package com.sun.identity.liberty.ws.security;

import com.iplanet.am.util.Locale;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.am.util.XMLUtils;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.services.util.Base64;
import com.iplanet.sso.SSOToken;
import com.sun.identity.liberty.ws.common.wsse.BinarySecurityToken;
import com.sun.identity.liberty.ws.disco.EncryptedResourceID;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLException;
import java.net.URL;
import java.rmi.RemoteException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.ResourceBundle;
import javax.xml.rpc.Stub;

/* loaded from: input_file:119465-02/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/liberty/ws/security/SecurityTokenManagerClient.class */
public final class SecurityTokenManagerClient {
    private static boolean checkedForLocal;
    private static boolean isLocal;
    private boolean useLocal;
    private static SecurityTokenManagerIF remoteStub;
    private SecurityTokenManager securityTokenManager;
    private SSOToken ssoToken;
    private boolean isCertificateSet = false;
    private SecurityTokenManagerIF stub;
    private static String SERVICE_NAME = "securitytokenmanager";
    static ResourceBundle bundle = Locale.getInstallResourceBundle("amLibertySecurity");

    public SecurityTokenManagerClient(SSOToken sSOToken) throws SecurityTokenException {
        if (!checkedForLocal) {
            try {
                remoteStub = getServiceEndPoint(SystemProperties.get("com.iplanet.am.localserver.protocol"), SystemProperties.get("com.iplanet.am.localserver.host"), SystemProperties.get("com.iplanet.am.localserver.port"));
                remoteStub.checkForLocal();
                if (SecurityTokenManagerImpl.isLocal) {
                    isLocal = true;
                    SecurityTokenManager.debug.warning("STMC(): Using local service");
                    this.securityTokenManager = new SecurityTokenManager(sSOToken);
                }
                checkedForLocal = true;
            } catch (Exception e) {
                checkedForLocal = true;
                if (SecurityTokenManager.debug.warningEnabled()) {
                    SecurityTokenManager.debug.warning("SecurityTokenManagerClient()Exception", e);
                }
                throw new SecurityTokenException(e.getMessage());
            }
        }
        if (isLocal) {
            this.useLocal = true;
            return;
        }
        this.stub = remoteStub;
        try {
            this.stub.initialization(sSOToken.getTokenID().toString());
        } catch (Exception e2) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("SecurityTokenManagerClient()Exception", e2);
            }
            throw new SecurityTokenException(e2.getMessage());
        }
    }

    public SecurityTokenManagerClient(String str, SSOToken sSOToken) throws SecurityTokenException {
        try {
            SecurityTokenManagerIF securityTokenManagerIF = (Stub) new SecurityTokenManagerService_Impl().getSecurityTokenManagerIFPort();
            securityTokenManagerIF._setProperty("javax.xml.rpc.service.endpoint.address", str);
            this.stub = securityTokenManagerIF;
            this.stub.initialization(sSOToken.getTokenID().toString());
            this.useLocal = false;
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC() Exception", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    private static SecurityTokenManagerIF getServiceEndPoint(String str, String str2, String str3) throws Exception {
        String url = WebtopNaming.getServiceURL(SERVICE_NAME, str, str2, str3).toString();
        if (SecurityTokenManager.debug.messageEnabled()) {
            SecurityTokenManager.debug.message(new StringBuffer().append("SecurityTokenManagerClient with URL: ").append(url).toString());
        }
        SecurityTokenManagerIF securityTokenManagerIF = (Stub) new SecurityTokenManagerService_Impl().getSecurityTokenManagerIFPort();
        securityTokenManagerIF._setProperty("javax.xml.rpc.service.endpoint.address", url);
        return securityTokenManagerIF;
    }

    private static SecurityTokenManagerIF getRemoteStub() throws SecurityTokenException {
        boolean z = false;
        Exception exc = null;
        SecurityTokenManagerIF securityTokenManagerIF = null;
        try {
            Enumeration elements = WebtopNaming.getPlatformServerList().elements();
            while (elements.hasMoreElements() && !z) {
                URL url = new URL((String) elements.nextElement());
                securityTokenManagerIF = getServiceEndPoint(url.getProtocol(), url.getHost(), Integer.toString(url.getPort()));
                try {
                    securityTokenManagerIF.checkForLocal();
                    if (SecurityTokenManager.debug.messageEnabled()) {
                        SecurityTokenManager.debug.message(new StringBuffer().append("STMC(): Using the remote URL: ").append(url.toString()).toString());
                    }
                    z = true;
                    if (SecurityTokenManager.debug.warningEnabled()) {
                        SecurityTokenManager.debug.warning(new StringBuffer().append("STMC:getRemoteStub: remote server being used: ").append(url.toString()).toString());
                    }
                } catch (Exception e) {
                    exc = e;
                    if (SecurityTokenManager.debug.warningEnabled()) {
                        SecurityTokenManager.debug.warning(new StringBuffer().append("STMC:getRemoteStub: server (").append(url.toString()).append(") error: ").toString(), e);
                    }
                }
            }
        } catch (Exception e2) {
            exc = e2;
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getRemoteStub: generic error: ", e2);
            }
        }
        if (z) {
            return securityTokenManagerIF;
        }
        if (exc != null) {
            throw new SecurityTokenException(exc.getMessage());
        }
        throw new SecurityTokenException(bundle.getString("serverNotFound"));
    }

