package com.ibm.ws.wssecurity.platform.websphere.auth;

import com.ibm.websphere.cache.DistributedMap;
import com.ibm.websphere.management.AdminClient;
import com.ibm.websphere.management.AdminClientFactory;
import com.ibm.websphere.management.wlm.ClusterData;
import com.ibm.websphere.management.wlm.ClusterMemberData;
import com.ibm.websphere.models.config.ipc.EndPoint;
import com.ibm.websphere.wssecurity.admin.PolicyAttributesConstants;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.runtime.service.EndPointMgr;
import com.ibm.ws.runtime.service.Server;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.service.SecurityService;
import com.ibm.ws.webservices.admin.serviceindex.impl.XMLConstants;
import com.ibm.ws.websvcs.transport.common.TransportConstants;
import com.ibm.ws.wssecurity.token.CacheableToken;
import com.ibm.ws.wssecurity.util.CacheConfigFactory;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.wsspi.runtime.config.ConfigObject;
import com.ibm.wsspi.runtime.config.ConfigScope;
import com.ibm.wsspi.runtime.config.ConfigService;
import com.ibm.wsspi.runtime.service.WsServiceRegistry;
import com.ibm.wsspi.websvcs.Constants;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.management.ObjectName;
import javax.management.QueryExp;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/platform/websphere/auth/MBeanCacheableTokenCache.class */
public class MBeanCacheableTokenCache {
    private DistributedMap distributedMap;
    private int cacheType;
    private static final boolean distributedEnabled = CacheConfigFactory.getInstance().isDistributedCache();
    private static MBeanCacheableTokenCache mbeanCacheableTokenCache = null;
    private static final long MBEAN_TIMEOUT = CacheConfigFactory.getInstance().synchronousClusterTimeoutMilliseconds();
    private static final String CLASS_NAME = MBeanCacheableTokenCache.class.getName();
    private static final TraceComponent tc = Tr.register(MBeanCacheableTokenCache.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");

    /* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/platform/websphere/auth/MBeanCacheableTokenCache$InvokeCacheableTokenMBean.class */
    private class InvokeCacheableTokenMBean extends Thread {
        private static final String mbeanName = "CacheableTokenMBean";
        private static final String INNER_CLASS_NAME = "InvokeCacheableTokenMBean";
        private Properties connectionProps;
        private String operationName;
        private Object[] params;
        private String[] signature;
        private Object result = null;

        public InvokeCacheableTokenMBean(Properties properties, String str, Object[] objArr, String[] strArr) {
            this.connectionProps = null;
            this.operationName = null;
            this.params = null;
            this.signature = null;
            this.connectionProps = properties;
            this.operationName = str;
            this.params = objArr;
            this.signature = strArr;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            if (MBeanCacheableTokenCache.tc.isEntryEnabled()) {
                Tr.entry(MBeanCacheableTokenCache.tc, "run");
            }
            try {
                this.result = ContextManagerFactory.getInstance().runAsSystem(new PrivilegedExceptionAction() { // from class: com.ibm.ws.wssecurity.platform.websphere.auth.MBeanCacheableTokenCache.InvokeCacheableTokenMBean.1
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        AdminClient createAdminClient = AdminClientFactory.createAdminClient(InvokeCacheableTokenMBean.this.connectionProps);
                        Set queryNames = createAdminClient.queryNames(new ObjectName("*:*,type=CacheableTokenMBean"), (QueryExp) null);
                        if (queryNames.isEmpty()) {
                            MBeanCacheableTokenCache.trDebug("CacheableTokenMBean not found");
                        } else {
                            ObjectName objectName = (ObjectName) queryNames.iterator().next();
                            InvokeCacheableTokenMBean.this.result = createAdminClient.invoke(objectName, InvokeCacheableTokenMBean.this.operationName, InvokeCacheableTokenMBean.this.params, InvokeCacheableTokenMBean.this.signature);
                        }
                        return InvokeCacheableTokenMBean.this.result;
                    }
                });
            } catch (Exception e) {
                FFDCFilter.processException(e, "InvokeCacheableTokenMBean.run", "927", this);
                if (MBeanCacheableTokenCache.tc.isDebugEnabled()) {
                    Tr.debug(MBeanCacheableTokenCache.tc, "Failed to run operation: " + this.operationName + " on " + mbeanName, e.getStackTrace());
                }
            }
            if (MBeanCacheableTokenCache.tc.isEntryEnabled()) {
                Tr.exit(MBeanCacheableTokenCache.tc, "run");
            }
        }

