package com.ibm.ws.security.wim.adapter.urbridge;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.security.wim.ConfigConstants;
import com.ibm.websphere.security.wim.copyright.IBMCopyright;
import com.ibm.websphere.security.wim.ras.WIMMessageHelper;
import com.ibm.websphere.security.wim.ras.WIMMessageKey;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.registry.CertificateMapFailedException;
import com.ibm.ws.security.registry.CertificateMapNotSupportedException;
import com.ibm.ws.security.registry.CustomRegistryException;
import com.ibm.ws.security.registry.EntryNotFoundException;
import com.ibm.ws.security.registry.NotImplementedException;
import com.ibm.ws.security.registry.RegistryException;
import com.ibm.ws.security.registry.SearchResult;
import com.ibm.ws.security.registry.UserRegistry;
import com.ibm.ws.security.wim.ConfigManager;
import com.ibm.ws.security.wim.FactoryManager;
import com.ibm.ws.security.wim.Repository;
import com.ibm.ws.security.wim.adapter.urbridge.utils.URBridgeConstants;
import com.ibm.ws.security.wim.adapter.urbridge.utils.URBridgeEntity;
import com.ibm.ws.security.wim.adapter.urbridge.utils.URBridgeEntityFactory;
import com.ibm.ws.security.wim.adapter.urbridge.utils.URBridgeHelper;
import com.ibm.ws.security.wim.env.ICacheUtil;
import com.ibm.ws.security.wim.util.ControlsHelper;
import com.ibm.wsspi.security.wim.SchemaConstants;
import com.ibm.wsspi.security.wim.exception.EntityNotFoundException;
import com.ibm.wsspi.security.wim.exception.InitializationException;
import com.ibm.wsspi.security.wim.exception.PasswordCheckFailedException;
import com.ibm.wsspi.security.wim.exception.WIMApplicationException;
import com.ibm.wsspi.security.wim.exception.WIMException;
import com.ibm.wsspi.security.wim.model.Context;
import com.ibm.wsspi.security.wim.model.Control;
import com.ibm.wsspi.security.wim.model.Entity;
import com.ibm.wsspi.security.wim.model.Group;
import com.ibm.wsspi.security.wim.model.GroupMemberControl;
import com.ibm.wsspi.security.wim.model.GroupMembershipControl;
import com.ibm.wsspi.security.wim.model.IdentifierType;
import com.ibm.wsspi.security.wim.model.LoginAccount;
import com.ibm.wsspi.security.wim.model.LoginControl;
import com.ibm.wsspi.security.wim.model.PersonAccount;
import com.ibm.wsspi.security.wim.model.PropertyControl;
import com.ibm.wsspi.security.wim.model.Root;
import java.io.ByteArrayInputStream;
import java.io.UnsupportedEncodingException;
import java.rmi.RemoteException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.core_1.0.15.jar:com/ibm/ws/security/wim/adapter/urbridge/URBridge.class */
public class URBridge implements Repository {
    private UserRegistry userRegistry;
    private static final String KEY_ID = "config.id";
    private String reposId;
    private static final String BASE_ENTRY = "registryBaseEntry";
    static final String BASE_ENTRY_NAME = "name";
    public static final String SPI_PREFIX = "WIM_SPI ";
    private static final String OLD_PASSWORD = "OLD_PASSWORD";
    private static final String NEW_SECURITY_NAME = "NEW_SECURITY_NAME";
    private static final String REPLACE_MEMBERS = "REPLACE_MEMBERS";
    private static final String DELETE_MEMBERS = "DELETE_MEMBERS";
    private static final String SAFRegistryImplClass = "com.ibm.ws.security.registry.saf.internal.SAFRegistry";
    private ConfigManager configManager;
    static final long serialVersionUID = -9102846665629819059L;
    static final String COPYRIGHT_NOTICE = IBMCopyright.COPYRIGHT_NOTICE_LONG_2014;
    private static final TraceComponent tc = Tr.register(URBridge.class);
    private static List<String> defaultSupportedEntities = null;
    private static Map<String, String[]> defaultRDNProperties = null;
    private Map<String, String> attrMap = null;
    private Map<String, String> customPropertyMap = null;
    private Map<String, String> propsMap = null;
    private String baseEntryName = null;
    private String personAccountType = null;
    private String groupAccountType = null;
    private HashMap<String, String> entityConfigMap = null;
    private ICacheUtil iUserSecurityNameCache = null;
    private ICacheUtil iGroupSecurityNameCache = null;
    private ICacheUtil iUserSearchCache = null;
    private ICacheUtil iGroupSearchCache = null;
    private ICacheUtil iUserUniqueIdCache = null;
    private ICacheUtil iUserDispNameCache = null;
    private ICacheUtil iGroupUniqueIdCache = null;
    private ICacheUtil iGroupDispNameCache = null;

