package com.ibm.websphere.security;

import com.ibm.ISecurityUtilityImpl.RealmSecurityName;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.util.Base64Coder;
import com.ibm.ws.security.util.StringUtil;
import com.ibm.wsspi.security.token.PropagationToken;
import com.ibm.wsspi.security.token.WSSecurityPropagationHelper;
import java.lang.reflect.Method;
import javax.security.auth.AuthPermission;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:lib/com.ibm.ws.webservices.thinclient_6.1.0.jar:com/ibm/websphere/security/WSSecurityHelper.class */
public final class WSSecurityHelper {
    private static final TraceComponent tc;
    private static final AuthPermission GETPROPATTRIBUTE_PERM;
    private static final AuthPermission SETPROPATTRIBUTE_PERM;
    private static Class webAttributesClass;
    private static Method createLogoutCookiesMethod;
    private static boolean isSSOEnabled;
    static Class class$com$ibm$websphere$security$WSSecurityHelper;
    static Class class$javax$servlet$http$HttpServletRequest;
    static Class class$javax$servlet$http$HttpServletResponse;
    static Class class$java$lang$String;

    public static boolean isServerSecurityEnabled() {
        return ContextManagerFactory.getInstance().isServerSecurityEnabled();
    }

    public static boolean isGlobalSecurityEnabled() {
        return ContextManagerFactory.getInstance().isCellSecurityEnabled();
    }

    public static String getFirstCaller() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFirstCaller");
        }
        if (!WSSecurityPropagationHelper.getInstance().isRMIInboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isRMIOutboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isWebInboundPropagationEnabled()) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getFirstCaller: Outbound propagation is disabled.");
            return null;
        }
        String[] callerList = getCallerList();
        if (callerList == null || callerList.length <= 0) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getFirstCaller() returns null.");
            return null;
        }
        String str = callerList[0];
        if (str != null) {
            String substring = str.substring(str.indexOf(":", str.indexOf(":", str.indexOf(":") + 1) + 1) + 1);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, new StringBuffer().append("getFirstCaller() returns ").append(substring).toString());
            }
            return RealmSecurityName.getSecurityName(substring);
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getFirstCaller() returns null.");
        return null;
    }

    public static String getFirstServer() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFirstServer");
        }
        if (!WSSecurityPropagationHelper.getInstance().isRMIInboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isRMIOutboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isWebInboundPropagationEnabled()) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getFirstCaller: Outbound propagation is disabled.");
            return null;
        }
        String[] serverList = getServerList();
        if (serverList != null && serverList.length > 0) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, new StringBuffer().append("getFirstServer() returns ").append(serverList[0]).toString());
            }
            return serverList[0];
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getFirstServer() returns null.");
        return null;
    }

    public static String[] getCallerList() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCallerList");
        }
        if (!WSSecurityPropagationHelper.getInstance().isRMIInboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isRMIOutboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isWebInboundPropagationEnabled()) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getFirstCaller: Outbound propagation is disabled.");
            return null;
        }
        try {
            PropagationToken propagationToken = ContextManagerFactory.getInstance().getPropagationToken("com.ibm.ws.security.token.PropagationTokenImpl:1");
            if (propagationToken == null) {
                if (!tc.isEntryEnabled()) {
                    return null;
                }
                Tr.exit(tc, "getCallerList() returns null, token not present.");
                return null;
            }
            String[] attributes = propagationToken.getAttributes("com.ibm.wsspi.security.propagation.callers");
            if (attributes != null && attributes.length > 0) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, new StringBuffer().append("getCallerList() returns ").append(attributes).toString());
                }
                return attributes;
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getCallerList() returns null, attribute not present.");
            return null;
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "The following exception occurred calling getCallerList().", new Object[]{e});
            }
            FFDCFilter.processException(e, "com.ibm.websphere.security.WSSecurityHelper.getCallerList", "254");
            return null;
        }
    }

    public static String[] getServerList() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServerList");
        }
        if (!WSSecurityPropagationHelper.getInstance().isRMIInboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isRMIOutboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isWebInboundPropagationEnabled()) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getFirstCaller: Outbound propagation is disabled.");
            return null;
        }
        try {
            PropagationToken propagationToken = ContextManagerFactory.getInstance().getPropagationToken("com.ibm.ws.security.token.PropagationTokenImpl:1");
            if (propagationToken != null) {
                String[] attributes = propagationToken.getAttributes("com.ibm.wsspi.security.propagation.hosts");
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, new StringBuffer().append("getServerList() returns ").append(attributes).toString());
                }
                return attributes;
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getServerList() returns null, token not present.");
            return null;
        } catch (Exception e) {
            Tr.error(tc, "The following exception occurred calling getServerList().", new Object[]{e});
            FFDCFilter.processException(e, "com.ibm.websphere.security.WSSecurityHelper.getServerList", "308");
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "The following exception occurred calling getServerList().", new Object[]{e});
            return null;
        }
    }

