package com.sun.identity.authentication.service;

import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.util.Misc;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.dpro.session.service.InternalSession;
import com.iplanet.services.util.CookieUtils;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.AuthContext;
import com.sun.identity.authentication.config.AMAuthConfigUtils;
import com.sun.identity.authentication.config.AMAuthenticationManager;
import com.sun.identity.authentication.modules.saml.SAMLPrincipal;
import com.sun.identity.authentication.server.AuthContextLocal;
import com.sun.identity.authentication.spi.AMPostAuthProcessInterface;
import com.sun.identity.authentication.spi.AuthenticationException;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.common.Constants;
import com.sun.identity.common.DateUtils;
import com.sun.identity.common.ISLocaleContext;
import com.sun.identity.common.admin.AdminInterfaceUtils;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdSearchControl;
import com.sun.identity.idm.IdSearchOpModifier;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.log.LogConstants;
import com.sun.identity.security.DecodeAction;
import com.sun.identity.security.EncodeAction;
import com.sun.web.ui.model.CCTopologyModelInterface;
import java.net.InetAddress;
import java.security.AccessController;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import netscape.ldap.util.DN;

/* loaded from: input_file:120955-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/authentication/service/LoginState.class */
public class LoginState {
    Callback[] receivedCallbackInfo;
    Callback[] prevCallback;
    Callback[] submittedCallbackInfo;
    HttpServletRequest servletRequest;
    HttpServletResponse servletResponse;
    String orgName;
    String userOrg;
    Hashtable requestHash;
    boolean requestType;
    Subject subject;
    int maxSession;
    int idleTime;
    int cacheTime;
    SessionID sid;
    SSOToken ssoToken;
    String filePath;
    boolean isAdmin;
    Set tokenSet;
    AuthContext.IndexType indexType;
    public boolean userIDGeneratorEnabled;
    public String userIDGeneratorClassName;
    AuthContextLocal oldAuthContext;
    String defaultUserSuccessURL;
    String clientUserSuccessURL;
    String clientUserFailureURL;
    String defaultUserFailureURL;
    String clientSuccessRoleURL;
    String defaultSuccessRoleURL;
    String clientFailureRoleURL;
    String defaultFailureRoleURL;
    long pCookieTimeCreated;
    private static String serverURL;
    private static final String rootSuffix = SystemProperties.get(Constants.AM_ROOT_SUFFIX);
    private static final boolean urlRewriteInPath = Boolean.valueOf(SystemProperties.get(Constants.REWRITE_AS_PATH, "")).booleanValue();
    private static AuthD ad = AuthD.getAuth();
    private static String pCookieName = AuthUtils.getPersistentCookieName();
    private static Set userAttributes = new HashSet();
    static AuthUtils au = new AuthUtils();
    HashMap callbacksPerState = new HashMap();
    InternalSession sess = null;
    HttpSession hsess = null;
    String orgDN = null;
    int loginStatus = 2;
    Set aliasAttrNames = null;
    public boolean inetDomainStatus = true;
    String userContainerDN = null;
    boolean nullUserContainerDN = false;
    boolean dnByUserContainer = false;
    String userNamingAttr = null;
    public Set defaultRoles = null;
    boolean dynamicProfileCreation = false;
    boolean ignoreUserProfile = false;
    boolean createWithAlias = false;
    boolean persistentCookieMode = false;
    public String persistentCookieTime = null;
    public boolean persistentCookieOn = false;
    public String defaultAuthLevel = "0";
    String token = null;
    String userDN = null;
    int authLevel = 0;
    int moduleAuthLevel = CCTopologyModelInterface.ActionSet.DEFAULT;
    String client = null;
    String authMethName = "";
    String pAuthMethName = null;
    String queryOrg = null;
    boolean cookieSupported = true;
    boolean cookieSet = false;
    boolean userEnabled = true;
    boolean isApp = false;
    AMIdentity amIdentityRole = null;
    String indexName = null;
    AuthContext.IndexType prevIndexType = null;
    Set userAliasList = null;
    boolean hasAdminToken = false;
    String gotoURL = null;
    String gotoOnFailURL = null;
    String failureLoginURL = null;
    String successLoginURL = null;
    String moduleSuccessLoginURL = null;
    String moduleFailureLoginURL = null;
    Set orgSuccessLoginURLSet = null;
    String clientOrgSuccessLoginURL = null;
    String defaultOrgSuccessLoginURL = null;
    String clientOrgFailureLoginURL = null;
    String defaultOrgFailureLoginURL = null;
    Set orgFailureLoginURLSet = null;
    Map requestMap = new HashMap();
    Set domainAuthenticators = null;
    Set moduleInstances = null;
    boolean sessionUpgrade = false;
    int upgradeAuthLevel = 0;
    String loginURL = null;
    long pageTimeOut = 60;
    long lastCallbackSent = 0;
    AMIdentity amIdentityUser = null;
    public boolean loginFailureLockoutMode = false;
    public boolean loginFailureLockoutStoreInDS = true;
    public String accountLife = null;
    public long loginFailureLockoutDuration = 0;
    public long loginFailureLockoutTime = 300000;
    public int loginFailureLockoutCount = 5;
    public String loginLockoutNotification = null;
    public String loginLockoutAttrName = null;
    public String loginLockoutAttrValue = null;
    public int loginLockoutUserWarning = 3;
    public int userWarningCount = 0;
    String errorCode = null;
    String errorMessage = null;
    String errorTemplate = null;
    String moduleErrorTemplate = null;
    String lockoutMsg = null;
    boolean timedOut = false;
    public String failureTokenId = null;
    String principalList = null;
    String pCookieUserName = null;
    private ISLocaleContext localeContext = new ISLocaleContext();
    X509Certificate cert = null;
    Set userSuccessURLSet = Collections.EMPTY_SET;
    Set userFailureURLSet = Collections.EMPTY_SET;
    Set successRoleURLSet = Collections.EMPTY_SET;
    Set failureRoleURLSet = Collections.EMPTY_SET;
    String userAuthConfig = "";
    String orgAuthConfig = null;
    String orgAdminAuthConfig = null;
    Set orgPostLoginClassSet = Collections.EMPTY_SET;
    Map serviceAttributesMap = new HashMap();
    String moduleErrorMessage = null;
    String defaultSuccessURL = null;
    String defaultFailureURL = null;
    String tempDefaultURL = null;
    String sessionSuccessURL = null;
    Set postLoginInstanceSet = null;
    boolean isRemote = false;
    boolean cookieDetect = false;
    HashMap userCreationAttributes = null;
    Set externalAliasList = null;
    Set successModuleSet = new HashSet();
    Set failureModuleSet = new HashSet();
    String failureModuleList = "";
    String fqdnFailureLoginURL = null;
    Map moduleMap = null;
    Map roleAttributeMap = null;
    Boolean foundPCookie = null;
    Set identityTypes = Collections.EMPTY_SET;
    Hashtable idRepoHash = new Hashtable();
    AMIdentityRepository amIdRepo = null;

    public HttpServletRequest getHttpServletRequest() {
        return this.servletRequest;
    }

    public void setHttpServletRequest(HttpServletRequest httpServletRequest) {
        this.servletRequest = httpServletRequest;
    }

    public InternalSession getSession() {
        if (this.sess != null && this.sess.getState() != 2 && this.sess.getState() != 3) {
            return this.sess;
        }
        AuthD authD = ad;
        if (!AuthD.debug.messageEnabled()) {
            return null;
        }
        AuthD authD2 = ad;
        AuthD.debug.message(new StringBuffer().append("Session is null OR INACTIVE OR DESTROYED :").append(this.sess).toString());
        return null;
    }

    public HttpSession getHttpSession() {
        return this.hsess;
    }

    public void setSession(InternalSession internalSession) {
        this.sess = internalSession;
    }

    public void setReceivedCallback(Callback[] callbackArr, AMLoginContext aMLoginContext) {
        synchronized (aMLoginContext) {
            this.submittedCallbackInfo = null;
            this.receivedCallbackInfo = callbackArr;
            this.prevCallback = callbackArr;
            aMLoginContext.notify();
        }
    }

    public void setReceivedCallback_NoThread(Callback[] callbackArr) {
        this.submittedCallbackInfo = null;
        this.receivedCallbackInfo = callbackArr;
        this.prevCallback = callbackArr;
    }

    public void setSubmittedCallback(Callback[] callbackArr, AMLoginContext aMLoginContext) {
        synchronized (aMLoginContext) {
            this.receivedCallbackInfo = null;
            this.prevCallback = this.receivedCallbackInfo;
            this.submittedCallbackInfo = callbackArr;
            aMLoginContext.notify();
        }
    }

    public void setSubmittedCallback_NoThread(Callback[] callbackArr) {
        this.receivedCallbackInfo = null;
        this.prevCallback = this.receivedCallbackInfo;
        this.submittedCallbackInfo = callbackArr;
    }

    public Callback[] getReceivedInfo() {
        return this.receivedCallbackInfo;
    }

    public Callback[] getSubmittedInfo() {
        return this.submittedCallbackInfo;
    }

    public String getOrgDN() {
        if (this.orgDN == null) {
            try {
                this.orgDN = ad.getOrgDN(this.userOrg);
            } catch (Exception e) {
                AuthD authD = ad;
                AuthD.debug.message("Error getting orgDN: ", e);
            }
        }
        return this.orgDN;
    }

    public String getOrgName() {
        if (this.orgName == null) {
            this.orgName = AuthUtils.DNtoName(getOrgDN());
        }
        return this.orgName;
    }

    public int getLoginStatus() {
        return this.loginStatus;
    }

    public synchronized void setLoginStatus(int i) {
        this.loginStatus = i;
    }

    public void setParamHash(Hashtable hashtable) {
        this.requestHash = hashtable;
        if (hashtable != null) {
            Enumeration keys = hashtable.keys();
            while (keys.hasMoreElements()) {
                Object nextElement = keys.nextElement();
                this.requestMap.put(nextElement, hashtable.get(nextElement));
            }
        }
    }

    public void setRequestType(boolean z) {
        this.requestType = z;
    }

    public boolean isNewRequest() {
        return this.requestType;
    }

    public boolean isDynamicProfileCreationEnabled() {
        return this.dynamicProfileCreation;
    }

    public void populateOrgProfile() throws AuthException {
        try {
            this.inetDomainStatus = ad.getInetDomainStatus(getOrgDN());
            if (!this.inetDomainStatus) {
                logFailed(au.getErrorVal(AMAuthErrorCode.AUTH_ORG_INACTIVE, AuthUtils.ERROR_MESSAGE), "ORGINACTIVE");
                throw new AuthException(AMAuthErrorCode.AUTH_ORG_INACTIVE, null);
            }
            Map attributes = ad.getOrgConfigManager(getOrgDN()).getServiceConfig("iPlanetAMAuthService").getAttributes();
            this.aliasAttrNames = (Set) attributes.get(ISAuthConstants.AUTH_ALIAS_ATTR);
            if (AuthD.revisionNumber >= 30) {
                this.identityTypes = (Set) attributes.get(ISAuthConstants.AUTH_ID_TYPE_ATTR);
            } else {
                this.identityTypes = new HashSet();
                getContainerDN((Set) attributes.get("iplanet-am-auth-user-container"));
            }
            this.userNamingAttr = Misc.getMapAttr(attributes, ISAuthConstants.AUTH_NAMING_ATTR, "uid");
            this.defaultRoles = (Set) attributes.get(ISAuthConstants.AUTH_DEFAULT_ROLE);
            String mapAttr = Misc.getMapAttr(attributes, ISAuthConstants.DYNAMIC_PROFILE);
            if (mapAttr.equalsIgnoreCase("true")) {
                this.dynamicProfileCreation = true;
            } else if (mapAttr.equalsIgnoreCase("ignore")) {
                this.ignoreUserProfile = true;
            } else if (mapAttr.equalsIgnoreCase("createAlias")) {
                this.createWithAlias = true;
                this.dynamicProfileCreation = true;
            }
            if (Misc.getMapAttr(attributes, ISAuthConstants.PERSISTENT_COOKIE_MODE).equalsIgnoreCase("true")) {
                this.persistentCookieMode = true;
            }
            this.persistentCookieTime = Misc.getMapAttr(attributes, ISAuthConstants.PERSISTENT_COOKIE_TIME);
            this.domainAuthenticators = new AMAuthenticationManager(ad.getSSOAuthSession(), getOrgDN()).getAllowedModuleNames();
            if (this.domainAuthenticators == null) {
                this.domainAuthenticators = Collections.EMPTY_SET;
            }
            this.defaultAuthLevel = Misc.getMapAttr(attributes, ISAuthConstants.DEFAULT_AUTH_LEVEL, ad.defaultAuthLevel);
            this.localeContext.setOrgLocale(getOrgDN());
            this.orgSuccessLoginURLSet = (Set) attributes.get("iplanet-am-auth-login-success-url");
            if (this.orgSuccessLoginURLSet == null) {
                this.orgSuccessLoginURLSet = Collections.EMPTY_SET;
            }
            this.clientOrgSuccessLoginURL = getRedirectUrl(this.orgSuccessLoginURLSet);
            this.defaultOrgSuccessLoginURL = this.tempDefaultURL;
            this.orgFailureLoginURLSet = (Set) attributes.get("iplanet-am-auth-login-failure-url");
            if (this.orgFailureLoginURLSet == null) {
                this.orgFailureLoginURLSet = Collections.EMPTY_SET;
            }
            this.clientOrgFailureLoginURL = getRedirectUrl(this.orgFailureLoginURLSet);
            this.defaultOrgFailureLoginURL = this.tempDefaultURL;
            this.orgAuthConfig = Misc.getMapAttr(attributes, ISAuthConstants.AUTHCONFIG_ORG);
            this.orgAdminAuthConfig = Misc.getMapAttr(attributes, "iplanet-am-auth-admin-auth-module");
            this.orgPostLoginClassSet = (Set) attributes.get("iplanet-am-auth-post-login-process-class");
            if (this.orgPostLoginClassSet == null) {
                this.orgPostLoginClassSet = Collections.EMPTY_SET;
            }
            String mapAttr2 = Misc.getMapAttr(attributes, ISAuthConstants.LOGIN_FAILURE_LOCKOUT);
            if (mapAttr2 != null && mapAttr2.equalsIgnoreCase("true")) {
                this.loginFailureLockoutMode = true;
            }
            String mapAttr3 = Misc.getMapAttr(attributes, ISAuthConstants.LOGIN_FAILURE_STORE_IN_DS);
            if (mapAttr3 != null && mapAttr3.equalsIgnoreCase("false")) {
                this.loginFailureLockoutStoreInDS = false;
            }
            String mapAttr4 = Misc.getMapAttr(attributes, ISAuthConstants.LOCKOUT_DURATION);
            if (mapAttr4 != null) {
                try {
                    this.loginFailureLockoutDuration = Long.parseLong(mapAttr4);
                } catch (NumberFormatException e) {
                    AuthD authD = ad;
                    AuthD.debug.error("auth-lockout-duration bad format.");
                }
                this.loginFailureLockoutDuration *= 60000;
            }
            String mapAttr5 = Misc.getMapAttr(attributes, ISAuthConstants.LOGIN_FAILURE_COUNT);
            if (mapAttr5 != null) {
                try {
                    this.loginFailureLockoutCount = Integer.parseInt(mapAttr5);
                } catch (NumberFormatException e2) {
                    AuthD authD2 = ad;
                    AuthD.debug.error("auth-lockout-count bad format.");
                }
            }
            String mapAttr6 = Misc.getMapAttr(attributes, ISAuthConstants.LOGIN_FAILURE_DURATION);
            if (mapAttr6 != null) {
                try {
                    this.loginFailureLockoutTime = Long.parseLong(mapAttr6);
                } catch (NumberFormatException e3) {
                    AuthD authD3 = ad;
                    AuthD.debug.error("auth-login-failure-duration bad format.");
                }
                this.loginFailureLockoutTime *= 60000;
            }
            String mapAttr7 = Misc.getMapAttr(attributes, ISAuthConstants.LOCKOUT_WARN_USER);
            if (mapAttr7 != null) {
                try {
                    this.loginLockoutUserWarning = Integer.parseInt(mapAttr7);
                } catch (NumberFormatException e4) {
                    AuthD authD4 = ad;
                    AuthD.debug.error("auth-lockout-warn-user bad format.");
                }
            }
            this.loginLockoutNotification = Misc.getMapAttr(attributes, ISAuthConstants.LOCKOUT_EMAIL);
            String mapAttr8 = Misc.getMapAttr(attributes, ISAuthConstants.USERNAME_GENERATOR);
            if (mapAttr8 != null) {
                this.userIDGeneratorEnabled = Boolean.valueOf(mapAttr8).booleanValue();
            }
            this.userIDGeneratorClassName = Misc.getMapAttr(attributes, ISAuthConstants.USERNAME_GENERATOR_CLASS);
            this.loginLockoutAttrName = Misc.getMapAttr(attributes, ISAuthConstants.LOCKOUT_ATTR_NAME);
            this.loginLockoutAttrValue = Misc.getMapAttr(attributes, ISAuthConstants.LOCKOUT_ATTR_VALUE);
            AuthD authD5 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD6 = ad;
                AuthD.debug.message(new StringBuffer().append("Getting Org Profile: ").append(this.orgDN).append("\nlocale->").append(this.localeContext.getLocale()).append("\ncharset->").append(this.localeContext.getMIMECharset()).append("\ndynamicProfileCreation->").append(this.dynamicProfileCreation).append("\ndefaultAuthLevel->").append(this.defaultAuthLevel).append("\norgSucessLoginURLSet->").append(this.orgSuccessLoginURLSet).append("\norgFailureLoginURLSet->").append(this.orgFailureLoginURLSet).append("\nclientSuccessLoginURL ->").append(this.clientOrgSuccessLoginURL).append("\ndefaultSuccessLoginURL ->").append(this.defaultOrgSuccessLoginURL).append("\norgPostLoginClassSet ->").append(this.orgPostLoginClassSet).append("\norgAuthConfig ->").append(this.orgAuthConfig).append("\norgAdminAuthConfig ->").append(this.orgAdminAuthConfig).append("\nclientFailureLoginURL ->").append(this.clientOrgFailureLoginURL).append("\ndefaultFailureLoginURL ->").append(this.defaultOrgFailureLoginURL).append("\nloginFailureLockoutMode->").append(this.loginFailureLockoutMode).append("\nloginFailureLockoutStoreInDS->").append(this.loginFailureLockoutStoreInDS).append("\nloginFailureLockoutCount->").append(this.loginFailureLockoutCount).append("\nloginFailureLockoutTime->").append(this.loginFailureLockoutTime).append("\nloginLockoutUserWarning->").append(this.loginLockoutUserWarning).append("\nloginLockoutNotification->").append(this.loginLockoutNotification).append("\npersistentCookieMode->").append(this.persistentCookieMode).append("\nidentityTypes->").append(this.identityTypes).append("\naliasAttrNames ->").append(this.aliasAttrNames).toString());
            }
        } catch (AuthException e5) {
            AuthD authD7 = ad;
            AuthD.debug.error("Error in populateOrgProfile", e5);
            throw new AuthException(e5);
        } catch (Exception e6) {
            AuthD authD8 = ad;
            AuthD.debug.error("Error in populateOrgProfile", e6);
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
    }

