package org.jacorb.security.level2;

import java.lang.reflect.Constructor;
import java.util.Hashtable;
import java.util.List;
import java.util.StringTokenizer;
import java.util.Vector;
import org.apache.avalon.framework.configuration.Configurable;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.logger.Logger;
import org.jacorb.config.Configuration;
import org.jacorb.util.ObjectUtil;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.ORB;
import org.omg.CORBA.Object;
import org.omg.CORBA.Policy;
import org.omg.Security.AttributeType;
import org.omg.Security.AuthenticationStatus;
import org.omg.Security.CredentialType;
import org.omg.Security.ExtensibleFamily;
import org.omg.Security.MechandOptions;
import org.omg.Security.QOP;
import org.omg.Security.SecAttribute;
import org.omg.Security.SecurityFeature;
import org.omg.Security.SecurityMechanismData;
import org.omg.SecurityLevel2.AccessDecision;
import org.omg.SecurityLevel2.AuditDecision;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.CredentialsHolder;
import org.omg.SecurityLevel2.Current;
import org.omg.SecurityLevel2.DelegationMode;
import org.omg.SecurityLevel2.InvocationCredentialsPolicy;
import org.omg.SecurityLevel2.MechanismPolicy;
import org.omg.SecurityLevel2.PrincipalAuthenticator;
import org.omg.SecurityLevel2.QOPPolicy;
import org.omg.SecurityLevel2.ReceivedCredentials;
import org.omg.SecurityLevel2.RequiredRights;

/* loaded from: input_file:WEB-INF/lib/jacorb-2.2.3-jonas-patch-20071018.jar:org/jacorb/security/level2/CurrentImpl.class */
public class CurrentImpl extends LocalObject implements Current, Configurable {
    private CredentialsImpl[] own_credentials;
    private PrincipalAuthenticator principalAuthenticator;
    private Hashtable policies;
    private SecAttributeManager attrib_mgr;
    private Hashtable ts_credentials;
    private Hashtable ts_received_credentials;
    private ORB orb;
    private Logger logger;
    private Configuration configuration;
    static Class class$org$omg$CORBA$ORB;
    private AccessDecision access_decision = null;
    private String defaultSecurityName = null;
    private String defaultPassword = null;
    private List authenticators = new Vector();

    public CurrentImpl(ORB orb) {
        this.policies = null;
        this.attrib_mgr = null;
        this.ts_credentials = null;
        this.ts_received_credentials = null;
        this.orb = null;
        this.orb = orb;
        this.attrib_mgr = SecAttributeManager.getInstance();
        this.ts_credentials = new Hashtable();
        this.ts_received_credentials = new Hashtable();
        this.policies = new Hashtable();
    }

    @Override // org.apache.avalon.framework.configuration.Configurable
    public void configure(org.apache.avalon.framework.configuration.Configuration configuration) throws ConfigurationException {
        this.configuration = (Configuration) configuration;
        this.logger = this.configuration.getNamedLogger("jacorb.security.current");
        this.defaultSecurityName = this.configuration.getAttribute("jacorb.security.default_user", "");
        this.defaultPassword = this.configuration.getAttribute("jacorb.security.default_password", "");
        String attribute = this.configuration.getAttribute("jacorb.security.access_decision", null);
        if (attribute != null) {
            try {
                this.access_decision = (AccessDecision) ObjectUtil.classForName(attribute).newInstance();
            } catch (Exception e) {
                if (this.logger.isWarnEnabled()) {
                    this.logger.warn(new StringBuffer().append("Class ").append(attribute).append(" not found! Please check property \"jacorb.security.access_decision\"").toString());
                }
                this.access_decision = new AccessDecisionImpl();
            }
        } else {
            this.access_decision = new AccessDecisionImpl();
        }
        String attribute2 = this.configuration.getAttribute("jacorb.security.principal_authenticator", null);
        if (attribute2 != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(attribute2, ",");
            while (stringTokenizer.hasMoreTokens()) {
                PrincipalAuthenticator createAuthenticator = createAuthenticator(stringTokenizer.nextToken());
                if (createAuthenticator != null) {
                    this.authenticators.add(createAuthenticator);
                }
            }
        }
    }

