package weblogic.security.jaspic;

import com.bea.common.security.service.PrincipalValidationService;
import java.security.AccessController;
import java.security.Principal;
import java.util.Set;
import javax.security.auth.login.LoginException;
import org.jvnet.hk2.annotations.Service;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.SubjectUtils;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrincipalAuthenticator;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;
import weblogic.utils.annotation.Secure;

@Service
@Secure
/* loaded from: input_file:weblogic/security/jaspic/SecurityServicesImpl.class */
public class SecurityServicesImpl implements SecurityServices {
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private static final PrincipalAuthenticator pa = getPrincipalAuthenticatorFromCSS();
    private static final PrincipalValidationService pvs = getPrincipalValidationServiceFromCSS();

    private SecurityServicesImpl() {
    }

    private PrincipalAuthenticator getPrincipalAuthenticator() {
        return pa;
    }

    private PrincipalValidationService getPrincipalValidationService() {
        return pvs;
    }

    @Override // weblogic.security.jaspic.SecurityServices
    public AuthenticatedSubject authenticate(String str, char[] cArr) throws LoginException {
        return getPrincipalAuthenticator().authenticate(new SimpleCallbackHandler(str, cArr));
    }

    @Override // weblogic.security.jaspic.SecurityServices
    public AuthenticatedSubject impersonate(String str) throws LoginException {
        return getPrincipalAuthenticator().impersonateIdentity(str);
    }

    @Override // weblogic.security.jaspic.SecurityServices
    public void signPrincipals(Set<Principal> set) {
        getPrincipalValidationService().sign(set);
    }

    @Override // weblogic.security.jaspic.SecurityServices
    public boolean isAdminUser(AuthenticatedSubject authenticatedSubject) {
        return SubjectUtils.isUserAnAdministrator(authenticatedSubject) || SubjectUtils.doesUserHaveAnyAdminRoles(authenticatedSubject);
    }

    private static PrincipalAuthenticator getPrincipalAuthenticatorFromCSS() {
        return SecurityServiceManager.getPrincipalAuthenticator(kernelId, SecurityServiceManager.getContextSensitiveRealmName());
    }

    private static PrincipalValidationService getPrincipalValidationServiceFromCSS() {
        try {
            return SecurityServiceManager.getPrincipalValidationService(kernelId);
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }
}