    private static void initializeSupportedEntities() {
        defaultSupportedEntities = new ArrayList(2);
        defaultSupportedEntities.add("PersonAccount");
        defaultSupportedEntities.add("Group");
    }

    private static void initializeRDNProperties() {
        defaultRDNProperties = new HashMap();
        defaultRDNProperties.put("PersonAccount", new String[]{"uid"});
        defaultRDNProperties.put("Group", new String[]{"cn"});
    }

    private void initializeCaches() {
        if (FactoryManager.getCacheUtil().isCacheAvailable()) {
            this.iUserSecurityNameCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
            this.iUserUniqueIdCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
            this.iUserDispNameCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
            this.iGroupSecurityNameCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
            this.iUserSearchCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
            this.iGroupSearchCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
            this.iGroupUniqueIdCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
            this.iGroupDispNameCache = FactoryManager.getCacheUtil().initialize(100, 100, 1200L);
        }
    }

    public URBridge(Map<String, Object> map, UserRegistry userRegistry, ConfigManager configManager) throws InitializationException {
        this.userRegistry = null;
        this.reposId = null;
        this.configManager = null;
        this.reposId = (String) map.get("config.id");
        this.userRegistry = userRegistry;
        initializeCaches();
        this.configManager = configManager;
        if (defaultSupportedEntities == null) {
            initializeSupportedEntities();
        }
        if (defaultRDNProperties == null) {
            initializeRDNProperties();
        }
        try {
            initialize(map);
        } catch (WIMException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "271", this, new Object[]{map, userRegistry, configManager});
            throw new InitializationException(e);
        }
    }

    private void setMapping() {
        this.attrMap = new HashMap(6);
        this.attrMap.put(URBridgeConstants.GROUP_SECURITY_NAME_PROP, this.customPropertyMap.get(URBridgeConstants.GROUP_SECURITY_NAME_PROP) == null ? "uniqueName" : this.customPropertyMap.get(URBridgeConstants.GROUP_SECURITY_NAME_PROP));
        this.attrMap.put(URBridgeConstants.GROUP_DISPLAY_NAME_PROP, this.customPropertyMap.get(URBridgeConstants.GROUP_DISPLAY_NAME_PROP) == null ? "displayName" : this.customPropertyMap.get(URBridgeConstants.GROUP_DISPLAY_NAME_PROP));
        this.attrMap.put(URBridgeConstants.UNIQUE_GROUP_ID_PROP, this.customPropertyMap.get(URBridgeConstants.UNIQUE_GROUP_ID_PROP) == null ? "uniqueId" : this.customPropertyMap.get(URBridgeConstants.UNIQUE_GROUP_ID_PROP));
        this.attrMap.put(URBridgeConstants.USER_DISPLAY_NAME_PROP, this.customPropertyMap.get(URBridgeConstants.USER_DISPLAY_NAME_PROP) == null ? "displayName" : this.customPropertyMap.get(URBridgeConstants.USER_DISPLAY_NAME_PROP));
        this.attrMap.put(URBridgeConstants.USER_SECURITY_NAME_PROP, this.customPropertyMap.get(URBridgeConstants.USER_SECURITY_NAME_PROP) == null ? "uniqueName" : this.customPropertyMap.get(URBridgeConstants.USER_SECURITY_NAME_PROP));
        this.attrMap.put(URBridgeConstants.UNIQUE_USER_ID_PROP, this.customPropertyMap.get(URBridgeConstants.UNIQUE_USER_ID_PROP) == null ? "uniqueId" : this.customPropertyMap.get(URBridgeConstants.UNIQUE_USER_ID_PROP));
    }