        public Object getResult() {
            return this.result;
        }
    }

    private MBeanCacheableTokenCache() {
        this.distributedMap = WSSDistributedCache.getDistributedCacheForService();
        this.cacheType = 0;
    }

    public MBeanCacheableTokenCache(DistributedMap distributedMap, int i) {
        this.distributedMap = WSSDistributedCache.getDistributedCacheForService();
        this.cacheType = 0;
        this.distributedMap = distributedMap;
        this.cacheType = i;
    }

    public CacheableToken getToken(final String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getToken", str);
        }
        CacheableToken cacheableToken = null;
        try {
            List<Properties> clusterServersProperties = getClusterServersProperties();
            if (!clusterServersProperties.isEmpty()) {
                Iterator<Properties> it = clusterServersProperties.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    final Properties next = it.next();
                    try {
                        cacheableToken = (CacheableToken) ContextManagerFactory.getInstance().runAsSystem(new PrivilegedExceptionAction() { // from class: com.ibm.ws.wssecurity.platform.websphere.auth.MBeanCacheableTokenCache.1
                            @Override // java.security.PrivilegedExceptionAction
                            public Object run() throws Exception {
                                CacheableToken cacheableToken2 = null;
                                AdminClient createAdminClient = AdminClientFactory.createAdminClient(next);
                                Set queryNames = createAdminClient.queryNames(new ObjectName("*:*,type=CacheableTokenMBean"), (QueryExp) null);
                                if (queryNames.isEmpty()) {
                                    MBeanCacheableTokenCache.trDebug("CacheableTokenMBean not found");
                                } else {
                                    cacheableToken2 = (CacheableToken) createAdminClient.invoke((ObjectName) queryNames.iterator().next(), "getLocalToken", new Object[]{str, Integer.valueOf(MBeanCacheableTokenCache.this.cacheType)}, new String[]{"java.lang.String", "int"});
                                    MBeanCacheableTokenCache.trDebug("getToken found identifier: " + str + " token: " + cacheableToken2);
                                }
                                return cacheableToken2;
                            }
                        });
                    } catch (Exception e) {
                        FFDCFilter.processException(e, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "getToken", "215", this);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Failed to find token in MBean", e.getStackTrace());
                        }
                    }
                    if (cacheableToken != null) {
                        trDebug("token found in MBean");
                        break;
                    }
                    if (distributedEnabled) {
                        cacheableToken = (CacheableToken) this.distributedMap.get(str);
                        if (cacheableToken != null) {
                            trDebug("Token found in distributed cache");
                            break;
                        }
                    }
                }
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "getToken", "237", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to find token in MBeans. ", e2.getStackTrace());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getToken", cacheableToken);
        }
        return cacheableToken;
    }

    public void removeTokenFromClusterMembers(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeToken", str);
        }
        try {
            List<Properties> clusterServersProperties = getClusterServersProperties();
            if (!clusterServersProperties.isEmpty()) {
                ArrayList<Thread> arrayList = new ArrayList();
                Iterator<Properties> it = clusterServersProperties.iterator();
                while (it.hasNext()) {
                    InvokeCacheableTokenMBean invokeCacheableTokenMBean = new InvokeCacheableTokenMBean(it.next(), "removeLocalToken", new Object[]{str, Integer.valueOf(this.cacheType)}, new String[]{"java.lang.String", "int"});
                    arrayList.add(invokeCacheableTokenMBean);
                    trDebug("Starting thread: " + invokeCacheableTokenMBean.getName());
                    invokeCacheableTokenMBean.start();
                }
                for (Thread thread : arrayList) {
                    trDebug("Waiting for thread: " + thread.getName() + " to complete");
                    try {
                        thread.join();
                    } catch (InterruptedException e) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Thread interrupted, continuing to check other threads... ");
                        }
                    }
                    trDebug("Thread: " + thread.getName() + " complete");
                }
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "removeToken", "380", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to remove token in MBeans. ", e2.getStackTrace());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeToken");
        }
    }

