package com.bea.security.providers.xacml.store.file;

import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.service.JAXPFactoryService;
import com.bea.common.security.xacml.DocumentParseException;
import com.bea.common.security.xacml.URI;
import com.bea.common.security.xacml.URISyntaxException;
import com.bea.common.security.xacml.attr.AttributeRegistry;
import com.bea.common.security.xacml.policy.AbstractPolicy;
import com.bea.common.security.xacml.policy.Policy;
import com.bea.common.security.xacml.policy.PolicySet;
import com.bea.common.store.bootstrap.BootStrapPersistence;
import com.bea.common.store.bootstrap.BootStrapService;
import com.bea.security.providers.xacml.store.GlobalPolicyUpdateImpl;
import com.bea.security.providers.xacml.store.PolicyStoreConfigInfo;
import com.bea.security.utils.DigestUtils;
import com.bea.security.utils.encryption.EncryptedStreamFactory;
import com.bea.security.xacml.PolicyStoreException;
import com.bea.security.xacml.policy.PolicyUtils;
import com.sun.xml.ws.encoding.soap.streaming.SOAP12NamespaceConstants;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Collection;

/* loaded from: input_file:com/bea/security/providers/xacml/store/file/EncryptedFilePolicyStore.class */
public class EncryptedFilePolicyStore extends FilePolicyStore implements BootStrapPersistence {
    private LoggerSpi log;
    private AttributeRegistry registry;
    private JAXPFactoryService jaxpService;

    /* loaded from: input_file:com/bea/security/providers/xacml/store/file/EncryptedFilePolicyStore$EncryptedFileAccess.class */
    private static class EncryptedFileAccess implements FileAccess {
        String type;
        private char[] password;
        private String encryptAlgorithm;
        private static final String SUFFIX = ".xacml";

        public EncryptedFileAccess(int i, char[] cArr, String str) throws PolicyStoreException {
            if (cArr == null || cArr.length == 0) {
                throw new PolicyStoreException("The password for the policy store is not set.");
            }
            this.password = cArr;
            this.encryptAlgorithm = str;
            this.type = SOAP12NamespaceConstants.ATTR_ACTOR;
            if (i == 0) {
                this.type = "atz";
            }
        }

        @Override // com.bea.security.providers.xacml.store.file.FileAccess
        public String getPolicyFileNamePrefix(boolean z) {
            return this.type + "_" + (z ? "pol" : "pset") + "_";
        }

        @Override // com.bea.security.providers.xacml.store.file.FileAccess
        public String getPolicyFileNameSuffix() {
            return SUFFIX;
        }

        @Override // com.bea.security.providers.xacml.store.file.FileAccess
        public String getIndexFileName() {
            return this.type + "_xacml.index";
        }

        @Override // com.bea.security.providers.xacml.store.file.FileAccess
        public boolean isAcceptableName(String str) {
            return str.startsWith(this.type) && str.endsWith(SUFFIX);
        }

        @Override // com.bea.security.providers.xacml.store.file.FileAccess
        public InputStream filterRead(InputStream inputStream) {
            return EncryptedStreamFactory.getDecryptedInputStream(inputStream, this.password, this.encryptAlgorithm);
        }

        @Override // com.bea.security.providers.xacml.store.file.FileAccess
        public OutputStream filterWrite(OutputStream outputStream) {
            return new BufferedOutputStream(EncryptedStreamFactory.getEncryptedOutputStream(outputStream, this.password, this.encryptAlgorithm));
        }
    }

    public EncryptedFilePolicyStore(AttributeRegistry attributeRegistry, PolicyStoreConfigInfo policyStoreConfigInfo, String str, char[] cArr, int i, String str2, int i2) throws PolicyStoreException, DocumentParseException, URISyntaxException {
        super(attributeRegistry, new File(str), policyStoreConfigInfo.getJaxpService(), new EncryptedFileAccess(i, cArr, str2), i2, cArr, str2, i, policyStoreConfigInfo.getLogger());
        this.log = policyStoreConfigInfo.getLogger();
        this.registry = attributeRegistry;
        this.jaxpService = policyStoreConfigInfo.getJaxpService();
        if (!this.store.exists() || !this.store.isDirectory()) {
            throw new PolicyStoreException("The specified store " + this.store.getAbsolutePath() + " is not a directory (and can't be created)");
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug("Constructing EncryptedFilePolicyStore under directory: " + str);
            this.log.debug("Store type: " + (i == 0 ? "Authorization" : "RoleMapping"));
        }
        bootstrap(policyStoreConfigInfo, i);
    }