    public void initialize(Map<String, Object> map) throws WIMException {
        try {
            this.reposId = (String) map.get("config.id");
            setCustomProperties((List) map.get(ConfigConstants.CONFIG_DO_CUSTOM_PROPERTIES));
            setMapping();
            setBaseEntry(map);
            setConfigEntityMapping(map);
            this.propsMap = new HashMap();
            this.propsMap.putAll(this.attrMap);
            this.propsMap.putAll(this.customPropertyMap);
            URBridgeHelper.mapSupportedEntityTypeList(getSupportedEntityTypes());
            this.personAccountType = URBridgeHelper.getPersonAccountType();
            this.groupAccountType = URBridgeHelper.getGroupAccountType();
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "353", this, new Object[]{map});
            throw new InitializationException(WIMMessageKey.REPOSITORY_INITIALIZATION_FAILED, Tr.formatMessage(tc, WIMMessageKey.REPOSITORY_INITIALIZATION_FAILED, WIMMessageHelper.generateMsgParms(this.reposId, th.toString())));
        }
    }

    private void setBaseEntry(Map<String, Object> map) throws WIMException {
        this.baseEntryName = (String) map.get(BASE_ENTRY);
        if (this.baseEntryName == null) {
            throw new WIMApplicationException(WIMMessageKey.MISSING_BASE_ENTRY, Tr.formatMessage(tc, WIMMessageKey.MISSING_BASE_ENTRY, WIMMessageHelper.generateMsgParms(this.reposId)));
        }
    }

    private void setCustomProperties(List<Map<String, String>> list) throws WIMException {
        this.customPropertyMap = new HashMap();
        if (list == null) {
            return;
        }
        for (Map<String, String> map : list) {
            this.customPropertyMap.put(map.get("name"), map.get("value"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "setCustomProperties custom properties " + this.customPropertyMap, new Object[0]);
        }
    }

    private void setConfigEntityMapping(Map<String, Object> map) throws WIMException {
        List<String> supportedEntityTypes = getSupportedEntityTypes();
        this.entityConfigMap = new HashMap<>();
        for (int i = 0; i < supportedEntityTypes.size(); i++) {
            String str = supportedEntityTypes.get(i);
            this.entityConfigMap.put(str, getRDNProperties(str) == null ? null : getRDNProperties(str)[0]);
        }
        if (this.entityConfigMap.get("LoginAccount") == null && this.entityConfigMap.get(this.personAccountType) != null) {
            this.entityConfigMap.put("LoginAccount", this.entityConfigMap.get(this.personAccountType));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "setConfigEntityMapping entityConfigMap:" + this.entityConfigMap, new Object[0]);
        }
    }

    private String[] getRDNProperties(String str) {
        String[] rDNProperties = this.configManager.getRDNProperties(str);
        if (rDNProperties != null && rDNProperties.length != 0) {
            return rDNProperties;
        }
        String[] strArr = defaultRDNProperties.get(str);
        if (strArr == null || strArr.length == 0) {
            return null;
        }
        return strArr;
    }

    private List<String> getSupportedEntityTypes() {
        List<String> supportedEntityTypes = this.configManager.getSupportedEntityTypes();
        return (supportedEntityTypes == null || supportedEntityTypes.size() <= 0) ? defaultSupportedEntities : supportedEntityTypes;
    }

    @Override // com.ibm.ws.security.wim.Repository
    public Root get(Root root) throws WIMException {
        Root root2 = new Root();
        try {
            Map<String, Control> controlMap = ControlsHelper.getControlMap(root);
            PropertyControl propertyControl = (PropertyControl) controlMap.get(SchemaConstants.DO_PROPERTY_CONTROL);
            GroupMemberControl groupMemberControl = (GroupMemberControl) controlMap.get(SchemaConstants.DO_GROUP_MEMBER_CONTROL);
            GroupMembershipControl groupMembershipControl = (GroupMembershipControl) controlMap.get(SchemaConstants.DO_GROUP_MEMBERSHIP_CONTROL);
            List<String> attributes = groupMemberControl != null ? getAttributes(groupMemberControl, this.personAccountType) : null;
            List<String> attributes2 = groupMembershipControl != null ? getAttributes(groupMembershipControl, this.groupAccountType) : null;
            for (Entity entity : root.getEntities()) {
                String validateEntity = validateEntity(entity);
                String uniqueName = entity.getIdentifier().getUniqueName();
                Entity group = "Group".equalsIgnoreCase(validateEntity) ? new Group() : new PersonAccount();
                root2.getEntities().add(group);
                IdentifierType identifierType = new IdentifierType();
                identifierType.setRepositoryId(this.reposId);
                group.setIdentifier(identifierType);
                URBridgeEntity createObject = new URBridgeEntityFactory().createObject(group, this, this.propsMap, this.baseEntryName, this.entityConfigMap);
                createObject.setSecurityNameProp(uniqueName);
                List<String> attributes3 = getAttributes(propertyControl, validateEntity);
                if (attributes3 != null) {
                    createObject.populateEntity(attributes3);
                }
                if ("Group".equalsIgnoreCase(validateEntity) && groupMemberControl != null && attributes != null) {
                    createObject.getUsersForGroup(attributes, groupMemberControl.isSetCountLimit() ? groupMemberControl.getCountLimit() : 0);
                } else if (("LoginAccount".equalsIgnoreCase(validateEntity) || "PersonAccount".equalsIgnoreCase(validateEntity)) && groupMembershipControl != null && attributes2 != null) {
                    createObject.getGroupsForUser(attributes2, groupMembershipControl.isSetCountLimit() ? groupMembershipControl.getCountLimit() : 0);
                }
            }
            setReturnContext(root, root2);
            return root2;
        } catch (EntityNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "542", this, new Object[]{root});
            throw e;
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "544", this, new Object[]{root});
            throw new WIMException(e2);
        }
    }

