package com.bea.common.security.internal.service;

import com.bea.common.engine.ServiceConfigurationException;
import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceLifecycleSpi;
import com.bea.common.engine.Services;
import com.bea.common.logger.service.LoggerService;
import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.service.AuditService;
import com.bea.common.security.service.Identity;
import com.bea.common.security.service.IsProtectedResourceService;
import com.bea.common.security.servicecfg.IsProtectedResourceServiceConfig;
import com.bea.common.security.spi.AccessDecisionProvider;
import javax.security.auth.Subject;
import weblogic.security.spi.AccessDecision;
import weblogic.security.spi.AuditSeverity;
import weblogic.security.spi.Resource;

/* loaded from: input_file:com/bea/common/security/internal/service/IsProtectedResourceServiceImpl.class */
public class IsProtectedResourceServiceImpl implements ServiceLifecycleSpi {
    private LoggerSpi logger;
    private AuditService auditService;
    private AccessDecision[] accessDecisions;

    /* loaded from: input_file:com/bea/common/security/internal/service/IsProtectedResourceServiceImpl$ServiceImpl.class */
    private final class ServiceImpl implements IsProtectedResourceService {
        private ServiceImpl() {
        }

        @Override // com.bea.common.security.service.IsProtectedResourceService
        public boolean isProtectedResource(Identity identity, Resource resource) {
            boolean isDebugEnabled = IsProtectedResourceServiceImpl.this.logger.isDebugEnabled();
            String str = isDebugEnabled ? getClass().getName() + ".isProtectedResource" : null;
            if (isDebugEnabled) {
                IsProtectedResourceServiceImpl.this.logger.debug(str + " Identity=" + identity);
            }
            if (isDebugEnabled) {
                IsProtectedResourceServiceImpl.this.logger.debug(str + " Resource=" + resource);
            }
            Subject subject = identity.getSubject();
            for (int i = 0; i < IsProtectedResourceServiceImpl.this.accessDecisions.length; i++) {
                try {
                    if (IsProtectedResourceServiceImpl.this.accessDecisions[i].isProtectedResource(subject, resource)) {
                        if (isDebugEnabled) {
                            IsProtectedResourceServiceImpl.this.logger.debug(str + " AccessDecision said this is a protected resource, returning true");
                        }
                        IsProtectedResourceServiceImpl.this.writeAuditEvent(AuditSeverity.SUCCESS, identity, resource, null);
                        return true;
                    }
                    if (isDebugEnabled) {
                        IsProtectedResourceServiceImpl.this.logger.debug(str + " AccessDecision said this is not a protected resource, continuing");
                    }
                } catch (Exception e) {
                    if (isDebugEnabled) {
                        IsProtectedResourceServiceImpl.this.logger.debug(str + " received an exception, continuing to indicate resource protected. Exception: " + e);
                    }
                    IsProtectedResourceServiceImpl.this.writeAuditEvent(AuditSeverity.ERROR, identity, resource, e);
                    return true;
                }
            }
            if (isDebugEnabled) {
                IsProtectedResourceServiceImpl.this.logger.debug(str + " returning false since no AccessDecision said this is a protected resource");
            }
            IsProtectedResourceServiceImpl.this.writeAuditEvent(AuditSeverity.FAILURE, identity, resource, null);
            return false;
        }
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public Object init(Object obj, Services services) throws ServiceInitializationException {
        this.logger = ((LoggerService) services.getService(LoggerService.SERVICE_NAME)).getLogger("com.bea.common.security.service.IsProtectedResourceService");
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".init";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (obj == null || !(obj instanceof IsProtectedResourceServiceConfig)) {
            throw new ServiceConfigurationException(ServiceLogger.getExpectedConfigurationNotSupplied(str, "IsProtectedResourceServiceConfig"));
        }
        IsProtectedResourceServiceConfig isProtectedResourceServiceConfig = (IsProtectedResourceServiceConfig) obj;
        String auditServiceName = isProtectedResourceServiceConfig.getAuditServiceName();
        this.auditService = (AuditService) services.getService(auditServiceName);
        if (this.auditService == null) {
            throw new ServiceConfigurationException(ServiceLogger.getServiceNotFound(auditServiceName, str));
        }
        if (isDebugEnabled) {
            this.logger.debug(str + " got AuditService " + services.getServiceLoggingName(auditServiceName));
        }
        String[] accessDecisionProviderNames = isProtectedResourceServiceConfig.getAccessDecisionProviderNames();
        if (accessDecisionProviderNames == null) {
            throw new ServiceConfigurationException(ServiceLogger.getConfigurationMissingRequiredInfo(str, isProtectedResourceServiceConfig.getClass().getName(), "AccessDecisionProviderNames"));
        }
        this.accessDecisions = new AccessDecision[accessDecisionProviderNames.length];
        for (int i = 0; i < accessDecisionProviderNames.length; i++) {
            AccessDecisionProvider accessDecisionProvider = (AccessDecisionProvider) services.getService(accessDecisionProviderNames[i]);
            if (isDebugEnabled) {
                this.logger.debug(str + " got AccessDecisionProvider " + services.getServiceLoggingName(accessDecisionProviderNames[i]));
            }
            this.accessDecisions[i] = accessDecisionProvider.getAccessDecision();
        }
        return new ServiceImpl();
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public void shutdown() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void writeAuditEvent(AuditSeverity auditSeverity, Identity identity, Resource resource, Exception exc) {
        if (this.auditService.isAuditEnabled()) {
            this.auditService.writeEvent(new AuditResourceProtectedEventImpl(auditSeverity, identity, resource, exc));
        }
    }
}
