package com.ibm.ws.security.admintask.securityDomain;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.management.exception.ConnectorException;
import com.ibm.websphere.management.exception.InvalidAttributeNameException;
import com.ibm.websphere.security.Result;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.admintask.SetLdapConfig;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.SearchFilterConfig;
import com.ibm.ws.security.config.UserRegistryConfig;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.sm.workspace.impl.WorkSpaceConstant;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import com.ibm.ws.util.PlatformHelper;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws.webservices.wssecurity.KRBConstants;
import com.ibm.ws.wim.registry.util.UserRegistryValidator;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.StringTokenizer;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;
import javax.management.QueryExp;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/securityDomain/SecConfigTaskHelper.class */
public class SecConfigTaskHelper {
    private static TraceComponent tc = Tr.register(SecConfigTaskHelper.class, "security", "com.ibm.ws.security.admintask.securityDomain");
    private static String BUNDLE_NAME = "com.ibm.ejs.resources.security";
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static final String CELL = "Cell";
    private static final String SERVER = "Server";
    private static final String SERVERCLUSTER = "ServerCluster";
    private static final String CLUSTER = "Cluster";
    private static final String SIBUS = "SIBus";

    private static String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    public static ObjectName getSecDomain(Session session, ConfigService configService, String str) throws Exception {
        ObjectName objectName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecDomain", str);
        }
        for (ObjectName objectName2 : configService.queryConfigObjects(session, (ObjectName) null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), (QueryExp) null)) {
            if (((String) configService.getAttribute(session, objectName2, "name")).equals(str) && (objectName = configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), (QueryExp) null)[0]) != null) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getSecDomain");
                }
                return objectName;
            }
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getSecDomain");
        return null;
    }

    public static ObjectName getSecurityObjectName(Session session, ConfigService configService) throws ConfigServiceException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityObjectName", new Object[]{session, configService});
        }
        ObjectName objectName = configService.queryConfigObjects(session, (ObjectName) null, ConfigServiceHelper.createObjectName((ConfigDataId) null, KRBConstants.ELM_SECURITY), (QueryExp) null)[0];
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security ObjectName is " + objectName + ". Cell Name is " + ConfigServiceHelper.getDisplayName(objectName));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityObjectName", objectName);
        }
        return objectName;
    }

    public static ObjectName getRegObj(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        ObjectName objectName2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRegObj", str);
        }
        ObjectName objectName3 = null;
        try {
            ArrayList arrayList = (ArrayList) configService.getAttribute(session, objectName, "userRegistries");
            if (arrayList != null) {
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList = (AttributeList) arrayList.get(i);
                    if (ConfigServiceHelper.getAttributeValue(attributeList, "_Websphere_Config_Data_Type").toString().equals(str) && (objectName2 = configService.queryConfigObjects(session, (ObjectName) null, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0]) != null) {
                        objectName3 = objectName2;
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getRegObj");
            }
            return objectName3;
        } catch (InvalidAttributeNameException e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getRegObj");
            }
            return objectName3;
        }
    }

    public static Properties getCustomProperties(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCustomProperties");
        }
        Properties properties = new Properties();
        if (str != null) {
            for (String str2 : str.split(",")) {
                int indexOf = str2.indexOf("=");
                properties.put(str2.substring(0, indexOf), str2.substring(indexOf + 1));
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCustomProperties");
        }
        return properties;
    }

    public static boolean authenticateUser(Session session, String str, String str2, String str3, Properties properties, String str4) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "authenticateUser", new Object[]{str, str3});
        }
        Boolean bool = Boolean.TRUE;
        try {
            if (str3.equalsIgnoreCase(UserRegistryConfig.TYPE_WIM)) {
                if (new UserRegistryValidator(session.toString()).checkPassword(str, str2) == null) {
                    bool = Boolean.FALSE;
                }
            } else if (isGoodServerId(session, str, str3, properties)) {
                Iterator it = AdminServiceFactory.getAdminService().queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + ((str4 == null || str4.indexOf("Server=") < 0) ? AdminServiceFactory.getAdminService().getProcessName() : str4.substring(str4.indexOf("Server=") + 7)) + ",*"), (QueryExp) null).iterator();
                if (!it.hasNext()) {
                    return false;
                }
                bool = (Boolean) AdminServiceFactory.getAdminService().invoke((ObjectName) it.next(), "checkPassword", new Object[]{str, str2, properties}, new String[]{"java.lang.String", "java.lang.String", "java.util.Properties"});
            } else {
                bool = Boolean.FALSE;
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "authenticateUser: " + bool.booleanValue());
            }
            return bool.booleanValue();
        } catch (Exception e) {
            Exception exc = (Exception) e.getCause();
            if (exc != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception while trying to authenticate the server id, " + str + ",  in the " + str3 + " user registry: " + exc.getMessage());
                }
                throw exc;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while trying to authenticate the server id, " + str + ",  in the " + str3 + " user registry: " + e.getMessage());
            }
            throw e;
        }
    }

