package com.ibm.ws.security.auth.kerberos.admintask;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.webservices.wssecurity.KRBConstants;
import java.util.ArrayList;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;
import javax.management.QueryExp;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/auth/kerberos/admintask/SetActiveAuthMechanism.class */
public class SetActiveAuthMechanism extends AbstractTaskCommand {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register((Class<?>) SetActiveAuthMechanism.class, "SetActiveAuthMechanism", "com.ibm.ws.security.auth.kerberos.admintask");
    static final String krb5Auth = "KRB5";
    static final String ltpaAuth = "LTPA";
    String authMechanismType;

    public SetActiveAuthMechanism(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.authMechanismType = null;
    }

    public SetActiveAuthMechanism(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.authMechanismType = null;
    }

    public boolean validAuthMechanism(String str) throws CommandValidationException {
        return str.equalsIgnoreCase("KRB5") || str.equalsIgnoreCase("LTPA");
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.VALIDATE);
        }
        super.validate();
        this.authMechanismType = (String) getParameter("authMechanismType");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "authMechanismType:  " + this.authMechanismType);
        }
        if (!validAuthMechanism(this.authMechanismType)) {
            throw new CommandValidationException(getMsg(resBundle, "security.admintask.invalidAuthMechType", null));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, AuditConstants.VALIDATE);
        }
    }

    protected void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResult = getTaskCommandResult();
        if (!taskCommandResult.isSuccessful()) {
            if (tc.isDebugEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        try {
            ObjectName createObjectName = ConfigServiceHelper.createObjectName((ConfigDataId) null, KRBConstants.ELM_SECURITY);
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = getConfigSession();
            ObjectName objectName = configService.resolve(configSession, "Cell=")[0];
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "cell = " + objectName.toString());
            }
            ObjectName objectName2 = objectName != null ? configService.queryConfigObjects(configSession, objectName, createObjectName, (QueryExp) null)[0] : null;
            AttributeList attributeList = new AttributeList();
            ArrayList arrayList = (ArrayList) configService.getAttribute(configSession, objectName2, "authMechanisms");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "authMechs:  " + arrayList);
            }
            for (int i = 0; i < arrayList.size(); i++) {
                AttributeList attributeList2 = (AttributeList) arrayList.get(i);
                if (ConfigServiceHelper.getAttributeValue(attributeList2, "_Websphere_Config_Data_Type").toString().equalsIgnoreCase(this.authMechanismType)) {
                    attributeList.add(new Attribute("activeAuthMechanism", configService.queryConfigObjects(configSession, (ObjectName) null, ConfigServiceHelper.createObjectName(attributeList2), (QueryExp) null)[0]));
                }
            }
            configService.setAttributes(configSession, objectName2, attributeList);
            taskCommandResult.setResult(new Boolean(true));
        } catch (Exception e) {
            taskCommandResult.setException(new CommandException(e, e.getMessage()));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "afterStepsExecuted");
        }
    }
}
