package com.sun.identity.authentication;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.dpro.session.service.InternalSession;
import com.iplanet.dpro.session.service.SessionService;
import com.iplanet.services.comm.client.PLLClient;
import com.iplanet.services.comm.share.Request;
import com.iplanet.services.comm.share.RequestSet;
import com.iplanet.services.comm.share.Response;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.iplanet.sso.providers.dpro.SSOProviderImpl;
import com.sun.identity.authentication.client.AuthClientUtils;
import com.sun.identity.authentication.server.AuthContextLocal;
import com.sun.identity.authentication.server.AuthXMLRequest;
import com.sun.identity.authentication.service.AMAuthErrorCode;
import com.sun.identity.authentication.service.AuthException;
import com.sun.identity.authentication.service.AuthUtils;
import com.sun.identity.authentication.service.LoginState;
import com.sun.identity.authentication.share.AuthXMLTags;
import com.sun.identity.authentication.share.AuthXMLUtils;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.policy.PolicyUtils;
import com.sun.identity.security.AMSecurityPropertiesException;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.Constants;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.shared.locale.L10NMessageImpl;
import com.sun.identity.shared.xml.XMLUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.net.URL;
import java.net.URLStreamHandler;
import java.security.AccessController;
import java.text.MessageFormat;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.Vector;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.batik.util.CSSConstants;
import org.forgerock.openam.authentication.service.protocol.RemoteHttpServletRequest;
import org.forgerock.openam.authentication.service.protocol.RemoteHttpServletResponse;
import org.forgerock.openam.sdk.org.forgerock.guice.core.InjectorHolder;
import org.forgerock.openam.session.SessionCache;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/authentication/AuthContext.class */
public class AuthContext implements Serializable {
    private Locale clientLocale;
    private String server_proto;
    private String server_host;
    private String server_port;
    private String server_uri;
    private boolean includeReqRes;
    private static final String JSS_PASSWORD_UTIL = "com.sun.identity.authentication.util.JSSPasswordUtil";
    private static final String JSSE_PASSWORD_CALLBACK = "com.sun.identity.security.keystore.AMCallbackHandler";
    Status loginStatus;
    String organizationName;
    Document receivedDocument;
    AuthLoginException loginException;
    String hostName;
    private boolean forceAuth;
    private boolean localSessionChecked;
    String nickName;
    private URL authURL;
    private URL authServiceURL;
    private SSOToken ssoToken;
    private String ssoTokenID;
    AuthContextLocal acLocal;
    private static final int DEFAULT_RETRY_COUNT = 1;
    private int retryRunLogin;
    public boolean localFlag;
    public static String localAuthServiceID;
    static boolean useOldStyleRemoteAuthentication;
    static boolean useNewStyleRemoteAuthentication;
    private HashMap cookieTable;
    private HttpServletRequest remoteRequest;
    private HttpServletResponse remoteResponse;
    private final SessionCache sessionCache;
    static String protHandlerPkg = System.getProperty(Constants.PROTOCOL_HANDLER, Constants.JSSE_HANDLER);
    static boolean usingJSSEHandler = protHandlerPkg.equals(Constants.JSSE_HANDLER);
    private static final String amAuthContext = "amAuthContext";
    protected static Debug authDebug = Debug.getInstance(amAuthContext);
    protected static ResourceBundle bundle = com.sun.identity.shared.locale.Locale.getInstallResourceBundle(amAuthContext);
    private static SSOToken appSSOToken = null;

    /* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/authentication/AuthContext$IndexType.class */
    public static class IndexType {
        private String index;
        public static final IndexType USER = new IndexType("user");
        public static final IndexType ROLE = new IndexType("role");
        public static final IndexType SERVICE = new IndexType("service");
        public static final IndexType LEVEL = new IndexType(IFSConstants.LEVEL);
        public static final IndexType MODULE_INSTANCE = new IndexType("module_instance");
        public static final IndexType RESOURCE = new IndexType("resource");
        public static final IndexType COMPOSITE_ADVICE = new IndexType("composite_advice");

        private IndexType() {
        }

        private IndexType(String str) {
            this.index = str;
        }

        public String toString() {
            return this.index;
        }

        public boolean equals(Object obj) {
            if (obj instanceof IndexType) {
                return ((IndexType) obj).index.equalsIgnoreCase(this.index);
            }
            return false;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/authentication/AuthContext$Status.class */
    public static class Status {
        private String status;
        public static final Status NOT_STARTED = new Status("not_started");
        public static final Status IN_PROGRESS = new Status("in_progress");
        public static final Status SUCCESS = new Status("success");
        public static final Status FAILED = new Status("failed");
        public static final Status COMPLETED = new Status("completed");
        public static final Status RESET = new Status(CSSConstants.CSS_RESET_VALUE);
        public static final Status ORG_MISMATCH = new Status("org_mismatch");

        private Status() {
        }

        private Status(String str) {
            this.status = str;
        }

        public String toString() {
            return this.status;
        }

        public boolean equals(Object obj) {
            if (obj instanceof Status) {
                return ((Status) obj).status.equalsIgnoreCase(this.status);
            }
            return false;
        }
    }

    public AuthContext(String str) throws AuthLoginException {
        this.clientLocale = null;
        this.server_proto = SystemProperties.get("com.iplanet.am.server.protocol");
        this.server_host = SystemProperties.get("com.iplanet.am.server.host");
        this.server_port = SystemProperties.get("com.iplanet.am.server.port");
        this.server_uri = SystemProperties.get("com.iplanet.am.services.deploymentDescriptor");
        this.includeReqRes = SystemProperties.getAsBoolean(Constants.REMOTEAUTH_INCLUDE_REQRES);
        this.loginStatus = Status.IN_PROGRESS;
        this.organizationName = "";
        this.loginException = null;
        this.hostName = null;
        this.forceAuth = false;
        this.localSessionChecked = false;
        this.nickName = null;
        this.authURL = null;
        this.authServiceURL = null;
        this.ssoToken = null;
        this.ssoTokenID = null;
        this.acLocal = null;
        this.retryRunLogin = 1;
        this.localFlag = false;
        this.cookieTable = new HashMap();
        this.remoteRequest = null;
        this.remoteResponse = null;
        this.sessionCache = SessionCache.getInstance();
        this.organizationName = str;
    }