    public void setSubject(Subject subject) {
        this.subject = subject;
    }

    public Subject getSubject() {
        return this.subject;
    }

    public int getMaxSession() {
        return this.maxSession;
    }

    public int getIdleTime() {
        return this.idleTime;
    }

    public int getCacheTime() {
        return this.cacheTime;
    }

    public String getUserDN() {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("getUserDN: ").append(this.userDN).toString());
        }
        return this.userDN;
    }

    public int getAuthLevel() {
        return this.authLevel;
    }

    public void setClient(String str) {
        this.client = str;
    }

    public String getClient() {
        String str;
        if (this.client != null) {
            return this.client;
        }
        str = "";
        try {
            String str2 = null;
            if (this.requestHash != null) {
                str2 = (String) this.requestHash.get("client");
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("getClient : servletRequest is : ").append(this.client).toString());
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("getClient : cli is : ").append(str2).toString());
            }
            str = (str2 == null || str2.equals("")) ? this.servletRequest != null ? this.servletRequest.getRemoteAddr() : InetAddress.getLocalHost().getHostAddress() : "";
        } catch (Exception e) {
            AuthD authD4 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD5 = ad;
                AuthD.debug.message("Error getting clienty Type ", e);
            }
        }
        AuthD authD6 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD7 = ad;
            AuthD.debug.message(new StringBuffer().append("Client is : ").append(str).toString());
        }
        this.client = str;
        return str;
    }

    public String tokenToDN(String str) {
        try {
            String lowerCase = str.toLowerCase();
            int indexOf = lowerCase.indexOf("|");
            if (indexOf != -1) {
                lowerCase = lowerCase.substring(0, indexOf);
            }
            if (!Misc.isDescendantOf(lowerCase, getOrgDN()) && !ad.isSuperAdmin(lowerCase)) {
                if (lowerCase.startsWith(ISAuthConstants.APPLICATION_USER_PREFIX.toLowerCase())) {
                    return new StringBuffer().append("cn=").append(lowerCase).append(",ou=DSAME Users,").append(rootSuffix).toString();
                }
                String str2 = lowerCase;
                String DNtoName = AuthUtils.DNtoName(lowerCase);
                StringBuffer stringBuffer = new StringBuffer(HttpServletResponse.SC_OK);
                stringBuffer.append(this.userNamingAttr).append("=").append(DNtoName).append(",").append(this.userContainerDN);
                this.dnByUserContainer = true;
                String stringBuffer2 = stringBuffer.toString();
                AuthD authD = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD2 = ad;
                    AuthD.debug.message(new StringBuffer().append("token=").append(str).append(", id=").append(DNtoName).append(", DN=").append(stringBuffer2).toString());
                }
                return stringBuffer2;
            }
            return lowerCase;
        } catch (Exception e) {
            AuthD authD3 = ad;
            AuthD.debug.error(new StringBuffer().append("tokenToDN : ").append(e.getMessage()).toString());
            return str;
        }
    }

    public String getClientType() {
        String defaultClientType;
        if (this.servletRequest != null) {
            defaultClientType = au.getClientType(this.servletRequest);
        } else {
            AuthUtils authUtils = au;
            defaultClientType = AuthUtils.getDefaultClientType();
        }
        return defaultClientType;
    }

    public boolean activateSession(Subject subject, AuthContextLocal authContextLocal) {
        try {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("activateSession - Token is : ").append(this.token).toString());
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("activateSession - userDN is : ").append(this.userDN).toString());
            }
            try {
                setSuccessLoginURL(this.indexType, this.indexName);
                AuthD authD4 = ad;
                if (AuthD.isHttpSessionUsed()) {
                    this.sess = ad.newSession(getOrgDN(), null);
                    this.sid = this.sess.getID();
                    this.sess.setObject(ISAuthConstants.AUTH_CONTEXT_OBJ, authContextLocal);
                    if (this.hsess != null) {
                        this.hsess.removeAttribute(ISAuthConstants.AUTH_CONTEXT_OBJ);
                        this.hsess.invalidate();
                        this.hsess = null;
                    }
                }
                this.subject = addSSOTokenPrincipal(subject);
                setSessionProperties(this.sess);
                boolean activate = this.sess.activate(this.userDN);
                AuthD authD5 = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD6 = ad;
                    AuthD.debug.message(new StringBuffer().append("Activating session: ").append(this.sess).toString());
                }
                return activate;
            } catch (AuthException e) {
                return false;
            }
        } catch (Exception e2) {
            AuthD authD7 = ad;
            AuthD.debug.error("Error activating session: ", e2);
            return false;
        }
    }

    public void setSessionProperties(InternalSession internalSession) throws AuthException {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("LoginState getSession = ").append(internalSession).append(" \nrequest token = ").append(this.token).toString());
        }
        if (this.token == null) {
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
        String str = this.cookieSupported ? "true" : "false";
        if (this.userDN == null) {
            this.userDN = getUserDN(this.amIdentityUser);
        }
        String userDN = this.oldAuthContext != null ? AuthUtils.getLoginState(this.oldAuthContext).getUserDN() : null;
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("userDN is : ").append(this.userDN).toString());
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("oldUserDN is : ").append(userDN).toString());
            AuthD authD6 = ad;
            AuthD.debug.message(new StringBuffer().append("sessonUpgrade is : ").append(this.sessionUpgrade).toString());
        }
        if (this.sessionUpgrade && userDN != null && AuthUtils.getNormalizedDN(this.userDN).equals(AuthUtils.getNormalizedDN(userDN))) {
            sessionUpgrade();
        } else {
            this.sessionUpgrade = false;
        }
        String uTCDateFormat = DateUtils.toUTCDateFormat(new Date());
        String str2 = ISAuthConstants.REQUIRED;
        if (this.dynamicProfileCreation) {
            str2 = ISAuthConstants.CREATE;
        } else if (this.ignoreUserProfile) {
            str2 = ISAuthConstants.IGNORE;
        } else if (this.createWithAlias) {
            str2 = ISAuthConstants.CREATE_WITH_ALIAS;
        }
        internalSession.putProperty(ISAuthConstants.USER_PROFILE, str2);
        String str3 = null;
        if (this.loginURL != null) {
            int indexOf = this.loginURL.indexOf("?");
            str3 = this.loginURL;
            if (indexOf != -1) {
                str3 = this.loginURL.substring(0, indexOf);
            }
            internalSession.putProperty(ISAuthConstants.LOGIN_URL, str3);
        }
        this.sessionSuccessURL = ad.processURL(this.successLoginURL, this.servletRequest);
        this.sessionSuccessURL = encodeURL(this.sessionSuccessURL, this.servletResponse, true);
        if (this.sessionSuccessURL != null) {
            internalSession.putProperty("successURL", this.sessionSuccessURL);
        }
        String universalId = this.amIdentityUser != null ? IdUtils.getUniversalId(this.amIdentityUser) : null;
        getClient();
        AuthD authD7 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD8 = ad;
            AuthD.debug.message(new StringBuffer().append("setSessionProperties Principal = ").append(this.userDN).append("\n").append("UserId = ").append(this.token).append("\n").append("client = ").append(this.client).append("\n").append("Organization = ").append(this.orgDN).append("\n").append("locale = ").append(this.localeContext.getLocale()).append("\n").append("charset = ").append(this.localeContext.getMIMECharset()).append("\n").append("idleTime = ").append(this.idleTime).append("\n").append("cacheTime = ").append(this.cacheTime).append("\n").append("maxSession = ").append(this.maxSession).append("\n").append("AuthLevel = ").append(this.authLevel).append("\n").append("AuthType = ").append(this.authMethName).append("\n").append("Subject = ").append(this.subject.toString()).append("\n").append("UniversalId = ").append(universalId).append("\n").append("cookieSupport = ").append(str).append("\n").append("principals = ").append(this.principalList).append("\n").append("defaultLoginURL = ").append(str3).append("\n").append("successURL = ").append(this.sessionSuccessURL).append("\n").append("IndexType = ").append(this.indexType).append("\n").append("UserProfile = ").append(str2).append("\n").append("AuthInstant = ").append(uTCDateFormat).toString());
        }
        try {
            if ((isApplicationModule(this.authMethName) && ad.isSpecialUser(this.userDN)) || isAgent(this.amIdentityUser)) {
                AuthD authD9 = ad;
                AuthD.debug.message("setSessionProperties for non-expiring session");
                internalSession.setClientID(this.token);
                internalSession.setExpire(false);
                internalSession.setType(1);
            } else {
                AuthD authD10 = ad;
                AuthD.debug.message("request: in putProperty stuff");
                internalSession.setClientID(this.userDN);
                internalSession.setMaxSessionTime(this.maxSession);
                internalSession.setMaxIdleTime(this.idleTime);
                internalSession.setMaxCachingTime(this.cacheTime);
            }
            internalSession.setClientDomain(getOrgDN());
            internalSession.setType(0);
            if (this.client != null) {
                internalSession.putProperty(ISAuthConstants.HOST, this.client);
            }
            if (!this.sessionUpgrade) {
                internalSession.putProperty("AuthLevel", new Integer(this.authLevel).toString());
                internalSession.putProperty(ISAuthConstants.AUTH_TYPE, this.authMethName);
            }
            internalSession.putProperty("Principal", this.userDN);
            internalSession.putProperty("UserId", this.token);
            internalSession.putProperty(ISAuthConstants.USER_TOKEN, this.token);
            internalSession.putProperty("Organization", getOrgDN());
            internalSession.putProperty("Locale", this.localeContext.getLocale().toString());
            internalSession.putProperty(ISAuthConstants.CHARSET, this.localeContext.getMIMECharset());
            internalSession.putProperty("clientType", getClientType());
            internalSession.putProperty(ISAuthConstants.COOKIE_SUPPORT_PROPERTY, str);
            internalSession.putProperty(ISAuthConstants.AUTH_INSTANT, uTCDateFormat);
            if (this.principalList != null) {
                internalSession.putProperty(ISAuthConstants.PRINCIPALS, this.principalList);
            }
            if (this.indexType != null) {
                internalSession.putProperty(ISAuthConstants.INDEX_TYPE, this.indexType.toString());
            }
            if (universalId != null) {
                internalSession.putProperty(Constants.UNIVERSAL_IDENTIFIER, universalId);
            }
            if (this.indexType == AuthContext.IndexType.ROLE && this.indexName != null && !this.sessionUpgrade) {
                internalSession.putProperty("Role", this.indexName);
            }
            if (this.indexType == AuthContext.IndexType.SERVICE && this.indexName != null && !this.sessionUpgrade) {
                internalSession.putProperty("Service", this.indexName);
            }
            Map attrMapForSAML = getAttrMapForSAML();
            if (attrMapForSAML != null && !attrMapForSAML.isEmpty()) {
                for (Map.Entry entry : attrMapForSAML.entrySet()) {
                    String str4 = (String) entry.getKey();
                    String str5 = (String) entry.getValue();
                    internalSession.putProperty(str4, str5);
                    AuthD authD11 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD12 = ad;
                        AuthD.debug.message(new StringBuffer().append("AttrMap for SAML : ").append(str4).append(" , ").append(str5).toString());
                    }
                }
            }
        } catch (Exception e) {
            AuthD authD13 = ad;
            AuthD.debug.error("Exception in setSession ", e);
            throw new AuthException(e);
        }
    }

    public boolean getInetDomainStatus() {
        return this.inetDomainStatus;
    }

    public void setQueryOrg(String str) {
        this.queryOrg = str;
    }

    public String getQueryOrg() {
        return this.queryOrg;
    }

    public String getLocale() {
        if (!this.isRemote) {
            return this.localeContext.getLocale().toString();
        }
        AuthD authD = ad;
        return AuthD.platLocale;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void destroySession() {
        if (this.sess != null) {
            AuthUtils.removeAuthContext(this.sid);
            ad.destroySession(this.sid);
            this.sid = null;
            this.sess = null;
        }
        AuthD authD = ad;
        if (!AuthD.isHttpSessionUsed() || this.hsess == null) {
            return;
        }
        this.hsess.removeAttribute(ISAuthConstants.AUTH_CONTEXT_OBJ);
        this.hsess.invalidate();
        this.hsess = null;
    }

    public void persistentCookieArgExists() {
        String str = (String) this.requestHash.get(ISAuthConstants.PCOOKIE);
        if (str == null || str.equals("")) {
            return;
        }
        if (str.equalsIgnoreCase("yes")) {
            this.persistentCookieOn = true;
        } else {
            this.persistentCookieOn = false;
        }
    }

    public SessionID getSid() {
        return this.sid;
    }

    public String getUserDomain(HttpServletRequest httpServletRequest, SessionID sessionID, Hashtable hashtable) {
        String str = null;
        try {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            SSOToken createSSOToken = sSOTokenManager.createSSOToken(httpServletRequest);
            if (!this.sessionUpgrade && !hashtable.isEmpty() && sSOTokenManager.isValidToken(createSSOToken)) {
                str = createSSOToken.getProperty("Organization");
                AuthD authD = ad;
                AuthD.debug.message("User org from existing valid session");
            }
        } catch (Exception e) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("ERROR in getUserDomain - ").append(e.toString()).toString());
        }
        if (str == null) {
            str = (!AuthUtils.newSessionArgExists(hashtable, sessionID) || sessionID.toString().length() <= 0) ? au.getDomainNameByRequest(httpServletRequest, hashtable) : sessionID.getSessionDomain();
        }
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("returning from getUserDomain : ").append(str).toString());
        }
        return str;
    }