    public static boolean isGoodServerId(Session session, String str, String str2, Properties properties) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isGoodServerId", new Object[]{str, str2});
        }
        boolean z = false;
        try {
            if (!str2.equalsIgnoreCase(UserRegistryConfig.TYPE_WIM)) {
                Iterator it = AdminServiceFactory.getAdminService().queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + AdminServiceFactory.getAdminService().getProcessName() + ",*"), (QueryExp) null).iterator();
                if (!it.hasNext()) {
                    z = false;
                }
                Result result = (Result) AdminServiceFactory.getAdminService().invoke((ObjectName) it.next(), "getUsers", new Object[]{str, new Integer(100), properties}, new String[]{"java.lang.String", "java.lang.Integer", "java.util.Properties"});
                if (result != null && result.getList() != null && result.getList().size() > 0) {
                    z = true;
                }
            } else if (new UserRegistryValidator(session.toString()).getUsers(str, 100).getList().isEmpty()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "user " + str + " not found in WIM UR");
                }
                z = false;
            } else {
                z = true;
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isGoodServerId");
            }
            return z;
        } catch (Exception e) {
            Exception exc = (Exception) e.getCause();
            if (exc != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception while trying to see if the primary admin id, " + str + ", exists in the " + str2 + " user registry: " + exc.getMessage());
                }
                throw exc;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while trying to see if the primary admin id, " + str + ", exists in the " + str2 + " user registry: " + e.getMessage());
            }
            throw e;
        }
    }

    public static void addInfoToConfig(Session session, ConfigService configService, ObjectName objectName, ObjectName objectName2, String str, AttributeList attributeList, String str2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addInfoToConfig", str);
        }
        ObjectName objectName3 = objectName2;
        if (objectName3 != null) {
            configService.setAttributes(session, objectName2, attributeList);
        } else {
            objectName3 = configService.createConfigData(session, objectName, "userRegistries", str, attributeList);
        }
        if (str2 != null && str2.length() > 0) {
            addCustomProperties(session, configService, objectName3, str2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addInfoToConfig");
        }
    }

    public static void addCustomProperties(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        if (!isCustomPropStringGood(str)) {
            throw new CommandValidationException(getMsg(resBundle, "security.admintask.badCustomProp.SECJ7773E", new Object[]{str}));
        }
        addCustomValues(session, configService, objectName, str, "properties");
    }

    public static void addCustomEntries(Session session, ConfigService configService, ObjectName objectName, String str, String str2) throws Exception {
        if (!isCustomPropStringGood(str)) {
            throw new CommandValidationException(getMsg(resBundle, "security.admintask.badCustomProp.SECJ7773E", new Object[]{str}));
        }
        addCustomValues(session, configService, objectName, str, str2);
    }