    public AuthContext(String str, URL url) throws AuthLoginException {
        this.clientLocale = null;
        this.server_proto = SystemProperties.get("com.iplanet.am.server.protocol");
        this.server_host = SystemProperties.get("com.iplanet.am.server.host");
        this.server_port = SystemProperties.get("com.iplanet.am.server.port");
        this.server_uri = SystemProperties.get("com.iplanet.am.services.deploymentDescriptor");
        this.includeReqRes = SystemProperties.getAsBoolean(Constants.REMOTEAUTH_INCLUDE_REQRES);
        this.loginStatus = Status.IN_PROGRESS;
        this.organizationName = "";
        this.loginException = null;
        this.hostName = null;
        this.forceAuth = false;
        this.localSessionChecked = false;
        this.nickName = null;
        this.authURL = null;
        this.authServiceURL = null;
        this.ssoToken = null;
        this.ssoTokenID = null;
        this.acLocal = null;
        this.retryRunLogin = 1;
        this.localFlag = false;
        this.cookieTable = new HashMap();
        this.remoteRequest = null;
        this.remoteResponse = null;
        this.sessionCache = SessionCache.getInstance();
        this.organizationName = str;
        this.authURL = url;
    }

    public AuthContext(String str, String str2) throws AuthLoginException {
        this.clientLocale = null;
        this.server_proto = SystemProperties.get("com.iplanet.am.server.protocol");
        this.server_host = SystemProperties.get("com.iplanet.am.server.host");
        this.server_port = SystemProperties.get("com.iplanet.am.server.port");
        this.server_uri = SystemProperties.get("com.iplanet.am.services.deploymentDescriptor");
        this.includeReqRes = SystemProperties.getAsBoolean(Constants.REMOTEAUTH_INCLUDE_REQRES);
        this.loginStatus = Status.IN_PROGRESS;
        this.organizationName = "";
        this.loginException = null;
        this.hostName = null;
        this.forceAuth = false;
        this.localSessionChecked = false;
        this.nickName = null;
        this.authURL = null;
        this.authServiceURL = null;
        this.ssoToken = null;
        this.ssoTokenID = null;
        this.acLocal = null;
        this.retryRunLogin = 1;
        this.localFlag = false;
        this.cookieTable = new HashMap();
        this.remoteRequest = null;
        this.remoteResponse = null;
        this.sessionCache = SessionCache.getInstance();
        this.organizationName = str;
        this.nickName = str2;
    }

    public AuthContext(String str, String str2, URL url) throws AuthLoginException {
        this.clientLocale = null;
        this.server_proto = SystemProperties.get("com.iplanet.am.server.protocol");
        this.server_host = SystemProperties.get("com.iplanet.am.server.host");
        this.server_port = SystemProperties.get("com.iplanet.am.server.port");
        this.server_uri = SystemProperties.get("com.iplanet.am.services.deploymentDescriptor");
        this.includeReqRes = SystemProperties.getAsBoolean(Constants.REMOTEAUTH_INCLUDE_REQRES);
        this.loginStatus = Status.IN_PROGRESS;
        this.organizationName = "";
        this.loginException = null;
        this.hostName = null;
        this.forceAuth = false;
        this.localSessionChecked = false;
        this.nickName = null;
        this.authURL = null;
        this.authServiceURL = null;
        this.ssoToken = null;
        this.ssoTokenID = null;
        this.acLocal = null;
        this.retryRunLogin = 1;
        this.localFlag = false;
        this.cookieTable = new HashMap();
        this.remoteRequest = null;
        this.remoteResponse = null;
        this.sessionCache = SessionCache.getInstance();
        this.organizationName = str;
        this.nickName = str2;
        this.authURL = url;
    }

    public AuthContext(SSOToken sSOToken) throws AuthLoginException {
        this.clientLocale = null;
        this.server_proto = SystemProperties.get("com.iplanet.am.server.protocol");
        this.server_host = SystemProperties.get("com.iplanet.am.server.host");
        this.server_port = SystemProperties.get("com.iplanet.am.server.port");
        this.server_uri = SystemProperties.get("com.iplanet.am.services.deploymentDescriptor");
        this.includeReqRes = SystemProperties.getAsBoolean(Constants.REMOTEAUTH_INCLUDE_REQRES);
        this.loginStatus = Status.IN_PROGRESS;
        this.organizationName = "";
        this.loginException = null;
        this.hostName = null;
        this.forceAuth = false;
        this.localSessionChecked = false;
        this.nickName = null;
        this.authURL = null;
        this.authServiceURL = null;
        this.ssoToken = null;
        this.ssoTokenID = null;
        this.acLocal = null;
        this.retryRunLogin = 1;
        this.localFlag = false;
        this.cookieTable = new HashMap();
        this.remoteRequest = null;
        this.remoteResponse = null;
        this.sessionCache = SessionCache.getInstance();
        this.ssoToken = sSOToken;
    }

    public AuthContext(SSOToken sSOToken, boolean z) throws AuthLoginException {
        this.clientLocale = null;
        this.server_proto = SystemProperties.get("com.iplanet.am.server.protocol");
        this.server_host = SystemProperties.get("com.iplanet.am.server.host");
        this.server_port = SystemProperties.get("com.iplanet.am.server.port");
        this.server_uri = SystemProperties.get("com.iplanet.am.services.deploymentDescriptor");
        this.includeReqRes = SystemProperties.getAsBoolean(Constants.REMOTEAUTH_INCLUDE_REQRES);
        this.loginStatus = Status.IN_PROGRESS;
        this.organizationName = "";
        this.loginException = null;
        this.hostName = null;
        this.forceAuth = false;
        this.localSessionChecked = false;
        this.nickName = null;
        this.authURL = null;
        this.authServiceURL = null;
        this.ssoToken = null;
        this.ssoTokenID = null;
        this.acLocal = null;
        this.retryRunLogin = 1;
        this.localFlag = false;
        this.cookieTable = new HashMap();
        this.remoteRequest = null;
        this.remoteResponse = null;
        this.sessionCache = SessionCache.getInstance();
        this.ssoToken = sSOToken;
        this.forceAuth = z;
    }

    public void login() throws AuthLoginException {
        login(null, null, null, null, null, null);
    }

    public void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthLoginException {
        login(null, null, null, null, httpServletRequest, httpServletResponse);
    }

    public void login(IndexType indexType, String str) throws AuthLoginException {
        login(indexType, str, null, null, null, null);
    }

    public void login(IndexType indexType, String str, String str2) throws AuthLoginException {
        login(indexType, str, (String[]) null, (Map) null, str2);
    }

    public SSOToken login(IndexType indexType, String str, Callback[] callbackArr) throws AuthLoginException {
        login(indexType, str, null, null, null, null);
        SSOToken sSOToken = null;
        while (hasMoreRequirements()) {
            if (getRequirements() != null) {
                try {
                    submitRequirements(callbackArr);
                } catch (Exception e) {
                    if (authDebug.messageEnabled()) {
                        authDebug.message("Error: submitRequirements with userInfo : " + e.getMessage());
                    }
                    throw new AuthLoginException(e);
                }
            }
        }
        try {
            if (getStatus() == Status.SUCCESS) {
                sSOToken = getSSOToken();
            }
            return sSOToken;
        } catch (Exception e2) {
            if (authDebug.messageEnabled()) {
                authDebug.message("Error: getSSOToken : " + e2.getMessage());
            }
            throw new AuthLoginException(e2);
        }
    }

