package com.bea.common.security.saml.registry;

import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.ProvidersLogger;
import com.bea.common.security.SecurityLogger;
import com.bea.common.security.legacy.ExtendedSecurityServices;
import com.bea.common.security.legacy.spi.LegacyEncryptorSpi;
import com.bea.common.security.store.data.BEASAMLPartner;
import com.bea.common.store.bootstrap.BootStrapService;
import com.bea.common.store.service.StoreService;
import com.bea.xml_.impl.jam.xml.JamXmlElements;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.jdo.PersistenceManager;
import javax.jdo.Query;
import javax.jdo.Transaction;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import weblogic.ldap.EmbeddedLDAP;
import weblogic.management.security.ProviderMBean;
import weblogic.management.utils.CreateException;
import weblogic.management.utils.InvalidCursorException;
import weblogic.management.utils.InvalidParameterException;
import weblogic.management.utils.NotFoundException;
import weblogic.security.providers.utils.BusinessObjectListerManager;
import weblogic.security.providers.utils.Utils;
import weblogic.security.spi.AuditMgmtEvent;
import weblogic.security.spi.AuditSeverity;
import weblogic.security.spi.AuditorService;
import weblogic.security.spi.SecurityServices;
import weblogic.security.utils.AuditBaseEventImpl;

/* loaded from: input_file:com/bea/common/security/saml/registry/SAMLPartnerRegistry.class */
public abstract class SAMLPartnerRegistry {
    private static final String OU_ATTR = "ou";
    private static final String DC_ATTR = "dc";
    private static final String OBJECT_CLASS_ATTR = "objectclass";
    protected static final String TOP_CLASS = "top";
    private static final String DOMAIN_CLASS = "domain";
    private static final String ORG_UNIT_CLASS = "organizationalUnit";
    private AuditorService auditor;
    protected LoggerSpi log;
    protected SecurityServices securityServices;
    protected StoreService storeService;
    protected BootStrapService bootStrapService;
    protected LegacyEncryptorSpi legacyEncryptor;
    private String domainName;
    private String realmName;
    private String domainDN;
    private String realmDN;
    private String registryDN;
    private String registryName;
    private static final String PARTNER_ID_ATTR = SAMLPartnerEntry.getPartnerIdAttribute();
    private static final String PARTNER_ENABLED_ATTR = SAMLPartnerEntry.getPartnerEnabledAttribute();
    private static final String[] PARTNER_ID_ATTRS = {PARTNER_ID_ATTR};
    private static Map partnerChangeListeners = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/bea/common/security/saml/registry/SAMLPartnerRegistry$SAMLPartnerAuditMgmtEvent.class */
    public static final class SAMLPartnerAuditMgmtEvent extends AuditBaseEventImpl implements AuditMgmtEvent {
        private String eventData;

        public SAMLPartnerAuditMgmtEvent(String str, String str2, Exception exc) {
            super(exc == null ? AuditSeverity.INFORMATION : AuditSeverity.FAILURE, str, exc);
            this.eventData = str2;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // weblogic.security.utils.AuditBaseEventImpl
        public void writeAttributes(StringBuffer stringBuffer) {
            super.writeAttributes(stringBuffer);
            stringBuffer.append(this.eventData);
        }
    }

    public abstract String getRegistryName();

    protected abstract String[] getEntryObjectClasses();

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract String[] getEntryAttributes();

    protected abstract String getBaseAuditEventType();

    protected abstract String makeNewPartnerId(int i);

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract SAMLPartnerEntry makeNewEntryInstance();

    protected abstract SAMLPartnerEntry makeNewConfigInstance();

    protected abstract Class getBusinessObjectClass();

    protected abstract String getPartnerIdFromBusinessObject(Object obj);

    protected boolean isDebug() {
        if (this.log == null) {
            return false;
        }
        return this.log.isDebugEnabled();
    }

    protected void debug(String str, String str2) {
        if (this.log == null) {
            return;
        }
        String str3 = this.registryName + "." + str + ": " + str2;
        if (this.log.isDebugEnabled()) {
            this.log.debug(str3);
        }
    }