    public void init() {
        authenticate();
    }

    public Logger getLogger() {
        return this.logger;
    }

    private PrincipalAuthenticator createAuthenticator(String str) {
        Class cls;
        try {
            Class classForName = ObjectUtil.classForName(str);
            Constructor<?>[] constructors = classForName.getConstructors();
            if (constructors.length != 1) {
                if (!this.logger.isErrorEnabled()) {
                    return null;
                }
                this.logger.error(new StringBuffer().append("PrincAuth ").append(str).append(" must have exactly one constructor that takes either no args or org.omg.CORBA.ORB").toString());
                return null;
            }
            Class<?>[] parameterTypes = constructors[0].getParameterTypes();
            if (parameterTypes.length == 0) {
                PrincipalAuthenticator principalAuthenticator = (PrincipalAuthenticator) classForName.newInstance();
                ((Configurable) principalAuthenticator).configure(this.configuration);
                return principalAuthenticator;
            }
            if (parameterTypes.length == 1) {
                Class<?> cls2 = parameterTypes[0];
                if (class$org$omg$CORBA$ORB == null) {
                    cls = class$("org.omg.CORBA.ORB");
                    class$org$omg$CORBA$ORB = cls;
                } else {
                    cls = class$org$omg$CORBA$ORB;
                }
                if (cls2.equals(cls)) {
                    return (PrincipalAuthenticator) constructors[0].newInstance(this.orb);
                }
                if (this.logger.isErrorEnabled()) {
                    this.logger.error(new StringBuffer().append("PrincAuth ").append(str).append("'s constructor has an arg of type ").append(parameterTypes[0].getName()).append(" but it must have an arg of type org.omg.CORBA.ORB").toString());
                }
            } else if (this.logger.isErrorEnabled()) {
                this.logger.error(new StringBuffer().append("PrincAuth ").append(str).append(" must have exactly one constructor that takes either no arg or one arg of type org.omg.CORBA.ORB").toString());
            }
            return null;
        } catch (Exception e) {
            if (!this.logger.isWarnEnabled()) {
                return null;
            }
            this.logger.warn(new StringBuffer().append("Exception ").append(e.getMessage()).append(" in CurrentImpl").toString());
            return null;
        }
    }

    private void authenticate() {
        if (this.authenticators.size() == 0) {
            if (this.logger.isWarnEnabled()) {
                this.logger.warn("No PrincipalAuthenticator set. Will not authenticate!");
            }
            this.own_credentials = new CredentialsImpl[0];
            return;
        }
        this.principalAuthenticator = (PrincipalAuthenticator) this.authenticators.get(0);
        byte[] bytes = this.defaultPassword == null ? null : this.defaultPassword.getBytes();
        Vector vector = new Vector();
        for (int i = 0; i < this.authenticators.size(); i++) {
            PrincipalAuthenticator principalAuthenticator = (PrincipalAuthenticator) this.authenticators.get(i);
            CredentialsHolder credentialsHolder = new CredentialsHolder();
            if (principalAuthenticator.authenticate(0, null, this.defaultSecurityName, bytes, null, credentialsHolder, null, null) == AuthenticationStatus.SecAuthSuccess) {
                vector.add((CredentialsImpl) credentialsHolder.value);
                this.own_credentials = new CredentialsImpl[vector.size()];
                vector.copyInto(this.own_credentials);
                if (this.logger.isInfoEnabled()) {
                    this.logger.info(new StringBuffer().append("PrincAuth ").append(i).append(": AuthenticationStatus.SecAuthSuccess").toString());
                }
            } else if (this.logger.isInfoEnabled()) {
                this.logger.info(new StringBuffer().append("PrincAuth ").append(i).append(": AuthenticationStatus.SecAuthFailure").toString());
            }
        }
    }

