package com.sun.identity.liberty.ws.disco.common;

import com.iplanet.am.console.auth.ACModuleListTiledView;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.am.util.Debug;
import com.iplanet.am.util.Locale;
import com.iplanet.am.util.XMLUtils;
import com.iplanet.sso.SSOToken;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.message.common.EncryptedNameIdentifier;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.liberty.ws.common.Status;
import com.sun.identity.liberty.ws.disco.Description;
import com.sun.identity.liberty.ws.disco.DiscoveryException;
import com.sun.identity.liberty.ws.disco.EncryptedResourceID;
import com.sun.identity.liberty.ws.disco.ResourceID;
import com.sun.identity.liberty.ws.disco.ResourceOffering;
import com.sun.identity.liberty.ws.disco.jaxb.AuthenticateRequesterElement;
import com.sun.identity.liberty.ws.disco.jaxb.AuthenticateSessionContextElement;
import com.sun.identity.liberty.ws.disco.jaxb.AuthorizeRequesterElement;
import com.sun.identity.liberty.ws.disco.jaxb.DescriptionType;
import com.sun.identity.liberty.ws.disco.jaxb.DirectiveType;
import com.sun.identity.liberty.ws.disco.jaxb.EncryptResourceIDElement;
import com.sun.identity.liberty.ws.disco.jaxb.InsertEntryType;
import com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory;
import com.sun.identity.liberty.ws.disco.jaxb.QueryType;
import com.sun.identity.liberty.ws.disco.jaxb.RemoveEntryType;
import com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType;
import com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType;
import com.sun.identity.liberty.ws.disco.jaxb11.GenerateBearerTokenElement;
import com.sun.identity.liberty.ws.disco.plugins.DiscoEntryHandler;
import com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement;
import com.sun.identity.liberty.ws.interfaces.ResourceIDMapper;
import com.sun.identity.liberty.ws.security.ResourceAccessStatement;
import com.sun.identity.liberty.ws.security.SecurityAssertion;
import com.sun.identity.liberty.ws.security.SecurityTokenManager;
import com.sun.identity.liberty.ws.security.SessionContext;
import com.sun.identity.liberty.ws.security.SessionContextStatement;
import com.sun.identity.liberty.ws.security.SessionSubject;
import com.sun.identity.liberty.ws.soapbinding.Message;
import com.sun.identity.liberty.ws.soapbinding.ProviderHeader;
import com.sun.identity.liberty.ws.soapbinding.SOAPBindingConstants;
import com.sun.identity.liberty.ws.soapbinding.Utils;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.assertion.Statement;
import com.sun.identity.saml.common.SAMLUtils;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.BitSet;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.StringTokenizer;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import javax.xml.namespace.QName;
import javax.xml.transform.stream.StreamSource;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:119465-06/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/liberty/ws/disco/common/DiscoUtils.class */
public class DiscoUtils {
    private static Unmarshaller unmarshaller;
    private static Marshaller marshaller;
    public static final String OFFERINGS = "offerings";
    public static final String CREDENTIALS = "credentials";
    public static final String CREDENTIALS_OBJ = "credentialsObj";
    public static final String RES_STMT = "ResourceAccess";
    public static final String RES_SESSION_STMT = "ResourceAccess_Session";
    public static final String SESSION_STMT = "SessionContext";
    public static final String AUTHN_STMT = "Authentication";
    private static String ALL;
    private static int AUTHN;
    private static int AUTHO;
    private static int SESSION;
    private static int BEARER;
    private static int LOGOUT;
    private static int SIZE;
    private static ObjectFactory discoFac = new ObjectFactory();
    private static com.sun.identity.liberty.ws.disco.jaxb11.ObjectFactory disco11Fac = new com.sun.identity.liberty.ws.disco.jaxb11.ObjectFactory();
    private static com.sun.identity.liberty.ws.disco.plugins.jaxb.ObjectFactory entryFac = new com.sun.identity.liberty.ws.disco.plugins.jaxb.ObjectFactory();
    public static ResourceBundle bundle = Locale.getInstallResourceBundle("amDisco");
    public static Debug debug = Debug.getInstance("amDisco");

