package com.filenet.apiimpl.util;

import com.filenet.api.exception.EngineRuntimeException;
import com.filenet.api.exception.ExceptionCode;
import com.filenet.apiimpl.authentication.util.B64;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.wsspi.security.token.SingleSignonToken;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import javax.servlet.http.Cookie;

/* loaded from: input_file:com/filenet/apiimpl/util/J2EEUtilWSBase.class */
public class J2EEUtilWSBase extends J2EEUtil {
    private static final BaseLogger logger = BaseLogger.getBaseLogger(J2EEUtilWSBase.class, SubSystem.API);
    private static boolean enableLegacyLTPA = ConfigValueLookup.getValueAsBoolean(ConfigValueLookup.ENABLE_LEGACY_LTPA, false);
    private static boolean allowAuthTokenFromAmbientSubject = ConfigValueLookup.getValueAsBoolean(ConfigValueLookup.ALLOW_AUTH_TOKEN_FROM_AMBIENT_SUBJECT, false);
    protected static Class<?> doAsClass;
    protected static Method doAsMethod;
    protected static Method getSubjectMethod;
    protected static Method getRunAsSubjectMethod;
    protected static Method getAccessTokenMethod;
    protected static Method getSSOCookieMethod;
    protected static Method getIdTokenMethod;
    protected static String MAPPING_ALIAS_KEY;
    protected static Method j2caFactoryGetInstanceMethod;
    protected static Method j2caGetCallbackHandlerMethod;