    public static void addCustomValues(Session session, ConfigService configService, ObjectName objectName, String str, String str2) throws Exception {
        if (str == null || str.length() <= 0) {
            return;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, "(\"\")+");
        while (stringTokenizer.hasMoreTokens()) {
            List list = null;
            AttributeList attributes = configService.getAttributes(session, objectName, new String[]{str2}, false);
            if (attributes != null) {
                list = (List) ((Attribute) attributes.get(0)).getValue();
            }
            AttributeList attributeList = new AttributeList();
            String nextToken = stringTokenizer.nextToken();
            if (nextToken == null || !nextToken.equals(",")) {
                int indexOf = nextToken.indexOf("=");
                if (indexOf > 0) {
                    String substring = nextToken.substring(0, indexOf);
                    String substring2 = nextToken.substring(indexOf + 1);
                    if (substring != null && substring.length() > 0) {
                        substring = substring.trim();
                    }
                    if (substring2 != null && substring2.length() > 0) {
                        substring2 = substring2.trim();
                    }
                    attributeList.clear();
                    attributeList.add(new Attribute("name", substring));
                    if (substring2 == null || !substring2.equals("''")) {
                        attributeList.add(new Attribute("value", substring2));
                    } else {
                        attributeList.add(new Attribute("value", ""));
                    }
                    if (list != null && !list.isEmpty()) {
                        boolean z = false;
                        int i = 0;
                        while (true) {
                            if (i >= list.size()) {
                                break;
                            }
                            ObjectName objectName2 = (ObjectName) list.get(i);
                            if (((String) configService.getAttribute(session, objectName2, "name")).equals(substring)) {
                                configService.deleteConfigData(session, objectName2);
                                if (substring2 != null && substring2.length() > 0) {
                                    configService.createConfigData(session, objectName, str2, (String) null, attributeList);
                                }
                                z = true;
                            } else {
                                i++;
                            }
                        }
                        if (!z && substring2 != null && substring2.length() > 0) {
                            configService.createConfigData(session, objectName, str2, (String) null, attributeList);
                        }
                    } else if (substring2 != null && substring2.length() > 0) {
                        configService.createConfigData(session, objectName, str2, (String) null, attributeList);
                    }
                }
            }
        }
    }

    public static String getDefaultRealm(Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getDefaultRealm");
        }
        try {
            Iterator it = AdminServiceFactory.getAdminService().queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + AdminServiceFactory.getAdminService().getProcessName() + ",*"), (QueryExp) null).iterator();
            if (!it.hasNext()) {
                return null;
            }
            String str = (String) AdminServiceFactory.getAdminService().invoke((ObjectName) it.next(), "getRealm", new Object[]{properties}, new String[]{"java.util.Properties"});
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getDefaultRealm");
            }
            return str;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecConfigTaskHelper", "%");
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "exception caught while getting the realm", e.getMessage());
            return null;
        }
    }

    public static ObjectName getAuthMechanismObj(Session session, ConfigService configService, ObjectName objectName, String str) {
        ObjectName objectName2;
        ObjectName objectName3 = null;
        try {
            ArrayList arrayList = (ArrayList) configService.getAttribute(session, objectName, "authMechanisms");
            if (arrayList != null) {
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList = (AttributeList) arrayList.get(i);
                    if (ConfigServiceHelper.getAttributeValue(attributeList, "_Websphere_Config_Data_Type").toString().equals(str) && (objectName2 = configService.queryConfigObjects(session, (ObjectName) null, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0]) != null) {
                        objectName3 = objectName2;
                    }
                }
            }
        } catch (Exception e) {
        }
        return objectName3;
    }

