package org.openejb.deployment;

import java.lang.reflect.Method;
import java.security.Permission;
import java.security.Permissions;
import java.util.Enumeration;
import javax.security.auth.Subject;
import javax.security.jacc.EJBMethodPermission;
import org.apache.geronimo.deployment.DeploymentException;
import org.apache.geronimo.security.GeronimoSecurityException;
import org.apache.geronimo.security.PrimaryRealmPrincipal;
import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.deploy.DefaultPrincipal;
import org.apache.geronimo.security.deploy.Principal;
import org.apache.geronimo.security.deploy.Realm;
import org.apache.geronimo.security.deploy.Role;
import org.apache.geronimo.security.deploy.Security;
import org.apache.geronimo.security.util.ConfigurationUtil;
import org.openejb.xbeans.ejbjar.OpenejbDefaultPrincipalType;
import org.openejb.xbeans.ejbjar.OpenejbOpenejbJarType;
import org.openejb.xbeans.ejbjar.OpenejbPrincipalType;
import org.openejb.xbeans.ejbjar.OpenejbRealmType;
import org.openejb.xbeans.ejbjar.OpenejbRoleMappingsType;
import org.openejb.xbeans.ejbjar.OpenejbRoleType;
import org.openejb.xbeans.ejbjar.OpenejbSecurityType;

/* loaded from: input_file:org/openejb/deployment/SecurityBuilder.class */
class SecurityBuilder {
    protected final OpenEJBModuleBuilder moduleBuilder;

    public SecurityBuilder(OpenEJBModuleBuilder openEJBModuleBuilder) {
        this.moduleBuilder = openEJBModuleBuilder;
    }

    public Security buildSecurityConfig(OpenejbOpenejbJarType openejbOpenejbJarType) {
        Security security = null;
        OpenejbSecurityType security2 = openejbOpenejbJarType.getSecurity();
        if (security2 != null) {
            security = new Security();
            security.setUseContextHandler(security2.getUseContextHandler());
            security.setDefaultRole(security2.getDefaultRole());
            OpenejbDefaultPrincipalType defaultPrincipal = security2.getDefaultPrincipal();
            DefaultPrincipal defaultPrincipal2 = new DefaultPrincipal();
            defaultPrincipal2.setRealmName(defaultPrincipal.getRealmName());
            defaultPrincipal2.setPrincipal(buildPrincipal(defaultPrincipal.getPrincipal()));
            security.setDefaultPrincipal(defaultPrincipal2);
            OpenejbRoleMappingsType roleMappings = security2.getRoleMappings();
            if (roleMappings != null) {
                for (int i = 0; i < roleMappings.sizeOfRoleArray(); i++) {
                    OpenejbRoleType roleArray = roleMappings.getRoleArray(i);
                    Role role = new Role();
                    role.setRoleName(roleArray.getRoleName());
                    for (int i2 = 0; i2 < roleArray.sizeOfRealmArray(); i2++) {
                        OpenejbRealmType realmArray = roleArray.getRealmArray(i2);
                        Realm realm = new Realm();
                        realm.setRealmName(realmArray.getRealmName());
                        for (int i3 = 0; i3 < realmArray.sizeOfPrincipalArray(); i3++) {
                            realm.getPrincipals().add(buildPrincipal(realmArray.getPrincipalArray(i3)));
                        }
                        role.getRealms().add(realm);
                    }
                    security.getRoleMappings().add(role);
                }
            }
        }
        return security;
    }

    private Principal buildPrincipal(OpenejbPrincipalType openejbPrincipalType) {
        Principal principal = new Principal();
        principal.setClassName(openejbPrincipalType.getClass1());
        principal.setPrincipalName(openejbPrincipalType.getName());
        principal.setDesignatedRunAs(openejbPrincipalType.isSetDesignatedRunAs());
        return principal;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Code restructure failed: missing block: B:113:0x03ac, code lost:
    
        if (r19 != false) goto L100;
     */
    /* JADX WARN: Code restructure failed: missing block: B:115:0x03ca, code lost:
    
        throw new org.apache.geronimo.deployment.DeploymentException(new java.lang.StringBuffer().append("Role designate not found for role: ").append(r0).toString());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void fillContainerBuilderSecurity(org.openejb.SecureBuilder r8, java.security.Permissions r9, org.apache.geronimo.security.deploy.Security r10, org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType r11, java.lang.String r12, org.apache.geronimo.xbeans.j2ee.SecurityIdentityType r13, org.apache.geronimo.xbeans.j2ee.SecurityRoleRefType[] r14) throws org.apache.geronimo.deployment.DeploymentException {
        /*
            Method dump skipped, instructions count: 1084
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.openejb.deployment.SecurityBuilder.fillContainerBuilderSecurity(org.openejb.SecureBuilder, java.security.Permissions, org.apache.geronimo.security.deploy.Security, org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType, java.lang.String, org.apache.geronimo.xbeans.j2ee.SecurityIdentityType, org.apache.geronimo.xbeans.j2ee.SecurityRoleRefType[]):void");
    }

    private Subject createDefaultSubject(Security security) {
        Subject subject = new Subject();
        DefaultPrincipal defaultPrincipal = security.getDefaultPrincipal();
        RealmPrincipal generateRealmPrincipal = ConfigurationUtil.generateRealmPrincipal(defaultPrincipal.getPrincipal(), defaultPrincipal.getRealmName());
        if (generateRealmPrincipal == null) {
            throw new GeronimoSecurityException("Unable to create realm principal");
        }
        PrimaryRealmPrincipal generatePrimaryRealmPrincipal = ConfigurationUtil.generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(), defaultPrincipal.getRealmName());
        if (generatePrimaryRealmPrincipal == null) {
            throw new GeronimoSecurityException("Unable to create primary realm principal");
        }
        subject.getPrincipals().add(generateRealmPrincipal);
        subject.getPrincipals().add(generatePrimaryRealmPrincipal);
        return subject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addToPermissions(Permissions permissions, String str, String str2, String str3, ClassLoader classLoader) throws DeploymentException {
        if (str3 == null) {
            return;
        }
        try {
            for (Method method : Class.forName(str3, false, classLoader).getMethods()) {
                permissions.add(new EJBMethodPermission(str, str2, method));
            }
        } catch (ClassNotFoundException e) {
            throw new DeploymentException(e);
        }
    }

    private Permissions cullPermissions(Permissions permissions, Permission permission) {
        Permissions permissions2 = new Permissions();
        Enumeration<Permission> elements = permissions.elements();
        while (elements.hasMoreElements()) {
            Permission nextElement = elements.nextElement();
            if (!permission.implies(nextElement)) {
                permissions2.add(nextElement);
            }
        }
        return permissions2;
    }
}
