package weblogic.security;

import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import weblogic.security.acl.UserInfo;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.principal.IDCSClient;
import weblogic.security.principal.IDCSScope;
import weblogic.security.principal.IdentityDomainPrincipal;
import weblogic.security.principal.WLSPrincipal;
import weblogic.security.service.SecurityManager;
import weblogic.security.service.internal.SubjectRoleDelegate;
import weblogic.security.spi.WLSGroup;
import weblogic.security.spi.WLSUser;
import weblogic.security.subject.SubjectManager;

/* loaded from: input_file:weblogic/security/SubjectUtils.class */
public class SubjectUtils {
    private static final SubjectRoleDelegate roleDelegate;

    public static Principal getUserPrincipal(Subject subject) {
        checkSubjectNonNull(subject);
        return getUserPrincipal(AuthenticatedSubject.getFromSubject(subject));
    }

    public static Principal getUserPrincipal(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        Principal onePrincipal = getOnePrincipal(authenticatedSubject, WLSUser.class);
        if (onePrincipal != null) {
            return onePrincipal;
        }
        Principal onePrincipal2 = getOnePrincipal(authenticatedSubject, UserInfo.class);
        if (onePrincipal2 != null) {
            return onePrincipal2;
        }
        if (getOnePrincipal(authenticatedSubject, IDCSClient.class) != null) {
            return getUserPrincipal(AuthenticatedSubject.ANON);
        }
        Set<Principal> principals = authenticatedSubject.getPrincipals();
        if (principals.isEmpty()) {
            return null;
        }
        for (Principal principal : principals) {
            if (!(principal instanceof WLSGroup) && !(principal instanceof IDCSScope)) {
                return principal;
            }
        }
        return null;
    }

    public static String getUsername(Subject subject) {
        checkSubjectNonNull(subject);
        return getUsername(AuthenticatedSubject.getFromSubject(subject));
    }

    public static String getUsername(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        if (SecurityManager.isKernelIdentity(authenticatedSubject)) {
            return WLSPrincipals.getKernelUsername();
        }
        Principal userPrincipal = getUserPrincipal(authenticatedSubject);
        return userPrincipal == null ? WLSPrincipals.getAnonymousUsername() : userPrincipal.getName();
    }

    public static String getPrincipalNames(Subject subject) {
        checkSubjectNonNull(subject);
        return getPrincipalNames(AuthenticatedSubject.getFromSubject(subject));
    }

    public static String getPrincipalNames(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        Object[] array = authenticatedSubject.getPrincipals().toArray();
        if (array == null || array.length == 0) {
            return WLSPrincipals.getAnonymousUsername();
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < array.length; i++) {
            String name = ((Principal) array[i]).getName();
            if (i > 0) {
                stringBuffer.append('/');
            }
            if (name != null) {
                stringBuffer.append(name);
            }
        }
        return stringBuffer.toString();
    }

    public static String displaySubject(Subject subject) {
        checkSubjectNonNull(subject);
        return displaySubject(AuthenticatedSubject.getFromSubject(subject));
    }

    public static String displaySubject(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        StringBuffer stringBuffer = new StringBuffer("Subject: ");
        Set principals = authenticatedSubject.getPrincipals();
        stringBuffer.append(principals.size());
        stringBuffer.append("\n");
        for (Object obj : principals.toArray()) {
            Principal principal = (Principal) obj;
            stringBuffer.append("\tPrincipal = ");
            stringBuffer.append(principal.getClass());
            stringBuffer.append("(\"");
            String principal2 = principal instanceof IdentityDomainPrincipal ? principal.toString() : principal.getName();
            if (principal2 != null) {
                stringBuffer.append(principal2);
            }
            stringBuffer.append("\")\n");
        }
        return stringBuffer.toString();
    }

    public static Principal getOnePrincipal(AuthenticatedSubject authenticatedSubject, Class cls) {
        checkSubjectNonNull(authenticatedSubject);
        return SubjectManager.getOnePrincipal(authenticatedSubject, cls);
    }

    public static boolean compareSubjects(AuthenticatedSubject authenticatedSubject, AuthenticatedSubject authenticatedSubject2) {
        checkSubjectNonNull(authenticatedSubject);
        checkSubjectNonNull(authenticatedSubject2);
        Set principals = authenticatedSubject.getPrincipals();
        Set principals2 = authenticatedSubject2.getPrincipals();
        if (principals.size() != principals2.size()) {
            return false;
        }
        Principal[] principalArr = (Principal[]) principals2.toArray(new Principal[principals2.size()]);
        Iterator it = principals.iterator();
        while (it.hasNext()) {
            int indexOf = indexOf((Principal) it.next(), principalArr);
            if (indexOf < 0) {
                return false;
            }
            principalArr[indexOf] = null;
        }
        return true;
    }

    private static int indexOf(Principal principal, Principal[] principalArr) {
        for (int i = 0; i < principalArr.length; i++) {
            Principal principal2 = principalArr[i];
            if (principal2 != null && principal.hashCode() == principal2.hashCode() && comparePrincipals(principal, principal2)) {
                return i;
            }
        }
        return -1;
    }