    public static boolean isRegistryGood(Session session, ConfigService configService, ObjectName objectName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isRegistryGood");
        }
        boolean z = true;
        Properties properties = new Properties();
        PlatformHelper platformHelper = PlatformHelperFactory.getPlatformHelper();
        try {
            Boolean valueOf = Boolean.valueOf(((Boolean) configService.getAttribute(session, objectName, UserRegistryConfig.USE_REGISTRY_SERVER_ID, false)).booleanValue());
            String str = (String) configService.getAttribute(session, objectName, UserRegistryConfig.SERVER_ID, false);
            String str2 = (String) configService.getAttribute(session, objectName, UserRegistryConfig.SERVER_PASSWORD, false);
            String str3 = (String) configService.getAttribute(session, objectName, UserRegistryConfig.PRIMARY_ADMIN_ID, false);
            AttributeList attributes = configService.getAttributes(session, objectName, (String[]) null, true);
            String str4 = (String) ConfigServiceHelper.getAttributeValue(attributes, "_Websphere_Config_Data_Type");
            Properties customPropertiesFromConfig = getCustomPropertiesFromConfig(session, configService, objectName, properties);
            if (str4.equalsIgnoreCase("LocalOSUserRegistry")) {
                customPropertiesFromConfig.setProperty("activeRegistry", "LOCALOS");
            } else if (str4.equalsIgnoreCase("CustomUserRegistry")) {
                String str5 = (String) configService.getAttribute(session, objectName, UserRegistryConfig.CUSTOM_REGISTRY_CLASS_NAME, false);
                Boolean bool = (Boolean) configService.getAttribute(session, objectName, UserRegistryConfig.IGNORE_CASE, false);
                customPropertiesFromConfig.setProperty("activeRegistry", "CUSTOM");
                customPropertiesFromConfig.setProperty("CustUserRegImplClass", str5);
                customPropertiesFromConfig.setProperty(CommonConstants.IGNORE_CASE, bool.toString());
            } else if (str4.equalsIgnoreCase(UserRegistryConfig.TYPE_WIM)) {
                customPropertiesFromConfig.setProperty("activeRegistry", "WIM");
                customPropertiesFromConfig.setProperty("CustUserRegImplClass", "com.ibm.ws.wim.registry.WIMUserRegistry");
            } else {
                if (!str4.equalsIgnoreCase("LDAPUserRegistry")) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.InvalidUserRegType", null));
                }
                customPropertiesFromConfig = getLDAPProps(customPropertiesFromConfig, attributes);
                customPropertiesFromConfig.setProperty("activeRegistry", "LDAP");
            }
            if (valueOf.booleanValue()) {
                if (str == null || str.length() <= 0) {
                    z = platformHelper.isZOS() && str4.equalsIgnoreCase("LocalOSUserRegistry");
                } else if (str2 == null || str.length() <= 0) {
                    if (!isGoodServerId(session, str, str4, customPropertiesFromConfig)) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.badAdminID.SECJ7716E", null));
                    }
                } else if (!authenticateUser(session, str, str2, str4, customPropertiesFromConfig, null)) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.badUserOrPassword.SECJ7715E", null));
                }
            }
            if (str3 == null || str3.length() <= 0) {
                Boolean bool2 = Boolean.FALSE;
                if (platformHelper.isZOS()) {
                    String str6 = (String) getCustomProperty(session, configService, "com.ibm.security.SAF.delegation");
                    if (str6 != null) {
                        bool2 = Boolean.valueOf(str6);
                    }
                    if (!bool2.booleanValue()) {
                        z = false;
                    }
                }
            } else if (!isGoodServerId(session, str3, str4, customPropertiesFromConfig)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.badAdminID.SECJ7716E", null));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isRegistryGood", new Object[]{Boolean.valueOf(z)});
            }
            return z;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecConfigTaskHelper", "%");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught while checking for a good registry", e);
            }
            throw e;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x0078, code lost:
    
        r11 = r9.getAttribute(r8, r0, "value");
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.Object getCustomProperty(com.ibm.websphere.management.Session r8, com.ibm.websphere.management.configservice.ConfigService r9, java.lang.String r10) {
        /*
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.admintask.securityDomain.SecConfigTaskHelper.tc
            boolean r0 = r0.isEntryEnabled()
            if (r0 == 0) goto L11
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.admintask.securityDomain.SecConfigTaskHelper.tc
            java.lang.String r1 = "getCustomProperty"
            com.ibm.ejs.ras.Tr.entry(r0, r1)
        L11:
            r0 = 0
            r11 = r0
            r0 = r8
            r1 = r9
            javax.management.ObjectName r0 = getSecurityObjectName(r0, r1)     // Catch: java.lang.Exception -> L8d
            r12 = r0
            r0 = r9
            r1 = r8
            r2 = r12
            r3 = 1
            java.lang.String[] r3 = new java.lang.String[r3]     // Catch: java.lang.Exception -> L8d
            r4 = r3
            r5 = 0
            java.lang.String r6 = "properties"
            r4[r5] = r6     // Catch: java.lang.Exception -> L8d
            r4 = 0
            javax.management.AttributeList r0 = r0.getAttributes(r1, r2, r3, r4)     // Catch: java.lang.Exception -> L8d
            r13 = r0
            r0 = r13
            r1 = 0
            java.lang.Object r0 = r0.get(r1)     // Catch: java.lang.Exception -> L8d
            javax.management.Attribute r0 = (javax.management.Attribute) r0     // Catch: java.lang.Exception -> L8d
            java.lang.Object r0 = r0.getValue()     // Catch: java.lang.Exception -> L8d
            java.util.List r0 = (java.util.List) r0     // Catch: java.lang.Exception -> L8d
            r14 = r0
            r0 = r14
            java.util.Iterator r0 = r0.iterator()     // Catch: java.lang.Exception -> L8d
            r15 = r0
        L49:
            r0 = r15
            boolean r0 = r0.hasNext()     // Catch: java.lang.Exception -> L8d
            if (r0 == 0) goto L8a
            r0 = r15
            java.lang.Object r0 = r0.next()     // Catch: java.lang.Exception -> L8d
            javax.management.ObjectName r0 = (javax.management.ObjectName) r0     // Catch: java.lang.Exception -> L8d
            r16 = r0
            r0 = r9
            r1 = r8
            r2 = r16
            java.lang.String r3 = "name"
            java.lang.Object r0 = r0.getAttribute(r1, r2, r3)     // Catch: java.lang.Exception -> L8d
            java.lang.String r0 = (java.lang.String) r0     // Catch: java.lang.Exception -> L8d
            r17 = r0
            r0 = r17
            r1 = r10
            boolean r0 = r0.equals(r1)     // Catch: java.lang.Exception -> L8d
            if (r0 == 0) goto L87
            r0 = r9
            r1 = r8
            r2 = r16
            java.lang.String r3 = "value"
            java.lang.Object r0 = r0.getAttribute(r1, r2, r3)     // Catch: java.lang.Exception -> L8d
            r11 = r0
            goto L8a
        L87:
            goto L49
        L8a:
            goto L8f
        L8d:
            r12 = move-exception
        L8f:
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.admintask.securityDomain.SecConfigTaskHelper.tc
            boolean r0 = r0.isEntryEnabled()
            if (r0 == 0) goto La0
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.admintask.securityDomain.SecConfigTaskHelper.tc
            java.lang.String r1 = "getCustomProperty"
            com.ibm.ejs.ras.Tr.exit(r0, r1)
        La0:
            r0 = r11
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.admintask.securityDomain.SecConfigTaskHelper.getCustomProperty(com.ibm.websphere.management.Session, com.ibm.websphere.management.configservice.ConfigService, java.lang.String):java.lang.Object");
    }