    /* JADX INFO: Access modifiers changed from: protected */
    public static void handleException(Throwable th) {
        Throwable cause = th.getCause();
        if (cause instanceof EngineRuntimeException) {
            throw ((EngineRuntimeException) cause);
        }
        if (th instanceof EngineRuntimeException) {
            throw ((EngineRuntimeException) th);
        }
        if (!(th instanceof InvocationTargetException) || !(cause instanceof RuntimeException) || !(cause.getCause() instanceof EngineRuntimeException)) {
            throw new EngineRuntimeException(th, ExceptionCode.E_UNEXPECTED_EXCEPTION, (Object[]) null);
        }
        throw ((EngineRuntimeException) cause.getCause());
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    public Object doAs(Subject subject, PrivilegedExceptionAction privilegedExceptionAction) {
        try {
            return doAsMethod.invoke(null, subject, privilegedExceptionAction);
        } catch (Exception e) {
            handleException(e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.filenet.apiimpl.util.J2EEUtil
    public Subject getCurrentAmbientSubject() {
        Subject currentAmbientSubject = super.getCurrentAmbientSubject();
        if (currentAmbientSubject == null) {
            try {
                currentAmbientSubject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
                if (currentAmbientSubject == null || !logger.isDetailTraceEnabled()) {
                    if (currentAmbientSubject == null) {
                        currentAmbientSubject = (Subject) getSubjectMethod.invoke(null, (Object[]) null);
                        if (currentAmbientSubject != null && logger.isDetailTraceEnabled()) {
                            if (currentAmbientSubject.getPrincipals() == null || currentAmbientSubject.getPrincipals().isEmpty()) {
                                trace("getCurrentAmbientSubject", "got subject from caller subject: {0}", currentAmbientSubject);
                            } else {
                                trace("getCurrentAmbientSubject", "got subject from caller subject: {0}", (Principal) currentAmbientSubject.getPrincipals().toArray()[0]);
                            }
                        }
                    }
                } else if (currentAmbientSubject.getPrincipals() == null || currentAmbientSubject.getPrincipals().isEmpty()) {
                    trace("getCurrentAmbientSubject", "got subject from runAs subject: {0}", currentAmbientSubject);
                } else {
                    trace("getCurrentAmbientSubject", "got subject from runAs subject: {0}", (Principal) currentAmbientSubject.getPrincipals().toArray()[0]);
                }
                if (currentAmbientSubject == null) {
                    trace("getCurrentAmbientSubject", "Unable to get subject", new Object[0]);
                }
            } catch (Exception e) {
                handleException(e);
            }
        }
        return currentAmbientSubject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.filenet.apiimpl.util.J2EEUtil
    public Subject getLegacyAmbientSubject() {
        Subject legacyAmbientSubject = super.getLegacyAmbientSubject();
        if (legacyAmbientSubject == null) {
            try {
                legacyAmbientSubject = (Subject) getSubjectMethod.invoke(null, (Object[]) null);
                if (legacyAmbientSubject != null && logger.isDetailTraceEnabled()) {
                    trace("getLegacyAmbientSubject", "got subject from caller subject: {0}", legacyAmbientSubject);
                } else if (legacyAmbientSubject == null) {
                    legacyAmbientSubject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
                    if (legacyAmbientSubject != null && logger.isDetailTraceEnabled()) {
                        trace("getLegacyAmbientSubject", "got subject from runAs subject: {0}", legacyAmbientSubject);
                    }
                }
                if (legacyAmbientSubject == null && logger.isDetailTraceEnabled()) {
                    trace("getLegacyAmbientSubject", "Unable to get subject", new Object[0]);
                }
            } catch (Exception e) {
                handleException(e);
            }
        }
        return legacyAmbientSubject;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getCurrentLTPATokenFromSubject(Subject subject) {
        String str;
        try {
            str = (String) doAs(subject, new PrivilegedExceptionAction<String>() { // from class: com.filenet.apiimpl.util.J2EEUtilWSBase.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public String run() throws Exception {
                    return J2EEUtilWSBase.this.getSecurityTokenFromCookie();
                }
            });
        } catch (Exception e) {
            trace("getCurrentLTPATokenFromSubject", "Got exception trying to get LTPA token from Cookie using passed-in Subject.  {0}", e);
            str = null;
        }
        if (str != null) {
            trace("getCurrentLTPATokenFromSubject", "Got LTPA token from Cookie using passed-in Subject.", new Object[0]);
            if (logger.isDetailTraceEnabled()) {
                String securityTokenFromCookie = getSecurityTokenFromCookie();
                if (str.contentEquals(securityTokenFromCookie)) {
                    trace("getCurrentLTPATokenFromSubject", "LTPA from passed-in Subject cookie same as from ambient subject", new Object[0]);
                } else {
                    trace("getCurrentLTPATokenFromSubject", "LTPA from passed-in Subject cookie is different than from ambient subject: {0}", securityTokenFromCookie);
                }
            }
        } else {
            String securityTokenFromSubject = getSecurityTokenFromSubject(subject);
            str = securityTokenFromSubject;
            if (securityTokenFromSubject != null) {
                trace("getCurrentLTPATokenFromSubject", "Got LTPA token from passed-in Subject.", new Object[0]);
            } else {
                if (allowAuthTokenFromAmbientSubject) {
                    String securityTokenFromCookie2 = getSecurityTokenFromCookie();
                    str = securityTokenFromCookie2;
                    if (securityTokenFromCookie2 != null) {
                        trace("getCurrentLTPATokenFromSubject", "Got LTPA token from Cookie using Subject on current thread.", new Object[0]);
                    }
                }
                String sSOLTPATokenFromSubject = getSSOLTPATokenFromSubject(subject);
                str = sSOLTPATokenFromSubject;
                if (sSOLTPATokenFromSubject != null) {
                    trace("getCurrentLTPATokenFromSubject", "Got LTPA token w/in doAs using the passed in subject.", new Object[0]);
                } else {
                    if (allowAuthTokenFromAmbientSubject) {
                        String sSOLTPAToken = getSSOLTPAToken();
                        str = sSOLTPAToken;
                        if (sSOLTPAToken != null) {
                            trace("getCurrentLTPATokenFromSubject", "Got LTPA token w/in doAs using the current runAs subject.", new Object[0]);
                        }
                    }
                    trace("getCurrentLTPATokenFromSubject", "Unable to get LTPA token from subject", new Object[0]);
                }
            }
        }
        return str;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getLegacyLTPATokenFromSubject() {
        String securityToken = getSecurityToken();
        trace("getLegacyLTPATokenFromSubject", "From getSecurityToken, got ltpaToken={0}", securityToken);
        if (securityToken == null) {
            securityToken = getSSOLTPAToken();
            trace("getLegacyLTPATokenFromSubject", "From getSSOLTPAToken, got ltpaToken={0}", securityToken);
        }
        return securityToken;
    }

