package com.bea.common.security.internal.service;

import com.bea.common.engine.ServiceConfigurationException;
import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceLifecycleSpi;
import com.bea.common.engine.Services;
import com.bea.common.logger.service.LoggerService;
import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.SecurityLogger;
import com.bea.common.security.internal.utils.Delegator;
import com.bea.common.security.service.AuditService;
import com.bea.common.security.service.IdentityAssertionTokenService;
import com.bea.common.security.servicecfg.IdentityAssertionTokenServiceConfig;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.TreeMap;
import javax.security.auth.callback.CallbackHandler;
import weblogic.security.service.ContextHandler;
import weblogic.security.spi.AuditAtnEventV2;
import weblogic.security.spi.AuditSeverity;
import weblogic.security.spi.IdentityAsserterV2;
import weblogic.security.spi.IdentityAssertionException;

/* loaded from: input_file:com/bea/common/security/internal/service/IdentityAssertionTokenServiceImpl.class */
public class IdentityAssertionTokenServiceImpl implements ServiceLifecycleSpi, IdentityAssertionTokenService {
    private LoggerSpi logger;
    private AuditService auditService;
    private TreeMap<String, ArrayList<IdentityAsserterV2>> tokenTypeToIdentityAsserterMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public Object init(Object obj, Services services) throws ServiceInitializationException {
        this.logger = ((LoggerService) services.getService(LoggerService.SERVICE_NAME)).getLogger("com.bea.common.security.service.IdentityAssertionTokenService");
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".init";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        IdentityAssertionTokenServiceConfig identityAssertionTokenServiceConfig = (IdentityAssertionTokenServiceConfig) obj;
        String auditServiceName = identityAssertionTokenServiceConfig.getAuditServiceName();
        this.auditService = (AuditService) services.getService(auditServiceName);
        if (isDebugEnabled) {
            this.logger.debug(str + " got AuditService " + auditServiceName);
        }
        HashSet hashSet = new HashSet();
        IdentityAssertionTokenServiceConfig.IdentityAsserterV2Config[] identityAsserterV2Configs = identityAssertionTokenServiceConfig.getIdentityAsserterV2Configs();
        for (int i = 0; i < identityAsserterV2Configs.length; i++) {
            IdentityAsserterV2 identityAsserterV2 = (IdentityAsserterV2) services.getService(identityAsserterV2Configs[i].getIdentityAsserterV2Name());
            String[] activeTypes = identityAsserterV2Configs[i].getActiveTypes();
            for (int i2 = 0; activeTypes != null && i2 < activeTypes.length; i2++) {
                String str2 = activeTypes[i2];
                if (hashSet.contains(str2) && !"Authorization".equalsIgnoreCase(str2)) {
                    throw new ServiceConfigurationException(ServiceLogger.getNonexclusiveToken("IdentityAsserterV2s", str2));
                }
                ArrayList<IdentityAsserterV2> arrayList = this.tokenTypeToIdentityAsserterMap.get(str2);
                if (arrayList == null) {
                    arrayList = new ArrayList<>();
                } else if (!"Authorization".equalsIgnoreCase(str2)) {
                    hashSet.add(str2);
                }
                arrayList.add(identityAsserterV2);
                this.tokenTypeToIdentityAsserterMap.put(str2, arrayList);
                hashSet.add(str2);
            }
        }
        return Delegator.getProxy(IdentityAssertionTokenService.class, this);
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public void shutdown() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".shutdown" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
    }

    @Override // com.bea.common.security.service.IdentityAssertionTokenService
    public boolean isTokenTypeSupported(String str) {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str2 = isDebugEnabled ? getClass().getName() + ".tokenType" : null;
        if (isDebugEnabled) {
            this.logger.debug(str2 + "(" + str + ")");
        }
        return this.tokenTypeToIdentityAsserterMap.containsKey(str);
    }

    @Override // com.bea.common.security.service.IdentityAssertionTokenService
    public CallbackHandler assertIdentity(String str, Object obj, ContextHandler contextHandler) throws IdentityAssertionException {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str2 = isDebugEnabled ? getClass().getName() + ".assertIdentity" : null;
        if (isDebugEnabled) {
            this.logger.debug(str2 + "(" + str + ")");
        }
        ArrayList<IdentityAsserterV2> arrayList = this.tokenTypeToIdentityAsserterMap.get(str);
        if (arrayList == null || arrayList.isEmpty()) {
            throw new IdentityAssertionException(SecurityLogger.getIAHdlrUnsupTokenType(str));
        }
        try {
            if (arrayList.size() == 1) {
                return arrayList.get(0).assertIdentity(str, obj, contextHandler);
            }
            ArrayList<Exception> arrayList2 = new ArrayList<>();
            Iterator<IdentityAsserterV2> it = arrayList.iterator();
            while (it.hasNext()) {
                try {
                    return it.next().assertIdentity(str, obj, contextHandler);
                } catch (Exception e) {
                    arrayList2.add(e);
                }
            }
            throwCombinedException(arrayList2, str);
            return null;
        } catch (RuntimeException e2) {
            if (this.auditService.isAuditEnabled()) {
                this.auditService.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", contextHandler, AuditAtnEventV2.AtnEventTypeV2.ASSERTIDENTITY, e2));
            }
            if (isDebugEnabled) {
                this.logger.debug(str2 + " - Exception type: " + e2.getClass().getName());
            }
            throw e2;
        } catch (IdentityAssertionException e3) {
            if (this.auditService.isAuditEnabled()) {
                this.auditService.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", contextHandler, AuditAtnEventV2.AtnEventTypeV2.ASSERTIDENTITY, e3));
            }
            if (isDebugEnabled) {
                this.logger.debug(str2 + " - IdentityAssertionException");
            }
            throw new IdentityAssertionException(SecurityLogger.getIdentityAssertionFailedExc(e3.toString()));
        }
    }

    private void throwCombinedException(ArrayList<Exception> arrayList, String str) throws IdentityAssertionException {
        boolean z = false;
        String str2 = "";
        Iterator<Exception> it = arrayList.iterator();
        while (it.hasNext()) {
            Exception next = it.next();
            if (next instanceof RuntimeException) {
                z = true;
            }
            str2 = str2 + next.toString() + " ";
        }
        if (z) {
            RuntimeException runtimeException = new RuntimeException(SecurityLogger.getIdentityAssertionFailedExc(str2));
            Iterator<Exception> it2 = arrayList.iterator();
            while (it2.hasNext()) {
                runtimeException.addSuppressed(it2.next());
            }
            throw runtimeException;
        }
        IdentityAssertionException identityAssertionException = new IdentityAssertionException(SecurityLogger.getIdentityAssertionFailedExc(str2));
        Iterator<Exception> it3 = arrayList.iterator();
        while (it3.hasNext()) {
            identityAssertionException.addSuppressed(it3.next());
        }
        throw identityAssertionException;
    }
}
