package com.sun.enterprise.security.admin.cli;

import com.sun.enterprise.config.serverbeans.Config;
import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.config.serverbeans.SecureAdmin;
import com.sun.enterprise.config.serverbeans.SecureAdminHelper;
import com.sun.enterprise.config.serverbeans.SecureAdminPrincipal;
import com.sun.enterprise.config.serverbeans.ServerTags;
import com.sun.enterprise.module.bootstrap.StartupContext;
import com.sun.enterprise.security.admin.cli.SecureAdminCommand;
import com.sun.enterprise.security.ssl.SSLUtils;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.security.KeyStoreException;
import java.util.Iterator;
import java.util.Properties;
import java.util.UUID;
import javax.inject.Inject;
import org.glassfish.grizzly.config.dom.NetworkConfig;
import org.glassfish.hk2.api.PerLookup;
import org.glassfish.hk2.api.ServiceLocator;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.config.RetryableException;
import org.jvnet.hk2.config.Transaction;
import org.jvnet.hk2.config.TransactionFailure;

@Service
@PerLookup
/* loaded from: input_file:com/sun/enterprise/security/admin/cli/SecureAdminUpgradeHelper.class */
public class SecureAdminUpgradeHelper {
    protected static final String DAS_CONFIG_NAME = "server-config";

    @Inject
    protected Domain domain;

    @Inject
    protected ServiceLocator habitat;

    @Inject
    protected StartupContext startupContext;
    private Transaction t = null;
    private SecureAdmin secureAdmin = null;
    private SecureAdminCommand.TopLevelContext topLevelContext = null;
    private SecureAdminHelper secureAdminHelper = null;
    private SSLUtils sslUtils = null;
    private Properties startupArgs = null;

    /* JADX INFO: Access modifiers changed from: protected */
    public final Transaction transaction() {
        if (this.t == null) {
            this.t = new Transaction();
        }
        return this.t;
    }

    private SecureAdminCommand.TopLevelContext topLevelContext() {
        if (this.topLevelContext == null) {
            this.topLevelContext = new SecureAdminCommand.TopLevelContext(transaction(), this.domain);
        }
        return this.topLevelContext;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void commit() throws RetryableException, TransactionFailure {
        if (this.t != null) {
            this.t.commit();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void rollback() {
        if (this.t != null) {
            this.t.rollback();
        }
    }

    protected final String specialAdminIndicator() {
        return UUID.randomUUID().toString();
    }

    protected final SecureAdmin secureAdmin() throws TransactionFailure {
        if (this.secureAdmin == null) {
            this.secureAdmin = this.domain.getSecureAdmin();
            if (this.secureAdmin == null) {
                this.secureAdmin = writableSecureAdmin();
                this.secureAdmin.setSpecialAdminIndicator(specialAdminIndicator());
            }
        }
        return this.secureAdmin;
    }

    protected final Domain writableDomain() throws TransactionFailure {
        return topLevelContext().writableDomain();
    }

    protected final SecureAdmin writableSecureAdmin() throws TransactionFailure {
        return topLevelContext().writableSecureAdmin();
    }

    protected final SecureAdminHelper secureAdminHelper() {
        if (this.secureAdminHelper == null) {
            this.secureAdminHelper = (SecureAdminHelper) this.habitat.getService(SecureAdminHelper.class, new Annotation[0]);
        }
        return this.secureAdminHelper;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final SSLUtils sslUtils() {
        if (this.sslUtils == null) {
            this.sslUtils = (SSLUtils) this.habitat.getService(SSLUtils.class, new Annotation[0]);
        }
        return this.sslUtils;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void ensureSecureAdminReady() throws TransactionFailure, IOException, KeyStoreException {
        if (secureAdmin().getSpecialAdminIndicator().isEmpty()) {
            writableSecureAdmin().setSpecialAdminIndicator(specialAdminIndicator());
        }
        if (secureAdmin().getSecureAdminPrincipal().isEmpty() && secureAdmin().getSecureAdminInternalUser().isEmpty()) {
            addPrincipalForAlias(secureAdmin().dasAlias());
            addPrincipalForAlias(secureAdmin().instanceAlias());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final String startupArg(String str) {
        if (this.startupArgs == null) {
            if (this.startupContext != null) {
                this.startupArgs = this.startupContext.getArguments();
            } else {
                this.startupArgs = new Properties();
            }
        }
        return this.startupArgs.getProperty(str);
    }

    private void addPrincipalForAlias(String str) throws IOException, KeyStoreException, TransactionFailure {
        SecureAdminPrincipal secureAdminPrincipal = (SecureAdminPrincipal) writableSecureAdmin().createChild(SecureAdminPrincipal.class);
        secureAdminPrincipal.setDn(secureAdminHelper().getDN(str, true));
        writableSecureAdmin().getSecureAdminPrincipal().add(secureAdminPrincipal);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void ensureNonDASConfigsReady() throws TransactionFailure {
        for (Config config : this.domain.getConfigs().getConfig()) {
            if (!config.getName().equals("server-config") && !ensureConfigReady(config)) {
                return;
            }
        }
    }

    protected final void ensureDASConfigReady() {
    }

    private boolean ensureConfigReady(Config config) throws TransactionFailure {
        NetworkConfig networkConfig = config.getNetworkConfig();
        if (networkConfig == null || networkConfig.getProtocols().findProtocol(ServerTags.SEC_ADMIN_LISTENER_PROTOCOL_NAME) != null) {
            return true;
        }
        EnableSecureAdminCommand enableSecureAdminCommand = new EnableSecureAdminCommand();
        SecureAdminCommand.ConfigLevelContext configLevelContext = new SecureAdminCommand.ConfigLevelContext(topLevelContext(), (Config) transaction().enroll(config));
        Iterator<SecureAdminCommand.Work<SecureAdminCommand.ConfigLevelContext>> perConfigSteps = enableSecureAdminCommand.perConfigSteps();
        while (perConfigSteps.hasNext()) {
            if (!perConfigSteps.next().run(configLevelContext)) {
                rollback();
                return false;
            }
        }
        return true;
    }
}
