package com.sun.identity.wss.provider.plugins;

import com.iplanet.sso.SSOToken;
import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdSearchControl;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdType;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.wss.provider.ProviderConfig;
import com.sun.identity.wss.provider.ProviderException;
import com.sun.identity.wss.provider.ProviderUtils;
import com.sun.identity.wss.provider.TrustAuthorityConfig;
import com.sun.identity.wss.security.PasswordCredential;
import com.sun.identity.xmlenc.EncryptionConstants;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.1.jar:com/sun/identity/wss/provider/plugins/AM71AgentProvider.class */
public class AM71AgentProvider extends ProviderConfig {
    private static final String AGENT_CONFIG_ATTR = "sunIdentityServerDeviceKeyValue";
    private static final String NAME = "Name";
    private static final String TYPE = "Type";
    private static final String SEC_MECH = "SecurityMech";
    private static final String WSP_ENDPOINT = "WSPEndpoint";
    private static final String KS_FILE = "KeyStoreFile";
    private static final String KS_PASSWD = "KeyStorePassword";
    private static final String KEY_PASSWD = "KeyPassword";
    private static final String RESPONSE_SIGN = "isResponseSign";
    private static final String RESPONSE_ENCRYPT = "isResponseEncrypt";
    private static final String REQUEST_SIGN = "isRequestSign";
    private static final String REQUEST_ENCRYPT = "isRequestEncrypt";
    private static final String REQUEST_HEADER_ENCRYPT = "isRequestHeaderEncrypt";
    private static final String KEY_ALIAS = "keyAlias";
    private static final String TRUST_AUTHORITY = "TrustAuthority";
    private static final String PROPERTY = "Property:";
    private static final String USER_NAME = "UserName";
    private static final String USER_PASSWORD = "UserPassword";
    private static final String USER_CREDENTIAL = "UserCredential";
    private static final String SERVICE_TYPE = "ServiceType";
    private static final String USE_DEFAULT_KEYSTORE = "useDefaultStore";
    private static final String FORCE_AUTHENTICATION = "forceUserAuthn";
    private static final String KEEP_SECURITY_HEADERS = "keepSecurityHeaders";
    private static final String AUTHENTICATION_CHAIN = "authenticationChain";
    private AMIdentityRepository idRepo;
    private static Set agentConfigAttribute;
    private static Debug debug = ProviderUtils.debug;
    private SSOToken token;
    private boolean profilePresent;

    @Override // com.sun.identity.wss.provider.ProviderConfig
    public void init(String str, String str2, SSOToken sSOToken, boolean z) throws ProviderException {
        this.providerName = str;
        this.providerType = str2;
        this.token = sSOToken;
        if (debug.messageEnabled()) {
            debug.message("AM71AgentProvider: providerName = " + str + " providerType = " + str2);
        }
        if (str2.equals(ProviderConfig.WSP)) {
            str = SystemConfigurationUtil.getProperty("com.sun.identity.wss.provider.defaultWSP", str);
            if (debug.messageEnabled()) {
                debug.message("AM71AgentProvider: using default WSP providerName = " + str);
            }
        }
        try {
            if (this.idRepo == null) {
                this.idRepo = new AMIdentityRepository(sSOToken, "/");
            }
            if (agentConfigAttribute == null) {
                agentConfigAttribute = new HashSet();
                agentConfigAttribute.add(AGENT_CONFIG_ATTR);
            }
            IdSearchControl idSearchControl = new IdSearchControl();
            idSearchControl.setReturnAttributes(agentConfigAttribute);
            IdSearchResults searchIdentities = this.idRepo.searchIdentities(IdType.AGENT, str + str2, idSearchControl);
            Set searchResults = searchIdentities.getSearchResults();
            if (!searchResults.isEmpty()) {
                Map resultAttributes = searchIdentities.getResultAttributes();
                AMIdentity aMIdentity = (AMIdentity) searchResults.iterator().next();
                this.profilePresent = true;
                Map map = (Map) resultAttributes.get(aMIdentity);
                if (debug.messageEnabled()) {
                    debug.message("Attributes: " + map);
                }
                Set set = (Set) map.get(AGENT_CONFIG_ATTR.toLowerCase());
                if (set != null) {
                    parseAgentKeyValues(set);
                }
            }
        } catch (Exception e) {
            debug.error("AgentProvider.init: Unable to get idRepo", e);
            throw new ProviderException("idRepo exception: " + e.getMessage());
        }
    }

    private void parseAgentKeyValues(Set set) throws ProviderException {
        if (set == null || set.isEmpty()) {
            return;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            int indexOf = str.indexOf("=");
            if (indexOf != -1) {
                setConfig(str.substring(0, indexOf), str.substring(indexOf + 1, str.length()));
            }
        }
    }

