package com.sun.identity.entitlement.xacml3;

import com.sun.identity.entitlement.Entitlement;
import com.sun.identity.entitlement.EntitlementCondition;
import com.sun.identity.entitlement.EntitlementException;
import com.sun.identity.entitlement.EntitlementSubject;
import com.sun.identity.entitlement.Privilege;
import com.sun.identity.entitlement.PrivilegeManager;
import com.sun.identity.entitlement.ReferralPrivilege;
import com.sun.identity.entitlement.ResourceAttribute;
import com.sun.identity.entitlement.UserSubject;
import com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege;
import com.sun.identity.entitlement.xacml3.core.AllOf;
import com.sun.identity.entitlement.xacml3.core.AnyOf;
import com.sun.identity.entitlement.xacml3.core.Apply;
import com.sun.identity.entitlement.xacml3.core.AttributeDesignator;
import com.sun.identity.entitlement.xacml3.core.AttributeValue;
import com.sun.identity.entitlement.xacml3.core.Condition;
import com.sun.identity.entitlement.xacml3.core.EffectType;
import com.sun.identity.entitlement.xacml3.core.Match;
import com.sun.identity.entitlement.xacml3.core.ObjectFactory;
import com.sun.identity.entitlement.xacml3.core.Policy;
import com.sun.identity.entitlement.xacml3.core.PolicySet;
import com.sun.identity.entitlement.xacml3.core.Rule;
import com.sun.identity.entitlement.xacml3.core.Target;
import com.sun.identity.entitlement.xacml3.core.VariableDefinition;
import com.sun.identity.entitlement.xacml3.core.Version;
import com.sun.identity.entitlement.xacml3.validation.PrivilegeValidator;
import com.sun.identity.shared.JSONUtils;
import com.sun.identity.shared.xml.XMLUtils;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.StringWriter;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.namespace.QName;
import org.apache.batik.util.SVGConstants;
import org.forgerock.openam.sdk.org.forgerock.util.annotations.VisibleForTesting;
import org.forgerock.openam.sdk.org.json.JSONException;
import org.forgerock.openam.sdk.org.json.JSONObject;
import org.forgerock.openam.utils.Time;
import org.xml.sax.InputSource;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.1.jar:com/sun/identity/entitlement/xacml3/XACMLPrivilegeUtils.class */
public class XACMLPrivilegeUtils {
    private static final ObjectFactory objectFactory = new ObjectFactory();
    private static final ResourceAttributeUtil resourceAttributeUtil = new ResourceAttributeUtil();
    private static final XACMLSchemaFactory schemaFactory = new XACMLSchemaFactory();

    private XACMLPrivilegeUtils() {
    }

    public static String toXACML(Privilege privilege) {
        return privilege == null ? "" : toXML(privilegeToPolicy(privilege));
    }

    public static String toXML(Policy policy) {
        if (policy == null) {
            return "";
        }
        StringWriter stringWriter = new StringWriter();
        try {
            JAXBContext newInstance = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
            JAXBElement<Policy> createPolicy = objectFactory.createPolicy(policy);
            Marshaller createMarshaller = newInstance.createMarshaller();
            createMarshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
            createMarshaller.marshal(createPolicy, stringWriter);
        } catch (JAXBException e) {
            PrivilegeManager.debug.error("JAXBException while mapping privilege to policy:", e);
        }
        return stringWriter.toString();
    }

    public static String toXML(PolicySet policySet) throws EntitlementException {
        if (policySet == null) {
            return "";
        }
        StringWriter stringWriter = new StringWriter();
        try {
            JAXBContext newInstance = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
            JAXBElement<PolicySet> createPolicySet = objectFactory.createPolicySet(policySet);
            Marshaller createMarshaller = newInstance.createMarshaller();
            createMarshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
            createMarshaller.marshal(createPolicySet, stringWriter);
            return stringWriter.toString();
        } catch (JAXBException e) {
            PrivilegeManager.debug.error("JAXBException while mapping privilege to policy:", e);
            throw new EntitlementException(200, e);
        }
    }

    public static void writeXMLToStream(PolicySet policySet, OutputStream outputStream) throws EntitlementException {
        try {
            JAXBContext newInstance = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
            JAXBElement<PolicySet> createPolicySet = objectFactory.createPolicySet(policySet);
            Marshaller createMarshaller = newInstance.createMarshaller();
            createMarshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
            createMarshaller.marshal(createPolicySet, outputStream);
        } catch (JAXBException e) {
            PrivilegeManager.debug.error("JAXBException while mapping privilege to policy:", e);
            throw new EntitlementException(200, e);
        }
    }

    public static Policy privilegeToPolicy(Privilege privilege) {
        Policy policy = null;
        try {
            policy = privilegeToPolicyInternal(privilege);
        } catch (EntitlementException e) {
            PrivilegeManager.debug.error("Caught EntitlementException while converting Privilege to Policy", e);
        } catch (JAXBException e2) {
            PrivilegeManager.debug.error("Caught JAXBException while converting Privilege to Policy", e2);
        }
        return policy;
    }