    public void updateTokenInClusterMembers(String str, CacheableToken cacheableToken, long j) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "updateToken", str);
        }
        try {
            List<Properties> clusterServersProperties = getClusterServersProperties();
            if (!clusterServersProperties.isEmpty()) {
                ArrayList<Thread> arrayList = new ArrayList();
                Iterator<Properties> it = clusterServersProperties.iterator();
                while (it.hasNext()) {
                    InvokeCacheableTokenMBean invokeCacheableTokenMBean = new InvokeCacheableTokenMBean(it.next(), "updateLocalToken", new Object[]{str, cacheableToken, Long.valueOf(j), Integer.valueOf(this.cacheType)}, new String[]{"java.lang.String", "com.ibm.ws.wssecurity.token.CacheableToken", "long", "int"});
                    arrayList.add(invokeCacheableTokenMBean);
                    trDebug("Starting thread: " + invokeCacheableTokenMBean.getName());
                    invokeCacheableTokenMBean.start();
                }
                for (Thread thread : arrayList) {
                    trDebug("Waiting for thread: " + thread.getName() + " to complete");
                    try {
                        thread.join();
                    } catch (InterruptedException e) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Thread interrupted, continuing to check other threads... ");
                        }
                    }
                    trDebug("Thread: " + thread.getName() + " complete");
                }
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "updateToken", "470", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to update token in MBeans. ", e2.getStackTrace());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "updateToken");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v69, types: [java.util.Map] */
    private List<Properties> getClusterServersProperties() {
        String str;
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getClusterServersProperties");
        }
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        try {
            Iterator it = ((EndPointMgr) WsServiceRegistry.getService(this, EndPointMgr.class)).getNodeEndPoints().values().iterator();
            str = null;
            str2 = null;
            boolean z = false;
            while (it.hasNext() && !z) {
                Iterator it2 = ((EndPointMgr.NodeEndPoints) it.next()).getServerEndPoints().values().iterator();
                while (it2.hasNext() && !z) {
                    EndPointMgr.ServerEndPoints serverEndPoints = (EndPointMgr.ServerEndPoints) it2.next();
                    if (serverEndPoints.getType().equals("DEPLOYMENT_MANAGER")) {
                        EndPoint endPoint = serverEndPoints.getEndPoint("SOAP_CONNECTOR_ADDRESS");
                        str = endPoint.getHost();
                        str2 = new Integer(endPoint.getPort()).toString();
                        z = true;
                    }
                }
            }
            trDebug("dmHost: " + str + " dmPort: " + str2);
        } catch (Exception e) {
            FFDCFilter.processException(e, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "getClusterServersProperties", "669", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to get server properties", e.getStackTrace());
            }
        }
        if (str == null || str2 == null) {
            trDebug("Unable to find dmHost and dmPort, returning empty properties");
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getClusterServersProperties", arrayList);
            }
            return arrayList;
        }
        final Properties properties = new Properties();
        properties.setProperty("type", "SOAP");
        properties.setProperty(TransportConstants.HOST, str);
        properties.setProperty(TransportConstants.PORT, str2);
        properties.setProperty("isInternal", "true");
        try {
            hashMap = (Map) ContextManagerFactory.getInstance().runAsSystem(new PrivilegedExceptionAction() { // from class: com.ibm.ws.wssecurity.platform.websphere.auth.MBeanCacheableTokenCache.2
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    AdminClient createAdminClient = AdminClientFactory.createAdminClient(properties);
                    Set queryNames = createAdminClient.queryNames(new ObjectName("WebSphere:*,type=ClusterMgr"), (QueryExp) null);
                    ObjectName objectName = null;
                    if (queryNames.isEmpty()) {
                        MBeanCacheableTokenCache.trDebug("ClusterMgr was not found, clustering not enabled.");
                    } else {
                        objectName = (ObjectName) queryNames.iterator().next();
                    }
                    HashMap hashMap2 = new HashMap();
                    if (objectName != null) {
                        Server server = (Server) WsServiceRegistry.getService(this, Server.class);
                        String name = server.getName();
                        String clusterName = server.getClusterName();
                        MBeanCacheableTokenCache.trDebug("myServerName: " + name);
                        MBeanCacheableTokenCache.trDebug("myClusterName: " + clusterName);
                        ClusterData[] clusterDataArr = (ClusterData[]) createAdminClient.invoke(objectName, "retrieveClusters", (Object[]) null, (String[]) null);
                        for (int i = 0; i < clusterDataArr.length; i++) {
                            MBeanCacheableTokenCache.trDebug("cluster name = " + clusterDataArr[i].clusterName);
                            if (clusterDataArr[i].clusterName.equals(clusterName)) {
                                ClusterMemberData[] clusterMemberDataArr = clusterDataArr[i].clusterMembers;
                                for (int i2 = 0; i2 < clusterMemberDataArr.length; i2++) {
                                    if (!clusterMemberDataArr[i2].memberName.equals(name)) {
                                        hashMap2.put(clusterMemberDataArr[i2].memberName, clusterMemberDataArr[i2].nodeName);
                                        MBeanCacheableTokenCache.trDebug("added serverName: " + clusterMemberDataArr[i2].memberName + " nodeName: " + clusterMemberDataArr[i2].nodeName);
                                    }
                                }
                            }
                        }
                    }
                    return hashMap2;
                }
            });
        } catch (Exception e2) {
            FFDCFilter.processException(e2, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "getClusterServersProperties", "706", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to get cluster members", e2.getStackTrace());
            }
        }
        for (String str3 : hashMap.keySet()) {
            arrayList.add(getServerAdminProps(str3, (String) hashMap.get(str3)));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getClusterServersProperties", arrayList);
        }
        return arrayList;
    }