    public EncryptedFilePolicyStore(AttributeRegistry attributeRegistry, JAXPFactoryService jAXPFactoryService, LoggerSpi loggerSpi, String str, char[] cArr, int i, String str2, int i2) throws PolicyStoreException, DocumentParseException, URISyntaxException {
        super(attributeRegistry, new File(str), jAXPFactoryService, new EncryptedFileAccess(i, cArr, str2), i2, cArr, str2, i, loggerSpi);
        this.log = loggerSpi;
    }

    private void bootstrap(PolicyStoreConfigInfo policyStoreConfigInfo, int i) {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Bootstrapping file store");
        }
        FileEntryConverter fileEntryConverter = new FileEntryConverter();
        BootStrapService bootstrapService = policyStoreConfigInfo.getBootstrapService();
        if (bootstrapService == null) {
            this.log.debug("bootstrap service is null, no bootstrap performed.");
        } else if (i == 0) {
            bootstrapService.loadLDIFXACMLAuthorizerTemplate(this.log, this, fileEntryConverter, policyStoreConfigInfo.getDomainName(), policyStoreConfigInfo.getRealmName());
            bootstrapService.updateXACMLAuthorizerPolicies(this.log, new GlobalPolicyUpdateImpl(this, this.log), this, policyStoreConfigInfo.getDomainName(), policyStoreConfigInfo.getRealmName());
        } else {
            bootstrapService.loadLDIFXACMLRoleMapperTemplate(this.log, this, fileEntryConverter, policyStoreConfigInfo.getDomainName(), policyStoreConfigInfo.getRealmName());
            bootstrapService.updateXACMLRoleMapperPolicies(this.log, new GlobalPolicyUpdateImpl(this, this.log), this, policyStoreConfigInfo.getDomainName(), policyStoreConfigInfo.getRealmName());
        }
    }

    @Override // com.bea.common.store.bootstrap.BootStrapPersistence
    public boolean has(Object obj) throws Exception {
        if (this.log.isDebugEnabled()) {
            this.log.debug("checkExist: " + obj);
        }
        if (!(obj instanceof XACMLEntry)) {
            return this.wlsCollectionStore.has(obj);
        }
        XACMLEntry xACMLEntry = (XACMLEntry) obj;
        return hasPolicy(new URI(xACMLEntry.getId()), xACMLEntry.getVersion());
    }

    @Override // com.bea.common.store.bootstrap.BootStrapPersistence
    public void makePersistentAll(Collection collection) throws Exception {
        int i;
        if (this.log.isDebugEnabled()) {
            this.log.debug("makePersistentAll: persistenting " + collection);
        }
        for (Object obj : collection) {
            if (obj instanceof XACMLEntry) {
                XACMLEntry xACMLEntry = (XACMLEntry) obj;
                AbstractPolicy read = PolicyUtils.read(this.registry, new ByteArrayInputStream(xACMLEntry.getXacmlDocument()), this.jaxpService.newDocumentBuilderFactory());
                try {
                    i = Integer.parseInt(xACMLEntry.getStatus());
                } catch (NumberFormatException e) {
                    i = 0;
                }
                if (read instanceof PolicySet) {
                    addPolicySet((PolicySet) read, i, xACMLEntry.getMetadata());
                } else {
                    addPolicy((Policy) read, i, xACMLEntry.getMetadata());
                }
            } else {
                this.wlsCollectionStore.makePersistence(obj);
            }
        }
    }

    @Override // com.bea.common.store.bootstrap.BootStrapPersistence
    public void close() {
    }

    @Override // com.bea.common.store.bootstrap.BootStrapPersistence
    public String getStoreId() {
        try {
            return "file_" + DigestUtils.digestSHA1(this.store.getAbsolutePath());
        } catch (Exception e) {
            this.log.warn("Unable to hash the store id", e);
            return this.store.getAbsolutePath();
        }
    }

    @Override // com.bea.common.store.bootstrap.BootStrapPersistence
    public Collection postProcessObjects(Collection collection) {
        return collection;
    }
}