    public void login(IndexType indexType, String str, String[] strArr) throws AuthLoginException {
        login(indexType, str, strArr, null, null, null);
    }

    public void login(IndexType indexType, String str, String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthLoginException {
        login(indexType, str, strArr, null, httpServletRequest, httpServletResponse);
    }

    public void login(IndexType indexType, String str, String[] strArr, Map map) throws AuthLoginException {
        login(indexType, str, strArr, map, null, null);
    }

    public void login(IndexType indexType, String str, String[] strArr, Map map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthLoginException {
        if (this.clientLocale == null) {
            login(indexType, str, strArr, map, null, httpServletRequest, httpServletResponse);
        } else {
            login(indexType, str, strArr, map, this.clientLocale.toString(), httpServletRequest, httpServletResponse);
        }
    }

    private void login(IndexType indexType, String str, String[] strArr, Map map, String str2) throws AuthLoginException {
        login(indexType, str, strArr, map, str2, null, null);
    }

    private void login(IndexType indexType, String str, String[] strArr, Map map, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthLoginException {
        if (this.ssoToken != null) {
            try {
                this.organizationName = this.ssoToken.getProperty("Organization");
                this.ssoTokenID = this.ssoToken.getTokenID().toString();
                this.authURL = this.sessionCache.getSession(new SessionID(this.ssoTokenID)).getSessionServiceURL();
            } catch (Exception e) {
                throw new AuthLoginException(e);
            }
        }
        if (this.authURL != null) {
            this.authServiceURL = getAuthServiceURL(this.authURL.getProtocol(), this.authURL.getHost(), Integer.toString(this.authURL.getPort()), SystemProperties.get("com.iplanet.am.services.deploymentDescriptor"));
        }
        AuthLoginException authLoginException = null;
        try {
            if (this.authServiceURL == null) {
                this.authServiceURL = getAuthServiceURL(this.server_proto, this.server_host, this.server_port, this.server_uri);
            }
            if (this.authServiceURL != null) {
                if (authDebug.messageEnabled()) {
                    authDebug.message("AuthContext.login : runLogin against " + this.authServiceURL);
                }
                runLogin(indexType, str, strArr, map, str2, httpServletRequest, httpServletResponse);
                return;
            }
        } catch (AuthLoginException e2) {
            authLoginException = e2;
            authDebug.error("Failed to login to " + this.authServiceURL);
        } catch (Exception e3) {
            authDebug.error("Failed to login to " + this.authServiceURL + ": " + e3.getMessage(), e3);
        }
        if (this.authURL == null) {
            try {
                Vector serviceAllURLs = WebtopNaming.getServiceAllURLs("auth");
                if (authDebug.messageEnabled()) {
                    authDebug.message("Org Name : " + this.organizationName);
                    authDebug.message("ssoTokenID: " + this.ssoTokenID);
                    authDebug.message("serviceURLs: " + serviceAllURLs);
                }
                if (serviceAllURLs != null) {
                    serviceAllURLs.remove(this.authServiceURL);
                    Enumeration elements = serviceAllURLs.elements();
                    while (elements.hasMoreElements()) {
                        this.authServiceURL = (URL) elements.nextElement();
                        try {
                            runLogin(indexType, str, strArr, map, str2, httpServletRequest, httpServletResponse);
                            return;
                        } catch (AuthLoginException e4) {
                            authLoginException = e4;
                            authDebug.error("Failed to login in failover with " + this.authServiceURL + ": " + e4.getMessage());
                        }
                    }
                }
            } catch (Exception e5) {
                throw new AuthLoginException(amAuthContext, "loginError", new Object[]{e5.getMessage()});
            }
        }
        authDebug.error("Authentication failed.");
        if (authLoginException == null) {
            throw new AuthLoginException(amAuthContext, "loginError", null);
        }
        throw authLoginException;
    }

    private void runLogin(IndexType indexType, String str, String[] strArr, Map map, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthLoginException {
        if (!this.localFlag) {
            setLocalFlag(this.authServiceURL);
        }
        if (appSSOToken == null && (indexType != IndexType.MODULE_INSTANCE || !str.equals("Application"))) {
            appSSOToken = getAppSSOToken(false);
        }
        if (this.localFlag) {
            try {
                if (this.ssoTokenID == null) {
                    this.acLocal = AuthUtils.getAuthContext(this.organizationName);
                } else {
                    if (authDebug.messageEnabled()) {
                        authDebug.message("AuthContext.runLogin: ForceAuth = " + this.forceAuth);
                    }
                    this.acLocal = AuthUtils.getAuthContext(this.organizationName, this.ssoTokenID, false, (HttpServletRequest) null, (String) null, (AuthXMLRequest) null, this.forceAuth);
                }
                LoginState loginState = this.acLocal.getLoginState();
                if (httpServletRequest != null) {
                    loginState.setHttpServletRequest(httpServletRequest);
                    loginState.setParamHash(AuthClientUtils.parseRequestParameters(httpServletRequest));
                }
                if (httpServletResponse != null) {
                    loginState.setHttpServletResponse(httpServletResponse);
                }
                if (this.hostName != null) {
                    this.acLocal.getLoginState().setClient(this.hostName);
                }
                this.acLocal.login(indexType, str, map, str2);
                if (this.acLocal.getStatus().equals(Status.SUCCESS)) {
                    onSuccessLocal();
                    return;
                }
                return;
            } catch (AuthException e) {
                throw new AuthLoginException(e);
            }
        }
        if (useOldStyleRemoteAuthentication) {
            runRemoteOldAuthContext();
            if (this.loginException != null) {
                throw this.loginException;
            }
        }
        runRemoteLogin(indexType, str, strArr, map, str2, httpServletRequest, httpServletResponse);
        this.retryRunLogin = 1;
        if (authDebug.messageEnabled()) {
            authDebug.message("useNewStyleRemoteAuthentication : " + useNewStyleRemoteAuthentication);
            authDebug.message("useOldStyleRemoteAuthentication : " + useOldStyleRemoteAuthentication);
            authDebug.message("receivedDocument : " + this.receivedDocument);
            authDebug.message("loginException : " + this.loginException);
        }
        if (!useNewStyleRemoteAuthentication && !useOldStyleRemoteAuthentication && ((this.receivedDocument == null || getAuthenticationHandle(this.receivedDocument).equals(PolicyUtils.NULL_STRING)) && this.loginException != null)) {
            if (authDebug.messageEnabled()) {
                authDebug.message("AuthContext: trying 6.3 style remote AuthN and setting the flag to use 6.3 style");
            }
            useOldStyleRemoteAuthentication = true;
            this.loginException = null;
            runRemoteOldAuthContext();
            if (this.loginException != null) {
                throw this.loginException;
            }
            runRemoteLogin(indexType, str, strArr, map, str2, httpServletRequest, httpServletResponse);
            this.retryRunLogin = 1;
        } else if (!useNewStyleRemoteAuthentication) {
            useNewStyleRemoteAuthentication = true;
        }
        if (this.loginException != null) {
            throw this.loginException;
        }
    }