    private static Policy privilegeToPolicyInternal(Privilege privilege) throws JAXBException, EntitlementException {
        if (privilege == null) {
            return null;
        }
        Policy policy = new Policy();
        String name = privilege.getName();
        String str = null;
        String str2 = null;
        Entitlement entitlement = privilege.getEntitlement();
        if (entitlement != null) {
            str = entitlement.getApplicationName();
            str2 = entitlement.getName();
        }
        policy.setPolicyId(privilegeNameToPolicyId(name, str));
        policy.setDescription(privilege.getDescription());
        List<Object> combinerParametersOrRuleCombinerParametersOrVariableDefinition = policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition();
        JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
        if (str != null) {
            VariableDefinition variableDefinition = new VariableDefinition();
            combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition);
            variableDefinition.setVariableId(XACMLConstants.APPLICATION_NAME);
            AttributeValue attributeValue = new AttributeValue();
            attributeValue.setDataType(XACMLConstants.XS_STRING);
            attributeValue.getContent().add(str);
            variableDefinition.setExpression(objectFactory.createAttributeValue(attributeValue));
        }
        if (str2 != null) {
            VariableDefinition variableDefinition2 = new VariableDefinition();
            combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition2);
            variableDefinition2.setVariableId(XACMLConstants.ENTITLEMENT_NAME);
            AttributeValue attributeValue2 = new AttributeValue();
            attributeValue2.setDataType(XACMLConstants.XS_STRING);
            attributeValue2.getContent().add(str2);
            variableDefinition2.setExpression(objectFactory.createAttributeValue(attributeValue2));
        }
        VariableDefinition variableDefinition3 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition3);
        variableDefinition3.setVariableId(XACMLConstants.PRIVILEGE_CREATED_BY);
        AttributeValue attributeValue3 = new AttributeValue();
        attributeValue3.setDataType(XACMLConstants.XS_STRING);
        attributeValue3.getContent().add(privilege.getCreatedBy());
        variableDefinition3.setExpression(objectFactory.createAttributeValue(attributeValue3));
        VariableDefinition variableDefinition4 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition4);
        variableDefinition4.setVariableId(XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
        AttributeValue attributeValue4 = new AttributeValue();
        attributeValue4.setDataType(XACMLConstants.XS_STRING);
        attributeValue4.getContent().add(privilege.getLastModifiedBy());
        variableDefinition4.setExpression(objectFactory.createAttributeValue(attributeValue4));
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd");
        SimpleDateFormat simpleDateFormat2 = new SimpleDateFormat("HH:mm:ss.SSS");
        SimpleDateFormat simpleDateFormat3 = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        simpleDateFormat2.setTimeZone(TimeZone.getTimeZone("GMT"));
        simpleDateFormat3.setTimeZone(TimeZone.getTimeZone("GMT"));
        VariableDefinition variableDefinition5 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition5);
        variableDefinition5.setVariableId(XACMLConstants.PRIVILEGE_CREATION_DATE);
        AttributeValue attributeValue5 = new AttributeValue();
        attributeValue5.setDataType(XACMLConstants.XS_DATE_TIME);
        attributeValue5.getContent().add(simpleDateFormat.format(Long.valueOf(privilege.getCreationDate())) + SVGConstants.PATH_SMOOTH_QUAD_TO + simpleDateFormat2.format(Long.valueOf(privilege.getCreationDate())));
        variableDefinition5.setExpression(objectFactory.createAttributeValue(attributeValue5));
        VariableDefinition variableDefinition6 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition6);
        variableDefinition6.setVariableId(XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE);
        AttributeValue attributeValue6 = new AttributeValue();
        attributeValue6.setDataType(XACMLConstants.XS_DATE_TIME);
        attributeValue6.getContent().add(simpleDateFormat.format(Long.valueOf(privilege.getLastModifiedDate())) + SVGConstants.PATH_SMOOTH_QUAD_TO + simpleDateFormat2.format(Long.valueOf(privilege.getLastModifiedDate())));
        variableDefinition6.setExpression(objectFactory.createAttributeValue(attributeValue6));
        Version version = new Version();
        version.setValue(simpleDateFormat3.format(Long.valueOf(privilege.getLastModifiedDate())));
        policy.setVersion(version);
        policy.setRuleCombiningAlgId(getRuleCombiningAlgId(str));
        Target target = new Target();
        policy.setTarget(target);
        List<AnyOf> anyOf = target.getAnyOf();
        AnyOf entitlementSubjectToAnyOf = entitlementSubjectToAnyOf(privilege.getSubject());
        if (entitlementSubjectToAnyOf != null) {
            anyOf.add(entitlementSubjectToAnyOf);
        }
        List<AnyOf> resourceNamesToAnyOfList = resourceNamesToAnyOfList(entitlement.getResourceNames(), str);
        if (resourceNamesToAnyOfList != null) {
            anyOf.addAll(resourceNamesToAnyOfList);
        }
        AnyOf applicationNameToAnyOf = applicationNameToAnyOf(str);
        if (applicationNameToAnyOf != null) {
            anyOf.add(applicationNameToAnyOf);
        }
        Map<String, Boolean> actionValues = entitlement.getActionValues();
        List<AnyOf> actionNamesToAnyOfList = actionNamesToAnyOfList(actionValues.keySet(), str);
        if (actionNamesToAnyOfList != null) {
            anyOf.addAll(actionNamesToAnyOfList);
        }
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        if (actionValues != null) {
            for (String str3 : actionValues.keySet()) {
                if (Boolean.TRUE.equals(actionValues.get(str3))) {
                    hashSet.add(str3);
                } else {
                    hashSet2.add(str3);
                }
            }
        }
        Condition eSubjectConditionToXCondition = eSubjectConditionToXCondition(privilege.getSubject(), privilege.getCondition());
        Set<ResourceAttribute> resourceAttributes = privilege.getResourceAttributes();
        if (resourceAttributes != null && !resourceAttributes.isEmpty()) {
            policy.setAdviceExpressions(schemaFactory.resourceAttributesToAdviceExpressions(resourceAttributes));
        }
        if (!hashSet.isEmpty()) {
            Rule rule = new Rule();
            combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(rule);
            rule.setRuleId(entitlement.getName() + ":" + XACMLConstants.PREMIT_RULE_SUFFIX);
            rule.setDescription(XACMLConstants.PERMIT_RULE_DESCRIPTION);
            rule.setEffect(EffectType.PERMIT);
            Target target2 = new Target();
            rule.setTarget(target2);
            List<AnyOf> anyOf2 = target2.getAnyOf();
            List<AnyOf> actionNamesToAnyOfList2 = actionNamesToAnyOfList(hashSet, str);
            if (actionNamesToAnyOfList2 != null) {
                anyOf2.addAll(actionNamesToAnyOfList2);
            }
            if (eSubjectConditionToXCondition != null) {
                rule.setCondition(eSubjectConditionToXCondition);
            }
        }
        if (!hashSet2.isEmpty()) {
            Rule rule2 = new Rule();
            combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(rule2);
            rule2.setRuleId(entitlement.getName() + ":" + XACMLConstants.DENY_RULE_SUFFIX);
            rule2.setDescription(XACMLConstants.DENY_RULE_DESCRIPTION);
            rule2.setEffect(EffectType.DENY);
            Target target3 = new Target();
            rule2.setTarget(target3);
            List<AnyOf> anyOf3 = target3.getAnyOf();
            List<AnyOf> actionNamesToAnyOfList3 = actionNamesToAnyOfList(hashSet2, str);
            if (actionNamesToAnyOfList3 != null) {
                anyOf3.addAll(actionNamesToAnyOfList3);
            }
            if (eSubjectConditionToXCondition != null) {
                rule2.setCondition(eSubjectConditionToXCondition);
            }
        }
        return policy;
    }

