package org.apache.openejb.core.security.jacc;

import jakarta.security.jacc.EJBMethodPermission;
import jakarta.security.jacc.EJBRoleRefPermission;
import jakarta.security.jacc.PolicyConfiguration;
import jakarta.security.jacc.PolicyContext;
import jakarta.security.jacc.PolicyContextException;
import jakarta.security.jacc.WebResourcePermission;
import jakarta.security.jacc.WebRoleRefPermission;
import jakarta.security.jacc.WebUserDataPermission;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.openejb.core.security.JaccProvider;
import org.apache.openejb.loader.SystemInstance;
import org.apache.openejb.spi.SecurityService;

/* loaded from: input_file:org/apache/openejb/core/security/jacc/BasicJaccProvider.class */
public class BasicJaccProvider extends JaccProvider {
    private static final Set<Class> JACC_PERMISSIONS = new HashSet<Class>() { // from class: org.apache.openejb.core.security.jacc.BasicJaccProvider.1
        {
            add(EJBMethodPermission.class);
            add(EJBRoleRefPermission.class);
            add(WebResourcePermission.class);
            add(WebRoleRefPermission.class);
            add(WebUserDataPermission.class);
        }
    };
    private final Map<String, BasicPolicyConfiguration> configurations = new HashMap();
    private final Policy systemPolicy = JaccProvider.Policy.getPolicy();

    @Override // org.apache.openejb.core.security.JaccProvider
    public PolicyConfiguration getPolicyConfiguration(String str, boolean z) throws PolicyContextException {
        if (str == null) {
            throw new IllegalArgumentException("contextID can't be null;");
        }
        BasicPolicyConfiguration basicPolicyConfiguration = this.configurations.get(str);
        if (basicPolicyConfiguration == null) {
            basicPolicyConfiguration = createPolicyConfiguration(str);
            this.configurations.put(str, basicPolicyConfiguration);
        } else {
            basicPolicyConfiguration.open(z);
        }
        return basicPolicyConfiguration;
    }

    @Override // org.apache.openejb.core.security.JaccProvider
    public PolicyConfiguration getPolicyConfiguration(String str) {
        if (str == null) {
            throw new IllegalArgumentException("contextID can't be null;");
        }
        return this.configurations.get(str);
    }

    @Override // org.apache.openejb.core.security.JaccProvider
    public PolicyConfiguration getPolicyConfiguration() {
        String contextID = PolicyContext.getContextID();
        if (contextID == null) {
            return null;
        }
        return getPolicyConfiguration(contextID);
    }

    protected BasicPolicyConfiguration createPolicyConfiguration(String str) {
        return new BasicPolicyConfiguration(str);
    }

    @Override // org.apache.openejb.core.security.JaccProvider
    public boolean inService(String str) throws PolicyContextException {
        return getPolicyConfiguration(str, false).inService();
    }

    @Override // org.apache.openejb.core.security.JaccProvider
    public PermissionCollection getPermissions(CodeSource codeSource) {
        if (this.systemPolicy == null) {
            return null;
        }
        return this.systemPolicy.getPermissions(codeSource);
    }

    @Override // org.apache.openejb.core.security.JaccProvider
    public void refresh() {
    }

    @Override // org.apache.openejb.core.security.JaccProvider
    public boolean implies(ProtectionDomain protectionDomain, Permission permission) {
        String contextID = PolicyContext.getContextID();
        if (contextID != null && JACC_PERMISSIONS.contains(permission.getClass())) {
            try {
                BasicPolicyConfiguration basicPolicyConfiguration = this.configurations.get(contextID);
                if (basicPolicyConfiguration == null || !basicPolicyConfiguration.inService()) {
                    return false;
                }
                return basicPolicyConfiguration.implies(protectionDomain, permission);
            } catch (PolicyContextException e) {
            }
        }
        return this.systemPolicy != null && this.systemPolicy.implies(protectionDomain, permission);
    }

    @Override // org.apache.openejb.core.security.JaccProvider
    public boolean hasAccessToWebResource(String str, String... strArr) {
        SecurityService securityService = (SecurityService) SystemInstance.get().getComponent(SecurityService.class);
        if (securityService != null) {
            return implies(securityService.getProtectionDomain(), new WebResourcePermission(str, strArr));
        }
        return false;
    }

    static {
        try {
            Class.forName(PolicyContext.class.getName());
        } catch (ClassNotFoundException e) {
        }
    }
}
