package com.ibm.ws.security.role;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.product.xml.BaseFactory;
import com.ibm.websphere.sib.mediation.handler.SIMediationHandlerConstants;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.ssl.core.Constants;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.parsers.SAXParserFactory;
import org.xml.sax.Attributes;
import org.xml.sax.InputSource;
import org.xml.sax.Locator;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
import org.xml.sax.XMLReader;
import org.xml.sax.helpers.DefaultHandler;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/security/role/RolePermissionDescriptorLoader.class */
class RolePermissionDescriptorLoader extends DefaultHandler implements StandardDescriptorFieldName {
    private static TraceComponent tc = Tr.register((Class<?>) RolePermissionDescriptorLoader.class, (String) null, AdminConstants.MSG_BUNDLE_NAME);
    private Queue currentElement = new Queue();
    private Locator locator = null;
    private Map roleMap = new HashMap(6);
    private HashSet roleSet = new HashSet(6);
    private Map resourceMap = new HashMap(10);
    private RoleBasedModule rbMod = null;
    private String moduleName = null;
    private boolean processingCharacters = false;
    private ArrayList method_permissions = new ArrayList(10);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/security/role/RolePermissionDescriptorLoader$method.class */
    public class method {
        private String resource_name;
        private String method_name;
        private ArrayList params = new ArrayList();

        method() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/security/role/RolePermissionDescriptorLoader$method_permission.class */
    public class method_permission {
        private HashSet roles = new HashSet(4);
        private ArrayList methods = new ArrayList(15);

        method_permission() {
        }
    }

    public RoleBasedModule loadDescriptor(String str, String str2, Object obj) throws DescriptorParseException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadDescriptor", str);
        }
        if (str2 != null) {
            this.moduleName = str2;
        } else {
            this.moduleName = str;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "loadDescriptor: process module: ", this.moduleName);
        }
        try {
            try {
                XMLReader xMLReader = getXMLReader();
                xMLReader.setFeature(BaseFactory.NAMESPACES_FEATURE_NAME, true);
                xMLReader.setFeature(BaseFactory.VALIDATE_FEATURE_NAME, true);
                xMLReader.setEntityResolver(this);
                xMLReader.setContentHandler(this);
                xMLReader.setErrorHandler(this);
                InputStream resourceAsStream = getClass().getResourceAsStream(str);
                if (resourceAsStream == null) {
                    resourceAsStream = obj.getClass().getClassLoader().getResourceAsStream(str);
                }
                if (resourceAsStream == null) {
                    throw new DescriptorParseException(str + " not found");
                }
                InputSource inputSource = new InputSource(resourceAsStream);
                inputSource.setSystemId(str);
                xMLReader.parse(inputSource);
                RoleBasedModule roleBasedModule = this.rbMod;
                this.locator = null;
                this.currentElement = null;
                this.roleMap = null;
                this.roleSet = null;
                return roleBasedModule;
            } catch (DescriptorParseException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.loadDescriptor", "125", this);
                throw e;
            } catch (SAXException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.loadDescriptor", Constants.SUITEB_128, this);
                if (tc.isEventEnabled()) {
                    Tr.event(tc, "Unable to parse xml descriptor file");
                }
                throw new DescriptorParseException(e2.toString());
            } catch (Exception e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.loadDescriptor", "133", this);
                throw new DescriptorParseException(e3.toString() + ("unable to parse " + str));
            }
        } catch (Throwable th) {
            this.locator = null;
            this.currentElement = null;
            this.roleMap = null;
            this.roleSet = null;
            throw th;
        }
    }