    public static String privilegeNameToPolicyId(String str, String str2) {
        return str;
    }

    public static List<AnyOf> entitlementSubjectToAnyOfList(EntitlementSubject entitlementSubject) {
        if (entitlementSubject == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        AnyOf anyOf = new AnyOf();
        arrayList.add(anyOf);
        List<AllOf> allOf = anyOf.getAllOf();
        AllOf allOf2 = new AllOf();
        allOf.add(allOf2);
        List<Match> match = allOf2.getMatch();
        if (entitlementSubject instanceof UserSubject) {
            String id = ((UserSubject) entitlementSubject).getID();
            Match match2 = new Match();
            match.add(match2);
            match2.setMatchId("user-subject-match");
            AttributeValue attributeValue = new AttributeValue();
            attributeValue.setDataType("datatype");
            attributeValue.getContent().add(id);
            AttributeDesignator attributeDesignator = new AttributeDesignator();
            attributeDesignator.setCategory("subject-category");
            attributeDesignator.setAttributeId("user-subject:user-id");
            attributeDesignator.setDataType("xs;string");
            attributeDesignator.setMustBePresent(true);
            match2.setAttributeValue(attributeValue);
            match2.setAttributeDesignator(attributeDesignator);
        }
        return arrayList;
    }

    public static AnyOf entitlementSubjectToAnyOf(EntitlementSubject entitlementSubject) throws JAXBException {
        if (entitlementSubject == null) {
            return null;
        }
        AnyOf anyOf = new AnyOf();
        List<AllOf> allOf = anyOf.getAllOf();
        AllOf allOf2 = new AllOf();
        allOf.add(allOf2);
        List<Match> match = allOf2.getMatch();
        Match match2 = new Match();
        match.add(match2);
        match2.setMatchId(XACMLConstants.JSON_SUBJECT_MATCH);
        AttributeValue attributeValue = new AttributeValue();
        attributeValue.setDataType("urn:sun:opensso:entitlement:json-subject-type:" + entitlementSubject.getClass().getName());
        attributeValue.getContent().add(entitlementSubject.getState());
        AttributeDesignator attributeDesignator = new AttributeDesignator();
        attributeDesignator.setCategory(XACMLConstants.XACML_ACCESS_SUBJECT_CATEGORY);
        attributeDesignator.setAttributeId(XACMLConstants.JSON_SUBJECT_ID);
        attributeDesignator.setDataType("urn:sun:opensso:entitlement:json-subject-type:" + entitlementSubject.getClass().getName());
        attributeDesignator.setMustBePresent(true);
        match2.setAttributeValue(attributeValue);
        match2.setAttributeDesignator(attributeDesignator);
        return anyOf;
    }

    public static List<AnyOf> resourceNamesToAnyOfList(Set<String> set, String str) {
        if (set == null || set.isEmpty()) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        AnyOf anyOf = new AnyOf();
        arrayList.add(anyOf);
        List<AllOf> allOf = anyOf.getAllOf();
        for (String str2 : set) {
            AllOf allOf2 = new AllOf();
            allOf2.getMatch().add(resourceNameToMatch(str2, str));
            allOf.add(allOf2);
        }
        return arrayList;
    }

    public static AnyOf applicationNameToAnyOf(String str) {
        AnyOf anyOf = new AnyOf();
        List<AllOf> allOf = anyOf.getAllOf();
        AllOf allOf2 = new AllOf();
        allOf2.getMatch().add(applicationNameToMatch(str));
        allOf.add(allOf2);
        return anyOf;
    }

    public static List<AnyOf> actionNamesToAnyOfList(Set<String> set, String str) {
        if (set == null || set.isEmpty()) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        AnyOf anyOf = new AnyOf();
        arrayList.add(anyOf);
        List<AllOf> allOf = anyOf.getAllOf();
        for (String str2 : set) {
            AllOf allOf2 = new AllOf();
            allOf2.getMatch().add(actionNameToMatch(str2, str));
            allOf.add(allOf2);
        }
        return arrayList;
    }

    public static Match resourceNameToMatch(String str, String str2) {
        if (str == null || str.length() == 0) {
            return null;
        }
        Match match = new Match();
        match.setMatchId("urn:sun:opensso:entitlement:resource-match:application:" + str2);
        AttributeValue attributeValue = new AttributeValue();
        attributeValue.setDataType(XACMLConstants.XS_STRING);
        attributeValue.getContent().add(str);
        AttributeDesignator attributeDesignator = new AttributeDesignator();
        attributeDesignator.setCategory(XACMLConstants.XACML_RESOURCE_CATEGORY);
        attributeDesignator.setAttributeId(XACMLConstants.XACML_RESOURCE_ID);
        attributeDesignator.setDataType(XACMLConstants.XS_STRING);
        attributeDesignator.setMustBePresent(true);
        match.setAttributeValue(attributeValue);
        match.setAttributeDesignator(attributeDesignator);
        return match;
    }

