package com.sun.identity.saml2.common;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.DataStoreProviderException;
import com.sun.identity.saml2.meta.SAML2MetaException;
import com.sun.identity.saml2.meta.SAML2MetaManager;
import com.sun.identity.security.AdminTokenAction;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:122983-01/SUNWsaml2/reloc/SUNWam/saml2/lib/saml2.jar:com/sun/identity/saml2/common/AccountUtils.class */
public class AccountUtils {
    private static final String DELIM = "|";
    private static final String NAMEID_INFO_ATTRIBUTE = "com.sun.identity.saml2.nameidinfo.attribute";
    private static final String NAMEID_INFO_KEY_ATTRIBUTE = "com.sun.identity.saml2.nameidinfokey.attribute";
    static SAML2MetaManager metaManager;
    static SSOToken adminToken;

    /* JADX WARN: Type inference failed for: r8v1, types: [java.lang.Throwable, com.sun.identity.common.DataStoreProviderException] */
    public static List getAccountFederation(SSOToken sSOToken, String str) throws SAML2Exception {
        SAML2Utils.debug.message("AccountUtils.getAccountFederation:");
        try {
            String name = SAML2Utils.isFM() ? sSOToken.getPrincipal().getName() : sSOToken.getProperty("sun.am.UniversalIdentifier");
            if (name == null) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("nullUserID"));
            }
            try {
                Set attribute = SAML2Utils.getDataStoreProvider().getAttribute(name, getNameIDInfoAttribute());
                if (attribute == null || attribute.isEmpty()) {
                    if (!SAML2Utils.debug.messageEnabled()) {
                        return null;
                    }
                    SAML2Utils.debug.message("AccountUtils.getAccountFederation : user does not have any account federations.");
                    return null;
                }
                ArrayList arrayList = new ArrayList(attribute.size());
                Iterator it = attribute.iterator();
                while (it.hasNext()) {
                    NameIDInfo parse = NameIDInfo.parse((String) it.next());
                    if (str == null || str.equalsIgnoreCase(parse.getHostEntityRole())) {
                        arrayList.add(parse);
                    }
                }
                if (arrayList.isEmpty()) {
                    return null;
                }
                return arrayList;
            } catch (DataStoreProviderException e) {
                SAML2Utils.debug.error("AccountUtils.getAccountFederation: DataStoreProviderException", (Throwable) e);
                throw new SAML2Exception(e.getMessage());
            }
        } catch (SSOException e2) {
            SAML2Utils.debug.error("SAML2Utils.getAccountFederation: Unable to get principal name from SSOToken.", e2);
            throw new SAML2Exception(SAML2Utils.bundle.getString("invalidSSOToken"));
        }
    }

    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable, com.sun.identity.common.DataStoreProviderException] */
    public static NameIDInfo getAccountFederation(String str, String str2, String str3) throws SAML2Exception {
        SAML2Utils.debug.message("AccountUtils.getAccountFederation:");
        if (str == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullUserID"));
        }
        if (str2 == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullHostEntityID"));
        }
        if (str3 == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullRemoteEntityID"));
        }
        try {
            Set attribute = SAML2Utils.getDataStoreProvider().getAttribute(str, getNameIDInfoAttribute());
            if (attribute == null || attribute.isEmpty()) {
                if (!SAML2Utils.debug.messageEnabled()) {
                    return null;
                }
                SAML2Utils.debug.message("AccountUtils.getAccountFederation : user does not have any account federations.");
                return null;
            }
            String stringBuffer = new StringBuffer().append(str2).append(DELIM).append(str3).append(DELIM).toString();
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message(new StringBuffer().append("AccountUtils.getAccountFederation:  filter = ").append(stringBuffer).append(" userID = ").append(str).toString());
            }
            String str4 = null;
            Iterator it = attribute.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String str5 = (String) it.next();
                if (str5.startsWith(stringBuffer)) {
                    str4 = str5;
                    break;
                }
            }
            if (str4 != null) {
                return NameIDInfo.parse(str4);
            }
            if (!SAML2Utils.debug.messageEnabled()) {
                return null;
            }
            SAML2Utils.debug.message(new StringBuffer().append("AccountUtils.getAccountFederation : user does not have account federation  corresponding to =").append(stringBuffer).toString());
            return null;
        } catch (DataStoreProviderException e) {
            SAML2Utils.debug.error("AccountUtils.readAccountFederationInfo: DataStoreProviderException", (Throwable) e);
            throw new SAML2Exception(e.getMessage());
        }
    }

