package de.fzj.unicore.wsrflite.impl;

import de.fzj.unicore.wsrflite.Resource;
import de.fzj.unicore.wsrflite.persistence.Persist;
import de.fzj.unicore.wsrflite.security.VODescription;
import de.fzj.unicore.wsrflite.security.util.AuthZAttributeStore;
import eu.emi.security.authn.x509.X509Credential;
import eu.unicore.security.Client;
import eu.unicore.security.OperationType;
import eu.unicore.security.SecurityTokens;
import eu.unicore.util.Log;
import java.io.Serializable;
import java.security.cert.CertPath;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;

/* loaded from: input_file:de/fzj/unicore/wsrflite/impl/SecuredResourceImpl.class */
public abstract class SecuredResourceImpl implements Resource {
    private static final Logger logger = Log.getLogger("unicore.wsrflite", SecuredResourceImpl.class);

    @Persist
    private X500Principal owner;

    @Persist
    protected Map<VODescription, Set<OperationType>> voMembership = new HashMap();

    @Override // de.fzj.unicore.wsrflite.Resource
    public void initialise(String str, Map<String, Object> map) throws Exception {
        setDefaultOwner();
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public Map<String, Serializable> passivate() {
        return new HashMap();
    }

    public void updateSecurityTokensBeforeAIP(SecurityTokens securityTokens) {
    }

    protected void setDefaultOwner() {
        X500Principal effectiveUserName;
        SecurityTokens securityTokens = getSecurityTokens();
        if (securityTokens != null && (effectiveUserName = securityTokens.getEffectiveUserName()) != null) {
            setOwner(effectiveUserName);
        }
        if (logger.isDebugEnabled()) {
            if (this.owner != null) {
                logger.debug("Owner: " + getOwner().getName());
            } else {
                logger.debug("Owner could not be assigned.");
            }
        }
    }

    public SecurityTokens getSecurityTokens() {
        return AuthZAttributeStore.getTokens();
    }

    public synchronized Client getClient() {
        return AuthZAttributeStore.getClient();
    }

    public void setOwner(CertPath certPath) {
        this.owner = ((X509Certificate) certPath.getCertificates().get(0)).getSubjectX500Principal();
    }

    public void setOwner(X509Certificate x509Certificate) {
        this.owner = x509Certificate.getSubjectX500Principal();
    }

    public void setOwner(X500Principal x500Principal) {
        this.owner = x500Principal;
    }

    public void setOwner(String str) {
        this.owner = new X500Principal(str);
    }

    public X500Principal getOwner() {
        if (this.owner != null) {
            return this.owner;
        }
        X509Credential credential = getKernel().getContainerSecurityConfiguration().getCredential();
        if (credential == null) {
            return new X500Principal("CN=ANONYMOUS,O=UNKNOWN,OU=UNKNOWN");
        }
        this.owner = credential.getCertificateChain()[0].getSubjectX500Principal();
        logger.debug("Setting server as owner of " + getServiceName() + "<" + getUniqueID() + ">");
        return this.owner;
    }

    public Map<VODescription, Set<OperationType>> getExtendedVOMembership() {
        Map<VODescription, Set<OperationType>> map;
        synchronized (this.voMembership) {
            map = this.voMembership;
        }
        return map;
    }

    public Map<String, Set<OperationType>> getVOMembership() {
        HashMap hashMap;
        synchronized (this.voMembership) {
            hashMap = new HashMap();
            for (VODescription vODescription : this.voMembership.keySet()) {
                hashMap.put(vODescription.getVoName(), this.voMembership.get(vODescription));
            }
        }
        return hashMap;
    }

    public final void setVOMembership(Map<? extends VODescription, Set<OperationType>> map) {
        synchronized (this.voMembership) {
            this.voMembership = Collections.unmodifiableMap(map);
        }
    }

    public void updateVoMembership(Map<? extends VODescription, Set<OperationType>> map, Map<? extends VODescription, Set<OperationType>> map2, Map<? extends VODescription, Set<OperationType>> map3, Map<? extends VODescription, Set<OperationType>> map4) throws Exception {
    }

    public boolean isRecursiveVOMembershipChangeHonored() {
        return true;
    }
}
