package com.ibm.ws.ssl.config;

import com.ibm.ejs.ras.RasHelper;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.management.authorizer.AdminAuthzConstants;
import com.ibm.ws.security.config.SecurityConfigObject;
import com.ibm.ws.security.config.SecurityConfigObjectList;
import com.ibm.ws.security.config.SecurityObjectLocator;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/* loaded from: input_file:wasJars/crypto.jar:com/ibm/ws/ssl/config/ManagementScopeManager.class */
public class ManagementScopeManager {
    private static final TraceComponent tc = Tr.register((Class<?>) ManagementScopeManager.class, "SSL", "com.ibm.ws.ssl.resources.ssl");
    private static ManagementScopeManager thisClass = null;
    private static ManagementScopeManager clientClass = null;
    private static HashMap scopeMapSM = new HashMap();
    private HashMap inboundEndPointAliasMap = new HashMap();
    private HashMap outboundEndPointAliasMap = new HashMap();
    private String inboundProcessAlias = null;
    private String outboundProcessAlias = null;
    private String inboundNodeAlias = null;
    private String outboundNodeAlias = null;
    private HashMap inboundNodeGroupAliasMap = new HashMap();
    private HashMap outboundNodeGroupAliasMap = new HashMap();
    private String inboundClusterAlias = null;
    private String outboundClusterAlias = null;
    private String inboundCellAlias = null;
    private String outboundCellAlias = null;
    private String inboundEffectiveProcessAlias = null;
    private String inboundEffectiveProcessScope = null;
    private String outboundEffectiveProcessAlias = null;
    private String outboundEffectiveProcessScope = null;
    private String adminDataScope;
    public static final int MSM_SCOPE_FORMAT_CLASSIC = 1;
    public static final int MSM_SCOPE_FORMAT_SM = 2;

    private ManagementScopeManager() {
        this.adminDataScope = "Security";
        if (!RasHelper.isServer()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ctor - not on a server, using null scope ");
            }
            this.adminDataScope = null;
        } else if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ctor - on server in admin agent, using null scope ");
            }
            this.adminDataScope = null;
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "ctor - on server, not admin agent, using 'Security' scope ");
        }
        SecurityObjectLocator.getAdminData(this.adminDataScope);
    }

    public static synchronized ManagementScopeManager getInstance() {
        if (thisClass == null) {
            thisClass = new ManagementScopeManager();
        }
        return thisClass;
    }

    public String getProcessType() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getProcessType();
    }

    public String getProcessName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getProcessName();
    }

    public String getServerType() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getServerType();
    }

    public String getNodeName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getNodeName();
    }

    public String getCellName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getCellName();
    }

    public String getJvmType() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getJvmType();
    }

    public String getClusterName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getClusterName();
    }

    public String[] getFullScopeNames() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getCurrentScopeNames();
    }

    public String[] getNodeGroupScopeNames() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getCurrentNodeGroupScopeNames();
    }

    public String getClusterScopeName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getCurrentClusterScopeName();
    }

    public String getProcessScopeName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getCurrentProcessScopeName();
    }

    public String getNodeScopeName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getCurrentNodeScopeName();
    }

    public String getCellScopeName() {
        return SecurityObjectLocator.getAdminData(this.adminDataScope).getCurrentCellScopeName();
    }

    public boolean currentScopeContained(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "currentScopeContained", new Object[]{str});
        }
        return currentScopeContained(str, 1);
    }

