package mx4j.remote;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.lang.reflect.Constructor;
import java.net.URL;
import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.DomainCombiner;
import java.security.Permission;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javanet.staxutils.Indentation;
import javax.management.remote.SubjectDelegationPermission;
import javax.security.auth.AuthPermission;
import javax.security.auth.Policy;
import javax.security.auth.Subject;
import mx4j.log.Log;
import mx4j.log.Logger;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/mx4j-remote-2.1.1-osgi.jar:mx4j/remote/MX4JRemoteUtils.class
 */
/* loaded from: input_file:WEB-INF/lib/mx4j-tools-2.1.1-osgi.jar:mx4j/remote/MX4JRemoteUtils.class */
public class MX4JRemoteUtils {
    private static int connectionNumber;
    static Class class$mx4j$remote$MX4JRemoteUtils;
    static Class class$java$security$CodeSource;
    static Class class$java$security$PermissionCollection;
    static Class class$java$lang$ClassLoader;
    static Class array$Ljava$security$Principal;
    static Class class$java$security$ProtectionDomain;

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/mx4j-remote-2.1.1-osgi.jar:mx4j/remote/MX4JRemoteUtils$InjectingDomainCombiner.class
     */
    /* loaded from: input_file:WEB-INF/lib/mx4j-tools-2.1.1-osgi.jar:mx4j/remote/MX4JRemoteUtils$InjectingDomainCombiner.class */
    public static class InjectingDomainCombiner implements DomainCombiner {
        private static Constructor domainConstructor;
        private ProtectionDomain domain;
        private ProtectionDomain[] combined;

        /* JADX WARN: Classes with same name are omitted:
          input_file:WEB-INF/lib/mx4j-remote-2.1.1-osgi.jar:mx4j/remote/MX4JRemoteUtils$InjectingDomainCombiner$SubjectProtectionDomain.class
         */
        /* loaded from: input_file:WEB-INF/lib/mx4j-tools-2.1.1-osgi.jar:mx4j/remote/MX4JRemoteUtils$InjectingDomainCombiner$SubjectProtectionDomain.class */
        private static class SubjectProtectionDomain extends ProtectionDomain {
            private final Subject subject;

            public SubjectProtectionDomain(CodeSource codeSource, Subject subject) {
                super(codeSource, null);
                this.subject = subject;
            }

            @Override // java.security.ProtectionDomain
            public boolean implies(Permission permission) {
                return ((Policy) AccessController.doPrivileged(new PrivilegedAction(this) { // from class: mx4j.remote.MX4JRemoteUtils.5
                    private final InjectingDomainCombiner.SubjectProtectionDomain this$0;

                    {
                        this.this$0 = this;
                    }

                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        return Policy.getPolicy();
                    }
                })).getPermissions(this.subject, getCodeSource()).implies(permission);
            }
        }

        public InjectingDomainCombiner(Subject subject) {
            if (domainConstructor != null) {
                try {
                    this.domain = (ProtectionDomain) domainConstructor.newInstance(new CodeSource((URL) null, (Certificate[]) null), null, null, (Principal[]) subject.getPrincipals().toArray(new Principal[0]));
                } catch (Exception e) {
                }
            }
            if (this.domain == null) {
                this.domain = new SubjectProtectionDomain(new CodeSource((URL) null, (Certificate[]) null), subject);
            }
        }

        public ProtectionDomain getInjectedProtectionDomain() {
            return this.domain;
        }

