package com.ibm.ws.security.admintask.securityDomain;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.configservice.SystemAttributes;
import com.ibm.websphere.management.exception.InvalidAttributeNameException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.config.AuthMechanismConfig;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import java.util.ArrayList;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/securityDomain/GetRSATokenAuthorization.class */
public class GetRSATokenAuthorization extends AbstractTaskCommand {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register(GetRSATokenAuthorization.class, "GetRolePropAuthorization", "com.ibm.ws.security.admintask.securityDomain");
    Boolean globalSecEnabled;
    Long tokenExpiration;
    Long nonceCacheTimeout;
    String adminCertTrustStore;
    String adminCertTrustStoreScope;
    String adminCertKeyStore;
    String adminCertKeyStoreScope;
    String adminCertAlias;
    ObjectName trustStoreObj;
    ObjectName keyStoreObj;
    ObjectName certObj;

    public GetRSATokenAuthorization(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.globalSecEnabled = new Boolean(false);
        this.tokenExpiration = null;
        this.nonceCacheTimeout = null;
        this.adminCertTrustStore = null;
        this.adminCertTrustStoreScope = null;
        this.adminCertKeyStore = null;
        this.adminCertKeyStoreScope = null;
        this.adminCertAlias = null;
        this.trustStoreObj = null;
        this.keyStoreObj = null;
        this.certObj = null;
    }

    public GetRSATokenAuthorization(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.globalSecEnabled = new Boolean(false);
        this.tokenExpiration = null;
        this.nonceCacheTimeout = null;
        this.adminCertTrustStore = null;
        this.adminCertTrustStoreScope = null;
        this.adminCertKeyStore = null;
        this.adminCertKeyStoreScope = null;
        this.adminCertAlias = null;
        this.trustStoreObj = null;
        this.keyStoreObj = null;
        this.certObj = null;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isDebugEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        AttributeList attributeList = new AttributeList();
        try {
            try {
                ConfigService configService = getConfigService();
                Session configSession = getConfigSession();
                ObjectName rolePropObj = getRolePropObj(configSession, configService, configService.resolve(configSession, "Cell=:Security=")[0]);
                if (rolePropObj == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.rsaTokenNotPresent.SECJ7751E", null));
                }
                String str = (String) configService.getAttribute(configSession, rolePropObj, AuthMechanismConfig.OID);
                if (str != null) {
                    attributeList.add(new Attribute(AuthMechanismConfig.OID, str));
                }
                String str2 = (String) configService.getAttribute(configSession, rolePropObj, AuthMechanismConfig.AUTH_CONTEXT_IMPL_CLASS);
                if (str2 != null) {
                    attributeList.add(new Attribute(AuthMechanismConfig.AUTH_CONTEXT_IMPL_CLASS, str2));
                }
                String str3 = (String) configService.getAttribute(configSession, rolePropObj, AuthMechanismConfig.AUTH_CONFIG);
                if (str3 != null) {
                    attributeList.add(new Attribute(AuthMechanismConfig.AUTH_CONFIG, str3));
                }
                String str4 = (String) configService.getAttribute(configSession, rolePropObj, AuthMechanismConfig.SIMPLE_AUTH_CONFIG);
                if (str4 != null) {
                    attributeList.add(new Attribute(AuthMechanismConfig.SIMPLE_AUTH_CONFIG, str4));
                }
                String str5 = (String) configService.getAttribute(configSession, rolePropObj, AuthMechanismConfig.AUTH_VALIDATION_CONFIG);
                if (str5 != null) {
                    attributeList.add(new Attribute(AuthMechanismConfig.AUTH_VALIDATION_CONFIG, str5));
                }
                this.tokenExpiration = (Long) configService.getAttribute(configSession, rolePropObj, "tokenExpiration");
                if (this.tokenExpiration != null) {
                    this.tokenExpiration = Long.valueOf(this.tokenExpiration.longValue() / 60);
                    attributeList.add(new Attribute("tokenExpiration", this.tokenExpiration));
                }
                this.nonceCacheTimeout = (Long) configService.getAttribute(configSession, rolePropObj, "nonceCacheTimeout");
                if (this.nonceCacheTimeout != null) {
                    this.nonceCacheTimeout = Long.valueOf(this.nonceCacheTimeout.longValue() / 60);
                    attributeList.add(new Attribute("nonceCacheTimeout", this.nonceCacheTimeout));
                }
                this.trustStoreObj = (ObjectName) configService.getAttribute(configSession, rolePropObj, "adminCertificateTrustStore");
                if (this.trustStoreObj != null) {
                    this.adminCertTrustStore = (String) configService.getAttribute(configSession, this.trustStoreObj, "name");
                    if (this.adminCertTrustStore != null) {
                        attributeList.add(new Attribute("adminCertTrustStore", this.adminCertTrustStore));
                    }
                    this.adminCertTrustStoreScope = (String) configService.getAttribute(configSession, (ObjectName) configService.getAttribute(configSession, this.trustStoreObj, "managementScope"), "scopeName");
                    if (this.adminCertTrustStoreScope != null) {
                        attributeList.add(new Attribute("adminCertTrustStoreScope", this.adminCertTrustStoreScope));
                    }
                }
                this.certObj = (ObjectName) configService.getAttribute(configSession, rolePropObj, "adminCertificate");
                if (this.certObj != null) {
                    this.keyStoreObj = (ObjectName) configService.getAttribute(configSession, this.certObj, "keyStore");
                    this.adminCertKeyStore = (String) configService.getAttribute(configSession, this.keyStoreObj, "name");
                    if (this.adminCertKeyStore != null) {
                        attributeList.add(new Attribute("adminCertKeyStore", this.adminCertKeyStore));
                    }
                    this.adminCertKeyStoreScope = (String) configService.getAttribute(configSession, (ObjectName) configService.getAttribute(configSession, this.keyStoreObj, "managementScope"), "scopeName");
                    if (this.adminCertKeyStoreScope != null) {
                        attributeList.add(new Attribute("adminCertKeyStoreScope", this.adminCertKeyStoreScope));
                    }
                    this.adminCertAlias = (String) configService.getAttribute(configSession, this.certObj, "alias");
                    if (this.adminCertAlias != null) {
                        attributeList.add(new Attribute("adminCertAlias", this.adminCertAlias));
                    }
                }
                taskCommandResultImpl.setResult(attributeList);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.GetRolePropAuthorization", "187");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                taskCommandResultImpl.setException(new CommandValidationException(e, e.getMessage()));
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
            throw th;
        }
    }

    public static ObjectName getRolePropObj(Session session, ConfigService configService, ObjectName objectName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRolePropObj");
        }
        ObjectName objectName2 = null;
        try {
            ArrayList arrayList = (ArrayList) configService.getAttribute(session, objectName, "authMechanisms");
            if (arrayList != null) {
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList = (AttributeList) arrayList.get(i);
                    if (ConfigServiceHelper.getAttributeValue(attributeList, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE).toString().equals("RSAToken")) {
                        ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName(attributeList), null);
                        if (queryConfigObjects[0] != null) {
                            objectName2 = queryConfigObjects[0];
                        }
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getRolePropObj");
            }
            return objectName2;
        } catch (InvalidAttributeNameException e) {
            return objectName2;
        }
    }
}