    public boolean currentScopeContained(String str, int i) {
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "currentScopeContained", new Object[]{str, Integer.valueOf(i)});
        }
        if (str == null) {
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "currentScopeContained: cannot compare scopes if one or both are null.");
            return false;
        }
        if (i == 1) {
            str2 = str;
        } else {
            if (i != 2) {
                if (!tc.isEntryEnabled()) {
                    return false;
                }
                Tr.exit(tc, "currentScopeContained: invalid scope format.");
                return false;
            }
            str2 = (String) scopeMapSM.get(str);
            if (str2 == null) {
                str2 = convertSMScopeToClassic(str);
                scopeMapSM.put(str, str2);
            }
        }
        ManagementScopeData managementScopeData = new ManagementScopeData(str2);
        String scopeType = managementScopeData.getScopeType();
        for (String str3 : getFullScopeNames()) {
            if (str3.equals("client")) {
                if (!tc.isEntryEnabled()) {
                    return true;
                }
                Tr.exit(tc, "currentScopeContained: current scope is client, returning true.");
                return true;
            }
            if (str3.equals(str)) {
                if (!tc.isEntryEnabled()) {
                    return true;
                }
                Tr.exit(tc, "currentScopeContained: scopes are equal, returning true.");
                return true;
            }
            if (managementScopeData != null) {
                if (scopeType.equals("endpoint") || scopeType.equals("server")) {
                    String formProcessScope = managementScopeData.formProcessScope();
                    String processScopeName = getProcessScopeName();
                    if (formProcessScope == null || processScopeName == null || !formProcessScope.equals(processScopeName)) {
                        if (!tc.isEntryEnabled()) {
                            return false;
                        }
                        Tr.exit(tc, "!currentScopeContained: server scopes do not match.");
                        return false;
                    }
                    if (!tc.isEntryEnabled()) {
                        return true;
                    }
                    Tr.exit(tc, "currentScopeContained: server scopes match.");
                    return true;
                }
                if (scopeType.equalsIgnoreCase("cluster") || scopeType.equalsIgnoreCase("servercluster")) {
                    String formClusterScope = managementScopeData.formClusterScope();
                    String clusterScopeName = getClusterScopeName();
                    if (formClusterScope == null || clusterScopeName == null || !formClusterScope.equals(clusterScopeName)) {
                        if (!tc.isEntryEnabled()) {
                            return false;
                        }
                        Tr.exit(tc, "!currentScopeContained: cluster scopes do not match.");
                        return false;
                    }
                    if (!tc.isEntryEnabled()) {
                        return true;
                    }
                    Tr.exit(tc, "currentScopeContained: cluster scopes match.");
                    return true;
                }
                if (scopeType.equals("node")) {
                    String formNodeScope = managementScopeData.formNodeScope();
                    String nodeScopeName = getNodeScopeName();
                    if (formNodeScope == null || nodeScopeName == null || !formNodeScope.equals(nodeScopeName)) {
                        if (!tc.isEntryEnabled()) {
                            return false;
                        }
                        Tr.exit(tc, "!currentScopeContained: node scopes do not match.");
                        return false;
                    }
                    if (!tc.isEntryEnabled()) {
                        return true;
                    }
                    Tr.exit(tc, "currentScopeContained: node scopes match.");
                    return true;
                }
                if (scopeType.equals("nodegroup")) {
                    String formNodeGroupScope = managementScopeData.formNodeGroupScope();
                    String[] nodeGroupScopeNames = getNodeGroupScopeNames();
                    if (formNodeGroupScope != null) {
                        for (String str4 : nodeGroupScopeNames) {
                            if (formNodeGroupScope.equals(str4)) {
                                if (!tc.isEntryEnabled()) {
                                    return true;
                                }
                                Tr.exit(tc, "currentScopeContained: nodegroup scopes match.");
                                return true;
                            }
                        }
                    }
                    if (!tc.isEntryEnabled()) {
                        return false;
                    }
                    Tr.exit(tc, "!currentScopeContained: nodegroup scopes do not match.");
                    return false;
                }
                if (!scopeType.equals("cell")) {
                    if (!tc.isEntryEnabled()) {
                        return false;
                    }
                    Tr.exit(tc, "!currentScopeContained: scopes do not match.");
                    return false;
                }
                String formCellScope = managementScopeData.formCellScope();
                String cellScopeName = getCellScopeName();
                if (formCellScope == null || cellScopeName == null || !formCellScope.equals(cellScopeName)) {
                    if (!tc.isEntryEnabled()) {
                        return false;
                    }
                    Tr.exit(tc, "!currentScopeContained: cell scopes do not match.");
                    return false;
                }
                if (!tc.isEntryEnabled()) {
                    return true;
                }
                Tr.exit(tc, "currentScopeContained: cell scopes match.");
                return true;
            }
        }
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "currentScopeContained: CurrentScopeNames is null.");
        return false;
    }

