package com.sun.enterprise.security;

import com.sun.enterprise.deployment.Application;
import com.sun.enterprise.deployment.EjbBundleDescriptor;
import com.sun.enterprise.deployment.WebBundleDescriptor;
import com.sun.enterprise.security.util.IASSecurityException;
import com.sun.enterprise.security.web.integration.WebSecurityManager;
import com.sun.enterprise.security.web.integration.WebSecurityManagerFactory;
import com.sun.logging.LogDomains;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContextException;
import org.glassfish.api.deployment.DeploymentContext;
import org.glassfish.api.deployment.MetaData;
import org.glassfish.api.deployment.OpsParams;
import org.glassfish.api.event.EventListener;
import org.glassfish.api.event.EventTypes;
import org.glassfish.api.event.Events;
import org.glassfish.api.invocation.InvocationManager;
import org.glassfish.api.invocation.RegisteredComponentInvocationHandler;
import org.glassfish.deployment.common.DeploymentException;
import org.glassfish.deployment.common.DummyApplication;
import org.glassfish.deployment.common.SimpleDeployer;
import org.glassfish.internal.api.ServerContext;
import org.glassfish.internal.data.ApplicationInfo;
import org.glassfish.internal.deployment.Deployment;
import org.glassfish.server.ServerEnvironmentImpl;
import org.jvnet.hk2.annotations.Inject;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.component.Habitat;
import org.jvnet.hk2.component.PostConstruct;

@Service(name = "Security")
/* loaded from: input_file:com/sun/enterprise/security/SecurityDeployer.class */
public class SecurityDeployer extends SimpleDeployer<SecurityContainer, DummyApplication> implements PostConstruct {

    @Inject
    private ServerContext serverContext;

    @Inject
    private Habitat habitat;

    @Inject
    private PolicyLoader policyLoader;

    @Inject
    private WebSecurityManagerFactory wsmf;

    @Inject
    private InvocationManager invManager;
    private EventListener listener = null;
    private static final Logger _logger = LogDomains.getLogger(SecurityDeployer.class, LogDomains.SECURITY_LOGGER);
    private static WebSecurityDeployerProbeProvider websecurityProbeProvider = new WebSecurityDeployerProbeProvider();
    private static EjbSecurityPolicyProbeProvider ejbProbeProvider = new EjbSecurityPolicyProbeProvider();

    /* loaded from: input_file:com/sun/enterprise/security/SecurityDeployer$AppDeployEventListener.class */
    public class AppDeployEventListener implements EventListener {
        public AppDeployEventListener() {
        }

        @Override // org.glassfish.api.event.EventListener
        public void event(EventListener.Event event) {
            RegisteredComponentInvocationHandler registeredComponentInvocationHandler;
            if (Deployment.APPLICATION_STARTED.equals(event.type()) || Deployment.APPLICATION_LOADED.equals(event.type())) {
                ApplicationInfo applicationInfo = (ApplicationInfo) event.hook();
                Application application = (Application) applicationInfo.getMetaData(Application.class);
                String name = applicationInfo.getName();
                if (ServerEnvironmentImpl.DEFAULT_ADMIN_CONSOLE_APP_NAME.equals(name) || application == null) {
                    return;
                }
                Set<WebBundleDescriptor> webBundleDescriptors = application.getWebBundleDescriptors();
                Set<EjbBundleDescriptor> ejbBundleDescriptors = application.getEjbBundleDescriptors();
                if (webBundleDescriptors != null && !webBundleDescriptors.isEmpty() && (registeredComponentInvocationHandler = (RegisteredComponentInvocationHandler) SecurityDeployer.this.habitat.getComponent(RegisteredComponentInvocationHandler.class, "webSecurityCIH")) != null) {
                    registeredComponentInvocationHandler.register();
                }
                boolean z = false;
                try {
                    String str = null;
                    boolean z2 = false;
                    Iterator<WebBundleDescriptor> it = webBundleDescriptors.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        String contextID = SecurityUtil.getContextID(it.next());
                        try {
                            try {
                                if (PolicyConfigurationFactory.getPolicyConfigurationFactory().inService(contextID)) {
                                    z = true;
                                    break;
                                } else {
                                    z2 = SecurityUtil.linkPolicyFile(contextID, str, z2);
                                    str = contextID;
                                }
                            } catch (PolicyContextException e) {
                                throw new RuntimeException(e);
                            }
                        } catch (ClassNotFoundException e2) {
                            throw new RuntimeException(e2);
                        }
                    }
                    Iterator<EjbBundleDescriptor> it2 = ejbBundleDescriptors.iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        String contextID2 = SecurityUtil.getContextID(it2.next());
                        try {
                            try {
                                if (PolicyConfigurationFactory.getPolicyConfigurationFactory().inService(contextID2)) {
                                    z = true;
                                    break;
                                } else if (!contextID2.equals(str)) {
                                    z2 = SecurityUtil.linkPolicyFile(contextID2, str, z2);
                                    str = contextID2;
                                }
                            } catch (ClassNotFoundException e3) {
                                throw new RuntimeException(e3);
                            }
                        } catch (PolicyContextException e4) {
                            throw new RuntimeException(e4);
                        }
                    }
                    if (!z) {
                        for (WebBundleDescriptor webBundleDescriptor : webBundleDescriptors) {
                            String contextID3 = SecurityUtil.getContextID(webBundleDescriptor);
                            ArrayList<WebSecurityManager> managers = SecurityDeployer.this.wsmf.getManagers(contextID3, false);
                            if (managers == null || managers.isEmpty()) {
                                SecurityDeployer.this.wsmf.createManager(webBundleDescriptor, false, SecurityDeployer.this.serverContext);
                            }
                            SecurityUtil.generatePolicyFile(contextID3);
                            SecurityDeployer.websecurityProbeProvider.policyConfigurationCreationEvent(contextID3);
                        }
                        Iterator<EjbBundleDescriptor> it3 = ejbBundleDescriptors.iterator();
                        while (it3.hasNext()) {
                            String contextID4 = SecurityUtil.getContextID(it3.next());
                            SecurityUtil.generatePolicyFile(contextID4);
                            SecurityDeployer.ejbProbeProvider.ejbPCCreationEvent(contextID4);
                        }
                    }
                } catch (IASSecurityException e5) {
                    throw new DeploymentException("Error in generating security policy for " + name, e5);
                }
            }
        }
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer
    protected void generateArtifacts(DeploymentContext deploymentContext) throws DeploymentException {
        generatePolicy(deploymentContext);
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer
    protected void cleanArtifacts(DeploymentContext deploymentContext) throws DeploymentException {
        removePolicy(deploymentContext);
        SecurityUtil.removeRoleMapper(deploymentContext);
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer, org.glassfish.api.deployment.Deployer
    public DummyApplication load(SecurityContainer securityContainer, DeploymentContext deploymentContext) {
        return new DummyApplication();
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer, org.glassfish.api.deployment.Deployer
    public void unload(DummyApplication dummyApplication, DeploymentContext deploymentContext) {
        cleanSecurityContext(deploymentContext.getCommandParameters(OpsParams.class).name());
    }