    public static boolean isRegistryGood(Session session, ConfigService configService, String str, AttributeList attributeList, Properties properties) throws Exception {
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isRegistryGood");
        }
        boolean z = true;
        PlatformHelper platformHelper = PlatformHelperFactory.getPlatformHelper();
        try {
            Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.USE_REGISTRY_SERVER_ID);
            String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.SERVER_ID);
            String str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.SERVER_PASSWORD);
            String str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.PRIMARY_ADMIN_ID);
            if (bool.booleanValue()) {
                if (str3 == null || str3.length() <= 0) {
                    z = platformHelper.isZOS() && str.equalsIgnoreCase("LocalOSUserRegistry");
                } else if (str4 == null || str4.length() <= 0) {
                    if (!isGoodServerId(session, str3, str, properties)) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.badAdminID.SECJ7716E", null));
                    }
                } else if (!authenticateUser(session, str3, str4, str, properties, null)) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.badUserOrPassword.SECJ7715E", null));
                }
            }
            if (str5 == null || str5.length() <= 0) {
                Boolean bool2 = Boolean.FALSE;
                if (platformHelper.isZOS() && (str2 = (String) getCustomProperty(session, configService, "com.ibm.security.SAF.delegation")) != null) {
                    bool2 = Boolean.valueOf(str2);
                }
                if (!bool2.booleanValue()) {
                    z = false;
                }
            } else if (!isGoodServerId(session, str5, str, properties)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.badAdminID.SECJ7716E", null));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isRegistryGood");
            }
            return z;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecConfigTaskHelper", "591");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught while checking for a good registry", e);
            }
            throw e;
        }
    }

