package org.glassfish.ejb.security.application;

import com.sun.enterprise.deployment.MethodDescriptor;
import com.sun.enterprise.deployment.MethodPermission;
import com.sun.enterprise.deployment.RoleReference;
import com.sun.logging.LogDomains;
import jakarta.security.jacc.EJBMethodPermission;
import jakarta.security.jacc.PolicyContextException;
import java.lang.reflect.Method;
import java.security.Permission;
import java.security.Permissions;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.glassfish.ejb.deployment.descriptor.EjbDescriptor;
import org.glassfish.exousia.mapping.SecurityRoleRef;
import org.glassfish.exousia.permissions.JakartaPermissions;

/* loaded from: input_file:org/glassfish/ejb/security/application/GlassFishToExousiaConverter.class */
public class GlassFishToExousiaConverter {
    private static final Logger _logger = LogDomains.getLogger(EJBSecurityManager.class, "jakarta.enterprise.system.container.ejb");

    public static JakartaPermissions convertEJBMethodPermissions(EjbDescriptor ejbDescriptor, String str) throws PolicyContextException {
        JakartaPermissions jakartaPermissions = new JakartaPermissions();
        String name = ejbDescriptor.getName();
        for (Map.Entry entry : ejbDescriptor.getMethodPermissionsFromDD().entrySet()) {
            MethodPermission methodPermission = (MethodPermission) entry.getKey();
            Iterator it = ((ArrayList) entry.getValue()).iterator();
            while (it.hasNext()) {
                MethodDescriptor methodDescriptor = (MethodDescriptor) it.next();
                String name2 = methodDescriptor.getName();
                Permission eJBMethodPermission = new EJBMethodPermission(name, name2.equals("*") ? null : name2, methodDescriptor.getEjbClassSymbol(), methodDescriptor.getStyle() == 3 ? methodDescriptor.getParameterClassNames() : null);
                if (methodPermission.isExcluded()) {
                    jakartaPermissions.getExcluded().add(eJBMethodPermission);
                } else if (methodPermission.isUnchecked()) {
                    jakartaPermissions.getUnchecked().add(eJBMethodPermission);
                } else if (methodPermission.isRoleBased()) {
                    ((Permissions) jakartaPermissions.getPerRole().computeIfAbsent(methodPermission.getRole().getName(), str2 -> {
                        return new Permissions();
                    })).add(eJBMethodPermission);
                }
            }
        }
        for (MethodDescriptor methodDescriptor2 : ejbDescriptor.getMethodDescriptors()) {
            Method method = methodDescriptor2.getMethod(ejbDescriptor);
            String ejbClassSymbol = methodDescriptor2.getEjbClassSymbol();
            if (method != null) {
                if (ejbClassSymbol == null || ejbClassSymbol.isEmpty()) {
                    _logger.log(Level.SEVERE, "method_descriptor_not_defined", new Object[]{name, methodDescriptor2.getName(), methodDescriptor2.getParameterClassNames()});
                } else {
                    Permission eJBMethodPermission2 = new EJBMethodPermission(name, ejbClassSymbol, method);
                    Set<MethodPermission> methodPermissionsFor = ejbDescriptor.getMethodPermissionsFor(methodDescriptor2);
                    _logger.log(Level.FINEST, "Descriptor: {0}, permissions: {1}", new Object[]{methodDescriptor2, methodPermissionsFor});
                    for (MethodPermission methodPermission2 : methodPermissionsFor) {
                        if (methodPermission2.isExcluded()) {
                            jakartaPermissions.getExcluded().add(eJBMethodPermission2);
                        } else if (methodPermission2.isUnchecked()) {
                            jakartaPermissions.getUnchecked().add(eJBMethodPermission2);
                        } else if (methodPermission2.isRoleBased()) {
                            ((Permissions) jakartaPermissions.getPerRole().computeIfAbsent(methodPermission2.getRole().getName(), str3 -> {
                                return new Permissions();
                            })).add(eJBMethodPermission2);
                        }
                    }
                }
            }
        }
        return jakartaPermissions;
    }

    public static Map<String, List<SecurityRoleRef>> getSecurityRoleRefsFromBundle(EjbDescriptor ejbDescriptor) {
        HashMap hashMap = new HashMap();
        ArrayList arrayList = new ArrayList();
        for (RoleReference roleReference : ejbDescriptor.getRoleReferences()) {
            arrayList.add(new SecurityRoleRef(roleReference.getRoleName(), roleReference.getSecurityRoleLink().getName()));
        }
        hashMap.put(ejbDescriptor.getName(), arrayList);
        return hashMap;
    }

    private static void log(JakartaPermissions jakartaPermissions) {
        Iterator it = Collections.list(jakartaPermissions.getExcluded().elements()).iterator();
        while (it.hasNext()) {
            Permission permission = (Permission) it.next();
            _logger.log(Level.FINE, () -> {
                return "Jakarta Authorization DD conversion: EJBMethodPermission ->(" + permission.getName() + " " + permission.getActions() + ") is (excluded)";
            });
        }
        Iterator it2 = Collections.list(jakartaPermissions.getUnchecked().elements()).iterator();
        while (it2.hasNext()) {
            Permission permission2 = (Permission) it2.next();
            _logger.log(Level.FINE, () -> {
                return "Jakarta Authorization conversion: EJBMethodPermission ->(" + permission2.getName() + " " + permission2.getActions() + ") is (unchecked)";
            });
        }
        for (Map.Entry entry : jakartaPermissions.getPerRole().entrySet()) {
            String str = (String) entry.getKey();
            Iterator it3 = Collections.list(((Permissions) entry.getValue()).elements()).iterator();
            while (it3.hasNext()) {
                Permission permission3 = (Permission) it3.next();
                _logger.log(Level.FINE, () -> {
                    return "Jakarta Authorization conversion: EJBMethodPermission ->(" + permission3.getName() + " " + permission3.getActions() + ")protected by role -> " + str;
                });
            }
        }
    }
}