    private String convertSMScopeToClassic(String str) {
        boolean z;
        String str2 = null;
        String[] split = str.split("/");
        boolean z2 = true;
        for (int i = 0; i < split.length; i++) {
            if (z2) {
                if (split[i].equals(AdminAuthzConstants.CELL_RES)) {
                    str2 = "(cell):";
                } else if (split[i].equals("nodes")) {
                    str2 = str2 + ":(node):";
                } else if (split[i].equals("servers")) {
                    str2 = str2 + ":(server):";
                } else if (split[i].equals("clusters")) {
                    str2 = str2 + ":(cluster):";
                } else if (split[i].equals(AdminAuthzConstants.NODEGROUP_RES)) {
                    str2 = str2 + ":(nodegroup):";
                }
                z = false;
            } else {
                str2 = str2 + split[i];
                z = true;
            }
            z2 = z;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "convertSMScopeToClassic", new Object[]{str2});
        }
        return str2;
    }

    public void loadSSLConfigGroups(SecurityConfigObject securityConfigObject, boolean z) {
        String cellScopeName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadSSLConfigGroups");
        }
        SecurityConfigObjectList objectList = securityConfigObject.getObjectList("sslConfigGroups");
        if (objectList != null) {
            for (int i = 0; i < objectList.size(); i++) {
                SecurityConfigObject securityConfigObject2 = objectList.get(i);
                if (securityConfigObject2 != null) {
                    SecurityConfigObject object = securityConfigObject2.getObject("managementScope");
                    if (object != null) {
                        try {
                            cellScopeName = object.getString("scopeName");
                        } catch (Exception e) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "an exception is caught, cell scope is used", new Object[]{e});
                            }
                            cellScopeName = getInstance().getCellScopeName();
                        }
                    } else {
                        cellScopeName = getInstance().getCellScopeName();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "scope name is null, cell scope is used");
                        }
                    }
                    if (currentScopeContained(cellScopeName)) {
                        ManagementScopeData managementScopeData = new ManagementScopeData(cellScopeName);
                        String string = securityConfigObject2.getString("direction");
                        String string2 = securityConfigObject2.getString("certificateAlias");
                        SecurityConfigObject object2 = securityConfigObject2.getObject("sslConfig");
                        String str = null;
                        if (object2 != null) {
                            try {
                                str = object2.getString("alias");
                            } catch (Exception e2) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "an exception is caught while getting alias name", new Object[]{e2});
                                }
                            }
                        }
                        if (str != null) {
                            String str2 = (string2 == null || string2.length() <= 0) ? str : str + "," + string2;
                            if (managementScopeData != null) {
                                if (managementScopeData.getScopeType().equals("endpoint")) {
                                    if (string.equals("inbound")) {
                                        this.inboundEndPointAliasMap.put(cellScopeName, str2);
                                    } else {
                                        this.outboundEndPointAliasMap.put(cellScopeName, str2);
                                    }
                                } else if (managementScopeData.getScopeType().equals("server")) {
                                    if (string.equals("inbound")) {
                                        this.inboundProcessAlias = str2;
                                    } else {
                                        this.outboundProcessAlias = str2;
                                    }
                                } else if (managementScopeData.getScopeType().equals("cluster")) {
                                    if (string.equals("inbound")) {
                                        this.inboundClusterAlias = str2;
                                    } else {
                                        this.outboundClusterAlias = str2;
                                    }
                                } else if (managementScopeData.getScopeType().equals("node")) {
                                    if (string.equals("inbound")) {
                                        this.inboundNodeAlias = str2;
                                    } else {
                                        this.outboundNodeAlias = str2;
                                    }
                                } else if (managementScopeData.getScopeType().equals("nodegroup")) {
                                    if (string.equals("inbound")) {
                                        this.inboundNodeGroupAliasMap.put(cellScopeName, str2);
                                    } else {
                                        this.outboundNodeGroupAliasMap.put(cellScopeName, str2);
                                    }
                                } else if (managementScopeData.getScopeType().equals("cell")) {