    public void setCertAlias(String str) throws SecurityTokenException {
        if (this.useLocal) {
            this.securityTokenManager.setCertAlias(str);
            return;
        }
        try {
            this.stub.setCertificate(str, true);
            this.isCertificateSet = true;
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:setCertAlias()", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    public void setCertificate(X509Certificate x509Certificate) throws SecurityTokenException {
        if (this.useLocal) {
            this.securityTokenManager.setCertificate(x509Certificate);
            return;
        }
        try {
            this.stub.setCertificate(Base64.encode(x509Certificate.getEncoded()), false);
            this.isCertificateSet = true;
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:setCertificate()", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    public BinarySecurityToken getX509CertificateToken() throws SecurityTokenException {
        if (this.useLocal) {
            return this.securityTokenManager.getX509CertificateToken();
        }
        if (!this.isCertificateSet) {
            throw new SecurityTokenException(bundle.getString("nullCertificate"));
        }
        try {
            return new BinarySecurityToken(XMLUtils.toDOMDocument(this.stub.getX509CertificateToken(), SecurityTokenManager.debug).getDocumentElement());
        } catch (Exception e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getX509CertificateToken()", e);
            }
            throw new SecurityTokenException(e.getMessage());
        }
    }

    public SecurityAssertion getSAMLAuthenticationToken(NameIdentifier nameIdentifier) throws SecurityTokenException, SAMLException {
        if (this.useLocal) {
            return this.securityTokenManager.getSAMLAuthenticationToken(nameIdentifier);
        }
        if (!this.isCertificateSet) {
            throw new SecurityTokenException(bundle.getString("nullCertificate"));
        }
        try {
            return new SecurityAssertion(XMLUtils.toDOMDocument(this.stub.getSAMLAuthenticationToken(nameIdentifier.toString(true, true)), SecurityTokenManager.debug).getDocumentElement());
        } catch (RemoteException e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getSAMLAuthenticationToken()", e);
            }
            throw new SAMLException(e.getMessage());
        }
    }

    public SecurityAssertion getSAMLAuthorizationToken(NameIdentifier nameIdentifier, SessionContext sessionContext, String str, boolean z, boolean z2) throws SecurityTokenException, SAMLException {
        if (this.useLocal) {
            return this.securityTokenManager.getSAMLAuthorizationToken(nameIdentifier, sessionContext, str, z, z2);
        }
        if (!this.isCertificateSet) {
            throw new SecurityTokenException(bundle.getString("nullCertificate"));
        }
        try {
            return new SecurityAssertion(XMLUtils.toDOMDocument(this.stub.getSAMLAuthorizationToken(nameIdentifier.toString(true, true), sessionContext.toXMLString(true, true), str, false, z, z2), SecurityTokenManager.debug).getDocumentElement());
        } catch (Exception e) {
            throw new SecurityTokenException(e.getMessage());
        } catch (RemoteException e2) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:createAssertionArtifact:", e2);
            }
            throw new SAMLException(e2.getMessage());
        }
    }

    public SecurityAssertion getSAMLAuthorizationToken(NameIdentifier nameIdentifier, SessionContext sessionContext, EncryptedResourceID encryptedResourceID, boolean z, boolean z2) throws SecurityTokenException, SAMLException {
        if (this.useLocal) {
            return this.securityTokenManager.getSAMLAuthorizationToken(nameIdentifier, sessionContext, encryptedResourceID, z, z2);
        }
        if (!this.isCertificateSet) {
            throw new SecurityTokenException(bundle.getString("nullCertificate"));
        }
        try {
            return new SecurityAssertion(XMLUtils.toDOMDocument(this.stub.getSAMLAuthorizationToken(nameIdentifier.toString(true, true), sessionContext.toXMLString(true, true), encryptedResourceID.toString(), true, z, z2), SecurityTokenManager.debug).getDocumentElement());
        } catch (RemoteException e) {
            if (SecurityTokenManager.debug.warningEnabled()) {
                SecurityTokenManager.debug.warning("STMC:getSAMLAuthorizationToken() ", e);
            }
            throw new SAMLException(e.getMessage());
        } catch (Exception e2) {
            throw new SecurityTokenException(e2.getMessage());
        }
    }
}