    private DiscoUtils() {
    }

    public static ObjectFactory getDiscoFactory() {
        return discoFac;
    }

    public static com.sun.identity.liberty.ws.disco.jaxb11.ObjectFactory getDisco11Factory() {
        return disco11Fac;
    }

    public static com.sun.identity.liberty.ws.disco.plugins.jaxb.ObjectFactory getDiscoEntryFactory() {
        return entryFac;
    }

    public static Marshaller getDiscoMarshaller() {
        return marshaller;
    }

    public static Unmarshaller getDiscoUnmarshaller() {
        return unmarshaller;
    }

    public static boolean getUserDiscoEntries(AMUser aMUser, String str, Map map) throws Exception {
        boolean z = false;
        for (String str2 : aMUser.getAttribute(str)) {
            try {
                DiscoEntryElement discoEntryElement = (DiscoEntryElement) unmarshaller.unmarshal(new StreamSource(new StringReader(str2)));
                String entryID = discoEntryElement.getResourceOffering().getEntryID();
                if (entryID == null || entryID.equals("")) {
                    entryID = SAMLUtils.generateID();
                    discoEntryElement.getResourceOffering().setEntryID(entryID);
                    z = true;
                }
                map.put(entryID, discoEntryElement);
            } catch (Exception e) {
                debug.error(new StringBuffer().append("DiscoUtils.getUserDiscoEntries: wrong format for entry. Removing it from store: ").append(str2).toString());
                z = true;
            }
        }
        return z;
    }

    public static void getDynamicDiscoEntries(AMUser aMUser, String str, Map map, String str2) throws Exception {
        for (String str3 : aMUser.getAttribute(str)) {
            try {
                DiscoEntryElement discoEntryElement = (DiscoEntryElement) unmarshaller.unmarshal(new StreamSource(new StringReader(str3)));
                ResourceOfferingType resourceOffering = discoEntryElement.getResourceOffering();
                String providerID = resourceOffering.getServiceInstance().getProviderID();
                ResourceIDMapper resourceIDMapper = DiscoServiceManager.getResourceIDMapper(providerID);
                if (resourceIDMapper == null) {
                    debug.error(new StringBuffer().append("DiscoUtils.getDynamicDiscoEntries: ResourceIDMapper is null for entry:").append(str3).toString());
                } else {
                    String resourceID = resourceIDMapper.getResourceID(providerID, str2);
                    if (resourceID == null) {
                        debug.error(new StringBuffer().append("DiscoUtils.getDynamicDiscoEntries: ResourceID is null for entry:").append(str3).toString());
                    } else {
                        ResourceIDType createResourceIDType = discoFac.createResourceIDType();
                        createResourceIDType.setValue(resourceID);
                        resourceOffering.setResourceID(createResourceIDType);
                        resourceOffering.setEntryID(SAMLUtils.generateID());
                        map.put(resourceOffering, discoEntryElement);
                    }
                }
            } catch (Exception e) {
                debug.error(new StringBuffer().append("DiscoUtils.getDynamicDiscoEntries: Exception for getting entry: ").append(str3).append(":").toString(), e);
            }
        }
    }

    public static boolean setUserDiscoEntries(AMUser aMUser, String str, Collection collection) {
        debug.message("in DiscoUtils.setUserDiscoEntries");
        try {
            Iterator it = collection.iterator();
            HashSet hashSet = new HashSet();
            while (it.hasNext()) {
                StringWriter stringWriter = new StringWriter(1000);
                marshaller.marshal((DiscoEntryElement) it.next(), stringWriter);
                hashSet.add(stringWriter.getBuffer().toString());
            }
            HashMap hashMap = new HashMap();
            hashMap.put(str, hashSet);
            aMUser.setAttributes(hashMap);
            aMUser.store();
            return true;
        } catch (Exception e) {
            debug.error("UserDiscoEntryHandler.setDiscoEntries: Exception", e);
            return false;
        }
    }

