package weblogic.wsee.jaxws.provider;

import com.oracle.webservices.impl.internalspi.platform.SecurityService;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import weblogic.kernel.KernelStatus;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;
import weblogic.security.subject.SubjectManager;
import weblogic.wsee.security.wst.framework.WSTContext;
import weblogic.wsee.server.EncryptionUtil;
import weblogic.xml.crypto.wss.WSSecurityContext;

/* loaded from: input_file:weblogic/wsee/jaxws/provider/SecurityServiceImpl.class */
public class SecurityServiceImpl implements SecurityService {
    private static final Logger LOGGER = Logger.getLogger(SecurityServiceImpl.class.getName());
    private static final AuthenticatedSubject KERNEL_ID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());

    public Subject getSystemSubject() {
        return KERNEL_ID.getSubject();
    }

    public Subject getCurrentSubject() {
        AuthenticatedSubject currentSubject = SecurityServiceManager.getCurrentSubject(KERNEL_ID);
        if (currentSubject != null) {
            return currentSubject.getSubject();
        }
        return null;
    }

    public boolean setCurrentSubjectForRecovery(Subject subject) {
        if (subject == null || !isSystemSubject(getCurrentSubject())) {
            return false;
        }
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.fine("set a new current subject for recovery");
        }
        SecurityServiceManager.popSubject(KERNEL_ID);
        SecurityServiceManager.pushSubject(KERNEL_ID, new AuthenticatedSubject(subject));
        return true;
    }

    public Subject getAnonymousSubject() {
        AuthenticatedSubject anonymousSubject = SubjectManager.getSubjectManager().getAnonymousSubject();
        if (anonymousSubject != null) {
            return anonymousSubject.getSubject();
        }
        return null;
    }

    public boolean isSystemSubject(Subject subject) {
        return KERNEL_ID.getSubject() == subject;
    }

    public Object runActionAsSubject(Subject subject, PrivilegedExceptionAction<?> privilegedExceptionAction) throws Exception {
        return SecurityServiceManager.runAs(KERNEL_ID, subject == null ? KERNEL_ID : new AuthenticatedSubject(subject), privilegedExceptionAction);
    }

    public Object runActionAsSubject(Subject subject, PrivilegedAction<?> privilegedAction) throws Exception {
        return SecurityServiceManager.runAs(KERNEL_ID, subject == null ? KERNEL_ID : new AuthenticatedSubject(subject), privilegedAction);
    }

    public byte[] encrypt(byte[] bArr) {
        if (KernelStatus.isServer()) {
            bArr = EncryptionUtil.encrypt(bArr);
        }
        return bArr;
    }

    public byte[] decrypt(byte[] bArr) {
        if (KernelStatus.isServer()) {
            bArr = EncryptionUtil.decrypt(bArr);
        }
        return bArr;
    }

    public void convertSerializable(Map<String, Object> map, boolean z) {
        PersistCredentialProviderHelper.convert(map, z);
    }

    public void updateNonPersistentPropertiesInWstContext(Map<String, Object> map) {
        List list;
        WSTContext wSTContext = (WSTContext) map.get("weblogic.wsee.security.wst.framework.WSTContext");
        if (wSTContext == null || wSTContext.getMessageContext() == null || (list = (List) map.get(WSSecurityContext.CREDENTIAL_PROVIDER_LIST)) == null) {
            return;
        }
        wSTContext.getMessageContext().setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, list);
    }
}
