() && current.isSSLSecurityTagExported();
    }

    public static String getUser() {
        return getInvokedAttribute(accessIdAttr);
    }

    public static String getOwnName() {
        return unqualifySecurityName(getOwnAttribute(publicAttr));
    }

    public static String getName() {
        return unqualifySecurityName(getInvokedAttribute(publicAttr));
    }

    public static String getCallerName() {
        Credentials[] received_credentials;
        AttributeType[] attributeTypeArr = publicAttr;
        if (current == null || (received_credentials = current.received_credentials()) == null || received_credentials[0] == null) {
            return null;
        }
        try {
            return StringBytesConversion.getConvertedString(received_credentials[0].get_attributes(attributeTypeArr)[0].value);
        } catch (Exception e) {
            Tr.warning(tc, Constants.nls.getString("security.web.cred.getAttrFail", "Unable to extract the security attributes from the credential"), e);
            return null;
        }
    }

    protected static String getInvokedAttribute(AttributeType[] attributeTypeArr) {
        if (current == null) {
            return null;
        }
        try {
            Credentials credentials = current.get_credentials(CredentialType.SecInvocationCredentials, false, false, null);
            if (credentials == null || ((CredentialsImpl) credentials).isUnauthenticated()) {
                return null;
            }
            return StringBytesConversion.getConvertedString(credentials.get_attributes(attributeTypeArr)[0].value);
        } catch (Exception e) {
            Tr.warning(tc, Constants.nls.getString("security.web.cred.getAttrFail", "Unable to extract the security attributes from the credential"), e);
            return null;
        }
    }

    protected static String getOwnAttribute(AttributeType[] attributeTypeArr) {
        if (current == null) {
            return null;
        }
        try {
            Credentials credentials = current.get_credentials(CredentialType.SecOwnCredentials, false, false, null);
            if (credentials == null || ((CredentialsImpl) credentials).isUnauthenticated()) {
                return null;
            }
            return StringBytesConversion.getConvertedString(credentials.get_attributes(attributeTypeArr)[0].value);
        } catch (Exception e) {
            Tr.warning(tc, Constants.nls.getString("security.web.cred.getAttrFail", "Unable to extract the security attributes from the credential"), e);
            return null;
        }
    }

    public static String unqualifySecurityName(String str) {
        String str2 = null;
        if (str != null) {
            str2 = str.substring(str.indexOf("/") + 1);
        }
        return str2;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ejs$security$SecurityContext == null) {
            cls = class$("com.ibm.ejs.security.SecurityContext");
            class$com$ibm$ejs$security$SecurityContext = cls;
        } else {
            cls = class$com$ibm$ejs$security$SecurityContext;
        }
        tc = Tr.register(cls);
        creds = null;
        ORB oRBInstance = EJSORB.getORBInstance();
        current = null;
        String property = oRBInstance.getProperty("com.ibm.CORBA.securityEnabled");
        if (oRBInstance == null || property == null || !(property.equalsIgnoreCase("yes") || property.equalsIgnoreCase("true"))) {
            Tr.debug(tc, "SecurityContext() : Security Is Not Set");
            return;
        }
        try {
            current = (CurrentImpl) oRBInstance.resolve_initial_references("SecurityCurrent");
            if (!current.isSecurityEnabled()) {
                current = null;
            }
            ExtensibleFamily extensibleFamily = new ExtensibleFamily((short) 0, (short) 1);
            accessIdAttr = new AttributeType[1];
            accessIdAttr[0] = new AttributeType(extensibleFamily, 2);
            publicAttr = new AttributeType[1];
            publicAttr[0] = new AttributeType(extensibleFamily, 1);
        } catch (Throwable th) {
            Tr.debug(tc, "SecurityContext", th);
        }
    }
}