    public RoleBasedModule loadDescriptor(InputSource inputSource, String str, Object obj) throws DescriptorParseException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadDescriptor");
        }
        this.moduleName = str;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "loadDescriptor: process module: ", this.moduleName);
        }
        try {
            try {
                try {
                    XMLReader xMLReader = getXMLReader();
                    xMLReader.setFeature(BaseFactory.NAMESPACES_FEATURE_NAME, true);
                    xMLReader.setFeature(BaseFactory.VALIDATE_FEATURE_NAME, true);
                    xMLReader.setEntityResolver(this);
                    xMLReader.setContentHandler(this);
                    xMLReader.setErrorHandler(this);
                    inputSource.setSystemId(this.moduleName);
                    xMLReader.parse(inputSource);
                    RoleBasedModule roleBasedModule = this.rbMod;
                    this.locator = null;
                    this.currentElement = null;
                    this.roleMap = null;
                    this.roleSet = null;
                    return roleBasedModule;
                } catch (SAXException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.loadDescriptor", Constants.SUITEB_128, this);
                    if (tc.isEventEnabled()) {
                        Tr.event(tc, "Unable to parse xml descriptor file");
                    }
                    throw new DescriptorParseException(e.toString());
                }
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.loadDescriptor", "133", this);
                throw new DescriptorParseException(e2.toString() + ("unable to parse " + this.moduleName));
            }
        } catch (Throwable th) {
            this.locator = null;
            this.currentElement = null;
            this.roleMap = null;
            this.roleSet = null;
            throw th;
        }
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void setDocumentLocator(Locator locator) {
        this.locator = locator;
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.EntityResolver
    public InputSource resolveEntity(String str, String str2) throws SAXException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "resolveEntity", str2);
        }
        InputSource inputSource = null;
        try {
            if (str2.endsWith("RolePermissionDescriptor.dtd")) {
                inputSource = new InputSource(getClass().getResourceAsStream("xml/RolePermissionDescriptor.dtd"));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "resovleEntity", inputSource);
            }
            return inputSource;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.resolveEntity", SIMediationHandlerConstants.SI_MESSAGE_CONTEXT_IMPL_161, this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "unable to load dtd file", e);
            }
            throw new SAXException("unable to load dtd", e);
        }
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ErrorHandler
    public void error(SAXParseException sAXParseException) throws SAXException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "error", sAXParseException);
        }
        throw new SAXException(sAXParseException);
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void startDocument() throws SAXException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "startDocument");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "startDocument");
        }
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void endDocument() throws SAXException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "endDocument");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "endDocument");
        }
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void startElement(String str, String str2, String str3, Attributes attributes) throws SAXException {
        this.currentElement.enqueue(str2);
        this.processingCharacters = false;
        if (str2.equals(StandardDescriptorFieldName.ROLE_PERMISSION)) {
            parseRolePermission(attributes);
        }
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void endElement(String str, String str2, String str3) throws SAXException {
        try {
            if (str2.equals(StandardDescriptorFieldName.METHOD_PERMISSION)) {
                processMethodPermission();
            } else if (str2.equals(StandardDescriptorFieldName.SECURITY_ROLE)) {
                processSecurityRole();
            } else if (str2.equals("resource")) {
                processResource();
            } else if (str2.equals(StandardDescriptorFieldName.ROLE_PERMISSION)) {
                processRolePermission();
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.endElement", "219", this);
        }
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void characters(char[] cArr, int i, int i2) throws SAXException {
        if (i == 0 && !this.currentElement.empty()) {
            try {
                this.currentElement.enqueue(this.processingCharacters ? ((String) this.currentElement.undo()) + new String(cArr, i, i2) : new String(cArr, i, i2));
                return;
            } catch (Throwable th) {
                FFDCFilter.processException(th, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.characters", "235", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unexpected exception caught");
                }
            }
        }
        this.currentElement.enqueue(new String(cArr, i, i2));
        this.processingCharacters = true;
    }

    private void parseRolePermission(Attributes attributes) throws SAXException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "parseRolePermission", attributes);
        }
        this.currentElement.dequeue();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "parseRolePermission");
        }
    }

    private void processMethodPermission() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processMethodPermission");
        }
        method_permission method_permissionVar = new method_permission();
        method methodVar = null;
        while (!this.currentElement.empty()) {
            String obj = this.currentElement.dequeue().toString();
            if (obj.equals(StandardDescriptorFieldName.ROLE_NAME)) {
                method_permissionVar.roles.add(this.currentElement.dequeue().toString());
            } else if (obj.equals(StandardDescriptorFieldName.METHOD)) {
                if (methodVar != null) {
                    method_permissionVar.methods.add(methodVar);
                }
                methodVar = new method();
                while (!this.currentElement.empty()) {
                    String obj2 = this.currentElement.dequeue().toString();
                    if (obj2.equals(StandardDescriptorFieldName.RESOURCE_NAME)) {
                        methodVar.resource_name = this.currentElement.dequeue().toString();
                    } else if (obj2.equals(StandardDescriptorFieldName.METHOD_NAME)) {
                        methodVar.method_name = this.currentElement.dequeue().toString();
                    } else if (obj2.equals(StandardDescriptorFieldName.METHOD_PARAMS)) {
                        while (!this.currentElement.empty()) {
                            if (this.currentElement.dequeue().toString().equals(StandardDescriptorFieldName.METHOD_PARAM)) {
                                methodVar.params.add(this.currentElement.dequeue().toString());
                            }
                        }
                    } else if (obj2.equals("description")) {
                        this.currentElement.dequeue().toString();
                    } else if (obj2.equals(StandardDescriptorFieldName.METHOD)) {
                        if (methodVar != null) {
                            method_permissionVar.methods.add(methodVar);
                        }
                        methodVar = new method();
                    }
                }
            } else if (obj.equals("description")) {
                this.currentElement.dequeue().toString();
            }
        }
        if (methodVar != null) {
            method_permissionVar.methods.add(methodVar);
        }
        this.method_permissions.add(method_permissionVar);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processMethodPermission");
        }
    }

