package com.sun.enterprise.connectors.authentication;

import com.sun.enterprise.connectors.ConnectorRegistry;
import com.sun.enterprise.connectors.ConnectorRuntime;
import com.sun.enterprise.container.common.spi.util.ComponentEnvManager;
import com.sun.enterprise.deployment.ResourcePrincipalDescriptor;
import com.sun.enterprise.deployment.WebBundleDescriptor;
import com.sun.logging.LogDomains;
import jakarta.ejb.EJBContext;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import org.glassfish.api.invocation.ComponentInvocation;
import org.glassfish.deployment.common.SecurityRoleMapperFactory;
import org.glassfish.ejb.api.EJBInvocation;
import org.glassfish.resourcebase.resources.api.PoolInfo;

/* loaded from: input_file:com/sun/enterprise/connectors/authentication/BasicPasswordAuthenticationService.class */
public class BasicPasswordAuthenticationService implements AuthenticationService {
    private static final Logger LOG = LogDomains.getLogger((Class<?>) BasicPasswordAuthenticationService.class, LogDomains.RSR_LOGGER, false);
    private final String rarName;
    private final PoolInfo poolInfo;
    private final ConnectorRegistry connectorRegistry = ConnectorRegistry.getInstance();

    public BasicPasswordAuthenticationService(String str, PoolInfo poolInfo) {
        this.rarName = str;
        this.poolInfo = poolInfo;
        LOG.log(Level.FINE, "Constructor:BasicPasswordAuthenticationService");
    }

    @Override // com.sun.enterprise.connectors.authentication.AuthenticationService
    public ResourcePrincipalDescriptor mapPrincipal(Principal principal, Set<Principal> set) {
        RuntimeSecurityMap runtimeSecurityMap = this.connectorRegistry.getRuntimeSecurityMap(this.poolInfo);
        if (runtimeSecurityMap == null) {
            return null;
        }
        String name = principal.getName();
        ArrayList arrayList = new ArrayList();
        for (Principal principal2 : set) {
            if (!principal2.equals(principal)) {
                arrayList.add(principal2.getName());
            }
        }
        return isContainerContextAWebModuleObject() ? doMap(name, arrayList, getRoleName(principal), runtimeSecurityMap) : doMap(name, arrayList, null, runtimeSecurityMap);
    }

    private ResourcePrincipalDescriptor doMap(String str, List<String> list, String str2, RuntimeSecurityMap runtimeSecurityMap) {
        HashMap<String, ResourcePrincipalDescriptor> userMap = runtimeSecurityMap.getUserMap();
        HashMap<String, ResourcePrincipalDescriptor> groupMap = runtimeSecurityMap.getGroupMap();
        if (userMap.containsKey(str)) {
            return userMap.get(str);
        }
        if (isContainerContextAWebModuleObject() && str2 != null && groupMap.containsKey(str2)) {
            return groupMap.get(str2);
        }
        if (isContainerContextAEJBContainerObject() && str2 == null) {
            EJBContext eJBContext = ((EJBInvocation) ConnectorRuntime.getRuntime().getInvocationManager().getCurrentInvocation()).getEJBContext();
            for (Map.Entry<String, ResourcePrincipalDescriptor> entry : groupMap.entrySet()) {
                String key = entry.getKey();
                ResourcePrincipalDescriptor value = entry.getValue();
                boolean z = false;
                try {
                    z = eJBContext.isCallerInRole(key);
                } catch (Exception e) {
                    LOG.log(Level.FINE, "BasicPasswordAuthentication::caller not in role {0}", key);
                }
                if (z) {
                    return value;
                }
            }
        }
        for (String str3 : list) {
            if (groupMap.containsKey(str3)) {
                return groupMap.get(str3);
            }
        }
        if (userMap.containsKey("*")) {
            return userMap.get("*");
        }
        if (groupMap.containsKey("*")) {
            return groupMap.get("*");
        }
        return null;
    }

    private String getRoleName(Principal principal) {
        for (Map.Entry<String, Subject> entry : getSecurityRoleMapperFactory().getRoleMapper(((WebBundleDescriptor) getComponentEnvManager().getCurrentJndiNameEnvironment()).getModuleID()).getRoleToSubjectMapping().entrySet()) {
            String key = entry.getKey();
            if (entry.getValue().getPrincipals().contains(principal)) {
                return key;
            }
        }
        return "";
    }

    private ComponentEnvManager getComponentEnvManager() {
        return ConnectorRuntime.getRuntime().getComponentEnvManager();
    }

    private ComponentInvocation getCurrentComponentInvocation() {
        return ConnectorRuntime.getRuntime().getInvocationManager().getCurrentInvocation();
    }

    private ComponentInvocation.ComponentInvocationType getCurrentComponentType() {
        return getCurrentComponentInvocation().getInvocationType();
    }

    private boolean isContainerContextAWebModuleObject() {
        return ComponentInvocation.ComponentInvocationType.SERVLET_INVOCATION.equals(getCurrentComponentType());
    }

    private boolean isContainerContextAEJBContainerObject() {
        return ComponentInvocation.ComponentInvocationType.EJB_INVOCATION.equals(getCurrentComponentType());
    }

    public SecurityRoleMapperFactory getSecurityRoleMapperFactory() {
        return ConnectorRuntime.getRuntime().getSecurityRoleMapperFactory();
    }

    public String toString() {
        return super.toString() + "[" + this.rarName + "]";
    }
}
