package com.ibm.pvc.webcontainer.security;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.pvc.webcontainer.activator.WebContainerConstants;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.List;
import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.User;
import org.osgi.service.useradmin.UserAdmin;

/* loaded from: input_file:rcp/eclipse/plugins/com.ibm.pvc.webcontainer_1.0.0.20050921/webcontainer.jar:com/ibm/pvc/webcontainer/security/UserAdminAuthEngine.class */
public class UserAdminAuthEngine implements AuthEngine {
    private static TraceComponent trace;
    private UserAdmin userAdmin;
    static /* synthetic */ Class class$0;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    static {
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("com.ibm.pvc.webcontainer.security.UserAdminAuthEngine");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(cls.getMessage());
            }
        }
        trace = Tr.register(cls, WebContainerConstants.TRACE_GROUP, WebContainerConstants.MSG_FILE);
    }

    @Override // com.ibm.pvc.webcontainer.security.AuthEngine
    public boolean authenticate(final String str, final String str2) {
        this.userAdmin = UserAdminTrackerCustomizer.getUserAdminService();
        if (this.userAdmin == null) {
            Tr.error(trace, "UserAdminAuthEngine.No_useradmin_cannot_authenticate_user");
            return false;
        }
        try {
            return ((Boolean) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.pvc.webcontainer.security.UserAdminAuthEngine.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Role role = UserAdminAuthEngine.this.userAdmin.getRole(str);
                    if (!(role instanceof User)) {
                        Tr.error(UserAdminAuthEngine.trace, "UserAdminAuthEngine.Username_invalid_cannot_verify_user");
                        return new Boolean(false);
                    }
                    User user = (User) role;
                    String str3 = (String) user.getCredentials().get("password");
                    if (str3 != null && !str3.equals(str2)) {
                        Tr.error(UserAdminAuthEngine.trace, "UserAdminAuthEngine.Password_invalid_cannot_authenticate_user");
                        return new Boolean(false);
                    }
                    if (str3 != null || user.hasCredential(str, str2)) {
                        return new Boolean(true);
                    }
                    Tr.error(UserAdminAuthEngine.trace, "UserAdminAuthEngine.Password_invalid_cannot_authenticate_user");
                    return new Boolean(false);
                }
            })).booleanValue();
        } catch (PrivilegedActionException unused) {
            return false;
        }
    }

    @Override // com.ibm.pvc.webcontainer.security.AuthEngine
    public boolean authorize(final String str, final List list) {
        this.userAdmin = UserAdminTrackerCustomizer.getUserAdminService();
        if (this.userAdmin == null) {
            Tr.error(trace, "UserAdminAuthEngine.No_useradmin_cannot_authorize_user");
            return false;
        }
        try {
            return ((Boolean) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.pvc.webcontainer.security.UserAdminAuthEngine.2
                @Override // java.security.PrivilegedExceptionAction
                public Object run() {
                    Role role = UserAdminAuthEngine.this.userAdmin.getRole(str);
                    if (!(role instanceof User)) {
                        Tr.error(UserAdminAuthEngine.trace, "UserAdminAuthEngine.Username_invalid_cannot_verify_user");
                        return new Boolean(false);
                    }
                    for (String str2 : UserAdminAuthEngine.this.userAdmin.getAuthorization((User) role).getRoles()) {
                        for (int i = 0; i < list.size(); i++) {
                            String str3 = (String) list.get(i);
                            if (str2.equals(str3)) {
                                Tr.info(UserAdminAuthEngine.trace, "UserAdminAuthEngine.User_in_role", new Object[]{str3});
                                return new Boolean(true);
                            }
                        }
                    }
                    return new Boolean(false);
                }
            })).booleanValue();
        } catch (PrivilegedActionException unused) {
            return false;
        }
    }

    @Override // com.ibm.pvc.webcontainer.security.AuthEngine
    public Principal getUserPrincipal(final String str) {
        this.userAdmin = UserAdminTrackerCustomizer.getUserAdminService();
        if (this.userAdmin == null) {
            Tr.error(trace, "UserAdminAuthEngine.No_useradmin_cannot_get_user_principal");
            return null;
        }
        try {
            return (Principal) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.pvc.webcontainer.security.UserAdminAuthEngine.3
                @Override // java.security.PrivilegedExceptionAction
                public Object run() {
                    Role role = UserAdminAuthEngine.this.userAdmin.getRole(str);
                    if (role instanceof User) {
                        return new UserAdminPrincipal(UserAdminAuthEngine.this, str);
                    }
                    Tr.error(UserAdminAuthEngine.trace, "UserAdminAuthEngine.Username_invalid_cannot_verify_user");
                    return null;
                }
            });
        } catch (PrivilegedActionException unused) {
            return null;
        }
    }
}