    protected void generatePolicy(DeploymentContext deploymentContext) throws DeploymentException {
        OpsParams commandParameters = deploymentContext.getCommandParameters(OpsParams.class);
        if (commandParameters.origin != OpsParams.Origin.deploy) {
            return;
        }
        String name = commandParameters.name();
        try {
            Set<WebBundleDescriptor> webBundleDescriptors = ((Application) deploymentContext.getModuleMetaData(Application.class)).getWebBundleDescriptors();
            if (webBundleDescriptors == null) {
                return;
            }
            Iterator<WebBundleDescriptor> it = webBundleDescriptors.iterator();
            if (it.hasNext()) {
                while (it.hasNext()) {
                    this.wsmf.createManager(it.next(), false, this.serverContext);
                }
            }
        } catch (Exception e) {
            throw new DeploymentException("Error in generating security policy for " + name, e);
        }
    }

    private void removePolicy(DeploymentContext deploymentContext) throws DeploymentException {
        OpsParams commandParameters = deploymentContext.getCommandParameters(OpsParams.class);
        if (commandParameters.origin != OpsParams.Origin.undeploy) {
            return;
        }
        String name = commandParameters.name();
        if (cleanSecurityContext(name)) {
            return;
        }
        try {
            String[] contextsForApp = this.wsmf.getContextsForApp(name, true);
            if (contextsForApp != null) {
                for (int i = 0; i < contextsForApp.length; i++) {
                    if (contextsForApp[i] != null) {
                        SecurityUtil.removePolicy(contextsForApp[i]);
                    }
                }
            }
        } catch (IASSecurityException e) {
            String str = "Error in removing security policy for " + name;
            _logger.log(Level.WARNING, str, (Throwable) e);
            throw new DeploymentException(str, e);
        }
    }

    @Override // org.glassfish.api.deployment.Deployer
    public <V> V loadMetaData(Class<V> cls, DeploymentContext deploymentContext) {
        return null;
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer, org.glassfish.api.deployment.Deployer
    public MetaData getMetaData() {
        return new MetaData(false, null, new Class[]{Application.class});
    }

    private boolean cleanSecurityContext(String str) {
        boolean z = false;
        ArrayList<WebSecurityManager> managersForApp = this.wsmf.getManagersForApp(str, true);
        for (int i = 0; managersForApp != null && i < managersForApp.size(); i++) {
            try {
                websecurityProbeProvider.securityManagerDestructionEvent(str);
                managersForApp.get(i).destroy();
                z = true;
            } catch (PolicyContextException e) {
                _logger.log(Level.WARNING, "Unable to destroy WebSecurityManager", (Throwable) e);
            }
        }
        return z;
    }

    public static List<EventTypes> getDeploymentEvents() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(Deployment.APPLICATION_PREPARED);
        return arrayList;
    }

    @Override // org.jvnet.hk2.component.PostConstruct
    public void postConstruct() {
        this.listener = new AppDeployEventListener();
        ((Events) this.habitat.getByContract(Events.class)).register(this.listener);
    }
}
