package weblogic.servlet.security.internal;

import java.security.AccessController;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.servlet.Filter;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import weblogic.management.DeploymentException;
import weblogic.management.configuration.AppDeploymentMBean;
import weblogic.management.utils.ConnectionSigner;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.SubjectUtils;
import weblogic.security.auth.login.PasswordCredential;
import weblogic.servlet.security.internal.ServletSecurityServices;
import weblogic.servlet.spi.ApplicationSecurity;
import weblogic.servlet.spi.SubjectHandle;

/* loaded from: input_file:weblogic/servlet/security/internal/AbstractAppSecurity.class */
public abstract class AbstractAppSecurity implements ApplicationSecurity {
    private final ServletSecurityServices securityServices;
    private final ServletSecurityServices.ApplicationServices applicationServices;
    private final String realmName;
    private final int roleMappingMode;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractAppSecurity(ServletSecurityServices servletSecurityServices, AppDeploymentMBean appDeploymentMBean, String str, String str2) {
        this.securityServices = servletSecurityServices;
        this.realmName = str2 != null ? str2 : this.securityServices.getDefaultRealmName();
        this.applicationServices = this.securityServices.createApplicationSecurity(this.realmName, appDeploymentMBean, str);
        this.roleMappingMode = this.applicationServices.getRoleMappingBehavior();
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public SubjectHandle authenticate(CallbackHandler callbackHandler, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws LoginException {
        if ($assertionsDisabled || str.equals(this.realmName)) {
            return this.applicationServices.authenticate(callbackHandler, httpServletRequest, httpServletResponse);
        }
        throw new AssertionError("Another realm is already active");
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public SubjectHandle authenticateAndSaveCredential(final String str, final Object obj, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws LoginException {
        if (!$assertionsDisabled && !str2.equals(this.realmName)) {
            throw new AssertionError("Another realm is already active");
        }
        final SubjectHandle authenticate = this.applicationServices.authenticate(this.securityServices.createCallbackHandler(str, obj, httpServletRequest, httpServletResponse), httpServletRequest, httpServletResponse);
        if (authenticate != null) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: weblogic.servlet.security.internal.AbstractAppSecurity.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    AbstractAppSecurity.this.securityServices.addToPrivateCredentials(authenticate, new PasswordCredential(str, (String) obj));
                    return null;
                }
            });
        }
        return authenticate;
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public SubjectHandle authenticateAndSaveCredential(final String str, final char[] cArr, String str2) throws LoginException {
        if (!$assertionsDisabled && !str2.equals(this.realmName)) {
            throw new AssertionError("Another realm is already active");
        }
        final SubjectHandle authenticate = this.applicationServices.authenticate(new SimpleCallbackHandler(str, cArr));
        if (authenticate != null) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: weblogic.servlet.security.internal.AbstractAppSecurity.2
                @Override // java.security.PrivilegedAction
                public Object run() {
                    AbstractAppSecurity.this.securityServices.addToPrivateCredentials(authenticate, new PasswordCredential(str, new String(cArr)));
                    return null;
                }
            });
        }
        return authenticate;
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public SubjectHandle assertIdentity(String str, Object obj, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws LoginException {
        return this.applicationServices.assertIdentity(str, obj, httpServletRequest, httpServletResponse);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public SubjectHandle impersonate(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws LoginException {
        if ($assertionsDisabled || str2.equals(this.realmName)) {
            return this.applicationServices.impersonateIdentity(str, httpServletRequest, httpServletResponse);
        }
        throw new AssertionError("Another realm is already active");
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public void populateSubject(Subject subject, SubjectHandle subjectHandle) {
        SubjectUtils.setFrom(subject, this.securityServices.toSubject(subjectHandle));
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public SubjectHandle toSubjectHandle(Subject subject) {
        return this.securityServices.toSubjectHandle(subject);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public Map getAssertionsEncodingMap() {
        return this.applicationServices.getAssertionsEncodingMap();
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public Map[] getAssertionsEncodingPrecedence() {
        return this.applicationServices.getAssertionsEncodingPrecedence();
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public boolean doesTokenTypeRequireBase64Decoding(String str) {
        return this.applicationServices.doesTokenTypeRequireBase64Decoding(str);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public boolean doesTokenRequireBase64Decoding(Object obj) {
        return this.applicationServices.doesTokenRequireBase64Decoding(obj);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public Filter[] getServletAuthenticationFilters(ServletContext servletContext) throws DeploymentException {
        return this.applicationServices.getServletAuthenticationFilters(servletContext);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public boolean isCompatibilitySecMode() {
        return this.securityServices.isCompatibilitySecMode(this.roleMappingMode);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public boolean isApplicationSecMode() {
        return this.securityServices.isApplicationSecMode(this.roleMappingMode);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public boolean isExternallyDefinedSecMode() {
        return this.securityServices.isExternallyDefinedSecMode(this.roleMappingMode);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public void destroyServletAuthenticationFilters(Filter[] filterArr) {
        this.applicationServices.destroyServletAuthenticationFilters(filterArr);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public boolean isRequestSigned(HttpServletRequest httpServletRequest) {
        return ConnectionSigner.isConnectionSigned(httpServletRequest, true);
    }

    @Override // weblogic.servlet.spi.ApplicationSecurity
    public void deployUncheckedPolicy(Permission permission) throws DeploymentException {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServletSecurityServices getSecurityServices() {
        return this.securityServices;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServletSecurityServices.ApplicationServices getApplicationServices() {
        return this.applicationServices;
    }

    static {
        $assertionsDisabled = !AbstractAppSecurity.class.desiredAssertionStatus();
    }
}
