package com.sun.identity.liberty.ws.security;

import com.iplanet.dpro.session.service.ClusterStateService;
import com.sun.identity.authentication.share.AuthXMLTags;
import com.sun.identity.liberty.ws.common.wsse.WSSEConstants;
import com.sun.identity.liberty.ws.disco.EncryptedResourceID;
import com.sun.identity.liberty.ws.disco.ResourceID;
import com.sun.identity.saml.assertion.Subject;
import com.sun.identity.saml.assertion.SubjectStatement;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLRequesterException;
import com.sun.identity.saml.common.SAMLUtilsCommon;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:120955-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/liberty/ws/security/ResourceAccessStatement.class */
public class ResourceAccessStatement extends SubjectStatement {
    public static final int RESOURCEACCESS_STATEMENT = 4;
    private ResourceID _resourceID;
    private EncryptedResourceID _encryptedResourceID;
    protected ProxySubject _proxySubject;
    protected SessionContext _sessionContext;

    public ResourceAccessStatement(Element element) throws SAMLException {
        this._resourceID = null;
        this._encryptedResourceID = null;
        this._proxySubject = null;
        this._sessionContext = null;
        if (element == null) {
            SAMLUtilsCommon.debug.message("ResourceAccessStatement: null input.");
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("nullInput"));
        }
        if (!SAMLUtilsCommon.checkStatement(element, WSSEConstants.TAG_RESOURCEACCESSSTATEMENT)) {
            SAMLUtilsCommon.debug.message("ResourceAccessStatement: Wrong input.");
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("wrongInput"));
        }
        NodeList childNodes = element.getChildNodes();
        int length = childNodes.getLength();
        if (length > 0) {
            for (int i = 0; i < length; i++) {
                Node item = childNodes.item(i);
                if (item.getNodeType() == 1) {
                    String localName = item.getLocalName();
                    String namespaceURI = item.getNamespaceURI();
                    if (localName == null || localName.equals("") || namespaceURI == null || namespaceURI.equals("")) {
                        if (SAMLUtilsCommon.debug.messageEnabled()) {
                            SAMLUtilsCommon.debug.message("ResourceAccessStatement: The tag name or tag namespace of child element is either null or empty.");
                        }
                        throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("nullInput"));
                    }
                    if (localName.equals(AuthXMLTags.SUBJECT) && namespaceURI.equals("urn:oasis:names:tc:SAML:1.0:assertion")) {
                        if (this._subject != null) {
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("ResourceAccessStatement:should only contain one subject");
                            }
                            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
                        }
                        this._subject = new Subject((Element) item);
                    } else if (localName.equals(WSSEConstants.TAG_RESOURCEID) && namespaceURI.equals("urn:liberty:disco:2003-08")) {
                        if (this._resourceID != null || this._encryptedResourceID != null) {
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should at most contain one ResourceIDGroup.");
                            }
                            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
                        }
                        try {
                            this._resourceID = new ResourceID((Element) item);
                        } catch (Exception e) {
                            throw new SAMLRequesterException(e.getMessage());
                        }
                    } else if (localName.equals("EncryptedResourceID") && namespaceURI.equals("urn:liberty:disco:2003-08")) {
                        if (this._resourceID != null || this._encryptedResourceID != null) {
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should at most contain one ResourceIDGroup.");
                            }
                            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
                        }
                        try {
                            this._encryptedResourceID = new EncryptedResourceID((Element) item);
                        } catch (Exception e2) {
                            throw new SAMLRequesterException(e2.getMessage());
                        }
                    } else if (localName.equals(WSSEConstants.TAG_PROXYSUBJECT) && namespaceURI.equals("urn:liberty:sec:2003-08")) {
                        if (this._proxySubject != null) {
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should at most contain one ProxySubject.");
                            }
                            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
                        }
                        this._proxySubject = new ProxySubject((Element) item);
                    } else {
                        if (!localName.equals("SessionContext") || !namespaceURI.equals("urn:liberty:sec:2003-08")) {
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message(new StringBuffer().append("ResourceAccessStatement:Wrong element ").append(localName).append("included.").toString());
                            }
                            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("wrongInput"));
                        }
                        if (this._sessionContext != null) {
                            if (SAMLUtilsCommon.debug.messageEnabled()) {
                                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should at most contain one SessionContext.");
                            }
                            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
                        }
                        this._sessionContext = new SessionContext((Element) item);
                    }
                }
            }
        }
        if (this._subject == null) {
            if (SAMLUtilsCommon.debug.messageEnabled()) {
                SAMLUtilsCommon.debug.message("ResourceAccessStatement should contain one subject.");
            }
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("missingElement"));
        }
    }

    public ResourceAccessStatement(String str, Subject subject) throws SAMLException {
        this._resourceID = null;
        this._encryptedResourceID = null;
        this._proxySubject = null;
        this._sessionContext = null;
        if (subject == null) {
            if (SAMLUtilsCommon.debug.messageEnabled()) {
                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should contain one subject.");
            }
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
        }
        this._subject = subject;
        this._resourceID = new ResourceID(str);
    }

