package weblogic.webservice.server;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.AuthorizationManager;
import weblogic.security.service.ContextHandler;
import weblogic.security.service.WebServiceResource;
import weblogic.utils.Debug;
import weblogic.webservice.Message;
import weblogic.webservice.Operation;
import weblogic.webservice.Part;
import weblogic.webservice.WLMessageContext;
import weblogic.webservice.util.ServerSecurityHelper;

/* loaded from: input_file:weblogic/webservice/server/WLAuthorizer.class */
public class WLAuthorizer implements Authorizer {
    private AuthorizationManager am;
    private AuthorizationContext authContext;
    private static final ResourceMap resourceMap = new ResourceMap();
    private static final String DEBUG_PROPERTY = "weblogic.webservice.security.debug";
    private static final boolean DEBUG = Boolean.getBoolean(DEBUG_PROPERTY);
    private static final String VERBOSE_PROPERTY = "weblogic.webservice.security.verbose";
    private static final boolean VERBOSE = Boolean.getBoolean(VERBOSE_PROPERTY);

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:weblogic/webservice/server/WLAuthorizer$ResourceMap.class */
    public static class ResourceMap {
        private Map resourceMap;

        protected ResourceMap() {
            this.resourceMap = null;
            this.resourceMap = Collections.synchronizedMap(new HashMap());
        }

        protected WebServiceResource get(Operation operation) {
            if (WLAuthorizer.DEBUG) {
                Debug.assertion(operation != null, "WebServiceResource lookup got a null operation");
            }
            return (WebServiceResource) this.resourceMap.get(operation);
        }

        protected WebServiceResource put(Operation operation, WebServiceResource webServiceResource) {
            if (WLAuthorizer.DEBUG) {
                Debug.assertion(webServiceResource != null, "WebServiceResource cache got a null resource");
                Debug.assertion(operation != null, "WebServiceResource cache got a null operation");
            }
            this.resourceMap.put(operation, webServiceResource);
            return webServiceResource;
        }
    }

    public WLAuthorizer(AuthorizationContext authorizationContext) {
        this.authContext = authorizationContext;
        this.am = ServerSecurityHelper.getAuthManager(authorizationContext.getSecurityRealm());
    }

    @Override // weblogic.webservice.server.Authorizer
    public boolean isAccessAllowed(Operation operation, WLMessageContext wLMessageContext) {
        AuthenticatedSubject currentSubject = ServerSecurityHelper.getCurrentSubject();
        WebServiceResource resource = getResource(operation);
        ContextHandler contextHandler = getContextHandler(wLMessageContext);
        if (VERBOSE) {
            Debug.say(new StringBuffer().append("** Authorizer got Operation ").append(operation.getName()).append(" and user ").append(currentSubject).toString());
            Debug.say(new StringBuffer().append("** Authorizer using Resource ").append(resource).toString());
        }
        if (DEBUG) {
            Debug.assertion(resource != null, new StringBuffer().append("Failed to retrieve Resource for Operation ").append(operation).toString());
            Debug.assertion(currentSubject != null, "Failed to retrieve subject for invoke");
        }
        boolean isAccessAllowed = this.am.isAccessAllowed(currentSubject, resource, contextHandler);
        if (VERBOSE) {
            if (isAccessAllowed) {
                Debug.say(new StringBuffer().append("** Access granted for subject ").append(currentSubject).append(" to Resource ").append(resource).toString());
            } else {
                Debug.say(new StringBuffer().append("** Access denied for subject ").append(currentSubject).append(" to Resource ").append(resource).toString());
            }
        }
        return isAccessAllowed;
    }

    private static ContextHandler getContextHandler(WLMessageContext wLMessageContext) {
        return wLMessageContext == null ? WebServiceContextHandler.EMPTY_HANDLER : WebServiceContextHandler.getContextHandler(wLMessageContext);
    }

    public WebServiceResource getResource(Operation operation) {
        WebServiceResource lookupResource = lookupResource(operation);
        if (lookupResource == null) {
            if (VERBOSE) {
                Debug.say(new StringBuffer().append("** Missed on cache for Operation ").append(operation.getName()).toString());
            }
            lookupResource = createResource(operation);
            cacheResource(operation, lookupResource);
        } else if (VERBOSE) {
            Debug.say(new StringBuffer().append("** Cache hit for Operation ").append(operation.getName()).toString());
        }
        return lookupResource;
    }

    private WebServiceResource lookupResource(Operation operation) {
        return resourceMap.get(operation);
    }

    private WebServiceResource cacheResource(Operation operation, WebServiceResource webServiceResource) {
        resourceMap.put(operation, webServiceResource);
        return webServiceResource;
    }

    private WebServiceResource createResource(Operation operation) {
        if (VERBOSE) {
            Debug.say(new StringBuffer().append("** Creating resource for ").append(operation.getName()).toString());
        }
        if (DEBUG) {
            Debug.assertion(operation != null, "Operation provided WLAuthorizer was null");
        }
        String name = operation.getName();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        Message input = operation.getInput();
        if (input != null) {
            Iterator parts = input.getParts();
            int i = 0;
            while (parts.hasNext()) {
                Part part = (Part) parts.next();
                String name2 = part.getJavaType().getName();
                if (name2 == null) {
                    name2 = "undefined";
                }
                arrayList2.add(name2);
                String name3 = part.getName();
                if (name3 == null) {
                    name3 = new StringBuffer().append("param").append(i).toString();
                }
                arrayList.add(name3);
                i++;
                if (VERBOSE) {
                    Debug.say(new StringBuffer().append("**  added param type ").append(name2).toString());
                    Debug.say(new StringBuffer().append("**  added param name ").append(name3).toString());
                }
            }
        }
        int size = arrayList2.size();
        String[] strArr = new String[size];
        arrayList2.toArray(strArr);
        String[] strArr2 = new String[size];
        arrayList.toArray(strArr2);
        if (VERBOSE) {
            Debug.say("** Args to WebServiceResource");
            Debug.say(new StringBuffer().append("**   methodName = ").append(name).toString());
            Debug.say(new StringBuffer().append("**   methodParams = ").append(strArr).toString());
            Debug.say(new StringBuffer().append("**   paramNames = ").append(strArr2).toString());
        }
        WebServiceResource webServiceResource = new WebServiceResource(this.authContext.getApplicationName(), this.authContext.getContextPath(), operation.getPort().getService().getName(), name, strArr);
        if (DEBUG) {
            Debug.assertion(webServiceResource != null, new StringBuffer().append("Failed to create WebServiceResource for ").append(name).toString());
        }
        if (VERBOSE) {
            Debug.say(new StringBuffer().append("** Created resource ").append(webServiceResource).toString());
        }
        return webServiceResource;
    }
}
