package com.ibm.ws.security.delegation;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.csi.CSIException;
import com.ibm.websphere.csi.EJBKey;
import com.ibm.websphere.csi.EJBMethodInfo;
import com.ibm.websphere.security.ProviderFailureException;
import com.ibm.ws.security.audit.AuditServiceImpl;
import com.ibm.ws.security.audit.utils.DataHelper;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.ejb.SecurityBeanCookie;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.web.WebAccessContext;
import com.ibm.wsspi.security.audit.AuditOutcome;
import com.ibm.wsspi.security.audit.AuditService;
import com.ibm.wsspi.security.audit.ContextHandler;
import java.security.Principal;
import java.util.Date;
import java.util.HashMap;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.Subject;

/* compiled from: DelegationImpl.java */
/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/security/delegation/SimpleDelegation.class */
class SimpleDelegation implements Delegation {
    private String activeUserRegistry = null;
    private static AuditService auditService = null;
    private static ConcurrentHashMap auditOutcome = new ConcurrentHashMap();
    private static final TraceComponent tc = Tr.register((Class<?>) SimpleDelegation.class, (String) null, AdminConstants.MSG_BUNDLE_NAME);

    @Override // com.ibm.ws.security.delegation.Delegation
    public Subject delegate(EJBKey eJBKey, EJBMethodInfo eJBMethodInfo, Subject subject, Subject subject2, SecurityBeanCookie securityBeanCookie, String str) throws CSIException {
        ContextHandler contextHandler = null;
        if (auditService == null) {
            auditService = ContextManagerFactory.getInstance().getAuditService();
        }
        this.activeUserRegistry = SecurityObjectLocator.getSecurityConfig().getActiveUserRegistry().getType();
        if (auditService != null) {
            contextHandler = ((AuditServiceImpl) auditService).getContextHandler();
            if (contextHandler == null) {
                Tr.error(tc, "security.audit.service.context.error");
                auditService.processAuditFailure("security.audit.service.context.error", null);
            }
        }
        if (auditService != null && auditService.isEventRequired("SECURITY_AUTHN_DELEGATION", "SUCCESS")) {
            if (contextHandler != null) {
                String str2 = null;
                if (subject2 != null) {
                    str2 = ((Principal) subject2.getPrincipals().toArray()[0]).getName();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "receivedSubject not null, rSubj: " + str2);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "receivedSubject null, rSubj null");
                }
                contextHandler.buildContextObject("SESSION_CONTEXT", DataHelper.buildSessionData(null, null, null, null));
                contextHandler.buildContextObject("ACCESS_CONTEXT", DataHelper.buildAccessData(eJBMethodInfo != null ? eJBMethodInfo.getMethodName() : null, AuditConstants.DELEGATION, str2, str2, null, securityBeanCookie.getAppName().concat(":").concat(securityBeanCookie.getBeanName()).concat(":").concat(str), "ejb", new Long(0L), null, null, null, null));
                contextHandler.buildContextObject("EVENT_CONTEXT", DataHelper.buildEventData(auditService.getLastTrailId(), auditService.getEventTrailIds(), new Date(), new Long(0L).longValue()));
                contextHandler.buildContextObject("PROPAGATION_CONTEXT", DataHelper.buildPropagationData(auditService.getFirstCaller(), auditService.getCallerList()));
                contextHandler.buildContextObject("PROCESS_CONTEXT", DataHelper.buildProcessData(auditService.getDomain(), ContextManagerFactory.getInstance().getDefaultRealm()));
                contextHandler.buildContextObject("REGISTRY_CONTEXT", DataHelper.buildRegistryData(DataHelper.convertRegistryInfoType(this.activeUserRegistry)));
                HashMap buildDelegationData = DataHelper.buildDelegationData(AuditConstants.RUN_AS_DELEGATION, AuditConstants.CLIENT_ID, str2);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "data: " + buildDelegationData.toString());
                }
                contextHandler.buildContextObject("APPLICATION_DELEGATION", buildDelegationData);
                auditOutcome = DataHelper.buildOutcomeData(AuditOutcome.SUCCESSFUL, new Integer(0), new Integer(0), "SUCCESS", 86L);
            }
            try {
                auditService.sendEvent("SECURITY_AUTHN_DELEGATION", auditOutcome);
            } catch (ProviderFailureException e) {
                Tr.error(tc, "security.audit.service.sendevent.error", new Object[]{e});
                auditService.processAuditFailure("security.audit.service.sendevent.error", e);
            }
        }
        return subject2;
    }

    @Override // com.ibm.ws.security.delegation.Delegation
    public Subject delegate(Subject subject, String str, WebAccessContext webAccessContext, String str2) throws CSIException {
        ContextHandler contextHandler = null;
        if (auditService == null) {
            auditService = ContextManagerFactory.getInstance().getAuditService();
        }
        this.activeUserRegistry = SecurityObjectLocator.getSecurityConfig().getActiveUserRegistry().getType();
        if (auditService != null) {
            contextHandler = ((AuditServiceImpl) auditService).getContextHandler();
            if (contextHandler == null) {
                Tr.error(tc, "security.audit.service.context.error");
                auditService.processAuditFailure("security.audit.service.context.error", null);
            }
        }
        if (auditService != null && auditService.isEventRequired("SECURITY_AUTHN_DELEGATION", "SUCCESS")) {
            if (contextHandler != null) {
                String str3 = null;
                if (subject != null) {
                    str3 = ((Principal) subject.getPrincipals().toArray()[0]).getName();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "receivedSubject not null, rSubj: " + str3);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "receivedSubject null, rSubj null");
                }
                contextHandler.buildContextObject("SESSION_CONTEXT", DataHelper.buildSessionData(null, null, null, null));
                contextHandler.buildContextObject("ACCESS_CONTEXT", DataHelper.buildAccessData(webAccessContext != null ? webAccessContext.getWebAppName() : null, AuditConstants.DELEGATION, str3, str3, null, null, "web", new Long(0L), null, null, null, null));
                contextHandler.buildContextObject("EVENT_CONTEXT", DataHelper.buildEventData(auditService.getLastTrailId(), auditService.getEventTrailIds(), new Date(), new Long(0L).longValue()));
                contextHandler.buildContextObject("PROPAGATION_CONTEXT", DataHelper.buildPropagationData(auditService.getFirstCaller(), auditService.getCallerList()));
                contextHandler.buildContextObject("PROCESS_CONTEXT", DataHelper.buildProcessData(auditService.getDomain(), ContextManagerFactory.getInstance().getDefaultRealm()));
                contextHandler.buildContextObject("REGISTRY_CONTEXT", DataHelper.buildRegistryData(DataHelper.convertRegistryInfoType(this.activeUserRegistry)));
                HashMap buildDelegationData = DataHelper.buildDelegationData(AuditConstants.RUN_AS_DELEGATION, AuditConstants.CLIENT_ID, str3);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "data: " + buildDelegationData.toString());
                }
                contextHandler.buildContextObject("APPLICATION_DELEGATION", buildDelegationData);
                auditOutcome = DataHelper.buildOutcomeData(AuditOutcome.SUCCESSFUL, new Integer(0), new Integer(0), "SUCCESS", 86L);
            }
            try {
                auditService.sendEvent("SECURITY_AUTHN_DELEGATION", auditOutcome);
            } catch (ProviderFailureException e) {
                Tr.error(tc, "security.audit.service.sendevent.error", new Object[]{e});
                auditService.processAuditFailure("security.audit.service.sendevent.error", e);
            }
        }
        return subject;
    }
}
