package com.sun.identity.sm;

import com.iplanet.am.console.auth.model.ACModelBase;
import com.iplanet.am.util.Debug;
import com.iplanet.am.util.XMLUtils;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.iplanet.ums.IUMSConstants;
import com.sun.identity.authentication.config.AMAuthenticationManager;
import com.sun.identity.authentication.share.AuthXMLTags;
import com.sun.identity.common.CaseInsensitiveHashMap;
import com.sun.identity.log.LogConstants;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.security.EncodeAction;
import com.sun.identity.sm.AttributeSchema;
import java.io.InputStream;
import java.security.AccessController;
import java.text.MessageFormat;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.w3c.dom.Document;
import org.w3c.dom.DocumentType;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* JADX WARN: Classes with same name are omitted:
  input_file:120955-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/sm/ServiceManager.class
 */
/* loaded from: input_file:120955-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/sm/ServiceManager.class */
public class ServiceManager {
    private static boolean initialized;
    private static boolean loadedAuthServices;
    protected static final String COEXISTENCE_ATTR_NAME = "coexistenceMode";
    protected static final String REALM_ATTR_NAME = "realmMode";
    protected static final String REALM_SERVICE = "sunidentityrepositoryservice";
    protected static final String DEFAULT_SERVICES_FOR_REALMS = "serviceNamesForAutoAssignment";
    protected static final String SERVICE_VERSION = "1.0";
    protected static final String PLATFORM_SERVICE = "iPlanetAMPlatformService";
    protected static final String ATTR_SERVER_LIST = "iplanet-am-platform-server-list";
    private static boolean realmCache;
    private static boolean ditUpgradedCache;
    protected static Set defaultServicesToLoad;
    private static final String SERVICE_OC_ATTR_NAME = "serviceObjectClasses";
    private static final String ALL_SERVICES = "null";
    protected static SMSEntry smsEntry;
    protected static CachedSubEntries serviceNames;
    protected static Set accessManagerServers;
    private SSOToken token;
    private CachedSubEntries subEntries = null;
    protected HashMap serviceSchemaMgrs = new HashMap();
    protected HashMap serviceConfigMgrs = new HashMap();
    protected HashMap organizationConfigMgrs = new HashMap();
    private static SSOTokenManager ssoTokenManager = SMSEntry.tm;
    protected static final String serviceDN = new StringBuffer().append("ou=services,").append(SMSEntry.baseDN).toString();
    protected static final String REALM_ENTRY = new StringBuffer().append("ou=1.0,ou=sunidentityrepositoryservice,").append(serviceDN).toString();
    private static boolean coexistenceCache = true;
    private static Map serviceNameAndOCs = new CaseInsensitiveHashMap();
    private static Map schemaAndServiceNames = new HashMap();
    protected static HashMap serviceVersions = new HashMap();
    protected static HashMap serviceNameDefaultVersion = new CaseInsensitiveHashMap();
    private static Debug debug = SMSEntry.debug;

    public ServiceManager(SSOToken sSOToken) throws SSOException, SMSException {
        initialize(sSOToken);
        ssoTokenManager.validateToken(sSOToken);
        this.token = sSOToken;
    }

    public ServiceSchemaManager getSchemaManager(String str, String str2) throws SMSException, SSOException {
        SMSEntry.validateToken(this.token);
        String cacheIndex = getCacheIndex(str, str2);
        ServiceSchemaManager serviceSchemaManager = (ServiceSchemaManager) this.serviceSchemaMgrs.get(cacheIndex);
        if (serviceSchemaManager == null) {
            serviceSchemaManager = new ServiceSchemaManager(this.token, str, str2);
            if (SMSEntry.cacheSMSEntries) {
                this.serviceSchemaMgrs.put(cacheIndex, serviceSchemaManager);
            }
        }
        return serviceSchemaManager;
    }

    public ServiceConfigManager getConfigManager(String str, String str2) throws SMSException, SSOException {
        SMSEntry.validateToken(this.token);
        String cacheIndex = getCacheIndex(str, str2);
        ServiceConfigManager serviceConfigManager = (ServiceConfigManager) this.serviceConfigMgrs.get(cacheIndex);
        if (serviceConfigManager == null) {
            serviceConfigManager = new ServiceConfigManager(this.token, str, str2);
            if (SMSEntry.cacheSMSEntries) {
                this.serviceConfigMgrs.put(cacheIndex, serviceConfigManager);
            }
        }
        return serviceConfigManager;
    }