    private void processSecurityRole() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processSecurityRole");
        }
        String str = null;
        while (!this.currentElement.empty()) {
            String obj = this.currentElement.dequeue().toString();
            if (obj.equals(StandardDescriptorFieldName.SECURITY_ROLE)) {
                this.currentElement.dequeue().toString();
                this.currentElement.dequeue().toString();
                str = this.currentElement.dequeue().toString();
                this.roleSet.add(str);
            } else if (obj.equals(StandardDescriptorFieldName.IMPLY)) {
                while (!this.currentElement.empty()) {
                    this.currentElement.dequeue().toString();
                    String obj2 = this.currentElement.dequeue().toString();
                    if (this.roleMap.containsKey(obj2)) {
                        HashSet hashSet = (HashSet) this.roleMap.get(obj2);
                        hashSet.add(str);
                        this.roleMap.put(obj2, hashSet);
                    } else {
                        HashSet hashSet2 = new HashSet(6);
                        hashSet2.add(str);
                        this.roleMap.put(obj2, hashSet2);
                    }
                }
            }
        }
        for (String str2 : this.roleMap.keySet()) {
            Set set = (Set) this.roleMap.get(str2);
            Iterator it = set.iterator();
            while (it.hasNext()) {
                Object next = it.next();
                if (this.roleMap.containsKey(next)) {
                    for (Object obj3 : (Set) this.roleMap.get(next)) {
                        if (!set.contains(obj3)) {
                            set.add(obj3);
                            this.roleMap.put(str2, set);
                            it = set.iterator();
                        }
                    }
                }
            }
        }
        for (String str3 : this.roleMap.keySet()) {
            Set set2 = (Set) this.roleMap.get(str3);
            set2.add(str3);
            this.roleMap.put(str3, set2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processSecurityRole");
        }
    }

    private void processResource() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processResource");
        }
        this.currentElement.dequeue().toString();
        String str = null;
        String str2 = null;
        while (!this.currentElement.empty()) {
            String obj = this.currentElement.dequeue().toString();
            if (obj.equals(StandardDescriptorFieldName.RESOURCE_NAME)) {
                str = this.currentElement.dequeue().toString();
            } else if (obj.equals(StandardDescriptorFieldName.CLASS_NAME)) {
                str2 = this.currentElement.dequeue().toString();
            }
        }
        this.resourceMap.put(str, str2);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processResource");
        }
    }

    private void processRolePermission() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processRolePermission");
        }
        this.rbMod = new RoleBasedModule(this.moduleName);
        int size = this.method_permissions.size();
        for (int i = 0; i < size; i++) {
            method_permission method_permissionVar = (method_permission) this.method_permissions.get(i);
            Iterator it = method_permissionVar.roles.iterator();
            HashSet hashSet = new HashSet();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (this.roleMap.containsKey(str)) {
                    hashSet.addAll((HashSet) this.roleMap.get(str));
                } else {
                    hashSet.add(str);
                }
            }
            Iterator it2 = method_permissionVar.methods.iterator();
            while (it2.hasNext()) {
                method methodVar = (method) it2.next();
                StringBuffer stringBuffer = new StringBuffer(methodVar.resource_name + ":");
                stringBuffer.append(methodVar.method_name);
                int size2 = methodVar.params.size();
                for (int i2 = 0; i2 < size2; i2++) {
                    stringBuffer.append(":" + ((String) methodVar.params.get(i2)));
                }
                if (hashSet.size() > 0) {
                    this.rbMod.add(stringBuffer.toString(), hashSet);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processRolePermission");
        }
    }

    private XMLReader getXMLReader() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getXMLReader");
        }
        XMLReader xMLReader = null;
        try {
            xMLReader = SAXParserFactory.newInstance().newSAXParser().getXMLReader();
        } catch (ParserConfigurationException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getXMLReader ParserConfigurationException getting parser from SAXParserFactory.", new Object[]{e});
            }
            FFDCFilter.processException(e, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.getXMLReader", "512", this);
        } catch (Exception e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getXMLReader exception getting parser from SAXParserFactory.", new Object[]{e2});
            }
            FFDCFilter.processException(e2, "com.ibm.ws.security.role.RolePermissionDescriptorLoader.getXMLReader", "517", this);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getXMLReader");
        }
        return xMLReader;
    }
}
