package com.ibm.ws.security.authentication.internal.jaas;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.authentication.jaas.modules.WSLoginModuleImpl;
import com.ibm.ws.security.authentication.utility.JaasLoginConfigConstants;
import com.ibm.ws.security.jaas.common.JAASConfiguration;
import com.ibm.ws.security.jaas.common.JAASLoginContextEntry;
import com.ibm.ws.security.jaas.common.JAASLoginModuleConfig;
import com.ibm.wsspi.kernel.service.utils.ConcurrentServiceReferenceMap;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.AppConfigurationEntry;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {JAASConfiguration.class}, configurationPolicy = ConfigurationPolicy.IGNORE, property = {"service.vendor=IBM"})
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.authentication.builtin_1.0.13.jar:com/ibm/ws/security/authentication/internal/jaas/JAASConfigurationImpl.class */
public class JAASConfigurationImpl implements JAASConfiguration {
    static final TraceComponent tc = Tr.register(JAASConfigurationImpl.class);
    static final List<String> defaultEntryIds = Collections.unmodifiableList(Arrays.asList(JaasLoginConfigConstants.SYSTEM_UNAUTHENTICATED, JaasLoginConfigConstants.SYSTEM_WEB_INBOUND, JaasLoginConfigConstants.SYSTEM_DEFAULT, JaasLoginConfigConstants.SYSTEM_DESERIALIZE_CONTEXT, JaasLoginConfigConstants.SYSTEM_RMI_INBOUND, JaasLoginConfigConstants.APPLICATION_WSLOGIN));
    public static final Class<WSLoginModuleImpl> WSLOGIN_MODULE_IMPL_CLASS = WSLoginModuleImpl.class;
    private ConcurrentServiceReferenceMap<String, JAASLoginContextEntry> jaasLoginContextEntries;
    static final long serialVersionUID = 2228981568441186307L;

    @Override // com.ibm.ws.security.jaas.common.JAASConfiguration
    public void setJaasLoginContextEntries(ConcurrentServiceReferenceMap<String, JAASLoginContextEntry> concurrentServiceReferenceMap) {
        this.jaasLoginContextEntries = concurrentServiceReferenceMap;
    }

    @Override // com.ibm.ws.security.jaas.common.JAASConfiguration
    public Map<String, List<AppConfigurationEntry>> getEntries() {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        if (this.jaasLoginContextEntries != null) {
            Iterator<JAASLoginContextEntry> services = this.jaasLoginContextEntries.getServices();
            while (services.hasNext()) {
                JAASLoginContextEntry next = services.next();
                String entryName = next.getEntryName();
                List<JAASLoginModuleConfig> loginModules = next.getLoginModules();
                if (JaasLoginConfigConstants.SYSTEM_DEFAULT.equalsIgnoreCase(entryName)) {
                    ensureProxyIsNotSpecifyInSystemDefaultEntry(entryName, loginModules);
                }
                List<AppConfigurationEntry> loginModules2 = getLoginModules(loginModules);
                if (loginModules2 != null && !loginModules2.isEmpty()) {
                    if (hashMap2.containsKey(entryName)) {
                        Tr.warning(tc, "JAAS_LOGIN_CONTEXT_ENTRY_HAS_DUPLICATE_NAME", entryName, (String) hashMap2.get(entryName), next.getId());
                    }
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "configure jaasContextLoginEntry id: " + next.getId(), new Object[0]);
                        Tr.debug(tc, "configure jaasContextLoginEntry: " + entryName + " has " + loginModules2.size() + " loginModule(s)", new Object[0]);
                        Tr.debug(tc, "appConfEntry: " + loginModules2, new Object[0]);
                    }
                    hashMap.put(entryName, loginModules2);
                    hashMap2.put(entryName, next.getId());
                }
            }
        }
        return hashMap;
    }

    private void ensureProxyIsNotSpecifyInSystemDefaultEntry(String str, List<JAASLoginModuleConfig> list) {
        Iterator<JAASLoginModuleConfig> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().getId().equalsIgnoreCase(JAASLoginModuleConfig.PROXY)) {
                Tr.warning(tc, "JAAS_PROXY_IS_NOT_SUPPORT_IN_SYSTEM_DEFAULT", new Object[0]);
                it.remove();
            }
        }
    }

    List<AppConfigurationEntry> getLoginModules(List<JAASLoginModuleConfig> list) {
        ArrayList arrayList = new ArrayList();
        for (JAASLoginModuleConfig jAASLoginModuleConfig : list) {
            if (jAASLoginModuleConfig == null) {
                throw new IllegalStateException("Missing login module: found: " + list);
            }
            arrayList.add(createAppConfigurationEntry(jAASLoginModuleConfig));
        }
        return arrayList;
    }

    AppConfigurationEntry createAppConfigurationEntry(JAASLoginModuleConfig jAASLoginModuleConfig) throws IllegalArgumentException {
        String className = jAASLoginModuleConfig.getClassName();
        AppConfigurationEntry.LoginModuleControlFlag controlFlag = jAASLoginModuleConfig.getControlFlag();
        Map<String, ?> options = jAASLoginModuleConfig.getOptions();
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "loginModuleClassName: " + className + " options: " + options.toString() + " controlFlag: " + controlFlag.toString(), new Object[0]);
        }
        return new AppConfigurationEntry(className, controlFlag, options);
    }
}