    public AuthContextLocal createAuthContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SessionID sessionID, Hashtable hashtable) throws AuthException {
        this.loginURL = au.constructLoginURL(httpServletRequest);
        setRequestLocale(httpServletRequest);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("locale : ").append(this.localeContext.getLocale()).toString());
        }
        this.userOrg = getUserDomain(httpServletRequest, sessionID, hashtable);
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("createAuthContext: userOrg is : ").append(this.userOrg).toString());
        }
        if (this.userOrg == null || this.userOrg.equals("")) {
            AuthD authD5 = ad;
            AuthD.debug.message("domain is null, error condtion");
            logFailed(ad.bundle.getString("invalidDomain"), "INVALIDDOMAIN");
            throw new AuthException("108", null);
        }
        AuthD authD6 = ad;
        AuthD.debug.message("AuthUtil:getAuthContext:Creating new AuthContextLocal & LoginState");
        AuthContextLocal authContextLocal = new AuthContextLocal(this.userOrg);
        this.requestType = true;
        this.servletRequest = httpServletRequest;
        this.servletResponse = httpServletResponse;
        this.requestHash = hashtable;
        this.client = getClient();
        this.sid = sessionID;
        AuthD authD7 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD8 = ad;
            AuthD.debug.message(new StringBuffer().append("requestType : ").append(this.requestType).toString());
            AuthD authD9 = ad;
            AuthD.debug.message(new StringBuffer().append("client : ").append(this.client).toString());
            AuthD authD10 = ad;
            AuthD.debug.message(new StringBuffer().append("sid : ").append(sessionID).toString());
        }
        try {
            createSession(httpServletRequest, authContextLocal);
            String cookieSupport = au.getCookieSupport(getClientType());
            this.cookieDetect = au.getCookieDetect(cookieSupport);
            if (cookieSupport != null && cookieSupport.equals("false")) {
                this.cookieSupported = false;
            }
            AuthD authD11 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD12 = ad;
                AuthD.debug.message(new StringBuffer().append("cookieSupport is : ").append(cookieSupport).toString());
                AuthD authD13 = ad;
                AuthD.debug.message(new StringBuffer().append("cookieDetect is .. : ").append(this.cookieDetect).toString());
                AuthD authD14 = ad;
                AuthD.debug.message(new StringBuffer().append("cookieSupported is .. : ").append(this.cookieSupported).toString());
            }
            if (AuthUtils.isClientDetectionEnabled() && this.cookieDetect) {
                this.cookieSet = true;
            }
            setGoToURL();
            setGoToOnFailURL();
            this.amIdRepo = ad.getAMIdentityRepository(getOrgDN());
            persistentCookieArgExists();
            populateOrgProfile();
            return authContextLocal;
        } catch (Exception e) {
            AuthD authD15 = ad;
            AuthD.debug.error("Exception creating session .. :", e);
            throw new AuthException(e);
        }
    }

    void createSession(HttpServletRequest httpServletRequest, AuthContextLocal authContextLocal) throws AuthException {
        AuthD authD = ad;
        AuthD.debug.message("LoginState: createSession: Creating new session: ");
        SessionID sessionID = null;
        AuthD authD2 = ad;
        if (AuthD.isHttpSessionUsed()) {
            AuthD authD3 = ad;
            AuthD.debug.message("Save authContext in HttpSession");
            if (httpServletRequest != null) {
                this.hsess = httpServletRequest.getSession();
                sessionID = new SessionID(this.hsess.getId());
                this.hsess.setAttribute(ISAuthConstants.AUTH_CONTEXT_OBJ, authContextLocal);
            }
        } else {
            AuthD authD4 = ad;
            AuthD.debug.message("Save authContext in InternalSession");
            this.sess = ad.newSession(getOrgDN(), null);
            sessionID = this.sess.getID();
            this.sess.setObject(ISAuthConstants.AUTH_CONTEXT_OBJ, authContextLocal);
        }
        this.sid = sessionID;
        AuthD authD5 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD6 = ad;
            AuthD.debug.message(new StringBuffer().append("LoginState: createSession: New session: sid=").append(sessionID).toString());
            AuthD authD7 = ad;
            AuthD.debug.message(new StringBuffer().append("LoginState:New session: ac=").append(authContextLocal).toString());
        }
    }

    public SSOToken getSSOToken() throws SSOException {
        if (this.ssoToken != null) {
            return this.ssoToken;
        }
        if (this.sess != null && this.sess.getState() == 2) {
            return null;
        }
        try {
            this.ssoToken = SSOTokenManager.getInstance().createSSOToken(this.sess.getID().toString());
            return this.ssoToken;
        } catch (SSOException e) {
            AuthD authD = ad;
            AuthD.debug.error("Error retrieving SSOToken :", e);
            throw new SSOException("amAuth", AMAuthErrorCode.AUTH_ERROR, null);
        }
    }

    public String encodeURL(String str, HttpServletResponse httpServletResponse) {
        return encodeURL(str, httpServletResponse, false);
    }

    public String encodeURL(String str, HttpServletResponse httpServletResponse, boolean z) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message("in encodeURL");
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("cookieDetect : ").append(this.cookieDetect).toString());
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("cookieSupported : ").append(this.cookieSupported).toString());
        }
        if ((this.cookieDetect || !this.cookieSupported) && this.sess != null) {
            String cookieName = AuthUtils.getCookieName();
            if (!z && this.sess.getState() == 0) {
                cookieName = AuthUtils.getAuthCookieName();
            }
            String encodeURL = urlRewriteInPath ? this.sess.encodeURL(str, (short) 2, false, cookieName) : this.sess.encodeURL(str, (short) 0, false, cookieName);
            AuthD authD5 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD6 = ad;
                AuthD.debug.message(new StringBuffer().append("AuthRequest encodeURL : URL=").append(str).append(", Rewritten URL=").append(encodeURL).toString());
            }
            return encodeURL;
        }
        return str;
    }

    public String getFileName(String str) {
        return au.getFileName(str, getLocale(), getOrgDN(), this.servletRequest, ad.getServletContext(), this.indexType, this.indexName);
    }

    public boolean createUserProfile(String str, Set set) {
        Map serviceAttributes;
        try {
            if (!this.dynamicProfileCreation) {
                AuthD authD = ad;
                AuthD.debug.message("Error this user requires a profile to login");
                return false;
            }
            if (isApplicationModule(this.authMethName)) {
                AuthD authD2 = ad;
                AuthD.debug.message("No profile created for Application module");
                return false;
            }
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("Creating user entry: ").append(str).toString());
                AuthD authD5 = ad;
                AuthD.debug.message(new StringBuffer().append("aliasList : ").append(set).toString());
            }
            if (this.userCreationAttributes == null) {
                this.userCreationAttributes = new HashMap();
            }
            Map map = Collections.EMPTY_MAP;
            if (set != null && !set.isEmpty()) {
                AuthD authD6 = ad;
                AuthD.debug.message("Adding alias list to user profile");
                if (this.externalAliasList != null && !this.externalAliasList.isEmpty()) {
                    set.addAll(this.externalAliasList);
                }
                map.put(ISAuthConstants.USER_ALIAS_ATTR, set);
            }
            if (!map.isEmpty()) {
                this.userCreationAttributes.putAll(map);
            }
            AuthD authD7 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD8 = ad;
                AuthD.debug.message(new StringBuffer().append("userCreationAttributes is : ").append(this.userCreationAttributes).toString());
            }
            this.amIdentityUser = createUserIdentity(str, this.userCreationAttributes, this.defaultRoles);
            this.userDN = getUserDN(this.amIdentityUser);
            Map attributes = this.amIdentityUser.getAttributes();
            if (this.amIdentityRole != null && (serviceAttributes = this.amIdentityRole.getServiceAttributes(ISAuthConstants.SESSION_SERVICE_NAME)) != null && !serviceAttributes.isEmpty()) {
                attributes.putAll(serviceAttributes);
            }
            populateUserAttributes(attributes, true, null);
            return true;
        } catch (Exception e) {
            AuthD authD9 = ad;
            AuthD.debug.error(new StringBuffer().append("Cannot create user profile for: ").append(str).toString());
            AuthD authD10 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD authD11 = ad;
            AuthD.debug.message("Stack trace: ", e);
            return false;
        }
    }

    private String[] getDefaultSessionAttributes(String str) {
        String defaultMaxSessionTime = ad.getDefaultMaxSessionTime();
        String defaultMaxIdleTime = ad.getDefaultMaxIdleTime();
        String defaultMaxCachingTime = ad.getDefaultMaxCachingTime();
        Map orgServiceAttributes = ad.getOrgServiceAttributes(str, ISAuthConstants.SESSION_SERVICE_NAME);
        if (!orgServiceAttributes.isEmpty()) {
            if (orgServiceAttributes.containsKey(ISAuthConstants.MAX_SESSION_TIME)) {
                defaultMaxSessionTime = (String) ((Set) orgServiceAttributes.get(ISAuthConstants.MAX_SESSION_TIME)).iterator().next();
            }
            if (orgServiceAttributes.containsKey(ISAuthConstants.SESS_MAX_IDLE_TIME)) {
                defaultMaxIdleTime = (String) ((Set) orgServiceAttributes.get(ISAuthConstants.SESS_MAX_IDLE_TIME)).iterator().next();
            }
            if (orgServiceAttributes.containsKey(ISAuthConstants.SESS_MAX_CACHING_TIME)) {
                defaultMaxCachingTime = (String) ((Set) orgServiceAttributes.get(ISAuthConstants.SESS_MAX_CACHING_TIME)).iterator().next();
            }
        }
        return new String[]{defaultMaxSessionTime, defaultMaxIdleTime, defaultMaxCachingTime};
    }

    void populateUserAttributes(Map map, boolean z, AMIdentity aMIdentity) throws AMException {
        String[] defaultSessionAttributes = getDefaultSessionAttributes(getOrgDN());
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("default max session time: ").append(defaultSessionAttributes[0]).append("\ndefault max idle time: ").append(defaultSessionAttributes[1]).append("\ndefault max caching time: ").append(defaultSessionAttributes[2]).toString());
        }
        try {
            this.userAuthConfig = Misc.getMapAttr(map, "iplanet-am-user-auth-config", null);
            if (!z) {
                this.userFailureURLSet = (Set) map.get(ISAuthConstants.USER_FAILURE_URL);
                this.clientUserFailureURL = getRedirectUrl(this.userFailureURLSet);
                this.defaultUserFailureURL = this.tempDefaultURL;
                this.failureRoleURLSet = (Set) map.get("iplanet-am-auth-login-failure-url");
                this.clientFailureRoleURL = getRedirectUrl(this.failureRoleURLSet);
                this.defaultFailureRoleURL = this.tempDefaultURL;
                return;
            }
            String str = defaultSessionAttributes[0];
            AuthD authD3 = ad;
            this.maxSession = Misc.getIntMapAttr(map, ISAuthConstants.MAX_SESSION_TIME, str, AuthD.debug);
            String str2 = defaultSessionAttributes[1];
            AuthD authD4 = ad;
            this.idleTime = Misc.getIntMapAttr(map, ISAuthConstants.SESS_MAX_IDLE_TIME, str2, AuthD.debug);
            String str3 = defaultSessionAttributes[2];
            AuthD authD5 = ad;
            this.cacheTime = Misc.getIntMapAttr(map, ISAuthConstants.SESS_MAX_CACHING_TIME, str3, AuthD.debug);
            String mapAttr = Misc.getMapAttr(map, "inetuserstatus", "active");
            if (aMIdentity != null) {
                mapAttr = aMIdentity.isActive() ? "active" : "inactive";
            }
            String mapAttr2 = Misc.getMapAttr(map, ISAuthConstants.LOGIN_STATUS, "active");
            String mapAttr3 = Misc.getMapAttr(map, ISAuthConstants.NSACCOUNT_LOCK, "false");
            AuthD authD6 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD7 = ad;
                AuthD.debug.message(new StringBuffer().append("entity status is : ").append(mapAttr).toString());
                AuthD authD8 = ad;
                AuthD.debug.message(new StringBuffer().append("user-login-status is : ").append(mapAttr2).toString());
                AuthD authD9 = ad;
                AuthD.debug.message(new StringBuffer().append("nsaccountlock is : ").append(mapAttr3).toString());
            }
            if (!mapAttr2.equalsIgnoreCase("active") || !mapAttr.equalsIgnoreCase("active") || !mapAttr3.equalsIgnoreCase("false")) {
                this.userEnabled = false;
            }
            this.localeContext.setUserLocale(Misc.getMapAttr(map, "preferredlocale", null));
            this.userAliasList = (Set) map.get(ISAuthConstants.USER_ALIAS_ATTR);
            if (this.aliasAttrNames != null && !this.aliasAttrNames.isEmpty()) {
                Iterator it = this.aliasAttrNames.iterator();
                while (it.hasNext()) {
                    Set set = (Set) map.get((String) it.next());
                    if (set != null) {
                        if (this.userAliasList == null) {
                            this.userAliasList = new HashSet();
                        }
                        this.userAliasList.addAll(set);
                    }
                }
            }
            this.accountLife = Misc.getMapAttr(map, ISAuthConstants.ACCOUNT_LIFE);
            this.userSuccessURLSet = (Set) map.get(ISAuthConstants.USER_SUCCESS_URL);
            this.clientUserSuccessURL = getRedirectUrl(this.userSuccessURLSet);
            this.defaultUserSuccessURL = this.tempDefaultURL;
            this.successRoleURLSet = (Set) map.get("iplanet-am-auth-login-success-url");
            this.clientSuccessRoleURL = getRedirectUrl(this.successRoleURLSet);
            this.defaultSuccessRoleURL = this.tempDefaultURL;
            AuthD authD10 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD11 = ad;
                AuthD.debug.message(new StringBuffer().append("Populate User attributes\n  idle->").append(this.idleTime).append("\n  cache->").append(this.cacheTime).append("\n  max->").append(this.maxSession).append("\n  userLoginEnabled->").append(this.userEnabled).append("\n  charset->").append(this.localeContext.getMIMECharset()).append("\n  locale->").append(this.localeContext.getLocale().toString()).append("\n  userAlias->  :").append(this.userAliasList).append("\n  userSuccessURLSet-> :").append(this.userSuccessURLSet).append("\n  clientUserSuccessURL->  :").append(this.clientUserSuccessURL).append("\n  defaultUserSuccessURL->  :").append(this.defaultUserSuccessURL).append("\n  userFailureURLSet-> :").append(this.userFailureURLSet).append("\n  clientUserFailureURL->  :").append(this.clientUserFailureURL).append("\n  defaultUserFailureURL->  :").append(this.defaultUserFailureURL).append("\n  clientSuccessRoleURL ->  :").append(this.clientSuccessRoleURL).append("\n  defaultSuccessRoleURL ->  :").append(this.defaultSuccessRoleURL).append("\n  clientFailureRoleURL ->  :").append(this.clientFailureRoleURL).append("\n  defaultFailureRoleURL ->  :").append(this.defaultFailureRoleURL).append("\n  userAuthConfig -> : ").append(this.userAuthConfig).append("\n  accountLife->").append(this.accountLife).toString());
            }
        } catch (Exception e) {
            AuthD authD12 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD13 = ad;
                AuthD.debug.message("Eception in populateUserAttributes : ", e);
            }
            throw new AMException(e.getMessage(), e.toString());
        }
    }

    public boolean getUserProfile(String str, boolean z) throws AuthException {
        try {
            return getUserProfile(str, z, true);
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("getUserProfile(string,boolean)", e);
            }
            throw new AuthException(e);
        }
    }

