package org.apache.geronimo.security.realm;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import org.apache.geronimo.common.GeronimoSecurityException;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.kernel.Kernel;
import org.apache.geronimo.kernel.proxy.ProxyManager;
import org.apache.geronimo.security.deploy.Principal;
import org.apache.geronimo.security.jaas.ConfigurationEntryFactory;
import org.apache.geronimo.security.jaas.JaasLoginCoordinator;
import org.apache.geronimo.security.jaas.JaasLoginModuleConfiguration;
import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
import org.apache.geronimo.security.jaas.LoginModuleControlFlagEditor;
import org.apache.geronimo.security.jaas.LoginModuleGBean;
import org.apache.geronimo.system.serverinfo.ServerInfo;
import org.exolab.castor.jdo.engine.JDBCSyntax;

/* loaded from: input_file:repository/geronimo/jars/geronimo-security-1.0-SNAPSHOT.jar:org/apache/geronimo/security/realm/GenericSecurityRealm.class */
public class GenericSecurityRealm implements SecurityRealm, ConfigurationEntryFactory, AutoMapAssistant {
    public static final String KERNEL_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.KERNEL";
    public static final String SERVERINFO_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.SERVERINFO";
    public static final String CLASSLOADER_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.CLASSLOADER";
    private String realmName;
    private JaasLoginModuleConfiguration[] config;
    private Kernel kernel;
    private ServerInfo serverInfo;
    private ClassLoader classLoader;
    private Map autoMapPrincipals = new HashMap();
    private Principal defaultPrincipal;
    private Properties deploymentSupport;
    private Map deployment;
    private String[] domains;
    private boolean restrictPrincipalsToServer;
    public static final GBeanInfo GBEAN_INFO;
    static Class class$org$apache$geronimo$security$jaas$JaasLoginCoordinator;
    static Class class$org$apache$geronimo$security$jaas$LoginModuleGBean;
    static Class class$org$apache$geronimo$security$realm$GenericSecurityRealm;
    static Class class$org$apache$geronimo$security$realm$SecurityRealm;
    static Class class$org$apache$geronimo$security$jaas$ConfigurationEntryFactory;
    static Class class$java$lang$String;
    static Class class$org$apache$geronimo$kernel$Kernel;
    static Class class$java$util$Properties;
    static Class class$java$lang$ClassLoader;
    static Class class$org$apache$geronimo$system$serverinfo$ServerInfo;

    public GenericSecurityRealm(String str, Kernel kernel, ServerInfo serverInfo, Properties properties, ClassLoader classLoader) throws MalformedObjectNameException {
        this.realmName = str;
        this.kernel = kernel;
        this.serverInfo = serverInfo;
        this.classLoader = classLoader;
        processConfiguration(properties);
        initializeDeployment();
    }

    @Override // org.apache.geronimo.security.realm.SecurityRealm
    public String getRealmName() {
        return this.realmName;
    }

    @Override // org.apache.geronimo.security.realm.SecurityRealm
    public JaasLoginModuleConfiguration[] getAppConfigurationEntries() {
        return this.config;
    }

    @Override // org.apache.geronimo.security.realm.SecurityRealm
    public DeploymentSupport getDeploymentSupport(String str) throws GeronimoSecurityException {
        return (DeploymentSupport) this.deployment.get(str);
    }

    @Override // org.apache.geronimo.security.realm.SecurityRealm
    public String[] getLoginDomains() {
        return this.domains;
    }

    public Properties getDeploymentSupport() {
        return this.deploymentSupport;
    }

    public void setDeploymentSupport(Properties properties) {
        this.deploymentSupport = properties;
    }

    @Override // org.apache.geronimo.security.realm.AutoMapAssistant
    public Principal obtainDefaultPrincipal() {
        return this.defaultPrincipal;
    }