    public OrganizationConfigManager getOrganizationConfigManager(String str) throws SMSException, SSOException {
        SMSEntry.validateToken(this.token);
        OrganizationConfigManager organizationConfigManager = (OrganizationConfigManager) this.organizationConfigMgrs.get(str);
        if (organizationConfigManager == null) {
            organizationConfigManager = new OrganizationConfigManager(this.token, str);
            if (SMSEntry.cacheSMSEntries) {
                this.organizationConfigMgrs.put(str, organizationConfigManager);
            }
        }
        return organizationConfigManager;
    }

    public Set getServiceNames() throws SMSException {
        try {
            if (serviceNames == null) {
                serviceNames = CachedSubEntries.getInstance(this.token, serviceDN);
            }
            return serviceNames.getSubEntries(this.token);
        } catch (SSOException e) {
            debug.error("ServiceManager: Unable to get service names", e);
            throw new SMSException(e, "sms-service-not-found");
        }
    }

    public Map getServiceNamesAndOCs() {
        return getServiceNamesAndOCs(null);
    }

    public Map getServiceNamesAndOCs(String str) {
        ServiceSchemaManagerImpl serviceSchemaManagerImpl;
        if (str == null) {
            str = "null";
        } else if (str.equalsIgnoreCase("realm")) {
            str = "filteredrole";
        }
        Map map = (Map) serviceNameAndOCs.get(str);
        if (map == null) {
            try {
                map = new HashMap();
                Set<String> serviceNames2 = getServiceNames();
                if (serviceNames2 != null && !serviceNames2.isEmpty()) {
                    for (String str2 : serviceNames2) {
                        try {
                            serviceSchemaManagerImpl = ServiceSchemaManagerImpl.getInstance(this.token, str2, serviceDefaultVersion(this.token, str2));
                        } catch (SMSException e) {
                            if (debug.messageEnabled()) {
                                debug.message("ServiceManager.getServiceNamesandOCs caught SMSException ", e);
                            }
                        }
                        if (serviceSchemaManagerImpl != null) {
                            if (str != "null" && serviceSchemaManagerImpl.getSchema(new SchemaType(str)) == null) {
                                if (!str.equalsIgnoreCase("User") || serviceSchemaManagerImpl.getSchema(SchemaType.DYNAMIC) != null) {
                                    if (str.toLowerCase().indexOf("role") != -1 && serviceSchemaManagerImpl.getSchema(SchemaType.DYNAMIC) == null) {
                                    }
                                }
                            }
                            ServiceSchemaImpl schema = serviceSchemaManagerImpl.getSchema(SchemaType.GLOBAL);
                            if (schema != null) {
                                Map attributeDefaults = schema.getAttributeDefaults();
                                if (attributeDefaults.containsKey(SERVICE_OC_ATTR_NAME)) {
                                    map.put(str2, attributeDefaults.get(SERVICE_OC_ATTR_NAME));
                                }
                            }
                        }
                    }
                }
                serviceNameAndOCs.put(str, map);
            } catch (SSOException e2) {
                if (debug.messageEnabled()) {
                    debug.message("ServiceManager.getServiceNamesandOCs caught SSOException ", e2);
                }
            } catch (SMSException e3) {
                if (debug.messageEnabled()) {
                    debug.message("ServiceManager.getServiceNamesandOCs caught SMSException ", e3);
                }
            }
        }
        return SMSUtils.copyAttributes(map);
    }

    public Set getServiceVersions(String str) throws SMSException {
        try {
            return getVersions(this.token, str);
        } catch (SSOException e) {
            debug.error("ServiceManager: Unable to get service versions", e);
            throw new SMSException(e, "sms-version-not-found");
        }
    }

