package org.globus.wsrf.impl.security.authorization;

import java.io.IOException;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.gsi.jaas.UserNamePrincipal;
import org.globus.security.gridmap.GridMap;
import org.globus.util.I18n;
import org.globus.wsrf.Resource;
import org.globus.wsrf.ResourceContext;
import org.globus.wsrf.ResourceContextException;
import org.globus.wsrf.ResourceException;
import org.globus.wsrf.config.ConfigException;
import org.globus.wsrf.impl.security.authorization.exceptions.AuthorizationException;
import org.globus.wsrf.impl.security.authorization.exceptions.CloseException;
import org.globus.wsrf.impl.security.authorization.exceptions.InitializeException;
import org.globus.wsrf.impl.security.authorization.exceptions.InvalidPolicyException;
import org.globus.wsrf.impl.security.descriptor.SecurityPropertiesHelper;
import org.globus.wsrf.impl.security.util.AuthUtil;
import org.globus.wsrf.security.authorization.PDP;
import org.globus.wsrf.security.authorization.PDPConfig;
import org.w3c.dom.Node;

/* loaded from: input_file:WEB-INF/lib/ghn-core-runtime-1.0.0.jar:org/globus/wsrf/impl/security/authorization/GridMapAuthorization.class */
public class GridMapAuthorization implements PDP {
    private static I18n i18n;
    String servicePath = null;
    private static Log logger;
    static Class class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization;

    public static GridMapAuthorization getInstance() {
        return new GridMapAuthorization();
    }

    @Override // org.globus.wsrf.security.authorization.Interceptor
    public void initialize(PDPConfig pDPConfig, String str, String str2) throws InitializeException {
        this.servicePath = str2;
        logger.debug(new StringBuffer().append("service ").append(this.servicePath).toString());
    }

    @Override // org.globus.wsrf.security.authorization.PDP
    public String[] getPolicyNames() {
        return null;
    }

    @Override // org.globus.wsrf.security.authorization.PDP
    public Node getPolicy(Node node) throws InvalidPolicyException {
        return null;
    }

    @Override // org.globus.wsrf.security.authorization.PDP
    public Node setPolicy(Node node) throws InvalidPolicyException {
        return null;
    }

    @Override // org.globus.wsrf.security.authorization.Interceptor
    public void close() throws CloseException {
        this.servicePath = null;
    }

    @Override // org.globus.wsrf.security.authorization.PDP
    public boolean isPermitted(Subject subject, MessageContext messageContext, QName qName) throws AuthorizationException {
        Resource resource;
        logger.debug("Grid map authz");
        if (subject == null) {
            throw new IllegalArgumentException(i18n.getMessage("noPeerSubject"));
        }
        try {
            resource = ResourceContext.getResourceContext((org.apache.axis.MessageContext) messageContext).getResource();
        } catch (ResourceContextException e) {
            logger.debug("Error retrieving resource", e);
            resource = null;
        } catch (ResourceException e2) {
            logger.debug("Error retrieving resource", e2);
            resource = null;
        }
        logger.debug(new StringBuffer().append("Service ").append(this.servicePath).toString());
        try {
            GridMap gridMap = SecurityPropertiesHelper.getGridMap(this.servicePath, resource);
            if (gridMap == null) {
                throw new IllegalStateException(i18n.getMessage("noGridmap"));
            }
            try {
                gridMap.refresh();
                String identity = AuthUtil.getIdentity(subject);
                if (identity == null) {
                    logger.debug(i18n.getMessage("anonPeer"));
                    throw new AuthorizationException(i18n.getMessage("anonPeer"));
                }
                String[] userIDs = gridMap.getUserIDs(identity);
                if (userIDs == null || userIDs.length <= 0) {
                    logger.warn(i18n.getMessage("gridmapAuthFailed", identity));
                    return false;
                }
                if (logger.isDebugEnabled()) {
                    logger.debug(i18n.getMessage("gridmapAuthSuccess", new Object[]{identity, userIDs[0]}));
                }
                for (String str : userIDs) {
                    subject.getPrincipals().add(new UserNamePrincipal(str));
                }
                return true;
            } catch (IOException e3) {
                logger.error(i18n.getMessage("gridmapRefreshFail"), e3);
                throw new AuthorizationException(i18n.getMessage("gridmapRefreshFail"), e3);
            }
        } catch (ConfigException e4) {
            logger.debug(i18n.getMessage("errGridMap"), e4);
            throw new AuthorizationException(i18n.getMessage("errGridMap"));
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization == null) {
            cls = class$("org.globus.wsrf.impl.security.authorization.GridMapAuthorization");
            class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization;
        }
        i18n = I18n.getI18n("org.globus.wsrf.impl.security.authorization.errors", cls.getClassLoader());
        if (class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization == null) {
            cls2 = class$("org.globus.wsrf.impl.security.authorization.GridMapAuthorization");
            class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization = cls2;
        } else {
            cls2 = class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization;
        }
        logger = LogFactory.getLog(cls2.getName());
    }
}
