package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.etools.portletapplication.PortletApplication;
import com.ibm.etools.portletapplication.SecurityConstraint;
import com.ibm.ras.RASFormatter;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.portletcontainer.util.PortletModelHelper;
import com.ibm.ws.runtime.deploy.DeployedModule;
import com.ibm.ws.security.core.AccessContext;
import com.ibm.ws.security.core.PermissionRoleMap;
import com.ibm.ws.security.util.LRUCache;
import com.ibm.ws.security.util.WCCMHelper;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Vector;
import org.eclipse.emf.common.util.EList;
import org.eclipse.jst.j2ee.common.SecurityRole;
import org.eclipse.jst.j2ee.webapplication.AuthConstraint;
import org.eclipse.jst.j2ee.webapplication.HTTPMethodType;
import org.eclipse.jst.j2ee.webapplication.HTTPMethodTypeEnum;
import org.eclipse.jst.j2ee.webapplication.UserDataConstraint;
import org.eclipse.jst.j2ee.webapplication.WebApp;
import org.eclipse.jst.j2ee.webapplication.WebResourceCollection;

/* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/security/web/WebConstraintsTable.class */
public class WebConstraintsTable extends PermissionRoleMap {
    private static final TraceComponent tc;
    private static String NO_MATCH;
    private WebResourceCollectionConstraints[] webConstraintsTable = null;
    private WebApp webApp;
    LRUCache userDataConstraintsMap;
    public static final String WEB_HASH_SIZE = "com.ibm.websphere.security.web.hashsize";
    static Class class$com$ibm$ws$security$web$WebConstraintsTable;

    public WebConstraintsTable(WebApp webApp, String str, DeployedModule deployedModule) {
        this.webApp = null;
        String property = System.getProperty(WEB_HASH_SIZE);
        if (property == null || property == "" || new Integer(property).intValue() <= 0) {
            this.userDataConstraintsMap = new LRUCache(600);
        } else {
            this.userDataConstraintsMap = new LRUCache(new Integer(property).intValue());
        }
        this.webApp = webApp;
        initializeTable(webApp.getConstraints(), str, deployedModule);
    }

    @Override // com.ibm.ws.security.core.PermissionRoleMap
    protected SecurityRole[] getRequiredRoles(AccessContext accessContext, String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("getRequiredRoles :  ").append(str).append(RASFormatter.DEFAULT_SEPARATOR).append(str2).toString());
        }
        String str3 = NO_MATCH;
        Vector vector = null;
        Vector vector2 = null;
        Vector vector3 = null;
        SecurityRole[] securityRoleArr = null;
        SecurityRole[] securityRoleArr2 = null;
        String str4 = NO_MATCH;
        for (int i = 0; i < this.webConstraintsTable.length; i++) {
            WebResourceCollectionConstraints webResourceCollectionConstraints = this.webConstraintsTable[i];
            String matches = webResourceCollectionConstraints.matches(str, str2);
            if (matches != null) {
                int matchType = WebResourceCollectionConstraints.getMatchType(matches);
                if (matchType == WebResourceCollectionConstraints.EXACT_MATCH) {
                    SecurityRole[] requiredRoles = webResourceCollectionConstraints.getRequiredRoles();
                    if (requiredRoles == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                        return requiredRoles;
                    }
                    if (vector2 != null) {
                        for (int i2 = 0; i2 < requiredRoles.length; i2++) {
                            if (!vector2.contains(requiredRoles[i2])) {
                                vector2.add(requiredRoles[i2]);
                            }
                        }
                    } else {
                        vector2 = new Vector();
                        for (SecurityRole securityRole : requiredRoles) {
                            vector2.add(securityRole);
                        }
                    }
                } else if (matchType == WebResourceCollectionConstraints.PATHNAME_MATCH && matches.length() == str3.length()) {
                    str3 = matches;
                    SecurityRole[] requiredRoles2 = webResourceCollectionConstraints.getRequiredRoles();
                    if (requiredRoles2 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                        securityRoleArr = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                        str4 = matches;
                    } else if (str4.length() < matches.length()) {
                        if (vector != null) {
                            for (int i3 = 0; i3 < requiredRoles2.length; i3++) {
                                if (!vector.contains(requiredRoles2[i3])) {
                                    vector.add(requiredRoles2[i3]);
                                }
                            }
                        } else {
                            vector = new Vector();
                            for (SecurityRole securityRole2 : requiredRoles2) {
                                vector.add(securityRole2);
                            }
                        }
                    }
                } else if (matchType == WebResourceCollectionConstraints.PATHNAME_MATCH && matches.length() > str3.length()) {
                    str3 = matches;
                    vector = new Vector();
                    SecurityRole[] requiredRoles3 = webResourceCollectionConstraints.getRequiredRoles();
                    if (requiredRoles3 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                        securityRoleArr = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                        str4 = matches;
                    } else {
                        for (SecurityRole securityRole3 : requiredRoles3) {
                            vector.add(securityRole3);
                        }
                    }
                } else if (matchType == WebResourceCollectionConstraints.EXTENSION_MATCH) {
                    SecurityRole[] requiredRoles4 = webResourceCollectionConstraints.getRequiredRoles();
                    if (requiredRoles4 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                        securityRoleArr2 = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                    } else if (securityRoleArr2 == null) {
                        if (vector3 != null) {
                            for (int i4 = 0; i4 < requiredRoles4.length; i4++) {
                                if (!vector3.contains(requiredRoles4[i4])) {
                                    vector3.add(requiredRoles4[i4]);
                                }
                            }
                        } else {
                            vector3 = new Vector();
                            for (SecurityRole securityRole4 : requiredRoles4) {
                                vector3.add(securityRole4);
                            }
                        }
                    }
                }
            }
        }
        SecurityRole[] securityRoleArr3 = PermissionRoleMap.NO_REQUIRED_ROLES;
        if (vector2 != null) {
            if (vector2.size() > 0) {
                securityRoleArr3 = (SecurityRole[]) vector2.toArray(new SecurityRole[0]);
            }
        } else if (securityRoleArr != null && str4.length() >= str3.length()) {
            securityRoleArr3 = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
        } else if (vector != null) {
            if (vector.size() > 0) {
                securityRoleArr3 = (SecurityRole[]) vector.toArray(new SecurityRole[0]);
            }
        } else if (securityRoleArr2 != null) {
            securityRoleArr3 = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
        } else if (vector3 != null && vector3.size() > 0) {
            securityRoleArr3 = (SecurityRole[]) vector3.toArray(new SecurityRole[0]);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Required roles are");
            if (securityRoleArr3 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                Tr.debug(tc, "EMPTY_REQUIRED_ROLES");
            } else if (securityRoleArr3 == PermissionRoleMap.NO_REQUIRED_ROLES) {
                Tr.debug(tc, "NO_REQUIRED_ROLES");
            } else {
                for (SecurityRole securityRole5 : securityRoleArr3) {
                    Tr.debug(tc, securityRole5.getRoleName());
                }
            }
            Tr.debug(tc, ".");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRequiredRoles");
        }
        return securityRoleArr3;
    }