    @Override // org.apache.geronimo.security.realm.AutoMapAssistant
    public Set obtainRolePrincipalClasses(String str) {
        String[] strArr = (String[]) this.autoMapPrincipals.get(str);
        if (strArr == null) {
            return Collections.EMPTY_SET;
        }
        HashSet hashSet = new HashSet();
        for (String str2 : strArr) {
            hashSet.add(str2);
        }
        return hashSet;
    }

    public void setDefaultPrincipal(String str) {
        if (str != null) {
            String[] split = str.split("=");
            if (split.length != 2) {
                throw new IllegalArgumentException("Default Principal should have the form 'name=class'");
            }
            this.defaultPrincipal = new Principal();
            this.defaultPrincipal.setPrincipalName(split[0]);
            this.defaultPrincipal.setClassName(split[1]);
        }
    }

    public void setAutoMapPrincipalClasses(Properties properties) {
        for (String str : properties.keySet()) {
            this.autoMapPrincipals.put(str, properties.getProperty(str).split(","));
        }
    }

    @Override // org.apache.geronimo.security.realm.SecurityRealm
    public boolean isRestrictPrincipalsToServer() {
        return this.restrictPrincipalsToServer;
    }

    public void setRestrictPrincipalsToServer(boolean z) {
        this.restrictPrincipalsToServer = z;
    }

    @Override // org.apache.geronimo.security.jaas.ConfigurationEntryFactory
    public String getConfigurationName() {
        return this.realmName;
    }

    @Override // org.apache.geronimo.security.jaas.ConfigurationEntryFactory
    public JaasLoginModuleConfiguration generateConfiguration() {
        Class cls;
        HashMap hashMap = new HashMap();
        hashMap.put(JaasLoginCoordinator.OPTION_REALM, this.realmName);
        hashMap.put(JaasLoginCoordinator.OPTION_KERNEL, this.kernel.getKernelName());
        if (class$org$apache$geronimo$security$jaas$JaasLoginCoordinator == null) {
            cls = class$("org.apache.geronimo.security.jaas.JaasLoginCoordinator");
            class$org$apache$geronimo$security$jaas$JaasLoginCoordinator = cls;
        } else {
            cls = class$org$apache$geronimo$security$jaas$JaasLoginCoordinator;
        }
        return new JaasLoginModuleConfiguration(cls.getName(), LoginModuleControlFlag.REQUIRED, hashMap, true, this.realmName);
    }

    private void processConfiguration(Properties properties) throws MalformedObjectNameException {
        boolean z;
        Class cls;
        int i = 1;
        HashSet hashSet = new HashSet();
        ArrayList arrayList = new ArrayList();
        LoginModuleControlFlagEditor loginModuleControlFlagEditor = new LoginModuleControlFlagEditor();
        ProxyManager proxyManager = this.kernel.getProxyManager();
        do {
            z = false;
            String stringBuffer = new StringBuffer().append("LoginModule.").append(i).append(JDBCSyntax.TableColumnSeparator).toString();
            Enumeration<?> propertyNames = properties.propertyNames();
            while (true) {
                if (!propertyNames.hasMoreElements()) {
                    break;
                }
                String str = (String) propertyNames.nextElement();
                if (str.startsWith(stringBuffer)) {
                    loginModuleControlFlagEditor.setAsText(str.substring(stringBuffer.length()).toUpperCase());
                    LoginModuleControlFlag loginModuleControlFlag = (LoginModuleControlFlag) loginModuleControlFlagEditor.getValue();
                    LoginModuleGBean loginModuleGBean = null;
                    try {
                        ObjectName objectName = new ObjectName(properties.getProperty(str));
                        if (class$org$apache$geronimo$security$jaas$LoginModuleGBean == null) {
                            cls = class$("org.apache.geronimo.security.jaas.LoginModuleGBean");
                            class$org$apache$geronimo$security$jaas$LoginModuleGBean = cls;
                        } else {
                            cls = class$org$apache$geronimo$security$jaas$LoginModuleGBean;
                        }
                        loginModuleGBean = (LoginModuleGBean) proxyManager.createProxy(objectName, cls);
                        Properties options = loginModuleGBean.getOptions();
                        HashMap hashMap = options != null ? new HashMap(options) : new HashMap();
                        if (this.kernel != null && !hashMap.containsKey(KERNEL_LM_OPTION)) {
                            hashMap.put(KERNEL_LM_OPTION, this.kernel.getKernelName());
                        }
                        if (this.serverInfo != null && !hashMap.containsKey(SERVERINFO_LM_OPTION)) {
                            hashMap.put(SERVERINFO_LM_OPTION, this.serverInfo);
                        }
                        if (this.classLoader != null && !hashMap.containsKey(CLASSLOADER_LM_OPTION)) {
                            hashMap.put(CLASSLOADER_LM_OPTION, this.classLoader);
                        }
                        if (loginModuleGBean.getLoginDomainName() != null) {
                            if (hashSet.contains(loginModuleGBean.getLoginDomainName())) {
                                throw new IllegalStateException(new StringBuffer().append("Error in ").append(this.realmName).append(": one security realm cannot contain multiple login modules for the same login domain").toString());
                            }
                            hashSet.add(loginModuleGBean.getLoginDomainName());
                        }
                        arrayList.add(new JaasLoginModuleConfiguration(loginModuleGBean.getLoginModuleClass(), loginModuleControlFlag, hashMap, loginModuleGBean.isServerSide(), loginModuleGBean.getLoginDomainName()));
                        proxyManager.destroyProxy(loginModuleGBean);
                        i++;
                        z = true;
                    } catch (Throwable th) {
                        proxyManager.destroyProxy(loginModuleGBean);
                        throw th;
                    }
                }
            }
        } while (z);
        this.domains = (String[]) hashSet.toArray(new String[hashSet.size()]);
        this.config = (JaasLoginModuleConfiguration[]) arrayList.toArray(new JaasLoginModuleConfiguration[arrayList.size()]);
    }