    public boolean getUserProfile(String str, boolean z, boolean z2) throws AuthException {
        if (str == null || str.length() == 0) {
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
        IdType idType = null;
        try {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("In getUserProfile : Search for user ").append(str).toString());
            }
            Set set = Collections.EMPTY_SET;
            IdSearchResults idSearchResults = null;
            if (ad.isSuperAdmin(str)) {
                AMIdentity identity = ad.getIdentity(IdType.USER, str, this.orgDN);
                set = new HashSet();
                set.add(identity);
            } else {
                try {
                    AuthD authD3 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD4 = ad;
                        AuthD.debug.message(new StringBuffer().append("LoginState: gettingIdentity using IdUtil.getIdentity: ").append(str).append(" Org: ").append(getOrgDN()).toString());
                    }
                    AMIdentity identity2 = IdUtils.getIdentity(ad.getSSOAuthSession(), str, getOrgDN());
                    if (identity2 != null && identity2.getAttributes() != null) {
                        set = new HashSet();
                        set.add(identity2);
                        idType = identity2.getType();
                        AuthD authD5 = ad;
                        if (AuthD.debug.messageEnabled()) {
                            AuthD authD6 = ad;
                            AuthD.debug.message(new StringBuffer().append("LoginState: getIdentity using IdUtil.getIdentity: ").append(identity2).toString());
                        }
                    }
                } catch (SSOException e) {
                    AuthD authD7 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD8 = ad;
                        AuthD.debug.message("LoginState: getting identity Got SSOException in IdUtils.getIdentity", e);
                    }
                } catch (IdRepoException e2) {
                    AuthD authD9 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD10 = ad;
                        AuthD.debug.message("LoginState: getting identity Got IdRepException in IdUtils.getIdentity", e2);
                    }
                }
                if (set == Collections.EMPTY_SET || !this.identityTypes.contains(idType.getName())) {
                    AuthD authD11 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD12 = ad;
                        AuthD.debug.message("LoginState: getIdentity performing IdRepo search to obtain AMIdentity");
                    }
                    String DNtoName = AuthUtils.DNtoName(str);
                    AuthD authD13 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD14 = ad;
                        AuthD.debug.message(new StringBuffer().append("Search for Identity ").append(DNtoName).toString());
                    }
                    Iterator it = this.identityTypes.iterator();
                    while (it.hasNext()) {
                        idSearchResults = searchIdentity(IdUtils.getType((String) it.next()), DNtoName);
                        if (idSearchResults != null) {
                            set = idSearchResults.getSearchResults();
                        }
                        if (!set.isEmpty()) {
                            break;
                        }
                    }
                }
            }
            AuthD authD15 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD16 = ad;
                AuthD.debug.message(new StringBuffer().append("result is :").append(set).toString());
            }
            if (set.isEmpty()) {
                return false;
            }
            if (set.size() > 1) {
                AuthD authD17 = ad;
                AuthD.debug.error(new StringBuffer().append("getUserProfile : Multiple matches found for user '").append(this.token).append("' in org ").append(this.orgDN).append("\nPlease make sure user is unique within the login ").append("organization, and contact your admin to fix the problem").toString());
                throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
            }
            this.amIdentityUser = (AMIdentity) set.iterator().next();
            this.userDN = getUserDN(this.amIdentityUser);
            IdType type = this.amIdentityUser.getType();
            AuthD authD18 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD19 = ad;
                AuthD.debug.message(new StringBuffer().append("userDN is : ").append(this.userDN).toString());
                AuthD authD20 = ad;
                AuthD.debug.message(new StringBuffer().append("userID(token) is : ").append(this.token).toString());
                AuthD authD21 = ad;
                AuthD.debug.message(new StringBuffer().append("idType is : ").append(type).toString());
            }
            if (!z) {
                return true;
            }
            Map map = null;
            Map attributes = idSearchResults != null ? (Map) idSearchResults.getResultAttributes().get(this.amIdentityUser) : this.amIdentityUser.getAttributes();
            if (this.amIdentityRole != null) {
                AuthD authD22 = ad;
                AuthD.debug.message("retrieving session service from role");
                map = this.amIdentityRole.getServiceAttributes(ISAuthConstants.SESSION_SERVICE_NAME);
            } else if (type.equals(IdType.USER)) {
                AuthD authD23 = ad;
                AuthD.debug.message("retrieving session service from user");
                map = this.amIdentityUser.getServiceAttributes(ISAuthConstants.SESSION_SERVICE_NAME);
            }
            if (map != null && !map.isEmpty()) {
                attributes.putAll(map);
            }
            populateUserAttributes(attributes, z2, this.amIdentityUser);
            return true;
        } catch (AMException e3) {
            AuthD authD24 = ad;
            AuthD.debug.error(new StringBuffer().append("No aliases for: ").append(this.aliasAttrNames).append("=").append(this.token).toString());
            AuthD authD25 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD authD26 = ad;
            AuthD.debug.message("Stack trace: ", e3);
            return false;
        } catch (SSOException e4) {
            AuthD authD27 = ad;
            AuthD.debug.error("SSOException");
            AuthD authD28 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD authD29 = ad;
            AuthD.debug.message("Stack trace: ", e4);
            return false;
        } catch (IdRepoException e5) {
            AuthD authD30 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD authD31 = ad;
            AuthD.debug.error("IdReporException ", e5);
            return false;
        }
    }

    public void populateDefaultUserAttributes() throws AMException {
        String[] defaultSessionAttributes = getDefaultSessionAttributes(getOrgDN());
        try {
            this.maxSession = Integer.parseInt(defaultSessionAttributes[0]);
        } catch (Exception e) {
            this.maxSession = 120;
        }
        try {
            this.idleTime = Integer.parseInt(defaultSessionAttributes[1]);
        } catch (Exception e2) {
            this.idleTime = 30;
        }
        try {
            this.cacheTime = Integer.parseInt(defaultSessionAttributes[2]);
        } catch (Exception e3) {
            this.cacheTime = 3;
        }
        this.userEnabled = true;
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Populate Default User attributes\n  idle->").append(this.idleTime).append("\n  cache->").append(this.cacheTime).append("\n  max->").append(this.maxSession).append("\n  userLoginEnabled->").append(this.userEnabled).append("\n  clientUserSuccessURL ->").append(this.clientUserSuccessURL).append("\n  defaultUserSuccessURL ->").append(this.defaultUserSuccessURL).append("\n  clientUserFailureURL ->").append(this.clientUserFailureURL).append("\n  defaultUserFailureURL ->").append(this.defaultUserFailureURL).append("\n  clientSuccessRoleURL ->").append(this.clientSuccessRoleURL).append("\n  defaultSuccessRoleURL ->").append(this.defaultSuccessRoleURL).append("\n  clientFailureRoleURL ->").append(this.clientFailureRoleURL).append("\n  defaultFailureRoleURL ->").append(this.defaultFailureRoleURL).append("\n  userAuthConfig ->").append(this.userAuthConfig).append("\n  charset->").append(this.localeContext.getMIMECharset()).append("\n  locale->").append(this.localeContext.getLocale().toString()).toString());
        }
    }

    public boolean searchUserProfile(Subject subject, AuthContext.IndexType indexType, String str) throws AuthException {
        this.tokenSet = getTokenFromPrincipal(subject);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message("in searchUserProfile");
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("indexType is.. :").append(indexType).toString());
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("indexName is.. :").append(str).toString());
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("Subject is.. :").append(subject).toString());
            AuthD authD6 = ad;
            AuthD.debug.message(new StringBuffer().append("token is.. :").append(this.token).toString());
            AuthD authD7 = ad;
            AuthD.debug.message(new StringBuffer().append("tokenSet is.. :").append(this.tokenSet).toString());
            AuthD authD8 = ad;
            AuthD.debug.message(new StringBuffer().append("pCookieUserName is.. :").append(this.pCookieUserName).toString());
            AuthD authD9 = ad;
            AuthD.debug.message(new StringBuffer().append("userDN is.. :").append(this.userDN).toString());
        }
        try {
            boolean z = true;
            if ((this.ignoreUserProfile && !isApplicationModule(str)) || (isApplicationModule(str) && ad.isSuperAdmin(this.userDN))) {
                if (ad.isSuperAdmin(this.userDN)) {
                    this.amIdentityUser = ad.getIdentity(IdType.USER, this.userDN, getOrgDN());
                } else {
                    this.amIdentityUser = new AMIdentity(null, this.userDN, IdType.USER, getOrgDN(), null);
                }
                this.userDN = getUserDN(this.amIdentityUser);
                populateDefaultUserAttributes();
                return true;
            }
            if (indexType == AuthContext.IndexType.USER || this.pCookieUserName != null) {
                if (this.token == null && this.pCookieUserName != null) {
                    this.token = this.pCookieUserName;
                }
                if (this.token == null) {
                    return false;
                }
                Map searchUserAliases = searchUserAliases(this.token, this.tokenSet);
                if (!checkAliasList(searchUserAliases)) {
                    if (!this.createWithAlias) {
                        throw new AuthException(AMAuthErrorCode.AUTH_LOGIN_FAILED, null);
                    }
                    if (this.amIdentityUser == null) {
                        addAliasToUserProfile(this.amIdentityUser, searchUserAliases);
                    } else {
                        addAliasToUserProfile(this.token, searchUserAliases);
                    }
                }
            } else {
                if (this.tokenSet.isEmpty()) {
                    AuthD authD10 = ad;
                    AuthD.debug.message("tokenset empty");
                    throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
                }
                if (this.tokenSet.size() == 1) {
                    AuthD authD11 = ad;
                    AuthD.debug.message("tokenset size is 1");
                    z = getCreateUserProfile(true);
                    if (!this.userEnabled) {
                        setFailedUserId(AuthUtils.DNtoName(this.token));
                        throw new AuthException(AMAuthErrorCode.AUTH_USER_INACTIVE, null);
                    }
                    if (ad.isSuperAdmin(this.userDN)) {
                        return true;
                    }
                    if (z && indexType == AuthContext.IndexType.ROLE) {
                        boolean userForRole = getUserForRole(getIdentityRole(str, getOrgDN()));
                        AuthD authD12 = ad;
                        if (AuthD.debug.messageEnabled()) {
                            AuthD authD13 = ad;
                            AuthD.debug.message(new StringBuffer().append("userRoleFound: ").append(userForRole).toString());
                        }
                        if (!userForRole) {
                            logFailed(au.getErrorVal(AMAuthErrorCode.AUTH_USER_NOT_FOUND, AuthUtils.ERROR_MESSAGE), "USERNOTFOUND");
                            throw new AuthException(AMAuthErrorCode.AUTH_USER_NOT_FOUND, null);
                        }
                    }
                } else {
                    AuthD authD14 = ad;
                    AuthD.debug.message("came here !! multiple modules , users ");
                    String str2 = null;
                    z = false;
                    boolean z2 = false;
                    HashMap hashMap = new HashMap();
                    HashMap hashMap2 = new HashMap();
                    Map hashMap3 = new HashMap();
                    HashMap hashMap4 = new HashMap();
                    Boolean bool = Boolean.FALSE;
                    String str3 = null;
                    Iterator it = this.tokenSet.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        this.token = (String) it.next();
                        AuthD authD15 = ad;
                        if (AuthD.debug.messageEnabled()) {
                            AuthD authD16 = ad;
                            AuthD.debug.message(new StringBuffer().append("BEGIN WHILE: Token is.. : ").append(this.token).toString());
                        }
                        z = getUserProfile(this.token, true);
                        hashMap4.put(this.token, new Boolean(z));
                        AuthD authD17 = ad;
                        if (AuthD.debug.messageEnabled()) {
                            AuthD authD18 = ad;
                            AuthD.debug.message(new StringBuffer().append("gotUserProfile : ").append(z).toString());
                        }
                        if (z) {
                            if (str2 == null) {
                                str2 = this.token;
                            }
                            hashMap.put(this.token, new Boolean(this.userEnabled));
                            if (indexType == AuthContext.IndexType.ROLE) {
                                hashMap2.put(this.token, new Boolean(getUserForRole(getIdentityRole(str, getOrgDN()))));
                            }
                            hashMap3 = searchUserAliases(this.token, this.tokenSet);
                            boolean foundUserAlias = getFoundUserAlias(hashMap3);
                            z2 = foundUserAlias;
                            if (foundUserAlias) {
                                str3 = this.token;
                                AuthD authD19 = ad;
                                if (AuthD.debug.messageEnabled()) {
                                    AuthD authD20 = ad;
                                    AuthD.debug.message(new StringBuffer().append("found aliases exiting while:").append(hashMap3).toString());
                                }
                            }
                        }
                    }
                    AuthD authD21 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD22 = ad;
                        AuthD.debug.message(new StringBuffer().append("Alias Token is : ").append(str3).toString());
                        AuthD authD23 = ad;
                        AuthD.debug.message(new StringBuffer().append("Profile Token :").append(str2).toString());
                        AuthD authD24 = ad;
                        AuthD.debug.message(new StringBuffer().append("Token is : ").append(this.token).toString());
                    }
                    if (str3 != null) {
                        this.token = str3;
                    }
                    if (!this.hasAdminToken) {
                        boolean userEnabled = getUserEnabled(hashMap);
                        if (!userEnabled) {
                            setFailedUserId(AuthUtils.DNtoName(this.token));
                            throw new AuthException(AMAuthErrorCode.AUTH_USER_INACTIVE, null);
                        }
                        if (indexType == AuthContext.IndexType.ROLE) {
                            boolean userRoleFound = getUserRoleFound(hashMap2);
                            if (!userRoleFound) {
                                logFailed(au.getErrorVal(AMAuthErrorCode.AUTH_USER_NOT_FOUND, AuthUtils.ERROR_MESSAGE), "USERNOTFOUND");
                                throw new AuthException(AMAuthErrorCode.AUTH_USER_NOT_FOUND, null);
                            }
                            AuthD authD25 = ad;
                            if (AuthD.debug.messageEnabled()) {
                                AuthD authD26 = ad;
                                AuthD.debug.message(new StringBuffer().append("userRoleFound:").append(userRoleFound).toString());
                            }
                        }
                        z = getGotUserProfile(hashMap4);
                        AuthD authD27 = ad;
                        if (AuthD.debug.messageEnabled()) {
                            AuthD authD28 = ad;
                            AuthD.debug.message(new StringBuffer().append("userEnabled : ").append(userEnabled).toString());
                        }
                        if (z && !z2) {
                            if (!this.createWithAlias) {
                                throw new AuthException(AMAuthErrorCode.AUTH_LOGIN_FAILED, null);
                            }
                            AuthD authD29 = ad;
                            if (AuthD.debug.messageEnabled()) {
                                AuthD authD30 = ad;
                                AuthD.debug.message(new StringBuffer().append("dynamicProfileCreation : ").append(this.dynamicProfileCreation).toString());
                                AuthD authD31 = ad;
                                AuthD.debug.message(new StringBuffer().append("foundUserAliasMap : ").append(hashMap3).toString());
                                AuthD authD32 = ad;
                                AuthD.debug.message(new StringBuffer().append("foundUserAliasMap : ").append(z2).toString());
                            }
                            addAliasToUserProfile(str2, hashMap3);
                        }
                        if (this.createWithAlias && !z) {
                            z = createUserProfileForTokens(this.tokenSet, hashMap4);
                        }
                    }
                }
            }
            AuthD authD33 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD34 = ad;
                AuthD.debug.message(new StringBuffer().append("LoginState:searchUserProfile:returning: ").append(z).toString());
            }
            return z;
        } catch (AuthException e) {
            throw new AuthException(e);
        } catch (Exception e2) {
            AuthD authD35 = ad;
            AuthD.debug.error("Error retrieving profile", e2);
            throw new AuthException(e2);
        }
    }

    boolean getCreateUserProfile(boolean z) throws AuthException {
        boolean userProfile = this.userDN != null ? getUserProfile(this.userDN, z) : getUserProfile(this.token, z);
        if (!userProfile && !ad.isSuperAdmin(this.userDN)) {
            userProfile = createUserProfile(this.token, null);
        }
        return userProfile;
    }

    boolean createUserProfileForTokens(Set set, Map map) {
        HashSet hashSet = new HashSet();
        String str = null;
        Iterator it = set.iterator();
        while (it.hasNext()) {
            str = (String) it.next();
            if (ad.isSuperAdmin(str)) {
                break;
            }
            while (it.hasNext()) {
                Object next = it.next();
                AuthD authD = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD2 = ad;
                    AuthD.debug.message(new StringBuffer().append("alias list add token:").append((String) next).toString());
                }
                hashSet.add(next);
            }
        }
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("Tokens List is.. :").append(hashSet).toString());
        }
        try {
            return createUserProfile(str, hashSet);
        } catch (Exception e) {
            AuthD authD5 = ad;
            AuthD.debug.error(new StringBuffer().append("Cannot create user profile for: ").append(str).toString());
            AuthD authD6 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD authD7 = ad;
            AuthD.debug.message("Stack trace: ", e);
            return false;
        }
    }

    Map searchUserAliases(String str, Set set) {
        HashMap hashMap = new HashMap();
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("userAliastList is.. :").append(this.userAliasList).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("userToken is.. :").append(str).toString());
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("tokenSet is.. :").append(set).toString());
        }
        if (set != null && !set.isEmpty()) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str2 = (String) it.next();
                if (this.userAliasList != null && !this.userAliasList.isEmpty()) {
                    AuthD authD5 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD6 = ad;
                        AuthD.debug.message(new StringBuffer().append("AuthToken is : ").append(str2).toString());
                        AuthD authD7 = ad;
                        AuthD.debug.message(new StringBuffer().append("userToken is : ").append(str).toString());
                    }
                    if (str2 != null && str2.equalsIgnoreCase(str) && !hashMap.containsKey(str2)) {
                        hashMap.put(str2, Boolean.TRUE);
                    } else if (this.userAliasList.contains(str2)) {
                        hashMap.put(str2, Boolean.TRUE);
                    } else {
                        hashMap.put(str2, Boolean.FALSE);
                    }
                } else if (str2 == null || !str2.equalsIgnoreCase(str)) {
                    hashMap.put(str2, Boolean.FALSE);
                } else {
                    hashMap.put(str2, Boolean.TRUE);
                }
            }
            AuthD authD8 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD9 = ad;
                AuthD.debug.message(new StringBuffer().append("searchUserAliases: foundUserAliasMap : ").append(hashMap).toString());
            }
        }
        return hashMap;
    }

