package com.ibm.ws.security.wim;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.security.wim.ras.WIMMessageHelper;
import com.ibm.websphere.security.wim.ras.WIMMessageKey;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.registry.EntryNotFoundException;
import com.ibm.ws.security.registry.RegistryException;
import com.ibm.ws.security.registry.SearchResult;
import com.ibm.ws.security.registry.UserRegistry;
import com.ibm.ws.security.wim.adapter.urbridge.URBridge;
import com.ibm.ws.security.wim.util.StringUtil;
import com.ibm.ws.security.wim.util.UniqueNameHelper;
import com.ibm.wsspi.security.wim.CustomRepository;
import com.ibm.wsspi.security.wim.exception.InitializationException;
import com.ibm.wsspi.security.wim.exception.InvalidUniqueNameException;
import com.ibm.wsspi.security.wim.exception.WIMException;
import com.ibm.wsspi.security.wim.model.Entity;
import com.ibm.wsspi.security.wim.model.IdentifierType;
import com.ibm.wsspi.security.wim.model.Root;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import org.eclipse.persistence.jpa.jpql.tools.model.query.IdentificationVariableStateObject;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/RepositoryManager.class */
public class RepositoryManager {
    public static final String ACTION_READ = "READ";
    public static final String ACTION_CREATE = "CREATE";
    public static final String ACTION_UPDATE = "UPDATE";
    public static final String ACTION_DELETE = "DELETE";
    private static final String KEY_REGISTRY = "userRegistry";
    private static final String BASE_ENTRY = "registryBaseEntry";
    private final VMMService vmmService;
    private final Map<String, RepositoryHolder> repositories = new ConcurrentHashMap();
    static final long serialVersionUID = 6545483619979091802L;
    public static final String CLASSNAME = RepositoryManager.class.getName();
    private static final TraceComponent tc = Tr.register(RepositoryManager.class);

    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/RepositoryManager$AbstractRepositoryHolder.class */
    static abstract class AbstractRepositoryHolder implements RepositoryHolder {
        private final String repositoryId;
        static final long serialVersionUID = -6325205163454239717L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AbstractRepositoryHolder.class);

        public AbstractRepositoryHolder(String str) {
            this.repositoryId = str;
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Repository getRepository() throws WIMException {
            return null;
        }

        protected abstract RepositoryConfig getRepositoryConfig();

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public void clear() {
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Map<String, String> getRepositoryBaseEntries() {
            return getRepositoryConfig().getRepositoryBaseEntries();
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Set<String> getRepositoryGroups() {
            String[] repositoriesForGroups = getRepositoryConfig().getRepositoriesForGroups();
            return (repositoriesForGroups == null || repositoriesForGroups.length <= 0) ? Collections.emptySet() : new HashSet(Arrays.asList(repositoriesForGroups));
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public boolean isUniqueNameForRepository(String str, boolean z) throws WIMException {
            if (!z) {
                return false;
            }
            Set<String> keySet = getRepositoryBaseEntries().keySet();
            if (keySet.size() == 0) {
                throw new WIMException(WIMMessageKey.MISSING_BASE_ENTRY, Tr.formatMessage(RepositoryManager.tc, WIMMessageKey.MISSING_BASE_ENTRY, WIMMessageHelper.generateMsgParms(this.repositoryId)));
            }
            int length = str.length();
            for (String str2 : keySet) {
                int length2 = str2.length();
                if (length2 == 0) {
                    return true;
                }
                if (length == length2 && str.equalsIgnoreCase(str2)) {
                    return true;
                }
                if (length > length2 && StringUtil.endsWithIgnoreCase(str, "," + str2)) {
                    return true;
                }
            }
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/RepositoryManager$ConfiguredRepositoryHolder.class */
    public static class ConfiguredRepositoryHolder extends AbstractRepositoryHolder {
        private final ConfiguredRepository configuredRepository;
        static final long serialVersionUID = 3531594580385014828L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(ConfiguredRepositoryHolder.class);

        public ConfiguredRepositoryHolder(String str, ConfiguredRepository configuredRepository) {
            super(str);
            this.configuredRepository = configuredRepository;
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.AbstractRepositoryHolder, com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Repository getRepository() {
            return this.configuredRepository;
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.AbstractRepositoryHolder
        protected RepositoryConfig getRepositoryConfig() {
            return this.configuredRepository;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/RepositoryManager$CustomRepositoryHolder.class */
    public static class CustomRepositoryHolder extends AbstractRepositoryHolder {
        private final CustomRepositoryAdapter repository;
        static final long serialVersionUID = 209857637792465751L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(CustomRepositoryHolder.class);