    public boolean isSSLRequired(WebAccessContext webAccessContext, WebAccessPermission webAccessPermission) {
        Boolean bool = (Boolean) this.userDataConstraintsMap.get(webAccessPermission);
        if (bool != null) {
            return bool.booleanValue();
        }
        boolean isSSLRequired = isSSLRequired(webAccessPermission.getResourceName(), webAccessPermission.getMethodName());
        this.userDataConstraintsMap.put(webAccessPermission, new Boolean(isSSLRequired));
        return isSSLRequired;
    }

    public boolean isSSLRequired(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isSSLRequired");
        }
        String str3 = NO_MATCH;
        String str4 = NO_MATCH;
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        for (int i4 = 0; i4 < this.webConstraintsTable.length; i4++) {
            WebResourceCollectionConstraints webResourceCollectionConstraints = this.webConstraintsTable[i4];
            String matches = webResourceCollectionConstraints.matches(str, str2);
            if (matches != null) {
                int matchType = WebResourceCollectionConstraints.getMatchType(matches);
                if (matchType == WebResourceCollectionConstraints.EXACT_MATCH) {
                    str3 = matches;
                    i = webResourceCollectionConstraints.getTransportGuarantee();
                    str4 = matches;
                    if (i != 0) {
                        break;
                    }
                } else if (matchType == WebResourceCollectionConstraints.PATHNAME_MATCH && matches.length() == str3.length()) {
                    int transportGuarantee = webResourceCollectionConstraints.getTransportGuarantee();
                    if (i2 == 0) {
                        i2 = transportGuarantee;
                    }
                    str3 = matches;
                } else if (matchType == WebResourceCollectionConstraints.PATHNAME_MATCH && matches.length() > str3.length()) {
                    str3 = matches;
                    i2 = webResourceCollectionConstraints.getTransportGuarantee();
                } else if (matchType == WebResourceCollectionConstraints.EXTENSION_MATCH) {
                    int transportGuarantee2 = webResourceCollectionConstraints.getTransportGuarantee();
                    if (i3 == 0) {
                        i3 = transportGuarantee2;
                    }
                }
            }
        }
        return (str4 != NO_MATCH ? i : str3 != NO_MATCH ? i2 : i3) != 0;
    }