    public String buildRDN(String str) {
        return "uid=" + str + ",o=" + this.reposId;
    }

    private List<String> getAttributes(PropertyControl propertyControl, String str) throws WIMException {
        List<String> arrayList = new ArrayList(10);
        if (propertyControl != null && propertyControl.getProperties() != null) {
            arrayList = propertyControl.getProperties();
        }
        if (arrayList.size() > 0 && "*".equals(arrayList.get(0))) {
            arrayList = getAttributes(str);
        }
        arrayList.addAll(getIdentifierAttributes(str));
        return arrayList;
    }

    private List<String> getAttributes(String str) throws WIMException {
        ArrayList arrayList = new ArrayList();
        if ("Group".equals(str) || Entity.getSubEntityTypes("Group").contains(str)) {
            arrayList.add(this.entityConfigMap.get(str));
            arrayList.add(this.attrMap.get(URBridgeConstants.GROUP_DISPLAY_NAME_PROP));
        } else if ("LoginAccount".equals(str) || Entity.getSubEntityTypes("LoginAccount").contains(str)) {
            arrayList.add(this.entityConfigMap.get(str));
            arrayList.add("principalName");
            arrayList.add(this.attrMap.get(URBridgeConstants.USER_DISPLAY_NAME_PROP));
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getAttributes(entityType) Entity type " + str + " is invalid and is ignored.", new Object[0]);
        }
        return arrayList;
    }

    private List<String> getIdentifierAttributes(String str) throws WIMException {
        ArrayList arrayList = new ArrayList();
        if ("Group".equals(str) || Entity.getSubEntityTypes("Group").contains(str)) {
            arrayList.add(this.attrMap.get(URBridgeConstants.UNIQUE_GROUP_ID_PROP));
            arrayList.add(this.attrMap.get(URBridgeConstants.GROUP_SECURITY_NAME_PROP));
        } else if ("LoginAccount".equals(str) || Entity.getSubEntityTypes("LoginAccount").contains(str)) {
            arrayList.add(this.attrMap.get(URBridgeConstants.UNIQUE_USER_ID_PROP));
            arrayList.add(this.attrMap.get(URBridgeConstants.USER_SECURITY_NAME_PROP));
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getIdentifierAttributes Entity type " + str + " is invalid and is ignored.", new Object[0]);
        }
        return arrayList;
    }

    private String validateEntity(Entity entity) throws WIMException {
        String str = null;
        String str2 = null;
        String str3 = null;
        if (entity.getIdentifier().isSet("uniqueName")) {
            str3 = entity.getIdentifier().getUniqueName();
        } else if (entity.getIdentifier().isSet(SchemaConstants.PROP_EXTERNAL_NAME)) {
            str3 = entity.getIdentifier().getExternalName();
        } else if (entity.getIdentifier().isSet("uniqueId")) {
            str2 = entity.getIdentifier().getUniqueId();
        } else if (entity.getIdentifier().isSet(SchemaConstants.PROP_EXTERNAL_ID)) {
            str2 = entity.getIdentifier().getExternalId();
        }
        String str4 = str3 != null ? str3 : null;
        if (str2 != null && str2.trim().length() > 0) {
            if (isValidUserOrGroup(str2)) {
                str3 = str2;
                str4 = str2;
            } else {
                str4 = getSecNameFromUniqueID(str2);
                str3 = str4;
            }
        }
        if (str4 != null && str4.trim().length() > 0) {
            String rdn = getRDN(entity.getIdentifier().getUniqueName());
            Set<String> keySet = this.entityConfigMap.keySet();
            ArrayList arrayList = new ArrayList();
            for (String str5 : keySet) {
                if (rdn == null || rdn.equalsIgnoreCase(this.entityConfigMap.get(str5))) {
                    arrayList.add(str5);
                }
            }
            str = getEntityTypeFromUniqueName(str4, arrayList, entity.getTypeName());
            entity.getIdentifier().setUniqueName(str3);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "validateEntity The entity type for " + str4 + " is " + str, new Object[0]);
        }
        if (str == null) {
            throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str4)));
        }
        return str;
    }

