package com.sun.identity.saml2.meta;

import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.jaxb.entityconfig.AttributeType;
import com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType;
import com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement;
import com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement;
import com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory;
import com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement;
import com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement;
import com.sun.identity.saml2.logging.LogUtil;
import com.sun.identity.saml2.logging.SAML2LogManager;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.ServiceConfig;
import com.sun.identity.sm.ServiceConfigManager;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import javax.xml.bind.JAXBException;

/* loaded from: input_file:122983-01/SUNWsaml2/reloc/SUNWam/saml2/lib/saml2.jar:com/sun/identity/saml2/meta/SAML2COTManager.class */
public class SAML2COTManager {
    private static final String ATTR_COT = "sun-fm-saml2-cot";
    private static final String SUBCONFIG_ID = "cot";
    private static final int SUBCONFIG_PRIORITY = 0;
    private ServiceConfigManager scm;
    private SSOToken ssoToken;
    private static Debug debug = SAML2MetaUtils.debug;
    private static LogUtil logUtil;

    public SAML2COTManager(SSOToken sSOToken) throws SAML2MetaException, SSOException {
        SSOTokenManager.getInstance().validateToken(sSOToken);
        this.ssoToken = sSOToken;
        try {
            this.scm = new ServiceConfigManager(this.ssoToken, SAML2MetaConstants.SAML2_COT_SERVICE, SAML2MetaConstants.SAML2_COT_SERVICE_VERSION);
            SAML2MetaCache.addSSOTokenListener(sSOToken);
        } catch (SMSException e) {
            debug.error("SAML2COTManager.SAML2COTManager:", e);
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public void modifyCircleOfTrust(String str, SAML2CircleOfTrustDescriptor sAML2CircleOfTrustDescriptor) throws SAML2MetaException, SSOException {
        if (sAML2CircleOfTrustDescriptor == null) {
            throw new SAML2MetaException("null_cot", null);
        }
        String circleOfTrustName = sAML2CircleOfTrustDescriptor.getCircleOfTrustName();
        if (circleOfTrustName == null || circleOfTrustName.trim().length() == 0 || !getAllCirclesOfTrust(str).contains(circleOfTrustName)) {
            debug.error(new StringBuffer().append("SAML2COTManager.modifyCircleOfTrust :").append("Name is null").toString());
            if (logUtil != null) {
                logUtil.error(Level.INFO, "NO_NAMEID_MODIFY_COT_DESCRIPTOR", new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("cot_name_invalid", null);
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {circleOfTrustName, str};
        try {
            Map attributes = sAML2CircleOfTrustDescriptor.getAttributes();
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig != null) {
                organizationConfig.getSubConfig(circleOfTrustName).setAttributes(attributes);
                if (logUtil != null) {
                    logUtil.access(Level.INFO, LogUtil.MODIFY_COT_DESCRIPTOR, strArr, this.ssoToken);
                }
            } else {
                debug.error(new StringBuffer().append("SAML2COTManager.modifyCircleOfTrust :").append("invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, "NO_NAMEID_MODIFY_COT_DESCRIPTOR", strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
        } catch (SMSException e) {
            debug.error("SAML2COTManager.modifyCircleOfTrust :", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_MODIFY_COT_DESCRIPTOR, new String[]{e.getMessage(), circleOfTrustName, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public void createCircleOfTrust(String str, SAML2CircleOfTrustDescriptor sAML2CircleOfTrustDescriptor) throws SAML2MetaException, SSOException {
        if (sAML2CircleOfTrustDescriptor == null) {
            throw new SAML2MetaException("null_cot", null);
        }
        String circleOfTrustName = sAML2CircleOfTrustDescriptor.getCircleOfTrustName();
        if (circleOfTrustName == null || circleOfTrustName.trim().length() == 0) {
            if (logUtil != null) {
                logUtil.error(Level.INFO, "NO_COT_NAME_CREATE_COT_DESCRIPTOR", new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("cot_name_invalid", null);
        }
        if (str == null) {
            str = "/";
        }
        if (getAllCirclesOfTrust(str).contains(circleOfTrustName)) {
            debug.error(new StringBuffer().append("SAML2COTManager.createCircleOfTrust: ").append("circle of trust already exists").toString());
            if (logUtil != null) {
                logUtil.error(Level.INFO, "NO_COT_NAME_CREATE_COT_DESCRIPTOR", new String[]{circleOfTrustName, str}, this.ssoToken);
            }
            throw new SAML2MetaException("cot_existed", null);
        }
        try {
            Map attributes = sAML2CircleOfTrustDescriptor.getAttributes();
            Set trustedProviders = sAML2CircleOfTrustDescriptor.getTrustedProviders();
            SAML2MetaManager sAML2MetaManager = new SAML2MetaManager(this.ssoToken);
            if (trustedProviders != null && !trustedProviders.isEmpty()) {
                Set allEntities = sAML2MetaManager.getAllEntities(str);
                if (allEntities == null || allEntities.isEmpty()) {
                    sAML2CircleOfTrustDescriptor.setTrustedProviders(new HashSet());
                    attributes = sAML2CircleOfTrustDescriptor.getAttributes();
                } else if (allEntities.containsAll(trustedProviders) && allEntities.retainAll(trustedProviders)) {
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("The following entity id: ").append(allEntities).append(" are valid and will be added ").append("to the circle of trust: ").append(circleOfTrustName).append(". The ").append("rest will be ignored.").toString());
                    }
                    sAML2CircleOfTrustDescriptor.setTrustedProviders(allEntities);
                    attributes = sAML2CircleOfTrustDescriptor.getAttributes();
                }
                Set trustedProviders2 = sAML2CircleOfTrustDescriptor.getTrustedProviders();
                if (trustedProviders2 != null && !trustedProviders2.isEmpty()) {
                    Iterator it = trustedProviders2.iterator();
                    while (it.hasNext()) {
                        updateEntityConfig(str, circleOfTrustName, (String) it.next());
                    }
                }
            }
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2COTManager.createCircleOfTrust: ").append("invalid realm ").append(str).toString());
                String[] strArr = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_CREATE_COT_DESCRIPTOR, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            organizationConfig.addSubConfig(circleOfTrustName, SUBCONFIG_ID, 0, attributes);
            debug.message(new StringBuffer().append("SAML2COTManager.createCircleOfTrust: ").append("circle of trust is created.").toString());
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.COT_DESCRIPTOR_CREATED, new String[]{circleOfTrustName, str}, this.ssoToken);
            }
        } catch (JAXBException e) {
            debug.error("SAML2COTManager.createCircleOfTrust: ", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_CREATE_ENTITY_DESCRIPTOR, new String[]{e.getMessage(), circleOfTrustName, null, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        } catch (SMSException e2) {
            debug.error("SAML2COTManager.createCircleOfTrust: ", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_CREATE_ENTITY_DESCRIPTOR, new String[]{e2.getMessage(), circleOfTrustName, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e2);
        }
    }