    private String getSSOLTPATokenFromSubject(Subject subject) {
        String str = null;
        SingleSignonToken sSOTokenFromSubject = getSSOTokenFromSubject(subject);
        trace("getSSOLTPATokenFromSubject", "Got ssoToken: {0}", sSOTokenFromSubject);
        if (sSOTokenFromSubject != null) {
            str = B64.encodeToString(sSOTokenFromSubject.getBytes());
        }
        return str;
    }

    private SingleSignonToken getSSOTokenFromSubject(final Subject subject) {
        if (subject != null) {
            return (SingleSignonToken) AccessController.doPrivileged(new PrivilegedAction<SingleSignonToken>() { // from class: com.filenet.apiimpl.util.J2EEUtilWSBase.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public SingleSignonToken run() {
                    for (SingleSignonToken singleSignonToken : subject.getPrivateCredentials(SingleSignonToken.class)) {
                        J2EEUtilWSBase.this.trace("getSSOTokenFromSubject", "sso Token Name is={0}", singleSignonToken.getName());
                        if (singleSignonToken.getName().equals("LtpaToken")) {
                            J2EEUtilWSBase.this.trace("getSSOTokenFromSubject", "sso Token is={0}", singleSignonToken);
                            return singleSignonToken;
                        }
                    }
                    return null;
                }
            });
        }
        trace("getSSOTokenFromSubject", "No subject provided.", new Object[0]);
        return null;
    }

    private String getSecurityToken() {
        if (getSSOCookieMethod != null && !enableLegacyLTPA) {
            try {
                Cookie cookie = (Cookie) getSSOCookieMethod.invoke(null, (Object[]) null);
                if (cookie != null) {
                    String value = cookie.getValue();
                    trace("getSecurityToken", "Got LTPA token from SSOCookie: {0}", value);
                    return value;
                }
            } catch (Exception e) {
                trace("getSecurityToken", "Unable to get LTPA token from SSOCookie: {0}", e);
            }
        }
        trace("getSecurityToken", "Using legacy method of obtaining LTPA token.", new Object[0]);
        Subject subject = null;
        try {
            try {
                subject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
            } catch (Exception e2) {
                handleException(e2);
            }
            if (subject == null) {
                return null;
            }
            WSCredential wSCredential = (WSCredential) subject.getPublicCredentials(WSCredential.class).iterator().next();
            String securityName = wSCredential.getSecurityName();
            if (securityName.equalsIgnoreCase("UNAUTHENTICATED")) {
                trace("getSecurityToken", "Unable to get LTPA token from unauthenticated user {0}", securityName);
                return null;
            }
            byte[] credentialToken = wSCredential.getCredentialToken();
            trace("getSecurityToken", "Credential Token is={0}", credentialToken);
            if (credentialToken == null) {
                return null;
            }
            String encodeToString = B64.encodeToString(credentialToken);
            trace("getSecurityToken", "Got LTPA token using legacy method: {0}", encodeToString);
            return encodeToString;
        } catch (Exception e3) {
            handleException(e3);
            return null;
        }
    }

    private String getSecurityTokenFromSubject(Subject subject) {
        if (subject == null) {
            trace("getSecurityTokenFromSubject", "No subject provided.", new Object[0]);
            return null;
        }
        byte[] bArr = null;
        try {
            Iterator it = subject.getPublicCredentials(WSCredential.class).iterator();
            if (it.hasNext()) {
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    WSCredential wSCredential = (WSCredential) it.next();
                    String securityName = wSCredential.getSecurityName();
                    if (!securityName.equalsIgnoreCase("UNAUTHENTICATED")) {
                        bArr = wSCredential.getCredentialToken();
                        if (bArr != null) {
                            trace("getSecurityTokenFromSubject", "Got credential token for {0}", securityName);
                            break;
                        }
                        trace("getSecurityTokenFromSubject", "null credential token for {0}", securityName);
                    } else {
                        trace("getSecurityTokenFromSubject", "unauthenticated user is {0}", securityName);
                    }
                }
            } else {
                trace("getSecurityTokenFromSubject", "No WSCredentails in subject.", new Object[0]);
            }
            if (bArr == null) {
                trace("getSecurityTokenFromSubject", "No credential token found.", new Object[0]);
                return null;
            }
            String encodeToString = B64.encodeToString(bArr);
            trace("getSecurityTokenFromSubject", "Got LTPAToken: {0}", encodeToString);
            return encodeToString;
        } catch (Exception e) {
            logger.warn("getSecurityTokenFromSubject: Unable to get security token from subject: " + e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getSecurityTokenFromCookie() {
        try {
            Cookie cookie = (Cookie) getSSOCookieMethod.invoke(null, (Object[]) null);
            if (cookie == null) {
                return null;
            }
            String value = cookie.getValue();
            trace("getSecurityTokenFromCookie", "Got LTPAToken: {0}", value);
            return value;
        } catch (Exception e) {
            trace("getSecurityTokenFromCookie", "Unable to get SSO cookie from WebSecurityHelper: {0}", e);
            return null;
        }
    }