    public static boolean isAppRegistryGood(Session session, ConfigService configService, ObjectName objectName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isAppRegistryGood", objectName);
        }
        boolean z = true;
        Properties properties = new Properties();
        try {
            AttributeList attributes = configService.getAttributes(session, objectName, (String[]) null, true);
            String str = (String) ConfigServiceHelper.getAttributeValue(attributes, "_Websphere_Config_Data_Type");
            String str2 = (String) configService.getAttribute(session, objectName, "realm", false);
            if ((str2 != null && str2.length() == 0) || str2 == null) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.noRealm.SECJ7725E", null));
            }
            Properties customPropertiesFromConfig = getCustomPropertiesFromConfig(session, configService, objectName, properties);
            if (str.equalsIgnoreCase("LocalOSUserRegistry")) {
                customPropertiesFromConfig.setProperty("activeRegistry", "LOCALOS");
            } else if (str.equalsIgnoreCase("CustomUserRegistry")) {
                String str3 = (String) configService.getAttribute(session, objectName, UserRegistryConfig.CUSTOM_REGISTRY_CLASS_NAME, false);
                Boolean bool = (Boolean) configService.getAttribute(session, objectName, UserRegistryConfig.IGNORE_CASE, false);
                customPropertiesFromConfig.setProperty("activeRegistry", "CUSTOM");
                customPropertiesFromConfig.setProperty("CustUserRegImplClass", str3);
                customPropertiesFromConfig.setProperty(CommonConstants.IGNORE_CASE, bool.toString());
            } else if (str.equalsIgnoreCase(UserRegistryConfig.TYPE_WIM)) {
                customPropertiesFromConfig.setProperty("activeRegistry", "WIM");
                customPropertiesFromConfig.setProperty("CustUserRegImplClass", "com.ibm.ws.wim.registry.WIMUserRegistry");
            } else {
                if (!str.equalsIgnoreCase("LDAPUserRegistry")) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.InvalidUserRegType", null));
                }
                customPropertiesFromConfig = getLDAPProps(customPropertiesFromConfig, attributes);
                customPropertiesFromConfig.setProperty("activeRegistry", "LDAP");
            }
            Boolean bool2 = (Boolean) configService.getAttribute(session, objectName, "useRegistryRealm");
            String str4 = (String) configService.getAttribute(session, objectName, "realm");
            if (bool2 != null && str4 != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Setting WAS_UseRegistryRealm = " + bool2.toString() + " and WAS_Realm = " + str4);
                }
                customPropertiesFromConfig.setProperty("WAS_UseRegistryRealm", bool2.toString());
                customPropertiesFromConfig.setProperty("WAS_Realm", str4);
            }
            if (!isGoodServerId(session, "*", str, customPropertiesFromConfig)) {
                PlatformHelper platformHelper = PlatformHelperFactory.getPlatformHelper();
                Boolean bool3 = Boolean.FALSE;
                if (platformHelper.isZOS()) {
                    String str5 = (String) getCustomProperty(session, configService, "com.ibm.security.SAF.delegation");
                    if (str5 != null) {
                        bool3 = Boolean.valueOf(str5);
                    }
                    if (!bool3.booleanValue()) {
                        z = false;
                    }
                } else {
                    z = false;
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isAppRegistryGood");
            }
            return z;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecConfigTaskHelper", "661");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught while checking for a good registry", e);
            }
            throw e;
        }
    }

    public static Properties getCustomPropertiesFromConfig(Session session, ConfigService configService, ObjectName objectName, Properties properties) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCustomPropertiesFromConfig");
        }
        try {
            AttributeList attributes = configService.getAttributes(session, objectName, new String[]{"properties"}, false);
            if (attributes != null) {
                List list = (List) ((Attribute) attributes.get(0)).getValue();
                for (int i = 0; i < list.size(); i++) {
                    ObjectName objectName2 = (ObjectName) list.get(i);
                    properties.setProperty((String) configService.getAttribute(session, objectName2, "name"), (String) configService.getAttribute(session, objectName2, "value"));
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getCustomPropertiesFromConfig");
            }
            return properties;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecConfigTaskHelper", "692");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught validating the ssl config name", e);
            }
            throw e;
        }
    }

    public static Properties mergeCustomProperties(String str, Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "mergeCustomProperties");
        }
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, "(\"\")+");
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (nextToken == null || !nextToken.equals(",")) {
                    int indexOf = nextToken.indexOf("=");
                    if (indexOf > 0) {
                        String substring = nextToken.substring(0, indexOf);
                        String substring2 = nextToken.substring(indexOf + 1);
                        if (substring != null && substring.length() > 0) {
                            substring = substring.trim();
                        }
                        if (substring2 != null && substring2.length() > 0) {
                            substring2 = substring2.trim();
                        }
                        if (!properties.isEmpty()) {
                            if (properties.containsKey(substring)) {
                                properties.remove(substring);
                            }
                            if (substring2.length() > 0) {
                                properties.put(substring, substring2);
                            }
                        } else if (substring2.length() > 0) {
                            properties.put(substring, substring2);
                        }
                    }
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "props returned " + SetLdapConfig.clearPasswordProps(properties));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "mergeCustomProperties");
        }
        return properties;
    }

    public static boolean validSSLConfig(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validSSLConfig", str);
        }
        try {
            Iterator it = ((List) configService.getAttribute(session, objectName, CommandConstants.REPERTOIRE)).iterator();
            while (it.hasNext()) {
                if (((String) ConfigServiceHelper.getAttributeValue((AttributeList) it.next(), "alias")).equals(str)) {
                    if (!tc.isEntryEnabled()) {
                        return true;
                    }
                    Tr.exit(tc, "validSSLConfig:true");
                    return true;
                }
            }
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "validSSLConfig: false");
            return false;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecConfigTaskHelper", "758");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught validating the ssl config name", e);
            }
            throw e;
        }
    }