    public static Match resourceNameToNotMatch(String str, String str2) {
        if (str == null || str.length() == 0) {
            return null;
        }
        Match match = new Match();
        match.setMatchId("urn:sun:opensso:entitlement:resource-no-match:application:" + str2);
        AttributeValue attributeValue = new AttributeValue();
        attributeValue.setDataType(XACMLConstants.XS_STRING);
        attributeValue.getContent().add(str);
        AttributeDesignator attributeDesignator = new AttributeDesignator();
        attributeDesignator.setCategory(XACMLConstants.XACML_RESOURCE_CATEGORY);
        attributeDesignator.setAttributeId(XACMLConstants.XACML_RESOURCE_ID);
        attributeDesignator.setDataType(XACMLConstants.XS_STRING);
        attributeDesignator.setMustBePresent(true);
        match.setAttributeValue(attributeValue);
        match.setAttributeDesignator(attributeDesignator);
        return match;
    }

    public static Match actionNameToMatch(String str, String str2) {
        if (str == null || str.length() == 0) {
            return null;
        }
        Match match = new Match();
        match.setMatchId("urn:sun:opensso:entitlement:action-match:application:" + str2);
        AttributeValue attributeValue = new AttributeValue();
        attributeValue.setDataType(XACMLConstants.XS_STRING);
        attributeValue.getContent().add(str);
        AttributeDesignator attributeDesignator = new AttributeDesignator();
        attributeDesignator.setCategory(XACMLConstants.XACML_ACTION_CATEGORY);
        attributeDesignator.setAttributeId(XACMLConstants.XACML_ACTION_ID);
        attributeDesignator.setDataType(XACMLConstants.XS_STRING);
        attributeDesignator.setMustBePresent(true);
        match.setAttributeValue(attributeValue);
        match.setAttributeDesignator(attributeDesignator);
        return match;
    }

    public static Match applicationNameToMatch(String str) {
        if (str == null || str.length() == 0) {
            return null;
        }
        Match match = new Match();
        match.setMatchId(XACMLConstants.APPLICATION_MATCH);
        AttributeValue attributeValue = new AttributeValue();
        attributeValue.setDataType(XACMLConstants.XS_STRING);
        attributeValue.getContent().add(str);
        AttributeDesignator attributeDesignator = new AttributeDesignator();
        attributeDesignator.setCategory(XACMLConstants.APPLICATION_CATEGORY);
        attributeDesignator.setAttributeId(XACMLConstants.APPLICATION_ID);
        attributeDesignator.setDataType(XACMLConstants.XS_STRING);
        attributeDesignator.setMustBePresent(false);
        match.setAttributeValue(attributeValue);
        match.setAttributeDesignator(attributeDesignator);
        return match;
    }

    public static Condition eSubjectConditionToXCondition(EntitlementSubject entitlementSubject, EntitlementCondition entitlementCondition) throws JAXBException {
        Condition condition = null;
        if (entitlementSubject != null || entitlementCondition != null) {
            condition = new Condition();
            JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
            Apply apply = new Apply();
            apply.setFunctionId(XACMLConstants.JSON_SUBJECT_AND_CONDITION_SATISFIED);
            List<JAXBElement<?>> expression = apply.getExpression();
            if (entitlementSubject != null) {
                String state = entitlementSubject.getState();
                AttributeValue attributeValue = new AttributeValue();
                attributeValue.getOtherAttributes().put(new QName("privilegeComponent"), "entitlementSubject");
                attributeValue.setDataType("urn:sun:opensso:entitlement:json-subject-type:" + entitlementSubject.getClass().getName());
                attributeValue.getContent().add(state);
                expression.add(objectFactory.createAttributeValue(attributeValue));
            }
            if (entitlementCondition != null) {
                String state2 = entitlementCondition.getState();
                AttributeValue attributeValue2 = new AttributeValue();
                attributeValue2.getOtherAttributes().put(new QName("privilegeComponent"), "entitlementCondition");
                attributeValue2.setDataType("urn:sun:opensso:entitlement:json-condition-type:" + entitlementCondition.getClass().getName());
                attributeValue2.getContent().add(state2);
                expression.add(objectFactory.createAttributeValue(attributeValue2));
            }
            condition.setExpression(objectFactory.createApply(apply));
        }
        return condition;
    }

    public static String getRuleCombiningAlgId(String str) {
        return XACMLConstants.XACML_RULE_DENY_OVERRIDES;
    }

    public static Set<Privilege> policySetToPrivileges(PolicySet policySet) throws EntitlementException {
        if (policySet == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        Set<Policy> policiesFromPolicySet = getPoliciesFromPolicySet(policySet);
        if (policiesFromPolicySet != null) {
            Iterator<Policy> it = policiesFromPolicySet.iterator();
            while (it.hasNext()) {
                hashSet.add(policyToPrivilege(it.next()));
            }
        }
        return hashSet;
    }