                                    if (string.equals("inbound")) {
                                        this.inboundCellAlias = str2;
                                    } else {
                                        this.outboundCellAlias = str2;
                                    }
                                } else if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Scope data with the following information is not a known scope type: " + managementScopeData);
                                }
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "alias attribute isn't found in SSLConfigGroup \"" + securityConfigObject2.getString("name") + "\"");
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "SSLConfigGroup \"" + securityConfigObject2.getString("name") + "\" with scope \"" + cellScopeName + "\" is not in the current process scope.");
                    }
                }
            }
            if (this.inboundProcessAlias != null) {
                this.inboundEffectiveProcessAlias = this.inboundProcessAlias;
                this.inboundEffectiveProcessScope = "server";
            } else if (this.inboundClusterAlias != null) {
                this.inboundEffectiveProcessAlias = this.inboundClusterAlias;
                this.inboundEffectiveProcessScope = "cluster";
            } else if (this.inboundNodeAlias != null) {
                this.inboundEffectiveProcessAlias = this.inboundNodeAlias;
                this.inboundEffectiveProcessScope = "node";
            } else if (this.inboundNodeGroupAliasMap != null && this.inboundNodeGroupAliasMap.size() > 0) {
                Iterator it = this.inboundNodeGroupAliasMap.entrySet().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Map.Entry entry = (Map.Entry) it.next();
                    if (entry != null) {
                        this.inboundEffectiveProcessAlias = (String) entry.getValue();
                        this.inboundEffectiveProcessScope = "nodegroup";
                        break;
                    }
                }
            } else if (this.inboundCellAlias != null) {
                this.inboundEffectiveProcessAlias = this.inboundCellAlias;
                this.inboundEffectiveProcessScope = "cell";
            } else {
                SSLConfig defaultSSLConfig = SSLConfigManager.getInstance().getDefaultSSLConfig();
                if (defaultSSLConfig != null) {
                    String property = defaultSSLConfig.getProperty("com.ibm.ssl.alias");
                    String property2 = defaultSSLConfig.getProperty("com.ibm.ssl.keyStoreServerAlias");
                    if (property2 == null || property2.equals("")) {
                        this.inboundCellAlias = property;
                    } else {
                        this.inboundCellAlias = property + "," + property2;
                    }
                }
                this.inboundEffectiveProcessAlias = this.inboundCellAlias;
                this.inboundEffectiveProcessScope = "cell";
            }
            if (this.outboundProcessAlias != null) {
                this.outboundEffectiveProcessAlias = this.outboundProcessAlias;
                this.outboundEffectiveProcessScope = "server";
            } else if (this.outboundClusterAlias != null) {
                this.outboundEffectiveProcessAlias = this.outboundClusterAlias;
                this.outboundEffectiveProcessScope = "cluster";
            } else if (this.outboundNodeAlias != null) {
                this.outboundEffectiveProcessAlias = this.outboundNodeAlias;
                this.outboundEffectiveProcessScope = "node";
            } else if (this.outboundNodeGroupAliasMap != null && this.outboundNodeGroupAliasMap.size() > 0) {
                Iterator it2 = this.outboundNodeGroupAliasMap.entrySet().iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    Map.Entry entry2 = (Map.Entry) it2.next();
                    if (entry2 != null) {
                        this.outboundEffectiveProcessAlias = (String) entry2.getValue();
                        this.outboundEffectiveProcessScope = "nodegroup";
                        break;
                    }
                }
            } else if (this.outboundCellAlias != null) {
                this.outboundEffectiveProcessAlias = this.outboundCellAlias;
                this.outboundEffectiveProcessScope = "cell";
            } else {
                SSLConfig defaultSSLConfig2 = SSLConfigManager.getInstance().getDefaultSSLConfig();
                if (defaultSSLConfig2 != null) {
                    String property3 = defaultSSLConfig2.getProperty("com.ibm.ssl.alias");
                    String property4 = defaultSSLConfig2.getProperty("com.ibm.ssl.keyStoreClientAlias");
                    if (property4 == null || property4.equals("")) {
                        this.outboundCellAlias = property3;
                    } else {
                        this.outboundCellAlias = property3 + "," + property4;
                    }
                }
                this.outboundEffectiveProcessAlias = this.outboundCellAlias;
                this.outboundEffectiveProcessScope = "cell";
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Effective inbound group alias is \"" + this.inboundEffectiveProcessAlias + "\" from scope \"" + this.inboundEffectiveProcessScope + "\".");
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Effective outbound group alias is \"" + this.outboundEffectiveProcessAlias + "\" from scope \"" + this.outboundEffectiveProcessScope + "\".");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "loadSSLConfigGroups");
        }
    }