    public void addCircleOfTrustMember(String str, String str2, String str3) throws SAML2MetaException, SSOException {
        if (str2 == null || str2.trim().length() == 0) {
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_COT_NAME_ADD_COT_DESCRIPTOR, new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("cot_name_invalid", null);
        }
        if (str3 == null || str3.trim().length() == 0) {
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_ENTITYID_ADD_COT_DESCRIPTOR, new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("entityid_invalid", null);
        }
        if (str == null) {
            str = "/";
        }
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2COTManager.addCircleOfTrustMember: ").append("invalid realm ").append(str).toString());
                String[] strArr = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_ADD_COT_DESCRIPTOR, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null) {
                throw new SAML2MetaException("no_cot", null);
            }
            updateEntityConfig(str, str2, str3);
            Map attributes = subConfig.getAttributes();
            SAML2CircleOfTrustDescriptor sAML2CircleOfTrustDescriptor = attributes == null ? new SAML2CircleOfTrustDescriptor(str2, SAML2MetaConstants.ACTIVE) : new SAML2CircleOfTrustDescriptor(str2, attributes);
            if (sAML2CircleOfTrustDescriptor.add(str3)) {
                modifyCircleOfTrust(str, sAML2CircleOfTrustDescriptor);
            } else {
                debug.error(new StringBuffer().append("SAML2COTManager.addCircleOfTrustMember: ").append("fail to add entityid to the circle of trust.").append(str).toString());
                throw new SAML2MetaException("fail_add_cot", null);
            }
        } catch (SMSException e) {
            debug.error("SAML2COTManager.addCircleOfTrustMember: ", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_ADD_COT_MEMBER, new String[]{e.getMessage(), str2, str3, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        } catch (JAXBException e2) {
            debug.error("SAML2COTManager.addCircleOfTrustMember: ", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_ADD_COT_MEMBER, new String[]{e2.getMessage(), str2, str3, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e2);
        }
    }

    public void removeCircleOfTrustMember(String str, String str2, String str3) throws SAML2MetaException, SSOException {
        if (str2 == null || str2.trim().length() == 0) {
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_COT_NAME_REMOVE_COT_MEMBER, new String[]{str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException("cot_name_invalid", null);
        }
        if (str3 == null || str3.trim().length() == 0) {
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_ENTITYID_REMOVE_COT_MEMBER, new String[]{str2, str3, str}, this.ssoToken);
            }
            throw new SAML2MetaException("entityid_invalid", null);
        }
        if (str == null) {
            str = "/";
        }
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2COTManager.removeCircleOfTrustMember: ").append("invalid realm ").append(str).toString());
                String[] strArr = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_REMOVE_COT_MEMBER, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null) {
                throw new SAML2MetaException("no_cot", null);
            }
            removeFromEntityConfig(str, str2, str3);
            Map attributes = subConfig.getAttributes();
            SAML2CircleOfTrustDescriptor sAML2CircleOfTrustDescriptor = attributes == null ? new SAML2CircleOfTrustDescriptor(str2, SAML2MetaConstants.ACTIVE) : new SAML2CircleOfTrustDescriptor(str2, attributes);
            if (sAML2CircleOfTrustDescriptor.remove(str3)) {
                modifyCircleOfTrust(str, sAML2CircleOfTrustDescriptor);
            } else {
                debug.error(new StringBuffer().append("SAML2COTManager.removeCircleOfTrustMember: ").append("fail to remove entityid from the circle of trust.").append(str).toString());
                throw new SAML2MetaException("fail_remove_cot", null);
            }
        } catch (SMSException e) {
            debug.error("SAML2COTManager.removeCircleOfTrustMember: ", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_REMOVE_COT_MEMBER, new String[]{e.getMessage(), str2, str3, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        } catch (JAXBException e2) {
            debug.error("SAML2COTManager.removeCircleOfTrustMember: ", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_REMOVE_COT_MEMBER, new String[]{e2.getMessage(), str2, str3, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e2);
        }
    }

