package oracle.security.xs.ee.session.provider.impl;

import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.sql.DataSource;
import oracle.jdbc.pool.OracleDataSource;
import oracle.security.jps.JpsException;
import oracle.security.jps.service.JpsServiceLocator;
import oracle.security.jps.service.ServiceLocator;
import oracle.security.jps.service.credstore.CredentialStore;
import oracle.security.jps.service.credstore.PasswordCredential;
import oracle.security.xs.ExternalRole;
import oracle.security.xs.ExternalUser;
import oracle.security.xs.NamespaceValue;
import oracle.security.xs.XSException;
import oracle.security.xs.ee.session.ApplicationSessionException;
import oracle.security.xs.ee.session.NamespaceNotFoundException;
import oracle.security.xs.ee.session.SessionCodePermission;
import oracle.security.xs.ee.session.provider.SessionProvider;
import oracle.security.xs.integration.MasterSession;
import oracle.security.xs.integration.MasterSessionManager;
import oracle.security.xs.internal.MasterSessionManagerServiceImpl;

/* loaded from: input_file:oracle/security/xs/ee/session/provider/impl/XSSessionProvider.class */
public final class XSSessionProvider implements SessionProvider {
    public static final String APPLICATION_DS_KEY = "application.datasource";
    public static final String DISPATCHER_ID_KEY = "dispatcher.id";
    public static final String DISPATCHER_PWD_MAP_DEFINED = "oracle.rdbms.ras";
    public static final String DISPATCHER_PWD_KEY_KEY = "dispatcher.pwd.key";
    public static final String DISPATCHER_PWD_KEY_DEFAULT = "default";
    public static final String DISPATCHER_POOL_MIN_KEY = "dispatcher.pool.min";
    public static final String DISPATCHER_POOL_MIN_DEFAULT = "1";
    public static final String DISPATCHER_POOL_MAX_KEY = "dispatcher.pool.max";
    public static final String DISPATCHER_POOL_MAX_DEFAULT = "3";
    public static final String DYNAMIC_ROLES_KEY = "dynamic.roles";
    public static final String IDENTITY_PROVIDER_KEY = "identity.provider";
    public static final String IDENTITY_PROVIDER_DEFAULT = "jps";
    private Map m_config = null;
    private Map<String, MasterSession> sessionMap = new ConcurrentHashMap();
    private IdentityProvider idProvider = null;
    private MasterSessionManager sessionManager = null;
    private Collection<String> parsedDRoles = new ArrayList();

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeFromSessionCache(String str) {
        this.sessionMap.remove(str);
    }