    public Set registerServices(InputStream inputStream) throws SMSException, SSOException {
        SMSEntry.validateToken(this.token);
        HashSet hashSet = new HashSet();
        Document xMLDocument = SMSSchema.getXMLDocument(inputStream);
        if (!validSMSDtdDocType(xMLDocument)) {
            throw new SMSException("amSDK", IUMSConstants.SMS_xml_invalid_doc_type, (Object[]) null);
        }
        NodeList elementsByTagName = xMLDocument.getElementsByTagName("Service");
        for (int i = 0; elementsByTagName != null && i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            String nodeAttributeValue = XMLUtils.getNodeAttributeValue(item, "name");
            String nodeAttributeValue2 = XMLUtils.getNodeAttributeValue(item, "version");
            SMSSchema sMSSchema = new SMSSchema(nodeAttributeValue, nodeAttributeValue2, xMLDocument);
            if (XMLUtils.getChildNode(item, "Schema") != null) {
                checkAndEncryptPasswordSyntax(xMLDocument);
                validateServiceSchema(item);
                ServiceSchemaManager.createService(this.token, sMSSchema);
                if (serviceNames == null) {
                    serviceNames = CachedSubEntries.getInstance(this.token, serviceDN);
                }
                serviceNames.add(nodeAttributeValue);
                CachedSubEntries cachedSubEntries = (CachedSubEntries) serviceVersions.get(nodeAttributeValue);
                if (cachedSubEntries == null) {
                    cachedSubEntries = CachedSubEntries.getInstance(this.token, getServiceNameDN(nodeAttributeValue));
                    serviceVersions.put(nodeAttributeValue, cachedSubEntries);
                }
                cachedSubEntries.add(nodeAttributeValue2);
                hashSet.add(nodeAttributeValue);
            }
            Iterator it = XMLUtils.getChildNodes(item, "PluginSchema").iterator();
            while (it.hasNext()) {
                PluginSchema.createPluginSchema(this.token, (Node) it.next(), sMSSchema);
            }
            Node childNode = XMLUtils.getChildNode(item, "Configuration");
            if (childNode != null) {
                CreateServiceConfig.createService(this, nodeAttributeValue, nodeAttributeValue2, childNode);
            }
        }
        return hashSet;
    }

    private boolean validSMSDtdDocType(Document document) {
        boolean z = false;
        DocumentType doctype = document.getDoctype();
        if (doctype != null) {
            String systemId = doctype.getSystemId();
            if (systemId != null) {
                int lastIndexOf = systemId.lastIndexOf(47);
                if (lastIndexOf != -1) {
                    systemId = systemId.substring(lastIndexOf + 1);
                }
                z = systemId.equals("sms.dtd");
            }
        }
        return z;
    }

    public void removeService(String str, String str2) throws SMSException, SSOException {
        SMSEntry.validateToken(this.token);
        for (String str3 : SMSEntry.search(MessageFormat.format("(&(objectclass=top)(ou={0}))", str))) {
            CachedSMSEntry cachedSMSEntry = CachedSMSEntry.getInstance(this.token, new StringBuffer().append("ou=").append(str2).append(",").append(str3).toString(), null);
            SMSEntry clonedSMSEntry = cachedSMSEntry.getClonedSMSEntry();
            if (!clonedSMSEntry.isNewEntry()) {
                clonedSMSEntry.delete(this.token);
                cachedSMSEntry.refresh(clonedSMSEntry);
            }
            CachedSMSEntry cachedSMSEntry2 = CachedSMSEntry.getInstance(this.token, str3, null);
            SMSEntry sMSEntry = cachedSMSEntry2.getSMSEntry();
            if (!sMSEntry.subEntries(this.token, "*", 0, false, false).iterator().hasNext()) {
                sMSEntry.delete(this.token);
                cachedSMSEntry2.refresh(sMSEntry);
            }
        }
    }

    public void deleteService(String str) throws SMSException, SSOException {
        for (String str2 : getServiceVersions(str)) {
            CachedSMSEntry cachedSMSEntry = CachedSMSEntry.getInstance(this.token, getServiceNameDN(str, str2), null);
            SMSEntry clonedSMSEntry = cachedSMSEntry.getClonedSMSEntry();
            clonedSMSEntry.setAttribute(SMSEntry.ATTR_SCHEMA, new String[]{SMSSchema.getDummyXML(str, str2)});
            clonedSMSEntry.save(this.token);
            cachedSMSEntry.refresh(clonedSMSEntry);
        }
    }

    public static String getBaseDN() {
        return SMSEntry.baseDN;
    }

    public static Set getAMServerInstances() {
        if (accessManagerServers == null) {
            try {
                Set<String> defaultValues = ServiceSchemaManagerImpl.getInstance((SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance()), "iPlanetAMPlatformService", "1.0").getSchema(SchemaType.GLOBAL).getAttributeSchema("iplanet-am-platform-server-list").getDefaultValues();
                HashSet hashSet = new HashSet();
                for (String str : defaultValues) {
                    int indexOf = str.indexOf("|");
                    if (indexOf != -1) {
                        str = str.substring(0, indexOf);
                    }
                    hashSet.add(str);
                }
                accessManagerServers = hashSet;
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("ServiceManager::getAMServers server list: ").append(hashSet).toString());
                }
            } catch (SSOException e) {
                debug.error("ServiceManager::getAMServers unable to get server list", e);
            } catch (SMSException e2) {
                debug.error("ServiceManager::getAMServers unable to get server list", e2);
            }
        }
        return accessManagerServers == null ? new HashSet() : new HashSet(accessManagerServers);
    }

