package com.ibm.ws.security.context;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.asynchbeans.WorkCompletedException;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.ws.asynchbeans.ServiceContext;
import com.ibm.ws.asynchbeans.ServiceContextInvalid;
import com.ibm.ws.asynchbeans.ServiceWithContext;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.util.WSThreadLocal;
import com.ibm.wsspi.security.context.Context;
import com.ibm.wsspi.security.context.ContextManager;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Stack;

/* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/security/context/ServiceWithContextImpl.class */
public class ServiceWithContextImpl implements ServiceWithContext {
    public static final String svcName = "security";
    public static final String svcDesc = "Security service";
    private static final TraceComponent log = Tr.register(ServiceWithContextImpl.class, "Security", "com.ibm.ejs.resources.security");
    private static final ThreadLocal threadLocalContextStack = new WSThreadLocal() { // from class: com.ibm.ws.security.context.ServiceWithContextImpl.1
        @Override // java.lang.ThreadLocal
        protected Object initialValue() {
            return new Stack();
        }
    };

    @Override // com.ibm.ws.asynchbeans.ServiceWithContext
    public String getServiceDescription() {
        return svcDesc;
    }

    @Override // com.ibm.ws.asynchbeans.ServiceWithContext
    public String getServiceName() {
        return "security";
    }

    @Override // com.ibm.ws.asynchbeans.ServiceWithContext
    public ServiceContext peek() {
        if (log.isEntryEnabled()) {
            Tr.entry(log, "peek");
        }
        try {
            ServiceContext serviceContext = (ServiceContext) ContextManager.getContext();
            if (log.isEntryEnabled()) {
                Tr.exit(log, "peek", serviceContext);
            }
            return serviceContext;
        } catch (WSSecurityException e) {
            FFDCFilter.processException(e, "peek", "105", this);
            throw new RuntimeException("Unable to get a security ServiceContext, cause: " + e, e);
        }
    }

    @Override // com.ibm.ws.asynchbeans.ServiceWithContext
    public void pop(ServiceContext serviceContext) throws ServiceContextInvalid, WorkCompletedException {
        if (log.isEntryEnabled()) {
            Tr.entry(log, "pop", serviceContext);
        }
        try {
            Stack stack = (Stack) threadLocalContextStack.get();
            if (stack == null || stack.isEmpty()) {
                String str = "ServiceContext state is invalid, push() must be invoked before pop(), contextStack=" + stack;
                WSSecurityException wSSecurityException = new WSSecurityException(str);
                if (log.isDebugEnabled()) {
                    Tr.debug(log, "pop", str);
                }
                ServiceContextInvalid serviceContextInvalid = new ServiceContextInvalid(getServiceName());
                serviceContextInvalid.initCause(wSSecurityException);
                throw serviceContextInvalid;
            }
            doPrivSetOrRestore((Context) stack.pop(), false);
            if (log.isDebugEnabled()) {
                Tr.debug(log, "pop", "No. of entries in contextStack after pop=" + stack.size());
            }
            if (log.isEntryEnabled()) {
                Tr.exit(log, "pop");
            }
        } catch (WSSecurityException e) {
            FFDCFilter.processException(e, "pop", "156", this);
            if (log.isDebugEnabled()) {
                Tr.debug(log, "pop", "The security ServiceContext cannot be popped, cause: " + e);
            }
            ServiceContextInvalid serviceContextInvalid2 = new ServiceContextInvalid(getServiceName());
            serviceContextInvalid2.initCause(e);
            throw serviceContextInvalid2;
        }
    }

    @Override // com.ibm.ws.asynchbeans.ServiceWithContext
    public void push(ServiceContext serviceContext) throws ServiceContextInvalid {
        if (log.isEntryEnabled()) {
            Tr.entry(log, "push", serviceContext);
        }
        try {
            Context createDefaultContext = serviceContext == null ? createDefaultContext() : (Context) serviceContext;
            try {
                doPrivSetOrRestore(createDefaultContext, true);
                Stack stack = (Stack) threadLocalContextStack.get();
                stack.push(createDefaultContext);
                if (log.isDebugEnabled()) {
                    Tr.debug(log, "push", "No. of entries in contextStack after push=" + stack.size());
                }
                if (log.isEntryEnabled()) {
                    Tr.exit(log, "push", "ServiceContext pushed=" + createDefaultContext);
                }
            } catch (WSSecurityException e) {
                FFDCFilter.processException(e, "push", "210", this);
                if (log.isDebugEnabled()) {
                    Tr.debug(log, "push", "The security ServiceContext cannot be pushed, cause: " + e);
                }
                ServiceContextInvalid serviceContextInvalid = new ServiceContextInvalid(getServiceName());
                serviceContextInvalid.initCause(e);
                throw serviceContextInvalid;
            }
        } catch (WSSecurityException e2) {
            if (log.isDebugEnabled()) {
                Tr.debug(log, "push", "The security ServiceContext cannot be pushed, cause: " + e2);
            }
            ServiceContextInvalid serviceContextInvalid2 = new ServiceContextInvalid(getServiceName());
            serviceContextInvalid2.initCause(e2);
            throw serviceContextInvalid2;
        }
    }

    private Context createDefaultContext() throws WSSecurityException {
        if (log.isEntryEnabled()) {
            Tr.entry(log, "createDefaultContext");
        }
        ContextImpl contextImpl = new ContextImpl(true);
        if (log.isEntryEnabled()) {
            Tr.exit(log, "createDefaultContext", contextImpl);
        }
        return contextImpl;
    }

    private void doPrivSetOrRestore(final Context context, final boolean z) throws WSSecurityException {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.context.ServiceWithContextImpl.2
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    if (z) {
                        context.setContext();
                        return null;
                    }
                    context.restoreContext();
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            throw new WSSecurityException("PrivilegedActionException during set/restoreContext: " + e);
        }
    }
}