    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable, com.sun.identity.common.DataStoreProviderException] */
    public static void setAccountFederation(NameIDInfo nameIDInfo, String str) throws SAML2Exception {
        SAML2Utils.debug.message("AccountUtils.setAccountFederation:");
        if (nameIDInfo == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullNameIDInfo"));
        }
        if (str == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullUserID"));
        }
        NameIDInfoKey nameIDInfoKey = new NameIDInfoKey(nameIDInfo.getNameIDValue(), nameIDInfo.getHostEntityID(), nameIDInfo.getRemoteEntityID());
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message(new StringBuffer().append("AccountUtils.setAccountFederation: info to be set:").append(nameIDInfo.toValueString()).append(",").append("infoKey to be set:").append(nameIDInfoKey.toValueString()).toString());
        }
        String stringBuffer = new StringBuffer().append(nameIDInfo.getHostEntityID()).append(DELIM).append(nameIDInfo.getRemoteEntityID()).append(DELIM).toString();
        try {
            String nameIDInfoAttribute = getNameIDInfoAttribute();
            String nameIDInfoKeyAttribute = getNameIDInfoKeyAttribute();
            HashSet hashSet = new HashSet();
            hashSet.add(nameIDInfoAttribute);
            hashSet.add(nameIDInfoKeyAttribute);
            HashMap hashMap = new HashMap();
            Map attributes = SAML2Utils.getDataStoreProvider().getAttributes(str, hashSet);
            if (attributes == null || attributes.isEmpty()) {
                HashSet hashSet2 = new HashSet();
                hashSet2.add(nameIDInfoKey.toValueString());
                hashMap.put(nameIDInfoKeyAttribute, hashSet2);
                HashSet hashSet3 = new HashSet();
                hashSet3.add(nameIDInfo.toValueString());
                hashMap.put(nameIDInfoAttribute, hashSet3);
            } else {
                Set set = (Set) attributes.get(nameIDInfoAttribute);
                if (set != null) {
                    Iterator it = set.iterator();
                    while (it.hasNext()) {
                        if (((String) it.next()).startsWith(stringBuffer)) {
                            it.remove();
                        }
                    }
                } else {
                    set = new HashSet();
                }
                set.add(nameIDInfo.toValueString());
                hashMap.put(nameIDInfoAttribute, set);
                Set set2 = (Set) attributes.get(nameIDInfoKeyAttribute);
                if (set2 != null) {
                    Iterator it2 = set2.iterator();
                    while (it2.hasNext()) {
                        if (((String) it2.next()).startsWith(stringBuffer)) {
                            it2.remove();
                        }
                    }
                } else {
                    set2 = new HashSet();
                }
                set2.add(nameIDInfoKey.toValueString());
                hashMap.put(nameIDInfoKeyAttribute, set2);
            }
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message(new StringBuffer().append("AccountUtils.setAccountFederation:  set fedinfo ").append(hashMap).append(" userID = ").append(str).toString());
            }
            SAML2Utils.getDataStoreProvider().setAttributes(str, hashMap);
        } catch (DataStoreProviderException e) {
            SAML2Utils.debug.error("SAML2Utils.setAccountFederation: DataStoreProviderException", (Throwable) e);
            throw new SAML2Exception(e.getMessage());
        }
    }

    /* JADX WARN: Type inference failed for: r7v0, types: [java.lang.Throwable, com.sun.identity.common.DataStoreProviderException] */
    public static boolean removeAccountFederation(NameIDInfo nameIDInfo, String str) throws SAML2Exception {
        SAML2Utils.debug.message("AccountUtils.removeAccountFederation:");
        if (nameIDInfo == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullNameIDInfo"));
        }
        if (str == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("nullUserID"));
        }
        try {
            Set attribute = SAML2Utils.getDataStoreProvider().getAttribute(str, getNameIDInfoAttribute());
            Set attribute2 = SAML2Utils.getDataStoreProvider().getAttribute(str, getNameIDInfoKeyAttribute());
            if (attribute == null || attribute.isEmpty()) {
                if (!SAML2Utils.debug.messageEnabled()) {
                    return false;
                }
                SAML2Utils.debug.message("AccountUtils.removeAccountFederation: user does not have account federation infos.");
                return false;
            }
            String valueString = nameIDInfo.toValueString();
            String valueString2 = nameIDInfo.getNameIDInfoKey().toValueString();
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message(new StringBuffer().append("AccountUtils.removeAccountFederation: info to be removed:").append(valueString).append("user=").append(str).append("infoKeyValue = ").append(valueString2).toString());
            }
            if (!attribute.contains(valueString)) {
                if (!SAML2Utils.debug.messageEnabled()) {
                    return false;
                }
                SAML2Utils.debug.message("AccountUtils.removeAccountFederation: account federation info not found.");
                return false;
            }
            attribute.remove(valueString);
            if (attribute2 != null && attribute2.contains(valueString2)) {
                attribute2.remove(valueString2);
            }
            HashMap hashMap = new HashMap();
            hashMap.put(getNameIDInfoAttribute(), attribute);
            hashMap.put(getNameIDInfoKeyAttribute(), attribute2);
            SAML2Utils.getDataStoreProvider().setAttributes(str, hashMap);
            return true;
        } catch (DataStoreProviderException e) {
            SAML2Utils.debug.error("SAML2Utils.removeAccountFederation: DataStoreProviderException", (Throwable) e);
            throw new SAML2Exception(e.getMessage());
        }
    }

    public static String getNameIDInfoAttribute() {
        return SystemProperties.get(NAMEID_INFO_ATTRIBUTE, SAML2Constants.NAMEID_INFO);
    }

    public static String getNameIDInfoKeyAttribute() {
        return SystemProperties.get(NAMEID_INFO_KEY_ATTRIBUTE, SAML2Constants.NAMEID_INFO_KEY);
    }

    static {
        metaManager = null;
        adminToken = null;
        try {
            adminToken = (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance());
            metaManager = new SAML2MetaManager(adminToken);
        } catch (SAML2MetaException e) {
            SAML2Utils.debug.error("Unable to obtain Meta Manager.", e);
        } catch (SSOException e2) {
            SAML2Utils.debug.error("Invalid SSOToken.", e2);
        }
    }
}
