package com.ibm.ejs.security.util;

import com.ibm.IExtendedSecurityPriv.PrincipalAuthenticator;
import com.ibm.ISecurityLocalObjectLTPAImpl.CredentialsImpl;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ejs.security.util.Cache;
import org.omg.CORBA.IntHolder;
import org.omg.Security.AuthenticationStatus;
import org.omg.Security.OpaqueHolder;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.CredentialsHolder;
import org.omg.SecurityLevel2.InvalidCredential;

/* loaded from: input_file:lib/security.jar:com/ibm/ejs/security/util/LTPAValidationCache.class */
public class LTPAValidationCache extends Cache {
    private PrincipalAuthenticator principalAuthenticator;
    private static final int DEFAULT_METHOD = 0;
    protected static boolean ltpaValidationCacheEnabled = true;
    public static final String LTPA_VALIDATION_CACHE_ENABLED = "com.ibm.websphere.security.util.LTPAValidationCacheEnabled";
    private static TraceComponent tc;
    public static final IntHolder ZERO_INT;
    static Class class$com$ibm$ejs$security$util$LTPAValidationCache;

    public LTPAValidationCache(org.omg.SecurityLevel2.PrincipalAuthenticator principalAuthenticator, int i, long j) {
        super(i, j, true);
        this.principalAuthenticator = (PrincipalAuthenticator) principalAuthenticator;
        String property = System.getProperty(LTPA_VALIDATION_CACHE_ENABLED);
        if (property == null) {
            ltpaValidationCacheEnabled = true;
        } else if (property.equalsIgnoreCase("false") || property.equalsIgnoreCase("no")) {
            ltpaValidationCacheEnabled = false;
        } else {
            ltpaValidationCacheEnabled = true;
        }
    }

    public Credentials getCredential(byte[] bArr) throws CacheException {
        Credentials validate;
        long j = 0;
        if (ltpaValidationCacheEnabled) {
            if (tc.isDebugEnabled()) {
                j = System.currentTimeMillis();
            }
            ByteArray byteArray = new ByteArray(bArr);
            validate = (Credentials) get(byteArray);
            try {
                if (validate != null) {
                    if (!((CredentialsImpl) validate).is_valid(ZERO_INT)) {
                        remove(byteArray);
                        validate = null;
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "receiving null credential from Cache");
                }
            } catch (InvalidCredential e) {
                validate = null;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("LTPAValidationCache (cache enabled): validation = ").append(System.currentTimeMillis() - j).append(" millis").toString());
            }
        } else {
            if (tc.isDebugEnabled()) {
                j = System.currentTimeMillis();
            }
            validate = validate(bArr);
            if (tc.isDebugEnabled()) {
                if (validate == null) {
                    Tr.debug(tc, "Validation failed for the LTPA token");
                }
                Tr.debug(tc, new StringBuffer().append("LTPAValidationCache (cache disabled): validation = ").append(System.currentTimeMillis() - j).append(" millis").toString());
            }
        }
        return validate;
    }

    @Override // com.ibm.ejs.security.util.Cache
    protected void update(Object obj, Cache.Entry entry) throws CacheException {
        if (tc.isDebugEnabled()) {
            Tr.entry(tc, "update");
        }
        entry.value = validate(((ByteArray) obj).getArray());
        if (entry.value == null) {
            remove(obj);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Validation failed for the LTPA token");
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.exit(tc, "update");
        }
    }

    protected Credentials validate(byte[] bArr) {
        AuthenticationStatus authenticationStatus = null;
        CredentialsHolder credentialsHolder = new CredentialsHolder();
        try {
            authenticationStatus = this.principalAuthenticator.validate(0, null, bArr, null, credentialsHolder, new OpaqueHolder(), new OpaqueHolder());
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occured during validation", e);
            }
            credentialsHolder.value = null;
        }
        if (authenticationStatus.value() != 0) {
            return null;
        }
        return credentialsHolder.value;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ejs$security$util$LTPAValidationCache == null) {
            cls = class$("com.ibm.ejs.security.util.LTPAValidationCache");
            class$com$ibm$ejs$security$util$LTPAValidationCache = cls;
        } else {
            cls = class$com$ibm$ejs$security$util$LTPAValidationCache;
        }
        tc = Tr.register(cls);
        ZERO_INT = new IntHolder(0);
    }
}