    private Properties getServerAdminProps(String str, String str2) {
        Properties secureSocketLayer;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServerAdminProps", new Object[]{str, str2});
        }
        Properties properties = new Properties();
        String str3 = null;
        try {
            ConfigService configService = (ConfigService) WsServiceRegistry.getService(this, ConfigService.class);
            ConfigObject configObject = (ConfigObject) configService.getDocumentObjects(configService.getScope(4), "server.xml").get(0);
            properties.setProperty("isInternal", "true");
            List objectList = configObject.getObjectList(XMLConstants.ROOT_ELEMENT);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Number of custom services: " + objectList.size());
            }
            ConfigObject configObject2 = null;
            Iterator it = objectList.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                ConfigObject configObject3 = (ConfigObject) it.next();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Custom service: " + configObject3);
                }
                if (configObject3.instanceOf("http://www.ibm.com/websphere/appserver/schemas/5.0/adminservice.xmi", "AdminService")) {
                    configObject2 = configObject3;
                    break;
                }
            }
            if (configObject2 != null) {
                ConfigObject object = configObject2.getObject("remoteAdminProtocol");
                if (object != null && object.instanceOf("http://www.ibm.com/websphere/appserver/schemas/5.0/adminservice.xmi", "SOAPConnector")) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "remoteAdminProtocol connector type is SOAP.");
                    }
                    properties.setProperty("type", "SOAP");
                    str3 = "SOAP";
                    for (ConfigObject configObject4 : object.getObjectList(TransportConstants.CUSTOM_PROPS)) {
                        if (configObject4.getString("name", (String) null).equals("sslConfig")) {
                            String string = configObject4.getString("value", (String) null);
                            properties.setProperty("sslConfig", string);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "SSLConfig alias to use: " + string);
                            }
                            if (string != null) {
                                try {
                                    SecurityService securityService = (SecurityService) WsServiceRegistry.getService(this, SecurityService.class);
                                    if (securityService != null && (secureSocketLayer = securityService.getSecureSocketLayer(string)) != null) {
                                        Enumeration<?> propertyNames = secureSocketLayer.propertyNames();
                                        while (propertyNames.hasMoreElements()) {
                                            String str4 = (String) propertyNames.nextElement();
                                            String property = secureSocketLayer.getProperty(str4);
                                            if (str4 != null && property != null) {
                                                properties.setProperty(str4, property);
                                            }
                                        }
                                    }
                                } catch (Exception e) {
                                    FFDCFilter.processException(e, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "getServerAdminProps", "767", this);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Exception occurred getting SSLProps.", new Object[]{e});
                                    }
                                }
                            }
                        } else {
                            properties.setProperty(configObject4.getString("name", (String) null), configObject4.getString("value", (String) null));
                        }
                    }