    private void handleUnexpectedException(Throwable th) {
        throw new RuntimeException(th);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SAMLPartnerRegistry(ProviderMBean providerMBean, SecurityServices securityServices) {
        this.log = null;
        this.securityServices = null;
        this.storeService = null;
        this.bootStrapService = null;
        this.legacyEncryptor = null;
        this.domainName = null;
        this.realmName = null;
        this.domainDN = null;
        this.realmDN = null;
        this.registryDN = null;
        this.registryName = null;
        this.auditor = securityServices != null ? securityServices.getAuditorService() : null;
        this.securityServices = securityServices;
        if (this.securityServices != null) {
            this.log = ((ExtendedSecurityServices) this.securityServices).getLogger("SecuritySAMLLib");
        }
        this.realmName = providerMBean.getRealm().getName();
        if (this.securityServices != null) {
            this.domainName = Utils.getDomainName(this.securityServices);
            this.storeService = Utils.getStoreService(this.securityServices);
            this.bootStrapService = Utils.getBootStrapService(this.securityServices);
            this.legacyEncryptor = Utils.getLegacyEncryptorSpi(this.securityServices);
        }
        providerMBean.getName();
        this.registryName = getRegistryName();
        this.domainDN = EmbeddedLDAP.DOMAIN_SCHEMA_NAME + this.domainName;
        this.realmDN = "ou=" + this.realmName + "," + this.domainDN;
        this.registryDN = "ou=" + this.registryName + "," + this.realmDN;
        if (isDebug()) {
            debug(JamXmlElements.CONSTRUCTOR, "succeeded.  Delegate = " + this);
        }
    }

    protected String getRegistryDN() {
        return this.registryDN;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getDomainName() {
        return this.domainName;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getRealmName() {
        return this.realmName;
    }

    private static void validatePartnerId(String str) throws InvalidParameterException {
        if (str == null || str.length() < 1) {
            throw new InvalidParameterException(SecurityLogger.getEmptyOrNullCertificateAlias());
        }
    }

    private String getNewPartnerId() {
        Set allPartnerIds = getAllPartnerIds();
        int i = 1;
        while (true) {
            String makeNewPartnerId = makeNewPartnerId(i);
            if (allPartnerIds.contains(makeNewPartnerId)) {
                i++;
            } else {
                try {
                    if (!partnerExists(makeNewPartnerId)) {
                        return makeNewPartnerId;
                    }
                    i++;
                    allPartnerIds = getAllPartnerIds();
                } catch (InvalidParameterException e) {
                    handleUnexpectedException(e);
                    return null;
                }
            }
        }
    }

    private void validatePartner(SAMLPartnerEntry sAMLPartnerEntry) throws InvalidParameterException {
        if (sAMLPartnerEntry == null) {
            throw new InvalidParameterException(SecurityLogger.getEmptyOrNullCertificateAlias());
        }
        sAMLPartnerEntry.setEncryptionService(this.legacyEncryptor);
        sAMLPartnerEntry.handleEncryption(false);
        sAMLPartnerEntry.validate();
    }

    public SAMLPartnerEntry getPartner(String str) throws InvalidParameterException, NotFoundException {
        validatePartnerId(str);
        return getPartnerByPartnerId(str);
    }

    private SAMLPartnerEntry getPartnerByPartnerId(String str) throws NotFoundException {
        try {
            List searchPartnerByWildcard = searchPartnerByWildcard(str);
            if (searchPartnerByWildcard != null && searchPartnerByWildcard.size() == 1) {
                return getPartnerFromBusinessObject(searchPartnerByWildcard.get(0), false);
            }
            debug("getPartnerByPartnerId", "can not find the partner by id: " + str);
            throw new NotFoundException(ProvidersLogger.getSAMLCouldNotGetPartner(str));
        } catch (Throwable th) {
            debug("getPartnerByPartnerId", "Exception: " + th.getMessage());
            throw new NotFoundException(ProvidersLogger.getSAMLCouldNotGetPartner(str));
        }
    }

    private SAMLPartnerEntry getPartnerFromBusinessObject(Object obj, boolean z) {
        if (obj == null) {
            return null;
        }
        SAMLPartnerEntry makeNewConfigInstance = z ? makeNewConfigInstance() : makeNewEntryInstance();
        makeNewConfigInstance.setAttributesFromBusinessObject(obj);
        makeNewConfigInstance.setEncryptionService(this.legacyEncryptor);
        makeNewConfigInstance.handleEncryption(true);
        return makeNewConfigInstance;
    }