    private String getSecNameFromUniqueID(String str) throws WIMException {
        String groupSecurityName;
        try {
            groupSecurityName = getUserSecurityName(str);
        } catch (EntryNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "700", this, new Object[]{str});
            try {
                groupSecurityName = getGroupSecurityName(str);
            } catch (EntryNotFoundException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "703", this, new Object[]{str});
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            } catch (RegistryException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "706", this, new Object[]{str});
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
        } catch (RegistryException e4) {
            FFDCFilter.processException(e4, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "710", this, new Object[]{str});
            throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getSecNameFromUniqueID The Security Name for " + str + " is " + groupSecurityName, new Object[0]);
        }
        return groupSecurityName;
    }

    private String getEntityTypeFromUniqueName(String str, List<String> list, String str2) throws WIMException {
        String str3 = null;
        ArrayList arrayList = new ArrayList();
        try {
            boolean z = false;
            if (list.size() == 0 || list.size() > 1) {
                z = true;
            }
            if ((list.contains(this.personAccountType) || z) && searchUsers(str, 1).getList().size() > 0) {
                arrayList.add(this.personAccountType);
            }
            if ((list.contains(this.groupAccountType) || z) && searchGroups(str, 1).getList().size() > 0) {
                arrayList.add(this.groupAccountType);
            }
            if (arrayList.size() > 1) {
                int i = 0;
                while (true) {
                    if (i >= arrayList.size()) {
                        break;
                    }
                    if (((String) arrayList.get(i)).equals(str2)) {
                        str3 = (String) arrayList.get(i);
                        break;
                    }
                    i++;
                }
            }
            if (str3 == null && arrayList.size() > 0) {
                str3 = (String) arrayList.get(0);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getEntityTypeFromUniqueName The entity type for " + str + " is " + str3, new Object[0]);
            }
            return str3;
        } catch (RegistryException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "775", this, new Object[]{str, list, str2});
            throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
        }
    }

    private String getKey(String str, int i) {
        return str + "|" + i;
    }

    private String getRDN(String str) {
        int indexOf;
        if (str != null && (indexOf = str.indexOf(61)) >= 0) {
            return str.substring(0, indexOf);
        }
        return str;
    }

    /* JADX WARN: Removed duplicated region for block: B:55:0x0224 A[Catch: WIMException -> 0x030b, Exception -> 0x0328, TryCatch #2 {WIMException -> 0x030b, Exception -> 0x0328, blocks: (B:3:0x000b, B:5:0x002a, B:6:0x0031, B:8:0x003d, B:10:0x005b, B:13:0x008f, B:15:0x009b, B:17:0x00bf, B:19:0x00c9, B:23:0x00dc, B:25:0x00f0, B:27:0x0111, B:29:0x011d, B:31:0x0135, B:33:0x020f, B:35:0x0142, B:38:0x0162, B:40:0x0179, B:41:0x0185, B:43:0x0191, B:45:0x019e, B:47:0x01b3, B:48:0x01aa, B:53:0x0218, B:55:0x0224, B:59:0x023f, B:62:0x025f, B:64:0x0276, B:66:0x0289, B:68:0x0291, B:70:0x029d, B:57:0x0302, B:80:0x00d2, B:81:0x0045, B:82:0x005a), top: B:2:0x000b }] */
    /* JADX WARN: Removed duplicated region for block: B:77:0x0308 A[EDGE_INSN: B:77:0x0308->B:73:0x0308 BREAK  A[LOOP:3: B:53:0x0218->B:57:0x0302], SYNTHETIC] */
    @Override // com.ibm.ws.security.wim.Repository
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.ibm.wsspi.security.wim.model.Root search(com.ibm.wsspi.security.wim.model.Root r10) throws com.ibm.wsspi.security.wim.exception.WIMException {
        /*
            Method dump skipped, instructions count: 862
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.wim.adapter.urbridge.URBridge.search(com.ibm.wsspi.security.wim.model.Root):com.ibm.wsspi.security.wim.model.Root");
    }