    public static Object getPropertyValue(Session session, ConfigService configService, ObjectName objectName, String str, String str2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getPropertyValue", str2);
        }
        try {
            AttributeList attributes = configService.getAttributes(session, objectName, new String[]{str}, false);
            if (attributes != null) {
                List list = (List) ((Attribute) attributes.get(0)).getValue();
                for (int i = 0; i < list.size(); i++) {
                    ObjectName objectName2 = (ObjectName) list.get(i);
                    if (((String) configService.getAttribute(session, objectName2, "name")).equals(str2)) {
                        Object attribute = configService.getAttribute(session, objectName2, "value");
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "getPropertyValue", attribute);
                        }
                        return attribute;
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getPropertyValue", null);
            }
            return null;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecurityConfigProvider", "790");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught validating the ssl config name", e);
            }
            throw e;
        }
    }

    private static Properties getLDAPProps(Properties properties, AttributeList attributeList) throws Exception {
        String str;
        AttributeList attributeList2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getLDAPProps");
        }
        try {
            String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.BASE_DN);
            if (str2 != null) {
                properties.setProperty("ldap.basedn", str2);
            }
            String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.BIND_DN);
            if (str3 != null) {
                properties.setProperty("java.naming.security.principal", str3);
            }
            String str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.BIND_PASSWORD);
            if (str4 != null) {
                properties.setProperty("java.naming.security.credentials", str4);
            }
            Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.REUSE_CONNECTION);
            if (bool != null) {
                properties.setProperty(CommonConstants.LDAP_REUSE_CONN, bool.toString());
            }
            Long l = (Long) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.SEARCH_TIMEOUT);
            if (l != null) {
                properties.setProperty(CommonConstants.LDAP_SEARCH_TIME_LIMIT, l.toString());
            }
            String str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "type");
            if (str5 != null) {
                properties.setProperty("dirType", str5);
            }
            Boolean bool2 = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, "sslEnabled");
            if (bool2 != null) {
                properties.put("sslEnabled", bool2);
            }
            String str6 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "realm");
            if (str6 != null) {
                properties.setProperty("LDAP.server.realm", str6);
            }
            ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "hosts");
            if (arrayList.size() > 0 && (attributeList2 = (AttributeList) arrayList.get(0)) != null) {
                String str7 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "host");
                Integer num = (Integer) ConfigServiceHelper.getAttributeValue(attributeList2, "port");
                if (str7 != null && num != null) {
                    StringBuffer stringBuffer = new StringBuffer();
                    if (str7.indexOf(":") != -1) {
                        stringBuffer.append("ldap://").append(WorkSpaceConstant.FIELD_SEPERATOR + str7 + "]");
                    } else {
                        stringBuffer.append("ldap://").append(str7);
                    }
                    if (num != null && num.intValue() > 0) {
                        stringBuffer.append(":" + num.intValue());
                    }
                    properties.setProperty("java.naming.provider.url", stringBuffer.toString());
                }
            }
            properties.setProperty("CustUserRegImplClass", CommonConstants.LDAP_REG_IMPL_CLASS);
            AttributeList attributeList3 = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList, "searchFilter");
            if (attributeList3 != null) {
                String str8 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.USER_FILTER);
                if (str8 != null) {
                    properties.setProperty("user.filter", str8);
                }
                String str9 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.GROUP_FILTER);
                if (str9 != null) {
                    properties.setProperty("group.filter", str9);
                }
                String str10 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.USER_ID_MAP);
                if (str10 != null) {
                    properties.setProperty("user.idmap", str10);
                }
                String str11 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.GROUP_ID_MAP);
                if (str11 != null) {
                    properties.setProperty("group.idmap", str11);
                }
                String str12 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.GROUP_MEMBER_ID_MAP);
                if (str12 != null) {
                    properties.setProperty("groupmember.idmap", str12);
                }
                String str13 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.CERTIFICATE_MAP_MODE);
                String str14 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.CERTIFICATE_FILTER);
                if (str13 == null || !str13.equals("CERTIFICATE_FILTER")) {
                    str = "exactDNMode";
                } else {
                    str = "filterDescriptorMode";
                    if (str14 == null || str14.length() <= 0) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.noUserReg.SECJ7763E", null));
                    }
                    properties.setProperty("certificate.map.filter", str14);
                }
                properties.setProperty("certificate.map.mode", str);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getLDAPProps");
            }
            return properties;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTasks.securityDomain.SecConfigTaskHelper", "911");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught getting ldap attributes", e);
            }
            throw e;
        }
    }