    private static boolean comparePrincipals(Principal principal, Principal principal2) {
        if (principal == null || principal2 == null || !principal.getName().equals(principal2.getName()) || !principal.getClass().isAssignableFrom(principal2.getClass())) {
            return false;
        }
        if (!(principal instanceof WLSPrincipal) || !(principal2 instanceof WLSPrincipal)) {
            return true;
        }
        byte[] signedData = ((WLSPrincipal) principal).getSignedData();
        byte[] signedData2 = ((WLSPrincipal) principal2).getSignedData();
        if (signedData.length != signedData2.length) {
            return false;
        }
        for (int i = 0; i < signedData.length; i++) {
            if (signedData[i] != signedData2[i]) {
                return false;
            }
        }
        return true;
    }

    public static boolean isUserInGroup(Subject subject, String str) {
        checkSubjectNonNull(subject);
        return isUserInGroup(subject.getPrincipals(), str);
    }

    public static boolean isUserInGroup(AuthenticatedSubject authenticatedSubject, String str) {
        checkSubjectNonNull(authenticatedSubject);
        return isUserInGroup(authenticatedSubject.getPrincipals(), str);
    }

    private static boolean isUserInGroup(Set set, String str) {
        if ("users".equals(str)) {
            return !set.isEmpty();
        }
        if ("everyone".equals(str)) {
            return true;
        }
        for (Object obj : set) {
            if (obj instanceof WLSGroup) {
                String name = ((WLSGroup) obj).getName();
                if (name == str) {
                    return true;
                }
                if (name != null && name.equals(str)) {
                    return true;
                }
            }
        }
        return false;
    }

    public static Subject getAnonymousUser() {
        return getAnonymousSubject().getSubject();
    }

    public static AuthenticatedSubject getAnonymousSubject() {
        return AuthenticatedSubject.ANON;
    }

    public static boolean isUserAnonymous(Subject subject) {
        checkSubjectNonNull(subject);
        return isUserAnonymous(AuthenticatedSubject.getFromSubject(subject));
    }

    public static boolean isUserAnonymous(AuthenticatedSubject authenticatedSubject) {
        checkSubjectNonNull(authenticatedSubject);
        return authenticatedSubject == AuthenticatedSubject.ANON || authenticatedSubject.getPrincipals().size() == 0;
    }

    public static boolean isUserAnAdministrator(Subject subject) {
        return roleDelegate.isUserAnAdministrator(subject);
    }

    public static boolean isUserAnAdministrator(AuthenticatedSubject authenticatedSubject) {
        return roleDelegate.isUserAnAdministrator(authenticatedSubject);
    }

    public static boolean isAdminPrivilegeEscalation(AuthenticatedSubject authenticatedSubject, AuthenticatedSubject authenticatedSubject2) {
        return roleDelegate.isAdminPrivilegeEscalation(authenticatedSubject, authenticatedSubject2);
    }

    public static boolean isAdminPrivilegeEscalation(AuthenticatedSubject authenticatedSubject, String str, String str2) {
        return roleDelegate.isAdminPrivilegeEscalation(authenticatedSubject, str, str2);
    }

    public static boolean doesUserHaveAnyAdminRoles(AuthenticatedSubject authenticatedSubject) {
        return roleDelegate.doesUserHaveAnyAdminRoles(authenticatedSubject);
    }

    public static boolean isUserInAdminRoles(AuthenticatedSubject authenticatedSubject, String[] strArr) {
        return roleDelegate.isUserInAdminRoles(authenticatedSubject, strArr);
    }

    public static void checkSubjectNonNull(Object obj) {
        if (obj == null) {
            throw new AssertionError(SecurityLogger.getIllegalNullSubject());
        }
    }

    public static AuthenticatedSubject combineSubjects(AuthenticatedSubject[] authenticatedSubjectArr) {
        if (authenticatedSubjectArr == null || authenticatedSubjectArr.length == 0) {
            return getAnonymousSubject();
        }
        if (authenticatedSubjectArr.length == 1) {
            return authenticatedSubjectArr[0];
        }
        HashSet hashSet = new HashSet();
        for (AuthenticatedSubject authenticatedSubject : authenticatedSubjectArr) {
            Iterator it = authenticatedSubject.getPrincipals().iterator();
            while (it.hasNext()) {
                hashSet.add(it.next());
            }
        }
        return new AuthenticatedSubject(true, hashSet);
    }

    public static void setFrom(Subject subject, Subject subject2) {
        replaceContents(subject.getPrincipals(), subject2.getPrincipals());
        replaceContents(subject.getPublicCredentials(), subject2.getPublicCredentials());
        replaceContents(subject.getPrivateCredentials(), subject2.getPrivateCredentials());
    }

    public static <T> void replaceContents(Set<T> set, Set<T> set2) {
        set.clear();
        set.addAll(set2);
    }

    static {
        try {
            roleDelegate = (SubjectRoleDelegate) Class.forName("weblogic.security.service.internal.SubjectRoleDelegateImpl").newInstance();
        } catch (Throwable th) {
            throw new IllegalStateException(th);
        }
    }
}