    public ResourceAccessStatement(String str, ProxySubject proxySubject, Subject subject) throws SAMLException {
        this._resourceID = null;
        this._encryptedResourceID = null;
        this._proxySubject = null;
        this._sessionContext = null;
        if (subject == null) {
            if (SAMLUtilsCommon.debug.messageEnabled()) {
                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should contain one subject.");
            }
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
        }
        this._subject = subject;
        this._resourceID = new ResourceID(str);
        this._proxySubject = proxySubject;
    }

    public ResourceAccessStatement(String str, ProxySubject proxySubject, SessionContext sessionContext, Subject subject) throws SAMLException {
        this._resourceID = null;
        this._encryptedResourceID = null;
        this._proxySubject = null;
        this._sessionContext = null;
        if (subject == null) {
            if (SAMLUtilsCommon.debug.messageEnabled()) {
                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should contain one subject.");
            }
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
        }
        this._subject = subject;
        this._resourceID = new ResourceID(str);
        this._proxySubject = proxySubject;
        this._sessionContext = sessionContext;
    }

    public ResourceAccessStatement(ResourceID resourceID, ProxySubject proxySubject, SessionContext sessionContext, Subject subject) throws SAMLException {
        this._resourceID = null;
        this._encryptedResourceID = null;
        this._proxySubject = null;
        this._sessionContext = null;
        if (subject == null) {
            if (SAMLUtilsCommon.debug.messageEnabled()) {
                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should contain one subject.");
            }
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
        }
        this._subject = subject;
        this._resourceID = resourceID;
        this._proxySubject = proxySubject;
        this._sessionContext = sessionContext;
    }

    public ResourceAccessStatement(EncryptedResourceID encryptedResourceID, ProxySubject proxySubject, SessionContext sessionContext, Subject subject) throws SAMLException {
        this._resourceID = null;
        this._encryptedResourceID = null;
        this._proxySubject = null;
        this._sessionContext = null;
        if (subject == null) {
            if (SAMLUtilsCommon.debug.messageEnabled()) {
                SAMLUtilsCommon.debug.message("ResourceAccessStatement: should contain one subject.");
            }
            throw new SAMLRequesterException(SAMLUtilsCommon.bundle.getString("oneElement"));
        }
        this._subject = subject;
        this._encryptedResourceID = encryptedResourceID;
        this._proxySubject = proxySubject;
        this._sessionContext = sessionContext;
    }

    public String getResourceID() {
        if (this._resourceID == null) {
            return null;
        }
        return this._resourceID.getResourceID();
    }

    public ResourceID getResourceIDObject() {
        return this._resourceID;
    }

    public EncryptedResourceID getEncryptedResourceID() {
        return this._encryptedResourceID;
    }

    public boolean setResourceID(String str) {
        if (str != null) {
            this._resourceID = new ResourceID(str);
            return true;
        }
        if (!SAMLUtilsCommon.debug.messageEnabled()) {
            return false;
        }
        SAMLUtilsCommon.debug.message("ResourceAccessStatement: setResourceID:Input is null.");
        return false;
    }

    public void setResourceID(ResourceID resourceID) {
        this._resourceID = resourceID;
    }

    public void setEncryptedResourceID(EncryptedResourceID encryptedResourceID) {
        this._encryptedResourceID = encryptedResourceID;
    }

    @Override // com.sun.identity.saml.assertion.Statement
    public int getStatementType() {
        return 4;
    }

    public boolean setSessionContext(SessionContext sessionContext) {
        if (sessionContext != null) {
            this._sessionContext = sessionContext;
            return true;
        }
        if (!SAMLUtilsCommon.debug.messageEnabled()) {
            return false;
        }
        SAMLUtilsCommon.debug.message("ResourceAccessStatement: setSessionContext: Input is null.");
        return false;
    }

    public SessionContext getSessionContext() {
        return this._sessionContext;
    }

    public String toString() {
        return toString(true, false);
    }

    @Override // com.sun.identity.saml.assertion.SubjectStatement, com.sun.identity.saml.assertion.Statement
    public String toString(boolean z, boolean z2) {
        StringBuffer stringBuffer = new StringBuffer(ClusterStateService.DEFAULT_TIMEOUT);
        stringBuffer.append("<").append("sec:").append(WSSEConstants.TAG_RESOURCEACCESSSTATEMENT).append(" ").append("xmlns:sec").append("=").append("\"").append("urn:liberty:sec:2003-08").append("\"");
        stringBuffer.append(">\n").append(this._subject.toString(z, true));
        if (this._resourceID != null) {
            stringBuffer.append(this._resourceID);
        } else if (this._encryptedResourceID != null) {
            stringBuffer.append(this._encryptedResourceID);
        }
        if (this._proxySubject != null) {
            stringBuffer.append(this._proxySubject.toString(z, true));
            if (this._sessionContext != null) {
                try {
                    stringBuffer.append(this._sessionContext.toXMLString(z, true));
                } catch (Exception e) {
                }
            }
        }
        stringBuffer.append("</").append("sec:").append(WSSEConstants.TAG_RESOURCEACCESSSTATEMENT).append(">\n");
        return stringBuffer.toString();
    }
}