    Set getTokenFromPrincipal(Subject subject) {
        Set<Principal> principals = subject.getPrincipals();
        StringBuffer stringBuffer = new StringBuffer();
        HashSet hashSet = new HashSet();
        Iterator<Principal> it = principals.iterator();
        while (it.hasNext()) {
            this.token = it.next().getName();
            if (this.token != null && !containsToken(stringBuffer, this.token)) {
                stringBuffer.append(this.token).append("|");
                String normalizedDN = AuthUtils.getNormalizedDN(this.token);
                if (normalizedDN != null && normalizedDN.length() != 0) {
                    this.userDN = normalizedDN;
                    this.token = AuthUtils.DNtoName(this.token);
                } else if (normalizedDN == null && this.userDN == null) {
                    this.userDN = this.token;
                }
            }
            if (!hashSet.contains(this.token)) {
                hashSet.add(this.token);
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("principal name is... :").append(this.token).toString());
            }
        }
        this.principalList = stringBuffer.toString();
        if (this.principalList != null && this.principalList.length() > 0) {
            this.principalList = this.principalList.substring(0, this.principalList.length() - 1);
        }
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("Principal List is :").append(this.principalList).toString());
        }
        return hashSet;
    }

    public boolean isUserEnabled() {
        return this.userEnabled;
    }

    public void setAuthLevel(String str) {
        if (str == null) {
            this.authLevel = 0;
        } else {
            try {
                this.authLevel = Integer.parseInt(str);
            } catch (NumberFormatException e) {
                this.authLevel = 0;
            }
        }
        if (this.authLevel < this.moduleAuthLevel) {
            this.authLevel = this.moduleAuthLevel;
        }
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("AuthLevel is set to : ").append(this.authLevel).toString());
        }
    }

    public AMIdentity getIdentityRole(String str, String str2) {
        if (this.amIdentityRole == null) {
            this.amIdentityRole = searchIdentityRole(str, str2);
        }
        return this.amIdentityRole;
    }

    AMIdentity searchIdentityRole(String str, String str2) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("rolename : ").append(str).toString());
        }
        if (str == null) {
            return null;
        }
        AMIdentity aMIdentity = null;
        try {
            aMIdentity = getRole(str);
        } catch (Exception e) {
            AuthD authD3 = ad;
            AuthD.debug.error("getRole: Error : ", e);
        }
        return aMIdentity;
    }

    public void setAuthModuleName(String str) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("authethName").append(str).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("pAuthMethName ").append(this.pAuthMethName).toString());
        }
        StringBuffer stringBuffer = null;
        if (this.pAuthMethName != null && this.pAuthMethName.length() > 0) {
            stringBuffer = new StringBuffer().append(this.pAuthMethName);
        }
        if (str != null && str.length() > 0) {
            if (stringBuffer != null) {
                stringBuffer.append("|").append(str);
            } else {
                stringBuffer = new StringBuffer().append(str);
            }
        }
        if (stringBuffer != null) {
            this.authMethName = stringBuffer.toString();
        }
        AuthD authD4 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("setAuthModuleName: ").append(this.authMethName).toString());
        }
    }

    public boolean getUserForRole(AMIdentity aMIdentity) {
        boolean z = false;
        try {
            if (this.amIdentityUser.isMember(aMIdentity)) {
                z = true;
            }
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("Error getRoleName : ", e);
            }
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setIndexType(AuthContext.IndexType indexType) {
        this.indexType = indexType;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPreviousIndexType(AuthContext.IndexType indexType) {
        this.prevIndexType = this.indexType;
    }

    public boolean isPersistentCookieOn() {
        return this.persistentCookieOn;
    }

    public boolean getPersistentCookieMode() {
        return this.persistentCookieMode;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setToken(String str) {
        this.token = str;
    }

    public Hashtable getRequestParamHash() {
        return this.requestHash;
    }

    boolean getUserEnabled(Map map) {
        if (map.containsValue(Boolean.FALSE)) {
            this.userEnabled = false;
        } else {
            this.userEnabled = true;
        }
        return this.userEnabled;
    }

    boolean getUserRoleFound(Map map) {
        boolean z = true;
        if (map.containsValue(Boolean.FALSE)) {
            z = false;
        }
        return z;
    }

    boolean getFoundUserAlias(Map map) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("foundAliasMap :").append(map).toString());
        }
        boolean z = true;
        Boolean bool = Boolean.FALSE;
        if (map == null || map.isEmpty() || map.containsValue(bool)) {
            z = false;
        }
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("foundUserAlias : ").append(z).toString());
        }
        return z;
    }

    boolean getGotUserProfile(Map map) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("GotUserProfileMAP is: ").append(map).toString());
        }
        boolean z = false;
        if (map.containsValue(Boolean.TRUE)) {
            z = true;
        }
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("gotUserProfile :").append(z).toString());
        }
        return z;
    }

    void addAliasToUserProfile(String str, Map map) throws AuthException {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Token : ").append(str).toString());
        }
        addAliasToUserProfile(ad.getIdentity(IdType.USER, str, this.orgDN), map);
    }

    void addAliasToUserProfile(AMIdentity aMIdentity, Map map) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("foundUserAliasMap : ").append(map).toString());
        }
        if (map != null) {
            try {
                if (!map.isEmpty()) {
                    for (String str : map.keySet()) {
                        if (this.token != null && !this.token.equalsIgnoreCase(str) && !this.userAliasList.contains(str)) {
                            this.userAliasList.add(str);
                        }
                    }
                    AuthD authD3 = ad;
                    AuthD.debug.message("Adding alias list to user profile");
                    HashMap hashMap = new HashMap();
                    if (this.externalAliasList != null && !this.externalAliasList.isEmpty()) {
                        this.userAliasList.addAll(this.externalAliasList);
                    }
                    hashMap.put(ISAuthConstants.USER_ALIAS_ATTR, this.userAliasList);
                    aMIdentity.setAttributes(hashMap);
                    aMIdentity.store();
                }
            } catch (Exception e) {
                AuthD authD4 = ad;
                AuthD.debug.error(new StringBuffer().append("Exception : ").append(e.getMessage()).toString(), e);
            }
        }
    }

    boolean checkAliasList(Map map) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("UserAliasList is.. : ").append(map).toString());
        }
        boolean z = true;
        Iterator it = map.keySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("Token is.. : ").append((String) next).toString());
            }
            if (!ad.isSuperAdmin(tokenToDN((String) next)) && ((Boolean) map.get(next)).toString().equals("false")) {
                z = false;
                break;
            }
        }
        return z;
    }

    public String searchPersistentCookie() {
        try {
            String str = null;
            String cookieValueFromReq = CookieUtils.getCookieValueFromReq(this.servletRequest, pCookieName);
            if (cookieValueFromReq != null) {
                str = parsePersistentCookie(cookieValueFromReq);
            }
            return str;
        } catch (Exception e) {
            AuthD authD = ad;
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD authD2 = ad;
            AuthD.debug.message("ERROR searchPersistentCookie ", e);
            return null;
        }
    }

    private String parsePersistentCookie(String str) {
        String str2;
        int indexOf;
        SessionID sessionID;
        try {
            this.foundPCookie = Boolean.FALSE;
            String str3 = (String) AccessController.doPrivileged(new EncodeAction(ISAuthConstants.INVALID_PCOOKIE));
            if (str == null || str.equals("") || str.equals(str3) || (indexOf = (str2 = (String) AccessController.doPrivileged(new DecodeAction(str))).indexOf(ISAuthConstants.PERCENT)) == -1) {
                return null;
            }
            String substring = str2.substring(0, indexOf);
            String substring2 = str2.substring(indexOf + 1);
            int indexOf2 = substring2.indexOf(ISAuthConstants.PERCENT);
            if (indexOf2 == -1) {
                return null;
            }
            String substring3 = substring2.substring(0, indexOf2);
            String substring4 = substring2.substring(indexOf2 + 1);
            int indexOf3 = substring4.indexOf(ISAuthConstants.PERCENT);
            if (indexOf3 == -1) {
                return null;
            }
            String substring5 = substring4.substring(0, indexOf3);
            String substring6 = substring4.substring(indexOf3 + 1);
            int indexOf4 = substring6.indexOf(ISAuthConstants.PERCENT);
            if (indexOf4 == -1) {
                return null;
            }
            int parseInt = Integer.parseInt(substring6.substring(0, indexOf4));
            String substring7 = substring6.substring(indexOf4 + 1);
            int indexOf5 = substring7.indexOf(ISAuthConstants.PERCENT);
            if (indexOf5 == -1) {
                return null;
            }
            int parseInt2 = Integer.parseInt(substring7.substring(0, indexOf5));
            String substring8 = substring7.substring(indexOf5 + 1);
            int indexOf6 = substring8.indexOf(ISAuthConstants.PERCENT);
            if (indexOf6 == -1) {
                return null;
            }
            int parseInt3 = Integer.parseInt(substring8.substring(0, indexOf6));
            String substring9 = substring8.substring(indexOf6 + 1);
            int indexOf7 = substring9.indexOf(ISAuthConstants.PERCENT);
            if (indexOf7 == -1) {
                return null;
            }
            String substring10 = substring9.substring(0, indexOf7);
            this.pCookieTimeCreated = Long.parseLong(substring9.substring(indexOf7 + 1));
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("pCookieTimeCreated : ").append(this.pCookieTimeCreated).toString());
            }
            if (!this.sessionUpgrade && (sessionID = new SessionID(substring10)) != null) {
                AuthUtils.removeAuthContext(sessionID);
            }
            if (!getOrgName().equals(substring3)) {
                this.orgName = substring3;
                this.userOrg = this.orgName;
            }
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("authMethStr: ").append(substring5).toString());
            }
            int i = 0;
            while (true) {
                if (i == -1) {
                    break;
                }
                i = substring5.indexOf("|");
                if (i == -1) {
                    String authenticatorForName = ad.getAuthenticatorForName(substring5);
                    AuthD authD5 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD6 = ad;
                        AuthD.debug.message(new StringBuffer().append("authMethStr is : ").append(substring5).toString());
                        AuthD authD7 = ad;
                        AuthD.debug.message(new StringBuffer().append("authModuleName is : ").append(authenticatorForName).toString());
                    }
                    if (authenticatorForName == null || !this.domainAuthenticators.contains(substring5)) {
                        return null;
                    }
                } else {
                    String substring11 = substring5.substring(0, i);
                    String authenticatorForName2 = ad.getAuthenticatorForName(substring11);
                    AuthD authD8 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD9 = ad;
                        AuthD.debug.message(new StringBuffer().append("authModulename is : ").append(substring11).toString());
                        AuthD authD10 = ad;
                        AuthD.debug.message(new StringBuffer().append("authModuleName instance is : ").append(authenticatorForName2).toString());
                    }
                    if (authenticatorForName2 == null || !this.domainAuthenticators.contains(substring11)) {
                        return null;
                    }
                    substring5 = substring5.substring(i + 1);
                }
            }
            this.pAuthMethName = substring5;
            AuthD authD11 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD12 = ad;
                AuthD.debug.message(new StringBuffer().append("Found valid PC : username=").append(substring).append("\ndomainname=").append(substring3).append("\nauthMethod=").append(substring5).append("\nmaxSession=").append(parseInt).append("\nidleTime=").append(parseInt2).append("\ncacheTime=").append(parseInt3).append("\norgDN=").append(this.orgDN).toString());
            }
            this.foundPCookie = Boolean.TRUE;
            return substring;
        } catch (Exception e) {
            AuthD authD13 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD authD14 = ad;
            AuthD.debug.message("ERROR:parsePersistentCookie : ", e);
            return null;
        }
    }

    public static String encodePCookie() {
        return (String) AccessController.doPrivileged(new EncodeAction(ISAuthConstants.INVALID_PCOOKIE));
    }

    public Cookie setPersistentCookie(String str) throws SSOException, AMException {
        int i;
        String str2 = this.persistentCookieTime;
        Cookie cookie = null;
        if (str2 != null) {
            try {
                i = Integer.parseInt(str2);
                if (this.foundPCookie != null && this.foundPCookie.booleanValue()) {
                    i -= new Long((System.currentTimeMillis() - this.pCookieTimeCreated) / 1000).intValue();
                }
            } catch (Exception e) {
                i = 0;
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Add Cookie: maxage=").append(i).toString());
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("Add Cookie: maxage_str=").append(str2).toString());
            }
            if (i > 0) {
                String stringBuffer = new StringBuffer().append(getUserDN(this.amIdentityUser)).append(ISAuthConstants.PERCENT).append(getOrgName()).append(ISAuthConstants.PERCENT).append(this.authMethName).append(ISAuthConstants.PERCENT).append(Integer.toString(this.maxSession)).append(ISAuthConstants.PERCENT).append(Integer.toString(this.idleTime)).append(ISAuthConstants.PERCENT).append(Integer.toString(this.cacheTime)).append(ISAuthConstants.PERCENT).append(this.sid.toString()).append(ISAuthConstants.PERCENT).append(System.currentTimeMillis()).toString();
                cookie = AuthUtils.createPersistentCookie(AuthUtils.getPersistentCookieName(), (String) AccessController.doPrivileged(new EncodeAction(stringBuffer)), i, str);
                AuthD authD4 = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD5 = ad;
                    AuthD.debug.message(new StringBuffer().append("Add PCookie = ").append(stringBuffer).toString());
                }
            } else {
                AuthD authD6 = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD7 = ad;
                    AuthD.debug.message(new StringBuffer().append("Persistent Cookie Mode configured for domain ").append(this.orgName).append(", but no persistentCookieTime = ").append(str2).toString());
                }
            }
        }
        return cookie;
    }

    public Cookie setlbCookie(String str, boolean z) throws SSOException, AMException {
        int i;
        String str2 = AuthUtils.getlbCookieName();
        String str3 = AuthUtils.getlbCookieValue();
        String str4 = this.persistentCookieTime;
        Cookie cookie = null;
        if (str4 == null || !z) {
            cookie = AuthUtils.createPersistentCookie(str2, str3, -1, str);
        } else {
            try {
                i = Integer.parseInt(str4);
            } catch (Exception e) {
                i = 0;
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Add Load Balance Cookie: maxage=").append(i).toString());
            }
            if (i > 0) {
                cookie = AuthUtils.createPersistentCookie(str2, str3, i, str);
                AuthD authD3 = ad;
                AuthD.debug.message("Add Load Balance Cookie!");
            } else {
                AuthD authD4 = ad;
                AuthD.debug.message("No Load Balance Cookie set!");
            }
        }
        return cookie;
    }

    public AuthContext.IndexType getIndexType() {
        return this.indexType;
    }

    public AuthContext.IndexType getPreviousIndexType() {
        return this.prevIndexType;
    }

    void setGoToURL() {
        String str = (String) this.requestHash.get("goto");
        if (str == null || str.equals("")) {
            return;
        }
        this.gotoURL = str;
    }

    void setGoToOnFailURL() {
        String str = (String) this.requestHash.get("gotoOnFail");
        if (str == null || str.equals("")) {
            return;
        }
        this.gotoOnFailURL = str;
    }

    public String getSuccessLoginURL() {
        String str = null;
        if (this.sess != null) {
            str = this.sess.getProperty(ISAuthConstants.POST_PROCESS_SUCCESS_URL);
        }
        if (str != null && str.length() > 0) {
            return str;
        }
        String parameter = this.servletRequest == null ? null : this.servletRequest.getParameter("goto");
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("currentGoto : ").append(parameter).toString());
        }
        String str2 = null;
        if (parameter != null && parameter.length() != 0 && !parameter.equalsIgnoreCase("null")) {
            str2 = ad.processURL(parameter, this.servletRequest);
        } else if (0 == 0 || str2.length() == 0) {
            str2 = ad.processURL(this.successLoginURL, this.servletRequest);
        }
        String encodeURL = encodeURL(str2, this.servletResponse, true);
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("get fqdnURL : ").append(str2).toString());
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("get successLoginURL : ").append(this.successLoginURL).toString());
            AuthD authD6 = ad;
            AuthD.debug.message(new StringBuffer().append("get encodedSuccessURL : ").append(encodeURL).toString());
        }
        return encodeURL;
    }

    public String getConfiguredSuccessLoginURL() {
        String encodeURL = encodeURL(ad.processURL(this.successLoginURL, this.servletRequest), this.servletResponse, true);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("getSuccessLoginURL : ").append(this.successLoginURL).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("getSuccessLoginURL (encoded) : ").append(encodeURL).toString());
        }
        return encodeURL;
    }

    String getSuccessURLForRole() {
        String str = null;
        try {
            str = getRoleURLFromAttribute(getRoleServiceAttributes(), "iplanet-am-auth-login-success-url");
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("Execption:getSuccessURLForRole : ", e);
            }
        }
        return str;
    }

    String getFailureURLForRole() {
        String str = null;
        try {
            str = getRoleURLFromAttribute(getRoleServiceAttributes(), "iplanet-am-auth-login-failure-url");
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("Error retrieving url ");
                AuthD authD3 = ad;
                AuthD.debug.message("Exception : ", e);
            }
        }
        return str;
    }