        @Override // java.security.DomainCombiner
        public ProtectionDomain[] combine(ProtectionDomain[] protectionDomainArr, ProtectionDomain[] protectionDomainArr2) {
            ProtectionDomain[] protectionDomainArr3;
            if (protectionDomainArr == null || protectionDomainArr.length == 0) {
                if (protectionDomainArr2 == null || protectionDomainArr2.length == 0) {
                    protectionDomainArr3 = new ProtectionDomain[1];
                } else {
                    protectionDomainArr3 = new ProtectionDomain[protectionDomainArr2.length + 1];
                    System.arraycopy(protectionDomainArr2, 0, protectionDomainArr3, 1, protectionDomainArr2.length);
                }
            } else if (protectionDomainArr2 == null || protectionDomainArr2.length == 0) {
                protectionDomainArr3 = new ProtectionDomain[protectionDomainArr.length + 1];
                System.arraycopy(protectionDomainArr, 0, protectionDomainArr3, 1, protectionDomainArr.length);
            } else {
                protectionDomainArr3 = new ProtectionDomain[protectionDomainArr.length + protectionDomainArr2.length + 1];
                System.arraycopy(protectionDomainArr, 0, protectionDomainArr3, 1, protectionDomainArr.length);
                System.arraycopy(protectionDomainArr2, 0, protectionDomainArr3, protectionDomainArr.length + 1, protectionDomainArr2.length);
            }
            protectionDomainArr3[0] = this.domain;
            this.combined = protectionDomainArr3;
            Logger access$100 = MX4JRemoteUtils.access$100();
            if (access$100.isEnabledFor(0)) {
                access$100.trace("Security domains combination");
                access$100.trace("Current domains");
                access$100.trace(dumpDomains(protectionDomainArr));
                access$100.trace("Assigned domains");
                access$100.trace(dumpDomains(protectionDomainArr2));
                access$100.trace("Combined domains");
                access$100.trace(dumpDomains(protectionDomainArr3));
            }
            return protectionDomainArr3;
        }

        private String dumpDomains(ProtectionDomain[] protectionDomainArr) {
            if (protectionDomainArr == null) {
                return "null";
            }
            StringBuffer stringBuffer = new StringBuffer();
            for (int length = protectionDomainArr.length - 1; length >= 0; length--) {
                int length2 = (protectionDomainArr.length - 1) - length;
                while (true) {
                    int i = length2;
                    length2 = i - 1;
                    if (i > 0) {
                        stringBuffer.append(Indentation.DEFAULT_INDENT);
                    }
                }
                stringBuffer.append(protectionDomainArr[length].getCodeSource().getLocation());
                stringBuffer.append("\n");
            }
            return stringBuffer.toString();
        }

        public ProtectionDomain[] getCombinedDomains() {
            return this.combined;
        }

        static {
            Class cls;
            Class<?> cls2;
            Class<?> cls3;
            Class<?> cls4;
            Class<?> cls5;
            try {
                if (MX4JRemoteUtils.class$java$security$ProtectionDomain == null) {
                    cls = MX4JRemoteUtils.class$("java.security.ProtectionDomain");
                    MX4JRemoteUtils.class$java$security$ProtectionDomain = cls;
                } else {
                    cls = MX4JRemoteUtils.class$java$security$ProtectionDomain;
                }
                Class<?>[] clsArr = new Class[4];
                if (MX4JRemoteUtils.class$java$security$CodeSource == null) {
                    cls2 = MX4JRemoteUtils.class$("java.security.CodeSource");
                    MX4JRemoteUtils.class$java$security$CodeSource = cls2;
                } else {
                    cls2 = MX4JRemoteUtils.class$java$security$CodeSource;
                }
                clsArr[0] = cls2;
                if (MX4JRemoteUtils.class$java$security$PermissionCollection == null) {
                    cls3 = MX4JRemoteUtils.class$("java.security.PermissionCollection");
                    MX4JRemoteUtils.class$java$security$PermissionCollection = cls3;
                } else {
                    cls3 = MX4JRemoteUtils.class$java$security$PermissionCollection;
                }
                clsArr[1] = cls3;
                if (MX4JRemoteUtils.class$java$lang$ClassLoader == null) {
                    cls4 = MX4JRemoteUtils.class$("java.lang.ClassLoader");
                    MX4JRemoteUtils.class$java$lang$ClassLoader = cls4;
                } else {
                    cls4 = MX4JRemoteUtils.class$java$lang$ClassLoader;
                }
                clsArr[2] = cls4;
                if (MX4JRemoteUtils.array$Ljava$security$Principal == null) {
                    cls5 = MX4JRemoteUtils.class$("[Ljava.security.Principal;");
                    MX4JRemoteUtils.array$Ljava$security$Principal = cls5;
                } else {
                    cls5 = MX4JRemoteUtils.array$Ljava$security$Principal;
                }
                clsArr[3] = cls5;
                domainConstructor = cls.getConstructor(clsArr);
            } catch (Exception e) {
            }
        }
    }

