package org.openejb.deployment;

import java.lang.reflect.Method;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.util.Enumeration;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.jacc.EJBMethodPermission;
import javax.security.jacc.EJBRoleRefPermission;
import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.security.deployment.SecurityConfiguration;
import org.apache.geronimo.security.jacc.ComponentPermissions;
import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType;
import org.apache.geronimo.xbeans.j2ee.ExcludeListType;
import org.apache.geronimo.xbeans.j2ee.JavaTypeType;
import org.apache.geronimo.xbeans.j2ee.MethodPermissionType;
import org.apache.geronimo.xbeans.j2ee.MethodType;
import org.apache.geronimo.xbeans.j2ee.RoleNameType;
import org.apache.geronimo.xbeans.j2ee.SecurityIdentityType;
import org.apache.geronimo.xbeans.j2ee.SecurityRoleRefType;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:zips/geronimo-tomcat-j2ee-1.0.zip:geronimo-1.0/repository/openejb/jars/openejb-builder-2.0.jar:org/openejb/deployment/ContainerSecurityBuilder.class */
public class ContainerSecurityBuilder {
    public void setDetails(SecurityIdentityType securityIdentityType, SecurityConfiguration securityConfiguration, String str, SecureBuilder secureBuilder) throws DeploymentException {
        secureBuilder.setSecurityEnabled(true);
        secureBuilder.setDoAsCurrentCaller(securityConfiguration.isDoAsCurrentCaller());
        secureBuilder.setUseContextHandler(securityConfiguration.isUseContextHandler());
        if (securityIdentityType != null && securityIdentityType.isSetRunAs()) {
            String trim = securityIdentityType.getRunAs().getRoleName().getStringValue().trim();
            Subject subject = (Subject) securityConfiguration.getRoleDesignates().get(trim);
            if (subject == null) {
                throw new DeploymentException(new StringBuffer().append("No role designate found for run-as name: ").append(trim).toString());
            }
            secureBuilder.setRunAs(subject);
        }
        secureBuilder.setDefaultPrincipal(securityConfiguration.getDefaultPrincipal());
        secureBuilder.setPolicyContextID(str);
    }