    public static Map getQueryResults(Map map, List list) {
        Map map2;
        if (list == null || list.size() == 0) {
            debug.message("DiscoUtils.getQueryResults: no reqServiceTypes");
            map2 = map;
        } else {
            map2 = new HashMap();
            for (String str : map.keySet()) {
                DiscoEntryElement discoEntryElement = (DiscoEntryElement) map.get(str);
                ResourceOfferingType resourceOffering = discoEntryElement.getResourceOffering();
                String serviceType = resourceOffering.getServiceInstance().getServiceType();
                List option = resourceOffering.getOptions() != null ? resourceOffering.getOptions().getOption() : null;
                Iterator it = list.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    QueryType.RequestedServiceTypeType requestedServiceTypeType = (QueryType.RequestedServiceTypeType) it.next();
                    if (requestedServiceTypeType.getServiceType().equals(serviceType)) {
                        if (evaluateOptionsRules(requestedServiceTypeType.getOptions() != null ? requestedServiceTypeType.getOptions().getOption() : null, option)) {
                            map2.put(str, discoEntryElement);
                            break;
                        }
                    }
                }
            }
        }
        return map2;
    }

    private static boolean evaluateOptionsRules(List list, List list2) {
        if (list == null || list2 == null || list.size() == 0) {
            return true;
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            if (list2.contains((String) it.next())) {
                return true;
            }
        }
        return false;
    }

    public static boolean handleRemoves(Map map, List list) {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            RemoveEntryType removeEntryType = (RemoveEntryType) it.next();
            if (!map.containsKey(removeEntryType.getEntryID())) {
                if (!debug.messageEnabled()) {
                    return false;
                }
                debug.message(new StringBuffer().append("DiscoUtils.handleRemoves: can not remove entry: ").append(removeEntryType.getEntryID()).toString());
                return false;
            }
            map.remove(removeEntryType.getEntryID());
        }
        return true;
    }

    public static Map handleInserts(Set set, List list) {
        HashMap hashMap = new HashMap();
        hashMap.put(DiscoEntryHandler.STATUS_CODE, "Failed");
        Set supportedDirectives = DiscoServiceManager.getSupportedDirectives();
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("DiscoUtils.handleInserts: size of supportedDirective is ").append(supportedDirectives.size()).toString());
        }
        Iterator it = list.iterator();
        LinkedList linkedList = new LinkedList();
        while (it.hasNext()) {
            InsertEntryType insertEntryType = (InsertEntryType) it.next();
            try {
                DiscoEntryElement createDiscoEntryElement = entryFac.createDiscoEntryElement();
                ResourceOfferingType resourceOffering = insertEntryType.getResourceOffering();
                String generateID = SAMLUtils.generateID();
                debug.message(new StringBuffer().append("DiscoUtils: newEntryID=").append(generateID).toString());
                resourceOffering.setEntryID(generateID);
                linkedList.add(generateID);
                createDiscoEntryElement.setResourceOffering(resourceOffering);
                List any = insertEntryType.getAny();
                if (any != null && any.size() != 0) {
                    for (Object obj : any) {
                        if (obj instanceof AuthenticateRequesterElement) {
                            if (!supportedDirectives.contains("AuthenticateRequester")) {
                                debug.error("Directive AuthenticateRequester is not supported.");
                                return hashMap;
                            }
                        } else if (obj instanceof AuthorizeRequesterElement) {
                            if (!supportedDirectives.contains("AuthorizeRequester")) {
                                debug.error("Directive AuthorizeRequester is not supported.");
                                return hashMap;
                            }
                        } else if (obj instanceof AuthenticateSessionContextElement) {
                            if (!supportedDirectives.contains("AuthenticateSessionContext")) {
                                debug.error("Directive AuthenticateSessionContext is not supported.");
                                return hashMap;
                            }
                        } else if (obj instanceof EncryptResourceIDElement) {
                            if (!supportedDirectives.contains("EncryptResourceID")) {
                                debug.error("Directive EncryptResourceID is not supported.");
                                return hashMap;
                            }
                        } else {
                            if (!(obj instanceof GenerateBearerTokenElement)) {
                                debug.error(new StringBuffer().append("Directive ").append(obj).append(" is not supported.").toString());
                                return hashMap;
                            }
                            if (!supportedDirectives.contains("GenerateBearerToken")) {
                                debug.error("Directive GenerateBearerToken is not supported.");
                                return hashMap;
                            }
                        }
                    }
                    createDiscoEntryElement.getAny().addAll(any);
                }
                if (!set.add(createDiscoEntryElement)) {
                    debug.error("DiscoUtils.handleInserts: couldn't add DiscoEntry to Set.");
                    return hashMap;
                }
            } catch (JAXBException e) {
                debug.error("DiscoUtils.handleInserts: couldn't create DiscoEntry: ", e);
                return hashMap;
            }
        }
        hashMap.put(DiscoEntryHandler.STATUS_CODE, "OK");
        hashMap.put(DiscoEntryHandler.NEW_ENTRY_IDS, linkedList);
        return hashMap;
    }