    private String getSSOLTPAToken() {
        Subject subject = null;
        try {
            subject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
        } catch (Exception e) {
            handleException(e);
        }
        SingleSignonToken sSOTokenFromSubject = getSSOTokenFromSubject(subject);
        trace("getSSOLTPAToken", "Got SingleSignonToken.", new Object[0]);
        String str = null;
        if (sSOTokenFromSubject != null) {
            str = B64.encodeToString(sSOTokenFromSubject.getBytes());
        }
        trace("getSSOLTPAToken", "Got LTPAToken: {0}", str);
        return str;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    public String getSSOCookieName() {
        String str = "ltpaToken2";
        boolean z = false;
        if (getSSOCookieMethod != null) {
            try {
                Cookie cookie = (Cookie) getSSOCookieMethod.invoke(null, (Object[]) null);
                if (cookie != null) {
                    str = cookie.getName();
                    z = true;
                }
            } catch (Exception e) {
                trace("getSSOCookieName", "Unable to get SSO cookie name from WebSecurityHelper: {0}", e);
            }
        }
        if (logger.isDetailTraceEnabled()) {
            if (z) {
                trace("getSSOCookieName", "Using cookie name from WebSecurityHelper: {0}", str);
            } else {
                trace("getSSOCookieName", "Using default cookie name: {0}", str);
            }
        }
        return str;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getCurrentOIDCTokenFromSubject(Subject subject) {
        String str = null;
        if (getIdTokenMethod != null) {
            try {
                str = (String) doAs(subject, new PrivilegedExceptionAction<String>() { // from class: com.filenet.apiimpl.util.J2EEUtilWSBase.3
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public String run() throws Exception {
                        return J2EEUtilWSBase.this.getOIDCTokenFromWebSphereHelper();
                    }
                });
            } catch (Exception e) {
                trace("getCurrentOIDCTokenFromSubject", "Got exception trying to get OIDC token from WebSphereHelper using passed-in Subject.  {0}", e);
                str = null;
            }
        }
        if (str != null) {
            trace("getCurrentOIDCTokenFromSubject", "Got OIDC token from WebSphereHelper using passed-in Subject.", new Object[0]);
        } else {
            String jWTTokenFromSubject = getJWTTokenFromSubject(subject, "id_token");
            str = jWTTokenFromSubject;
            if (jWTTokenFromSubject != null) {
                trace("getCurrentOIDCTokenFromSubject", "Got OIDC token from passed-in Subject.", new Object[0]);
            } else {
                if (allowAuthTokenFromAmbientSubject) {
                    String jWTTokenFromSubject2 = getJWTTokenFromSubject("id_token");
                    str = jWTTokenFromSubject2;
                    if (jWTTokenFromSubject2 != null) {
                        trace("getCurrentOIDCTokenFromSubject", "Got OIDC token from ambient Subject.", new Object[0]);
                    }
                }
                trace("getCurrentOIDCTokenFromSubject", "No OIDC token found", new Object[0]);
            }
        }
        return str;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getLegacyOIDCTokenFromSubject() {
        String oIDCTokenFromWebSphereHelper = getOIDCTokenFromWebSphereHelper();
        if (oIDCTokenFromWebSphereHelper == null) {
            try {
                Subject subject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
                if (subject == null) {
                    subject = getLegacyAmbientSubject();
                }
                if (subject == null) {
                    trace("getLegacyOIDCTokenFromSubject", "Unable to get subject", new Object[0]);
                    return null;
                }
                oIDCTokenFromWebSphereHelper = getJWTTokenFromSubject(subject, "id_token");
                trace("getLegacyOIDCTokenFromSubject", "Got ssoToken: {0}", oIDCTokenFromWebSphereHelper);
            } catch (Exception e) {
                trace("getLegacyOIDCTokenFromSubject", "Unable to get subject: {0}", e);
                return null;
            }
