package com.apusic.security;

import com.apusic.logging.Level2;
import com.apusic.logging.Logger;
import com.apusic.security.auth.login.PasswordCredential;
import com.apusic.security.jaspic.AppservAccessController;
import java.io.Serializable;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.AuthPermission;
import javax.security.auth.Subject;

/* loaded from: input_file:com/apusic/security/SecurityContext.class */
public final class SecurityContext implements Serializable {
    private static InheritableThreadLocal<SecurityContext> currentSecCtx = new InheritableThreadLocal<>();
    private static SecurityContext defaultSecurityContext = generateDefaultSecurityContext();
    private static AuthPermission doAsPrivilegedPerm = new AuthPermission("doAsPrivileged");
    private static final ThreadLocal<Long> clientThreadID = new ThreadLocal<>();
    private static Logger log = Logger.getLogger("security.SecurityContext");
    private Object accessToken;
    private Object credential;
    private boolean impersonation;
    private Principal initiator;
    private Subject subject;

    public SecurityContext() {
        this.initiator = null;
        this.subject = null;
        this.subject = new Subject();
        this.initiator = null;
        AppservAccessController.doPrivileged(new PrivilegedAction() { // from class: com.apusic.security.SecurityContext.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                SecurityContext.this.subject.setReadOnly();
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityContext(Object obj, Object obj2) {
        this.initiator = null;
        this.subject = null;
        this.accessToken = obj;
        this.credential = obj2;
    }

    public SecurityContext(Subject subject) {
        this.initiator = null;
        this.subject = null;
        if (subject == null) {
            subject = new Subject();
            if (log.isLoggable(Level2.WARNING)) {
                log.warning("Subject is null.");
            }
        }
        final Subject subject2 = subject;
        this.subject = subject;
        this.initiator = (Principal) AppservAccessController.doPrivileged(new PrivilegedAction<Principal>() { // from class: com.apusic.security.SecurityContext.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Principal run() {
                Principal principal = null;
                Iterator<Principal> it = subject2.getPrincipals().iterator();
                if (it.hasNext()) {
                    principal = it.next();
                }
                return principal;
            }
        });
    }

    public Object getAccessToken() {
        return this.accessToken;
    }

    public Principal getUserPrincipal() {
        if (this.accessToken != null) {
            return ((AccessToken) this.accessToken).getPrincipal();
        }
        if (this.subject != null) {
            return this.initiator;
        }
        return null;
    }

    public Object getCredential() {
        if (this.credential != null) {
            return this.credential;
        }
        if (this.subject == null) {
            return null;
        }
        Set privateCredentials = this.subject.getPrivateCredentials(PasswordCredential.class);
        if (privateCredentials.size() > 0) {
            return privateCredentials.iterator().next();
        }
        return null;
    }

    public boolean isImpersonation() {
        return this.impersonation;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setImpersonation() {
        this.impersonation = true;
    }

    public static SecurityContext getCurrent() {
        SecurityContext securityContext = currentSecCtx.get();
        if (securityContext == null) {
            securityContext = defaultSecurityContext;
        }
        return securityContext;
    }

    public static void setCurrent(SecurityContext securityContext) {
        if (securityContext == null) {
            currentSecCtx.set(securityContext);
            return;
        }
        if (securityContext != currentSecCtx.get()) {
            boolean z = false;
            try {
                SecurityManager securityManager = System.getSecurityManager();
                if (securityManager != null) {
                    if (log.isLoggable(Level2.FINE)) {
                        log.trace("permission check done to set SecurityContext");
                    }
                    securityManager.checkPermission(doAsPrivilegedPerm);
                }
                z = true;
            } catch (SecurityException e) {
                log.log(Level2.SEVERE, "doAsPrivileged AuthPermission required to set SecurityContext.", (Throwable) e);
            } catch (Throwable th) {
                log.log(Level2.SEVERE, "Unexpected exception while attempting to set SecurityContext.", th);
            }
            if (z) {
                currentSecCtx.set(securityContext);
            } else {
                log.error("Could not change the SecurityContext.");
            }
        }
    }

    public static Long readClientThreadID() {
        return clientThreadID.get();
    }

    public static void setClientThreadID(Long l) {
        clientThreadID.set(l);
    }

    public static void removeClientThreadID() {
        clientThreadID.remove();
    }

    public Subject getSubject() {
        return this.subject;
    }

    public static <T> T runAs(Subject subject, PrivilegedAction<T> privilegedAction) {
        SecurityContext current = getCurrent();
        try {
            setCurrent(new SecurityContext(subject));
            T run = privilegedAction.run();
            setCurrent(current);
            return run;
        } catch (Throwable th) {
            setCurrent(current);
            throw th;
        }
    }

    public static <T> T runAs(Subject subject, PrivilegedExceptionAction<T> privilegedExceptionAction) throws PrivilegedActionException {
        SecurityContext current = getCurrent();
        try {
            try {
                setCurrent(new SecurityContext(subject));
                T run = privilegedExceptionAction.run();
                setCurrent(current);
                return run;
            } catch (Exception e) {
                throw new PrivilegedActionException(e);
            }
        } catch (Throwable th) {
            setCurrent(current);
            throw th;
        }
    }

    private static SecurityContext generateDefaultSecurityContext() {
        SecurityContext securityContext;
        synchronized (SecurityContext.class) {
            try {
                securityContext = (SecurityContext) AppservAccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.apusic.security.SecurityContext.3
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        return new SecurityContext();
                    }
                });
            } catch (Exception e) {
                log.log(Level2.SEVERE, "There was an exception obtaining the default security context.", (Throwable) e);
                return null;
            }
        }
        return securityContext;
    }

    public static SecurityContext getDefaultSecurityContext() {
        return defaultSecurityContext;
    }
}