    public static Privilege policyToPrivilege(Policy policy) throws EntitlementException {
        String policyIdToPrivilegeName = policyIdToPrivilegeName(policy.getPolicyId());
        String description = policy.getDescription();
        String variableById = getVariableById(policy, XACMLConstants.PRIVILEGE_CREATED_BY);
        long dateStringToLong = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_CREATION_DATE));
        String variableById2 = getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
        long dateStringToLong2 = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE));
        String variableById3 = getVariableById(policy, XACMLConstants.ENTITLEMENT_NAME);
        String applicationNameFromPolicy = getApplicationNameFromPolicy(policy);
        Set<String> resourceNamesFromPolicy = getResourceNamesFromPolicy(policy);
        Map<String, Boolean> actionValuesFromPolicy = getActionValuesFromPolicy(policy);
        EntitlementSubject entitlementSubjectFromPolicy = getEntitlementSubjectFromPolicy(policy);
        EntitlementCondition entitlementConditionFromPolicy = getEntitlementConditionFromPolicy(policy);
        Entitlement entitlement = new Entitlement(applicationNameFromPolicy, resourceNamesFromPolicy, actionValuesFromPolicy);
        if (variableById3 != null) {
            entitlement.setName(variableById3);
        }
        Set<ResourceAttribute> adviceExpressionsToResourceAttributes = schemaFactory.adviceExpressionsToResourceAttributes(policy.getAdviceExpressions());
        XACMLOpenSSOPrivilege xACMLOpenSSOPrivilege = new XACMLOpenSSOPrivilege();
        xACMLOpenSSOPrivilege.setName(policyIdToPrivilegeName);
        xACMLOpenSSOPrivilege.setDescription(description);
        xACMLOpenSSOPrivilege.setCreatedBy(variableById);
        xACMLOpenSSOPrivilege.setCreationDate(dateStringToLong);
        xACMLOpenSSOPrivilege.setLastModifiedBy(variableById2);
        xACMLOpenSSOPrivilege.setLastModifiedDate(dateStringToLong2);
        xACMLOpenSSOPrivilege.setEntitlement(entitlement);
        xACMLOpenSSOPrivilege.setSubject(entitlementSubjectFromPolicy);
        xACMLOpenSSOPrivilege.setCondition(entitlementConditionFromPolicy);
        xACMLOpenSSOPrivilege.setResourceAttributes(adviceExpressionsToResourceAttributes);
        return xACMLOpenSSOPrivilege;
    }

    public static String getApplicationNameFromPolicy(Policy policy) {
        return getVariableById(policy, XACMLConstants.APPLICATION_NAME);
    }

    public static Set<String> getResourceNamesFromPolicy(Policy policy) {
        return getResourceNamesFromMatches(getAllMatchesFromTarget(policy.getTarget()));
    }

    public static String policyIdToPrivilegeName(String str) {
        return str;
    }

    public static String getVariableById(Policy policy, String str) {
        String str2 = null;
        for (Object obj : policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition()) {
            if (obj instanceof VariableDefinition) {
                VariableDefinition variableDefinition = (VariableDefinition) obj;
                if (variableDefinition.getVariableId().equals(str)) {
                    str2 = ((AttributeValue) variableDefinition.getExpression().getValue()).getContent().get(0).toString();
                }
            }
        }
        return str2;
    }

    private static long dateStringToLong(String str) {
        if (str == null || str.length() == 0) {
            return 0L;
        }
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd:HH:mm:ss.SSSS");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        long j = 0;
        try {
            j = simpleDateFormat.parse(str.replace(SVGConstants.PATH_SMOOTH_QUAD_TO, ":")).getTime();
        } catch (ParseException e) {
        }
        return j;
    }

    public static PolicySet privilegesToPolicySet(String str, Collection<Privilege> collection) {
        PolicySet policySet = null;
        try {
            policySet = privilegesToPolicySetInternal(str, collection);
        } catch (JAXBException e) {
        }
        return policySet;
    }

    private static PolicySet privilegesToPolicySetInternal(String str, Collection<Privilege> collection) throws JAXBException {
        if (collection == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        Iterator<Privilege> it = collection.iterator();
        while (it.hasNext()) {
            hashSet.add(privilegeToPolicy(it.next()));
        }
        return policiesToPolicySetInternal(str, hashSet);
    }

    public static PolicySet newPolicySet(String str) throws JAXBException {
        PolicySet policySet = new PolicySet();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        policySet.setPolicySetId(str + ":" + simpleDateFormat.format(Long.valueOf(Time.currentTimeMillis())));
        Version version = new Version();
        version.setValue(simpleDateFormat.format(Long.valueOf(Time.currentTimeMillis())));
        policySet.setVersion(version);
        policySet.setPolicyCombiningAlgId(XACMLConstants.XACML_RULE_DENY_OVERRIDES);
        Target target = new Target();
        policySet.setVersion(version);
        policySet.setTarget(target);
        return policySet;
    }

    private static PolicySet policiesToPolicySetInternal(String str, Set<Policy> set) throws JAXBException {
        PolicySet policySet = new PolicySet();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        policySet.setPolicySetId(str + ":" + simpleDateFormat.format(Long.valueOf(Time.currentTimeMillis())));
        Version version = new Version();
        version.setValue(simpleDateFormat.format(Long.valueOf(Time.currentTimeMillis())));
        policySet.setVersion(version);
        policySet.setPolicyCombiningAlgId(XACMLConstants.XACML_RULE_DENY_OVERRIDES);
        Target target = new Target();
        policySet.setVersion(version);
        policySet.setTarget(target);
        JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
        List<JAXBElement<?>> policySetOrPolicyOrPolicySetIdReference = policySet.getPolicySetOrPolicyOrPolicySetIdReference();
        if (set != null) {
            Iterator<Policy> it = set.iterator();
            while (it.hasNext()) {
                policySetOrPolicyOrPolicySetIdReference.add(objectFactory.createPolicy(it.next()));
            }
        }
        return policySet;
    }

    public static PolicySet addPolicyToPolicySet(Policy policy, PolicySet policySet) throws JAXBException {
        if (policySet == null || policy == null) {
            return policySet;
        }
        JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
        policySet.getPolicySetOrPolicyOrPolicySetIdReference().add(objectFactory.createPolicy(policy));
        return policySet;
    }

    static List<Match> getAllMatchesFromTarget(Target target) {
        ArrayList arrayList = new ArrayList();
        if (target != null) {
            Iterator<AnyOf> it = target.getAnyOf().iterator();
            while (it.hasNext()) {
                Iterator<AllOf> it2 = it.next().getAllOf().iterator();
                while (it2.hasNext()) {
                    arrayList.addAll(it2.next().getMatch());
                }
            }
        }
        return arrayList;
    }

    static Set<String> getResourceNamesFromMatches(List<Match> list) {
        AttributeValue attributeValue;
        List<Object> content;
        if (list == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (Match match : list) {
            String matchId = match.getMatchId();
            if (matchId != null && matchId.indexOf(":resource-match:") != -1 && (attributeValue = match.getAttributeValue()) != null && (content = attributeValue.getContent()) != null && !content.isEmpty()) {
                hashSet.add(content.get(0).toString());
            }
        }
        return hashSet;
    }