    @Override // com.ibm.ws.security.wim.Repository
    @FFDCIgnore({CertificateMapFailedException.class})
    public Root login(Root root) throws WIMException {
        Root root2 = new Root();
        URBridgeEntityFactory uRBridgeEntityFactory = new URBridgeEntityFactory();
        LoginControl loginControl = (LoginControl) ControlsHelper.getControlMap(root).get(SchemaConstants.DO_LOGIN_CONTROL);
        List<String> attributes = loginControl != null ? getAttributes(loginControl, "LoginAccount") : null;
        List<Entity> entities = root.getEntities();
        if (entities.size() > 0) {
            String typeName = entities.get(0).getTypeName();
            String str = null;
            if (!"LoginAccount".equalsIgnoreCase(typeName) && !Entity.getSubEntityTypes("LoginAccount").contains(typeName)) {
                throw new WIMApplicationException(WIMMessageKey.ENTITY_TYPE_NOT_SUPPORTED, Tr.formatMessage(tc, WIMMessageKey.ENTITY_TYPE_NOT_SUPPORTED, WIMMessageHelper.generateMsgParms(typeName)));
            }
            LoginAccount loginAccount = (LoginAccount) entities.get(0);
            if (loginAccount.isSet("principalName")) {
                String principalName = loginAccount.getPrincipalName();
                byte[] password = loginAccount.getPassword();
                if (principalName == null || principalName.trim().length() == 0) {
                    throw new PasswordCheckFailedException(WIMMessageKey.MISSING_OR_EMPTY_PRINCIPAL_NAME, Tr.formatMessage(tc, WIMMessageKey.MISSING_OR_EMPTY_PRINCIPAL_NAME, new Object[0]));
                }
                if (password == null || password.length == 0) {
                    throw new PasswordCheckFailedException(WIMMessageKey.MISSING_OR_EMPTY_PASSWORD, Tr.formatMessage(tc, WIMMessageKey.MISSING_OR_EMPTY_PASSWORD, new Object[0]));
                }
                try {
                    String str2 = new String(password, "UTF-8");
                    boolean z = false;
                    if (SAFRegistryImplClass.equalsIgnoreCase(this.userRegistry.getClass().getName())) {
                        try {
                            z = this.userRegistry.isValidUser(principalName);
                        } catch (RegistryException e) {
                            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "1019", this, new Object[]{root});
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "WIM_SPI login", " principal, " + principalName + ", not found in " + this.reposId);
                            }
                        }
                    } else {
                        List<String> list = null;
                        try {
                            list = this.userRegistry.getUsers(principalName, 1).getList();
                        } catch (RegistryException e2) {
                            FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "1029", this, new Object[]{root});
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "WIM_SPI login", " principal, " + principalName + ", not found in " + this.reposId);
                            }
                        }
                        z = list != null && list.size() > 0;
                    }
                    if (z) {
                        try {
                            str = this.userRegistry.checkPassword(principalName, str2);
                        } catch (RegistryException e3) {
                            FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "1039", this, new Object[]{root});
                            throw new WIMException(e3);
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "WIM_SPI login principal, " + principalName + ", not found in " + this.reposId, new Object[0]);
                    }
                } catch (UnsupportedEncodingException e4) {
                    FFDCFilter.processException(e4, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "1009", this, new Object[]{root});
                    throw new WIMApplicationException(WIMMessageKey.CUSTOM_REGISTRY_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.CUSTOM_REGISTRY_EXCEPTION, WIMMessageHelper.generateMsgParms(this.reposId)));
                }
            } else {
                if (!loginAccount.isSet("certificate")) {
                    throw new PasswordCheckFailedException(WIMMessageKey.MISSING_OR_EMPTY_PRINCIPAL_NAME, Tr.formatMessage(tc, WIMMessageKey.MISSING_OR_EMPTY_PRINCIPAL_NAME, new Object[0]));
                }
                List<byte[]> certificate = loginAccount.getCertificate();
                int size = certificate.size();
                if (size > 0) {
                    X509Certificate[] x509CertificateArr = new X509Certificate[size];
                    for (int i = 0; i < x509CertificateArr.length; i++) {
                        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(certificate.get(i));
                        try {
                            x509CertificateArr[i] = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                            byteArrayInputStream.close();
                        } catch (Exception e5) {
                            FFDCFilter.processException(e5, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "1059", this, new Object[]{root});
                            throw new WIMApplicationException(WIMMessageKey.CERTIFICATE_GENERATE_FAILED, Tr.formatMessage(tc, WIMMessageKey.CERTIFICATE_GENERATE_FAILED, new Object[0]));
                        }
                    }
                    try {
                        str = this.userRegistry.mapCertificate(x509CertificateArr[0]);
                    } catch (CertificateMapFailedException e6) {
                    } catch (CertificateMapNotSupportedException e7) {
                        FFDCFilter.processException(e7, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "1065", this, new Object[]{root});
                        throw new com.ibm.wsspi.security.wim.exception.CertificateMapNotSupportedException(e7);
                    } catch (RegistryException e8) {
                        FFDCFilter.processException(e8, "com.ibm.ws.security.wim.adapter.urbridge.URBridge", "1069", this, new Object[]{root});
                        throw new WIMException(e8);
                    }
                }
            }
            if (str != null) {
                PersonAccount personAccount = new PersonAccount();
                root2.getEntities().add(personAccount);
                IdentifierType identifierType = new IdentifierType();
                personAccount.setIdentifier(identifierType);
                personAccount.setPrincipalName(str);
                URBridgeEntity createObject = uRBridgeEntityFactory.createObject(personAccount, this, this.attrMap, this.baseEntryName, this.entityConfigMap);
                createObject.setSecurityNameProp(str);
                if (attributes != null) {
                    createObject.populateEntity(attributes);
                }
                identifierType.setRepositoryId(this.reposId);
            }
        }
        return root2;
    }

