package org.wso2.carbon.security.config;

import java.io.ByteArrayOutputStream;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamWriter;
import org.apache.axis2.AxisFault;
import org.apache.axis2.description.AxisEndpoint;
import org.apache.axis2.description.AxisModule;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.AxisConfiguration;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.neethi.Policy;
import org.wso2.carbon.security.SecurityConstants;
import org.wso2.carbon.security.util.RahasUtil;
import org.wso2.carbon.security.util.ServerCrypto;
import org.wso2.carbon.utils.ServerException;
import org.wso2.registry.Association;
import org.wso2.registry.Registry;
import org.wso2.registry.Resource;
import org.wso2.registry.exceptions.RegistryException;

/* loaded from: input_file:org/wso2/carbon/security/config/SecurityServiceAdmin.class */
public class SecurityServiceAdmin {
    private Registry registry;
    protected AxisConfiguration axisConfig;
    private static Log log = LogFactory.getLog(SecurityServiceAdmin.class);

    public SecurityServiceAdmin(AxisConfiguration axisConfiguration) {
        this.registry = null;
        this.axisConfig = null;
        this.axisConfig = axisConfiguration;
        this.registry = (Registry) this.axisConfig.getParameterValue("WSO2Registry");
    }

    public void addPoliciesToService(AxisService axisService, Policy policy, int i, String[] strArr) throws ServerException {
        try {
            Resource newResource = this.registry.newResource();
            newResource.setProperty("policy.type", String.valueOf(i));
            newResource.setProperty("policy.uuid", policy.getId());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            XMLStreamWriter createXMLStreamWriter = XMLOutputFactory.newInstance().createXMLStreamWriter(byteArrayOutputStream);
            policy.serialize(createXMLStreamWriter);
            createXMLStreamWriter.flush();
            newResource.setContent(byteArrayOutputStream.toString());
            newResource.setProperty("policy.type", "9");
            String str = "/carbon/service-groups/" + axisService.getAxisServiceGroup().getServiceGroupName() + "/services/" + axisService.getName();
            this.registry.put(str + "/policies/" + policy.getId(), newResource);
            Iterator it = axisService.getEndpoints().entrySet().iterator();
            while (it.hasNext()) {
                ((AxisEndpoint) ((Map.Entry) it.next()).getValue()).getBinding().getPolicySubject().attachPolicy(policy);
            }
            Association[] associations = this.registry.getAssociations(str, "engaged.modules");
            for (String str2 : strArr) {
                AxisModule module = axisService.getAxisConfiguration().getModule(str2);
                String str3 = "/carbon/modules/" + str2 + "/" + module.getVersion();
                boolean z = false;
                int length = associations.length;
                int i2 = 0;
                while (true) {
                    if (i2 >= length) {
                        break;
                    }
                    if (associations[i2].getDestinationPath().equals(str3)) {
                        z = true;
                        break;
                    }
                    i2++;
                }
                if (!z) {
                    this.registry.addAssociation(str, str3, "engaged.modules");
                }
                axisService.disengageModule(module);
                axisService.engageModule(module);
                if (str2.equalsIgnoreCase("rahas")) {
                    setRahasParameters(axisService);
                }
            }
        } catch (Exception e) {
            log.error(e);
            throw new ServerException("addPoliciesToService");
        }
    }

    private void setRahasParameters(AxisService axisService) throws RegistryException, AxisFault {
        Properties properties = new Properties();
        String name = axisService.getName();
        String str = "/carbon/service-groups/" + axisService.getAxisServiceGroup().getServiceGroupName() + "/services/" + name;
        Resource resource = this.registry.get(str);
        Association[] associations = this.registry.getAssociations(str, SecurityConstants.ASSOCIATION_PRIVATE_KEYSTORE);
        Association[] associations2 = this.registry.getAssociations(str, SecurityConstants.ASSOCIATION_TRUSTED_KEYSTORE);
        if (associations != null && associations.length > 0) {
            String destinationPath = associations[0].getDestinationPath();
            properties.setProperty(ServerCrypto.PROP_ID_PRIVATE_STORE, destinationPath.substring(destinationPath.lastIndexOf("/") + 1));
            properties.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS, this.registry.get(destinationPath).getProperty(SecurityConstants.PROP_PRIVATE_KEY_ALIAS));
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (Association association : associations2) {
            String destinationPath2 = association.getDestinationPath();
            stringBuffer.append(destinationPath2.substring(destinationPath2.lastIndexOf("/"))).append(",");
        }
        properties.setProperty(ServerCrypto.PROP_ID_TRUST_STORES, stringBuffer.toString());
        try {
            setServiceParameterElement(name, RahasUtil.getSCTIssuerConfigParameter(ServerCrypto.class.getName(), properties, -1, null, true, true));
            setServiceParameterElement(name, RahasUtil.getTokenCancelerConfigParameter());
            resource.setProperty(SecurityConstants.PROP_RAHAS_SCT_ISSUER, "true");
        } catch (Exception e) {
            throw new AxisFault("Could not configure Rahas parameters", e);
        }
    }

    public void setServiceParameterElement(String str, Parameter parameter) throws AxisFault {
        AxisService service = this.axisConfig.getService(str);
        if (service == null) {
            throw new AxisFault("Invalid service name '" + str + "'");
        }
        Parameter parameter2 = service.getParameter(parameter.getName());
        if (parameter2 == null) {
            service.addParameter(parameter);
        } else {
            if (parameter2.isLocked()) {
                return;
            }
            service.addParameter(parameter);
        }
    }
}