    public static Status parseStatus(Element element) throws DiscoveryException {
        if (element == null) {
            debug.message("DiscoUtils.parseStatus: nullInput");
            throw new DiscoveryException(bundle.getString("nullInput"));
        }
        String namespaceURI = element.getNamespaceURI();
        String prefix = element.getPrefix();
        Status status = new Status(namespaceURI, prefix);
        String attribute = element.getAttribute("code");
        if (attribute == null || attribute.length() == 0) {
            debug.message("DiscoUtils.parseStatus: missing status code.");
            throw new DiscoveryException(bundle.getString("missingStatusCode"));
        }
        String str = namespaceURI;
        String str2 = prefix;
        String str3 = attribute;
        if (attribute.indexOf(":") != -1) {
            StringTokenizer stringTokenizer = new StringTokenizer(attribute, ":");
            if (stringTokenizer.countTokens() != 2) {
                debug.message("DiscoUtils.parseStatus: wrong status code.");
                throw new DiscoveryException(bundle.getString("wrongInput"));
            }
            str2 = stringTokenizer.nextToken();
            str3 = stringTokenizer.nextToken();
        }
        if (str2 != null && prefix != null && !str2.equals(prefix)) {
            str = element.getAttribute(new StringBuffer().append("xmlns:").append(str2).toString());
        }
        if (str == null || str.length() == 0) {
            status.setCode(new QName(str3));
        } else if (str2 == null || str2.length() == 0) {
            status.setCode(new QName(str, str3));
        } else {
            status.setCode(new QName(str, str3, str2));
        }
        status.setComment(element.getAttribute("comment"));
        status.setRef(element.getAttribute(SOAPBindingConstants.ATTR_REF));
        List elementsByTagNameNS1 = XMLUtils.getElementsByTagNameNS1(element, "urn:liberty:disco:2003-08", "Status");
        int size = elementsByTagNameNS1.size();
        if (size != 0) {
            if (size != 1) {
                if (debug.messageEnabled()) {
                    debug.message("DiscoUtils.parseStatus: included more than one sub status.");
                }
                throw new DiscoveryException(bundle.getString("moreElement"));
            }
            status.setSubStatus(parseStatus((Element) elementsByTagNameNS1.get(0)));
        }
        return status;
    }

    public static List parseOptions(Element element) throws DiscoveryException {
        ArrayList arrayList = new ArrayList();
        NodeList childNodes = element.getChildNodes();
        int length = childNodes.getLength();
        for (int i = 0; i < length; i++) {
            Node item = childNodes.item(i);
            String localName = item.getLocalName();
            if (localName != null) {
                String namespaceURI = element.getNamespaceURI();
                if (namespaceURI == null || !namespaceURI.equals("urn:liberty:disco:2003-08")) {
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("DiscoUtils.parseOption(Element): invalid namespace for node ").append(localName).toString());
                    }
                    throw new DiscoveryException(bundle.getString("wrongInput"));
                }
                if (!localName.equals(ACModuleListTiledView.OPTION)) {
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("DiscoUtils.parseOption(Element): invalid node").append(localName).toString());
                    }
                    throw new DiscoveryException(bundle.getString("wrongInput"));
                }
                arrayList.add(XMLUtils.getElementValue((Element) item));
            }
        }
        return arrayList;
    }

    public static Element parseXML(String str) throws DiscoveryException {
        try {
            debug.message(new StringBuffer().append("DiscoUtils.parseXML: xmlString=").append(str).toString());
            return XMLUtils.toDOMDocument(str, debug).getDocumentElement();
        } catch (Exception e) {
            debug.error("DiscoUtils.parseXML: Parsing error.", e);
            throw new DiscoveryException(e);
        }
    }