    private void setConfig(String str, String str2) {
        debug.message("AM71AgentProvider:Attribute name: " + str + "Value: " + str2);
        this.encryptionAlgorithm = EncryptionConstants.AES;
        this.encryptionStrength = 128;
        if (str.equals("Name")) {
            this.providerName = str2;
        } else if (str.equals(TYPE)) {
            this.providerType = str2;
        } else if (str.equals(SEC_MECH)) {
            if (this.secMech == null) {
                this.secMech = new ArrayList();
            }
            StringTokenizer stringTokenizer = new StringTokenizer(str2, ",");
            while (stringTokenizer.hasMoreTokens()) {
                this.secMech.add(stringTokenizer.nextToken());
            }
        } else if (str.equals(WSP_ENDPOINT)) {
            this.wspEndpoint = str2;
        } else if (str.equals(KS_FILE)) {
            this.ksFile = str2;
        } else if (str.equals(KS_PASSWD)) {
            this.ksPasswd = str2;
        } else if (str.equals(KEY_PASSWD)) {
            this.keyPasswd = str2;
        } else if (str.equals(RESPONSE_SIGN)) {
            this.isResponseSigned = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(RESPONSE_ENCRYPT)) {
            this.isResponseEncrypted = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(REQUEST_SIGN)) {
            this.isRequestSigned = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(REQUEST_ENCRYPT)) {
            this.isRequestEncrypted = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(REQUEST_HEADER_ENCRYPT)) {
            this.isRequestHeaderEncrypted = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(KEY_ALIAS)) {
            this.privateKeyAlias = str2;
        } else if (str.equals(SERVICE_TYPE)) {
            this.serviceType = str2;
        } else if (str.equals(USE_DEFAULT_KEYSTORE)) {
            this.isDefaultKeyStore = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(TRUST_AUTHORITY)) {
            try {
                if (this.trustAuthorities == null) {
                    this.trustAuthorities = new ArrayList();
                }
                TrustAuthorityConfig config = TrustAuthorityConfig.getConfig(str2, TrustAuthorityConfig.DISCOVERY_TRUST_AUTHORITY);
                if (config != null) {
                    this.trustAuthorities.add(config);
                }
            } catch (ProviderException e) {
                ProviderUtils.debug.error("AM71AgentProvider.setAttribute:error", e);
            }
        } else if (str.startsWith(PROPERTY)) {
            this.properties.put(str.substring(PROPERTY.length()), str2);
        } else if (str.equals(USER_CREDENTIAL)) {
            int indexOf = str2.indexOf("|");
            if (indexOf == -1) {
                return;
            }
            String substring = str2.substring(0, indexOf);
            String substring2 = str2.substring(indexOf + 1, str2.length());
            String str3 = null;
            String str4 = null;
            StringTokenizer stringTokenizer2 = new StringTokenizer(substring, ":");
            if (USER_NAME.equals(stringTokenizer2.nextToken()) && stringTokenizer2.hasMoreTokens()) {
                str3 = stringTokenizer2.nextToken();
            }
            StringTokenizer stringTokenizer3 = new StringTokenizer(substring2, ":");
            if (USER_PASSWORD.equals(stringTokenizer3.nextToken()) && stringTokenizer3.hasMoreTokens()) {
                str4 = stringTokenizer3.nextToken();
            }
            if (str3 != null && str4 != null) {
                PasswordCredential passwordCredential = new PasswordCredential(str3, str4);
                if (this.usercredentials == null) {
                    this.usercredentials = new ArrayList();
                }
                this.usercredentials.add(passwordCredential);
            }
        } else if (str.equals(FORCE_AUTHENTICATION)) {
            this.forceAuthn = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(KEEP_SECURITY_HEADERS)) {
            this.preserveSecHeaders = Boolean.valueOf(str2).booleanValue();
        } else if (str.equals(AUTHENTICATION_CHAIN)) {
            this.authenticationChain = str2;
        } else if (ProviderUtils.debug.messageEnabled()) {
            ProviderUtils.debug.message("AM71AgentProvider.setConfig: Invalid Attribute configured." + str);
        }
        this.publicKeyAlias = this.privateKeyAlias;
        if (this.publicKeyAlias == null) {
            this.publicKeyAlias = SystemConfigurationUtil.getProperty("com.sun.identity.wss.encryptionkey");
            if (this.publicKeyAlias == null) {
                this.publicKeyAlias = SystemConfigurationUtil.getProperty("com.sun.identity.saml.xmlsig.certalias");
            }
        }
        if (debug.messageEnabled()) {
            debug.message("Encryption Stength: " + this.encryptionStrength);
            debug.message("Encryption Algorithm: " + this.encryptionAlgorithm);
            debug.message("public key alias: " + this.publicKeyAlias);
        }
    }

