package weblogic.protocol;

import java.net.MalformedURLException;
import java.security.AccessController;
import java.util.ArrayList;
import javax.security.auth.login.LoginException;
import weblogic.jndi.internal.ThreadEnvironment;
import weblogic.management.configuration.ClusterMBean;
import weblogic.management.configuration.DomainMBean;
import weblogic.management.configuration.MachineMBean;
import weblogic.management.configuration.NodeManagerMBean;
import weblogic.management.configuration.ServerMBean;
import weblogic.management.provider.ManagementService;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.SubjectUtils;
import weblogic.security.acl.DefaultUserInfoImpl;
import weblogic.security.acl.UserInfo;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrincipalAuthenticator;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityService;
import weblogic.security.service.SecurityServiceManager;
import weblogic.utils.StringUtils;
import weblogic.xml.crypto.utils.DOMUtils;

/* loaded from: input_file:weblogic/protocol/ClusterURLImpl.class */
public class ClusterURLImpl implements ClusterURL {
    private static final String CLUSTER_URL_PREFIX = "cluster:";
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());

    @Override // weblogic.protocol.ClusterURL
    public String parseClusterURL(String str) throws MalformedURLException {
        if (!str.startsWith(CLUSTER_URL_PREFIX)) {
            return str;
        }
        String extractProtocol = extractProtocol(str);
        String extractClusterName = extractClusterName(str);
        ClusterMBean clusterMBean = getClusterMBean(extractClusterName);
        if (clusterMBean == null) {
            throw new MalformedURLException("No cluster named '" + extractClusterName + "' found.");
        }
        ServerMBean[] servers = clusterMBean.getServers();
        if (servers == null || servers.length == 0) {
            throw new MalformedURLException("No servers configured in cluster: " + extractClusterName);
        }
        String clusterAddress = clusterMBean.getClusterAddress();
        return (clusterAddress == null || clusterAddress.length() == 0) ? buildClusterAddressURL(extractProtocol, extractClusterName, buildListOfAddresses(extractClusterName, servers, extractProtocol.endsWith("s"))) : constructClusterAddress(extractProtocol, servers, clusterAddress);
    }

    protected String constructClusterAddress(String str, ServerMBean[] serverMBeanArr, String str2) {
        boolean endsWith = str.endsWith("s");
        String[] splitCompletely = StringUtils.splitCompletely(str2, ",", false);
        String str3 = (str != null ? str : "t3") + "://" + str2;
        if (splitCompletely.length == 1) {
            if (str2.contains(DOMUtils.QNAME_SEPARATOR)) {
                return str3;
            }
            int listenPort = serverMBeanArr[0].getListenPort();
            if (endsWith) {
                if (ManagementService.getRuntimeAccess(kernelId).getDomain().isAdministrationPortEnabled() && isUserAdministrator()) {
                    listenPort = serverMBeanArr[0].getAdministrationPort();
                } else if (serverMBeanArr[0].getSSL() != null && serverMBeanArr[0].getSSL().isListenPortEnabled()) {
                    listenPort = serverMBeanArr[0].getSSL().getListenPort();
                }
            }
            str3 = str3 + DOMUtils.QNAME_SEPARATOR + listenPort;
        }
        return str3;
    }

    protected ArrayList<String> buildListOfAddresses(String str, ServerMBean[] serverMBeanArr, boolean z) throws MalformedURLException {
        MachineMBean machine;
        NodeManagerMBean nodeManager;
        if (serverMBeanArr == null || serverMBeanArr.length == 0) {
            throw new MalformedURLException("No servers configured in cluster: " + str);
        }
        DomainMBean domain = ManagementService.getRuntimeAccess(kernelId).getDomain();
        ArrayList<String> arrayList = new ArrayList<>();
        for (ServerMBean serverMBean : serverMBeanArr) {
            String listenAddress = serverMBean.getListenAddress();
            if ((listenAddress == null || listenAddress.length() == 0) && (machine = serverMBean.getMachine()) != null && (nodeManager = machine.getNodeManager()) != null) {
                listenAddress = nodeManager.getListenAddress();
            }
            if (listenAddress != null) {
                int listenPort = serverMBean.getListenPort();
                if (z) {
                    if (domain.isAdministrationPortEnabled() && isUserAdministrator()) {
                        listenPort = serverMBean.getAdministrationPort();
                    } else if (serverMBean.getSSL() != null && serverMBean.getSSL().isListenPortEnabled()) {
                        listenPort = serverMBean.getSSL().getListenPort();
                    }
                }
                arrayList.add(listenAddress + DOMUtils.QNAME_SEPARATOR + listenPort);
            }
        }
        return arrayList;
    }

    protected String buildClusterAddressURL(String str, String str2, ArrayList<String> arrayList) throws MalformedURLException {
        if (arrayList == null || arrayList.isEmpty()) {
            throw new MalformedURLException("Unable to construct proper cluster address URL since no listening addresses found for any configured server(s) in cluster: " + str2);
        }
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        sb.append("://");
        for (int i = 0; i < arrayList.size(); i++) {
            if (i > 0) {
                sb.append(',');
            }
            sb.append(arrayList.get(i));
        }
        return sb.toString();
    }

    protected String extractClusterName(String str) {
        return str.substring(str.lastIndexOf("://") + 3, str.length());
    }

    protected String extractProtocol(String str) {
        return str.substring(str.indexOf(58) + 1, str.indexOf("://"));
    }

    protected ClusterMBean getClusterMBean(String str) {
        return ManagementService.getRuntimeAccess(kernelId).getDomain().lookupCluster(str);
    }

    protected boolean isUserAdministrator() {
        UserInfo securityUser = ThreadEnvironment.get().getSecurityUser();
        if (securityUser == null) {
            return false;
        }
        try {
            AuthenticatedSubject authenticateLocally = authenticateLocally(securityUser);
            if (authenticateLocally != null) {
                return SubjectUtils.isUserAnAdministrator(authenticateLocally);
            }
            return false;
        } catch (LoginException e) {
            return false;
        }
    }

    private static AuthenticatedSubject authenticateLocally(UserInfo userInfo) throws LoginException {
        PrincipalAuthenticator principalAuthenticator = (PrincipalAuthenticator) SecurityServiceManager.getSecurityService(kernelId, SecurityServiceManager.defaultRealmName, SecurityService.ServiceType.AUTHENTICATION);
        AuthenticatedSubject authenticatedSubject = null;
        if (userInfo instanceof DefaultUserInfoImpl) {
            DefaultUserInfoImpl defaultUserInfoImpl = (DefaultUserInfoImpl) userInfo;
            authenticatedSubject = principalAuthenticator.authenticate(new SimpleCallbackHandler(defaultUserInfoImpl.getName(), defaultUserInfoImpl.getPassword()));
        }
        return authenticatedSubject;
    }
}
