package org.apache.geronimo.security.jacc;

import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContextException;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.gbean.GBeanLifecycle;
import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.IdentificationPrincipal;

/* loaded from: input_file:zips/geronimo-jetty-j2ee-1.0-SNAPSHOT.zip:geronimo-1.0-SNAPSHOT/repository/geronimo/jars/geronimo-security-1.0-SNAPSHOT.jar:org/apache/geronimo/security/jacc/ApplicationPolicyConfigurationManager.class */
public class ApplicationPolicyConfigurationManager implements GBeanLifecycle, RoleDesignateSource {
    private final Map contextIdToPolicyConfigurationMap = new HashMap();
    private final Map roleDesignates;
    public static final GBeanInfo GBEAN_INFO;
    static Class class$org$apache$geronimo$security$jacc$ApplicationPolicyConfigurationManager;
    static Class class$java$util$Map;
    static Class class$java$lang$ClassLoader;
    static Class class$org$apache$geronimo$security$jacc$RoleDesignateSource;

    public ApplicationPolicyConfigurationManager(Map map, Map map2, Map map3, ClassLoader classLoader) throws PolicyContextException, ClassNotFoundException {
        Thread currentThread = Thread.currentThread();
        ClassLoader contextClassLoader = currentThread.getContextClassLoader();
        currentThread.setContextClassLoader(classLoader);
        try {
            PolicyConfigurationFactory policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
            currentThread.setContextClassLoader(contextClassLoader);
            for (Map.Entry entry : map.entrySet()) {
                String str = (String) entry.getKey();
                ComponentPermissions componentPermissions = (ComponentPermissions) entry.getValue();
                PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(str, false);
                this.contextIdToPolicyConfigurationMap.put(str, policyConfiguration);
                policyConfiguration.addToExcludedPolicy(componentPermissions.getExcludedPermissions());
                policyConfiguration.addToUncheckedPolicy(componentPermissions.getUncheckedPermissions());
                for (Map.Entry entry2 : componentPermissions.getRolePermissions().entrySet()) {
                    String str2 = (String) entry2.getKey();
                    Enumeration<Permission> elements = ((PermissionCollection) entry2.getValue()).elements();
                    while (elements.hasMoreElements()) {
                        policyConfiguration.addToRole(str2, elements.nextElement());
                    }
                }
                GeronimoPolicyConfigurationFactory singleton = GeronimoPolicyConfigurationFactory.getSingleton();
                if (singleton == null) {
                    throw new IllegalStateException("Inconsistent security setup.  GeronimoPolicyConfigurationFactory is not being used");
                }
                singleton.getGeronimoPolicyConfiguration(str).setPrincipalRoleMapping(map2);
            }
            for (PolicyConfiguration policyConfiguration2 : this.contextIdToPolicyConfigurationMap.values()) {
                for (PolicyConfiguration policyConfiguration3 : this.contextIdToPolicyConfigurationMap.values()) {
                    if (policyConfiguration2 != policyConfiguration3) {
                        policyConfiguration2.linkConfiguration(policyConfiguration3);
                    }
                }
            }
            Iterator it = this.contextIdToPolicyConfigurationMap.values().iterator();
            while (it.hasNext()) {
                ((PolicyConfiguration) it.next()).commit();
            }
            Policy.getPolicy().refresh();
            Iterator it2 = map3.entrySet().iterator();
            while (it2.hasNext()) {
                Subject subject = (Subject) ((Map.Entry) it2.next()).getValue();
                ContextManager.registerSubject(subject);
                subject.getPrincipals().add(new IdentificationPrincipal(ContextManager.getSubjectId(subject)));
            }
            this.roleDesignates = map3;
        } catch (Throwable th) {
            currentThread.setContextClassLoader(contextClassLoader);
            throw th;
        }
    }

    @Override // org.apache.geronimo.gbean.GBeanLifecycle
    public void doStart() throws Exception {
    }

    @Override // org.apache.geronimo.gbean.GBeanLifecycle
    public void doStop() throws Exception {
        Iterator it = this.roleDesignates.entrySet().iterator();
        while (it.hasNext()) {
            ContextManager.unregisterSubject((Subject) ((Map.Entry) it.next()).getValue());
        }
        Iterator it2 = this.contextIdToPolicyConfigurationMap.values().iterator();
        while (it2.hasNext()) {
            ((PolicyConfiguration) it2.next()).delete();
        }
    }

    @Override // org.apache.geronimo.gbean.GBeanLifecycle
    public void doFail() {
    }

    @Override // org.apache.geronimo.security.jacc.RoleDesignateSource
    public Map getRoleDesignateMap() {
        return this.roleDesignates;
    }

    public GBeanInfo getGBeanInfo() {
        return GBEAN_INFO;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        Class cls3;
        Class cls4;
        Class cls5;
        Class cls6;
        if (class$org$apache$geronimo$security$jacc$ApplicationPolicyConfigurationManager == null) {
            cls = class$("org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManager");
            class$org$apache$geronimo$security$jacc$ApplicationPolicyConfigurationManager = cls;
        } else {
            cls = class$org$apache$geronimo$security$jacc$ApplicationPolicyConfigurationManager;
        }
        GBeanInfoBuilder createStatic = GBeanInfoBuilder.createStatic(cls, NameFactory.JACC_MANAGER);
        if (class$java$util$Map == null) {
            cls2 = class$("java.util.Map");
            class$java$util$Map = cls2;
        } else {
            cls2 = class$java$util$Map;
        }
        createStatic.addAttribute("contextIdToPermissionsMap", cls2, true);
        if (class$java$util$Map == null) {
            cls3 = class$("java.util.Map");
            class$java$util$Map = cls3;
        } else {
            cls3 = class$java$util$Map;
        }
        createStatic.addAttribute("principalRoleMap", cls3, true);
        if (class$java$util$Map == null) {
            cls4 = class$("java.util.Map");
            class$java$util$Map = cls4;
        } else {
            cls4 = class$java$util$Map;
        }
        createStatic.addAttribute("roleDesignates", cls4, true);
        if (class$java$lang$ClassLoader == null) {
            cls5 = class$("java.lang.ClassLoader");
            class$java$lang$ClassLoader = cls5;
        } else {
            cls5 = class$java$lang$ClassLoader;
        }
        createStatic.addAttribute("classLoader", cls5, false);
        if (class$org$apache$geronimo$security$jacc$RoleDesignateSource == null) {
            cls6 = class$("org.apache.geronimo.security.jacc.RoleDesignateSource");
            class$org$apache$geronimo$security$jacc$RoleDesignateSource = cls6;
        } else {
            cls6 = class$org$apache$geronimo$security$jacc$RoleDesignateSource;
        }
        createStatic.addInterface(cls6);
        createStatic.setConstructor(new String[]{"contextIdToPermissionsMap", "principalRoleMap", "roleDesignates", "classLoader"});
        GBEAN_INFO = createStatic.getBeanInfo();
    }
}