    static Set<String> getActionNamesFromMatches(List<Match> list) {
        AttributeValue attributeValue;
        List<Object> content;
        if (list == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (Match match : list) {
            String matchId = match.getMatchId();
            if (matchId != null && matchId.indexOf(":action-match:") != -1 && (attributeValue = match.getAttributeValue()) != null && (content = attributeValue.getContent()) != null && !content.isEmpty()) {
                hashSet.add(content.get(0).toString());
            }
        }
        return hashSet;
    }

    static JSONObject getRealmsAppsResources(List<Match> list) throws JSONException {
        AttributeValue attributeValue;
        List<Object> content;
        if (list == null) {
            return null;
        }
        JSONObject jSONObject = null;
        String str = null;
        Iterator<Match> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Match next = it.next();
            String matchId = next.getMatchId();
            if (matchId != null && matchId.equals(XACMLConstants.JSON_REALMS_APPS_RESOURCES_MATCH) && (attributeValue = next.getAttributeValue()) != null && (content = attributeValue.getContent()) != null && !content.isEmpty()) {
                str = content.get(0).toString();
                break;
            }
        }
        if (str != null) {
            jSONObject = new JSONObject(str);
        }
        return jSONObject;
    }

    static List<Rule> getRules(Policy policy) {
        if (policy == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (Object obj : policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition()) {
            if (obj instanceof Rule) {
                arrayList.add((Rule) obj);
            }
        }
        return arrayList;
    }

    public static Map<String, Boolean> getActionValuesFromPolicy(Policy policy) {
        List<Rule> rules;
        if (policy == null || (rules = getRules(policy)) == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        for (Rule rule : rules) {
            Set<String> actionNamesFromMatches = getActionNamesFromMatches(getAllMatchesFromTarget(rule.getTarget()));
            EffectType effect = rule.getEffect();
            Iterator<String> it = actionNamesFromMatches.iterator();
            while (it.hasNext()) {
                hashMap.put(it.next(), EffectType.PERMIT == effect ? Boolean.TRUE : Boolean.FALSE);
            }
        }
        return hashMap;
    }

    public static EntitlementSubject getEntitlementSubjectFromPolicy(Policy policy) {
        List<Rule> rules;
        if (policy == null || (rules = getRules(policy)) == null) {
            return null;
        }
        EntitlementSubject entitlementSubject = null;
        Iterator<Rule> it = rules.iterator();
        while (it.hasNext()) {
            JAXBElement<?> expression = it.next().getCondition().getExpression();
            if (expression.getDeclaredType().equals(Apply.class)) {
                Apply apply = (Apply) expression.getValue();
                if (XACMLConstants.JSON_SUBJECT_AND_CONDITION_SATISFIED.equals(apply.getFunctionId())) {
                    for (JAXBElement<?> jAXBElement : apply.getExpression()) {
                        if (jAXBElement.getDeclaredType().equals(AttributeValue.class)) {
                            AttributeValue attributeValue = (AttributeValue) jAXBElement.getValue();
                            String dataType = attributeValue.getDataType();
                            if (dataType.startsWith(XACMLConstants.JSON_SUBJECT_DATATYPE)) {
                                List<Object> content = attributeValue.getContent();
                                String str = null;
                                if (content != null) {
                                    Iterator<Object> it2 = content.iterator();
                                    while (true) {
                                        if (!it2.hasNext()) {
                                            break;
                                        }
                                        Object next = it2.next();
                                        if (next instanceof String) {
                                            str = (String) next;
                                            break;
                                        }
                                    }
                                }
                                if (str != null) {
                                    entitlementSubject = createEntitlementSubject(dataType, str);
                                }
                            }
                        }
                    }
                }
            }
            if (entitlementSubject != null) {
                break;
            }
        }
        return entitlementSubject;
    }

    public static EntitlementCondition getEntitlementConditionFromPolicy(Policy policy) throws EntitlementException {
        List<Rule> rules;
        if (policy == null || (rules = getRules(policy)) == null) {
            return null;
        }
        EntitlementCondition entitlementCondition = null;
        Iterator<Rule> it = rules.iterator();
        while (it.hasNext()) {
            JAXBElement<?> expression = it.next().getCondition().getExpression();
            if (expression.getDeclaredType().equals(Apply.class)) {
                Apply apply = (Apply) expression.getValue();
                if (XACMLConstants.JSON_SUBJECT_AND_CONDITION_SATISFIED.equals(apply.getFunctionId())) {
                    for (JAXBElement<?> jAXBElement : apply.getExpression()) {
                        if (jAXBElement.getDeclaredType().equals(AttributeValue.class)) {
                            AttributeValue attributeValue = (AttributeValue) jAXBElement.getValue();
                            String dataType = attributeValue.getDataType();
                            if (dataType.startsWith(XACMLConstants.JSON_CONDITION_DATATYPE)) {
                                List<Object> content = attributeValue.getContent();
                                String str = null;
                                if (content != null) {
                                    Iterator<Object> it2 = content.iterator();
                                    while (true) {
                                        if (!it2.hasNext()) {
                                            break;
                                        }
                                        Object next = it2.next();
                                        if (next instanceof String) {
                                            str = (String) next;
                                            break;
                                        }
                                    }
                                }
                                if (str != null) {
                                    entitlementCondition = createEntitlementCondition(dataType, str);
                                }
                            }
                        }
                    }
                }
                if (entitlementCondition != null) {
                    break;
                }
            }
        }
        return entitlementCondition;
    }

    public static PolicySet streamToPolicySet(InputStream inputStream) throws JAXBException {
        PrivilegeManager.debug.error("XACMLProvilegeUtils.streamToPolicySet(), core_pkg:com.sun.identity.entitlement.xacml3.core");
        if (inputStream == null) {
            return null;
        }
        return (PolicySet) ((JAXBElement) JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG).createUnmarshaller().unmarshal(XMLUtils.createSAXSource(new InputSource(inputStream)))).getValue();
    }