    @Override // org.omg.SecurityLevel1.CurrentOperations
    public SecAttribute[] get_attributes(AttributeType[] attributeTypeArr) {
        CredentialsImpl[] tSCredentials = getTSCredentials();
        return (tSCredentials == null || tSCredentials.length <= 0) ? (this.own_credentials == null || this.own_credentials.length <= 0) ? new SecAttribute[0] : this.own_credentials[0].get_attributes(attributeTypeArr) : tSCredentials[0].get_attributes(attributeTypeArr);
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public ReceivedCredentials received_credentials() {
        return (ReceivedCredentials) this.ts_received_credentials.get(Thread.currentThread());
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public void set_credentials(CredentialType credentialType, Credentials[] credentialsArr, DelegationMode delegationMode) {
        this.ts_credentials.put(Thread.currentThread(), credentialsArr);
    }

    public void set_received_credentials(ReceivedCredentials receivedCredentials) {
        this.ts_received_credentials.put(Thread.currentThread(), receivedCredentials);
    }

    public void remove_received_credentials() {
        this.ts_received_credentials.remove(Thread.currentThread());
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public Credentials[] get_credentials(CredentialType credentialType) {
        CredentialsImpl[] tSCredentials = getTSCredentials();
        if (tSCredentials == null) {
            tSCredentials = this.own_credentials;
        }
        Vector vector = new Vector();
        for (int i = 0; i < tSCredentials.length; i++) {
            if (credentialType.value() == tSCredentials[i].credentials_type().value()) {
                vector.addElement(tSCredentials[i]);
            }
        }
        Credentials[] credentialsArr = new Credentials[vector.size()];
        for (int i2 = 0; i2 < credentialsArr.length; i2++) {
            credentialsArr[i2] = (Credentials) vector.elementAt(i2);
        }
        return credentialsArr;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public Credentials[] own_credentials() {
        return this.own_credentials;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public void remove_own_credentials(Credentials credentials) {
        boolean z = false;
        Vector vector = new Vector();
        for (int i = 0; i < this.own_credentials.length; i++) {
            if (credentials == this.own_credentials[i]) {
                z = true;
            } else {
                vector.addElement(this.own_credentials[i]);
            }
        }
        if (!z) {
            throw new BAD_PARAM();
        }
        this.own_credentials = new CredentialsImpl[vector.size()];
        for (int i2 = 0; i2 < vector.size(); i2++) {
            this.own_credentials[i2] = (CredentialsImpl) vector.elementAt(i2);
        }
    }

    public SecurityFeature[] received_security_features() {
        return null;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public Policy get_policy(int i) {
        return (Policy) this.policies.get(new Integer(i));
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public MechandOptions[] supported_mechanisms() {
        return null;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public SecurityMechanismData[] get_security_mechanisms(Object object) {
        return null;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public RequiredRights required_rights_object() {
        return null;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public PrincipalAuthenticator principal_authenticator() {
        return this.principalAuthenticator;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public AccessDecision access_decision() {
        return this.access_decision;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public AuditDecision audit_decision() {
        return null;
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public QOPPolicy create_qop_policy(QOP qop) {
        return new QOPPolicyImpl(qop);
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public MechanismPolicy create_mechanism_policy(String[] strArr) {
        return new MechanismPolicyImpl(strArr);
    }

    @Override // org.omg.SecurityLevel2.CurrentOperations
    public InvocationCredentialsPolicy create_invoc_creds_policy(Credentials[] credentialsArr) {
        return new InvocationCredentialsPolicyImpl(credentialsArr);
    }

    private CredentialsImpl[] getTSCredentials() {
        return (CredentialsImpl[]) this.ts_credentials.get(Thread.currentThread());
    }

    public KeyAndCert[] getSSLCredentials() {
        if (this.own_credentials == null || this.own_credentials.length == 0) {
            return new KeyAndCert[0];
        }
        SecAttribute[] secAttributeArr = this.own_credentials[0].get_attributes(new AttributeType[]{new AttributeType(new ExtensibleFamily((short) 0, (short) 1), 2), new AttributeType(new ExtensibleFamily((short) 0, (short) 1), 5)});
        KeyAndCert[] keyAndCertArr = new KeyAndCert[secAttributeArr.length];
        for (int i = 0; i < keyAndCertArr.length; i++) {
            keyAndCertArr[i] = this.attrib_mgr.getAttributeCertValue(secAttributeArr[i]);
        }
        return keyAndCertArr;
    }

    public void close() {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Closing Current");
        }
        this.principalAuthenticator = null;
        this.policies.clear();
        this.ts_credentials.clear();
        this.ts_received_credentials.clear();
    }

    public void finalize() {
        close();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