        @InjectedFFDC
        @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
        /* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/RepositoryManager$CustomRepositoryHolder$CustomRepositoryAdapter.class */
        private static class CustomRepositoryAdapter implements Repository, RepositoryConfig {
            private final String repositoryId;
            private final CustomRepository customRepository;
            static final long serialVersionUID = -1602699711856307021L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(CustomRepositoryAdapter.class);

            public CustomRepositoryAdapter(String str, CustomRepository customRepository) {
                this.repositoryId = str;
                this.customRepository = customRepository;
            }

            @Override // com.ibm.ws.security.wim.RepositoryConfig
            public boolean isReadOnly() {
                return false;
            }

            @Override // com.ibm.ws.security.wim.RepositoryConfig
            public void resetConfig() {
            }

            @Override // com.ibm.ws.security.wim.RepositoryConfig
            public String getReposId() {
                return this.repositoryId;
            }

            @Override // com.ibm.ws.security.wim.RepositoryConfig
            public Map<String, String> getRepositoryBaseEntries() {
                return this.customRepository.getRepositoryBaseEntries();
            }

            @Override // com.ibm.ws.security.wim.RepositoryConfig
            public String[] getRepositoriesForGroups() {
                String[] repositoriesForGroups = this.customRepository.getRepositoriesForGroups();
                if (repositoriesForGroups == null) {
                    repositoriesForGroups = new String[]{this.repositoryId};
                }
                return repositoriesForGroups;
            }

            @Override // com.ibm.ws.security.wim.Repository
            public Root get(Root root) throws WIMException {
                return setRepositoryId(this.customRepository.get(root));
            }

            @Override // com.ibm.ws.security.wim.Repository
            public Root search(Root root) throws WIMException {
                return setRepositoryId(this.customRepository.search(root));
            }

            @Override // com.ibm.ws.security.wim.Repository
            public Root login(Root root) throws WIMException {
                return setRepositoryId(this.customRepository.login(root));
            }

            @Override // com.ibm.ws.security.wim.Repository
            public String getRealm() {
                return this.customRepository.getRealm();
            }

            @Override // com.ibm.ws.security.wim.Repository
            public Root delete(Root root) throws WIMException {
                return setRepositoryId(this.customRepository.delete(root));
            }

            @Override // com.ibm.ws.security.wim.Repository
            public Root create(Root root) throws WIMException {
                return setRepositoryId(this.customRepository.create(root));
            }

            @Override // com.ibm.ws.security.wim.Repository
            public Root update(Root root) throws WIMException {
                return setRepositoryId(this.customRepository.update(root));
            }

            private Root setRepositoryId(Root root) {
                Iterator<Entity> it = root.getEntities().iterator();
                while (it.hasNext()) {
                    IdentifierType identifier = it.next().getIdentifier();
                    if (identifier != null) {
                        identifier.setRepositoryId(this.repositoryId);
                    }
                }
                return root;
            }
        }

        public CustomRepositoryHolder(String str, CustomRepository customRepository) {
            super(str);
            this.repository = new CustomRepositoryAdapter(str, customRepository);
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.AbstractRepositoryHolder, com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Repository getRepository() {
            return this.repository;
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.AbstractRepositoryHolder
        protected RepositoryConfig getRepositoryConfig() {
            return this.repository;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/RepositoryManager$RepositoryHolder.class */
    public interface RepositoryHolder {
        Repository getRepository() throws WIMException;

        void clear();

        Map<String, String> getRepositoryBaseEntries();

        Set<String> getRepositoryGroups();

        boolean isUniqueNameForRepository(String str, boolean z) throws WIMException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/RepositoryManager$URBridgeHolder.class */
    public static class URBridgeHolder implements RepositoryHolder {
        private final String baseEntry;
        private final UserRegistry ur;
        private URBridge urBridge;
        private final Map<String, String> baseEntries;
        static final long serialVersionUID = 6830297939219723126L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(URBridgeHolder.class);

        public URBridgeHolder(UserRegistry userRegistry, ConfigManager configManager) throws InitializationException {
            String realm = userRegistry.getRealm();
            this.baseEntry = "o=" + realm;
            this.ur = userRegistry;
            HashMap hashMap = new HashMap();
            hashMap.put(RepositoryManager.KEY_REGISTRY, userRegistry);
            hashMap.put("config.id", realm);
            hashMap.put(RepositoryManager.BASE_ENTRY, this.baseEntry);
            this.baseEntries = Collections.singletonMap(this.baseEntry, realm);
            this.urBridge = new URBridge(hashMap, userRegistry, configManager);
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Repository getRepository() {
            return this.urBridge;
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public void clear() {
            if (this.urBridge != null) {
                this.urBridge.stopCacheThreads();
            }
            this.urBridge = null;
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Map<String, String> getRepositoryBaseEntries() {
            return this.baseEntries;
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public Set<String> getRepositoryGroups() {
            return Collections.singleton(this.urBridge.getRealm());
        }