    public static Set<Policy> getPoliciesFromPolicySet(PolicySet policySet) {
        if (policySet == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (JAXBElement<?> jAXBElement : policySet.getPolicySetOrPolicyOrPolicySetIdReference()) {
            if (jAXBElement.getDeclaredType().equals(Policy.class)) {
                hashSet.add((Policy) jAXBElement.getValue());
            }
        }
        return hashSet;
    }

    static EntitlementSubject createEntitlementSubject(String str, String str2) {
        if (str == null || str2 == null) {
            return null;
        }
        EntitlementSubject entitlementSubject = null;
        if (str.indexOf(XACMLConstants.JSON_SUBJECT_DATATYPE) != 0) {
            return null;
        }
        if (str.length() > XACMLConstants.JSON_SUBJECT_DATATYPE.length()) {
            Object createDefaultObject = createDefaultObject(str.substring(XACMLConstants.JSON_SUBJECT_DATATYPE.length() + 1));
            if (createDefaultObject == null || !(createDefaultObject instanceof EntitlementSubject)) {
                PrivilegeManager.debug.error("XACMLPrivilegeUtils.createEntitlementSubject()not an EntitlementSubject");
            } else {
                entitlementSubject = (EntitlementSubject) createDefaultObject;
            }
        }
        if (entitlementSubject != null) {
            entitlementSubject.setState(str2);
        }
        return entitlementSubject;
    }

    static EntitlementCondition createEntitlementCondition(String str, String str2) throws EntitlementException {
        if (str == null || str2 == null) {
            return null;
        }
        EntitlementCondition entitlementCondition = null;
        if (str.indexOf(XACMLConstants.JSON_CONDITION_DATATYPE) != 0) {
            return null;
        }
        if (str.length() > XACMLConstants.JSON_CONDITION_DATATYPE.length()) {
            Object createDefaultObject = createDefaultObject(str.substring(XACMLConstants.JSON_CONDITION_DATATYPE.length() + 1));
            if (createDefaultObject == null || !(createDefaultObject instanceof EntitlementCondition)) {
                PrivilegeManager.debug.error("XACMLPrivilegeUtils.createEntitlementCondition()not an EntitlementCondition");
            } else {
                entitlementCondition = (EntitlementCondition) createDefaultObject;
            }
        }
        if (entitlementCondition != null) {
            entitlementCondition.setState(str2);
            entitlementCondition.validate();
        }
        return entitlementCondition;
    }

    static Object createDefaultObject(String str) {
        if (str == null) {
            return null;
        }
        Object obj = null;
        try {
            obj = Class.forName(str.trim()).newInstance();
        } catch (ClassNotFoundException e) {
            PrivilegeManager.debug.error("XACMLPrivilegeUtils.createDefaultObject(),hit exception", e);
        } catch (IllegalAccessException e2) {
            PrivilegeManager.debug.error("XACMLPrivilegeUtils.createDefaultObject(),hit exception", e2);
        } catch (InstantiationException e3) {
            PrivilegeManager.debug.error("XACMLPrivilegeUtils.createDefaultObject(),hit exception", e3);
        }
        return obj;
    }

    public static Policy referralToPolicy(ReferralPrivilege referralPrivilege) throws JSONException {
        Policy policy = null;
        try {
            policy = referralToPolicyInternal(referralPrivilege);
        } catch (JAXBException e) {
            PrivilegeManager.debug.error("JAXBException while mapping referral to policy:", e);
        }
        return policy;
    }