    Map getRoleServiceAttributes() throws Exception {
        try {
            if (this.roleAttributeMap == null) {
                if (AuthD.revisionNumber < 30) {
                    this.roleAttributeMap = this.amIdentityRole.getServiceAttributes("iPlanetAMAuthConfiguration");
                } else {
                    String str = (String) ((Set) this.amIdentityRole.getServiceAttributes("iPlanetAMAuthConfiguration").get("iplanet-am-auth-configuration")).iterator().next();
                    if (!str.equals(ISAuthConstants.BLANK)) {
                        this.roleAttributeMap = getServiceAttributes(str);
                    }
                }
            }
            if (this.roleAttributeMap == null) {
                this.roleAttributeMap = Collections.EMPTY_MAP;
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Returning Service Attributes: ").append(this.roleAttributeMap).toString());
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("for Role : ").append(this.amIdentityRole.getName()).toString());
            }
            return this.roleAttributeMap;
        } catch (Exception e) {
            AuthD authD4 = ad;
            AuthD.debug.error("Error getting Role Attributes : ", e);
            throw new Exception(AMAuthErrorCode.AUTH_ERROR);
        }
    }

    String getSuccessURLForService(String str) {
        String str2 = null;
        try {
            if (this.serviceAttributesMap != null && this.serviceAttributesMap.isEmpty()) {
                this.serviceAttributesMap = getServiceAttributes(str);
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("AttributeMAP is.. :").append(this.serviceAttributesMap).toString());
            }
            str2 = getServiceURLFromAttribute(this.serviceAttributesMap, "iplanet-am-auth-login-success-url");
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("service successURL : ").append(str2).toString());
            }
        } catch (Exception e) {
            AuthD authD5 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD6 = ad;
                AuthD.debug.message("Error retrieving url ");
                AuthD authD7 = ad;
                AuthD.debug.message("Exception : ", e);
            }
        }
        return str2;
    }

    String getFailureURLForService(String str) {
        String str2 = null;
        try {
            if (this.serviceAttributesMap.isEmpty()) {
                this.serviceAttributesMap = getServiceAttributes(str);
            }
            str2 = getServiceURLFromAttribute(this.serviceAttributesMap, "iplanet-am-auth-login-failure-url");
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Service failureURL: ").append(str2).toString());
            }
        } catch (Exception e) {
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message("Error retrieving url ");
                AuthD authD5 = ad;
                AuthD.debug.message("Exception : ", e);
            }
        }
        return str2;
    }

    Map getServiceAttributes(String str) throws Exception {
        try {
            return AMAuthConfigUtils.getNamedConfig(str, getOrgDN(), ad.getSSOAuthSession());
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("Error getting service attribute: ");
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append(" Exception : ").append(e.getMessage()).toString());
            }
            throw new Exception(e.getMessage());
        }
    }

    AMPostAuthProcessInterface getPostLoginProcessInstance(String str) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("postLoginProcess Class Name is : ").append(str).toString());
        }
        if (str == null || str.equals("")) {
            return null;
        }
        try {
            return (AMPostAuthProcessInterface) Class.forName(str).newInstance();
        } catch (ClassNotFoundException e) {
            AuthD authD3 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD authD4 = ad;
            AuthD.debug.message("Class not Found :", e);
            return null;
        } catch (Exception e2) {
            AuthD authD5 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD authD6 = ad;
            AuthD.debug.message("Error: ", e2);
            return null;
        }
    }

    public void setSuccessLoginURL(String str) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("URL : from modle  : ").append(str).toString());
        }
        this.moduleSuccessLoginURL = str;
    }

    public void setFailureLoginURL(String str) {
        this.moduleFailureLoginURL = str;
    }

    public void setSuccessLoginURL(AuthContext.IndexType indexType, String str) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("moduleSucessLoginURL : ").append(this.moduleSuccessLoginURL).toString());
        }
        if (this.moduleSuccessLoginURL != null && !this.moduleSuccessLoginURL.equals("")) {
            this.successLoginURL = this.moduleSuccessLoginURL;
            return;
        }
        if (this.clientUserSuccessURL != null && !this.clientUserSuccessURL.equals("")) {
            this.successLoginURL = this.clientUserSuccessURL;
            if (this.successLoginURL != null) {
                return;
            }
        }
        String str2 = this.defaultUserSuccessURL;
        if (indexType == AuthContext.IndexType.ROLE) {
            String successURLForRole = getSuccessURLForRole();
            if (successURLForRole != null && !successURLForRole.equals("")) {
                this.successLoginURL = successURLForRole;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (indexType == AuthContext.IndexType.SERVICE) {
            String successURLForService = getSuccessURLForService(str);
            if (successURLForService != null && !successURLForService.equals("")) {
                this.successLoginURL = successURLForService;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (this.clientSuccessRoleURL != null && !this.clientSuccessRoleURL.equals("")) {
            this.successLoginURL = this.clientSuccessRoleURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultSuccessRoleURL;
        }
        if (this.clientOrgSuccessLoginURL != null && !this.clientOrgSuccessLoginURL.equals("")) {
            this.successLoginURL = this.clientOrgSuccessLoginURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultOrgSuccessLoginURL;
        }
        if (indexType == AuthContext.IndexType.SERVICE || indexType == AuthContext.IndexType.ROLE) {
            this.defaultSuccessURL = getRedirectUrl(ad.defaultServiceSuccessURLSet);
        } else {
            this.defaultSuccessURL = getRedirectUrl(ad.defaultSuccessURLSet);
            ad.defaultSuccessURL = this.tempDefaultURL;
        }
        if (this.defaultSuccessURL != null && !this.defaultSuccessURL.equals("")) {
            this.successLoginURL = this.defaultSuccessURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.tempDefaultURL;
        }
        this.successLoginURL = str2;
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("SUCCESS Login url : ").append(this.successLoginURL).toString());
        }
    }

    public void setFailureLoginURL(AuthContext.IndexType indexType, String str) {
        if (this.moduleFailureLoginURL != null && !this.moduleFailureLoginURL.equals("")) {
            this.failureLoginURL = this.moduleFailureLoginURL;
            return;
        }
        if (this.gotoOnFailURL != null && !this.gotoOnFailURL.equals("")) {
            this.failureLoginURL = this.gotoOnFailURL;
            return;
        }
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("failureTokenId in setFailureLoginURL = ").append(this.failureTokenId).toString());
        }
        String str2 = null;
        if (this.failureTokenId != null) {
            try {
                getUserProfile(this.failureTokenId, true, false);
                if (this.clientUserFailureURL != null && !this.clientUserFailureURL.equals("")) {
                    this.failureLoginURL = this.clientUserFailureURL;
                    return;
                }
                str2 = this.defaultUserFailureURL;
            } catch (Exception e) {
                AuthD authD3 = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD4 = ad;
                    AuthD.debug.message(new StringBuffer().append("Error retreiving profile for : ").append(this.failureTokenId).toString(), e);
                }
            }
        }
        if (indexType == AuthContext.IndexType.ROLE) {
            String failureURLForRole = getFailureURLForRole();
            if (failureURLForRole != null && !failureURLForRole.equals("")) {
                this.failureLoginURL = failureURLForRole;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (indexType == AuthContext.IndexType.SERVICE) {
            String failureURLForService = getFailureURLForService(str);
            if (failureURLForService != null && !failureURLForService.equals("")) {
                this.failureLoginURL = failureURLForService;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (this.clientFailureRoleURL != null && !this.clientFailureRoleURL.equals("")) {
            this.failureLoginURL = this.clientFailureRoleURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultFailureRoleURL;
        }
        if (this.clientOrgFailureLoginURL != null && !this.clientOrgFailureLoginURL.equals("")) {
            this.failureLoginURL = this.clientOrgFailureLoginURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultOrgFailureLoginURL;
        }
        if (indexType == AuthContext.IndexType.SERVICE || indexType == AuthContext.IndexType.ROLE) {
            this.defaultFailureURL = getRedirectUrl(ad.defaultServiceFailureURLSet);
        } else {
            this.defaultFailureURL = getRedirectUrl(ad.defaultFailureURLSet);
            ad.defaultFailureURL = this.tempDefaultURL;
        }
        if (this.defaultFailureURL != null && !this.defaultFailureURL.equals("")) {
            this.failureLoginURL = this.defaultFailureURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.tempDefaultURL;
        }
        this.failureLoginURL = str2;
        AuthD authD5 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD6 = ad;
            AuthD.debug.message(new StringBuffer().append("defaultFailureURL : ").append(this.failureLoginURL).toString());
        }
    }

    public String getFailureLoginURL() {
        if (this.fqdnFailureLoginURL == null || this.fqdnFailureLoginURL.length() == 0) {
            this.fqdnFailureLoginURL = ad.processURL(this.failureLoginURL, this.servletRequest);
        }
        return this.fqdnFailureLoginURL;
    }

    String getRoleURLFromAttribute(Map map, String str) {
        try {
            return getRedirectUrl((Set) map.get(str));
        } catch (Exception e) {
            AuthD authD = ad;
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD authD2 = ad;
            AuthD.debug.message("Error getting role attribute ", e);
            return null;
        }
    }

    String getServiceURLFromAttribute(Map map, String str) {
        String redirectUrl = getRedirectUrl((Set) map.get(str));
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("attr map: ").append(map).append("\nserviceURL : ").append(redirectUrl).toString());
        }
        return redirectUrl;
    }

    public HttpServletResponse getHttpServletResponse() {
        return this.servletResponse;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setHttpServletResponse(HttpServletResponse httpServletResponse) {
        this.servletResponse = httpServletResponse;
    }

    public synchronized void setPersistentCookieOn() {
        this.persistentCookieOn = true;
    }

    public Callback[] getRecdCallback() {
        return this.prevCallback;
    }

    public synchronized void setPrevCallback(Callback[] callbackArr) {
        this.prevCallback = callbackArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAccountLife() {
        return this.accountLife;
    }

    protected String getUserToken() {
        return this.token;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean getLoginFailureLockoutMode() {
        return this.loginFailureLockoutMode;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean getLoginFailureLockoutStoreInDS() {
        return this.loginFailureLockoutStoreInDS;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public long getLoginFailureLockoutTime() {
        return this.loginFailureLockoutTime;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int getLoginFailureLockoutCount() {
        return this.loginFailureLockoutCount;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getLoginLockoutNotification() {
        return this.loginLockoutNotification;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int getLoginLockoutUserWarning() {
        return this.loginLockoutUserWarning;
    }

    public void setErrorCode(String str) {
        this.errorCode = str;
    }

    public String getErrorCode() {
        return this.errorCode;
    }

    public void setErrorMessage(String str) {
        this.errorMessage = str;
    }

    public String getErrorMessage() {
        return this.errorMessage;
    }

    public void setErrorTemplate(String str) {
        this.errorTemplate = str;
    }

    public String getErrorTemplate() {
        return this.errorTemplate;
    }

    public void setModuleErrorTemplate(String str) {
        this.moduleErrorTemplate = str;
    }

    public String getModuleErrorTemplate() {
        return this.moduleErrorTemplate;
    }

    public void setTimedOut(boolean z) {
        this.timedOut = z;
    }

    public boolean isTimedOut() {
        return this.timedOut;
    }

    public void setLockoutMsg(String str) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("setLockoutMsg :").append(str).toString());
        }
        this.lockoutMsg = str;
    }

    public String getLockoutMsg() {
        return this.lockoutMsg;
    }

    public void setIndexName(String str) {
        this.indexName = str;
    }

    public AuthContextLocal createAuthContext(SessionID sessionID, String str, HttpServletRequest httpServletRequest) throws AuthException {
        this.userOrg = getDomainNameByOrg(str);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("createAuthContext: userOrg is : ").append(this.userOrg).toString());
        }
        if (this.userOrg == "" || this.userOrg == null) {
            AuthD authD3 = ad;
            AuthD.debug.error("domain is null, error condtion");
            logFailed(ad.bundle.getString("invalidDomain"), "INVALIDDOMAIN");
            throw new AuthException("108", null);
        }
        AuthD authD4 = ad;
        AuthD.debug.message("AuthUtil:getAuthContext:Creating new AuthContextLocal & LoginState");
        AuthContextLocal authContextLocal = new AuthContextLocal(this.userOrg);
        this.requestType = true;
        this.sid = sessionID;
        AuthD authD5 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD6 = ad;
            AuthD.debug.message(new StringBuffer().append("requestType : ").append(this.requestType).toString());
            AuthD authD7 = ad;
            AuthD.debug.message(new StringBuffer().append("sid : ").append(sessionID).toString());
            AuthD authD8 = ad;
            AuthD.debug.message(new StringBuffer().append("orgName passed: ").append(str).toString());
        }
        try {
            createSession(httpServletRequest, authContextLocal);
            this.amIdRepo = ad.getAMIdentityRepository(getOrgDN());
            populateOrgProfile();
            this.isRemote = true;
            return authContextLocal;
        } catch (Exception e) {
            AuthD authD9 = ad;
            AuthD.debug.error("Exception creating session .. :", e);
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
    }

    public boolean setModuleAuthLevel(int i) {
        boolean z = false;
        this.moduleAuthLevel = i;
        if (this.authLevel < this.moduleAuthLevel) {
            this.authLevel = this.moduleAuthLevel;
            z = true;
        }
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("spi authLevel :").append(i).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("module configuration authLevel :").append(this.authLevel).toString());
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("levelSet :").append(z).toString());
        }
        return z;
    }

    public String getDomainNameByOrg(String str) {
        String str2 = null;
        try {
            str2 = au.getOrganizationDN(str, false, null);
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Incorrect orgName passed:").append(str).toString(), e);
            }
        }
        return str2;
    }

    public Set getModuleInstances() {
        try {
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("Error getting moduleInstances ", e);
            }
        }
        if (this.moduleInstances != null && !this.moduleInstances.isEmpty()) {
            return this.moduleInstances;
        }
        this.moduleInstances = this.domainAuthenticators;
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("moduleInstances are : ").append(this.moduleInstances).toString());
        }
        if (this.moduleInstances == null) {
            this.moduleInstances = Collections.EMPTY_SET;
        }
        return this.moduleInstances;
    }

    public Set getDomainAuthenticators() {
        return this.domainAuthenticators;
    }

    public void setX509Certificate(X509Certificate x509Certificate) {
        this.cert = x509Certificate;
    }

    public X509Certificate getX509Certificate() {
        return this.cert;
    }

    public void logSuccess() {
        try {
            String string = ad.bundle.getString("loginSuccess");
            ArrayList arrayList = new ArrayList();
            arrayList.add(string);
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("LOGIN_SUCCESS");
            if (this.indexType != null) {
                stringBuffer.append("_").append(this.indexType.toString().toUpperCase());
                arrayList.add(this.indexType.toString());
                if (this.indexName != null) {
                    arrayList.add(this.indexName);
                }
            }
            String[] strArr = (String[]) arrayList.toArray(new String[0]);
            String str = null;
            SSOToken sSOToken = getSSOToken();
            if (sSOToken != null) {
                str = sSOToken.getProperty(Constants.AM_CTX_ID);
            }
            Hashtable hashtable = new Hashtable();
            if (this.client != null) {
                hashtable.put(LogConstants.IP_ADDR, this.client);
            }
            if (this.userDN != null) {
                hashtable.put(LogConstants.LOGIN_ID, this.userDN);
            }
            if (this.orgDN != null) {
                hashtable.put(LogConstants.DOMAIN, this.orgDN);
            }
            if (this.authMethName != null) {
                hashtable.put(LogConstants.MODULE_NAME, this.authMethName);
            }
            if (this.sess != null) {
                hashtable.put(LogConstants.LOGIN_ID_SID, this.sess.getID().toString());
            }
            if (str != null) {
                hashtable.put(LogConstants.CONTEXT_ID, str);
            }
            AuthD authD = ad;
            AuthD authD2 = ad;
            authD.logIt(strArr, 0, stringBuffer.toString(), hashtable);
        } catch (Exception e) {
            AuthD authD3 = ad;
            AuthD.debug.message("Error creating logSuccess message", e);
        }
    }