        @Override // com.ibm.ws.security.wim.RepositoryManager.RepositoryHolder
        public boolean isUniqueNameForRepository(String str, boolean z) {
            return this.baseEntry.equals(str) || isUserInRealm(str);
        }

        @FFDCIgnore({RegistryException.class})
        private boolean isUserInRealm(String str) {
            try {
                SearchResult users = this.ur.getUsers(str, 1);
                if (users != null) {
                    if (users.getList().size() > 0) {
                        return true;
                    }
                }
            } catch (RegistryException e) {
            }
            try {
                SearchResult groups = this.ur.getGroups(str, 1);
                if (groups != null) {
                    return groups.getList().size() > 0;
                }
                return false;
            } catch (RegistryException e2) {
                return false;
            }
        }
    }

    public RepositoryManager(VMMService vMMService) {
        this.vmmService = vMMService;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addConfiguredRepository(String str, ConfiguredRepository configuredRepository) {
        this.repositories.put(str, new ConfiguredRepositoryHolder(str, configuredRepository));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addCustomRepository(String str, CustomRepository customRepository) {
        this.repositories.put(str, new CustomRepositoryHolder(str, customRepository));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addUserRegistry(UserRegistry userRegistry) {
        try {
            this.repositories.put(userRegistry.getRealm(), new URBridgeHolder(userRegistry, this.vmmService.getConfigManager()));
        } catch (InitializationException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.RepositoryManager", "454", this, new Object[]{userRegistry});
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeRepositoryHolder(String str) {
        RepositoryHolder remove = this.repositories.remove(str);
        if (remove != null) {
            remove.clear();
        }
    }

    public Repository getRepository(String str) throws WIMException {
        RepositoryHolder repositoryHolder = this.repositories.get(str);
        if (repositoryHolder != null) {
            return repositoryHolder.getRepository();
        }
        return null;
    }

    private String getRealm(Object obj) {
        if (obj instanceof UserRegistry) {
            return ((UserRegistry) obj).getRealm();
        }
        return null;
    }

    public Repository getTargetRepository(String str) throws WIMException {
        return getRepository(getRepositoryIdByUniqueName(str));
    }

    public String getRepositoryId(String str) throws WIMException {
        return getRepositoryIdByUniqueName(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getRepositoryIdByUniqueName(String str) throws WIMException {
        boolean z = UniqueNameHelper.isDN(str) != null;
        if (z) {
            str = UniqueNameHelper.getValidUniqueName(str).trim();
        }
        for (Map.Entry<String, RepositoryHolder> entry : this.repositories.entrySet()) {
            if (entry.getValue().isUniqueNameForRepository(str, z)) {
                return entry.getKey();
            }
        }
        throw new InvalidUniqueNameException(WIMMessageKey.ENTITY_NOT_IN_REALM_SCOPE, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_IN_REALM_SCOPE, WIMMessageHelper.generateMsgParms(str, IdentificationVariableStateObject.DEFINED_PROPERTY)));
    }

    public Map<String, List<String>> getRepositoriesBaseEntries() {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, RepositoryHolder> entry : this.repositories.entrySet()) {
            hashMap.put(entry.getKey(), new ArrayList(entry.getValue().getRepositoryBaseEntries().keySet()));
        }
        return hashMap;
    }

    public Map<String, String> getRepositoryBaseEntries(String str) throws WIMException {
        RepositoryHolder repositoryHolder = this.repositories.get(str);
        return repositoryHolder != null ? repositoryHolder.getRepositoryBaseEntries() : Collections.emptyMap();
    }

    public List<String> getRepoIds() throws WIMException {
        return new ArrayList(this.repositories.keySet());
    }

    public int getNumberOfRepositories() throws WIMException {
        return getRepoIds().size();
    }

    public static boolean matchBaseEntryIgnoreCase(List<String> list, String str) {
        boolean z = false;
        if (list != null && str != null) {
            int i = 0;
            while (true) {
                if (i >= list.size()) {
                    break;
                }
                if (str.equalsIgnoreCase(list.get(i))) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    public boolean isPropertyJoin() {
        return false;
    }