    public String getConfigAndCertAliasesFromGroups(Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConfigAndCertAliasesFromGroups", new Object[]{map});
        }
        if (map == null || map.size() == 0) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getConfigAndCertAliasesFromGroups (found from outbound scope without connection info) -> " + this.outboundEffectiveProcessAlias);
            }
            return this.outboundEffectiveProcessAlias;
        }
        String str = (String) map.get("com.ibm.ssl.direction");
        String str2 = null;
        if (map != null) {
            str2 = (String) map.get("com.ibm.ssl.endPointName");
        }
        String str3 = getProcessScopeName() + ":(endpoint):" + str2;
        if (str.equals("inbound")) {
            String str4 = (String) this.inboundEndPointAliasMap.get(str3);
            if (str4 != null) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getConfigAndCertAliasesFromGroups (found from inbound endpoint) -> " + str4);
                }
                return str4;
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getConfigAndCertAliasesFromGroups (found from inbound scope) -> " + this.inboundEffectiveProcessAlias);
            }
            return this.inboundEffectiveProcessAlias;
        }
        String str5 = (String) this.outboundEndPointAliasMap.get(str3);
        if (str5 != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getConfigAndCertAliasesFromGroups (found from outbound endpoint) -> " + str5);
            }
            return str5;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getConfigAndCertAliasesFromGroups (found from outbound scope) -> " + this.outboundEffectiveProcessAlias);
        }
        return this.outboundEffectiveProcessAlias;
    }

    public static boolean isInitialized() {
        boolean z = thisClass != null;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isInitialized " + z);
        }
        return z;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("*** INBOUND ***\n");
        stringBuffer.append("\nCell Alias: ");
        stringBuffer.append(this.inboundCellAlias);
        stringBuffer.append("\nNodeGroup Alias(es): ");
        stringBuffer.append(this.inboundNodeGroupAliasMap);
        stringBuffer.append("\nNode Alias: ");
        stringBuffer.append(this.inboundNodeAlias);
        stringBuffer.append("\nServer Alias: ");
        stringBuffer.append(this.inboundProcessAlias);
        stringBuffer.append("\nCluster Alias: ");
        stringBuffer.append(this.inboundClusterAlias);
        stringBuffer.append("\nEndPoint Alias(es): ");
        stringBuffer.append(this.inboundEndPointAliasMap);
        stringBuffer.append("\nEffective Process Alias: ");
        stringBuffer.append(this.inboundEffectiveProcessAlias);
        stringBuffer.append("\nEffective Process Scope: ");
        stringBuffer.append(this.inboundEffectiveProcessScope);
        stringBuffer.append("\n\n*** OUTBOUND ***\n");
        stringBuffer.append("\nCell Alias: ");
        stringBuffer.append(this.outboundCellAlias);
        stringBuffer.append("\nNodeGroup Alias(es): ");
        stringBuffer.append(this.outboundNodeGroupAliasMap);
        stringBuffer.append("\nNode Alias: ");
        stringBuffer.append(this.outboundNodeAlias);
        stringBuffer.append("\nServer Alias: ");
        stringBuffer.append(this.outboundProcessAlias);
        stringBuffer.append("\nCluster Alias: ");
        stringBuffer.append(this.outboundClusterAlias);
        stringBuffer.append("\nEndPoint Alias(es): ");
        stringBuffer.append(this.outboundEndPointAliasMap);
        stringBuffer.append("\nEffective Process Alias: ");
        stringBuffer.append(this.outboundEffectiveProcessAlias);
        stringBuffer.append("\nEffective Process Scope: ");
        stringBuffer.append(this.outboundEffectiveProcessScope);
        return stringBuffer.toString();
    }
}