    public Map getEnabledPartnerConfigs() {
        if (isDebug()) {
            debug("getEnabledPartnerConfigs", "");
        }
        HashMap hashMap = new HashMap();
        try {
            Collection queryBusinessObjects = Utils.queryBusinessObjects(this.storeService, getBusinessObjectClass(), "this.domainName == domain && this.realmName == realm && this.registryName == registryName && beaSAMLPartnerEnabled == 'true'", "String domain, String realm, String registryName", new Object[]{getDomainName(), getRealmName(), getRegistryName()}, 0);
            ArrayList arrayList = (queryBusinessObjects == null || queryBusinessObjects.size() <= 0) ? null : new ArrayList(queryBusinessObjects);
            if (arrayList != null) {
                for (int i = 0; i < arrayList.size(); i++) {
                    Object obj = arrayList.get(i);
                    if (obj != null) {
                        SAMLPartnerEntry partnerFromBusinessObject = getPartnerFromBusinessObject(obj, true);
                        try {
                            debug("getEnabledPartnerConfigs", "Constructing partner '" + partnerFromBusinessObject.getPartnerId() + Expression.QUOTE);
                            partnerFromBusinessObject.construct();
                            hashMap.put(partnerFromBusinessObject.getPartnerId(), partnerFromBusinessObject);
                            debug("getEnabledPartnerConfigs", "Added partner '" + partnerFromBusinessObject.getPartnerId() + "' to map");
                        } catch (InvalidParameterException e) {
                            debug("getEnabledPartnerConfigs", "Exception while constructing partner '" + partnerFromBusinessObject.getPartnerId() + "', partner will not be active: " + e.toString());
                        }
                    }
                }
            }
        } catch (Throwable th) {
            handleUnexpectedException(th);
        }
        if (isDebug()) {
            debug("getEnabledPartnerConfigs", "found " + hashMap.size() + " enabled partners");
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set getAllPartnerIds() {
        String partnerIdFromBusinessObject;
        if (isDebug()) {
            debug("getAllPartnerIds", "");
        }
        HashSet hashSet = new HashSet();
        try {
            List searchPartnerByWildcard = searchPartnerByWildcard("*");
            if (searchPartnerByWildcard != null) {
                for (int i = 0; i < searchPartnerByWildcard.size(); i++) {
                    Object obj = searchPartnerByWildcard.get(i);
                    if (obj != null && (partnerIdFromBusinessObject = getPartnerIdFromBusinessObject(obj)) != null) {
                        hashSet.add(partnerIdFromBusinessObject);
                    }
                }
            }
        } catch (Throwable th) {
            handleUnexpectedException(th);
        }
        if (isDebug()) {
            debug("getAllPartnerIds", "found " + hashSet.size() + " partnerIds");
        }
        return hashSet;
    }

    private boolean partnerExistsInternal(String str) {
        try {
            return getPartnerByPartnerId(str) != null;
        } catch (NotFoundException e) {
            return false;
        }
    }

    private SAMLPartnerEntry checkPartnerExists(String str) throws NotFoundException {
        try {
            return getPartnerByPartnerId(str);
        } catch (NotFoundException e) {
            if (isDebug()) {
                debug("checkPartnerExists", "partnerId " + str + " does not exist");
            }
            throw e;
        }
    }

    public boolean partnerExists(String str) throws InvalidParameterException {
        validatePartnerId(str);
        if (isDebug()) {
            debug("partnerExists", "partnerId=" + str);
        }
        boolean partnerExistsInternal = partnerExistsInternal(str);
        if (isDebug()) {
            debug("partnerExists", "partnerId " + str + (partnerExistsInternal ? " exists" : " does not exist"));
        }
        return partnerExistsInternal;
    }

    public SAMLPartnerEntry newPartnerInstance() {
        if (isDebug()) {
            debug("newPartnerObject", "");
        }
        SAMLPartnerEntry makeNewEntryInstance = makeNewEntryInstance();
        if (isDebug()) {
            debug("newPartnerObject", "made new partner object");
        }
        return makeNewEntryInstance;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addPartner(SAMLPartnerEntry sAMLPartnerEntry, boolean z) throws CreateException, InvalidParameterException {
        validatePartner(sAMLPartnerEntry);
        String newPartnerId = z ? getNewPartnerId() : sAMLPartnerEntry.getPartnerId();
        if (newPartnerId == null || newPartnerId.length() == 0) {
            throw new InvalidParameterException(ProvidersLogger.getSAMLCouldNotAddPartnerWithoutId());
        }
        try {
            try {
                try {
                    addPartnerNoAudit(newPartnerId, sAMLPartnerEntry);
                    if (1 == 0 || this.auditor == null) {
                        return;
                    }
                    auditMgmtEvent("addPartner", "<PartnerId = " + newPartnerId + ">", null);
                } catch (RuntimeException e) {
                    throw e;
                }
            } catch (CreateException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (1 != 0 && this.auditor != null) {
                auditMgmtEvent("addPartner", "<PartnerId = " + newPartnerId + ">", null);
            }
            throw th;
        }
    }

    public void addPartner(SAMLPartnerEntry sAMLPartnerEntry) throws CreateException, InvalidParameterException {
        addPartner(sAMLPartnerEntry, true);
    }