    public void logFailed(String str) {
        logFailed(str, null);
    }

    public void logFailed(String str, String str2) {
        String str3 = str;
        if (str == null) {
            try {
                str3 = ad.bundle.getString("loginFailed");
            } catch (Exception e) {
                AuthD authD = ad;
                AuthD.debug.error("Error creating logFailed message", e);
                return;
            }
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(str3);
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("LOGIN_FAILED");
        if (this.indexType != null && this.indexType != AuthContext.IndexType.COMPOSITE_ADVICE) {
            stringBuffer.append("_").append(this.indexType.toString().toUpperCase());
            arrayList.add(this.indexType.toString());
            if (this.indexName != null) {
                arrayList.add(this.indexName);
            }
        }
        if (str2 != null) {
            stringBuffer.append("_").append(str2);
        }
        String[] strArr = (String[]) arrayList.toArray(new String[0]);
        Hashtable hashtable = new Hashtable();
        if (this.client != null) {
            hashtable.put(LogConstants.IP_ADDR, this.client);
        }
        if (this.userDN != null) {
            hashtable.put(LogConstants.LOGIN_ID, this.userDN);
        } else if (this.failureTokenId != null) {
            hashtable.put(LogConstants.LOGIN_ID, this.failureTokenId);
        } else if (this.callbacksPerState != null && this.callbacksPerState.values() != null && this.callbacksPerState.values().size() > 0) {
            Object[] array = this.callbacksPerState.values().toArray();
            for (int i = 0; i < array.length; i++) {
                if (array[i] instanceof Callback[]) {
                    NameCallback[] nameCallbackArr = (Callback[]) array[i];
                    for (int i2 = 0; i2 < nameCallbackArr.length; i2++) {
                        if (nameCallbackArr[i2] instanceof NameCallback) {
                            this.userDN = nameCallbackArr[i2].getName();
                            AuthD authD2 = ad;
                            if (AuthD.debug.messageEnabled()) {
                                AuthD authD3 = ad;
                                AuthD.debug.message(new StringBuffer().append("userDN is null, setting to ").append(this.userDN).toString());
                            }
                            hashtable.put(LogConstants.LOGIN_ID, this.userDN);
                        }
                    }
                }
            }
        }
        if (this.orgDN != null) {
            hashtable.put(LogConstants.DOMAIN, this.orgDN);
        }
        if (this.failureModuleList != null && this.failureModuleList.length() > 0) {
            hashtable.put(LogConstants.MODULE_NAME, this.failureModuleList);
        }
        if (this.sess != null) {
            hashtable.put(LogConstants.LOGIN_ID_SID, this.sess.getID().toString());
        }
        AuthD authD4 = ad;
        AuthD authD5 = ad;
        authD4.logIt(strArr, 1, stringBuffer.toString(), hashtable);
    }

    public void logLogout() {
        try {
            String string = ad.bundle.getString("logout");
            ArrayList arrayList = new ArrayList();
            arrayList.add(string);
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("LOGOUT");
            if (this.indexType != null) {
                stringBuffer.append("_").append(this.indexType.toString().toUpperCase());
                arrayList.add(this.indexType.toString());
                if (this.indexName != null) {
                    arrayList.add(this.indexName);
                }
            }
            String[] strArr = (String[]) arrayList.toArray(new String[0]);
            String str = null;
            SSOToken sSOToken = getSSOToken();
            if (sSOToken != null) {
                str = sSOToken.getProperty(Constants.AM_CTX_ID);
            }
            Hashtable hashtable = new Hashtable();
            if (this.client != null) {
                hashtable.put(LogConstants.IP_ADDR, this.client);
            }
            if (this.userDN != null) {
                hashtable.put(LogConstants.LOGIN_ID, this.userDN);
            }
            if (this.orgDN != null) {
                hashtable.put(LogConstants.DOMAIN, this.orgDN);
            }
            if (this.authMethName != null) {
                hashtable.put(LogConstants.MODULE_NAME, this.authMethName);
            }
            if (this.sess != null) {
                hashtable.put(LogConstants.LOGIN_ID_SID, this.sess.getID().toString());
            }
            if (str != null) {
                hashtable.put(LogConstants.CONTEXT_ID, str);
            }
            AuthD authD = ad;
            AuthD authD2 = ad;
            authD.logIt(strArr, 0, stringBuffer.toString(), hashtable);
        } catch (Exception e) {
            AuthD authD3 = ad;
            AuthD.debug.error("Error creating logout message", e);
        }
    }

    public String getLoginLockoutAttrName() {
        return this.loginLockoutAttrName;
    }

    public String getLoginLockoutAttrValue() {
        return this.loginLockoutAttrValue;
    }

    public long getLoginFailureLockoutDuration() {
        return this.loginFailureLockoutDuration;
    }

    public void setPrevAuthContext(AuthContextLocal authContextLocal) {
        this.oldAuthContext = authContextLocal;
    }

    public AuthContextLocal getPrevAuthContext() {
        return this.oldAuthContext;
    }

    public void setSessionUpgrade(boolean z) {
        this.sessionUpgrade = z;
    }

    public boolean isSessionUpgrade() {
        return this.sessionUpgrade;
    }

    void sessionUpgrade() {
        LoginState loginState = AuthUtils.getLoginState(this.oldAuthContext);
        InternalSession internalSession = null;
        if (loginState != null) {
            internalSession = loginState.getSession();
        }
        if (internalSession == null) {
            return;
        }
        upgradeAllProperties(internalSession);
        int i = 0;
        try {
            i = Integer.parseInt(internalSession.getProperty("AuthLevel"));
        } catch (NumberFormatException e) {
            AuthD authD = ad;
            AuthD.debug.error("AuthLevel from session property bad format");
        }
        AuthD authD2 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("prevAuthLevel : ").append(i).toString());
        }
        if (i > this.authLevel) {
            this.upgradeAuthLevel = i;
        } else {
            this.upgradeAuthLevel = this.authLevel;
        }
        String property = internalSession.getProperty("Service");
        String str = property;
        String str2 = null;
        if (this.indexType == AuthContext.IndexType.SERVICE) {
            str2 = this.indexName;
            if (property != null) {
                str = property;
                if (this.indexName != null && property.indexOf(this.indexName) == -1) {
                    str = new StringBuffer().append(this.indexName).append("|").append(property).toString();
                }
            } else {
                str = this.indexName;
            }
        }
        String property2 = internalSession.getProperty("Role");
        String str3 = property2;
        if (this.indexType == AuthContext.IndexType.ROLE) {
            if (property2 != null) {
                str3 = property2;
                if (this.indexName != null && property2.indexOf(this.indexName) == -1) {
                    str3 = new StringBuffer().append(this.indexName).append("|").append(property2).toString();
                }
            } else {
                str3 = this.indexName;
            }
        }
        String property3 = internalSession.getProperty(ISAuthConstants.AUTH_TYPE);
        String str4 = this.authMethName;
        AuthD authD4 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("authMethName (newModuleList) : ").append(this.authMethName).toString());
            AuthD authD6 = ad;
            AuthD.debug.message(new StringBuffer().append("prevModuleList : ").append(property3).toString());
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str4);
        String parsePropertyList = property3 != str4 ? parsePropertyList(property3, str4) : stringBuffer.toString();
        AuthD authD7 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD8 = ad;
            AuthD.debug.message(new StringBuffer().append("oldAuthLevel : ").append(i).toString());
            AuthD authD9 = ad;
            AuthD.debug.message(new StringBuffer().append("newAuthLevel : ").append(this.authLevel).toString());
            AuthD authD10 = ad;
            AuthD.debug.message(new StringBuffer().append("upgradeAuthLevel : ").append(this.upgradeAuthLevel).toString());
            AuthD authD11 = ad;
            AuthD.debug.message(new StringBuffer().append("prevServiceName : ").append(property).toString());
            AuthD authD12 = ad;
            AuthD.debug.message(new StringBuffer().append("newServiceName : ").append(str2).toString());
            AuthD authD13 = ad;
            AuthD.debug.message(new StringBuffer().append("upgradeServiceName : ").append(str).toString());
            AuthD authD14 = ad;
            AuthD.debug.message(new StringBuffer().append("preRoleName : ").append(property2).toString());
            AuthD authD15 = ad;
            AuthD.debug.message(new StringBuffer().append("newRoleName : ").append(str3).toString());
            AuthD authD16 = ad;
            AuthD.debug.message(new StringBuffer().append("upgradeRoleName : ").append(str3).toString());
            AuthD authD17 = ad;
            AuthD.debug.message(new StringBuffer().append("prevModuleList: ").append(property3).toString());
            AuthD authD18 = ad;
            AuthD.debug.message(new StringBuffer().append("newModuleList: ").append(str4).toString());
            AuthD authD19 = ad;
            AuthD.debug.message(new StringBuffer().append("upgradeModuleList: ").append(parsePropertyList).toString());
        }
        updateSessionProperty("AuthLevel", new Integer(this.upgradeAuthLevel).toString());
        updateSessionProperty(ISAuthConstants.AUTH_TYPE, parsePropertyList);
        updateSessionProperty("Service", str);
        updateSessionProperty("Role", str3);
        this.sess.setIsSessionUpgrade(true);
    }

    void updateSessionProperty(String str, String str2) {
        if (str2 == null) {
            return;
        }
        this.sess.putProperty(str, str2);
    }

    String parsePropertyList(String str, String str2) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("oldProperty : ").append(str).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("newProperty : ").append(str2).toString());
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str2);
        StringTokenizer stringTokenizer = new StringTokenizer(str, "|");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (str2.indexOf(nextToken) == -1) {
                stringBuffer.append("|").append(nextToken);
            }
        }
        String stringBuffer2 = stringBuffer.toString();
        AuthD authD4 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("propertyList is : ").append(stringBuffer2).toString());
        }
        return stringBuffer2;
    }

    void upgradeAllProperties(InternalSession internalSession) {
        Enumeration propertyNames = internalSession.getPropertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            updateSessionProperty(str, internalSession.getProperty(str));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCookieSet(boolean z) {
        this.cookieSet = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isCookieSet() {
        return this.cookieSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCookieSupported(boolean z) {
        this.cookieSupported = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isCookieSupported() {
        return this.cookieSupported;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void postLogin(AuthContext.IndexType indexType, String str, boolean z) {
        setPostLoginInstances(indexType, str);
        if (this.postLoginInstanceSet == null || this.postLoginInstanceSet.isEmpty()) {
            return;
        }
        Iterator it = this.postLoginInstanceSet.iterator();
        while (it.hasNext()) {
            executePostLoginSPI((AMPostAuthProcessInterface) it.next(), z);
        }
    }

    void executePostLoginSPI(AMPostAuthProcessInterface aMPostAuthProcessInterface, boolean z) {
        try {
            if (z) {
                aMPostAuthProcessInterface.onLoginSuccess(this.requestMap, this.servletRequest, this.servletResponse, getSSOToken());
            } else {
                aMPostAuthProcessInterface.onLoginFailure(this.requestMap, this.servletRequest, this.servletResponse);
            }
        } catch (AuthenticationException e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("Error ", e);
            }
        } catch (Exception e2) {
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message("Error ", e2);
            }
        }
    }

    void setPostLoginInstances(AuthContext.IndexType indexType, String str) {
        Set<String> set = Collections.EMPTY_SET;
        if (indexType == AuthContext.IndexType.ROLE) {
            set = getRolePostLoginClassSet();
        } else if (indexType == AuthContext.IndexType.SERVICE) {
            if (!str.equals(ISAuthConstants.CONSOLE_SERVICE)) {
                set = getServicePostLoginClassSet(str);
            } else if (AuthD.revisionNumber >= 30 && this.orgAdminAuthConfig != null && !this.orgAdminAuthConfig.equals(ISAuthConstants.BLANK)) {
                set = getServicePostLoginClassSet(this.orgAdminAuthConfig);
            }
        } else if (indexType == AuthContext.IndexType.USER && AuthD.revisionNumber >= 30 && this.userAuthConfig != null && !this.userAuthConfig.equals(ISAuthConstants.BLANK)) {
            set = getServicePostLoginClassSet(this.userAuthConfig);
        }
        if ((set == null || set.isEmpty()) && this.orgPostLoginClassSet != null && !this.orgPostLoginClassSet.isEmpty()) {
            set = this.orgPostLoginClassSet;
        } else if (AuthD.revisionNumber >= 30 && indexType == null && this.orgAuthConfig != null && !this.orgAuthConfig.equals(ISAuthConstants.BLANK)) {
            set = getServicePostLoginClassSet(this.orgAuthConfig);
        }
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("postLoginClassSet = ").append(set).toString());
        }
        if (set == null || set.isEmpty()) {
            return;
        }
        this.postLoginInstanceSet = new HashSet();
        for (String str2 : set) {
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("setPostLoginInstances : ").append(str2).toString());
                AuthD authD5 = ad;
                AuthD.debug.message(new StringBuffer().append("setPostLoginInstances : ").append(set.size()).toString());
            }
            AMPostAuthProcessInterface postLoginProcessInstance = getPostLoginProcessInstance(str2);
            if (postLoginProcessInstance != null) {
                this.postLoginInstanceSet.add(postLoginProcessInstance);
            }
        }
    }

    Set getRolePostLoginClassSet() {
        Set set = null;
        try {
            set = (Set) getRoleServiceAttributes().get("iplanet-am-auth-post-login-process-class");
            if (set == null) {
                set = Collections.EMPTY_SET;
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Role Post Login Class Set : ").append(set).toString());
            }
        } catch (Exception e) {
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message("Error get role class set ", e);
            }
        }
        return set;
    }

    Set getServicePostLoginClassSet(String str) {
        Set set = null;
        try {
            if (this.serviceAttributesMap != null && this.serviceAttributesMap.isEmpty()) {
                this.serviceAttributesMap = getServiceAttributes(str);
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Service Attributes are . :").append(this.serviceAttributesMap).toString());
            }
            set = (Set) this.serviceAttributesMap.get("iplanet-am-auth-post-login-process-class");
            if (set == null) {
                set = Collections.EMPTY_SET;
            }
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("postLoginClassName: ").append(set).toString());
            }
        } catch (Exception e) {
            AuthD authD5 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD6 = ad;
                AuthD.debug.message(new StringBuffer().append("Error get service post login class name ").append(e.getMessage()).toString());
            }
        }
        return set;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setModuleErrorMessage(String str) {
        this.moduleErrorMessage = str;
    }

    public String getModuleErrorMessage() {
        return this.moduleErrorMessage;
    }

    public String getLoginURL() {
        return this.loginURL;
    }

    public synchronized void setPageTimeOut(long j) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Setting page timeout :").append(j).toString());
        }
        this.pageTimeOut = j;
    }

    public long getPageTimeOut() {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Returning page timeout :").append(this.pageTimeOut).toString());
        }
        return this.pageTimeOut;
    }

    public void setLastCallbackSent(long j) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("setting Last Callback Sent :").append(j).toString());
        }
        this.lastCallbackSent = j;
    }

    public long getLastCallbackSent() {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Returning Last Callback Sent :").append(this.lastCallbackSent).toString());
        }
        return this.lastCallbackSent;
    }

    private String getRedirectUrl(Set set) {
        String str = null;
        this.tempDefaultURL = null;
        if (set != null && !set.isEmpty()) {
            String str2 = null;
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                AuthD authD = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD2 = ad;
                    AuthD.debug.message(new StringBuffer().append("URL is : ").append(str3).toString());
                }
                if (str3 != null && str3.length() > 0) {
                    int indexOf = str3.indexOf("|");
                    if (indexOf != -1) {
                        if (str == null) {
                            str = au.getClientURLFromString(str3, indexOf, this.servletRequest);
                        }
                    } else if (str2 == null || str2.length() == 0) {
                        str2 = str3;
                    }
                }
            }
            this.tempDefaultURL = str2;
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("defaultURL : ").append(str2).toString());
                AuthD authD5 = ad;
                AuthD.debug.message(new StringBuffer().append("tempDefaultURL : ").append(this.tempDefaultURL).toString());
            }
        }
        return str;
    }

    public boolean ignoreProfile() {
        return this.ignoreUserProfile;
    }

    boolean containsToken(StringBuffer stringBuffer, String str) {
        String stringBuffer2 = stringBuffer.toString();
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("principalString : ").append(stringBuffer2).toString());
        }
        if (stringBuffer2 == null) {
            return false;
        }
        try {
            StringTokenizer stringTokenizer = new StringTokenizer(stringBuffer2, "|");
            while (stringTokenizer.hasMoreTokens()) {
                if (stringTokenizer.nextToken().equals(str)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            AuthD authD3 = ad;
            if (!AuthD.debug.warningEnabled()) {
                return false;
            }
            AuthD authD4 = ad;
            AuthD.debug.warning("getToken: ", e);
            return false;
        }
    }

    private Set mergeSet(Set set, Set set2) {
        if (set == null || set.isEmpty()) {
            return (set2 == null || set2.isEmpty()) ? Collections.EMPTY_SET : set2;
        }
        if (set2 == null || set2.isEmpty()) {
            return set;
        }
        HashSet hashSet = new HashSet(set);
        hashSet.addAll(set2);
        return hashSet;
    }

    private Map toAvPairMap(Set set, String str) {
        if (str == null) {
            return Collections.EMPTY_MAP;
        }
        HashMap hashMap = new HashMap();
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        if (set == null || set.isEmpty()) {
            return hashMap;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            hashMap.put((String) it.next(), hashSet);
        }
        return hashMap;
    }

    public void setFailedUserId(String str) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("setting userID : ").append(str).toString());
        }
        this.failureTokenId = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateSessionForFailover() {
        getSession().setIsISStored(true);
    }

    public Callback[] getCallbacksPerState(String str) {
        return (Callback[]) this.callbacksPerState.get(str);
    }