    private void runRemoteLogin(IndexType indexType, String str, String[] strArr, Map map, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthLoginException {
        try {
            StringBuilder sb = new StringBuilder(100);
            String authHandle = getAuthHandle();
            if (this.ssoTokenID != null && "0".equals(authHandle)) {
                if (authDebug.messageEnabled()) {
                    authDebug.message("AuthContext.runRemoteLogin: Found SSOTokenID " + this.ssoTokenID);
                }
                authHandle = this.ssoTokenID;
            }
            sb.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, authHandle));
            if (appSSOToken != null) {
                sb.append(AuthXMLTags.APPSSOTOKEN_BEGIN);
                sb.append(appSSOToken.getTokenID().toString());
                sb.append(AuthXMLTags.APPSSOTOKEN_END);
            }
            sb.append(AuthXMLTags.LOGIN_BEGIN);
            if (!useOldStyleRemoteAuthentication) {
                sb.append(" ").append(AuthXMLTags.ORG_NAME_ATTR).append("=").append("\"").append(XMLUtils.escapeSpecialCharacters(this.organizationName)).append("\"");
                if (this.hostName != null) {
                    sb.append(" ").append(AuthXMLTags.HOST_NAME_ATTR).append("=").append("\"").append(XMLUtils.escapeSpecialCharacters(this.hostName)).append("\"");
                }
                if (str2 != null && !str2.isEmpty()) {
                    sb.append(" ").append("Locale").append("=").append("\"").append(XMLUtils.escapeSpecialCharacters(str2)).append("\"");
                }
                if (this.forceAuth) {
                    sb.append(" ").append(AuthXMLTags.FORCE_AUTH_ATTR).append("=").append("\"").append("true").append("\"");
                }
            }
            sb.append(">");
            if (indexType != null) {
                sb.append(AuthXMLTags.INDEX_TYPE_PAIR_BEGIN).append(" ").append(AuthXMLTags.INDEX_TYPE).append("=").append("\"");
                if (indexType == IndexType.USER) {
                    sb.append("user");
                } else if (indexType == IndexType.ROLE) {
                    sb.append("role");
                } else if (indexType == IndexType.SERVICE) {
                    sb.append("service");
                } else if (indexType == IndexType.MODULE_INSTANCE) {
                    sb.append(AuthXMLTags.INDEX_TYPE_MODULE_ATTR);
                } else if (indexType == IndexType.LEVEL) {
                    sb.append(AuthXMLTags.INDEX_TYPE_LEVEL_ATTR);
                } else if (indexType == IndexType.COMPOSITE_ADVICE) {
                    sb.append(AuthXMLTags.INDEX_TYPE_COMPOSITE_ADVICE_ATTR);
                } else if (indexType == IndexType.RESOURCE) {
                    sb.append("resource");
                }
                sb.append("\"").append(">").append(AuthXMLTags.INDEX_NAME_BEGIN).append(XMLUtils.escapeSpecialCharacters(str)).append(AuthXMLTags.INDEX_NAME_END).append(AuthXMLTags.INDEX_TYPE_PAIR_END);
            }
            if (str2 != null && str2.length() > 0) {
                sb.append(AuthXMLTags.LOCALE_BEGIN);
                sb.append(XMLUtils.escapeSpecialCharacters(str2));
                sb.append(AuthXMLTags.LOCALE_END);
            }
            if (strArr != null) {
                StringBuilder sb2 = new StringBuilder();
                for (int i = 0; i < strArr.length; i++) {
                    if (i != 0) {
                        sb2.append("|");
                    }
                    sb2.append(XMLUtils.escapeSpecialCharacters(strArr[i]));
                }
                sb.append(AuthXMLTags.PARAMS_BEGIN).append(sb2.toString()).append(AuthXMLTags.PARAMS_END);
            }
            if (map != null && !map.isEmpty()) {
                StringBuilder sb3 = new StringBuilder();
                for (Map.Entry entry : map.entrySet()) {
                    String str3 = (String) entry.getKey();
                    Set set = (Set) entry.getValue();
                    if (set != null && !set.isEmpty()) {
                        sb3.append(AuthXMLTags.ENV_AV_BEGIN).append(AuthClientUtils.escapePipe(XMLUtils.escapeSpecialCharacters(str3)));
                        Iterator it = set.iterator();
                        while (it.hasNext()) {
                            sb3.append("|").append(AuthClientUtils.escapePipe(XMLUtils.escapeSpecialCharacters((String) it.next())));
                        }
                        sb3.append(AuthXMLTags.ENV_AV_END);
                    }
                }
                sb.append(AuthXMLTags.ENV_BEGIN).append(sb3.toString()).append(AuthXMLTags.ENV_END);
            }
            sb.append(AuthXMLTags.LOGIN_END);
            if (this.includeReqRes) {
                sb.append(AuthXMLTags.REMOTE_REQUEST_RESPONSE_START).append(AuthXMLTags.HTTP_SERVLET_REQUEST_START);
                String str4 = "";
                if (httpServletRequest != null) {
                    try {
                        str4 = AuthXMLUtils.serializeToString(new RemoteHttpServletRequest(httpServletRequest));
                    } catch (IOException e) {
                        authDebug.error("AuthXMLUtils::runRemoteLogin Unable to serailize http request", e);
                    }
                    if (authDebug.messageEnabled()) {
                        authDebug.message("req=" + new RemoteHttpServletRequest(httpServletRequest).toString());
                    }
                    sb.append(str4);
                }
                sb.append(AuthXMLTags.HTTP_SERVLET_REQUEST_END);
                sb.append(AuthXMLTags.HTTP_SERVLET_RESPONSE_START);
                if (httpServletResponse != null) {
                    String str5 = "";
                    try {
                        str5 = AuthXMLUtils.serializeToString(new RemoteHttpServletResponse(httpServletResponse));
                    } catch (IOException e2) {
                        authDebug.error("AuthXMLUtils::runRemoteLogin Unable to serailize http response", e2);
                    }
                    if (authDebug.messageEnabled()) {
                        authDebug.message("res=" + httpServletResponse);
                    }
                    sb.append(str5);
                }
                sb.append(AuthXMLTags.HTTP_SERVLET_RESPONSE_END).append(AuthXMLTags.REMOTE_REQUEST_RESPONSE_END);
            } else if (authDebug.messageEnabled()) {
                authDebug.message("Not including req/res " + this.includeReqRes);
            }
            sb.append(AuthXMLTags.XML_REQUEST_SUFFIX);
            this.receivedDocument = processRequest(sb.toString());
            checkAndSetLoginStatus();
            if (this.loginException != null && this.loginException.getErrorCode().equals(AMAuthErrorCode.REMOTE_AUTH_INVALID_SSO_TOKEN) && this.retryRunLogin > 0) {
                this.retryRunLogin--;
                if (authDebug.messageEnabled()) {
                    authDebug.message("Run remote login failed due to expired app token, retying");
                }
                this.loginStatus = Status.IN_PROGRESS;
                runRemoteLogin(indexType, str, strArr, map, str2, httpServletRequest, httpServletResponse);
            }
        } catch (AuthLoginException e3) {
            this.loginStatus = Status.FAILED;
            this.loginException = e3;
        }
    }