    public static Map removeNonSerializableEntries(Map map) {
        HashMap hashMap = new HashMap(map.size());
        for (Map.Entry entry : map.entrySet()) {
            if (isSerializable(entry)) {
                hashMap.put(entry.getKey(), entry.getValue());
            }
        }
        return hashMap;
    }

    private static boolean isSerializable(Object obj) {
        if (obj instanceof Map.Entry) {
            return isSerializable(((Map.Entry) obj).getKey()) && isSerializable(((Map.Entry) obj).getValue());
        }
        if (obj == null || (obj instanceof String) || (obj instanceof Number)) {
            return true;
        }
        if (obj instanceof Serializable) {
            return isTrulySerializable(obj);
        }
        return false;
    }

    public static boolean isTrulySerializable(Object obj) {
        try {
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(new ByteArrayOutputStream());
            objectOutputStream.writeObject(obj);
            objectOutputStream.close();
            return true;
        } catch (IOException e) {
            return false;
        }
    }

    public static String createConnectionID(String str, String str2, int i, Subject subject) {
        StringBuffer stringBuffer = new StringBuffer(str);
        stringBuffer.append(':');
        if (str2 != null) {
            stringBuffer.append("//").append(str2);
        }
        if (i >= 0) {
            stringBuffer.append(':').append(i);
        }
        stringBuffer.append(' ');
        if (subject != null) {
            Iterator<Principal> it = subject.getPrincipals().iterator();
            while (it.hasNext()) {
                stringBuffer.append(it.next().getName().replace(' ', '_'));
                if (it.hasNext()) {
                    stringBuffer.append(';');
                }
            }
        }
        stringBuffer.append(' ');
        stringBuffer.append("0x").append(Integer.toHexString(getNextConnectionNumber()).toUpperCase());
        return stringBuffer.toString();
    }

    private static synchronized int getNextConnectionNumber() {
        int i = connectionNumber + 1;
        connectionNumber = i;
        return i;
    }

    private static Logger getLogger() {
        Class cls;
        if (class$mx4j$remote$MX4JRemoteUtils == null) {
            cls = class$("mx4j.remote.MX4JRemoteUtils");
            class$mx4j$remote$MX4JRemoteUtils = cls;
        } else {
            cls = class$mx4j$remote$MX4JRemoteUtils;
        }
        return Log.getLogger(cls.getName());
    }

    public static Object subjectInvoke(Subject subject, Subject subject2, AccessControlContext accessControlContext, Map map, PrivilegedExceptionAction privilegedExceptionAction) throws Exception {
        if (subject2 != null) {
            if (subject == null) {
                throw new SecurityException("There is no authenticated subject to delegate to");
            }
            checkSubjectDelegationPermission(subject2, getSubjectContext(subject, null, accessControlContext, map));
        }
        Logger logger = getLogger();
        if (subject == null) {
            if (logger.isEnabledFor(0)) {
                logger.trace("No authenticated subject, invoking action without using Subject.doAs");
            }
            return privilegedExceptionAction.run();
        }
        try {
            if (subject2 == null) {
                if (logger.isEnabledFor(0)) {
                    logger.trace(new StringBuffer().append("Invoking Subject.doAs using authenticated subject ").append(subject).toString());
                }
                return Subject.doAsPrivileged(subject, privilegedExceptionAction, getSubjectContext(subject, subject2, accessControlContext, map));
            }
            if (logger.isEnabledFor(0)) {
                logger.trace(new StringBuffer().append("Invoking Subject.doAs using delegate subject ").append(subject2).toString());
            }
            return Subject.doAsPrivileged(subject2, privilegedExceptionAction, getSubjectContext(subject, subject2, accessControlContext, map));
        } catch (PrivilegedActionException e) {
            throw e.getException();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void checkSubjectDelegationPermission(Subject subject, AccessControlContext accessControlContext) throws SecurityException {
        Logger logger = getLogger();
        if (System.getSecurityManager() != null) {
            AccessController.doPrivileged(new PrivilegedAction(subject) { // from class: mx4j.remote.MX4JRemoteUtils.1
                private final Subject val$delegate;