    /* JADX WARN: Can't wrap try/catch for region: R(10:4|(1:35)(4:6|(1:8)|9|(4:32|33|34|24)(1:11))|12|13|14|16|17|(2:22|23)(3:25|26|27)|24|2) */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x00a7, code lost:
    
        r23 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x00a9, code lost:
    
        com.sun.identity.liberty.ws.disco.common.DiscoUtils.debug.error("DiscoveryService.checkPolicyAndHandleDirectives:exception when constructing ResourceOffering:", r23);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.util.Map checkPolicyAndHandleDirectives(java.lang.String r10, com.sun.identity.liberty.ws.soapbinding.Message r11, java.util.Collection r12, com.sun.identity.liberty.ws.interfaces.Authorizer r13, com.sun.identity.liberty.ws.security.SessionContext r14, java.lang.String r15, com.iplanet.sso.SSOToken r16) {
        /*
            Method dump skipped, instructions count: 300
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.liberty.ws.disco.common.DiscoUtils.checkPolicyAndHandleDirectives(java.lang.String, com.sun.identity.liberty.ws.soapbinding.Message, java.util.Collection, com.sun.identity.liberty.ws.interfaces.Authorizer, com.sun.identity.liberty.ws.security.SessionContext, java.lang.String, com.iplanet.sso.SSOToken):java.util.Map");
    }

    private static void handleDirectives(ResourceOffering resourceOffering, List list, String str, Message message, SessionContext sessionContext, String str2, SSOToken sSOToken, List list2, List list3) {
        HashMap hashMap = new HashMap();
        BitSet bitSet = new BitSet(SIZE);
        if (sessionContext != null && DiscoServiceManager.needSessionContextStatement()) {
            bitSet.set(SESSION);
        }
        for (Object obj : list) {
            List descriptionIDRefs = ((DirectiveType) obj).getDescriptionIDRefs();
            if (obj instanceof EncryptResourceIDElement) {
                debug.message("DiscoService: has encrypt D");
                resourceOffering = doEncryption(resourceOffering);
            } else if (obj instanceof AuthenticateRequesterElement) {
                setMap(descriptionIDRefs, AUTHN, hashMap, bitSet);
            } else if (obj instanceof AuthorizeRequesterElement) {
                setMap(descriptionIDRefs, AUTHO, hashMap, bitSet);
            } else if (obj instanceof AuthenticateSessionContextElement) {
                setMap(descriptionIDRefs, SESSION, hashMap, bitSet);
            } else if (obj instanceof GenerateBearerTokenElement) {
                setMap(descriptionIDRefs, BEARER, hashMap, bitSet);
            } else if (debug.messageEnabled()) {
                debug.message("DiscoUtils.handleDirective: directive not supported.");
            }
        }
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        for (String str3 : hashMap.keySet()) {
            BitSet bitSet2 = (BitSet) hashMap.get(str3);
            bitSet2.or(bitSet);
            if (hashMap2.containsKey(bitSet2)) {
                hashMap3.put(str3, (String) hashMap2.get(bitSet2));
            } else {
                String generateCredential = generateCredential(bitSet2, resourceOffering, message, str, list3, sessionContext, str2, sSOToken);
                if (generateCredential != null) {
                    hashMap2.put(bitSet2, generateCredential);
                    hashMap3.put(str3, generateCredential);
                }
            }
        }
        for (Description description : resourceOffering.getServiceInstance().getDescription()) {
            ArrayList arrayList = new ArrayList();
            String id = description.getId();
            if (id == null || id.length() == 0 || !hashMap3.containsKey(id)) {
                debug.message("DiscoUtils.handleDirective:  not containsKey");
                String str4 = (String) hashMap3.get("all");
                if (str4 != null) {
                    arrayList.add(str4);
                } else if (hashMap2.containsKey(bitSet)) {
                    String str5 = (String) hashMap2.get(bitSet);
                    hashMap3.put("all", str5);
                    arrayList.add(str5);
                } else {
                    String generateCredential2 = generateCredential(bitSet, resourceOffering, message, str, list3, sessionContext, str2, sSOToken);
                    if (generateCredential2 != null) {
                        hashMap3.put("all", generateCredential2);
                        arrayList.add(generateCredential2);
                    }
                }
            } else {
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("DiscoUtils.handleDirective: containsKey:").append(id).toString());
                }
                arrayList.add((String) hashMap3.get(id));
            }
            if (!arrayList.isEmpty()) {
                description.setCredentialRef(arrayList);
            }
        }
        list2.add(resourceOffering);
    }