    public void addComponentPermissions(String str, Permissions permissions, AssemblyDescriptorType assemblyDescriptorType, String str2, SecurityRoleRefType[] securityRoleRefTypeArr, ComponentPermissions componentPermissions) throws DeploymentException {
        PermissionCollection permissionCollection;
        PermissionCollection uncheckedPermissions = componentPermissions.getUncheckedPermissions();
        PermissionCollection excludedPermissions = componentPermissions.getExcludedPermissions();
        Map rolePermissions = componentPermissions.getRolePermissions();
        if (assemblyDescriptorType != null) {
            MethodPermissionType[] methodPermissionArray = assemblyDescriptorType.getMethodPermissionArray();
            if (methodPermissionArray != null) {
                for (MethodPermissionType methodPermissionType : methodPermissionArray) {
                    MethodType[] methodArray = methodPermissionType.getMethodArray();
                    RoleNameType[] roleNameArray = methodPermissionType.getRoleNameArray();
                    boolean isSetUnchecked = methodPermissionType.isSetUnchecked();
                    for (MethodType methodType : methodArray) {
                        if (str2.equals(methodType.getEjbName().getStringValue().trim())) {
                            String j2eeStringValue = OpenEJBModuleBuilder.getJ2eeStringValue(methodType.getMethodName());
                            String j2eeStringValue2 = OpenEJBModuleBuilder.getJ2eeStringValue(methodType.getMethodIntf());
                            String[] stringArray = methodType.isSetMethodParams() ? toStringArray(methodType.getMethodParams().getMethodParamArray()) : null;
                            if ("*".equals(j2eeStringValue)) {
                                j2eeStringValue = null;
                            }
                            EJBMethodPermission eJBMethodPermission = new EJBMethodPermission(str2, j2eeStringValue, j2eeStringValue2, stringArray);
                            permissions = cullPermissions(permissions, eJBMethodPermission);
                            if (isSetUnchecked) {
                                uncheckedPermissions.add(eJBMethodPermission);
                            } else {
                                for (RoleNameType roleNameType : roleNameArray) {
                                    String trim = roleNameType.getStringValue().trim();
                                    Permissions permissions2 = (Permissions) rolePermissions.get(trim);
                                    if (permissions2 == null) {
                                        permissions2 = new Permissions();
                                        rolePermissions.put(trim, permissions2);
                                    }
                                    permissions2.add(eJBMethodPermission);
                                }
                            }
                        }
                    }
                }
            }
            ExcludeListType excludeList = assemblyDescriptorType.getExcludeList();
            if (excludeList != null) {
                for (MethodType methodType2 : excludeList.getMethodArray()) {
                    if (str2.equals(methodType2.getEjbName().getStringValue().trim())) {
                        EJBMethodPermission eJBMethodPermission2 = new EJBMethodPermission(str2, OpenEJBModuleBuilder.getJ2eeStringValue(methodType2.getMethodName()), OpenEJBModuleBuilder.getJ2eeStringValue(methodType2.getMethodIntf()), methodType2.isSetMethodParams() ? toStringArray(methodType2.getMethodParams().getMethodParamArray()) : null);
                        excludedPermissions.add(eJBMethodPermission2);
                        permissions = cullPermissions(permissions, eJBMethodPermission2);
                    }
                }
            }
            if (securityRoleRefTypeArr != null) {
                for (int i = 0; i < securityRoleRefTypeArr.length; i++) {
                    if (!securityRoleRefTypeArr[i].isSetRoleLink()) {
                        throw new DeploymentException("Missing role-link");
                    }
                    String trim2 = securityRoleRefTypeArr[i].getRoleName().getStringValue().trim();
                    String trim3 = securityRoleRefTypeArr[i].getRoleLink().getStringValue().trim();
                    PermissionCollection permissionCollection2 = (PermissionCollection) rolePermissions.get(trim3);
                    if (permissionCollection2 == null) {
                        permissionCollection2 = new Permissions();
                        rolePermissions.put(trim3, permissionCollection2);
                    }
                    permissionCollection2.add(new EJBRoleRefPermission(str2, trim2));
                }
            }
        }
        if (str == null) {
            permissionCollection = uncheckedPermissions;
        } else {
            permissionCollection = (PermissionCollection) rolePermissions.get(str);
            if (permissionCollection == null) {
                permissionCollection = new Permissions();
                rolePermissions.put(str, permissionCollection);
            }
        }
        Enumeration<Permission> elements = permissions.elements();
        while (elements.hasMoreElements()) {
            permissionCollection.add(elements.nextElement());
        }
    }

    public void addToPermissions(Permissions permissions, String str, String str2, String str3, ClassLoader classLoader) throws DeploymentException {
        if (str3 == null) {
            return;
        }
        try {
            for (Method method : Class.forName(str3, false, classLoader).getMethods()) {
                permissions.add(new EJBMethodPermission(str, str2, method));
            }
        } catch (ClassNotFoundException e) {
            throw new DeploymentException(e);
        }
    }

    private Permissions cullPermissions(Permissions permissions, Permission permission) {
        Permissions permissions2 = new Permissions();
        Enumeration<Permission> elements = permissions.elements();
        while (elements.hasMoreElements()) {
            Permission nextElement = elements.nextElement();
            if (!permission.implies(nextElement)) {
                permissions2.add(nextElement);
            }
        }
        return permissions2;
    }

    private static String[] toStringArray(JavaTypeType[] javaTypeTypeArr) {
        String[] strArr = new String[javaTypeTypeArr.length];
        for (int i = 0; i < javaTypeTypeArr.length; i++) {
            strArr[i] = javaTypeTypeArr[i].getStringValue();
        }
        return strArr;
    }
}
