package com.ibm.ws.security.authentication.tai.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.authentication.tai.TAIService;
import com.ibm.ws.security.authentication.tai.TAIUtil;
import com.ibm.wsspi.kernel.service.utils.ConcurrentServiceReferenceMap;
import com.ibm.wsspi.security.tai.TrustAssociationInterceptor;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/authentication/tai/internal/TAIServiceImpl.class */
public class TAIServiceImpl implements TAIService {
    private static final TraceComponent tc = Tr.register(TAIServiceImpl.class, TraceConstants.TRACE_GROUP, TraceConstants.MESSAGE_BUNDLE);
    private static final String KEY_INTERCEPTOR_SERVICE = "interceptorService";
    private static final String KEY_ID = "id";
    private final ConcurrentServiceReferenceMap<String, TrustAssociationInterceptor> interceptorServiceRef = new ConcurrentServiceReferenceMap<>(KEY_INTERCEPTOR_SERVICE);
    private TAIConfigImpl taiConfig = null;
    private final Map<String, TrustAssociationInterceptor> invokeBeforeSSOTais = new LinkedHashMap();
    private final Map<String, TrustAssociationInterceptor> invokeAfterSSOTais = new LinkedHashMap();
    private final Map<String, Boolean> disableLtpaCookieTais = new HashMap();
    private final Set<String> orderOfInterceptorIds = new TreeSet();
    private boolean initializeAtFirstRequest = false;
    private boolean alreadyInitInFirstRequest = false;
    static final long serialVersionUID = -1103965106326330248L;

    protected synchronized void setInterceptorService(ServiceReference<TrustAssociationInterceptor> serviceReference) {
        String componentId = getComponentId(serviceReference);
        this.orderOfInterceptorIds.add(componentId);
        this.interceptorServiceRef.putReference(componentId, serviceReference);
        initTAI(componentId);
    }

    protected synchronized void unsetInterceptorService(ServiceReference<TrustAssociationInterceptor> serviceReference) {
        String componentId = getComponentId(serviceReference);
        this.orderOfInterceptorIds.remove(componentId);
        this.interceptorServiceRef.removeReference(componentId, serviceReference);
        clearTaiMaps(componentId);
    }

    protected synchronized void activate(ComponentContext componentContext, Map<String, Object> map) {
        this.interceptorServiceRef.activate(componentContext);
        this.taiConfig = new TAIConfigImpl(map);
        this.initializeAtFirstRequest = this.taiConfig.isInitializeAtFirstRequest();
        initAllTAIs(null);
    }

    protected synchronized void modified(Map<String, Object> map) {
        this.taiConfig = new TAIConfigImpl(map);
        this.initializeAtFirstRequest = this.taiConfig.isInitializeAtFirstRequest();
    }

    protected synchronized void deactivate(ComponentContext componentContext) {
        this.interceptorServiceRef.deactivate(componentContext);
        this.orderOfInterceptorIds.clear();
        clearTaiMaps();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initAllTAIs(String str) {
        if (!this.initializeAtFirstRequest || this.alreadyInitInFirstRequest) {
            if (str != null) {
                this.orderOfInterceptorIds.add(str);
            }
            clearTaiMaps();
            Iterator<String> it = this.orderOfInterceptorIds.iterator();
            while (it.hasNext()) {
                initTAI(it.next());
            }
        }
    }

    void initTAI(String str) {
        if (!this.initializeAtFirstRequest || this.alreadyInitInFirstRequest) {
            Object service = this.interceptorServiceRef.getService(str);
            if (service == null) {
                clearTaiMaps(str);
                return;
            }
            if (service instanceof InterceptorConfigImpl) {
                processSharedLibrary(str, (InterceptorConfigImpl) service);
            } else if (service instanceof TrustAssociationInterceptor) {
                processUserFeature(str, (TrustAssociationInterceptor) service);
            }
            printTaiMap();
        }
    }

