package oracle.security.jazn.oc4j;

import com.evermind.security.Group;
import com.evermind.security.User;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import oracle.security.jazn.ApplicationServerProxy;
import oracle.security.jazn.JAZNException;
import oracle.security.jazn.JAZNRuntimeException;
import oracle.security.jazn.JAZNWebAppConfig;
import oracle.security.jazn.action.GetJAZNConfigPropertyAction;
import oracle.security.jazn.callback.JAZNCallbackHandler;
import oracle.security.jazn.policy.Grantee;
import oracle.security.jazn.realm.Realm;
import oracle.security.jazn.realm.RealmLoginModule;
import oracle.security.jazn.realm.RealmRole;
import oracle.security.jazn.realm.RealmUser;
import oracle.security.jazn.realm.RoleManager;
import oracle.security.jazn.spi.xml.XMLRealmUser;
import oracle.security.jazn.util.Dbg;
import oracle.security.jazn.util.Env;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:oracle/security/jazn/oc4j/RealmUserAdaptor.class */
public class RealmUserAdaptor extends GenericUser {
    protected RealmPrincipalInfo _prInfo;

    /* JADX INFO: Access modifiers changed from: package-private */
    public RealmUserAdaptor(GenericUserManager genericUserManager, RealmUser realmUser) {
        super(genericUserManager, realmUser.getName());
        this._prInfo = new RealmPrincipalInfo(realmUser.getName());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RealmUserAdaptor(GenericUserManager genericUserManager, String str) {
        super(genericUserManager, str);
        this._prInfo = new RealmPrincipalInfo(genericUserManager, str, false);
    }

    protected RealmPrincipalInfo getRealmPrincipalInfo() {
        return this._prInfo;
    }

    private String getJAZNProperty(String str) {
        return getJAZNProperty(str, null);
    }

    private String getJAZNProperty(String str, String str2) {
        return (String) AccessController.doPrivileged((PrivilegedAction) new GetJAZNConfigPropertyAction(getJAZNConfig(), str, str2));
    }

    @Override // oracle.security.jazn.oc4j.GenericUser
    public Realm getRealm() {
        try {
            return getJAZNConfig().getRealmManager().getRealm(this._prInfo.realmName);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    @Override // oracle.security.jazn.oc4j.GenericUser
    public RealmUser getRealmUser() {
        try {
            return getRealm().getUserManager().getUser(this._prInfo.nickName);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RealmUser getRealmUserInternal() {
        return getRealmUser();
    }

    protected synchronized Set getGrantedRoles() throws JAZNException {
        RoleManager roleManager = getRealm().getRoleManager();
        boolean z = true;
        try {
            z = Boolean.valueOf(getJAZNProperty(Env.RBAC_HIERARCHY, Env.RBAC_HIERARCHY_DEFAULT)).booleanValue();
        } catch (Exception e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
        }
        return roleManager.getGrantedRoles(getRealmUser(), !z);
    }

    @Override // oracle.security.jazn.oc4j.GenericUser
    public String getFullName() {
        if (getRealmUserInternal() == null) {
            return null;
        }
        return getRealmUserInternal().getFullName();
    }

    @Override // oracle.security.jazn.oc4j.AbstractUser
    public String getDisplayName() {
        if (getRealmUserInternal() == null) {
            return null;
        }
        return getRealmUserInternal().getDisplayName();
    }

    @Override // oracle.security.jazn.oc4j.AbstractUser
    public String getDescription() {
        if (getRealmUserInternal() == null) {
            return null;
        }
        return getRealmUserInternal().getDescription();
    }

    @Override // oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser
    public boolean authenticate(String str) {
        String str2 = (String) JAZNUserManager.getThrAttr(Env.AUTH_STATUS);
        if (str2 != null && Env.AUTH_STATUS_AUTHENTICATED.equals(str2)) {
            JAZNUserManager.putThrAttr(Env.AUTH_STATUS, Env.AUTH_STATUS_UNAUTHENTICATED);
            return true;
        }
        if (Env.AUTH_STATUS_AUTHENTICATION_FAILURE.equals(str2)) {
            JAZNUserManager.putThrAttr(Env.AUTH_STATUS, Env.AUTH_STATUS_UNAUTHENTICATED);
            return false;
        }
        boolean booleanValue = ((Boolean) OC4JUtil.doWithJAZNClsLdr(getJAZNConfig(), new PrivilegedAction(this, ApplicationServerProxy.getApplicationName(), new JAZNCallbackHandler(getJAZNConfig(), (JAZNWebAppConfig) null, this._name, str), str) { // from class: oracle.security.jazn.oc4j.RealmUserAdaptor.1
            private final String val$f_appName;
            private final CallbackHandler val$f_cbHandler;
            private final String val$f_password;
            private final RealmUserAdaptor this$0;

