package com.ibm.micro.internal.clients;

import com.ibm.micro.eventlog.common.FFDC;
import com.ibm.micro.internal.scheduler.Scheduler;
import com.ibm.micro.internal.security.access.AccessCtrlHandle;
import com.ibm.micro.internal.security.access.Environment;
import com.ibm.micro.internal.security.authentication.BrokerAuthenticationCallbackHandler;
import com.ibm.micro.internal.security.authentication.MicroBrokerLoginConfigProvider;
import com.ibm.micro.internal.spi.BrokerPreferences;
import com.ibm.micro.logging.Logger;
import com.ibm.micro.spi.AccessController;
import com.ibm.micro.spi.BrokerComponentException;
import com.ibm.micro.spi.BrokerConnection;
import com.ibm.mqttdirect.core.StackParameters;
import java.net.InetAddress;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:com/ibm/micro/internal/clients/SecureClientManagerProvider.class */
public class SecureClientManagerProvider extends ClientManagerProvider {
    private static final String CLASS_NAME = "com.ibm.micro.internal.clients.SecureClientManagerProvider";
    private static final String ANONYMOUS_USERNAME = "anonymous";
    protected boolean isAuthentication;
    protected boolean isAuthorization;
    protected AccessController accessController;
    protected String dataDir;

    public SecureClientManagerProvider(Scheduler scheduler, boolean z, boolean z2, AccessController accessController) {
        super(scheduler);
        this.isAuthentication = true;
        this.isAuthorization = true;
        this.accessController = null;
        this.dataDir = null;
        this.isAuthentication = z;
        this.isAuthorization = z2;
        this.accessController = accessController;
    }

    @Override // com.ibm.micro.internal.clients.ClientManagerProvider, com.ibm.micro.internal.interfaces.Lifecycle
    public void initialise(BrokerPreferences brokerPreferences, Logger logger, FFDC ffdc) throws BrokerComponentException {
        super.initialise(brokerPreferences, logger, ffdc);
        this.dataDir = brokerPreferences.get(BrokerPreferences.DATA_DIR_KEY, null);
        if (null == this.dataDir) {
            logger.severe(CLASS_NAME, "initialise", "1050", (Object[]) null);
            throw new BrokerComponentException();
        }
        if (this.isAuthorization && null == this.accessController) {
            logger.severe(CLASS_NAME, "initialise", "1052", (Object[]) null);
            throw new BrokerComponentException();
        }
    }

    @Override // com.ibm.micro.internal.clients.ClientManagerProvider, com.ibm.micro.internal.clients.ClientManager
    public BrokerConnection createBrokerConnection(StackParameters stackParameters) throws BrokerComponentException {
        BrokerConnectionImpl brokerConnectionImpl;
        AccessCtrlHandle[] accessCtrlHandleArr;
        InetAddress inetAddress = (InetAddress) stackParameters.getStackParamValue("peeripaddress");
        Integer num = (Integer) stackParameters.getStackParamValue("localport");
        if (inetAddress == null) {
            brokerConnectionImpl = new BrokerConnectionImpl(this, this.messagingEngine, this.persistence, this.logger);
        } else {
            boolean z = false;
            Subject subject = null;
            String str = (String) stackParameters.getStackParamValue("clientname");
            String hostAddress = inetAddress.getHostAddress();
            String num2 = num != null ? num.toString() : "";
            if (null == str || 0 == str.length()) {
                z = true;
                str = ANONYMOUS_USERNAME;
                this.logger.fine(CLASS_NAME, "createBrokerConnection", "21033", new Object[]{str, hostAddress, num2});
            } else if (this.isAuthentication) {
                String str2 = (String) stackParameters.getStackParamValue(BrokerPreferences.AUTHENTICATION_MODULE);
                try {
                    LoginContext loginContext = str2.equals("MICROBROKER_DEFAULT") ? new LoginContext(str2, (Subject) null, new BrokerAuthenticationCallbackHandler(stackParameters), new MicroBrokerLoginConfigProvider(this.dataDir, this.logger)) : new LoginContext(str2, new BrokerAuthenticationCallbackHandler(stackParameters));
                    loginContext.login();
                    this.logger.fine(CLASS_NAME, "createBrokerConnection", "21032", new Object[]{str2, str, hostAddress, num2});
                    subject = loginContext.getSubject();
                } catch (SecurityException e) {
                    this.logger.fine(CLASS_NAME, "createBrokerConnection", "21030", new Object[]{str2, str, hostAddress, num2, e});
                    throw new BrokerComponentException(e);
                } catch (LoginException e2) {
                    this.logger.fine(CLASS_NAME, "createBrokerConnection", "21031", new Object[]{str2, str, hostAddress, num2, e2});
                    throw new BrokerComponentException(e2);
                }
            } else {
                z = true;
            }
            if (this.isAuthorization) {
                Certificate[] certificateArr = (Certificate[]) stackParameters.getStackParamValue("peercertificates");
                X509Certificate x509Certificate = null;
                if (certificateArr != null && (certificateArr[0] instanceof X509Certificate)) {
                    x509Certificate = (X509Certificate) certificateArr[0];
                }
                if (null == num) {
                    num = new Integer(0);
                }
                Environment environment = new Environment(inetAddress, num.intValue(), x509Certificate == null ? null : x509Certificate.getSubjectX500Principal());
                if (z) {
                    accessCtrlHandleArr = new AccessCtrlHandle[]{this.accessController.init(str, environment)};
                } else {
                    Set<Principal> principals = subject.getPrincipals();
                    accessCtrlHandleArr = new AccessCtrlHandle[principals.size()];
                    Iterator<Principal> it = principals.iterator();
                    int i = 0;
                    while (it.hasNext()) {
                        accessCtrlHandleArr[i] = this.accessController.init(it.next().getName(), environment);
                        i++;
                    }
                }
                brokerConnectionImpl = new SecureBrokerConnectionImpl(this, this.messagingEngine, this.persistence, this.logger, this.accessController, accessCtrlHandleArr, environment);
            } else {
                brokerConnectionImpl = new BrokerConnectionImpl(this, this.messagingEngine, this.persistence, this.logger);
            }
        }
        return brokerConnectionImpl;
    }
}
