package org.gcube.common.core.security;

import java.rmi.Remote;
import java.util.Collections;
import java.util.Map;
import java.util.WeakHashMap;
import javax.xml.rpc.Stub;
import org.gcube.common.core.security.GCUBESecurityManager;
import org.gcube.common.core.security.impl.GSSSecurityCredentials;
import org.gcube.common.core.utils.logging.GCUBELog;
import org.globus.gsi.GSIConstants;
import org.globus.wsrf.impl.security.authentication.Constants;
import org.globus.wsrf.impl.security.authorization.HostAuthorization;
import org.ietf.jgss.GSSCredential;

/* loaded from: input_file:WEB-INF/lib/gcf-1.6.2-3.8.0.jar:org/gcube/common/core/security/GCUBESecurityManagerImpl.class */
public abstract class GCUBESecurityManagerImpl implements GCUBESecurityManager {
    protected GCUBELog logger = new GCUBELog(this);
    protected Map<Thread, GSSCredential> callCredentials = Collections.synchronizedMap(new WeakHashMap());
    protected String name = getClass().getSimpleName();
    protected GCUBESecurityManager.AuthMethod authMethod = GCUBESecurityManager.AuthMethod.GSI_CONV;

    public void setLogger(GCUBELog gCUBELog) {
        this.logger = gCUBELog;
    }

    protected String getName() {
        return this.name;
    }

    protected void setName(String str) {
        this.name = str;
        this.logger.setPrefix(str);
    }

    @Override // org.gcube.common.core.security.GCUBESecurityManager
    public abstract boolean isSecurityEnabled();

    @Override // org.gcube.common.core.security.GCUBESecurityManager
    @Deprecated
    public void useCredentials(GSSCredential gSSCredential) throws Exception {
        useCredentials(Thread.currentThread(), gSSCredential);
    }

    @Deprecated
    public void useCredentials(Thread thread, GSSCredential... gSSCredentialArr) throws Exception {
        GSSSecurityCredentials[] gSSSecurityCredentialsArr = new GSSSecurityCredentials[gSSCredentialArr.length];
        for (int i = 0; i < gSSCredentialArr.length; i++) {
            gSSSecurityCredentialsArr[i] = new GSSSecurityCredentials(gSSCredentialArr[i]);
        }
        useCredentials(thread, gSSSecurityCredentialsArr);
    }

    @Override // org.gcube.common.core.security.GCUBESecurityManager
    public void useCredentials(SecurityCredentials securityCredentials) throws Exception {
        useCredentials(Thread.currentThread(), securityCredentials);
    }

    @Override // org.gcube.common.core.security.GCUBESecurityManager
    public void useCredentials(Thread thread, SecurityCredentials... securityCredentialsArr) throws Exception {
        if (isSecurityEnabled()) {
            if (securityCredentialsArr.length == 0) {
                securityCredentialsArr = new SecurityCredentials[]{getCredentials()};
            }
            GSSCredential gSSCredential = (GSSCredential) securityCredentialsArr[0].getCredentialsAsObject();
            this.logger.debug("Using credentials of (" + gSSCredential.getName() + ") in thread " + thread.getName() + "(" + thread.getId() + ")");
            this.callCredentials.put(thread, gSSCredential);
        }
    }

    @Override // org.gcube.common.core.security.GCUBESecurityManager
    public SecurityCredentials getCredentials() {
        GSSCredential gSSCredential = this.callCredentials.get(Thread.currentThread());
        if (gSSCredential == null) {
            return null;
        }
        return new GSSSecurityCredentials(gSSCredential);
    }

    @Override // org.gcube.common.core.security.GCUBESecurityManager
    public synchronized void setSecurity(Remote remote, GCUBESecurityManager.AuthMode authMode, GCUBESecurityManager.DelegationMode delegationMode) throws Exception {
        if (isSecurityEnabled()) {
            Stub stub = (Stub) remote;
            stub._setProperty("org.globus.gsi.credentials", getCredentials());
            stub._setProperty(Constants.CONTEXT_LIFETIME, 300);
            String str = null;
            switch (this.authMethod) {
                case GSI_CONV:
                    str = org.globus.wsrf.security.Constants.GSI_SEC_CONV;
                    break;
                case GSI_TRANS:
                    str = GSIConstants.GSI_TRANSPORT;
                    break;
            }
            switch (authMode) {
                case INTEGRITY:
                    stub._setProperty(str, GSIConstants.SIGNATURE);
                    break;
                case PRIVACY:
                    stub._setProperty(str, GSIConstants.ENCRYPTION);
                    break;
                case BOTH:
                    stub._setProperty(str, GSIConstants.SIGNATURE);
                    stub._setProperty(str, GSIConstants.ENCRYPTION);
                    break;
            }
            switch (delegationMode) {
                case FULL:
                    stub._setProperty(org.globus.wsrf.security.Constants.AUTHORIZATION, HostAuthorization.getInstance());
                    stub._setProperty(org.globus.axis.gsi.GSIConstants.GSI_MODE, org.globus.axis.gsi.GSIConstants.GSI_MODE_FULL_DELEG);
                    break;
                case LIMITED:
                    stub._setProperty(org.globus.wsrf.security.Constants.AUTHORIZATION, HostAuthorization.getInstance());
                    stub._setProperty(org.globus.axis.gsi.GSIConstants.GSI_MODE, org.globus.axis.gsi.GSIConstants.GSI_MODE_LIMITED_DELEG);
                    break;
            }
            this.logger.debug("Setting authentication=" + authMode.name() + " and delegation=" + delegationMode.name() + " on " + stub.getClass().getSimpleName());
        }
    }

    @Override // org.gcube.common.core.security.GCUBESecurityManager
    public void setAuthMethod(GCUBESecurityManager.AuthMethod authMethod) {
        this.authMethod = authMethod;
    }
}