            {
                this.this$0 = this;
                this.val$f_appName = r5;
                this.val$f_cbHandler = r6;
                this.val$f_password = str;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                LoginContext loginContext = OC4JUtil.getLoginContext(this.val$f_appName, this.val$f_cbHandler);
                if (loginContext != null) {
                    boolean doJAASLogin = OC4JUtil.doJAASLogin(loginContext);
                    if (doJAASLogin) {
                        this.this$0._subject = loginContext.getSubject();
                        JAZNUserManager.putThrAttr(Env.JAAS_SUBJECT, this.this$0._subject);
                    }
                    return new Boolean(doJAASLogin);
                }
                try {
                    boolean mylogin = new RealmLoginModule().mylogin(this.this$0.getJAZNConfig(), this.this$0._name, this.val$f_password.toCharArray());
                    if (mylogin) {
                        try {
                            Set grantedRoles = this.this$0.getGrantedRoles();
                            grantedRoles.add(this.this$0);
                            this.this$0._subject = new Subject();
                            this.this$0._subject.getPrincipals().addAll(grantedRoles);
                            JAZNUserManager.putThrAttr(Env.JAAS_SUBJECT, this.this$0._subject);
                        } catch (Throwable th) {
                            if (Dbg.LOG) {
                                th.printStackTrace();
                            }
                        }
                    }
                    return new Boolean(mylogin);
                } catch (LoginException e) {
                    if (Dbg.LOG) {
                        e.printStackTrace();
                    }
                    return Boolean.FALSE;
                }
            }
        })).booleanValue();
        if (Dbg.LOG && !booleanValue) {
            System.out.println(new StringBuffer().append("JAAS-OC4J: Authentication failure for user: ").append(getName()).toString());
        }
        return booleanValue;
    }

    @Override // oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser
    public boolean hasPermission(Permission permission) {
        try {
            HashSet hashSet = (HashSet) ((HashSet) getGrantedRoles()).clone();
            hashSet.add(getRealmUser());
            boolean hasPermission = getJAZNConfig().getPolicy().hasPermission(new Grantee(hashSet, (CodeSource) null), permission);
            if (Dbg.LOG && !hasPermission) {
                System.out.println(new StringBuffer().append("JAAS-OC4J: Permission check for permission: ").append(permission).append(" failed for user: ").append(getName()).toString());
            }
            return hasPermission;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    @Override // oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser
    public boolean isMemberOf(Group group) {
        if (!(group instanceof JAZNGroupAdaptor)) {
            if (group != null) {
            }
            return super.isMemberOf(group);
        }
        try {
            RealmRole realmRole = ((JAZNGroupAdaptor) group).getRealmRole();
            if (realmRole != null) {
                boolean contains = getGrantedRoles().contains(realmRole);
                if (Dbg.LOG && !contains && Dbg.LOG) {
                    System.out.println(new StringBuffer().append("JAAS-OC4J: Membership check for group: ").append(group.getName()).append(" failed for user: ").append(getName()).toString());
                }
                return contains;
            }
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
        }
        if (!Dbg.LOG) {
            return false;
        }
        System.out.println(new StringBuffer().append("JAAS-OC4J: Membership check for group: ").append(group.getName()).append(" failed for user: ").append(getName()).toString());
        return false;
    }

    @Override // oracle.security.jazn.oc4j.AbstractUser
    public String getPassword() {
        if (!(getRealmUser() instanceof XMLRealmUser)) {
            throw new UnsupportedOperationException();
        }
        XMLRealmUser realmUser = getRealmUser();
        if (realmUser.hasCredentials()) {
            return new String(realmUser.getClrCredentials());
        }
        return null;
    }

    @Override // oracle.security.jazn.oc4j.AbstractUser
    public void setPassword(String str) {
        try {
            if (!(getRealmUser() instanceof XMLRealmUser)) {
                throw new UnsupportedOperationException();
            }
            getRealmUser().setCredentialsNoCheck(str);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    @Override // oracle.security.jazn.oc4j.AbstractUser
    public synchronized Set getGroups() throws UnsupportedOperationException {
        try {
            HashSet hashSet = new HashSet();
            Iterator it = getGrantedRoles().iterator();
            while (it.hasNext()) {
                hashSet.add(new JAZNGroupAdaptor(this._userMgr, (RealmRole) it.next()));
            }
            return hashSet;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    @Override // oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser, java.security.Principal
    public boolean equals(Object obj) {
        if (obj == null || !(obj instanceof User)) {
            return false;
        }
        return getName().equals(((User) obj).getName());
    }

    @Override // oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser, java.security.Principal
    public String toString() {
        return new StringBuffer().append("[RealmUserAdaptor: ").append(this._name).append("]").toString();
    }
}
