package com.buildforge.services.client.jfs.was;

import com.buildforge.services.client.api.APIClientConnection;
import com.buildforge.services.client.dbo.AccessGroup;
import com.buildforge.services.client.dbo.User;
import com.buildforge.services.common.ServiceException;
import com.buildforge.services.common.api.APIConnection;
import com.ibm.websphere.security.UserRegistry;
import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.BitSet;
import java.util.Hashtable;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.InitialContext;
import javax.security.auth.Subject;

/* loaded from: input_file:lib/com.ibm.rational.buildforge.services.client.java_7.1.3.4110010.jar:com/buildforge/services/client/jfs/was/JazzAutomationUserAssertion.class */
public class JazzAutomationUserAssertion {
    private static final String default_realm = "<default>";
    private static final String user_prefix = "user:";
    private static final String realm_delimiter = "/";
    public static final String WSCREDENTIAL_REALM = "com.ibm.wsspi.security.cred.realm";
    public static final String WSCREDENTIAL_UNIQUEID = "com.ibm.wsspi.security.cred.uniqueId";
    public static final String WSCREDENTIAL_SECURITYNAME = "com.ibm.wsspi.security.cred.securityName";
    public static final String WSCREDENTIAL_LONGSECURITYNAME = "com.ibm.wsspi.security.cred.longSecurityName";
    public static final String WSCREDENTIAL_GROUPS = "com.ibm.wsspi.security.cred.groups";
    private static final Logger log = Logger.getLogger(JazzAutomationUserAssertion.class.getName());
    private static String realm = null;
    private static final JazzAutomationUserAssertion INSTANCE = new JazzAutomationUserAssertion();

    private JazzAutomationUserAssertion() {
    }

    public static final JazzAutomationUserAssertion getInstance() {
        return INSTANCE;
    }

    public Subject createWASSubject(Principal principal, List<String> list) {
        return createWASSubject(principal, list, null);
    }

    public Subject createWASSubject(Principal principal, List<String> list, Subject subject) {
        if (subject == null) {
            subject = new Subject();
        }
        String defaultWASRealm = getDefaultWASRealm();
        Hashtable hashtable = new Hashtable();
        hashtable.put(WSCREDENTIAL_REALM, defaultWASRealm);
        hashtable.put(WSCREDENTIAL_UNIQUEID, user_prefix + defaultWASRealm + realm_delimiter + principal.getName());
        hashtable.put(WSCREDENTIAL_SECURITYNAME, principal.getName());
        hashtable.put(WSCREDENTIAL_LONGSECURITYNAME, principal.getName());
        hashtable.put(WSCREDENTIAL_GROUPS, list);
        subject.getPublicCredentials().add(hashtable);
        log.fine("Passing user info to WAS: " + hashtable.toString());
        return subject;
    }

    private synchronized String getDefaultWASRealm() {
        try {
            if (realm == null) {
                UserRegistry userRegistry = (UserRegistry) new InitialContext().lookup("UserRegistry");
                if (userRegistry != null) {
                    realm = userRegistry.getRealm();
                } else {
                    realm = default_realm;
                }
            }
        } catch (Exception e) {
            log.log(Level.WARNING, "Exception getting default realm from WAS user registry.", (Throwable) e);
        }
        return realm;
    }

    public List<String> getGroupsForUser(String str, String str2, String str3, String str4) throws IOException, ServiceException {
        APIConnection aPIConnection = null;
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add("JazzUsers");
            if ("root".equals(str)) {
                arrayList.add("JazzAdmins");
            }
            if (str.equals(str2)) {
                log.fine("Returning groups: " + arrayList);
                if (0 != 0) {
                    try {
                        aPIConnection.close();
                    } catch (IOException e) {
                        log.log(Level.FINE, "IOException closing connection.", (Throwable) e);
                    }
                }
                return arrayList;
            }
            APIClientConnection aPIClientConnection = new APIClientConnection();
            aPIClientConnection.authUser(str2, str3, str4);
            BitSet findByUserUuid = AccessGroup.findByUserUuid(aPIClientConnection, User.findByLogin(aPIClientConnection, str).getUuid(), true);
            for (int nextSetBit = findByUserUuid.nextSetBit(0); nextSetBit >= 1; nextSetBit = findByUserUuid.nextSetBit(nextSetBit + 1)) {
                AccessGroup findById = AccessGroup.findById(aPIClientConnection, nextSetBit);
                if (findById != null) {
                    log.fine("Adding group: " + findById);
                    arrayList.add(findById.getName());
                }
            }
            log.fine("Returning groups: " + arrayList);
            if (aPIClientConnection != null) {
                try {
                    aPIClientConnection.close();
                } catch (IOException e2) {
                    log.log(Level.FINE, "IOException closing connection.", (Throwable) e2);
                }
            }
            return arrayList;
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    aPIConnection.close();
                } catch (IOException e3) {
                    log.log(Level.FINE, "IOException closing connection.", (Throwable) e3);
                }
            }
            throw th;
        }
    }
}