    public static Policy referralToPolicyInternal(ReferralPrivilege referralPrivilege) throws JAXBException, JSONException {
        if (referralPrivilege == null) {
            return null;
        }
        Policy policy = new Policy();
        String name = referralPrivilege.getName();
        policy.setPolicyId(privilegeNameToPolicyId(name, null));
        policy.setDescription(referralPrivilege.getDescription());
        List<Object> combinerParametersOrRuleCombinerParametersOrVariableDefinition = policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition();
        JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
        VariableDefinition variableDefinition = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition);
        variableDefinition.setVariableId(XACMLConstants.PRIVILEGE_CREATED_BY);
        AttributeValue attributeValue = new AttributeValue();
        attributeValue.setDataType(XACMLConstants.XS_STRING);
        attributeValue.getContent().add(referralPrivilege.getCreatedBy());
        variableDefinition.setExpression(objectFactory.createAttributeValue(attributeValue));
        VariableDefinition variableDefinition2 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition2);
        variableDefinition2.setVariableId(XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
        AttributeValue attributeValue2 = new AttributeValue();
        attributeValue2.setDataType(XACMLConstants.XS_STRING);
        attributeValue2.getContent().add(referralPrivilege.getLastModifiedBy());
        variableDefinition2.setExpression(objectFactory.createAttributeValue(attributeValue2));
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd");
        SimpleDateFormat simpleDateFormat2 = new SimpleDateFormat("HH:mm:ss.SSS");
        SimpleDateFormat simpleDateFormat3 = new SimpleDateFormat("yyyy.MM.dd.HH.mm.ss.SSS");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        simpleDateFormat2.setTimeZone(TimeZone.getTimeZone("GMT"));
        simpleDateFormat3.setTimeZone(TimeZone.getTimeZone("GMT"));
        VariableDefinition variableDefinition3 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition3);
        variableDefinition3.setVariableId(XACMLConstants.PRIVILEGE_CREATION_DATE);
        AttributeValue attributeValue3 = new AttributeValue();
        attributeValue3.setDataType(XACMLConstants.XS_DATE_TIME);
        attributeValue3.getContent().add(simpleDateFormat.format(Long.valueOf(referralPrivilege.getCreationDate())) + SVGConstants.PATH_SMOOTH_QUAD_TO + simpleDateFormat2.format(Long.valueOf(referralPrivilege.getCreationDate())));
        variableDefinition3.setExpression(objectFactory.createAttributeValue(attributeValue3));
        VariableDefinition variableDefinition4 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition4);
        variableDefinition4.setVariableId(XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE);
        AttributeValue attributeValue4 = new AttributeValue();
        attributeValue4.setDataType(XACMLConstants.XS_DATE_TIME);
        attributeValue4.getContent().add(simpleDateFormat.format(Long.valueOf(referralPrivilege.getLastModifiedDate())) + SVGConstants.PATH_SMOOTH_QUAD_TO + simpleDateFormat2.format(Long.valueOf(referralPrivilege.getLastModifiedDate())));
        variableDefinition4.setExpression(objectFactory.createAttributeValue(attributeValue4));
        VariableDefinition variableDefinition5 = new VariableDefinition();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(variableDefinition5);
        variableDefinition5.setVariableId(XACMLConstants.IS_REFERRAL_POLICY);
        AttributeValue attributeValue5 = new AttributeValue();
        attributeValue5.setDataType(XACMLConstants.XS_BOOLEAN_TYPE);
        attributeValue5.getContent().add("true");
        variableDefinition5.setExpression(objectFactory.createAttributeValue(attributeValue5));
        Version version = new Version();
        version.setValue(simpleDateFormat3.format(Long.valueOf(referralPrivilege.getLastModifiedDate())));
        policy.setVersion(version);
        policy.setRuleCombiningAlgId(XACMLConstants.XACML_RULE_DENY_OVERRIDES);
        Target target = new Target();
        policy.setTarget(target);
        List<AnyOf> anyOf = target.getAnyOf();
        AnyOf realmsAppsResourcesToAnyOf = realmsAppsResourcesToAnyOf(referralPrivilege.getRealms(), referralPrivilege.getOriginalMapApplNameToResources());
        if (realmsAppsResourcesToAnyOf != null) {
            anyOf.add(realmsAppsResourcesToAnyOf);
        }
        Rule rule = new Rule();
        combinerParametersOrRuleCombinerParametersOrVariableDefinition.add(rule);
        rule.setRuleId(name + ":" + XACMLConstants.PREMIT_RULE_SUFFIX);
        rule.setDescription(XACMLConstants.PERMIT_RULE_DESCRIPTION);
        rule.setEffect(EffectType.PERMIT);
        rule.setTarget(new Target());
        return policy;
    }

    public static boolean isReferralPolicy(Policy policy) {
        return "true".equalsIgnoreCase(getVariableById(policy, XACMLConstants.IS_REFERRAL_POLICY));
    }

    public static ReferralPrivilege policyToReferral(Policy policy) throws EntitlementException, JSONException {
        String policyIdToPrivilegeName = policyIdToPrivilegeName(policy.getPolicyId());
        String description = policy.getDescription();
        String variableById = getVariableById(policy, XACMLConstants.PRIVILEGE_CREATED_BY);
        long dateStringToLong = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_CREATION_DATE));
        String variableById2 = getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
        long dateStringToLong2 = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE));
        JSONObject realmsAppsResources = getRealmsAppsResources(getAllMatchesFromTarget(policy.getTarget()));
        ReferralPrivilege referralPrivilege = new ReferralPrivilege(policyIdToPrivilegeName, JSONUtils.getMapStringSetString(realmsAppsResources, "appsResources"), JSONUtils.getSet(realmsAppsResources, "realms"));
        referralPrivilege.setDescription(description);
        referralPrivilege.setCreatedBy(variableById);
        referralPrivilege.setCreationDate(dateStringToLong);
        referralPrivilege.setLastModifiedBy(variableById2);
        referralPrivilege.setLastModifiedDate(dateStringToLong2);
        return referralPrivilege;
    }

    public static AnyOf realmsAppsResourcesToAnyOf(Set<String> set, Map<String, Set<String>> map) throws JSONException {
        AnyOf anyOf = new AnyOf();
        List<AllOf> allOf = anyOf.getAllOf();
        AllOf allOf2 = new AllOf();
        allOf.add(allOf2);
        List<Match> match = allOf2.getMatch();
        Match match2 = new Match();
        match.add(match2);
        match2.setMatchId(XACMLConstants.JSON_REALMS_APPS_RESOURCES_MATCH);
        AttributeValue attributeValue = new AttributeValue();
        attributeValue.setDataType(XACMLConstants.JSON_REALMS_APPS_RESOURCES_DATATYPE);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("realms", (Collection<?>) set);
        jSONObject.put("appsResources", (Map<?, ?>) map);
        attributeValue.getContent().add(jSONObject.toString());
        AttributeDesignator attributeDesignator = new AttributeDesignator();
        attributeDesignator.setCategory(XACMLConstants.REALMS_APPS_RESOURCES_CATEGORY);
        attributeDesignator.setAttributeId(XACMLConstants.JSON_REALMS_APPS_RESOURCES_ID);
        attributeDesignator.setDataType(XACMLConstants.JSON_REALMS_APPS_RESOURCES_DATATYPE);
        attributeDesignator.setMustBePresent(false);
        match2.setAttributeValue(attributeValue);
        match2.setAttributeDesignator(attributeDesignator);
        return anyOf;
    }

    public static void validate(Privilege privilege, PrivilegeValidator privilegeValidator) throws EntitlementException {
        if (containsUndesiredCharacters(privilege.getName())) {
            throw new EntitlementException(401, "privilege name " + privilege.getName());
        }
        privilegeValidator.validatePrivilege(privilege);
    }

    @VisibleForTesting
    public static boolean containsUndesiredCharacters(String str) {
        HashSet hashSet = new HashSet(Arrays.asList(",", "+", "\"", "\\", "<", ">", ";"));
        for (int i = 0; i < str.length(); i++) {
            if (hashSet.contains(str.substring(i, i + 1))) {
                return true;
            }
        }
        return false;
    }
}