    private static ResourceOffering doEncryption(ResourceOffering resourceOffering) {
        ResourceID resourceID = resourceOffering.getResourceID();
        if (resourceID == null) {
            return resourceOffering;
        }
        try {
            EncryptedResourceID encryptedResourceID = EncryptedResourceID.getEncryptedResourceID(resourceID, resourceOffering.getServiceInstance().getProviderID());
            resourceOffering.setResourceID(null);
            resourceOffering.setEncryptedResourceID(encryptedResourceID);
        } catch (Exception e) {
            debug.error("DiscoUtils.doEncryption: exception:", e);
        }
        return resourceOffering;
    }

    private static void setMap(List list, int i, Map map, BitSet bitSet) {
        if (list == null || list.size() == 0) {
            bitSet.set(i);
            return;
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            String id = ((DescriptionType) it.next()).getId();
            BitSet bitSet2 = (BitSet) map.get(id);
            if (bitSet2 == null) {
                bitSet2 = new BitSet(SIZE);
            }
            bitSet2.set(i);
            map.put(id, bitSet2);
        }
    }

    private static SessionContext getSessionContext(SecurityAssertion securityAssertion) {
        SessionContext sessionContext;
        if (securityAssertion == null) {
            return null;
        }
        for (Statement statement : securityAssertion.getStatement()) {
            int statementType = statement.getStatementType();
            if (statementType == 4) {
                SessionContext sessionContext2 = ((ResourceAccessStatement) statement).getSessionContext();
                if (sessionContext2 != null) {
                    return sessionContext2;
                }
            } else if (statementType == 5 && (sessionContext = ((SessionContextStatement) statement).getSessionContext()) != null) {
                return sessionContext;
            }
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r21v3 */
    /* JADX WARN: Type inference failed for: r21v5 */
    /* JADX WARN: Type inference failed for: r21v6 */
    /* JADX WARN: Type inference failed for: r21v7 */
    private static String generateCredential(BitSet bitSet, ResourceOffering resourceOffering, Message message, String str, List list, SessionContext sessionContext, String str2, SSOToken sSOToken) {
        ProviderHeader providerHeader;
        SecurityAssertion securityAssertion = null;
        try {
            SecurityTokenManager securityTokenManager = new SecurityTokenManager(sSOToken);
            String str3 = str2;
            if ((str3 == null || str3.length() == 0) && (providerHeader = message.getProviderHeader()) != null) {
                str3 = providerHeader.getProviderID();
            }
            SessionContext sessionContext2 = sessionContext;
            if (sessionContext2 == null) {
                sessionContext2 = getSessionContext(message.getAssertion());
            }
            if (sessionContext2 != null) {
                try {
                    SessionSubject sessionSubject = sessionContext2.getSessionSubject();
                    NameIdentifier nameIdentifier = sessionSubject.getNameIdentifier();
                    if (nameIdentifier.getFormat() != null && nameIdentifier.getFormat().equals(IFSConstants.NI_ENCRYPTED_FORMAT_URI)) {
                        nameIdentifier = EncryptedNameIdentifier.getDecryptedNameIdentifier(nameIdentifier, DiscoServiceManager.getDiscoProviderID());
                    }
                    String providerID = resourceOffering.getServiceInstance().getProviderID();
                    if (FSServiceUtils.getAllianceInstance().getProvider(str3).getNameIdentifierEncryption()) {
                        sessionSubject.setNameIdentifier(EncryptedNameIdentifier.getEncryptedNameIdentifier(nameIdentifier, providerID));
                    } else {