    private void runRemoteOldAuthContext() throws AuthLoginException {
        try {
            StringBuilder sb = new StringBuilder(100);
            String[] strArr = {"0"};
            if (this.ssoTokenID != null) {
                strArr[0] = this.ssoTokenID;
            }
            sb.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, strArr)).append(AuthXMLTags.NEW_AUTHCONTEXT_BEGIN).append(" ").append(AuthXMLTags.ORG_NAME_ATTR).append("=").append("\"").append(XMLUtils.escapeSpecialCharacters(this.organizationName)).append("\"").append(">").append(AuthXMLTags.NEW_AUTHCONTEXT_END).append(AuthXMLTags.XML_REQUEST_SUFFIX);
            this.receivedDocument = processRequest(sb.toString());
            checkAndSetLoginStatus();
        } catch (AuthLoginException e) {
            this.loginStatus = Status.FAILED;
            this.loginException = e;
        }
    }

    public Subject getSubject() {
        if (this.localFlag) {
            if (this.acLocal.getStatus().equals(Status.SUCCESS)) {
                return this.acLocal.getSubject();
            }
            return null;
        }
        if (this.loginStatus.equals(Status.SUCCESS)) {
            return getSubject(this.receivedDocument);
        }
        return null;
    }

    public Map getCookieTable() {
        return this.cookieTable;
    }

    public boolean hasMoreRequirements() {
        return this.localFlag ? this.acLocal.hasMoreRequirements(false) : this.loginStatus.equals(Status.IN_PROGRESS) && getCallbacks(this.receivedDocument, false) != null;
    }

    public boolean hasMoreRequirements(boolean z) {
        return this.localFlag ? this.acLocal.hasMoreRequirements(z) : this.loginStatus.equals(Status.IN_PROGRESS) && getCallbacks(this.receivedDocument, z) != null;
    }

    public Callback[] getRequirements() {
        if (this.localFlag) {
            if (this.acLocal.getStatus().equals(Status.IN_PROGRESS)) {
                return this.acLocal.getRequirements(false);
            }
            return null;
        }
        if (this.loginStatus.equals(Status.IN_PROGRESS)) {
            return getCallbacks(this.receivedDocument, false);
        }
        return null;
    }

    public Callback[] getRequirements(boolean z) {
        if (this.localFlag) {
            if (this.acLocal.getStatus().equals(Status.IN_PROGRESS)) {
                return this.acLocal.getRequirements(z);
            }
            return null;
        }
        if (this.loginStatus.equals(Status.IN_PROGRESS)) {
            return getCallbacks(this.receivedDocument, z);
        }
        return null;
    }

    public HttpServletRequest getRemoteRequest() {
        return this.remoteRequest;
    }

    public HttpServletResponse getRemoteResponse() {
        return this.remoteResponse;
    }

    public void submitRequirements(Callback[] callbackArr) {
        submitRequirements(callbackArr, null, null);
    }

    public void submitRequirements(Callback[] callbackArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String locale;
        if (authDebug.messageEnabled()) {
            authDebug.message("submitRequirements with Callbacks : " + callbackArr);
        }
        if (this.localFlag) {
            if (this.acLocal.getStatus().equals(Status.IN_PROGRESS)) {
                this.acLocal.submitRequirements(callbackArr);
                if (this.acLocal.getStatus().equals(Status.SUCCESS)) {
                    onSuccessLocal();
                    return;
                }
                return;
            }
            return;
        }
        if (this.loginStatus.equals(Status.IN_PROGRESS)) {
            try {
                StringBuilder sb = new StringBuilder(100);
                sb.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, getAuthenticationHandle(this.receivedDocument)));
                if (appSSOToken != null) {
                    sb.append(AuthXMLTags.APPSSOTOKEN_BEGIN);
                    sb.append(appSSOToken.getTokenID().toString()).append(AuthXMLTags.APPSSOTOKEN_END);
                }
                sb.append(AuthXMLTags.SUBMIT_REQS_BEGIN).append(AuthXMLUtils.getXMLForCallbacks(callbackArr));
                if (this.clientLocale != null && (locale = this.clientLocale.toString()) != null && locale.length() > 0) {
                    sb.append(AuthXMLTags.LOCALE_BEGIN).append(XMLUtils.escapeSpecialCharacters(locale)).append(AuthXMLTags.LOCALE_END);
                }
                sb.append(AuthXMLTags.SUBMIT_REQS_END);
                if (this.includeReqRes) {
                    sb.append(AuthXMLTags.REMOTE_REQUEST_RESPONSE_START).append(AuthXMLTags.HTTP_SERVLET_REQUEST_START);
                    String str = "";
                    if (httpServletRequest != null) {
                        try {
                            str = AuthXMLUtils.serializeToString(new RemoteHttpServletRequest(httpServletRequest));
                        } catch (IOException e) {
                            authDebug.error("AuthXMLUtils::runRemoteLogin Unable to serailize http request", e);
                        }
                        if (authDebug.messageEnabled()) {
                            authDebug.message("req=" + httpServletRequest);
                        }
                        sb.append(str);
                    }
                    sb.append(AuthXMLTags.HTTP_SERVLET_REQUEST_END);
                    sb.append(AuthXMLTags.HTTP_SERVLET_RESPONSE_START);
                    if (httpServletResponse != null) {
                        String str2 = "";
                        try {
                            str2 = AuthXMLUtils.serializeToString(new RemoteHttpServletResponse(httpServletResponse));
                        } catch (IOException e2) {
                            authDebug.error("AuthXMLUtils::runRemoteLogin Unable to serailize http response", e2);
                        }
                        if (authDebug.messageEnabled()) {
                            authDebug.message("res=" + httpServletResponse);
                        }
                        sb.append(str2);
                    }
                    sb.append(AuthXMLTags.HTTP_SERVLET_RESPONSE_END).append(AuthXMLTags.REMOTE_REQUEST_RESPONSE_END);
                }
                sb.append(AuthXMLTags.XML_REQUEST_SUFFIX);
                this.receivedDocument = processRequest(sb.toString());
                checkAndSetLoginStatus();
            } catch (AuthLoginException e3) {
                this.loginStatus = Status.FAILED;
                this.loginException = e3;
            }
        }
    }

