package de.fzj.unicore.wsrflite.impl;

import de.fzj.unicore.wsrflite.Model;
import de.fzj.unicore.wsrflite.Resource;
import de.fzj.unicore.wsrflite.security.VODescription;
import de.fzj.unicore.wsrflite.security.util.AuthZAttributeStore;
import eu.emi.security.authn.x509.X509Credential;
import eu.emi.security.authn.x509.impl.X500NameUtils;
import eu.unicore.security.Client;
import eu.unicore.security.OperationType;
import eu.unicore.security.SecurityTokens;
import eu.unicore.util.Log;
import java.security.cert.CertPath;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;

/* loaded from: input_file:de/fzj/unicore/wsrflite/impl/SecuredResourceImpl.class */
public abstract class SecuredResourceImpl implements Resource {
    private static final Logger logger = Log.getLogger("unicore.wsrflite", SecuredResourceImpl.class);
    protected SecuredResourceModel model;

    @Override // de.fzj.unicore.wsrflite.Resource
    public SecuredResourceModel getModel() {
        return this.model;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void setModel(Model model) {
        this.model = (SecuredResourceModel) model;
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public String getUniqueID() {
        return this.model.getUniqueID();
    }

    @Override // de.fzj.unicore.wsrflite.Resource
    public void initialise(String str, Map<String, Object> map) throws Exception {
        if (this.model == null) {
            this.model = new SecuredResourceModel();
        }
        setDefaultOwner();
    }

    public void updateSecurityTokensBeforeAIP(SecurityTokens securityTokens) {
    }

    protected void setDefaultOwner() {
        String effectiveUserName;
        SecurityTokens securityTokens = getSecurityTokens();
        if (securityTokens != null && (effectiveUserName = securityTokens.getEffectiveUserName()) != null) {
            setOwner(effectiveUserName);
        }
        if (logger.isDebugEnabled()) {
            String ownerDN = this.model.getOwnerDN();
            if (ownerDN != null) {
                logger.debug("Owner: " + X500NameUtils.getReadableForm(ownerDN));
            } else {
                logger.debug("Owner could not be assigned.");
            }
        }
    }

    public SecurityTokens getSecurityTokens() {
        return AuthZAttributeStore.getTokens();
    }

    public synchronized Client getClient() {
        return AuthZAttributeStore.getClient();
    }

    public void setOwner(CertPath certPath) {
        setOwner((X509Certificate) certPath.getCertificates().get(0));
    }

    public void setOwner(X509Certificate x509Certificate) {
        this.model.setOwnerDN(x509Certificate.getSubjectX500Principal().getName());
    }

    public void setOwner(X500Principal x500Principal) {
        this.model.setOwnerDN(x500Principal.getName());
    }

    public void setOwner(String str) {
        this.model.setOwnerDN(str);
    }

    public synchronized String getOwner() {
        String ownerDN = this.model.getOwnerDN();
        if (ownerDN != null) {
            return ownerDN;
        }
        X509Credential credential = getKernel().getContainerSecurityConfiguration().getCredential();
        if (credential == null) {
            return "CN=ANONYMOUS,O=UNKNOWN,OU=UNKNOWN";
        }
        String name = credential.getCertificateChain()[0].getSubjectX500Principal().getName();
        logger.debug("Setting server as owner of " + getServiceName() + "<" + getUniqueID() + ">");
        this.model.setOwnerDN(name);
        return name;
    }

    public Map<VODescription, Set<OperationType>> getExtendedVOMembership() {
        return Collections.unmodifiableMap(this.model.getVoMembership());
    }

    public Map<String, Set<OperationType>> getVOMembership() {
        Map<VODescription, Set<OperationType>> voMembership = this.model.getVoMembership();
        HashMap hashMap = new HashMap();
        for (VODescription vODescription : voMembership.keySet()) {
            hashMap.put(vODescription.getVoName(), voMembership.get(vODescription));
        }
        return hashMap;
    }

    public final void setVOMembership(Map<? extends VODescription, Set<OperationType>> map) {
        this.model.setVoMembership(map);
    }

    public void updateVoMembership(Map<? extends VODescription, Set<OperationType>> map, Map<? extends VODescription, Set<OperationType>> map2, Map<? extends VODescription, Set<OperationType>> map3, Map<? extends VODescription, Set<OperationType>> map4) throws Exception {
    }

    public boolean isRecursiveVOMembershipChangeHonored() {
        return true;
    }
}