                        sessionSubject.setNameIdentifier(nameIdentifier);
                    }
                    sessionContext2.setSessionSubject(sessionSubject);
                } catch (Exception e) {
                    debug.error(new StringBuffer().append("DiscoUtils.handleDirective: En/Decryption Exception:").append(e).toString());
                }
            }
            EncryptedResourceID encryptedResourceID = resourceOffering.getEncryptedResourceID();
            Object obj = encryptedResourceID;
            if (encryptedResourceID == null) {
                ResourceID resourceID = resourceOffering.getResourceID();
                obj = resourceID == null ? DiscoConstants.IMPLIED_RESOURCE : resourceID.getResourceID();
            }
            if (!bitSet.get(BEARER)) {
                NameIdentifier nameIdentifier2 = (str3 == null || str3.length() == 0) ? new NameIdentifier(str) : new NameIdentifier(str3, null, DiscoConstants.PROVIDER_ID_FORMAT);
                if (sessionContext != null) {
                    securityTokenManager.setCertAlias(getProviderCertAlias(str3));
                } else {
                    X509Certificate peerCertificate = message.getPeerCertificate();
                    if (peerCertificate == null) {
                        peerCertificate = message.getMessageCertificate();
                        if (peerCertificate == null) {
                            if (!debug.messageEnabled()) {
                                return null;
                            }
                            debug.message("DiscoUtils.generateCredential:client cert is null. Cannot generate credential.");
                            return null;
                        }
                    }
                    securityTokenManager.setCertificate(peerCertificate);
                }
                securityAssertion = obj instanceof String ? securityTokenManager.getSAMLAuthorizationToken(nameIdentifier2, sessionContext2, (String) obj, bitSet.get(AUTHN), bitSet.get(AUTHO)) : securityTokenManager.getSAMLAuthorizationToken(nameIdentifier2, sessionContext2, (EncryptedResourceID) obj, bitSet.get(AUTHN), bitSet.get(AUTHO));
            } else if (bitSet.get(AUTHN) || bitSet.get(AUTHO) || bitSet.get(SESSION)) {
                NameIdentifier nameIdentifier3 = new NameIdentifier(str);
                securityAssertion = obj instanceof String ? securityTokenManager.getSAMLBearerToken(nameIdentifier3, sessionContext2, (String) obj, bitSet.get(AUTHN), bitSet.get(AUTHO)) : securityTokenManager.getSAMLBearerToken(nameIdentifier3, sessionContext2, (EncryptedResourceID) obj, bitSet.get(AUTHN), bitSet.get(AUTHO));
            }
        } catch (Exception e2) {
            debug.error("DiscoUtils.generateCredential:cannot generate credential: ", e2);
        }
        if (securityAssertion == null) {
            debug.error("DiscoUtils.generateCredential: cannot generate credential.");
            return null;
        }
        list.add(securityAssertion);
        return securityAssertion.getAssertionID();
    }

    private static String getProviderCertAlias(String str) throws DiscoveryException {
        try {
            return FSServiceUtils.getAllianceInstance().getProvider(str).getSigningKeyAlias();
        } catch (Exception e) {
            debug.error("DiscoUtils.getProviderCertAlias:Exception while trying to get the certificate alias", e);
            throw new DiscoveryException(e);
        }
    }

    static {
        try {
            JAXBContext newInstance = JAXBContext.newInstance(Utils.getJAXBPackages());
            unmarshaller = newInstance.createUnmarshaller();
            marshaller = newInstance.createMarshaller();
        } catch (Exception e) {
            debug.error("DiscoUtils:static: Initialization failed.", e);
        }
        ALL = "all";
        AUTHN = 0;
        AUTHO = 1;
        SESSION = 2;
        BEARER = 3;
        LOGOUT = 4;
        SIZE = 5;
    }
}