    @FFDCIgnore({RegistryException.class})
    private boolean isValidUserOrGroup(String str) {
        try {
            if (this.userRegistry.isValidUser(str)) {
                return true;
            }
            return this.userRegistry.isValidGroup(str);
        } catch (RegistryException e) {
            if (!tc.isDebugEnabled()) {
                return false;
            }
            Tr.debug(tc, "Unable to determine if this is a valid User/Group", new Object[0]);
            return false;
        }
    }

    @Override // com.ibm.ws.security.wim.Repository
    public String getRealm() {
        return this.userRegistry.getRealm();
    }

    public String getUserSecurityName(String str) throws EntryNotFoundException, RegistryException {
        String userSecurityName;
        if (this.iUserSecurityNameCache.containsKey(str)) {
            userSecurityName = (String) this.iUserSecurityNameCache.get(str);
        } else {
            userSecurityName = this.userRegistry.getUserSecurityName(str);
            this.iUserSecurityNameCache.put(str, (Object) userSecurityName);
        }
        return userSecurityName;
    }

    public String getUniqueUserId(String str) throws EntryNotFoundException, RegistryException {
        String uniqueUserId;
        if (this.iUserUniqueIdCache.containsKey(str)) {
            uniqueUserId = (String) this.iUserUniqueIdCache.get(str);
        } else {
            uniqueUserId = this.userRegistry.getUniqueUserId(str);
            this.iUserUniqueIdCache.put(str, (Object) uniqueUserId);
        }
        return uniqueUserId;
    }

    public String getUserDisplayName(String str) throws EntryNotFoundException, RegistryException {
        String userDisplayName;
        if (this.iUserDispNameCache.containsKey(str)) {
            userDisplayName = (String) this.iUserDispNameCache.get(str);
        } else {
            userDisplayName = this.userRegistry.getUserDisplayName(str);
            this.iUserDispNameCache.put(str, (Object) userDisplayName);
        }
        return userDisplayName;
    }

    public String getGroupSecurityName(String str) throws EntryNotFoundException, RegistryException {
        String groupSecurityName;
        if (this.iGroupSecurityNameCache.containsKey(str)) {
            groupSecurityName = (String) this.iGroupSecurityNameCache.get(str);
        } else {
            groupSecurityName = this.userRegistry.getGroupSecurityName(str);
            this.iGroupSecurityNameCache.put(str, (Object) groupSecurityName);
        }
        return groupSecurityName;
    }

    public String getUniqueGroupId(String str) throws EntryNotFoundException, RegistryException {
        String uniqueGroupId;
        if (this.iGroupUniqueIdCache.containsKey(str)) {
            uniqueGroupId = (String) this.iGroupUniqueIdCache.get(str);
        } else {
            uniqueGroupId = this.userRegistry.getUniqueGroupId(str);
            this.iGroupUniqueIdCache.put(str, (Object) uniqueGroupId);
        }
        return uniqueGroupId;
    }

