package com.apusic.ejb.container;

import com.apusic.deploy.runtime.AppContext;
import com.apusic.deploy.runtime.EnvContext;
import com.apusic.deploy.runtime.J2EEModule;
import com.apusic.deploy.runtime.ModuleContext;
import com.apusic.ejb.container.ContainerException;
import com.apusic.invocation.Invocation;
import com.apusic.security.Security;
import com.apusic.security.SecurityController;
import com.apusic.util.StringManager;
import java.security.Principal;
import java.util.concurrent.locks.Lock;
import javax.security.auth.x500.X500Principal;
import javax.transaction.Transaction;

/* loaded from: input_file:com/apusic/ejb/container/EJBInvocation.class */
public final class EJBInvocation extends Invocation {
    public final Container container;
    public final Component component;
    public final MethodDesc method;
    public int invokeType;
    public final boolean isLocal;
    public Context context;
    public Transaction clientTx;
    public Transaction currentTx;
    private Principal caller;
    boolean tx_inited;
    boolean singletonInitFailed;
    Lock lock;
    boolean wasCancelCalled = false;
    EjbFutureTask<?> futureTask;
    private boolean impersonated;
    private static final StringManager sm = StringManager.getManager();
    private static final Object InvalidToken = new Object();

    public EJBInvocation(Container container, Context context, Component component, MethodDesc methodDesc) {
        this.container = container;
        this.context = context;
        this.component = component;
        this.method = methodDesc;
        this.isLocal = methodDesc != null && methodDesc.isLocal();
    }

    @Override // com.apusic.invocation.Invocation
    public EnvContext getEnvContext() {
        return this.container.getEnvContext();
    }

    @Override // com.apusic.invocation.Invocation
    public ModuleContext getModuleContext() {
        return this.container.getModuleContext();
    }

    @Override // com.apusic.invocation.Invocation
    public AppContext getAppContext() {
        return this.container.getAppContext();
    }

    @Override // com.apusic.invocation.Invocation
    public Object getComponent() {
        return this.context;
    }

    @Override // com.apusic.invocation.Invocation
    public J2EEModule getJ2EEModule() {
        return this.container.getEJBModule();
    }

    @Override // com.apusic.invocation.Invocation
    public Object getContainer() {
        return this.container;
    }

    public Principal getCallerPrincipal() {
        if (this.caller == null) {
            this.caller = Security.getCurrentUser();
        }
        return this.caller;
    }

    @Override // com.apusic.invocation.Invocation
    protected void doPreInvoke() throws Exception {
        if (this.method == null || this.method.isInternal()) {
            return;
        }
        if (this.container.isUndeployed()) {
            throw new ContainerException.NO_SUCH_OBJECT(sm.get("CONTAINER_UNDEPLOYED"));
        }
        checkAccess();
        setSecurityIdentity();
    }

    @Override // com.apusic.invocation.Invocation
    protected Throwable doPostInvoke(Throwable th) {
        if (this.method == null || this.method.isInternal()) {
            return th;
        }
        restoreSecurityIdentity();
        return th;
    }

    private void checkAccess() throws ContainerException {
        if (this.method.isInternal() || this.method.isUnchecked()) {
            return;
        }
        if (isClientCertViolated() || !this.container.checkMethodPermission(this)) {
            throw new ContainerException.ACCESS(sm.get("ACCESS_DENIED", this.caller, this.method.getMethod().toString()));
        }
    }

    private boolean isClientCertViolated() {
        String property = this.container.getEJBModel().getProperty("webservice-port-need-client-cert-login");
        return (property == null || !property.equalsIgnoreCase("true") || (getCallerPrincipal() instanceof X500Principal)) ? false : true;
    }

    private void setSecurityIdentity() {
        if (this.container.runAsRole == null) {
            return;
        }
        SecurityController securityController = Security.getSecurityController();
        Object obj = this.container.runAsToken;
        if (obj == null) {
            synchronized (this.container) {
                Object obj2 = this.container.runAsToken;
                obj = obj2;
                if (obj2 == null) {
                    Principal mappedPrincipal = this.container.getApplication().getRoleMapper().getMappedPrincipal(this.container.runAsRole);
                    if (mappedPrincipal != null) {
                        try {
                            obj = securityController.getImpersonateToken(mappedPrincipal.getName());
                        } catch (Exception e) {
                            obj = InvalidToken;
                        }
                    } else {
                        obj = InvalidToken;
                    }
                    this.container.runAsToken = obj;
                }
            }
        }
        if (obj == InvalidToken) {
            return;
        }
        this.caller = Security.getCurrentUser();
        try {
            securityController.impersonate(obj);
            this.impersonated = true;
        } catch (Exception e2) {
        }
    }

    private void restoreSecurityIdentity() {
        if (this.impersonated) {
            Security.getSecurityController().revertToSelf();
            this.impersonated = false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.apusic.invocation.Invocation
    public String currentRealm() throws Exception {
        return this.container.getApplication().getRealmName();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.apusic.invocation.Invocation
    public boolean isPwdTransEncrypted() {
        return this.container.getApplication().isPwdTransEncrypted();
    }

    @Override // com.apusic.invocation.Invocation
    protected ClassLoader getClassLoader() {
        return this.container.getClassLoader();
    }
}