    private void initializeDeployment() {
        this.deployment = new HashMap();
        for (int i = 0; i < this.config.length; i++) {
            if (this.config[i].getLoginDomainName() != null) {
                DeploymentSupport deploymentSupport = null;
                if (this.deploymentSupport != null && this.deploymentSupport.containsKey(this.config[i].getLoginDomainName())) {
                    try {
                        deploymentSupport = (DeploymentSupport) this.classLoader.loadClass(this.deploymentSupport.getProperty(this.config[i].getLoginDomainName())).newInstance();
                    } catch (Exception e) {
                        throw new GeronimoSecurityException(new StringBuffer().append("Unable to load deployment support class '").append(this.deploymentSupport.getProperty(this.config[i].getLoginDomainName())).append("'").toString(), e);
                    }
                } else if (this.config[i].getLoginModule(this.classLoader) instanceof DeploymentSupport) {
                    DeploymentSupport loginModule = this.config[i].getLoginModule(this.classLoader);
                    loginModule.initialize((Subject) null, (CallbackHandler) null, (Map) null, this.config[i].getOptions());
                    deploymentSupport = loginModule;
                }
                if (deploymentSupport != null) {
                    this.deployment.put(this.config[i].getLoginDomainName(), deploymentSupport);
                    String[] autoMapPrincipalClassNames = deploymentSupport.getAutoMapPrincipalClassNames();
                    if (autoMapPrincipalClassNames != null) {
                        this.autoMapPrincipals.put(this.config[i].getLoginDomainName(), autoMapPrincipalClassNames);
                    }
                }
            }
        }
    }

