package com.ibm.ws.soa.sca.qos.util.policy;

import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.application.AppManagement;
import com.ibm.websphere.management.application.AppManagementProxy;
import com.ibm.websphere.management.application.client.AppDeploymentTask;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.soa.sca.admin.cdf.codegen.ScaCodeGenException;
import com.ibm.ws.soa.sca.admin.cdf.config.ScaModuleContext;
import com.ibm.ws.soa.sca.qos.interfacedef.WSBinding;
import com.ibm.ws.soa.sca.qos.util.SCACompositeHelper;
import com.ibm.ws.soa.sca.qos.util.SCAQoSConstants;
import com.ibm.ws.soa.sca.qos.util.logger.SCAQoSLogger;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.tuscany.sca.assembly.Binding;
import org.apache.tuscany.sca.assembly.Component;
import org.apache.tuscany.sca.assembly.Service;
import org.apache.tuscany.sca.policy.Intent;
import org.apache.tuscany.sca.policy.IntentAttachPoint;
import org.apache.tuscany.sca.policy.xml.PolicyConstants;
import org.eclipse.jst.j2ee.common.CommonFactory;
import org.eclipse.jst.j2ee.common.SecurityRole;
import org.eclipse.jst.j2ee.webapplication.AuthConstraint;
import org.eclipse.jst.j2ee.webapplication.AuthMethodKind;
import org.eclipse.jst.j2ee.webapplication.HTTPMethodTypeEnum;
import org.eclipse.jst.j2ee.webapplication.LoginConfig;
import org.eclipse.jst.j2ee.webapplication.SecurityConstraint;
import org.eclipse.jst.j2ee.webapplication.WebApp;
import org.eclipse.jst.j2ee.webapplication.WebResourceCollection;
import org.eclipse.jst.j2ee.webapplication.WebapplicationFactory;

/* loaded from: input_file:waslib/soaFEP.jar:com/ibm/ws/soa/sca/qos/util/policy/SecurityConstraintsHelper.class */
public class SecurityConstraintsHelper implements SCAQoSConstants {
    private static final String className = "com.ibm.ws.soa.sca.qos.policy.util.SecurityConstraintsHelper";
    private static final Logger logger = SCAQoSLogger.getLogger(className);
    private static SecurityConstraintsHelper helper = null;
    private static SCACompositeHelper compositeHelper = null;

    private SecurityConstraintsHelper() {
        compositeHelper = SCACompositeHelper.getInstance();
    }

    public static SecurityConstraintsHelper getInstance() {
        if (helper == null) {
            helper = new SecurityConstraintsHelper();
        }
        return helper;
    }

    public void addSecurityConstraint(WSBinding wSBinding, WebapplicationFactory webapplicationFactory, WebApp webApp, String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(className, "addSecurityConstraint", new Object[]{wSBinding, webapplicationFactory, webApp, str});
        }
        if (wSBinding != null) {
            String requires = getRequires(wSBinding);
            if (requires != null && requires.indexOf(SCAQoSConstants.AUTHENTICATION_TRANSPORT) != -1) {
                SecurityConstraint createSecurityConstraint = webapplicationFactory.createSecurityConstraint();
                WebResourceCollection createWebResourceCollection = webapplicationFactory.createWebResourceCollection();
                createWebResourceCollection.getUrlPattern().add("/*");
                createWebResourceCollection.setWebResourceName("SecureResource");
                createWebResourceCollection.getHttpMethod().add(HTTPMethodTypeEnum.GET_LITERAL);
                createWebResourceCollection.getHttpMethod().add(HTTPMethodTypeEnum.PUT_LITERAL);
                createWebResourceCollection.getHttpMethod().add(HTTPMethodTypeEnum.HEAD_LITERAL);
                createWebResourceCollection.getHttpMethod().add(HTTPMethodTypeEnum.TRACE_LITERAL);
                createWebResourceCollection.getHttpMethod().add(HTTPMethodTypeEnum.POST_LITERAL);
                createWebResourceCollection.getHttpMethod().add(HTTPMethodTypeEnum.DELETE_LITERAL);
                createWebResourceCollection.getHttpMethod().add(HTTPMethodTypeEnum.OPTIONS_LITERAL);
                createWebResourceCollection.setSecConstraint(createSecurityConstraint);
                AuthConstraint createAuthConstraint = webapplicationFactory.createAuthConstraint();
                createAuthConstraint.getRoles().add(SCAQoSConstants.AUTHORIZEDROLE);
                createAuthConstraint.setSecConstraint(createSecurityConstraint);
                createSecurityConstraint.setWebApp(webApp);
                LoginConfig createLoginConfig = webapplicationFactory.createLoginConfig();
                createLoginConfig.setAuthMethod(AuthMethodKind.BASIC_LITERAL);
                createLoginConfig.setRealmName("Basic Auth");
                createLoginConfig.setWebApp(webApp);
                SecurityRole createSecurityRole = CommonFactory.eINSTANCE.createSecurityRole();
                createSecurityRole.setRoleName(SCAQoSConstants.AUTHORIZEDROLE);
                webApp.getSecurityRoles().add(createSecurityRole);
            }
        } else if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINEST, className, "addSecurityConstraint", "No wsBinding element in service " + str);
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(className, "addSecurityConstraint");
        }
    }

