package com.tivoli.am.fim.demo.tai;

import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.EntryNotFoundException;
import com.ibm.websphere.security.UserRegistry;
import com.ibm.websphere.security.WebTrustAssociationException;
import com.ibm.websphere.security.WebTrustAssociationFailedException;
import com.ibm.wsspi.security.tai.TAIResult;
import com.ibm.wsspi.security.tai.TrustAssociationInterceptor;
import com.ibm.wsspi.security.token.WSSecurityPropagationHelper;
import java.rmi.RemoteException;
import java.util.Hashtable;
import java.util.List;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/tivoli/am/fim/demo/tai/HTTPHeaderTAI.class */
public class HTTPHeaderTAI implements TrustAssociationInterceptor {
    static String CLASS = HTTPHeaderTAI.class.getName();
    static Logger _log = Logger.getLogger(HTTPHeaderTAI.class.getName());
    String _username;

    public void cleanup() {
    }

    public String getType() {
        return "HTTPHeaderTAI";
    }

    public String getVersion() {
        return "1.0";
    }

    public int initialize(Properties properties) throws WebTrustAssociationFailedException {
        _log.entering(CLASS, "initialize");
        _log.exiting(CLASS, "initialize", new StringBuilder().append(0).toString());
        return 0;
    }

    public boolean isTargetInterceptor(HttpServletRequest httpServletRequest) throws WebTrustAssociationException {
        boolean z;
        _log.entering(CLASS, "isTargetInterceptor");
        try {
            this._username = httpServletRequest.getHeader("TAI_USER");
            if (this._username != null) {
                if (this._username.length() > 0) {
                    z = true;
                    boolean z2 = z;
                    _log.exiting(CLASS, "isTargetInterceptor", new StringBuilder().append(z2).toString());
                    return z2;
                }
            }
            z = false;
            boolean z22 = z;
            _log.exiting(CLASS, "isTargetInterceptor", new StringBuilder().append(z22).toString());
            return z22;
        } catch (Throwable th) {
            _log.exiting(CLASS, "isTargetInterceptor", new StringBuilder().append(false).toString());
            throw th;
        }
    }

    public TAIResult negotiateValidateandEstablishTrust(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws WebTrustAssociationFailedException {
        _log.entering(CLASS, "negotiateValidateandEstablishTrust");
        TAIResult tAIResult = null;
        try {
            FIMDemoAuthorizationToken fIMDemoAuthorizationToken = new FIMDemoAuthorizationToken(this._username);
            fIMDemoAuthorizationToken.addAttribute("myattr", "value1");
            fIMDemoAuthorizationToken.addAttribute("myattr", "value2");
            Subject subject = new Subject();
            subject.getPublicCredentials().add(buildSubjectHashtable(this._username, fIMDemoAuthorizationToken.getAttributesHash()));
            subject.getPrivateCredentials().add(fIMDemoAuthorizationToken);
            tAIResult = TAIResult.create(200, this._username, subject);
            _log.exiting(CLASS, "negotiateValidateandEstablishTrust", dumpTAIResult(tAIResult));
            return tAIResult;
        } catch (Throwable th) {
            _log.exiting(CLASS, "negotiateValidateandEstablishTrust", dumpTAIResult(tAIResult));
            throw th;
        }
    }

    Hashtable buildSubjectHashtable(String str, String str2) throws WebTrustAssociationFailedException {
        boolean isLoggable = _log.isLoggable(Level.FINEST);
        Hashtable hashtable = new Hashtable();
        try {
            try {
                try {
                    UserRegistry userRegistry = (UserRegistry) new InitialContext().lookup("UserRegistry");
                    String uniqueUserId = userRegistry.getUniqueUserId(str);
                    String userFromUniqueID = WSSecurityPropagationHelper.getUserFromUniqueID(uniqueUserId);
                    if (isLoggable) {
                        _log.logp(Level.FINEST, CLASS, "buildSubjectHashtable", "finalUser: " + str + " uniqueid: " + uniqueUserId + " uid: " + userFromUniqueID);
                    }
                    String userSecurityName = userRegistry.getUserSecurityName(userFromUniqueID);
                    List uniqueGroupIds = userRegistry.getUniqueGroupIds(userFromUniqueID);
                    hashtable.put("com.ibm.wsspi.security.cred.uniqueId", uniqueUserId);
                    hashtable.put("com.ibm.wsspi.security.cred.securityName", userSecurityName);
                    hashtable.put("com.ibm.wsspi.security.cred.groups", uniqueGroupIds);
                    hashtable.put("com.ibm.wsspi.security.cred.cacheKey", String.valueOf(uniqueUserId) + "_" + str2);
                    return hashtable;
                } catch (EntryNotFoundException e) {
                    e.printStackTrace();
                    throw new WebTrustAssociationFailedException(e.getMessage());
                } catch (NamingException e2) {
                    e2.printStackTrace();
                    throw new WebTrustAssociationFailedException(e2.getMessage());
                }
            } catch (RemoteException e3) {
                e3.printStackTrace();
                throw new WebTrustAssociationFailedException(e3.getMessage());
            } catch (CustomRegistryException e4) {
                e4.printStackTrace();
                throw new WebTrustAssociationFailedException(e4.getMessage());
            }
        } finally {
            _log.exiting(CLASS, "buildSubjectHashtable", hashtable);
        }
    }

    String dumpTAIResult(TAIResult tAIResult) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("{Status: ");
        if (tAIResult != null) {
            stringBuffer.append(tAIResult.getStatus());
            stringBuffer.append(" Principal: ");
            stringBuffer.append(tAIResult.getAuthenticatedPrincipal());
        } else {
            stringBuffer.append("null");
        }
        stringBuffer.append("}");
        return stringBuffer.toString();
    }
}
