package org.springframework.security.web.authentication.preauth.websphere;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:BOOT-INF/lib/spring-security-web-5.1.5.RELEASE.jar:org/springframework/security/web/authentication/preauth/websphere/DefaultWASUsernameAndGroupsExtractor.class */
final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroupsExtractor {
    private static final String PORTABLE_REMOTE_OBJECT_CLASSNAME = "javax.rmi.PortableRemoteObject";
    private static final String USER_REGISTRY = "UserRegistry";
    private static final Log logger = LogFactory.getLog(DefaultWASUsernameAndGroupsExtractor.class);
    private static Method getRunAsSubject = null;
    private static Method getGroupsForUser = null;
    private static Method getSecurityName = null;
    private static Method narrow = null;
    private static Class<?> wsCredentialClass = null;

    @Override // org.springframework.security.web.authentication.preauth.websphere.WASUsernameAndGroupsExtractor
    public final List<String> getGroupsForCurrentUser() {
        return getWebSphereGroups(getRunAsSubject());
    }

    @Override // org.springframework.security.web.authentication.preauth.websphere.WASUsernameAndGroupsExtractor
    public final String getCurrentUserName() {
        return getSecurityName(getRunAsSubject());
    }

    private static String getSecurityName(Subject subject) {
        Object next;
        if (logger.isDebugEnabled()) {
            logger.debug("Determining Websphere security name for subject " + subject);
        }
        String str = null;
        if (subject != null && (next = subject.getPublicCredentials(getWSCredentialClass()).iterator().next()) != null) {
            str = (String) invokeMethod(getSecurityNameMethod(), next, new Object[0]);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Websphere security name is " + str + " for subject " + subject);
        }
        return str;
    }

    private static Subject getRunAsSubject() {
        logger.debug("Retrieving WebSphere RunAs subject");
        return (Subject) invokeMethod(getRunAsSubjectMethod(), null, new Object[0]);
    }

    private static List<String> getWebSphereGroups(Subject subject) {
        return getWebSphereGroups(getSecurityName(subject));
    }

    private static List<String> getWebSphereGroups(String str) {
        Context context = null;
        try {
            try {
                context = new InitialContext();
                Object invokeMethod = invokeMethod(getNarrowMethod(), null, context.lookup(USER_REGISTRY), Class.forName("com.ibm.websphere.security.UserRegistry"));
                if (logger.isDebugEnabled()) {
                    logger.debug("Determining WebSphere groups for user " + str + " using WebSphere UserRegistry " + invokeMethod);
                }
                Collection collection = (Collection) invokeMethod(getGroupsForUserMethod(), invokeMethod, str);
                if (logger.isDebugEnabled()) {
                    logger.debug("Groups for user " + str + ": " + collection.toString());
                }
                ArrayList arrayList = new ArrayList(collection);
                if (context != null) {
                    try {
                        context.close();
                    } catch (NamingException e) {
                        logger.debug("Exception occured while closing context", e);
                    }
                }
                return arrayList;
            } catch (Throwable th) {
                if (context != null) {
                    try {
                        context.close();
                    } catch (NamingException e2) {
                        logger.debug("Exception occured while closing context", e2);
                        throw th;
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            logger.error("Exception occured while looking up groups for user", e3);
            throw new RuntimeException("Exception occured while looking up groups for user", e3);
        }
    }

    private static Object invokeMethod(Method method, Object obj, Object... objArr) {
        try {
            return method.invoke(obj, objArr);
        } catch (IllegalAccessException e) {
            logger.error("Error while invoking method " + method.getClass().getName() + "." + method.getName() + "(" + Arrays.asList(objArr) + ")", e);
            throw new RuntimeException("Error while invoking method " + method.getClass().getName() + "." + method.getName() + "(" + Arrays.asList(objArr) + ")", e);
        } catch (IllegalArgumentException e2) {
            logger.error("Error while invoking method " + method.getClass().getName() + "." + method.getName() + "(" + Arrays.asList(objArr) + ")", e2);
            throw new RuntimeException("Error while invoking method " + method.getClass().getName() + "." + method.getName() + "(" + Arrays.asList(objArr) + ")", e2);
        } catch (InvocationTargetException e3) {
            logger.error("Error while invoking method " + method.getClass().getName() + "." + method.getName() + "(" + Arrays.asList(objArr) + ")", e3);
            throw new RuntimeException("Error while invoking method " + method.getClass().getName() + "." + method.getName() + "(" + Arrays.asList(objArr) + ")", e3);
        }
    }

    private static Method getMethod(String str, String str2, String[] strArr) {
        try {
            Class<?> cls = Class.forName(str);
            int length = strArr.length;
            Class<?>[] clsArr = new Class[length];
            for (int i = 0; i < length; i++) {
                clsArr[i] = Class.forName(strArr[i]);
            }
            return cls.getDeclaredMethod(str2, clsArr);
        } catch (ClassNotFoundException e) {
            logger.error("Required class" + str + " not found");
            throw new RuntimeException("Required class" + str + " not found", e);
        } catch (NoSuchMethodException e2) {
            logger.error("Required method " + str2 + " with parameter types (" + Arrays.asList(strArr) + ") not found on class " + str);
            throw new RuntimeException("Required class" + str + " not found", e2);
        }
    }

    private static Method getRunAsSubjectMethod() {
        if (getRunAsSubject == null) {
            getRunAsSubject = getMethod("com.ibm.websphere.security.auth.WSSubject", "getRunAsSubject", new String[0]);
        }
        return getRunAsSubject;
    }

    private static Method getGroupsForUserMethod() {
        if (getGroupsForUser == null) {
            getGroupsForUser = getMethod("com.ibm.websphere.security.UserRegistry", "getGroupsForUser", new String[]{"java.lang.String"});
        }
        return getGroupsForUser;
    }

    private static Method getSecurityNameMethod() {
        if (getSecurityName == null) {
            getSecurityName = getMethod("com.ibm.websphere.security.cred.WSCredential", "getSecurityName", new String[0]);
        }
        return getSecurityName;
    }

    private static Method getNarrowMethod() {
        if (narrow == null) {
            narrow = getMethod(PORTABLE_REMOTE_OBJECT_CLASSNAME, "narrow", new String[]{Object.class.getName(), Class.class.getName()});
        }
        return narrow;
    }

    private static Class<?> getWSCredentialClass() {
        if (wsCredentialClass == null) {
            wsCredentialClass = getClass("com.ibm.websphere.security.cred.WSCredential");
        }
        return wsCredentialClass;
    }

    private static Class<?> getClass(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            logger.error("Required class " + str + " not found");
            throw new RuntimeException("Required class " + str + " not found", e);
        }
    }
}