                {
                    this.val$delegate = subject;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    StringBuffer stringBuffer = new StringBuffer();
                    for (Principal principal : this.val$delegate.getPrincipals()) {
                        stringBuffer.setLength(0);
                        AccessController.checkPermission(new SubjectDelegationPermission(stringBuffer.append(principal.getClass().getName()).append(".").append(principal.getName()).toString()));
                    }
                    return null;
                }
            }, accessControlContext);
        } else if (logger.isEnabledFor(0)) {
            logger.trace("No SecurityManager, skipping Subject delegation permission check");
        }
    }

    private static AccessControlContext getSubjectContext(Subject subject, Subject subject2, AccessControlContext accessControlContext, Map map) {
        Logger logger = getLogger();
        if (System.getSecurityManager() == null) {
            if (logger.isEnabledFor(0)) {
                logger.trace("No security manager, injecting JSR 160 domain only");
            }
            return new AccessControlContext(new ProtectionDomain[]{new InjectingDomainCombiner(subject2 != null ? subject2 : subject).getInjectedProtectionDomain()});
        }
        if (!((Boolean) AccessController.doPrivileged(new PrivilegedAction(subject, accessControlContext, logger) { // from class: mx4j.remote.MX4JRemoteUtils.2
            private final Subject val$subject;
            private final AccessControlContext val$context;
            private final Logger val$logger;

            {
                this.val$subject = subject;
                this.val$context = accessControlContext;
                this.val$logger = logger;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    MX4JRemoteUtils.checkSubjectDelegationPermission(this.val$subject, this.val$context);
                    if (this.val$logger.isEnabledFor(0)) {
                        this.val$logger.trace("Check for SubjectDelegationPermission passed, avoiding security domains combination");
                    }
                    return Boolean.FALSE;
                } catch (AccessControlException e) {
                    if (this.val$logger.isEnabledFor(0)) {
                        this.val$logger.trace("Check for SubjectDelegationPermission not passed, combining security domains");
                    }
                    return Boolean.TRUE;
                }
            }
        }, accessControlContext)).booleanValue()) {
            return new AccessControlContext(new ProtectionDomain[]{new InjectingDomainCombiner(subject2 != null ? subject2 : subject).getInjectedProtectionDomain()});
        }
        InjectingDomainCombiner injectingDomainCombiner = new InjectingDomainCombiner(subject2 != null ? subject2 : subject);
        AccessController.doPrivileged(new PrivilegedAction() { // from class: mx4j.remote.MX4JRemoteUtils.4
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    AccessController.checkPermission(new AuthPermission("doAsPrivileged"));
                    return null;
                } catch (AccessControlException e) {
                    return null;
                }
            }
        }, (AccessControlContext) AccessController.doPrivileged(new PrivilegedAction(accessControlContext, injectingDomainCombiner) { // from class: mx4j.remote.MX4JRemoteUtils.3
            private final AccessControlContext val$context;
            private final InjectingDomainCombiner val$combiner;

            {
                this.val$context = accessControlContext;
                this.val$combiner = injectingDomainCombiner;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return new AccessControlContext(this.val$context, this.val$combiner);
            }
        }));
        return new AccessControlContext(injectingDomainCombiner.getCombinedDomains());
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static Logger access$100() {
        return getLogger();
    }
}
