package com.sun.identity.session.util;

import com.iplanet.am.util.Debug;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.Session;
import com.iplanet.dpro.session.SessionException;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.dpro.session.share.SessionBundle;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.services.util.Crypt;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.Constants;
import com.sun.identity.security.EncodeAction;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.net.InetAddress;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;

/* JADX WARN: Classes with same name are omitted:
  input_file:120955-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/session/util/SessionUtils.class
 */
/* loaded from: input_file:120955-03/SUNWamsdk/reloc/SUNWam/lib/am_sdk.jar:com/sun/identity/session/util/SessionUtils.class */
public class SessionUtils {
    public static final short QUERY = 0;
    public static final short SLASH = 1;
    public static final short SEMICOLON = 2;
    static Debug debug = Debug.getInstance("amSessionUtils");
    private static Set trustedSources = null;
    private static final String httpClientIPHeader = SystemProperties.get(Constants.HTTP_CLIENT_IP_HEADER, "proxy-ip");
    private static final boolean SESSION_ENCRYPTION = Boolean.valueOf(SystemProperties.get(Constants.SESSION_REPOSITORY_ENCRYPTION, "false")).booleanValue();

    public static String getSessionId(HttpServletRequest httpServletRequest) {
        String sessionID = new SessionID(httpServletRequest).toString();
        if (sessionID.length() == 0) {
            sessionID = null;
        }
        return sessionID;
    }

    public static String encodeURL(SSOToken sSOToken, String str, short s, boolean z) throws SSOException {
        try {
            return Session.getSession(new SessionID(sSOToken.getTokenID().toString())).encodeURL(str, s, z);
        } catch (Exception e) {
            debug.message("Exception encoding URL ", e);
            throw new SSOException(e);
        }
    }

    public static String encodeURL(SSOToken sSOToken, String str, boolean z) throws SSOException {
        try {
            return encodeURL(sSOToken, str, (short) 0, z);
        } catch (Exception e) {
            debug.message("Exception encoding url", e);
            throw new SSOException(e);
        }
    }

    public static InetAddress getClientAddress(HttpServletRequest httpServletRequest) throws Exception {
        String header;
        InetAddress byName = InetAddress.getByName(httpServletRequest.getRemoteAddr());
        if (isTrustedSource(byName) && (header = httpServletRequest.getHeader(httpClientIPHeader)) != null) {
            byName = InetAddress.getByName(header);
        }
        return byName;
    }

    private static Set getTrustedSourceList() throws SessionException {
        HashSet hashSet = new HashSet();
        try {
            String str = SystemProperties.get(Constants.TRUSTED_SOURCE_LIST);
            if (str != null) {
                StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
                while (stringTokenizer.hasMoreTokens()) {
                    hashSet.add(InetAddress.getByName(stringTokenizer.nextToken()));
                }
            } else {
                Vector platformServerList = WebtopNaming.getPlatformServerList();
                if (platformServerList == null) {
                    throw new SessionException(SessionBundle.rbName, "emptyTrustedSourceList", null);
                }
                Enumeration elements = platformServerList.elements();
                while (elements.hasMoreElements()) {
                    hashSet.add(InetAddress.getByName(new URL((String) elements.nextElement()).getHost()));
                }
            }
            return hashSet;
        } catch (Exception e) {
            throw new SessionException(e);
        }
    }

    public static boolean isTrustedSource(InetAddress inetAddress) throws SessionException {
        if (trustedSources == null) {
            trustedSources = getTrustedSourceList();
        }
        return trustedSources.contains(inetAddress);
    }

    public static byte[] encode(Object obj) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
        objectOutputStream.writeObject(obj);
        objectOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        return SESSION_ENCRYPTION ? (byte[]) AccessController.doPrivileged(new PrivilegedExceptionAction(byteArray) { // from class: com.sun.identity.session.util.SessionUtils.1
            private final byte[] val$blob;

            {
                this.val$blob = byteArray;
            }

            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                return Crypt.getEncryptor().encrypt(this.val$blob);
            }
        }) : byteArray;
    }

    public static Object decode(byte[] bArr) throws Exception {
        return new ObjectInputStream(new ByteArrayInputStream(SESSION_ENCRYPTION ? (byte[]) AccessController.doPrivileged(new PrivilegedExceptionAction(bArr) { // from class: com.sun.identity.session.util.SessionUtils.2
            private final byte[] val$blob;

            {
                this.val$blob = bArr;
            }

            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                return Crypt.getEncryptor().decrypt(this.val$blob);
            }
        }) : bArr)).readObject();
    }

    public static String getEncryptedStorageKey(SessionID sessionID) throws Exception {
        String extension = sessionID.getExtension(SessionID.STORAGE_KEY);
        return SESSION_ENCRYPTION ? (String) AccessController.doPrivileged(new EncodeAction(extension, Crypt.getHardcodedKeyEncryptor())) : extension;
    }
}
