package com.ibm.ws.security.admintask.securityDomain;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.InvalidParameterNameException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.AuthMechanismConfig;
import com.ibm.ws.security.config.AuthorizationConfig;
import com.ibm.ws.security.config.AuthorizationProviderConfig;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import java.util.ArrayList;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/securityDomain/ConfigureAuthzConfig.class */
public class ConfigureAuthzConfig extends AbstractTaskCommand {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register(ConfigureLTPAAuthMechanism.class, "ConfigureAuthzConfig", "com.ibm.ws.security.admintask.securityDomain");
    private ObjectName secObj;
    private ObjectName globalSecObj;
    private ConfigService configService;
    private Session session;
    private String secDomain;
    private Boolean useJACCProvider;
    private String name;
    private String description;
    private String j2eePolicyImplClassName;
    private String policyConfigurationFactoryImplClassName;
    private String roleConfigurationFactoryImplClassName;
    private String initializeJACCProviderClassName;
    private Boolean requiresEJBArgumentsPolicyContextHandler;
    private Boolean supportsDynamicModuleUpdates;
    private String customProperties;

    public ConfigureAuthzConfig(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.secDomain = null;
        this.useJACCProvider = null;
        this.name = null;
        this.description = null;
        this.j2eePolicyImplClassName = null;
        this.policyConfigurationFactoryImplClassName = null;
        this.roleConfigurationFactoryImplClassName = null;
        this.initializeJACCProviderClassName = null;
        this.requiresEJBArgumentsPolicyContextHandler = null;
        this.supportsDynamicModuleUpdates = null;
        this.customProperties = null;
    }

    public ConfigureAuthzConfig(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.secDomain = null;
        this.useJACCProvider = null;
        this.name = null;
        this.description = null;
        this.j2eePolicyImplClassName = null;
        this.policyConfigurationFactoryImplClassName = null;
        this.roleConfigurationFactoryImplClassName = null;
        this.initializeJACCProviderClassName = null;
        this.requiresEJBArgumentsPolicyContextHandler = null;
        this.supportsDynamicModuleUpdates = null;
        this.customProperties = null;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    private void configureAuthzConfig() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureAuthzConfig");
        }
        AttributeList attributeList = new AttributeList();
        ObjectName authzConfigObj = getAuthzConfigObj();
        if (authzConfigObj != null) {
            if (this.useJACCProvider != null) {
                attributeList.add(new Attribute(AuthorizationConfig.USE_JACC_PROVIDER, this.useJACCProvider));
                this.configService.setAttributes(this.session, authzConfigObj, attributeList);
                attributeList.clear();
            }
            if (this.name != null && this.name.length() > 0) {
                attributeList.add(new Attribute("name", this.name));
            }
            if (this.description != null) {
                attributeList.add(new Attribute("description", this.description));
            }
            if (this.j2eePolicyImplClassName != null) {
                attributeList.add(new Attribute(AuthorizationProviderConfig.J2EE_POLICY_IMPL_CLASS_NAME, this.j2eePolicyImplClassName));
            }
            if (this.policyConfigurationFactoryImplClassName != null) {
                attributeList.add(new Attribute(AuthorizationProviderConfig.POLICY_CONFIGURATION_FACTORY_IMPL_CLASS_NAME, this.policyConfigurationFactoryImplClassName));
            }
            if (this.roleConfigurationFactoryImplClassName != null) {
                attributeList.add(new Attribute(AuthorizationProviderConfig.ROLE_CONFIGURATION_FACTORY_IMPL_CLASS_NAME, this.roleConfigurationFactoryImplClassName));
            }
            if (this.initializeJACCProviderClassName != null) {
                attributeList.add(new Attribute(AuthorizationProviderConfig.INITIALIZE_JACC_PROVIDER_CLASS_NAME, this.initializeJACCProviderClassName));
            }
            if (this.requiresEJBArgumentsPolicyContextHandler != null) {
                attributeList.add(new Attribute(AuthorizationProviderConfig.REQUIRES_EJB_ARGUMENTS_POLICY_CONTEXT_HANDLER, this.requiresEJBArgumentsPolicyContextHandler));
            }
            if (this.supportsDynamicModuleUpdates != null) {
                attributeList.add(new Attribute(AuthorizationProviderConfig.SUPPORTS_DYNAMIC_MODULE_UPDATES, this.supportsDynamicModuleUpdates));
            }
            if (!attributeList.isEmpty() || this.customProperties != null) {
                ArrayList arrayList = (ArrayList) this.configService.getAttribute(this.session, authzConfigObj, "authorizationProviders");
                if (arrayList.size() > 0) {
                    ObjectName objectName = this.configService.queryConfigObjects(this.session, null, ConfigServiceHelper.createObjectName((AttributeList) arrayList.get(0)), null)[0];
                    if (!attributeList.isEmpty()) {
                        this.configService.setAttributes(this.session, objectName, attributeList);
                    }
                    if (this.customProperties != null && this.customProperties.length() > 0) {
                        SecConfigTaskHelper.addCustomProperties(this.session, this.configService, objectName, this.customProperties);
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "configureAuthzConfig");
        }
    }

    private void unconfigureAuthzConfig() throws Exception {
        ObjectName objectName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unconfigureAuthzConfig");
        }
        AttributeList attributeList = (AttributeList) this.configService.getAttribute(this.session, this.secObj, AuthMechanismConfig.AUTH_CONFIG);
        if (attributeList != null && (objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList), null)[0]) != null) {
            this.configService.deleteConfigData(this.session, objectName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "unconfigureAuthzConfig");
        }
    }