    public static String[] getPropagationAttributes(String str) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("getPropagationAttributes: ").append(str).toString());
        }
        if (!WSSecurityPropagationHelper.getInstance().isRMIInboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isRMIOutboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isWebInboundPropagationEnabled()) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getFirstCaller: Outbound propagation is disabled.");
            return null;
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GETPROPATTRIBUTE_PERM);
        }
        PropagationToken propagationToken = ContextManagerFactory.getInstance().getPropagationToken("com.ibm.ws.security.token.PropagationTokenImpl:1");
        if (propagationToken != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getPropagationAttributes: success");
            }
            return propagationToken.getAttributes(str);
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.entry(tc, "getPropagationAttributes: no PropagationToken found on thread");
        return null;
    }

    public static String[] addPropagationAttribute(String str, String str2) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addPropagationAttribute");
        }
        if (!WSSecurityPropagationHelper.getInstance().isRMIInboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isRMIOutboundPropagationEnabled() && !WSSecurityPropagationHelper.getInstance().isWebInboundPropagationEnabled()) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getFirstCaller: Outbound propagation is disabled.");
            return null;
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(SETPROPATTRIBUTE_PERM);
        }
        PropagationToken propagationToken = ContextManagerFactory.getInstance().getPropagationToken("com.ibm.ws.security.token.PropagationTokenImpl:1");
        if (propagationToken == null) {
            propagationToken = ContextManagerFactory.getInstance().createPropagationToken((Subject) null);
            if (propagationToken != null) {
                ContextManagerFactory.getInstance().setPropagationToken("com.ibm.ws.security.token.PropagationTokenImpl:1", propagationToken);
            }
        }
        if (propagationToken != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "addPropagationAttribute: success");
            }
            return propagationToken.addAttribute(str, str2);
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "addPropagationAttribute: attribute not set");
        return null;
    }

    public static byte[] convertCookieStringToBytes(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "convertCookieStringToBytes");
        }
        try {
            return StringUtil.getBytes(Base64Coder.base64Decode(str));
        } catch (Exception e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "convertCookieStringToBytes: failed", new Object[]{e});
            }
            FFDCFilter.processException(e, "com.ibm.websphere.security.WSSecurityHelper.convertCookieStringToBytes", "475");
            return null;
        }
    }

    public static void revokeSSOCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Class<?> cls;
        Class<?> cls2;
        Class<?> cls3;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "revokeSSOCookies");
        }
        if (!isGlobalSecurityEnabled()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No action because global security was not enabled");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "revokeSSOCookies");
                return;
            }
            return;
        }
        if (webAttributesClass == null) {
            try {
                webAttributesClass = Class.forName("com.ibm.ws.security.web.WebAttributes");
                Class cls4 = webAttributesClass;
                Class<?>[] clsArr = new Class[2];
                if (class$javax$servlet$http$HttpServletRequest == null) {
                    cls = class$("javax.servlet.http.HttpServletRequest");
                    class$javax$servlet$http$HttpServletRequest = cls;
                } else {
                    cls = class$javax$servlet$http$HttpServletRequest;
                }
                clsArr[0] = cls;
                if (class$javax$servlet$http$HttpServletResponse == null) {
                    cls2 = class$("javax.servlet.http.HttpServletResponse");
                    class$javax$servlet$http$HttpServletResponse = cls2;
                } else {
                    cls2 = class$javax$servlet$http$HttpServletResponse;
                }
                clsArr[1] = cls2;
                createLogoutCookiesMethod = cls4.getMethod("createLogoutCookiesStatic", clsArr);
                Class<?> cls5 = Class.forName("com.ibm.ws.security.core.SecurityConfig");
                Method method = cls5.getMethod("getConfig", null);
                Class<?>[] clsArr2 = new Class[1];
                if (class$java$lang$String == null) {
                    cls3 = class$("java.lang.String");
                    class$java$lang$String = cls3;
                } else {
                    cls3 = class$java$lang$String;
                }
                clsArr2[0] = cls3;
                isSSOEnabled = ((Boolean) cls5.getMethod("getValue", clsArr2).invoke(method.invoke(null, new Object[0]), "security.ltpa.sso.enabled")).booleanValue();
            } catch (Exception e) {
                Tr.error(tc, "Initialization revokeSSOCookies failed with Exception:", new Object[]{e});
                throw new RuntimeException(e.getMessage());
            }
        }
        if (isSSOEnabled) {
            if (createLogoutCookiesMethod == null) {
                Tr.error(tc, "revokeSSOCookies init condition incorrect.");
            } else {
                try {
                    createLogoutCookiesMethod.invoke(null, httpServletRequest, httpServletResponse);
                } catch (Exception e2) {
                    Tr.error(tc, "Invoke createLogoutCookie failed with Exception:", new Object[]{e2});
                    throw new RuntimeException(e2.getMessage());
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "revokeSSOCookies");
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$websphere$security$WSSecurityHelper == null) {
            cls = class$("com.ibm.websphere.security.WSSecurityHelper");
            class$com$ibm$websphere$security$WSSecurityHelper = cls;
        } else {
            cls = class$com$ibm$websphere$security$WSSecurityHelper;
        }
        tc = Tr.register(cls, (String) null, "com.ibm.ejs.resources.security");
        GETPROPATTRIBUTE_PERM = new AuthPermission("wssecurity.getPropagationAttributes");
        SETPROPATTRIBUTE_PERM = new AuthPermission("wssecurity.addPropagationAttribute");
        webAttributesClass = null;
        createLogoutCookiesMethod = null;
        isSSOEnabled = false;
    }
}