    public WebResourceCollectionConstraints getConstraints(AccessContext accessContext, String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConstraints: ", new Object[]{str, str2});
        }
        String str3 = NO_MATCH;
        WebResourceCollectionConstraints webResourceCollectionConstraints = null;
        WebResourceCollectionConstraints webResourceCollectionConstraints2 = null;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("webConstraintsTable.length = ").append(this.webConstraintsTable.length).toString());
        }
        for (int i = 0; i < this.webConstraintsTable.length; i++) {
            WebResourceCollectionConstraints webResourceCollectionConstraints3 = this.webConstraintsTable[i];
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("webConstraintsTable.length = ").append(this.webConstraintsTable.length).toString());
            }
            String matches = webResourceCollectionConstraints3.matches(str, str2);
            if (matches != null) {
                int matchType = WebResourceCollectionConstraints.getMatchType(matches);
                if (matchType == WebResourceCollectionConstraints.EXACT_MATCH) {
                    return webResourceCollectionConstraints3;
                }
                if (matchType != WebResourceCollectionConstraints.PATHNAME_MATCH || matches.length() <= str3.length()) {
                    webResourceCollectionConstraints2 = webResourceCollectionConstraints3;
                } else {
                    str3 = matches;
                    webResourceCollectionConstraints = webResourceCollectionConstraints3;
                }
            }
        }
        if (webResourceCollectionConstraints != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getConstraints not null");
            }
            return webResourceCollectionConstraints;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getConstraints");
        }
        return webResourceCollectionConstraints2;
    }