    public static ObjectName getTrustedRealms(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTrustedRealms");
        }
        ObjectName objectName2 = null;
        try {
            AttributeList attributeList = (AttributeList) configService.getAttribute(session, objectName, str);
            if (attributeList != null) {
                ObjectName objectName3 = configService.queryConfigObjects(session, (ObjectName) null, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0];
                if (objectName3 != null) {
                    objectName2 = objectName3;
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getTrustedRealms");
            }
            return objectName2;
        } catch (InvalidAttributeNameException e) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getTrustedRealms");
            }
            return null;
        }
    }

    public static boolean isCustomPropStringGood(String str) throws Exception {
        String nextToken;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isCustomPropStringGood", str);
        }
        if (str != null) {
            try {
                if (str.length() > 0) {
                    if (!str.startsWith("\"") && !str.endsWith("\"")) {
                        if (!tc.isEntryEnabled()) {
                            return false;
                        }
                        Tr.exit(tc, "isCustomPropStringGood: false");
                        return false;
                    }
                    StringTokenizer stringTokenizer = new StringTokenizer(str, "(\"\")+");
                    while (stringTokenizer.hasMoreTokens()) {
                        if (stringTokenizer.nextToken().indexOf("=") < 0) {
                            if (!tc.isEntryEnabled()) {
                                return false;
                            }
                            Tr.exit(tc, "isCustomPropStringGood: false");
                            return false;
                        }
                        if (stringTokenizer.hasMoreTokens() && ((nextToken = stringTokenizer.nextToken()) == null || !nextToken.trim().equals(",") || !stringTokenizer.hasMoreTokens())) {
                            if (!tc.isEntryEnabled()) {
                                return false;
                            }
                            Tr.exit(tc, "isCustomPropStringGood: false");
                            return false;
                        }
                    }
                }
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception while tokenizing custom property string " + e.getMessage());
                }
                throw e;
            }
        }
        if (!tc.isEntryEnabled()) {
            return true;
        }
        Tr.exit(tc, "isCustomPropStringGood: true");
        return true;
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x0098 A[Catch: Exception -> 0x0106, TryCatch #0 {Exception -> 0x0106, blocks: (B:20:0x0032, B:22:0x003c, B:8:0x005a, B:10:0x0098, B:11:0x00b5, B:13:0x00b6, B:7:0x0050), top: B:19:0x0032 }] */
    /* JADX WARN: Removed duplicated region for block: B:13:0x00b6 A[Catch: Exception -> 0x0106, TRY_LEAVE, TryCatch #0 {Exception -> 0x0106, blocks: (B:20:0x0032, B:22:0x003c, B:8:0x005a, B:10:0x0098, B:11:0x00b5, B:13:0x00b6, B:7:0x0050), top: B:19:0x0032 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean checkRunAsUser(com.ibm.websphere.management.Session r9, java.util.List r10, java.util.List r11, java.lang.String r12, java.util.Properties r13, java.lang.String r14) {
        /*
            Method dump skipped, instructions count: 360
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.admintask.securityDomain.SecConfigTaskHelper.checkRunAsUser(com.ibm.websphere.management.Session, java.util.List, java.util.List, java.lang.String, java.util.Properties, java.lang.String):boolean");
    }

    public static String updateRealmList(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "updateRealmList");
        }
        String str2 = null;
        ArrayList arrayList = new ArrayList();
        String str3 = objectName != null ? (String) configService.getAttribute(session, objectName, "realmList") : null;
        if (str3 != null && str3.length() > 0) {
            for (String str4 : str3.split("\\|")) {
                arrayList.add(str4);
            }
            for (String str5 : str.split("\\|")) {
                if (arrayList.contains(str5)) {
                    arrayList.remove(str5);
                }
            }
            if (arrayList.size() > 0) {
                for (int i = 0; i < arrayList.size(); i++) {
                    str2 = str2 != null ? str2 + "|" + arrayList.get(i) : (String) arrayList.get(i);
                }
            } else {
                str2 = null;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "updateRealmList");
        }
        return str2;
    }
}
