package com.sun.identity.liberty.ws.security;

import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.liberty.ws.common.wsse.BinarySecurityToken;
import com.sun.identity.liberty.ws.disco.EncryptedResourceID;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.shared.configuration.SystemPropertiesManager;
import com.sun.identity.shared.encode.Base64;
import com.sun.identity.shared.jaxrpc.SOAPClient;
import com.sun.identity.shared.locale.Locale;
import com.sun.identity.shared.xml.XMLUtils;
import java.net.URL;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.ResourceBundle;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.1.jar:com/sun/identity/liberty/ws/security/SecurityTokenManagerClient.class */
public final class SecurityTokenManagerClient {
    private static boolean checkedForLocal;
    private static boolean isLocal;
    private boolean useLocal;
    private static SOAPClient remoteStub;
    private SecurityTokenManager securityTokenManager;
    private String ssoToken;
    private SOAPClient stub;
    private static String SERVICE_NAME = "securitytokenmanager";
    static ResourceBundle bundle = Locale.getInstallResourceBundle("libLibertySecurity");

    public SecurityTokenManagerClient(Object obj) throws SecurityTokenException {
        this.ssoToken = null;
        if (!checkedForLocal) {
            try {
                remoteStub = getServiceEndPoint(SystemPropertiesManager.get("com.iplanet.am.server.protocol"), SystemPropertiesManager.get("com.iplanet.am.server.host"), SystemPropertiesManager.get("com.iplanet.am.server.port"), SystemPropertiesManager.get("com.iplanet.am.services.deploymentDescriptor"));
                remoteStub.send("checkForLocal", (Object[]) null, (String) null, (String) null);
                if (SecurityTokenManagerImpl.isLocal) {
                    isLocal = true;
                    SecurityTokenManager.debug.warning("STMC(): Using local service");
                    this.securityTokenManager = new SecurityTokenManager(obj);
                }
                checkedForLocal = true;
            } catch (Exception e) {
                checkedForLocal = true;
                if (SecurityTokenManager.debug.warningEnabled()) {
                    SecurityTokenManager.debug.warning("SecurityTokenManagerClient()Exception", e);
                }
                throw new SecurityTokenException(e.getMessage());
            }
        }
        if (isLocal) {
            this.useLocal = true;
            return;
        }
        this.stub = remoteStub;
        try {
            this.ssoToken = SessionManager.getProvider().getSessionID(obj);
            this.stub.send("initialization", this.ssoToken, (String) null, this.ssoToken);
        } catch (Exception e2) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("SecurityTokenManagerClient()Exception", e2);
            }
            throw new SecurityTokenException(e2.getMessage());
        }
    }

    public SecurityTokenManagerClient(String str, Object obj) throws SecurityTokenException {
        this.ssoToken = null;
        try {
            this.ssoToken = SessionManager.getProvider().getSessionID(obj);
            this.stub = new SOAPClient(new String[]{str});
            this.stub.send("initialization", this.ssoToken, (String) null, this.ssoToken);
            this.useLocal = false;
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC() Exception", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    private static SOAPClient getServiceEndPoint(String str, String str2, String str3, String str4) throws Exception {
        String url = SystemConfigurationUtil.getServiceURL(SERVICE_NAME, str, str2, Integer.parseInt(str3), str4).toString();
        if (SecurityTokenManager.debug.messageEnabled()) {
            SecurityTokenManager.debug.message("SecurityTokenManagerClient with URL: " + url);
        }
        return new SOAPClient(new String[]{url});
    }

    private static SOAPClient getRemoteStub() throws SecurityTokenException {
        boolean z = false;
        Exception exc = null;
        SOAPClient sOAPClient = null;
        try {
            Iterator it = SystemConfigurationUtil.getServerList().iterator();
            while (it.hasNext() && !z) {
                URL url = new URL((String) it.next());
                sOAPClient = getServiceEndPoint(url.getProtocol(), url.getHost(), Integer.toString(url.getPort()), url.getPath());
                try {
                    sOAPClient.send("checkForLocal", (Object[]) null, (String) null, (String) null);
                    if (SecurityTokenManager.debug.messageEnabled()) {
                        SecurityTokenManager.debug.message("STMC(): Using the remote URL: " + url.toString());
                    }
                    z = true;
                    if (SecurityTokenManager.debug.warningEnabled()) {
                        SecurityTokenManager.debug.warning("STMC:getRemoteStub: remote server being used: " + url.toString());
                    }
                } catch (Exception e) {
                    exc = e;
                    if (SecurityTokenManager.debug.warningEnabled()) {
                        SecurityTokenManager.debug.warning("STMC:getRemoteStub: server (" + url.toString() + ") error: ", e);
                    }
                }
            }
        } catch (Exception e2) {
            exc = e2;
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getRemoteStub: generic error: ", e2);
            }
        }
        if (z) {
            return sOAPClient;
        }
        if (exc != null) {
            throw new SecurityTokenException(exc.getMessage());
        }
        throw new SecurityTokenException(bundle.getString("serverNotFound"));
    }