    private void printTaiMap() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "invokeBeforeSSOTais " + this.invokeBeforeSSOTais.toString(), new Object[0]);
            Tr.debug(tc, "invokeAfterSSOTais  " + this.invokeAfterSSOTais.toString(), new Object[0]);
            Tr.debug(tc, "disableLtpaCookieTais " + this.disableLtpaCookieTais.toString(), new Object[0]);
            this.taiConfig.printTaiConfig();
        }
    }

    private void processSharedLibrary(String str, InterceptorConfigImpl interceptorConfigImpl) {
        updateTaiMaps(str, interceptorConfigImpl.getInterceptorInstance(this), interceptorConfigImpl.isInvokeBeforeSSO(), interceptorConfigImpl.isInvokeAfterSSO(), null);
    }

    private void processUserFeature(String str, TrustAssociationInterceptor trustAssociationInterceptor) {
        TAIUtil tAIUtil = new TAIUtil(this.interceptorServiceRef, str);
        updateTaiMaps(str, trustAssociationInterceptor, tAIUtil.isInvokeBeforeSSO(), tAIUtil.isInvokeAfterSSO(), tAIUtil.isDisableLtpaCookie());
    }

    private void updateTaiMaps(String str, TrustAssociationInterceptor trustAssociationInterceptor, boolean z, boolean z2, Object obj) {
        if (z) {
            this.invokeBeforeSSOTais.put(str, trustAssociationInterceptor);
        }
        if (z2) {
            this.invokeAfterSSOTais.put(str, trustAssociationInterceptor);
        }
        if (obj != null) {
            this.disableLtpaCookieTais.put(str, Boolean.valueOf(((Boolean) obj).booleanValue()));
        }
    }

    @Override // com.ibm.ws.security.authentication.tai.TAIService
    public Map<String, TrustAssociationInterceptor> getTais(boolean z) {
        return z ? this.invokeBeforeSSOTais : this.invokeAfterSSOTais;
    }

    @Override // com.ibm.ws.security.authentication.tai.TAIService
    public boolean isInvokeForUnprotectedURI() {
        return this.taiConfig.isInvokeForUnprotectedURI();
    }

    @Override // com.ibm.ws.security.authentication.tai.TAIService
    public boolean isInvokeForFormLogin() {
        return this.taiConfig.isInvokeForFormLogin();
    }

    @Override // com.ibm.ws.security.authentication.tai.TAIService
    public boolean isFailOverToAppAuthType() {
        return this.taiConfig.isFailOverToAppAuthType();
    }

    @Override // com.ibm.ws.security.authentication.tai.TAIService
    public boolean isDisableLtpaCookie(String str) {
        return this.disableLtpaCookieTais.get(str) != null ? this.disableLtpaCookieTais.get(str).booleanValue() : this.taiConfig.isDisableLtpaCookie();
    }

    private void clearTaiMaps() {
        this.invokeBeforeSSOTais.clear();
        this.invokeAfterSSOTais.clear();
        this.disableLtpaCookieTais.clear();
    }

    private void clearTaiMaps(String str) {
        this.invokeBeforeSSOTais.remove(str);
        this.invokeAfterSSOTais.remove(str);
        this.disableLtpaCookieTais.remove(str);
    }

    private String getComponentId(ServiceReference<TrustAssociationInterceptor> serviceReference) {
        String str = (String) serviceReference.getProperty(KEY_ID);
        if (str == null) {
            str = (String) serviceReference.getProperty("component.name");
            if (str == null) {
                str = (String) serviceReference.getProperty("component.id");
            }
        }
        return str;
    }

    @Override // com.ibm.ws.security.authentication.tai.TAIService
    public void initializeTais() {
        initAllTAIs(null);
        this.alreadyInitInFirstRequest = true;
    }

    @Override // com.ibm.ws.security.authentication.tai.TAIService
    public boolean isInitializeAtFirstRequest() {
        return this.taiConfig.isInitializeAtFirstRequest();
    }
}