    public Set searchOrganizationNames(String str, String str2, Set set) throws SMSException, SSOException {
        try {
            if (this.subEntries == null) {
                this.subEntries = CachedSubEntries.getInstance(this.token, new StringBuffer().append("ou=services,").append(SMSEntry.baseDN).toString());
            }
            return this.subEntries.searchOrgNames(this.token, str.toLowerCase(), str2, set);
        } catch (SSOException e) {
            debug.error("OrganizationConfigManagerImpl: Unable to get sub organization names", e);
            throw new SMSException(SMSEntry.bundle.getString("sms-INVALID_SSO_TOKEN"), "sms-INVALID_SSO_TOKEN");
        }
    }

    public synchronized void clearCache() {
        this.serviceSchemaMgrs = new HashMap();
        this.serviceConfigMgrs = new HashMap();
        CachedSMSEntry.clearCache();
        ServiceSchemaManagerImpl.clearCache();
        PluginSchemaImpl.clearCache();
        ServiceInstanceImpl.clearCache();
        ServiceConfigImpl.clearCache();
    }

    public static boolean isCoexistenceMode() {
        isRealmEnabled();
        return coexistenceCache;
    }

    public static boolean isRealmEnabled() {
        if (!initialized) {
            try {
                initialize((SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance()));
            } catch (Exception e) {
                debug.error("ServiceManager::isRealmEnabled unable to initialize", e);
            }
        }
        return realmCache;
    }

    public static boolean isConfigMigratedTo70() {
        isRealmEnabled();
        return ditUpgradedCache;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSOToken getSSOToken() {
        return this.token;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getCacheIndex(String str, String str2) {
        return new StringBuffer(20).append(str).append(str2).toString().toLowerCase();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getServiceNameDN(String str) {
        StringBuffer stringBuffer = new StringBuffer(100);
        stringBuffer.append(SMSEntry.PLACEHOLDER_RDN).append("=").append(str).append(",").append(serviceDN);
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getServiceNameDN(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer(100);
        stringBuffer.append(SMSEntry.PLACEHOLDER_RDN).append("=").append(str2).append(",").append(getServiceNameDN(str));
        return stringBuffer.toString();
    }

    protected static Set getVersions(SSOToken sSOToken, String str) throws SMSException, SSOException {
        CachedSubEntries cachedSubEntries = (CachedSubEntries) serviceVersions.get(str);
        if (cachedSubEntries == null) {
            cachedSubEntries = CachedSubEntries.getInstance(sSOToken, getServiceNameDN(str));
            if (cachedSubEntries == null || cachedSubEntries.getSMSEntry().isNewEntry() || cachedSubEntries.getSubEntries(sSOToken).isEmpty()) {
                throw new ServiceNotFoundException("amSDK", IUMSConstants.SMS_service_does_not_exist, new String[]{str});
            }
            serviceVersions.put(str, cachedSubEntries);
        }
        return cachedSubEntries.getSubEntries(sSOToken);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String serviceDefaultVersion(SSOToken sSOToken, String str) throws SMSException, SSOException {
        String str2 = (String) serviceNameDefaultVersion.get(str);
        if (str2 == null) {
            Iterator it = getVersions(sSOToken, str).iterator();
            if (!it.hasNext()) {
                throw new ServiceNotFoundException("amSDK", IUMSConstants.SMS_service_does_not_exist, new String[]{str});
            }
            str2 = (String) it.next();
            serviceNameDefaultVersion.put(str, str2);
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void checkServiceNameAndVersion(SSOToken sSOToken, String str, String str2) throws SMSException, SSOException {
        Set versions = getVersions(sSOToken, str);
        if (versions == null || !versions.contains(str2)) {
            throw new ServiceNotFoundException("amSDK", IUMSConstants.SMS_service_does_not_exist, new String[]{str});
        }
    }