    public void setCertAlias(String str) throws SecurityTokenException {
        if (this.useLocal) {
            this.securityTokenManager.setCertAlias(str);
            return;
        }
        try {
            this.stub.send("setCertificate", new Object[]{str, Boolean.TRUE}, (String) null, this.ssoToken);
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:setCertAlias()", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    public void setCertificate(X509Certificate x509Certificate) throws SecurityTokenException {
        if (this.useLocal) {
            this.securityTokenManager.setCertificate(x509Certificate);
            return;
        }
        try {
            this.stub.send("setCertificate", new Object[]{Base64.encode(x509Certificate.getEncoded()), Boolean.FALSE}, (String) null, this.ssoToken);
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:setCertificate()", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    public BinarySecurityToken getX509CertificateToken() throws SecurityTokenException {
        if (this.useLocal) {
            return this.securityTokenManager.getX509CertificateToken();
        }
        try {
            return new BinarySecurityToken(XMLUtils.toDOMDocument((String) this.stub.send("getX509CertificateToken", (Object[]) null, (String) null, this.ssoToken), SecurityTokenManager.debug).getDocumentElement());
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getX509CertificateToken()", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    public SecurityAssertion getSAMLAuthenticationToken(NameIdentifier nameIdentifier) throws SecurityTokenException, SAMLException {
        if (this.useLocal) {
            return this.securityTokenManager.getSAMLAuthenticationToken(nameIdentifier);
        }
        try {
            return new SecurityAssertion(XMLUtils.toDOMDocument((String) this.stub.send("getSAMLAuthenticationToken", nameIdentifier.toString(true, true), (String) null, this.ssoToken), SecurityTokenManager.debug).getDocumentElement());
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getSAMLAuthenticationToken()", e);
            }
            throw new SAMLException(e.getMessage());
        }
    }

    public SecurityAssertion getSAMLAuthorizationToken(NameIdentifier nameIdentifier, SessionContext sessionContext, String str, boolean z, boolean z2, String str2) throws SecurityTokenException, SAMLException {
        if (this.useLocal) {
            return this.securityTokenManager.getSAMLAuthorizationToken(nameIdentifier, sessionContext, str, z, z2, str2);
        }
        try {
            return new SecurityAssertion(XMLUtils.toDOMDocument((String) this.stub.send("getSAMLAuthorizationToken", new Object[]{nameIdentifier.toString(true, true), sessionContext.toXMLString(true, true), str, Boolean.FALSE, Boolean.valueOf(z), Boolean.valueOf(z2), str2}, (String) null, this.ssoToken), SecurityTokenManager.debug).getDocumentElement());
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:createAssertionArtifact:", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    public SecurityAssertion getSAMLAuthorizationToken(NameIdentifier nameIdentifier, SessionContext sessionContext, EncryptedResourceID encryptedResourceID, boolean z, boolean z2, String str) throws SecurityTokenException, SAMLException {
        if (this.useLocal) {
            return this.securityTokenManager.getSAMLAuthorizationToken(nameIdentifier, sessionContext, encryptedResourceID, z, z2, str);
        }
        try {
            return new SecurityAssertion(XMLUtils.toDOMDocument((String) this.stub.send("getSAMLAuthorizationToken", new Object[]{nameIdentifier.toString(true, true), sessionContext.toXMLString(true, true), encryptedResourceID.toString(), Boolean.TRUE, Boolean.valueOf(z), Boolean.valueOf(z2), str}, (String) null, this.ssoToken), SecurityTokenManager.debug).getDocumentElement());
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getSAMLAuthorizationToken() ", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }
}