                } else if (object != null && (object.instanceOf("http://www.ibm.com/websphere/appserver/schemas/5.0/adminservice.xmi", "RMIConnector") || object.instanceOf("http://www.ibm.com/websphere/appserver/schemas/5.0/adminservice.xmi", "JSR160RMIConnector"))) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "remoteAdminProtocol connector type is RMI or JSR160RMI.");
                    }
                    properties.setProperty("type", "RMI");
                    str3 = "RMI";
                    for (ConfigObject configObject5 : object.getObjectList(TransportConstants.CUSTOM_PROPS)) {
                        properties.setProperty(configObject5.getString("name", (String) null), configObject5.getString("value", (String) null));
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Admin service is null.");
            }
            ConfigService configService2 = (ConfigService) WsServiceRegistry.getService(this, ConfigService.class);
            ConfigScope createScope = configService2.createScope(3);
            createScope.set(3, str2);
            List objectList2 = ((ConfigObject) configService2.getDocumentObjects(createScope, "serverindex.xml").get(0)).getObjectList("serverEntries");
            int i = 0;
            while (true) {
                if (i >= objectList2.size()) {
                    break;
                }
                ConfigObject configObject6 = (ConfigObject) objectList2.get(i);
                if (configObject6 != null && configObject6.getString("serverType", (String) null).equals(Constants.APP_SERVER_TYPE) && configObject6.getString("serverName", (String) null).equals(str)) {
                    ConfigObject configObject7 = null;
                    ConfigObject configObject8 = null;
                    List objectList3 = configObject6.getObjectList("specialEndpoints");
                    for (int i2 = 0; i2 < objectList3.size(); i2++) {
                        ConfigObject configObject9 = (ConfigObject) objectList3.get(i2);
                        if (configObject9.getString("endPointName", (String) null).equals("SOAP_CONNECTOR_ADDRESS")) {
                            configObject7 = configObject9.getObject("endPoint");
                        }
                        if (configObject9.getString("endPointName", (String) null).equals("BOOTSTRAP_ADDRESS")) {
                            configObject8 = configObject9.getObject("endPoint");
                            if (configObject8 != null) {
                                String num = new Integer(configObject8.getInt(TransportConstants.PORT, 0)).toString();
                                String string2 = configObject8.getString(TransportConstants.HOST, (String) null);
                                properties.setProperty("java.naming.provider.url", "corbaloc:iiop:" + string2 + ":" + num + "/WsnAdminNameService");
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "PROVIDER_URL: corbaloc:iiop:" + string2 + ":" + num);
                                }
                            }
                        }
                    }
                    if (configObject7 != null && str3.equals("SOAP")) {
                        properties.setProperty(TransportConstants.PORT, new Integer(configObject7.getInt(TransportConstants.PORT, 0)).toString());
                        properties.setProperty(TransportConstants.HOST, configObject7.getString(TransportConstants.HOST, (String) null));
                    } else if (configObject8 != null && (str3.equals("RMI") || str3.equals("JSR160RMI"))) {
                        properties.setProperty(TransportConstants.PORT, new Integer(configObject8.getInt(TransportConstants.PORT, 0)).toString());
                        properties.setProperty(TransportConstants.HOST, configObject8.getString(TransportConstants.HOST, (String) null));
                    }
                } else {
                    i++;
                }
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, CLASS_NAME + PolicyAttributesConstants.DELIMITER + "getServerAdminProps", "858", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred getting server connection props.", new Object[]{e2});
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getServerAdminProps", properties);
        }
        return properties;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void trDebug(String str) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, str);
        }
    }
}