    private AttributeList getAuthzConfigInfo() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAuthzConfigInfo");
        }
        AttributeList attributeList = new AttributeList();
        AttributeList attributeList2 = (AttributeList) this.configService.getAttribute(this.session, this.secObj, AuthMechanismConfig.AUTH_CONFIG);
        if (attributeList2 != null) {
            attributeList = attributeList2;
            attributeList.remove(new Attribute("defaultAuthorizationProvider", null));
            attributeList.remove(new Attribute("useNativeAuthorization", Boolean.FALSE));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getAuthzConfigInfo");
        }
        return attributeList;
    }

    private ObjectName getAuthzConfigObj() throws Exception {
        ObjectName objectName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAuthzConfigObj");
        }
        AttributeList attributeList = (AttributeList) this.configService.getAttribute(this.session, this.secObj, AuthMechanismConfig.AUTH_CONFIG);
        if (attributeList != null) {
            objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList), null)[0];
        } else {
            AttributeList attributes = this.configService.getAttributes(this.session, this.globalSecObj, new String[]{AuthMechanismConfig.AUTH_CONFIG}, true);
            if (attributes == null) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.noAuthConfig.SECJ7764E", null));
            }
            this.configService.setAttributes(this.session, this.secObj, attributes);
            this.configService.getAttributes(this.session, this.secObj, new String[]{AuthMechanismConfig.AUTH_CONFIG}, true);
            objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AuthorizationConfig"), null)[0];
            if (objectName != null) {
                AttributeList attributeList2 = new AttributeList();
                attributeList2.add(new Attribute("useNativeAuthorization", null));
                this.configService.setAttributes(this.session, objectName, attributeList2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getAuthzConfigObj");
        }
        return objectName;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isDebugEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        String name = getName();
        try {
            try {
                this.configService = getConfigService();
                this.session = getConfigSession();
                try {
                    this.secDomain = (String) getParameter("securityDomainName");
                } catch (InvalidParameterNameException e) {
                }
                try {
                    this.name = (String) getParameter("name");
                } catch (InvalidParameterNameException e2) {
                }
                try {
                    this.description = (String) getParameter("description");
                } catch (InvalidParameterNameException e3) {
                }
                try {
                    this.useJACCProvider = (Boolean) getParameter(AuthorizationConfig.USE_JACC_PROVIDER);
                } catch (InvalidParameterNameException e4) {
                }
                try {
                    this.j2eePolicyImplClassName = (String) getParameter(AuthorizationProviderConfig.J2EE_POLICY_IMPL_CLASS_NAME);
                } catch (InvalidParameterNameException e5) {
                }
                try {
                    this.policyConfigurationFactoryImplClassName = (String) getParameter(AuthorizationProviderConfig.POLICY_CONFIGURATION_FACTORY_IMPL_CLASS_NAME);
                } catch (InvalidParameterNameException e6) {
                }
                try {
                    this.roleConfigurationFactoryImplClassName = (String) getParameter(AuthorizationProviderConfig.ROLE_CONFIGURATION_FACTORY_IMPL_CLASS_NAME);
                } catch (InvalidParameterNameException e7) {
                }
                try {
                    this.initializeJACCProviderClassName = (String) getParameter(AuthorizationProviderConfig.INITIALIZE_JACC_PROVIDER_CLASS_NAME);
                } catch (InvalidParameterNameException e8) {
                }
                try {
                    this.requiresEJBArgumentsPolicyContextHandler = (Boolean) getParameter(AuthorizationProviderConfig.REQUIRES_EJB_ARGUMENTS_POLICY_CONTEXT_HANDLER);
                } catch (InvalidParameterNameException e9) {
                }
                try {
                    this.supportsDynamicModuleUpdates = (Boolean) getParameter(AuthorizationProviderConfig.SUPPORTS_DYNAMIC_MODULE_UPDATES);
                } catch (InvalidParameterNameException e10) {
                }
                try {
                    this.customProperties = (String) getParameter(CommonConstants.CUSTOM_PROPERTIES);
                } catch (InvalidParameterNameException e11) {
                }
                this.globalSecObj = SecConfigTaskHelper.getSecurityObjectName(this.session, this.configService);
                if (this.secDomain == null) {
                    this.secObj = this.globalSecObj;
                } else {
                    if ((name.equals("configureAuthzConfig") || name.equals("unconfigureAuthzConfig")) && this.secDomain.equals(CommonConstants.GLOBALSECURITY_DOMAIN)) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.unableToRunCommand.SECJ7810E", new Object[]{name, this.secDomain}));
                    }
                    this.secObj = SecConfigTaskHelper.getSecDomain(this.session, this.configService, this.secDomain);
                    if (this.secObj == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{this.secDomain}));
                    }
                }
                if (name.equals("configureAuthzConfig")) {
                    configureAuthzConfig();
                }
                if (name.equals("unconfigureAuthzConfig")) {
                    unconfigureAuthzConfig();
                }
                if (name.equals("getAuthzConfigInfo")) {
                    taskCommandResultImpl.setResult(getAuthzConfigInfo());
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            } catch (Throwable th) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
                throw th;
            }
        } catch (Exception e12) {
            FFDCFilter.processException(e12, "com.ibm.ws.security.commands.securityDomain.ConfigureAuthData", "206");
            Tr.debug(tc, "exception caught", e12);
            taskCommandResultImpl.setException(new CommandValidationException(e12, e12.getMessage()));
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        }
    }
}
