package com.sonicsw.ws.security.provider;

import com.sonicsw.security.pass.broker.IAuthentication;
import com.sonicsw.security.pass.broker.UsernameToken;
import com.sonicsw.ws.security.DomainTrustManager;
import com.sonicsw.ws.security.PasswordTrustManager;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.StringTokenizer;
import progress.message.broker.AgentRegistrar;
import progress.message.broker.Config;
import progress.message.zclient.IUser;
import progress.message.zclient.ProgressPasswordUser;

/* loaded from: input_file:com/sonicsw/ws/security/provider/DefaultTrustManager.class */
public class DefaultTrustManager extends PasswordTrustManager implements DomainTrustManager {
    private static boolean doDebug = false;
    AccessController m_trustManager;

    /* loaded from: input_file:com/sonicsw/ws/security/provider/DefaultTrustManager$AccessController.class */
    public static class AccessController {
        private static Object _sync = new Object();
        private static AccessController s_controller = null;
        private boolean m_external;
        private IUser m_secdb;
        private boolean m_securityEnabled = Config.ENABLE_SECURITY;
        private IAuthentication m_externalProvider = null;

        public static AccessController getController() {
            if (s_controller == null) {
                synchronized (_sync) {
                    if (s_controller == null) {
                        s_controller = new AccessController();
                    }
                }
            }
            return s_controller;
        }

        private AccessController() {
            this.m_external = false;
            this.m_secdb = null;
            if (this.m_securityEnabled) {
                if (AgentRegistrar.getAuthenticationSPI() != null) {
                    this.m_external = true;
                } else {
                    this.m_secdb = AgentRegistrar.getAgentRegistrar();
                }
            }
        }

        public Principal authenticate(String str) {
            return authenticate(str, null, false);
        }

        public Principal authenticate(String str, String str2) {
            return authenticate(str, str2, true);
        }

        public Principal authenticate(String str, String str2, boolean z) {
            if (DefaultTrustManager.doDebug) {
                System.out.println("DefaultTrustManager: authenticating user " + str + ", password required = " + z);
            }
            if (!this.m_securityEnabled) {
                return new ProgressPasswordUser(str, str2);
            }
            if (this.m_external) {
                try {
                    return this.m_externalProvider.authenticate(str, str2.getBytes(), (X509Certificate[]) null);
                } catch (Exception e) {
                    return null;
                }
            }
            if (str == null) {
                return null;
            }
            if (z && str2 == null) {
                return null;
            }
            ProgressPasswordUser user = this.m_secdb.getUser(str);
            if (!z) {
                return user;
            }
            if (user != null && user.authenticate(str2)) {
                return user;
            }
            return null;
        }

        public Principal authenticate(String str, String str2, String str3, String str4) {
            Principal principal = null;
            if (this.m_external) {
                try {
                    principal = this.m_externalProvider.authenticate(str, new UsernameToken(str, str2, true, str3, str4).toByteArray(), (X509Certificate[]) null);
                } catch (Exception e) {
                }
            }
            return principal;
        }

        public Principal isTrusted(X509Certificate x509Certificate) {
            if (x509Certificate == null) {
                return null;
            }
            if (!this.m_external) {
                return authenticate(DefaultTrustManager.parseCN(x509Certificate.getSubjectDN().getName()));
            }
            try {
                return this.m_externalProvider.authenticate((String) null, (byte[]) null, new X509Certificate[]{x509Certificate});
            } catch (Exception e) {
                return null;
            }
        }
    }

    public DefaultTrustManager() {
        this.m_trustManager = null;
        this.m_trustManager = AccessController.getController();
    }

    @Override // com.sonicsw.ws.security.PasswordTrustManager
    public Principal authenticate(String str, String str2) {
        return this.m_trustManager.authenticate(str, str2);
    }

    @Override // com.sonicsw.ws.security.PasswordTrustManager
    public Principal authenticate(String str, String str2, String str3, String str4) {
        return this.m_trustManager.authenticate(str, str2, str3, str4);
    }

    @Override // com.sonicsw.ws.security.DomainTrustManager
    public Principal isTrusted(X509Certificate[] x509CertificateArr) {
        return null;
    }

    @Override // com.sonicsw.ws.security.DomainTrustManager
    public Principal isTrusted(X509Certificate x509Certificate) {
        return this.m_trustManager.isTrusted(x509Certificate);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String parseCN(String str) {
        if (str == null) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",", false);
        while (stringTokenizer.hasMoreElements()) {
            String trim = ((String) stringTokenizer.nextElement()).trim();
            if (trim.startsWith("CN=")) {
                return trim.substring(3, trim.length());
            }
        }
        return null;
    }
}
