package weblogic.wsee.util;

import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.login.LoginException;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.SubjectUtils;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.AuthorizationManager;
import weblogic.security.service.PrincipalAuthenticator;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityService;
import weblogic.security.service.SecurityServiceManager;

/* loaded from: input_file:weblogic/wsee/util/ServerSecurityHelper.class */
public class ServerSecurityHelper {
    private static final AuthenticatedSubject KERNEL_ID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private static final Map AUTHENTICATORS = new HashMap();

    public static final AuthenticatedSubject getCurrentSubject() {
        return SecurityServiceManager.getCurrentSubject(KERNEL_ID);
    }

    public static AuthenticatedSubject assertIdentity(String str, String str2, String str3) throws LoginException {
        return getPrincipalAuthenticator(str3).authenticate(new SimpleCallbackHandler(str, str2));
    }

    public static AuthenticatedSubject assertIdentity(X509Certificate[] x509CertificateArr, String str) throws LoginException {
        try {
            return getPrincipalAuthenticator(str).assertIdentity("X.509", x509CertificateArr);
        } catch (ClassCastException e) {
            return null;
        } catch (SecurityException e2) {
            return null;
        }
    }

    public static void assertAnonymousIdentity() {
        SecurityServiceManager.pushSubject(KERNEL_ID, SubjectUtils.getAnonymousSubject());
    }

    public static void assertX509Identity(AuthenticatedSubject authenticatedSubject) {
        SecurityServiceManager.pushSubject(KERNEL_ID, authenticatedSubject);
    }

    private static PrincipalAuthenticator getPrincipalAuthenticator(String str) {
        if (str == null) {
            str = "weblogicDEFAULT";
        }
        PrincipalAuthenticator principalAuthenticator = (PrincipalAuthenticator) AUTHENTICATORS.get(str);
        if (principalAuthenticator == null) {
            principalAuthenticator = (PrincipalAuthenticator) SecurityServiceManager.getSecurityService(KERNEL_ID, str, SecurityService.ServiceType.AUTHENTICATION);
            AUTHENTICATORS.put(str, principalAuthenticator);
        }
        return principalAuthenticator;
    }

    public static final AuthorizationManager getAuthManager(String str) {
        return SecurityServiceManager.getSecurityService(KERNEL_ID, str, SecurityService.ServiceType.AUTHORIZE);
    }

    public static final void authenticatedInvoke(AuthenticatedSubject authenticatedSubject, PrivilegedExceptionAction privilegedExceptionAction) throws IOException {
        try {
            SecurityServiceManager.runAs(KERNEL_ID, authenticatedSubject, privilegedExceptionAction);
        } catch (PrivilegedActionException e) {
            if (!(e.getException() instanceof IOException)) {
                throw new UndeclaredThrowableException(e.getException());
            }
            throw ((IOException) e.getException());
        }
    }
}