        }
        return oIDCTokenFromWebSphereHelper;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getOIDCTokenFromWebSphereHelper() {
        if (getIdTokenMethod == null) {
            return null;
        }
        try {
            String str = (String) getIdTokenMethod.invoke(null, (Object[]) null);
            if (str == null) {
                return null;
            }
            trace("getOIDCTokenFromWebSphereHelper", "got OIDC token using {0}.", getIdTokenMethod.getDeclaringClass().getSimpleName());
            return str;
        } catch (Exception e) {
            trace("getOIDCTokenFromWebSphereHelper", "Unable to use {0} to get OIDC token: {1}", getAccessTokenMethod.getDeclaringClass().getSimpleName(), e);
            return null;
        }
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getCurrentOAuthTokenFromSubject(Subject subject) {
        String str;
        try {
            str = (String) doAs(subject, new PrivilegedExceptionAction<String>() { // from class: com.filenet.apiimpl.util.J2EEUtilWSBase.4
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public String run() throws Exception {
                    return J2EEUtilWSBase.this.getOAuthTokenFromWebSphereHelper();
                }
            });
        } catch (Exception e) {
            trace("getCurrentOAuthTokenFromSubject", "Got exception trying to get OAuth token from WebSphereHelper using passed-in Subject.  {0}", e);
            str = null;
        }
        if (str != null) {
            trace("getCurrentOAuthTokenFromSubject", "Got OAuth token from WebSphereHelper using passed-in Subject.", new Object[0]);
        } else {
            String jWTTokenFromSubject = getJWTTokenFromSubject(subject, "access_token");
            str = jWTTokenFromSubject;
            if (jWTTokenFromSubject != null) {
                trace("getCurrentOAuthTokenFromSubject", "Got OAuth token from passed-in Subject.", new Object[0]);
            } else {
                if (allowAuthTokenFromAmbientSubject) {
                    String jWTTokenFromSubject2 = getJWTTokenFromSubject("access_token");
                    str = jWTTokenFromSubject2;
                    if (jWTTokenFromSubject2 != null) {
                        trace("getCurrentOAuthTokenFromSubject", "Got OAuth token from ambient subject.", new Object[0]);
                    }
                }
                trace("getCurrentOAuthTokenFromSubject", "No OAuth token found", new Object[0]);
            }
        }
        return str;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getLegacyOAuthTokenFromSubject() {
        String oAuthTokenFromWebSphereHelper = getOAuthTokenFromWebSphereHelper();
        if (oAuthTokenFromWebSphereHelper == null) {
            try {
                Subject subject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
                if (subject == null) {
                    subject = getLegacyAmbientSubject();
                }
                if (subject == null) {
                    trace("getLegacyOAuthTokenFromSubject", "Unable to get subject", new Object[0]);
                    return null;
                }
                oAuthTokenFromWebSphereHelper = getJWTTokenFromSubject(subject, "access_token");
            } catch (Exception e) {
                trace("getLegacyOAuthTokenFromSubject", "Unable to get subject: {0}", e);
                return null;
            }
        }
        trace("getLegacyOAuthTokenFromSubject", "Got ssoToken: {0}", oAuthTokenFromWebSphereHelper);
        return oAuthTokenFromWebSphereHelper;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getOAuthTokenFromWebSphereHelper() {
        if (getAccessTokenMethod == null) {
            return null;
        }
        try {
            String str = (String) getAccessTokenMethod.invoke(null, (Object[]) null);
            if (str == null) {
                return null;
            }
            trace("getOAuthTokenFromWebSphereHelper", "got OAuth token using {0}. ssoToken={1}", getAccessTokenMethod.getDeclaringClass().getSimpleName(), str);
            return str;
        } catch (Exception e) {
            trace("getOAuthTokenFromWebSphereHelper", "Unable to use {0} to get accessToken: {1}", getAccessTokenMethod.getDeclaringClass().getSimpleName(), e);
            return null;
        }
    }