    public boolean setupRoleMapping(String str, String str2) throws Exception {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(className, "setupRoleMapping", new Object[]{str, str2});
        }
        AppManagement jMXProxyForServer = AdminServiceFactory.getAdminService() != null ? AppManagementProxy.getJMXProxyForServer() : AppManagementProxy.getLocalProxy();
        Vector applicationInfo = jMXProxyForServer.getApplicationInfo(str, new Hashtable(), str2);
        AppDeploymentTask appDeploymentTask = null;
        int i = 0;
        while (true) {
            if (i >= applicationInfo.size()) {
                break;
            }
            appDeploymentTask = (AppDeploymentTask) applicationInfo.elementAt(i);
            if (appDeploymentTask.getName().equals("MapRolesToUsers")) {
                int i2 = -1;
                int i3 = -1;
                String[] columnNames = appDeploymentTask.getColumnNames();
                int length = columnNames.length;
                int i4 = 0;
                while (true) {
                    if (i4 >= length) {
                        break;
                    }
                    if (columnNames[i4].equals("role")) {
                        i2 = i4;
                    } else if (columnNames[i4].equals("role.all.auth.user")) {
                        i3 = i4;
                        break;
                    }
                    i4++;
                }
                String[][] taskData = appDeploymentTask.getTaskData();
                boolean z = false;
                int i5 = 1;
                while (true) {
                    if (i5 >= taskData.length) {
                        break;
                    }
                    if (taskData[i5][i2].equals(SCAQoSConstants.AUTHORIZEDROLE)) {
                        if (logger.isLoggable(Level.FINEST)) {
                            logger.logp(Level.FINEST, className, "setupRoleMapping", "Updating the role mappings.");
                        }
                        taskData[i5][i3] = "AppDeploymentOption.Yes";
                        z = true;
                        appDeploymentTask.setTaskData(taskData);
                    } else {
                        i5++;
                    }
                }
                if (!z) {
                    ScaCodeGenException scaCodeGenException = new ScaCodeGenException("AuthorizedRole was not found. Role Mapping Failed.");
                    FFDCFilter.processException(scaCodeGenException, "com.ibm.ws.soa.sca.qos.policy.util.SecurityConstraintsHelpersetupRoleMapping", "250", this);
                    throw scaCodeGenException;
                }
            } else {
                i++;
            }
        }
        applicationInfo.removeAllElements();
        applicationInfo.add(appDeploymentTask);
        jMXProxyForServer.setApplicationInfo(str, new Hashtable(), str2, applicationInfo);
        if (!logger.isLoggable(Level.FINER)) {
            return true;
        }
        logger.exiting(className, "setupRoleMapping", new Boolean(true));
        return true;
    }

    public boolean isAuthenticationRequired(WSBinding wSBinding, Service service) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(className, "isAuthenticationRequired", wSBinding);
        }
        if (wSBinding != null) {
            String requires = getRequires(wSBinding);
            return (requires == null || requires.indexOf(SCAQoSConstants.AUTHENTICATION_TRANSPORT) == -1) ? false : true;
        }
        if (!logger.isLoggable(Level.FINEST)) {
            return false;
        }
        logger.logp(Level.FINEST, className, "isAuthenticationRequired", "No wsBinding element in service " + service);
        return false;
    }

    public boolean isAuthenticationRequired(ScaModuleContext scaModuleContext) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(className, "getServiceRequiresAuth", scaModuleContext);
        }
        List<Component> components = scaModuleContext.getComposite().getComponents();
        ArrayList arrayList = new ArrayList();
        Iterator<Component> it = components.iterator();
        while (it.hasNext()) {
            arrayList.addAll(it.next().getServices());
        }
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= arrayList.size()) {
                break;
            }
            WSBinding wSBinding = null;
            Iterator<Binding> it2 = ((Service) arrayList.get(i)).getBindings().iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                Binding next = it2.next();
                if (next instanceof WSBinding) {
                    wSBinding = (WSBinding) next;
                    break;
                }
            }
            if (wSBinding != null && getRequires(wSBinding).indexOf(SCAQoSConstants.AUTHENTICATION_TRANSPORT) != -1) {
                z = true;
                break;
            }
            i++;
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(className, "getServiceRequiresAuth", new Boolean(z));
        }
        return z;
    }

    private String getRequires(WSBinding wSBinding) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(className, "getRequires", wSBinding);
        }
        String str = "";
        Iterator<Intent> it = ((IntentAttachPoint) wSBinding).getRequiredIntents().iterator();
        while (it.hasNext()) {
            str = str + it.next().getName().getLocalPart() + PolicyConstants.WHITE_SPACE;
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(className, "getRequires", str);
        }
        return str;
    }
}