    public boolean isEntryJoin() {
        return false;
    }

    public Map<String, List<String>> getBaseEntriesForRepos(String[] strArr) throws WIMException {
        HashMap hashMap = new HashMap();
        for (String str : strArr) {
            String repositoryIdByUniqueName = getRepositoryIdByUniqueName(str);
            List list = (List) hashMap.get(repositoryIdByUniqueName);
            if (list == null) {
                list = new ArrayList();
            }
            list.add(str);
            hashMap.put(repositoryIdByUniqueName, list);
        }
        return hashMap;
    }

    public boolean isReadOnly(String str) throws WIMException {
        return false;
    }

    public boolean isSortingSupported(String str) {
        return false;
    }

    private Map<String, Set<String>> getRepositoriesForGroup() {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, RepositoryHolder> entry : this.repositories.entrySet()) {
            hashMap.put(entry.getKey(), entry.getValue().getRepositoryGroups());
        }
        return hashMap;
    }

    public boolean isCrossRepositoryGroupMembership(String str) throws WIMException {
        Map<String, Set<String>> repositoriesForGroup = getRepositoriesForGroup();
        int size = repositoriesForGroup.get(str).size();
        if (size > 1) {
            return true;
        }
        return size == 1 && !str.equals(repositoriesForGroup.get(str).iterator().next());
    }

    public Set<String> getRepositoriesForGroupMembership(String str) throws WIMException {
        RepositoryHolder repositoryHolder = this.repositories.get(str);
        if (repositoryHolder != null) {
            return repositoryHolder.getRepositoryGroups();
        }
        return null;
    }

    private Map<String, Set<String>> getRepositoriesForGroupMembers() {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, RepositoryHolder> entry : this.repositories.entrySet()) {
            String key = entry.getKey();
            for (String str : entry.getValue().getRepositoryGroups()) {
                Set set = (Set) hashMap.get(str);
                if (set == null) {
                    set = new HashSet();
                    hashMap.put(str, set);
                }
                set.add(key);
            }
        }
        return hashMap;
    }

    public boolean canGroupAcceptMember(String str, String str2) {
        Set<String> set;
        Map<String, Set<String>> repositoriesForGroupMembers = getRepositoriesForGroupMembers();
        if (repositoriesForGroupMembers == null || (set = repositoriesForGroupMembers.get(str)) == null) {
            return false;
        }
        return set.contains(str2);
    }

    public void clearAllCachedURRepositories() {
        Iterator<RepositoryHolder> it = this.repositories.values().iterator();
        while (it.hasNext()) {
            it.next().clear();
        }
    }

    @FFDCIgnore({RegistryException.class, EntryNotFoundException.class})
    public List<String> getFederationUREntityType(String str) {
        for (RepositoryHolder repositoryHolder : this.repositories.values()) {
            if (repositoryHolder instanceof URBridgeHolder) {
                UserRegistry userRegistry = ((URBridgeHolder) repositoryHolder).ur;
                try {
                    SearchResult users = userRegistry.getUsers(str, 1);
                    if (users != null && users.getList().size() > 0) {
                        ArrayList arrayList = new ArrayList();
                        arrayList.add("PersonAccount");
                        arrayList.add(str);
                        return arrayList;
                    }
                } catch (RegistryException e) {
                }
                try {
                    SearchResult groups = userRegistry.getGroups(str, 1);
                    if (groups != null && groups.getList().size() > 0) {
                        ArrayList arrayList2 = new ArrayList();
                        arrayList2.add("Group");
                        arrayList2.add(str);
                        return arrayList2;
                    }
                } catch (RegistryException e2) {
                }
                try {
                    String userSecurityName = userRegistry.getUserSecurityName(str);
                    if (userSecurityName != null) {
                        ArrayList arrayList3 = new ArrayList();
                        arrayList3.add("PersonAccount");
                        arrayList3.add(userSecurityName);
                        return arrayList3;
                    }
                } catch (EntryNotFoundException e3) {
                } catch (RegistryException e4) {
                }
                try {
                    String groupSecurityName = userRegistry.getGroupSecurityName(str);
                    if (groupSecurityName != null) {
                        ArrayList arrayList4 = new ArrayList();
                        arrayList4.add("Group");
                        arrayList4.add(groupSecurityName);
                        return arrayList4;
                    }
                    continue;
                } catch (EntryNotFoundException e5) {
                } catch (RegistryException e6) {
                }
            }
        }
        return null;
    }
}