    private XSSessionProvider() {
    }

    public static synchronized SessionProvider getProvider(Map map) throws JpsException, PrivilegedActionException, SQLException, ApplicationSessionException {
        XSSessionProvider xSSessionProvider = new XSSessionProvider();
        OracleDataSource oracleDataSource = new OracleDataSource();
        ServiceLocator serviceLocator = JpsServiceLocator.getServiceLocator();
        String str = (String) map.get(DISPATCHER_PWD_KEY_KEY);
        PasswordCredential credential = serviceLocator.lookup(CredentialStore.class).getCredential(DISPATCHER_PWD_MAP_DEFINED, str);
        if (credential == null) {
            XSSessionUtil.error("CredentialAction.run, cannot find credential in CSF store.  map=oracle.rdbms.ras, key=" + str);
        } else {
            XSSessionUtil.info("CredentialAction.run, find credential in CSF store.  map=oracle.rdbms.ras, key=" + str);
        }
        String str2 = new String(credential.getPassword());
        oracleDataSource.setUser(credential.getName());
        oracleDataSource.setPassword(str2);
        Connection connection = null;
        try {
            connection = XSSessionUtil.getConnection((String) map.get(APPLICATION_DS_KEY));
            String url = connection.getMetaData().getURL();
            if (connection != null) {
                connection.close();
            }
            oracleDataSource.setURL(url);
            oracleDataSource.setConnectionCachingEnabled(true);
            Properties properties = new Properties();
            properties.setProperty("MinLimit", (String) map.get(DISPATCHER_POOL_MIN_KEY));
            properties.setProperty("MaxLimit", (String) map.get(DISPATCHER_POOL_MAX_KEY));
            oracleDataSource.setConnectionCacheProperties(properties);
            XSSessionUtil.debug("XSSessionFilter.getProvider, initializing XS session manager.");
            try {
                xSSessionProvider.sessionManager = MasterSessionManagerServiceImpl.getMasterSessionManager((DataSource) oracleDataSource);
            } catch (Exception e) {
                XSSessionUtil.error("XSSessionFilter.getProvider, initializing XS session manager error.", e);
            } catch (NoSuchMethodError e2) {
                XSSessionUtil.error("Fail to initialize RAS session manager due to method missing.");
                XSSessionUtil.error("Please check jdbc driver, make sure a correct version is being used.");
            }
            XSSessionUtil.debug("XSSessionFilter.getProvider, initializing XS session manager done.");
            String str3 = (String) map.get(DYNAMIC_ROLES_KEY);
            if (str3 != null) {
                Collection<String> parseDynamicRoles = XSSessionUtil.parseDynamicRoles(str3);
                ((MasterSessionManagerServiceImpl) xSSessionProvider.sessionManager).validateDynamicRoles(oracleDataSource.getConnection(), parseDynamicRoles, 0);
                xSSessionProvider.parsedDRoles = parseDynamicRoles;
            }
            xSSessionProvider.m_config = map;
            String str4 = (String) map.get(IDENTITY_PROVIDER_KEY);
            if (str4 != null && !IDENTITY_PROVIDER_DEFAULT.equals(str4)) {
                throw new ApplicationSessionException("not supported identity provider");
            }
            xSSessionProvider.idProvider = new OpssIdentityProvider();
            return xSSessionProvider;
        } catch (Throwable th) {
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private void assertSession(MasterSession masterSession) throws ApplicationSessionException {
        if (!("\"" + masterSession.getUser() + "\"").equals(this.idProvider.getUser().getUUID())) {
            throw new ApplicationSessionException("Session user and subject user mismatch!");
        }
        try {
            if (((MasterSessionManagerServiceImpl) this.sessionManager).compareRoles(masterSession, this.idProvider.getRoles())) {
            } else {
                throw new ApplicationSessionException("Session roles and subject roles mismatch!");
            }
        } catch (XSException e) {
            throw new ApplicationSessionException((Throwable) e);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void attachSession(Connection connection) throws ApplicationSessionException {
        MasterSession masterSession = SessionHolder.get();
        if (masterSession == null) {
            throw new ApplicationSessionException("No session is available for attach.");
        }
        try {
            assertSession(masterSession);
            this.sessionManager.attachSession(connection, masterSession);
        } catch (XSException e) {
            throw new ApplicationSessionException((Throwable) e);
        } catch (SQLException e2) {
            throw new ApplicationSessionException(e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void attachSessionPrivileged(Connection connection, String str) throws ApplicationSessionException {
        AccessController.checkPermission(new SessionCodePermission(str, SessionCodePermission.ATTACH_ACTION));
        MasterSession masterSession = SessionHolder.get();
        if (masterSession == null) {
            throw new ApplicationSessionException("No session is available for attach.");
        }
        try {
            ((MasterSessionManagerServiceImpl) this.sessionManager).attachSession(connection, masterSession, str);
        } catch (SQLException e) {
            throw new ApplicationSessionException(e);
        } catch (XSException e2) {
            throw new ApplicationSessionException((Throwable) e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void detachSession(Connection connection) throws ApplicationSessionException {
        MasterSession masterSession = SessionHolder.get();
        if (masterSession == null) {
            throw new ApplicationSessionException("No session is available for detach.");
        }
        try {
            assertSession(masterSession);
            this.sessionManager.detachSession(connection, masterSession);
        } catch (XSException e) {
            throw new ApplicationSessionException((Throwable) e);
        } catch (SQLException e2) {
            throw new ApplicationSessionException(e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void destroySession(Connection connection) throws ApplicationSessionException {
        MasterSession masterSession = SessionHolder.get();
        if (masterSession == null) {
            throw new ApplicationSessionException("No session is available for destroy.");
        }
        try {
            assertSession(masterSession);
            String cookie = masterSession.getCookie();
            this.sessionManager.destroySession(connection, masterSession);
            SessionHolder.unset();
            removeFromSessionCache(cookie);
        } catch (SQLException e) {
            throw new ApplicationSessionException(e);
        } catch (XSException e2) {
            throw new ApplicationSessionException((Throwable) e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setupSession(String str, List<NamespaceValue> list) throws ApplicationSessionException {
        SessionHolder.unset();
        ExternalUser user = this.idProvider.getUser();
        Set<ExternalRole> roles = this.idProvider.getRoles();
        MasterSession masterSession = this.sessionMap.get(str);
        Connection connection = null;
        boolean z = false;
        if (masterSession == null) {
            try {
                connection = XSSessionUtil.getConnection((String) this.m_config.get(APPLICATION_DS_KEY));
                try {
                    masterSession = this.sessionManager.synchronizeSessionByCookie(connection, str, user, this.parsedDRoles, (Collection) null, roles, list, (Timestamp) null);
                    SessionHolder.set(masterSession);
                    z = true;
                } catch (XSException e) {
                    masterSession = null;
                } catch (SQLException e2) {
                    masterSession = null;
                }
                if (masterSession == null) {
                    try {
                        try {
                            masterSession = user.isAnonymous() ? this.sessionManager.createAnonymousSession(connection, str, (Collection) null) : this.sessionManager.createSession(connection, user, str, (Collection) null);
                            if (masterSession != null) {
                                this.sessionMap.put(str, masterSession);
                            }
                        } catch (SQLException e3) {
                            throw new ApplicationSessionException(e3);
                        }
                    } catch (XSException e4) {
                        throw new ApplicationSessionException((Throwable) e4);
                    }
                }
                if (connection != null) {
                    try {
                        connection.close();
                        connection = null;
                    } catch (SQLException e5) {
                        e5.printStackTrace();
                    }
                }
            } finally {
            }
        }
        if (z) {
            return;
        }
        try {
            connection = XSSessionUtil.getConnection((String) this.m_config.get(APPLICATION_DS_KEY));
            try {
                Collection<String> queryEnabledDynamicRoles = ((MasterSessionManagerServiceImpl) this.sessionManager).queryEnabledDynamicRoles(masterSession.getId());
                if (queryEnabledDynamicRoles.containsAll(this.parsedDRoles) && queryEnabledDynamicRoles.size() == this.parsedDRoles.size()) {
                    this.sessionManager.synchronizeSession(connection, masterSession, user, (Collection) null, (Collection) null, roles, masterSession.getNamespaces(), (Timestamp) null);
                } else {
                    this.sessionManager.synchronizeSession(connection, masterSession, user, this.parsedDRoles, queryEnabledDynamicRoles, roles, masterSession.getNamespaces(), (Timestamp) null);
                }
                SessionHolder.set(masterSession);
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (SQLException e6) {
                        e6.printStackTrace();
                    }
                }
            } catch (SQLException e7) {
                throw new ApplicationSessionException(e7);
            } catch (XSException e8) {
                throw new ApplicationSessionException((Throwable) e8);
            }
        } finally {
        }
    }