    public void logout() throws AuthLoginException {
        if (this.localFlag) {
            this.acLocal.logout();
            return;
        }
        try {
            StringBuilder sb = new StringBuilder(100);
            sb.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, getAuthenticationHandle(this.receivedDocument)));
            if (appSSOToken != null) {
                sb.append(AuthXMLTags.APPSSOTOKEN_BEGIN);
                sb.append(appSSOToken.getTokenID().toString()).append(AuthXMLTags.APPSSOTOKEN_END);
            }
            sb.append(AuthXMLTags.LOGOUT_BEGIN).append(AuthXMLTags.LOGOUT_END).append(AuthXMLTags.XML_REQUEST_SUFFIX);
            this.receivedDocument = processRequest(sb.toString());
            checkAndSetLoginStatus();
        } catch (AuthLoginException e) {
            this.loginStatus = Status.FAILED;
            this.loginException = e;
        }
    }

    public void logoutUsingTokenID() throws AuthLoginException {
        if (this.localFlag) {
            return;
        }
        if (this.ssoToken != null) {
            try {
                this.organizationName = this.ssoToken.getProperty("Organization");
                this.ssoTokenID = this.ssoToken.getTokenID().toString();
                this.authURL = this.sessionCache.getSession(new SessionID(this.ssoTokenID)).getSessionServiceURL();
            } catch (Exception e) {
                throw new AuthLoginException(e);
            }
        }
        if (this.authURL != null) {
            this.authServiceURL = getAuthServiceURL(this.authURL.getProtocol(), this.authURL.getHost(), Integer.toString(this.authURL.getPort()), this.authURL.getPath());
        }
        try {
            StringBuilder sb = new StringBuilder(100);
            sb.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, this.ssoToken.getTokenID().toString()));
            if (appSSOToken != null) {
                sb.append(AuthXMLTags.APPSSOTOKEN_BEGIN);
                sb.append(appSSOToken.getTokenID().toString()).append(AuthXMLTags.APPSSOTOKEN_END);
            }
            sb.append(AuthXMLTags.LOGOUT_BEGIN).append(AuthXMLTags.LOGOUT_END).append(AuthXMLTags.XML_REQUEST_SUFFIX);
            this.receivedDocument = processRequest(sb.toString());
            checkAndSetLoginStatus();
        } catch (AuthLoginException e2) {
            this.loginStatus = Status.FAILED;
            this.loginException = e2;
        }
    }

    public AuthLoginException getLoginException() {
        return this.localFlag ? this.acLocal.getLoginException() : this.loginException;
    }

    public SSOToken getSSOToken() throws L10NMessageImpl {
        if (this.localFlag) {
            if (this.acLocal.getStatus().equals(Status.SUCCESS)) {
                return this.acLocal.getSSOToken();
            }
            throw new L10NMessageImpl(amAuthContext, "statusNotSuccess", null);
        }
        if (!this.loginStatus.equals(Status.SUCCESS)) {
            throw new L10NMessageImpl(amAuthContext, "statusNotSuccess", null);
        }
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.LOGIN_STATUS);
        if (rootNode == null) {
            throw new L10NMessageImpl(amAuthContext, "noStatusNode", null);
        }
        try {
            return new SSOProviderImpl().createSSOToken(XMLUtils.getNodeAttributeValue(rootNode, AuthXMLTags.SSOTOKEN), true);
        } catch (SSOException e) {
            throw new L10NMessageImpl(amAuthContext, "createSSOTokenError", null);
        }
    }

    public Status getStatus() {
        return this.localFlag ? this.acLocal.getStatus() : this.loginStatus;
    }

    public String getAuthIdentifier() {
        return this.localFlag ? this.acLocal.getAuthIdentifier() : getAuthHandle();
    }

    public String getSuccessURL() throws Exception {
        if (this.localFlag) {
            if (this.acLocal.getStatus().equals(Status.SUCCESS)) {
                return this.acLocal.getSuccessURL();
            }
            throw new L10NMessageImpl(amAuthContext, "statusNotSuccess", null);
        }
        if (!this.loginStatus.equals(Status.SUCCESS)) {
            throw new L10NMessageImpl(amAuthContext, "statusNotSuccess", null);
        }
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.LOGIN_STATUS);
        if (rootNode == null) {
            throw new L10NMessageImpl(amAuthContext, "noStatusNode", null);
        }
        return XMLUtils.getNodeAttributeValue(rootNode, "successURL");
    }

    public String getFailureURL() throws Exception {
        if (this.localFlag) {
            return this.acLocal.getFailureURL();
        }
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.LOGIN_STATUS);
        if (rootNode == null) {
            throw new L10NMessageImpl(amAuthContext, "noStatusNode", null);
        }
        return XMLUtils.getNodeAttributeValue(rootNode, AuthXMLTags.FAILURE_URL);
    }

    public void reset() {
        this.loginStatus = Status.NOT_STARTED;
    }

    public String getOrganizationName() {
        return this.organizationName;
    }

    public Set getModuleInstanceNames() {
        if (this.authURL != null) {
            this.authServiceURL = getAuthServiceURL(this.authURL.getProtocol(), this.authURL.getHost(), Integer.toString(this.authURL.getPort()), this.authURL.getPath());
        }
        if (!this.localFlag) {
            setLocalFlag(this.authServiceURL);
        }
        if (this.localFlag) {
            return this.acLocal.getModuleInstanceNames();
        }
        if (this.authServiceURL == null) {
            try {
                this.authServiceURL = getAuthServiceURL(this.server_proto, this.server_host, this.server_port, this.server_uri);
            } catch (Exception e) {
                return Collections.EMPTY_SET;
            }
        }
        sendQueryInformation(AuthXMLTags.MODULE_INSTANCE);
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.QUERY_RESULT);
        if (rootNode == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        NodeList childNodes = rootNode.getChildNodes();
        if (childNodes != null) {
            for (int i = 0; i < childNodes.getLength(); i++) {
                hashSet.add(XMLUtils.getValueOfValueNode(childNodes.item(i)));
            }
        }
        return hashSet;
    }

    public void abort() throws AuthLoginException {
        if (this.localFlag) {
            this.acLocal.abort();
            return;
        }
        try {
            StringBuilder sb = new StringBuilder(100);
            sb.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, getAuthenticationHandle(this.receivedDocument)));
            if (appSSOToken != null) {
                sb.append(AuthXMLTags.APPSSOTOKEN_BEGIN);
                sb.append(appSSOToken.getTokenID().toString()).append(AuthXMLTags.APPSSOTOKEN_END);
            }
            sb.append(AuthXMLTags.ABORT_BEGIN).append(AuthXMLTags.ABORT_END).append(AuthXMLTags.XML_REQUEST_SUFFIX);
            this.receivedDocument = processRequest(sb.toString());
            checkAndSetLoginStatus();
        } catch (AuthLoginException e) {
            this.loginStatus = Status.FAILED;
            this.loginException = e;
        }
    }