    public static GBeanInfo getGBeanInfo() {
        return GBEAN_INFO;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        Class cls3;
        Class cls4;
        Class cls5;
        Class cls6;
        Class cls7;
        Class cls8;
        Class cls9;
        Class cls10;
        Class cls11;
        Class cls12;
        Class cls13;
        if (class$org$apache$geronimo$security$realm$GenericSecurityRealm == null) {
            cls = class$("org.apache.geronimo.security.realm.GenericSecurityRealm");
            class$org$apache$geronimo$security$realm$GenericSecurityRealm = cls;
        } else {
            cls = class$org$apache$geronimo$security$realm$GenericSecurityRealm;
        }
        GBeanInfoBuilder gBeanInfoBuilder = new GBeanInfoBuilder(cls);
        if (class$org$apache$geronimo$security$realm$SecurityRealm == null) {
            cls2 = class$("org.apache.geronimo.security.realm.SecurityRealm");
            class$org$apache$geronimo$security$realm$SecurityRealm = cls2;
        } else {
            cls2 = class$org$apache$geronimo$security$realm$SecurityRealm;
        }
        gBeanInfoBuilder.addInterface(cls2);
        if (class$org$apache$geronimo$security$jaas$ConfigurationEntryFactory == null) {
            cls3 = class$("org.apache.geronimo.security.jaas.ConfigurationEntryFactory");
            class$org$apache$geronimo$security$jaas$ConfigurationEntryFactory = cls3;
        } else {
            cls3 = class$org$apache$geronimo$security$jaas$ConfigurationEntryFactory;
        }
        gBeanInfoBuilder.addInterface(cls3);
        if (class$java$lang$String == null) {
            cls4 = class$("java.lang.String");
            class$java$lang$String = cls4;
        } else {
            cls4 = class$java$lang$String;
        }
        gBeanInfoBuilder.addAttribute("realmName", cls4, true);
        if (class$org$apache$geronimo$kernel$Kernel == null) {
            cls5 = class$("org.apache.geronimo.kernel.Kernel");
            class$org$apache$geronimo$kernel$Kernel = cls5;
        } else {
            cls5 = class$org$apache$geronimo$kernel$Kernel;
        }
        gBeanInfoBuilder.addAttribute(JaasLoginCoordinator.OPTION_KERNEL, cls5, false);
        if (class$java$util$Properties == null) {
            cls6 = class$("java.util.Properties");
            class$java$util$Properties = cls6;
        } else {
            cls6 = class$java$util$Properties;
        }
        gBeanInfoBuilder.addAttribute("loginModuleConfiguration", cls6, true);
        if (class$java$lang$ClassLoader == null) {
            cls7 = class$("java.lang.ClassLoader");
            class$java$lang$ClassLoader = cls7;
        } else {
            cls7 = class$java$lang$ClassLoader;
        }
        gBeanInfoBuilder.addAttribute("classLoader", cls7, false);
        if (class$java$lang$String == null) {
            cls8 = class$("java.lang.String");
            class$java$lang$String = cls8;
        } else {
            cls8 = class$java$lang$String;
        }
        gBeanInfoBuilder.addAttribute("autoMapPrincipalClasses", cls8, true);
        if (class$java$lang$String == null) {
            cls9 = class$("java.lang.String");
            class$java$lang$String = cls9;
        } else {
            cls9 = class$java$lang$String;
        }
        gBeanInfoBuilder.addAttribute("defaultPrincipal", cls9, true);
        if (class$java$util$Properties == null) {
            cls10 = class$("java.util.Properties");
            class$java$util$Properties = cls10;
        } else {
            cls10 = class$java$util$Properties;
        }
        gBeanInfoBuilder.addAttribute("deploymentSupport", cls10, true);
        gBeanInfoBuilder.addAttribute("restrictPrincipalsToServer", Boolean.TYPE, true);
        if (class$org$apache$geronimo$system$serverinfo$ServerInfo == null) {
            cls11 = class$("org.apache.geronimo.system.serverinfo.ServerInfo");
            class$org$apache$geronimo$system$serverinfo$ServerInfo = cls11;
        } else {
            cls11 = class$org$apache$geronimo$system$serverinfo$ServerInfo;
        }
        gBeanInfoBuilder.addReference("ServerInfo", cls11);
        gBeanInfoBuilder.addOperation("getAppConfigurationEntries", new Class[0]);
        gBeanInfoBuilder.addOperation("obtainDefaultPrincipal", new Class[0]);
        Class[] clsArr = new Class[1];
        if (class$java$lang$String == null) {
            cls12 = class$("java.lang.String");
            class$java$lang$String = cls12;
        } else {
            cls12 = class$java$lang$String;
        }
        clsArr[0] = cls12;
        gBeanInfoBuilder.addOperation("obtainRolePrincipalClasses", clsArr);
        Class[] clsArr2 = new Class[1];
        if (class$java$lang$String == null) {
            cls13 = class$("java.lang.String");
            class$java$lang$String = cls13;
        } else {
            cls13 = class$java$lang$String;
        }
        clsArr2[0] = cls13;
        gBeanInfoBuilder.addOperation("getDeploymentSupport", clsArr2);
        gBeanInfoBuilder.setConstructor(new String[]{"realmName", JaasLoginCoordinator.OPTION_KERNEL, "ServerInfo", "loginModuleConfiguration", "classLoader"});
        GBEAN_INFO = gBeanInfoBuilder.getBeanInfo();
    }
}