    private MasterSession getCurrentSession() {
        return SessionHolder.get();
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void createNamespace(Connection connection, String str) throws ApplicationSessionException {
        MasterSession currentSession = getCurrentSession();
        if (currentSession == null) {
            throw new ApplicationSessionException("No session is available for namespace operation.");
        }
        try {
            assertSession(currentSession);
            currentSession.createNamespace(connection, str);
        } catch (SQLException e) {
            throw new ApplicationSessionException(e);
        } catch (XSException e2) {
            throw new ApplicationSessionException((Throwable) e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void deleteNamespace(Connection connection, String str) throws NamespaceNotFoundException, ApplicationSessionException {
        MasterSession currentSession = getCurrentSession();
        if (currentSession == null) {
            throw new ApplicationSessionException("No session is available for namespace operation.");
        }
        try {
            assertSession(currentSession);
            currentSession.deleteNamespace(connection, str);
        } catch (SQLException e) {
            throw new ApplicationSessionException(e);
        } catch (XSException e2) {
            throw new ApplicationSessionException((Throwable) e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void setNamespaceAttribute(Connection connection, String str, String str2, String str3) throws ApplicationSessionException {
        MasterSession currentSession = getCurrentSession();
        if (currentSession == null) {
            throw new ApplicationSessionException("No session is available for namespace operation.");
        }
        try {
            assertSession(currentSession);
            currentSession.setNamespaceAttribute(connection, str, str2, str3);
        } catch (XSException e) {
            throw new ApplicationSessionException((Throwable) e);
        } catch (SQLException e2) {
            throw new ApplicationSessionException(e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public void deleteNamespaceAttribute(Connection connection, String str, String str2) throws ApplicationSessionException {
        MasterSession currentSession = getCurrentSession();
        if (currentSession == null) {
            throw new ApplicationSessionException("No session is available for namespace operation.");
        }
        try {
            assertSession(currentSession);
            currentSession.deleteNamespace(connection, str);
        } catch (SQLException e) {
            throw new ApplicationSessionException(e);
        } catch (XSException e2) {
            throw new ApplicationSessionException((Throwable) e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public String getNamespaceAttribute(String str, String str2) throws NamespaceNotFoundException, ApplicationSessionException {
        MasterSession currentSession = getCurrentSession();
        if (currentSession == null) {
            throw new ApplicationSessionException("No session is available for namespace operation.");
        }
        try {
            assertSession(currentSession);
            return currentSession.getNamespaceAttribute((Connection) null, str, str2);
        } catch (SQLException e) {
            throw new ApplicationSessionException(e);
        } catch (XSException e2) {
            if (e2.getMessage().contains("Invalid namespace")) {
                throw new NamespaceNotFoundException(e2);
            }
            throw new ApplicationSessionException((Throwable) e2);
        }
    }

    @Override // oracle.security.xs.ee.session.provider.SessionProvider
    public boolean checkPrivilege(Connection connection, byte[] bArr, String str) throws ApplicationSessionException {
        MasterSession currentSession = getCurrentSession();
        if (currentSession == null) {
            throw new ApplicationSessionException("No session is available for check privilege.");
        }
        try {
            assertSession(currentSession);
            return currentSession.checkAcl(connection, bArr, str);
        } catch (SQLException e) {
            throw new ApplicationSessionException(e);
        } catch (XSException e2) {
            throw new ApplicationSessionException((Throwable) e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void destroy() throws ApplicationSessionException {
        try {
            ((MasterSessionManagerServiceImpl) this.sessionManager).destroy();
        } catch (XSException e) {
            throw new ApplicationSessionException((Throwable) e);
        } catch (SQLException e2) {
            throw new ApplicationSessionException(e2);
        }
    }
}
