package com.bea.common.security.internal.service;

import com.bea.common.engine.ServiceConfigurationException;
import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceLifecycleSpi;
import com.bea.common.engine.Services;
import com.bea.common.logger.service.LoggerService;
import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.internal.utils.Delegator;
import com.bea.common.security.service.AuditService;
import com.bea.common.security.service.CredentialMappingService;
import com.bea.common.security.service.Identity;
import com.bea.common.security.servicecfg.CredentialMappingServiceConfig;
import java.util.ArrayList;
import javax.security.auth.Subject;
import weblogic.security.KeyPairCredential;
import weblogic.security.service.ContextHandler;
import weblogic.security.spi.AuditSeverity;
import weblogic.security.spi.CredentialMapperV2;
import weblogic.security.spi.Resource;

/* loaded from: input_file:com/bea/common/security/internal/service/CredentialMappingServiceImpl.class */
public class CredentialMappingServiceImpl implements ServiceLifecycleSpi, CredentialMappingService {
    private LoggerSpi logger;
    private AuditService auditService;
    private CredentialMapperV2[] credentialMappers;
    private PasswordCredentialHelper pcHelper = new PasswordCredentialHelper();

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public Object init(Object obj, Services services) throws ServiceInitializationException {
        this.logger = ((LoggerService) services.getService(LoggerService.SERVICE_NAME)).getLogger("com.bea.common.security.service.CredentialMappingService");
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".init";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (obj == null || !(obj instanceof CredentialMappingServiceConfig)) {
            throw new ServiceConfigurationException(ServiceLogger.getExpectedConfigurationNotSupplied(str, "CredentialMappingServiceConfig"));
        }
        CredentialMappingServiceConfig credentialMappingServiceConfig = (CredentialMappingServiceConfig) obj;
        String auditServiceName = credentialMappingServiceConfig.getAuditServiceName();
        this.auditService = (AuditService) services.getService(auditServiceName);
        if (isDebugEnabled) {
            this.logger.debug(str + " got AuditService " + auditServiceName);
        }
        String[] credentialMapperNames = credentialMappingServiceConfig.getCredentialMapperNames();
        if (credentialMapperNames == null || credentialMapperNames.length < 1) {
            throw new ServiceConfigurationException(ServiceLogger.getConfigurationMissingRequiredInfo(str, credentialMappingServiceConfig.getClass().getName(), "CredentialMapperV2Names"));
        }
        this.credentialMappers = new CredentialMapperV2[credentialMapperNames.length];
        for (int i = 0; i < credentialMapperNames.length; i++) {
            CredentialMapperV2 credentialMapperV2 = (CredentialMapperV2) services.getService(credentialMapperNames[i]);
            if (isDebugEnabled) {
                this.logger.debug(str + " got CredentialMapperV2 " + credentialMapperNames[i]);
            }
            this.credentialMappers[i] = credentialMapperV2;
        }
        return Delegator.getProxy(CredentialMappingService.class, this);
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public void shutdown() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".shutdown" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
    }

    @Override // com.bea.common.security.service.CredentialMappingService
    public Object[] getCredentials(Identity identity, Identity identity2, Resource resource, ContextHandler contextHandler, String str) {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str2 = isDebugEnabled ? getClass().getName() + ".shutdown" : null;
        if (isDebugEnabled) {
            this.logger.debug(str2);
        }
        Subject subject = identity != null ? identity.getSubject() : null;
        Subject subject2 = identity2 != null ? identity2.getSubject() : null;
        String[] strArr = {str};
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < this.credentialMappers.length; i++) {
            try {
                Object[] credentials = this.credentialMappers[i].getCredentials(subject, subject2, resource, contextHandler, str);
                for (int i2 = 0; credentials != null && i2 < credentials.length; i2++) {
                    arrayList.add(credentials[i2]);
                }
            } catch (RuntimeException e) {
                if (isDebugEnabled) {
                    this.logger.debug(str2 + " failure.", e);
                }
                if (this.auditService.isAuditEnabled()) {
                    writeAuditEvent(identity, identity2, null, resource, contextHandler, strArr, null, e);
                }
            }
        }
        Object[] array = arrayList.toArray();
        if (this.auditService.isAuditEnabled()) {
            writeAuditEvent(identity, identity2, null, resource, contextHandler, strArr, array, null);
        }
        return array;
    }

    @Override // com.bea.common.security.service.CredentialMappingService
    public Object[] getCredentials(Identity identity, String str, Resource resource, ContextHandler contextHandler, String str2) {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str3 = isDebugEnabled ? getClass().getName() + ".shutdown" : null;
        if (isDebugEnabled) {
            this.logger.debug(str3);
        }
        Subject subject = identity != null ? identity.getSubject() : null;
        String[] strArr = {str2};
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < this.credentialMappers.length; i++) {
            try {
                Object credential = this.credentialMappers[i].getCredential(subject, str, resource, contextHandler, str2);
                if (credential != null) {
                    arrayList.add(credential);
                }
            } catch (RuntimeException e) {
                if (isDebugEnabled) {
                    this.logger.debug(str3 + " failure.", e);
                }
                if (this.auditService.isAuditEnabled()) {
                    writeAuditEvent(identity, null, str, resource, contextHandler, strArr, null, e);
                }
            }
        }
        Object[] array = arrayList.toArray();
        if (this.auditService.isAuditEnabled()) {
            writeAuditEvent(identity, null, str, resource, contextHandler, strArr, array, null);
        }
        return array;
    }

    private void writeAuditEvent(Identity identity, Identity identity2, String str, Resource resource, ContextHandler contextHandler, String[] strArr, Object[] objArr, Exception exc) {
        AuditSeverity auditSeverity = AuditSeverity.INFORMATION;
        Object[] objArr2 = null;
        if (objArr != null && objArr.length > 0) {
            auditSeverity = AuditSeverity.SUCCESS;
            objArr2 = new Object[objArr.length];
            for (int i = 0; i < objArr2.length; i++) {
                if (objArr[i] instanceof KeyPairCredential) {
                    objArr2[i] = new KeyPairCredential(null, ((KeyPairCredential) objArr[i]).getCertificateChain());
                } else {
                    objArr2[i] = this.pcHelper.mapToNewPasswordCredential(objArr[i]);
                    if (objArr2[i] == null) {
                        objArr2[i] = objArr[i];
                    }
                }
            }
        }
        if (exc != null) {
            auditSeverity = AuditSeverity.FAILURE;
        }
        this.auditService.writeEvent(new AuditCredentialMappingEventImpl(auditSeverity, identity, identity2, str, resource, contextHandler, strArr, objArr2, exc));
    }
}