    protected static void checkAndEncryptPasswordSyntax(Document document) throws SMSException {
        NodeList elementsByTagName = document.getElementsByTagName("AttributeSchema");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (XMLUtils.getNodeAttributeValue(item, "syntax").equals(AttributeSchema.Syntax.PASSWORD.toString())) {
                if (debug.messageEnabled()) {
                    debug.message("ServiceManager: encrypting password syntax");
                }
                Node childNode = XMLUtils.getChildNode(item, "DefaultValues");
                if (childNode != null) {
                    for (Node node : XMLUtils.getChildNodes(childNode, "Value")) {
                        String str = (String) AccessController.doPrivileged(new EncodeAction(XMLUtils.getValueOfValueNode(node)));
                        StringBuffer stringBuffer = new StringBuffer(100);
                        stringBuffer.append(AuthXMLTags.VALUE_BEGIN).append(str).append(AuthXMLTags.VALUE_END);
                        childNode.replaceChild(document.importNode(XMLUtils.getRootNode(SMSSchema.getXMLDocument(stringBuffer.toString(), false), "Value"), true), node);
                    }
                }
            }
        }
    }

    protected static boolean validateServiceSchema(Node node) throws SMSException {
        Node childNode = XMLUtils.getChildNode(node, "Schema");
        for (String str : new String[]{"Global", "Organization", ACModelBase.SVC_TYPE_DYNAMIC, "User", "Policy", "Group", LogConstants.DOMAIN}) {
            Node childNode2 = XMLUtils.getChildNode(childNode, str);
            if (childNode2 != null) {
                ServiceSchemaImpl serviceSchemaImpl = new ServiceSchemaImpl(null, childNode2);
                serviceSchemaImpl.validateAttributes(serviceSchemaImpl.getAttributeDefaults(), false);
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void schemaChanged() {
        serviceNameAndOCs = new CaseInsensitiveHashMap();
        schemaAndServiceNames = new CaseInsensitiveHashMap();
        serviceNames = null;
    }

    public static Set servicesAssignedByDefault() {
        if (!loadedAuthServices) {
            defaultServicesToLoad.addAll(AMAuthenticationManager.getAuthenticationServiceNames());
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("ServiceManager::servicesAssignedByDefault:defaultServicesToLoad = ").append(defaultServicesToLoad).toString());
            }
            loadedAuthServices = true;
            defaultServicesToLoad = Collections.unmodifiableSet(defaultServicesToLoad);
        }
        return defaultServicesToLoad;
    }

    static void initialize(SSOToken sSOToken) throws SMSException, SSOException {
        SMSEntry.validateToken(sSOToken);
        if (initialized) {
            return;
        }
        try {
            serviceNames = CachedSubEntries.getInstance(sSOToken, serviceDN);
            if (serviceNames.getSMSEntry().isNewEntry()) {
                if (debug.warningEnabled()) {
                    debug.warning(new StringBuffer().append("SeviceManager:: Root service node does not exists: ").append(serviceDN).toString());
                }
                throw new SMSException("amSDK", IUMSConstants.SMS_services_node_does_not_exist, new String[]{serviceDN});
            }
            checkFlags(sSOToken);
            initialized = true;
        } catch (SMSException e) {
            debug.error(new StringBuffer().append("ServiceManager::unable to get services node: ").append(serviceDN).toString(), e);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkFlags(SSOToken sSOToken) throws SMSException, SSOException {
        ServiceConfigImpl globalConfig;
        Map attributes;
        try {
            if (!CachedSMSEntry.getInstance(sSOToken, REALM_ENTRY, null).isNewEntry()) {
                ditUpgradedCache = true;
                ServiceConfigManagerImpl serviceConfigManagerImpl = ServiceConfigManagerImpl.getInstance(sSOToken, REALM_SERVICE, "1.0");
                if (serviceConfigManagerImpl == null || (globalConfig = serviceConfigManagerImpl.getGlobalConfig(sSOToken, null)) == null || (attributes = globalConfig.getAttributes()) == null) {
                    return;
                }
                Set set = (Set) attributes.get(COEXISTENCE_ATTR_NAME);
                if (set != null && set.contains("false")) {
                    coexistenceCache = false;
                }
                Set set2 = (Set) attributes.get(REALM_ATTR_NAME);
                if (set2 != null && set2.contains("true")) {
                    realmCache = true;
                }
                defaultServicesToLoad = (Set) attributes.get(DEFAULT_SERVICES_FOR_REALMS);
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("ServiceManager::checkFlags:realmEnabled=").append(realmCache).toString());
                debug.message(new StringBuffer().append("ServiceManager::checkFlags:coexistenceMode=").append(coexistenceCache).toString());
            }
        } catch (SMSException e) {
            debug.error("ServiceManager::unable to check if Realm is enabled: ", e);
            throw e;
        }
    }
}