    private String getJWTTokenFromSubject(String str) {
        try {
            Subject subject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
            if (subject == null) {
                subject = getCurrentAmbientSubject();
            }
            if (subject == null) {
                trace("getJWTTokenFromSubject", "Unable to get subject", new Object[0]);
                return null;
            }
            String jWTTokenFromSubject = getJWTTokenFromSubject(subject, str);
            trace("getJWTTokenFromSubject", "Got ssoToken: {0}", jWTTokenFromSubject);
            return jWTTokenFromSubject;
        } catch (Exception e) {
            trace("getJWTTokenFromSubject", "Unable to get subject: {0}", e);
            return null;
        }
    }

    private String getJWTTokenFromSubject(final Subject subject, final String str) {
        if (subject != null) {
            return (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.filenet.apiimpl.util.J2EEUtilWSBase.5
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public String run() {
                    String str2 = null;
                    Set privateCredentials = subject.getPrivateCredentials(Hashtable.class);
                    if (privateCredentials != null && privateCredentials.size() > 0) {
                        J2EEUtilWSBase.this.trace("getJWTTokenFromSubject", "Looking for jwt token: {0} in {1} private hashtable credential(s).", str, Integer.valueOf(privateCredentials.size()));
                        Iterator it = privateCredentials.iterator();
                        while (it.hasNext()) {
                            str2 = (String) ((Hashtable) it.next()).get(str);
                            if (str2 != null) {
                                break;
                            }
                        }
                    }
                    return str2;
                }
            });
        }
        trace("getJWTTokenFromSubject", "No subject provided.", new Object[0]);
        return null;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getCurrentRealmFromSubject(Subject subject) {
        String securityRealmFromSubject = getSecurityRealmFromSubject(subject);
        String str = securityRealmFromSubject;
        if (securityRealmFromSubject != null) {
            trace("getCurrentRealmFromSubject", "Got realm [{0}] from passed-in subject.", str);
        } else {
            String legacyRealmFromSubject = getLegacyRealmFromSubject();
            str = legacyRealmFromSubject;
            if (legacyRealmFromSubject != null) {
                trace("getCurrentRealmFromSubject", "Got realm [{0}] from legacy subject.", str);
            } else {
                trace("getCurrentRealmFromSubject", "No realm found in subject", new Object[0]);
            }
        }
        return str;
    }

    @Override // com.filenet.apiimpl.util.J2EEUtil
    protected String getLegacyRealmFromSubject() {
        Subject subject = null;
        try {
            try {
                subject = (Subject) getRunAsSubjectMethod.invoke(null, (Object[]) null);
            } catch (Exception e) {
                handleException(e);
            }
            if (subject == null) {
                subject = getLegacyAmbientSubject();
            }
            return getSecurityRealmFromSubject(subject);
        } catch (Exception e2) {
            logger.warn("J2EEUtilWSL.getLegacyRealmFromSubject: Unable to get Realm from subject: " + e2);
            return null;
        }
    }

    private String getSecurityRealmFromSubject(Subject subject) {
        if (subject == null) {
            trace("getSecurityRealmFromSubject", "No subject provided.", new Object[0]);
            return null;
        }
        String str = null;
        try {
            Iterator it = subject.getPublicCredentials(WSCredential.class).iterator();
            if (it.hasNext()) {
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    WSCredential wSCredential = (WSCredential) it.next();
                    String securityName = wSCredential.getSecurityName();
                    if (!securityName.equalsIgnoreCase("UNAUTHENTICATED")) {
                        str = wSCredential.getRealmName();
                        trace("getSecurityRealmFromSubject", "Got realm [{0}] for authenticated user [{1}]", str, securityName);
                        break;
                    }
                    str = wSCredential.getRealmName();
                    trace("getSecurityRealmFromSubject", "Got realm [{0}] for unauthenticated user [{1}]", str, securityName);
                }
            }
            if (str != null) {
                return str;
            }
            trace("getSecurityRealmFromSubject", "No realm found in subject.", new Object[0]);
            return null;
        } catch (Exception e) {
            logger.warn("getSecurityRealmFromSubject: Unable to get realm from subject: " + e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void trace(String str, String str2, Object... objArr) {
        trace(J2EEUtilWSBase.class, str, str2, objArr);
    }
}