    private void initializeTable(EList eList, String str, DeployedModule deployedModule) {
        EList<SecurityConstraint> securityConstraints;
        SecurityRole[] securityRoleArr;
        Hashtable hashtable = new Hashtable();
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeTable");
        }
        PortletApplication portletApplication = PortletModelHelper.getPortletApplication(deployedModule);
        if (tc.isDebugEnabled() && portletApplication != null) {
            Tr.debug(tc, new StringBuffer().append("Portlet app: ").append(portletApplication).append(" exists for app ").append(str).toString());
        }
        Vector vector = new Vector();
        Iterator it = eList.iterator();
        while (it.hasNext()) {
            try {
                org.eclipse.jst.j2ee.webapplication.SecurityConstraint securityConstraint = (org.eclipse.jst.j2ee.webapplication.SecurityConstraint) it.next();
                if (securityConstraint != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "SecurityConstraint: ", new Object[]{securityConstraint});
                }
                AuthConstraint authConstraint = securityConstraint.getAuthConstraint();
                if (authConstraint != null) {
                    EList roles = authConstraint.getRoles();
                    if (roles == null || roles.size() == 0) {
                        securityRoleArr = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                    } else {
                        securityRoleArr = new SecurityRole[roles.size()];
                        Iterator it2 = roles.iterator();
                        int i = 0;
                        while (true) {
                            if (!it2.hasNext()) {
                                break;
                            }
                            String str2 = (String) it2.next();
                            if (str2.equals("*")) {
                                EList<SecurityRole> securityRoles = this.webApp.getSecurityRoles();
                                int i2 = 0;
                                securityRoleArr = new SecurityRole[securityRoles.size()];
                                for (SecurityRole securityRole : securityRoles) {
                                    int i3 = i2;
                                    i2++;
                                    securityRoleArr[i3] = WCCMHelper.createSecurityRole(securityRole.getRoleName(), securityRole.getRoleName());
                                }
                            } else {
                                int i4 = i;
                                i++;
                                securityRoleArr[i4] = WCCMHelper.createSecurityRole(str2, str2);
                            }
                        }
                        if (tc.isDebugEnabled()) {
                            StringBuffer stringBuffer = new StringBuffer("Number of security roles defined: ");
                            stringBuffer.append(securityRoleArr.length);
                            Tr.debug(tc, stringBuffer.toString());
                        }
                    }
                } else {
                    securityRoleArr = PermissionRoleMap.NO_REQUIRED_ROLES;
                }
                UserDataConstraint userDataConstraint = securityConstraint.getUserDataConstraint();
                boolean z = false;
                int i5 = 0;
                if (userDataConstraint != null) {
                    z = userDataConstraint.isSetTransportGuarantee();
                    if (z) {
                        i5 = userDataConstraint.getTransportGuarantee().getValue();
                    }
                }
                for (WebResourceCollection webResourceCollection : securityConstraint.getWebResourceCollections()) {
                    EList urlPattern = webResourceCollection.getUrlPattern();
                    EList<HTTPMethodTypeEnum> httpMethod = webResourceCollection.getHttpMethod();
                    if (urlPattern != null) {
                        HTTPMethodTypeEnum[] hTTPMethodTypeEnumArr = new HTTPMethodTypeEnum[httpMethod.size()];
                        int i6 = 0;
                        for (HTTPMethodTypeEnum hTTPMethodTypeEnum : httpMethod) {
                            int i7 = i6;
                            i6++;
                            hTTPMethodTypeEnumArr[i7] = hTTPMethodTypeEnum;
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("method=").append(hTTPMethodTypeEnum).toString());
                            }
                        }
                        WebResourceCollectionConstraints webResourceCollectionConstraints = new WebResourceCollectionConstraints(urlPattern, hTTPMethodTypeEnumArr);
                        if (securityRoleArr.length > 0 || securityRoleArr == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                            webResourceCollectionConstraints.setRequiredRoles(securityRoleArr);
                        }
                        if (z) {
                            webResourceCollectionConstraints.setTransportGuarantee(i5);
                        }
                        vector.addElement(webResourceCollectionConstraints);
                        if (portletApplication != null) {
                            for (int i8 = 0; i8 < urlPattern.size(); i8++) {
                                hashtable.put(urlPattern.get(i8), webResourceCollectionConstraints);
                            }
                        }
                    }
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.web.WebConstraintsTable.initializeTable", "339", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Exception message:  ").append(e.getMessage()).toString(), new Object[]{e});
                }
            }
        }
        int i9 = 0;
        if (portletApplication != null && (securityConstraints = portletApplication.getSecurityConstraints()) != null) {
            for (SecurityConstraint securityConstraint2 : securityConstraints) {
                if (securityConstraint2 != null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "SecurityConstraint for Portlet is : ", new Object[]{securityConstraint2});
                    }
                    com.ibm.etools.portletapplication.UserDataConstraint userDataConstraint2 = securityConstraint2.getUserDataConstraint();
                    if (userDataConstraint2 != null) {
                        String name = userDataConstraint2.getTransportGuarantee().getName();
                        if (name.equals("INTEGRAL")) {
                            i9 = 1;
                        } else if (name.equals("CONFIDENTIAL")) {
                            i9 = 2;
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("transport is set for Portlet is: ").append(name).toString());
                        }
                    }
                    EList<String> portletNames = securityConstraint2.getPortletCollection().getPortletNames();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("PortletNames are: ").append(portletNames).toString());
                    }
                    for (String str3 : portletNames) {
                        if (!str3.endsWith("/*")) {
                            str3 = new StringBuffer("/").append(str3).append("/*").toString();
                        }
                        WebResourceCollectionConstraints webResourceCollectionConstraints2 = (WebResourceCollectionConstraints) hashtable.get(str3);
                        if (webResourceCollectionConstraints2 == null) {
                            HTTPMethodType[] hTTPMethodTypeArr = new HTTPMethodType[0];
                            ArrayList arrayList = new ArrayList();
                            arrayList.add(str3);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Creating new constriant collection for portlet URI : ").append(str3).toString());
                            }
                            WebResourceCollectionConstraints webResourceCollectionConstraints3 = new WebResourceCollectionConstraints(arrayList, null);
                            webResourceCollectionConstraints3.setTransportGuarantee(i9);
                            vector.addElement(webResourceCollectionConstraints3);
                        } else {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Using existing constriant collection for portlet URI : ").append(str3).toString());
                            }
                            webResourceCollectionConstraints2.removeUri(str3);
                            ArrayList arrayList2 = new ArrayList();
                            arrayList2.add(str3);
                            WebResourceCollectionConstraints webResourceCollectionConstraints4 = new WebResourceCollectionConstraints(arrayList2, null);
                            webResourceCollectionConstraints4.setRequiredRoles(webResourceCollectionConstraints2.getRequiredRoles());
                            webResourceCollectionConstraints4.setTransportGuarantee(i9);
                            vector.addElement(webResourceCollectionConstraints4);
                        }
                    }
                }
            }
        }
        int size = vector.size();
        this.webConstraintsTable = new WebResourceCollectionConstraints[size];
        for (int i10 = 0; i10 < size; i10++) {
            this.webConstraintsTable[i10] = (WebResourceCollectionConstraints) vector.elementAt(i10);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeTable");
        }
    }

    public static void main(String[] strArr) {
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$security$web$WebConstraintsTable == null) {
            cls = class$("com.ibm.ws.security.web.WebConstraintsTable");
            class$com$ibm$ws$security$web$WebConstraintsTable = cls;
        } else {
            cls = class$com$ibm$ws$security$web$WebConstraintsTable;
        }
        tc = Tr.register(cls);
        NO_MATCH = "";
    }
}