    public static void setCertDBPassword(String str) {
        try {
            if (usingJSSEHandler) {
                Class<?> cls = Class.forName(JSSE_PASSWORD_CALLBACK);
            } else {
                Class.forName(JSS_PASSWORD_UTIL).getConstructor(String.class).newInstance(str);
            }
        } catch (Exception e) {
            e.printStackTrace();
            authDebug.message("Error in setCertDBPassword : " + e.getMessage());
        }
    }

    public String getErrorTemplate() {
        if (this.localFlag) {
            return this.acLocal.getErrorTemplate();
        }
        if (this.receivedDocument == null) {
            return AuthClientUtils.getErrorTemplate("102");
        }
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.EXCEPTION);
        return rootNode != null ? XMLUtils.getNodeAttributeValue(rootNode, AuthXMLTags.TEMPLATE_NAME) : "";
    }

    public String getErrorMessage() {
        if (this.localFlag) {
            return this.acLocal.getErrorMessage();
        }
        if (this.receivedDocument == null) {
            return AuthClientUtils.getErrorMessage("102");
        }
        String str = null;
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.EXCEPTION);
        if (rootNode != null) {
            str = XMLUtils.getNodeAttributeValue(rootNode, "message");
        }
        return str;
    }

    public String getErrorCode() {
        if (this.localFlag) {
            return this.acLocal.getErrorCode();
        }
        if (this.receivedDocument == null) {
            return "102";
        }
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.EXCEPTION);
        String nodeAttributeValue = rootNode != null ? XMLUtils.getNodeAttributeValue(rootNode, AuthXMLTags.ERROR_CODE) : "";
        return nodeAttributeValue != null ? nodeAttributeValue.trim() : nodeAttributeValue;
    }

    public void setClientHostName(String str) {
        this.hostName = str;
    }

    public String getClientHostName() {
        return this.hostName;
    }

    public void setLocale(Locale locale) {
        this.clientLocale = locale;
    }

    public Locale getLocale() {
        return this.clientLocale;
    }

    private AuthLoginException checkException() {
        AuthLoginException authLoginException = null;
        String errorCode = getErrorCode();
        if (errorCode != null && errorCode.equals(AMAuthErrorCode.REMOTE_AUTH_INVALID_SSO_TOKEN)) {
            appSSOToken = getAppSSOToken(true);
        }
        if (errorCode == null || errorCode.length() == 0) {
            String errorMessage = getErrorMessage();
            if (errorMessage != null && errorMessage.length() != 0) {
                authLoginException = new AuthLoginException(errorMessage);
            }
        } else {
            authLoginException = new AuthLoginException("amAuth", errorCode, null);
        }
        return authLoginException;
    }

    protected void checkAndSetLoginStatus() {
        Node rootNode = XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.LOGIN_STATUS);
        if (rootNode == null) {
            this.loginException = checkException();
            if (this.includeReqRes) {
                this.remoteRequest = AuthXMLUtils.getRemoteRequest(XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
                this.remoteResponse = AuthXMLUtils.getRemoteResponse(XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
                return;
            }
            return;
        }
        this.loginException = null;
        String nodeAttributeValue = XMLUtils.getNodeAttributeValue(rootNode, AuthXMLTags.STATUS);
        if (nodeAttributeValue != null) {
            if (nodeAttributeValue.equals(Status.SUCCESS.toString())) {
                this.loginStatus = Status.SUCCESS;
            } else if (nodeAttributeValue.equals(Status.FAILED.toString())) {
                this.loginStatus = Status.FAILED;
                this.loginException = checkException();
            } else if (nodeAttributeValue.equals(Status.COMPLETED.toString())) {
                this.loginStatus = Status.COMPLETED;
            } else if (nodeAttributeValue.equals(Status.IN_PROGRESS.toString())) {
                this.loginStatus = Status.IN_PROGRESS;
            } else if (nodeAttributeValue.equals(Status.RESET.toString())) {
                this.loginStatus = Status.RESET;
            }
        }
        if (this.includeReqRes) {
            this.remoteRequest = AuthXMLUtils.getRemoteRequest(XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
            this.remoteResponse = AuthXMLUtils.getRemoteResponse(XMLUtils.getRootNode(this.receivedDocument, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
        }
        if (authDebug.messageEnabled()) {
            authDebug.message("LoginStatus : " + this.loginStatus);
        }
    }

    protected void sendQueryInformation(String str) {
        try {
            StringBuilder sb = new StringBuilder(100);
            String[] strArr = {getAuthHandle()};
            sb.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, strArr));
            if (appSSOToken != null) {
                sb.append(AuthXMLTags.APPSSOTOKEN_BEGIN);
                sb.append(appSSOToken.getTokenID().toString()).append(AuthXMLTags.APPSSOTOKEN_END);
            }
            sb.append(AuthXMLTags.QUERY_INFO_BEGIN).append(" ").append(AuthXMLTags.REQUESTED_INFO).append("=").append("\"").append(str).append("\"");
            if (strArr[0].equals("0")) {
                sb.append(" ").append(AuthXMLTags.ORG_NAME_ATTR).append("=").append("\"").append(XMLUtils.escapeSpecialCharacters(this.organizationName)).append("\"");
            }
            sb.append(">").append(AuthXMLTags.QUERY_INFO_END).append(AuthXMLTags.XML_REQUEST_SUFFIX);
            this.receivedDocument = processRequest(sb.toString());
            checkAndSetLoginStatus();
        } catch (AuthLoginException e) {
            this.loginStatus = Status.FAILED;
            this.loginException = e;
        }
    }

    private void setLocalFlag(URL url) {
        try {
            String str = url.getProtocol() + ISAuthConstants.URL_SEPARATOR + url.getHost() + ":" + Integer.toString(url.getPort());
            if (authDebug.messageEnabled()) {
                authDebug.message("in setLocalFlag(), url : " + str);
                authDebug.message("AuthContext.localAuthServiceID : " + localAuthServiceID);
            }
            if (localAuthServiceID != null && str.equalsIgnoreCase(localAuthServiceID)) {
                this.localFlag = true;
            }
        } catch (Exception e) {
            authDebug.error("AuthContext::setLocalFlag:: " + e);
        }
    }