    @Override // com.sun.identity.wss.provider.ProviderConfig
    public void store() throws ProviderException {
        HashSet hashSet = new HashSet();
        if (this.providerType != null) {
            hashSet.add(getKeyValue(TYPE, this.providerType));
        }
        if (this.wspEndpoint != null) {
            hashSet.add(getKeyValue(WSP_ENDPOINT, this.wspEndpoint));
        }
        if (this.ksFile != null) {
            hashSet.add(getKeyValue(KS_FILE, this.ksFile));
        }
        if (this.ksPasswd != null) {
            hashSet.add(getKeyValue(KS_PASSWD, this.ksPasswd));
        }
        if (this.keyPasswd != null) {
            hashSet.add(getKeyValue(KEY_PASSWD, this.keyPasswd));
        }
        if (this.serviceType != null) {
            hashSet.add(getKeyValue(SERVICE_TYPE, this.serviceType));
        }
        if (this.secMech != null) {
            Iterator it = this.secMech.iterator();
            StringBuffer stringBuffer = new StringBuffer(100);
            while (it.hasNext()) {
                stringBuffer.append((String) it.next()).append(",");
            }
            hashSet.add(getKeyValue(SEC_MECH, stringBuffer.deleteCharAt(stringBuffer.length() - 1).toString()));
        }
        hashSet.add(getKeyValue(RESPONSE_SIGN, Boolean.toString(this.isResponseSigned)));
        hashSet.add(getKeyValue(RESPONSE_ENCRYPT, Boolean.toString(this.isResponseEncrypted)));
        hashSet.add(getKeyValue(REQUEST_SIGN, Boolean.toString(this.isRequestSigned)));
        hashSet.add(getKeyValue(REQUEST_ENCRYPT, Boolean.toString(this.isRequestEncrypted)));
        hashSet.add(getKeyValue(REQUEST_HEADER_ENCRYPT, Boolean.toString(this.isRequestHeaderEncrypted)));
        hashSet.add(getKeyValue(USE_DEFAULT_KEYSTORE, Boolean.toString(this.isDefaultKeyStore)));
        hashSet.add(getKeyValue(FORCE_AUTHENTICATION, Boolean.toString(this.forceAuthn)));
        hashSet.add(getKeyValue(KEEP_SECURITY_HEADERS, Boolean.toString(this.preserveSecHeaders)));
        if (this.authenticationChain != null) {
            hashSet.add(getKeyValue(AUTHENTICATION_CHAIN, this.authenticationChain));
        }
        if (this.privateKeyAlias != null) {
            hashSet.add(getKeyValue(KEY_ALIAS, this.privateKeyAlias));
        }
        Enumeration<?> propertyNames = this.properties.propertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            hashSet.add(getKeyValue(PROPERTY + str, this.properties.getProperty(str)));
        }
        if (this.usercredentials != null) {
            for (PasswordCredential passwordCredential : this.usercredentials) {
                String userName = passwordCredential.getUserName();
                String password = passwordCredential.getPassword();
                if (userName != null && password != null) {
                    StringBuffer stringBuffer2 = new StringBuffer(100);
                    stringBuffer2.append(USER_NAME).append(":").append(userName).append("|").append(USER_PASSWORD).append(":").append(password);
                    hashSet.add(getKeyValue(USER_CREDENTIAL, stringBuffer2.toString()));
                }
            }
        }
        if (this.trustAuthorities != null && !this.trustAuthorities.isEmpty()) {
            Iterator it2 = this.trustAuthorities.iterator();
            while (it2.hasNext()) {
                hashSet.add(getKeyValue(TRUST_AUTHORITY, ((TrustAuthorityConfig) it2.next()).getName()));
            }
        }
        try {
            HashMap hashMap = new HashMap();
            hashMap.put(AGENT_CONFIG_ATTR, hashSet);
            if (this.profilePresent) {
                AMIdentity aMIdentity = new AMIdentity(this.token, this.providerName + this.providerType, IdType.AGENT, "/", (String) null);
                debug.message("AM71AgentProvider:Attributes to be stored: " + hashMap);
                aMIdentity.setAttributes(hashMap);
                aMIdentity.store();
            } else {
                if (this.idRepo == null) {
                    this.idRepo = new AMIdentityRepository(this.token, "/");
                }
                this.idRepo.createIdentity(IdType.AGENT, this.providerName + this.providerType, hashMap);
            }
        } catch (Exception e) {
            debug.error("AM71AgentProvider.store: Unable to get idRepo", e);
            throw new ProviderException("idRepo exception: " + e.getMessage());
        }
    }

    @Override // com.sun.identity.wss.provider.ProviderConfig
    public void delete() throws ProviderException {
        if (this.profilePresent) {
            try {
                if (this.idRepo == null) {
                    this.idRepo = new AMIdentityRepository(this.token, "/");
                }
                AMIdentity aMIdentity = new AMIdentity(this.token, this.providerName + this.providerType, IdType.AGENT, "/", (String) null);
                HashSet hashSet = new HashSet();
                hashSet.add(aMIdentity);
                this.idRepo.deleteIdentities(hashSet);
            } catch (Exception e) {
                debug.error("AM71AgentProvider.delete: Unable to get idRepo", e);
                throw new ProviderException("idRepo exception: " + e.getMessage());
            }
        }
    }

    private String getKeyValue(String str, String str2) {
        return str + "=" + str2;
    }

    @Override // com.sun.identity.wss.provider.ProviderConfig
    public boolean isExists() {
        return this.profilePresent;
    }
}