    public String getGroupDisplayName(String str) throws EntryNotFoundException, RegistryException {
        String groupDisplayName;
        if (this.iGroupDispNameCache.containsKey(str)) {
            groupDisplayName = (String) this.iGroupDispNameCache.get(str);
        } else {
            groupDisplayName = this.userRegistry.getGroupDisplayName(str);
            this.iGroupDispNameCache.put(str, (Object) groupDisplayName);
        }
        return groupDisplayName;
    }

    private SearchResult searchUsers(String str, int i) throws RegistryException {
        String key = getKey(str, i);
        if (this.iUserSearchCache.containsKey(key)) {
            return (SearchResult) this.iUserSearchCache.get(key);
        }
        SearchResult users = this.userRegistry.getUsers(str, i);
        this.iUserSearchCache.put(key, (Object) users);
        return users;
    }

    private SearchResult searchGroups(String str, int i) throws RegistryException {
        String key = getKey(str, i);
        if (this.iGroupSearchCache.containsKey(key)) {
            return (SearchResult) this.iGroupSearchCache.get(key);
        }
        SearchResult groups = this.userRegistry.getGroups(str, i);
        this.iGroupSearchCache.put(key, (Object) groups);
        return groups;
    }

    public List<String> getGroupsForUser(String str) throws EntryNotFoundException, RegistryException {
        return this.userRegistry.getGroupsForUser(str);
    }

    public SearchResult getUsersForGroup(String str, int i) throws RemoteException, NotImplementedException, EntryNotFoundException, CustomRegistryException, RegistryException {
        return this.userRegistry.getUsersForGroup(str, i);
    }

    private void setReturnContext(Root root, Root root2) {
        if (root2 == null || root2.getEntities().isEmpty()) {
            return;
        }
        boolean z = false;
        if (root != null) {
            Iterator<Context> it = root.getContexts().iterator();
            while (it.hasNext()) {
                String key = it.next().getKey();
                if (key != null && SchemaConstants.IS_URBRIDGE_RESULT.equals(key)) {
                    z = true;
                }
            }
        }
        if (z) {
            Context context = new Context();
            context.setKey(SchemaConstants.IS_URBRIDGE_RESULT);
            context.setValue("true");
            root2.getContexts().add(context);
        }
    }

    @Override // com.ibm.ws.security.wim.Repository
    public Root delete(Root root) throws WIMException {
        throw new WIMApplicationException(WIMMessageKey.CANNOT_WRITE_TO_READ_ONLY_REPOSITORY, Tr.formatMessage(tc, WIMMessageKey.CANNOT_WRITE_TO_READ_ONLY_REPOSITORY, WIMMessageHelper.generateMsgParms(this.reposId)));
    }

    @Override // com.ibm.ws.security.wim.Repository
    public Root create(Root root) throws WIMException {
        throw new WIMApplicationException(WIMMessageKey.CANNOT_WRITE_TO_READ_ONLY_REPOSITORY, Tr.formatMessage(tc, WIMMessageKey.CANNOT_WRITE_TO_READ_ONLY_REPOSITORY, WIMMessageHelper.generateMsgParms(this.reposId)));
    }

    @Override // com.ibm.ws.security.wim.Repository
    public Root update(Root root) throws WIMException {
        throw new WIMApplicationException(WIMMessageKey.CANNOT_WRITE_TO_READ_ONLY_REPOSITORY, Tr.formatMessage(tc, WIMMessageKey.CANNOT_WRITE_TO_READ_ONLY_REPOSITORY, WIMMessageHelper.generateMsgParms(this.reposId)));
    }

    public void stopCacheThreads() {
        if (this.iUserSecurityNameCache != null) {
            this.iUserSecurityNameCache.stopEvictionTask();
        }
        if (this.iUserUniqueIdCache != null) {
            this.iUserUniqueIdCache.stopEvictionTask();
        }
        if (this.iUserDispNameCache != null) {
            this.iUserDispNameCache.stopEvictionTask();
        }
        if (this.iGroupSecurityNameCache != null) {
            this.iGroupSecurityNameCache.stopEvictionTask();
        }
        if (this.iUserSearchCache != null) {
            this.iUserSearchCache.stopEvictionTask();
        }
        if (this.iGroupSearchCache != null) {
            this.iGroupSearchCache.stopEvictionTask();
        }
        if (this.iGroupUniqueIdCache != null) {
            this.iGroupUniqueIdCache.stopEvictionTask();
        }
        if (this.iGroupDispNameCache != null) {
            this.iGroupDispNameCache.stopEvictionTask();
        }
    }
}
