package org.wso2.carbon.security;

import java.util.Iterator;
import java.util.Properties;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.Parameter;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceEvent;
import org.osgi.framework.ServiceListener;
import org.wso2.carbon.core.RegistryResources;
import org.wso2.carbon.registry.core.Association;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.security.deployment.SecurityDeploymentInterceptor;
import org.wso2.carbon.security.util.RahasUtil;
import org.wso2.carbon.security.util.ServerCrypto;
import org.wso2.carbon.security.util.ServicePasswordCallbackHandler;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.utils.ConfigurationContextService;

/* loaded from: input_file:org/wso2/carbon/security/SecurityParameterLoader.class */
public class SecurityParameterLoader implements ServiceListener {
    private BundleContext bundleContext;

    public SecurityParameterLoader(BundleContext bundleContext) {
        this.bundleContext = null;
        this.bundleContext = bundleContext;
    }

    public void serviceChanged(ServiceEvent serviceEvent) {
        if (serviceEvent.getType() == 1) {
            try {
                ConfigurationContextService configurationContextService = (ConfigurationContextService) this.bundleContext.getService(serviceEvent.getServiceReference());
                configurationContextService.getServerConfigContext().getAxisConfiguration().addObservers(new SecurityDeploymentInterceptor((UserRealm) this.bundleContext.getService(this.bundleContext.getServiceReferences(UserRealm.class.getName(), "(RealmGenre=Delegating)")[0]), ((RegistryService) this.bundleContext.getService(this.bundleContext.getServiceReference(RegistryService.class.getName()))).getSystemRegistry()));
                this.bundleContext.removeServiceListener(this);
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    protected void loadSecurityParamters(Registry registry, ConfigurationContext configurationContext, UserRealm userRealm) throws Exception {
        if (registry == null || configurationContext == null) {
            throw new Exception("null services");
        }
        for (SecurityScenario securityScenario : SecurityScenarioDatabase.getAllScenarios()) {
            Iterator<String> it = securityScenario.getServices().iterator();
            while (it.hasNext()) {
                applySecurityParamters(it.next(), registry, configurationContext, securityScenario, userRealm);
            }
        }
    }

    private void applySecurityParamters(String str, Registry registry, ConfigurationContext configurationContext, SecurityScenario securityScenario, UserRealm userRealm) {
        try {
            AxisService serviceForActivation = configurationContext.getAxisConfiguration().getServiceForActivation(str);
            String str2 = RegistryResources.SERVICE_GROUPS + serviceForActivation.getAxisServiceGroup().getServiceGroupName() + "/services/" + str;
            ServicePasswordCallbackHandler servicePasswordCallbackHandler = new ServicePasswordCallbackHandler(str, userRealm.getAccessControlAdmin().getAllowedRolesForResource(str2, "Invoke Service"), registry);
            Parameter parameter = new Parameter();
            parameter.setName("passwordCallbackRef");
            parameter.setValue(servicePasswordCallbackHandler);
            serviceForActivation.addParameter(parameter);
            if (!securityScenario.equals(SecurityConstants.USERNAME_TOKEN_SCENARIO_ID)) {
                Parameter parameter2 = new Parameter();
                parameter2.setName("disableREST");
                parameter2.setValue(Boolean.TRUE.toString());
                serviceForActivation.addParameter(parameter2);
            }
            if (registry.get(str2).getProperty(SecurityConstants.PROP_RAHAS_SCT_ISSUER) != null) {
                Association[] associations = registry.getAssociations(str2, SecurityConstants.ASSOCIATION_PRIVATE_KEYSTORE);
                registry.getAssociations(str2, SecurityConstants.ASSOCIATION_TRUSTED_KEYSTORE);
                Properties properties = new Properties();
                if (associations == null || associations.length <= 0) {
                    throw new Exception("Cannot start Rahas");
                }
                String destinationPath = associations[0].getDestinationPath();
                properties.setProperty(ServerCrypto.PROP_ID_PRIVATE_STORE, destinationPath.substring(destinationPath.lastIndexOf("/") + 1));
                properties.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS, registry.get(destinationPath).getProperty(SecurityConstants.PROP_PRIVATE_KEY_ALIAS));
                RahasUtil.getSCTIssuerConfigParameter(ServerCrypto.class.getName(), properties, -1, null, true, true);
                RahasUtil.getTokenCancelerConfigParameter();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