    private void addPartnerNoAudit(String str, SAMLPartnerEntry sAMLPartnerEntry) throws CreateException {
        try {
            addPartner(str, sAMLPartnerEntry);
        } catch (Exception e) {
            handleUnexpectedException(e);
        }
    }

    private void addPartner(String str, SAMLPartnerEntry sAMLPartnerEntry) throws Exception {
        if (isDebug()) {
            debug("addPartner", "partnerId=" + str);
        }
        Utils.persistBusinessObject(this.storeService, sAMLPartnerEntry.constructBusinessObject(getBusinessObjectClass(), str, getRegistryName(), getRealmName(), getDomainName()));
        sAMLPartnerEntry.setAttribute(PARTNER_ID_ATTR, str);
        if (isDebug()) {
            debug("addPartner", "partner " + str + " has been added to the registry");
        }
        notifyPartnerChanged(sAMLPartnerEntry);
    }

    public void updatePartner(SAMLPartnerEntry sAMLPartnerEntry) throws NotFoundException, InvalidParameterException {
        validatePartner(sAMLPartnerEntry);
        String partnerId = sAMLPartnerEntry.getPartnerId();
        validatePartnerId(partnerId);
        try {
            try {
                updatePartnerNoAudit(partnerId, sAMLPartnerEntry);
                if (1 == 0 || this.auditor == null) {
                    return;
                }
                auditMgmtEvent("updatePartner", "<PartnerId = " + partnerId + ">", null);
            } catch (RuntimeException e) {
                throw e;
            } catch (NotFoundException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (1 != 0 && this.auditor != null) {
                auditMgmtEvent("updatePartner", "<PartnerId = " + partnerId + ">", null);
            }
            throw th;
        }
    }

    private void updatePartnerNoAudit(String str, SAMLPartnerEntry sAMLPartnerEntry) throws NotFoundException {
        try {
            updatePartner(str, sAMLPartnerEntry);
        } catch (NotFoundException e) {
            throw e;
        } catch (Throwable th) {
            handleUnexpectedException(th);
        }
    }

    private void updatePartner(String str, SAMLPartnerEntry sAMLPartnerEntry) throws Throwable {
        if (isDebug()) {
            debug("updatePartner", "partnerId=" + str);
        }
        updateBusinessObject(str, sAMLPartnerEntry);
        notifyPartnerChanged(sAMLPartnerEntry);
        if (isDebug()) {
            debug("updatePartner", "partner " + str + " has been updated in the registry");
        }
    }

    public void removePartner(String str) throws NotFoundException, InvalidParameterException {
        validatePartnerId(str);
        try {
            try {
                try {
                    removePartnerNoAudit(str);
                    if (1 == 0 || this.auditor == null) {
                        return;
                    }
                    auditMgmtEvent("removePartner", "<PartnerId = " + str + ">", null);
                } catch (NotFoundException e) {
                    throw e;
                }
            } catch (RuntimeException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (1 != 0 && this.auditor != null) {
                auditMgmtEvent("removePartner", "<PartnerId = " + str + ">", null);
            }
            throw th;
        }
    }

    private void removePartnerNoAudit(String str) throws NotFoundException {
        try {
            removePartnerInternal(str);
        } catch (NotFoundException e) {
            throw e;
        } catch (Throwable th) {
            handleUnexpectedException(th);
        }
    }

    private void removePartnerInternal(String str) throws Throwable {
        if (isDebug()) {
            debug("removePartner", "partnerId=" + str);
        }
        SAMLPartnerEntry checkPartnerExists = checkPartnerExists(str);
        Utils.deleteSingleBusinessObject(this.storeService, getBusinessObjectClass(), "this.domainName == domain && this.realmName == realm && this.registryName == registry && this.cn == partnerId", "String domain, String realm, String registry, String partnerId", new Object[]{getDomainName(), getRealmName(), getRegistryName(), str});
        if (isDebug()) {
            debug("removePartner", "partner " + str + " has been removed from the registry");
        }
        notifyPartnerChanged(checkPartnerExists);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String listPartners(BusinessObjectListerManager businessObjectListerManager, String str, int i) throws InvalidParameterException, InvalidCursorException {
        if (str == null || str.length() < 1) {
            throw new InvalidParameterException(SecurityLogger.getEmptyOrNullCertificateAliasWildcard());
        }
        if (i < 0) {
            throw new InvalidParameterException(SecurityLogger.getMaximumToReturnCanNotBeLessThanZero());
        }
        List list = null;
        try {
            list = searchPartnerByWildcard(str);
        } catch (Throwable th) {
            debug("listPartners", "search partner by wildcard failed: " + th.getMessage());
        }
        return businessObjectListerManager.addLister(generateNameList(list), i);
    }