    protected Document processRequest(String str) throws AuthLoginException {
        try {
            Request request = new Request(str);
            RequestSet requestSet = new RequestSet("auth");
            requestSet.addRequest(request);
            URL url = this.authServiceURL;
            if (url.getProtocol().equals("https") && this.nickName != null) {
                url = new URL(url.getProtocol(), url.getHost(), url.getPort(), url.getFile(), (URLStreamHandler) Class.forName(protHandlerPkg + ".https.Handler").getConstructor(String.class).newInstance(this.nickName));
            }
            if (authDebug.messageEnabled()) {
                authDebug.message("Service URL : " + url.toString());
            }
            Vector send = PLLClient.send(url, requestSet, this.cookieTable);
            if (send.isEmpty() || send.size() != 1) {
                throw new L10NMessageImpl(amAuthContext, "responseError", null);
            }
            return XMLUtils.getXMLDocument(new ByteArrayInputStream(((Response) send.elementAt(0)).getContent().getBytes("UTF-8")));
        } catch (Exception e) {
            authDebug.message("error in getting service url", e);
            throw new AuthLoginException(amAuthContext, "xmlProcessError", null, e);
        }
    }

    protected static void checkForException(Document document) throws AuthLoginException {
        Node rootNode = XMLUtils.getRootNode(document, AuthXMLTags.EXCEPTION);
        if (rootNode != null) {
            throw new AuthLoginException(XMLUtils.getNodeAttributeValue(rootNode, "message"));
        }
    }

    protected String getAuthenticationHandle(Document document) throws AuthLoginException {
        Node rootNode = XMLUtils.getRootNode(document, "Response");
        if (rootNode == null) {
            throw new AuthLoginException(amAuthContext, "responseError", null);
        }
        return XMLUtils.getNodeAttributeValue(rootNode, AuthXMLTags.AUTH_ID_HANDLE);
    }

    protected static Callback[] getCallbacks(Document document, boolean z) {
        return AuthXMLUtils.getCallbacks(XMLUtils.getRootNode(document, AuthXMLTags.CALLBACKS), z);
    }

    protected static Subject getSubject(Document document) {
        Node childNode;
        Node rootNode = XMLUtils.getRootNode(document, AuthXMLTags.LOGIN_STATUS);
        if (rootNode == null || (childNode = XMLUtils.getChildNode(rootNode, "Subject")) == null) {
            return null;
        }
        try {
            Subject deSerializedSubject = AuthXMLUtils.getDeSerializedSubject(XMLUtils.getValueOfValueNode(childNode));
            if (authDebug.messageEnabled()) {
                authDebug.message("Deserialized subject : " + deSerializedSubject.toString());
            }
            return deSerializedSubject;
        } catch (Exception e) {
            authDebug.message("get Deserialized subject error : ", e);
            return null;
        }
    }

    protected static String getXMLforSubject(Subject subject) {
        if (subject == null) {
            return "";
        }
        StringBuilder sb = new StringBuilder(100);
        sb.append(AuthXMLTags.SUBJECT_BEGIN);
        sb.append(AuthXMLUtils.getSerializedSubject(subject));
        sb.append(AuthXMLTags.SUBJECT_END);
        return sb.toString();
    }

    public String getLockoutMsg() {
        String errorMessage;
        if (this.localFlag) {
            errorMessage = this.acLocal.getLockoutMsg();
        } else {
            errorMessage = getErrorMessage();
            if (errorMessage == null || errorMessage.indexOf("Account lockout") == -1) {
                errorMessage = "";
            }
        }
        return errorMessage;
    }

    public boolean isLockedOut() {
        boolean z = false;
        if (this.localFlag) {
            z = this.acLocal.isLockedOut();
        }
        return z;
    }

    private String getAuthHandle() {
        String str = null;
        if (this.receivedDocument != null) {
            try {
                str = getAuthenticationHandle(this.receivedDocument);
            } catch (Exception e) {
            }
        }
        if (str == null) {
            str = "0";
        }
        return str;
    }

    private static URL getAuthServiceURL(String str, String str2, String str3, String str4) {
        URL url = null;
        try {
            url = WebtopNaming.getServiceURL("auth", str, str2, str3, str4);
        } catch (Exception e) {
            authDebug.error("Failed to obtain auth service url from server: " + str + ISAuthConstants.URL_SEPARATOR + str2 + ":" + str3);
        }
        return url;
    }

    private void onSuccessLocal() {
        if (this.localSessionChecked) {
            return;
        }
        SSOToken sSOToken = this.acLocal.getSSOToken();
        InternalSession oldSession = this.acLocal.getLoginState().getOldSession();
        if (oldSession != null) {
            if (this.forceAuth) {
                try {
                    SSOTokenManager.getInstance().destroyToken(sSOToken);
                } catch (SSOException e) {
                    authDebug.error("AuthContext.onSuccessLocal: ", e);
                }
                this.acLocal.getLoginState().setSession(oldSession);
                this.acLocal.getLoginState().setForceAuth(false);
                this.ssoToken = this.acLocal.getSSOToken();
                this.ssoTokenID = this.ssoToken.getTokenID().toString();
            } else {
                ((SessionService) InjectorHolder.getInstance(SessionService.class)).destroyAuthenticationSession(oldSession.getID());
            }
        }
        this.localSessionChecked = true;
    }

    private SSOToken getAppSSOToken(boolean z) {
        SSOToken sSOToken = null;
        try {
            sSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
        } catch (AMSecurityPropertiesException e) {
            if (authDebug.messageEnabled()) {
                authDebug.message("AuthContext::getAppSSOToken: unable to get app ssotoken " + e.getMessage());
            }
        }
        if (z) {
            try {
                SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
                sSOTokenManager.refreshSession(sSOToken);
                if (!sSOTokenManager.isValidToken(sSOToken)) {
                    if (authDebug.messageEnabled()) {
                        authDebug.message("AuthContext.getAppSSOToken(): App SSOToken is invalid, retrying");
                    }
                    try {
                        sSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
                    } catch (AMSecurityPropertiesException e2) {
                        if (authDebug.messageEnabled()) {
                            authDebug.message("AuthContext::getAppSSOToken: unable to get app ssotoken " + e2.getMessage());
                        }
                    }
                }
            } catch (SSOException e3) {
                if (authDebug.messageEnabled()) {
                    authDebug.message("AuthContext.getAppSSOToken(): unable to refresh app token: " + e3.getL10NMessage());
                }
                try {
                    sSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
                } catch (AMSecurityPropertiesException e4) {
                    if (authDebug.errorEnabled()) {
                        authDebug.error("AuthContext::getAppSSOToken: unable to get app ssotoken " + e4.getMessage());
                    }
                }
            }
        }
        if (authDebug.messageEnabled()) {
            if (sSOToken == null) {
                authDebug.message("Null App SSO Token");
            } else {
                authDebug.message("Obtained App Token= " + sSOToken.getTokenID().toString());
            }
        }
        return sSOToken;
    }

    public AuthContextLocal getAuthContextLocal() {
        return this.acLocal;
    }
}