    public void setCallbacksPerState(String str, Callback[] callbackArr) {
        this.callbacksPerState.put(str, callbackArr);
    }

    public void setPCookieUserName(String str) {
        this.pCookieUserName = str;
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Setting Pcookie user name : ").append(this.pCookieUserName).toString());
        }
    }

    public void setCookieDetect(boolean z) {
        this.cookieDetect = z;
    }

    public boolean isCookieDetect() {
        return this.cookieDetect;
    }

    private Subject addSSOTokenPrincipal(Subject subject) {
        if (subject == null) {
            subject = new Subject();
        }
        String sessionID = this.sid.toString();
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("sid string is.. ").append(sessionID).toString());
        }
        subject.getPrincipals().add(new SSOTokenPrincipal(sessionID));
        AuthD authD3 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD4 = ad;
            AuthD.debug.message(new StringBuffer().append("Subject is.. :").append(subject).toString());
        }
        return subject;
    }

    public void setUserCreationAttributes(Map map) {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("attributeValuePairs : ").append(map).toString());
        }
        if (map == null || map.isEmpty()) {
            return;
        }
        if (this.userCreationAttributes == null) {
            this.userCreationAttributes = new HashMap();
        }
        if (map.containsKey(ISAuthConstants.USER_ALIAS_ATTR)) {
            this.externalAliasList = (HashSet) map.get(ISAuthConstants.USER_ALIAS_ATTR);
            AuthD authD3 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("externalAliasList:").append(this.externalAliasList).toString());
            }
            map.remove(ISAuthConstants.USER_ALIAS_ATTR);
        }
        this.userCreationAttributes.putAll(map);
    }

    public void setSuccessModuleName(String str) {
        this.successModuleSet.add(str);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Module name is .. ").append(str).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("successModuleSet is : ").append(this.successModuleSet).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set getSuccessModuleSet() {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("getSuccessModuleSet : ").append(this.successModuleSet).toString());
        }
        return this.successModuleSet;
    }

    private boolean isApplicationModule(String str) {
        boolean z = str != null && str.equalsIgnoreCase(ISAuthConstants.APPLICATION_MODULE);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("is Application Module : ").append(z).toString());
        }
        return z;
    }

    public void setFailureModuleName(String str) {
        this.failureModuleSet.add(str);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Module name is .. ").append(str).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("failureModuleSet is : ").append(this.failureModuleSet).toString());
        }
    }

    public Set getFailureModuleSet() {
        return this.failureModuleSet;
    }

    public void setFailureModuleList(String str) {
        this.failureModuleList = str;
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("failureModulelist :").append(str).toString());
        }
    }

    public boolean isAgent(AMIdentity aMIdentity) {
        boolean z = false;
        try {
            if (aMIdentity.getType().equals(IdType.AGENT)) {
                z = true;
                AuthD authD = ad;
                AuthD.debug.message("user is of type 'Agent'");
            }
        } catch (Exception e) {
            AuthD authD2 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("Error isAgent : ").append(e.toString()).toString());
            }
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setModuleMap(Map map) {
        this.moduleMap = map;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getModuleName(String str) {
        return (String) this.moduleMap.get(str);
    }

    public void nullifyUsedVars() {
        this.receivedCallbackInfo = null;
        this.prevCallback = null;
        this.submittedCallbackInfo = null;
        this.callbacksPerState = null;
        this.requestHash = null;
        this.aliasAttrNames = null;
        this.defaultRoles = null;
        this.token = null;
        this.tokenSet = null;
        this.prevIndexType = null;
        this.userAliasList = null;
        this.accountLife = null;
        this.loginLockoutNotification = null;
        this.loginLockoutAttrName = null;
        this.loginLockoutAttrValue = null;
        this.lockoutMsg = null;
        this.principalList = null;
        this.cert = null;
        this.userCreationAttributes = null;
        this.externalAliasList = null;
        this.failureModuleSet = null;
        this.failureModuleList = "";
        this.moduleMap = null;
        if (this.persistentCookieOn && this.persistentCookieMode && (this.foundPCookie == null || this.foundPCookie.booleanValue())) {
            return;
        }
        this.userContainerDN = null;
        this.userNamingAttr = null;
    }

    public void setRequestLocale(HttpServletRequest httpServletRequest) {
        this.localeContext.setLocale(httpServletRequest);
    }

    public Map getAttrMapForSAML() {
        Map map = null;
        if (this.authMethName != null && this.authMethName.equalsIgnoreCase("SAML") && this.subject != null) {
            AuthD authD = ad;
            AuthD.debug.message("Your authenticated principals are : ");
            Iterator<Principal> it = this.subject.getPrincipals().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Principal next = it.next();
                AuthD authD2 = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD3 = ad;
                    AuthD.debug.message(new StringBuffer().append("Principal name : ").append(next.getClass().getName()).append(" Principal : ").append(next.getName()).toString());
                }
                if (next instanceof SAMLPrincipal) {
                    map = ((SAMLPrincipal) next).getAttrMap();
                    AuthD authD4 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD5 = ad;
                        AuthD.debug.message(new StringBuffer().append("GET attrMap : ").append(map).toString());
                    }
                }
            }
        }
        return map;
    }

    public boolean isSessionInvalid() {
        return this.sess == null || this.sess.getState() == 0 || this.sess.getState() == 3;
    }

    public AMIdentity getRole(String str) throws AuthException {
        try {
            this.amIdentityRole = ad.getIdentity(IdType.ROLE, str, getOrgDN());
        } catch (AuthException e) {
            AuthD authD = ad;
            AuthD.debug.message("role not found or is not a static role");
        }
        if (this.amIdentityRole == null) {
            this.amIdentityRole = ad.getIdentity(IdType.FILTEREDROLE, str, getOrgDN());
        }
        return this.amIdentityRole;
    }

    public String getRoleUniversalId(String str) {
        String str2 = null;
        try {
            str2 = IdUtils.getUniversalId(getRole(str));
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Error getting role : ").append(e.getMessage()).toString());
            }
        }
        return str2;
    }

    public String getUserDN(AMIdentity aMIdentity) {
        String str = null;
        if (this.principalList != null) {
            if (this.principalList.indexOf("|") != -1) {
                StringTokenizer stringTokenizer = new StringTokenizer(this.principalList, "|");
                while (true) {
                    if (!stringTokenizer.hasMoreTokens()) {
                        break;
                    }
                    String nextToken = stringTokenizer.nextToken();
                    if (DN.isDN(nextToken)) {
                        str = nextToken;
                        break;
                    }
                }
            } else if (DN.isDN(this.principalList)) {
                str = this.principalList;
            }
        }
        if (str == null || str.length() == 0) {
            str = aMIdentity != null ? IdUtils.getDN(aMIdentity) : this.userDN != null ? this.userDN : tokenToDN(this.principalList);
        }
        return str;
    }

    void getContainerDN(Set set) throws AuthException {
        String str = null;
        String str2 = null;
        if (set == null || set.isEmpty()) {
            AuthD authD = ad;
            AuthD.debug.message("Container DNs is null");
            this.nullUserContainerDN = true;
        } else {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                try {
                    if (Misc.isDescendantOf(str3, getOrgDN())) {
                        int aMObjectType = ad.getSDK().getAMObjectType(str3);
                        AuthD authD2 = ad;
                        if (AuthD.debug.messageEnabled()) {
                            AuthD authD3 = ad;
                            AuthD.debug.message(new StringBuffer().append("Container Type = ").append(aMObjectType).toString());
                            AuthD authD4 = ad;
                            AuthD.debug.message(new StringBuffer().append("Container Name = ").append(str3).toString());
                        }
                        if (aMObjectType == 3 && str2 == null) {
                            str2 = str3;
                            this.identityTypes.add("agent");
                        } else if (aMObjectType == 2 && str == null) {
                            str = str3;
                            this.identityTypes.add("agent");
                            this.identityTypes.add("user");
                        } else if (aMObjectType == 5 && this.userContainerDN == null) {
                            this.userContainerDN = str3;
                            this.identityTypes.add("user");
                        }
                    }
                    if (this.userContainerDN != null && str2 != null && str != null) {
                        break;
                    }
                } catch (Exception e) {
                    AuthD authD5 = ad;
                    AuthD.debug.error(new StringBuffer().append("Container - ").append(str3).append(" is INVALID :- ").toString(), e);
                }
            }
        }
        if (this.userContainerDN == null) {
            try {
                this.userContainerDN = new StringBuffer().append(AMStoreConnection.getNamingAttribute(5)).append("=").append(AdminInterfaceUtils.defaultPeopleContainerName()).append(",").append(getOrgDN()).toString();
                this.identityTypes.add("user");
            } catch (AMException e2) {
                AuthD authD6 = ad;
                AuthD.debug.message("Cannot get userContainer DN");
            }
        }
        if (this.userContainerDN == null && str2 == null) {
            AuthD authD7 = ad;
            AuthD.debug.message("No Valid Container in the list");
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
        AuthD authD8 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD9 = ad;
            AuthD.debug.message(new StringBuffer().append("agentContainerDN = ").append(str2).toString());
            AuthD authD10 = ad;
            AuthD.debug.message(new StringBuffer().append("userContainerDN = ").append(this.userContainerDN).toString());
            AuthD authD11 = ad;
            AuthD.debug.message(new StringBuffer().append("userOrgDN set in PC atrr = ").append(str).toString());
        }
    }

    IdSearchResults searchIdentity(IdType idType, String str) throws IdRepoException, SSOException {
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("In searchAutehnticatedUser: idType ").append(idType).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("In getUserProfile : Search for user ").append(str).toString());
        }
        IdSearchResults idSearchResults = null;
        Set mergeSet = mergeSet(this.aliasAttrNames, userAttributes);
        IdSearchControl idSearchControl = new IdSearchControl();
        idSearchControl.setRecursive(true);
        idSearchControl.setTimeOut(0);
        idSearchControl.setAllReturnAttributes(true);
        AuthD authD4 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("alias attr=").append(this.aliasAttrNames).append(", attr=").append(userAttributes).append(",merge=").append(mergeSet).toString());
        }
        AuthD authD6 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD7 = ad;
            AuthD.debug.message(new StringBuffer().append("Search for Identity ").append(str).toString());
        }
        Set set = Collections.EMPTY_SET;
        try {
            idSearchControl.setMaxResults(0);
            idSearchResults = this.amIdRepo.searchIdentities(idType, str, idSearchControl);
            if (idSearchResults != null) {
                set = idSearchResults.getSearchResults();
            }
        } catch (SSOException e) {
            AuthD authD8 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD9 = ad;
                AuthD.debug.message(new StringBuffer().append("SSOException Error searching Identity  with username ").append(e.getMessage()).toString());
            }
        } catch (IdRepoException e2) {
            AuthD authD10 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD11 = ad;
                AuthD.debug.message(new StringBuffer().append("IdRepoException : Error searching  Identities with username : ").append(e2.getMessage()).toString());
            }
        }
        if (set.isEmpty() && this.aliasAttrNames != null && !this.aliasAttrNames.isEmpty()) {
            AuthD authD12 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD13 = ad;
                AuthD.debug.message("No identity found, try Alias attrname.");
            }
            Map avPairMap = toAvPairMap(this.aliasAttrNames, str);
            AuthD authD14 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD15 = ad;
                AuthD.debug.message(new StringBuffer().append("Search for Filter (avPairs) :").append(avPairMap).toString());
                AuthD authD16 = ad;
                AuthD.debug.message(new StringBuffer().append("userTokenID : ").append(str).toString());
                AuthD authD17 = ad;
                AuthD.debug.message(new StringBuffer().append("userDN : ").append(this.userDN).toString());
                AuthD authD18 = ad;
                AuthD.debug.message(new StringBuffer().append("idType :").append(idType).toString());
                AuthD authD19 = ad;
                AuthD.debug.message(new StringBuffer().append("pattern :").append("*").toString());
                AuthD authD20 = ad;
                AuthD.debug.message(new StringBuffer().append("isRecursive :").append(true).toString());
                AuthD authD21 = ad;
                AuthD.debug.message(new StringBuffer().append("maxResults :").append(2).toString());
                AuthD authD22 = ad;
                AuthD.debug.message(new StringBuffer().append("maxTime :").append(0).toString());
                AuthD authD23 = ad;
                AuthD.debug.message(new StringBuffer().append("returnSet :").append(mergeSet).toString());
            }
            Set set2 = Collections.EMPTY_SET;
            try {
                idSearchControl.setMaxResults(2);
                idSearchControl.setSearchModifiers(IdSearchOpModifier.OR, avPairMap);
                idSearchResults = this.amIdRepo.searchIdentities(idType, "*", idSearchControl);
                if (idSearchResults != null) {
                    set2 = idSearchResults.getSearchResults();
                }
                if (set2.isEmpty() && this.userDN != null && !this.userDN.equalsIgnoreCase(str)) {
                    Map avPairMap2 = toAvPairMap(this.aliasAttrNames, this.userDN);
                    AuthD authD24 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD25 = ad;
                        AuthD.debug.message(new StringBuffer().append("Search for Filter (avPairs) with userDN : ").append(avPairMap2).toString());
                    }
                    idSearchControl.setMaxResults(2);
                    idSearchControl.setSearchModifiers(IdSearchOpModifier.OR, avPairMap2);
                    idSearchResults = this.amIdRepo.searchIdentities(idType, "*", idSearchControl);
                }
            } catch (SSOException e3) {
                AuthD authD26 = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD27 = ad;
                    AuthD.debug.message(new StringBuffer().append("SSOException : Error searching Identities with aliasattrname : ").append(e3.getMessage()).toString());
                }
            } catch (IdRepoException e4) {
                AuthD authD28 = ad;
                if (AuthD.debug.messageEnabled()) {
                    AuthD authD29 = ad;
                    AuthD.debug.message(new StringBuffer().append("IdRepoException : Error searching Identities : ").append(e4.getMessage()).toString());
                }
            }
        }
        return idSearchResults;
    }

    public AMIdentity createUserIdentity(String str, Map map, Set set) throws IdRepoException, SSOException {
        AMIdentity createIdentity = this.amIdRepo.createIdentity(IdType.USER, str, map);
        if (set != null && !set.isEmpty()) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str2 = (String) it.next();
                try {
                    if (str2.length() != 0) {
                        this.amIdentityRole = getRole(str2);
                        this.amIdentityRole.addMember(createIdentity);
                    }
                } catch (Exception e) {
                    AuthD authD = ad;
                    AuthD.debug.message("createUserProfile():invalid role: ", e);
                }
            }
        }
        return createIdentity;
    }

    public String getUserUniversalId(String str) {
        String str2 = null;
        if (this.amIdentityUser == null) {
            try {
                ad.getIdentity(IdType.USER, str, getOrgDN());
            } catch (Exception e) {
                AuthD authD = ad;
                AuthD.debug.message(new StringBuffer().append("Error getting Identity for user :").append(e.getMessage()).toString());
            }
        }
        str2 = IdUtils.getUniversalId(this.amIdentityUser);
        AuthD authD2 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("getUserUniversalId:universalId : ").append(str2).toString());
        }
        return str2;
    }

    static {
        String str;
        String str2;
        serverURL = null;
        userAttributes.add("iplanet-am-auth-login-success-url");
        userAttributes.add("iplanet-am-auth-login-failure-url");
        userAttributes.add(ISAuthConstants.USER_ALIAS_ATTR);
        userAttributes.add(ISAuthConstants.MAX_SESSION_TIME);
        userAttributes.add(ISAuthConstants.SESS_MAX_IDLE_TIME);
        userAttributes.add(ISAuthConstants.SESS_MAX_CACHING_TIME);
        userAttributes.add("inetuserstatus");
        userAttributes.add(ISAuthConstants.NSACCOUNT_LOCK);
        userAttributes.add("preferredlocale");
        userAttributes.add(ISAuthConstants.LOGIN_STATUS);
        userAttributes.add(ISAuthConstants.ACCOUNT_LIFE);
        userAttributes.add(ISAuthConstants.USER_SUCCESS_URL);
        userAttributes.add(ISAuthConstants.USER_FAILURE_URL);
        userAttributes.add("iplanet-am-auth-post-login-process-class");
        String str3 = SystemProperties.get(Constants.DISTAUTH_SERVER_PROTOCOL);
        if (str3 == null || str3.length() == 0) {
            str3 = SystemProperties.get("com.iplanet.am.server.protocol");
            str = SystemProperties.get("com.iplanet.am.server.host");
            str2 = SystemProperties.get("com.iplanet.am.server.port");
        } else {
            str = SystemProperties.get(Constants.DISTAUTH_SERVER_HOST);
            str2 = SystemProperties.get(Constants.DISTAUTH_SERVER_PORT);
        }
        serverURL = new StringBuffer().append(str3).append(ISAuthConstants.URL_SEPARATOR).append(str).append(":").append(str2).toString();
    }
}