    private static List generateNameList(List list) {
        ArrayList arrayList = new ArrayList();
        if (list != null) {
            for (int i = 0; i < list.size(); i++) {
                arrayList.add(((BEASAMLPartner) list.get(i)).getCn());
            }
        }
        return arrayList;
    }

    private void auditMgmtEvent(String str, String str2, Exception exc) {
        if (this.auditor == null) {
            return;
        }
        this.auditor.providerAuditWriteEvent(new SAMLPartnerAuditMgmtEvent(constructEventType(str), str2, exc));
    }

    private String constructEventType(String str) {
        return getBaseAuditEventType() + " " + str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List searchPartnerByWildcard(String str) throws Throwable {
        Collection queryBusinessObjects = Utils.queryBusinessObjects(this.storeService, getBusinessObjectClass(), "this.domainName == domain && this.realmName == realm && this.registryName == registry && this.cn.matches(partnerIdPattern)", "String domain, String realm, String registry, String partnerIdPattern", new Object[]{getDomainName(), getRealmName(), getRegistryName(), Utils.convertLDAPPatternForJDO(str, this.storeService)}, 0);
        if (queryBusinessObjects == null || queryBusinessObjects.size() <= 0) {
            return null;
        }
        return new ArrayList(queryBusinessObjects);
    }

    private void updateBusinessObject(String str, SAMLPartnerEntry sAMLPartnerEntry) throws Throwable {
        PersistenceManager persistenceManager = this.storeService.getPersistenceManager();
        Query query = null;
        try {
            Transaction currentTransaction = persistenceManager.currentTransaction();
            currentTransaction.begin();
            try {
                Class businessObjectClass = getBusinessObjectClass();
                Object[] objArr = {getDomainName(), getRealmName(), getRegistryName(), str};
                Query newQuery = persistenceManager.newQuery(businessObjectClass);
                newQuery.setFilter("this.domainName == domain && this.realmName == realm && this.registryName == registry && this.cn == partnerId");
                newQuery.declareParameters("String domain, String realm, String registry, String partnerId");
                Collection collection = (Collection) newQuery.executeWithArray(objArr);
                if (collection.size() != 1) {
                    debug("updateBusinessObject", "update businses object failed, can not determine the object to update");
                    throw new Exception(ProvidersLogger.getSAMLCouldNotUpdateBusinessObject());
                }
                persistenceManager.makePersistent(sAMLPartnerEntry.constructBusinessObject(getBusinessObjectClass(), collection.toArray()[0], str, getRegistryName(), getRealmName(), getDomainName()));
                currentTransaction.commit();
                if (newQuery != null) {
                    newQuery.closeAll();
                }
                persistenceManager.close();
            } catch (Throwable th) {
                currentTransaction.rollback();
                throw th;
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                query.closeAll();
            }
            persistenceManager.close();
            throw th2;
        }
    }

    public void addPartnerChangeListener(String str, PartnerChangeListener partnerChangeListener) {
        synchronized (partnerChangeListeners) {
            List list = (List) partnerChangeListeners.get(str);
            if (list == null) {
                list = new ArrayList();
                partnerChangeListeners.put(str, list);
            }
            list.add(partnerChangeListener);
        }
    }

    public void removePartnerChangeListener(String str, PartnerChangeListener partnerChangeListener) {
        synchronized (partnerChangeListeners) {
            if (isDebug()) {
                this.log.debug("SAMLPartnerRegistry.removePartnerChangeListener()");
            }
            List list = (List) partnerChangeListeners.get(str);
            if (list != null) {
                list.remove(partnerChangeListener);
            }
        }
    }

    private void notifyPartnerChanged(SAMLPartnerEntry sAMLPartnerEntry) {
        synchronized (partnerChangeListeners) {
            List list = (List) partnerChangeListeners.get(this.domainName + this.realmName);
            for (int i = 0; list != null && i < list.size(); i++) {
                PartnerChangeListener partnerChangeListener = (PartnerChangeListener) list.get(i);
                if (partnerChangeListener != null) {
                    try {
                        partnerChangeListener.firePartnerChange(sAMLPartnerEntry);
                    } catch (Exception e) {
                        list.remove(partnerChangeListener);
                        if (isDebug()) {
                            this.log.debug("PartnerChangeListener.firePartnerChange() failed " + this.domainName + this.realmName + " on listener " + String.valueOf(partnerChangeListener), e);
                        }
                    }
                }
            }
        }
    }
}