    public Set listCircleOfTrustMember(String str, String str2) throws SAML2MetaException, SSOException {
        if (str2 == null || str2.trim().length() == 0) {
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_COT_NAME_REMOVE_COT_MEMBER, new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("cot_name_invalid", null);
        }
        if (str == null) {
            str = "/";
        }
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2COTManager.listCircleOfTrustMember: ").append("invalid realm ").append(str).toString());
                String[] strArr = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_LIST_COT_DESCRIPTOR, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null) {
                throw new SAML2MetaException("no_cot", null);
            }
            Map attributes = subConfig.getAttributes();
            if (attributes == null) {
                return null;
            }
            return new SAML2CircleOfTrustDescriptor(str2, attributes).getTrustedProviders();
        } catch (SMSException e) {
            debug.error("SAML2COTManager.listCircleOfTrustMember: ", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_LIST_COT_MEMBER, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public void deleteCircleOfTrust(String str, String str2) throws SAML2MetaException, SSOException {
        if (str2 == null || str2.trim().length() == 0 || !getAllCirclesOfTrust(str).contains(str2)) {
            debug.error(new StringBuffer().append("SAML2COTManager.deleteCircleOfTrust:").append("Circle of trust name is null or circle of").append(" trust does not exist.").toString());
            throw new SAML2MetaException("cot_name_invalid", null);
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {str2, str};
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2COTManager.deleteCircleOfTrust:").append("invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_DELETE_COT_DESCRIPTOR, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null) {
                throw new SAML2MetaException("no_cot", null);
            }
            Set set = null;
            Map attributes = subConfig.getAttributes();
            if (attributes != null) {
                set = new SAML2CircleOfTrustDescriptor(str2, attributes).getTrustedProviders();
            }
            if (attributes == null || set == null || set.isEmpty()) {
                organizationConfig.removeSubConfig(str2);
                if (logUtil != null) {
                    logUtil.access(Level.INFO, LogUtil.COT_DESCRIPTOR_DELETED, strArr, this.ssoToken);
                }
            } else {
                debug.error(new StringBuffer().append("SAML2COTManager.deleteCircleOfTrust:").append("Delete circle of trust").append(" is not allowed since it contains members.").toString());
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_DELETE_COT_DESCRIPTOR, strArr, this.ssoToken);
                    throw new SAML2MetaException("cot_delete_prohibit", null);
                }
            }
        } catch (SMSException e) {
            debug.error("SAML2COTManager.deleteCircleOfTrust:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_DELETE_COT_DESCRIPTOR, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public SAML2CircleOfTrustDescriptor getCircleOfTrust(String str, String str2) throws SAML2MetaException, SSOException {
        if (str2 == null || str2.trim().length() == 0 || !getAllCirclesOfTrust(str).contains(str2)) {
            debug.error(new StringBuffer().append("SAML2COTManager.getCircleOfTrust :").append("Name of circle of trust is null or it does not exist.").toString());
            throw new SAML2MetaException("cot_name_invalid", null);
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {str2, str};
        SAML2CircleOfTrustDescriptor circleOfTrust = SAML2MetaCache.getCircleOfTrust(str, str2, this.ssoToken);
        if (circleOfTrust != null) {
            if (logUtil != null) {
                logUtil.access(Level.FINE, LogUtil.GOT_COT, strArr, this.ssoToken);
            }
            return circleOfTrust;
        }
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2COTManager.getCircleOfTrust :").append("invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_COT, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null) {
                throw new SAML2MetaException("no_cot", null);
            }
            Map attributes = subConfig.getAttributes();
            SAML2CircleOfTrustDescriptor sAML2CircleOfTrustDescriptor = attributes == null ? new SAML2CircleOfTrustDescriptor(str2, SAML2MetaConstants.ACTIVE) : new SAML2CircleOfTrustDescriptor(str2, attributes);
            SAML2MetaCache.putCircleOfTrust(str, str2, sAML2CircleOfTrustDescriptor, this.ssoToken);
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.COT_DESCRIPTOR_RETRIEVED, strArr, this.ssoToken);
            }
            return sAML2CircleOfTrustDescriptor;
        } catch (SMSException e) {
            debug.error("SAML2COTManager.getCircleOfTrust :", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_COT_DESCRIPTOR, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public Set getAllCirclesOfTrust(String str, String str2) throws SAML2MetaException, SSOException {
        ServiceConfig serviceConfig = null;
        try {
            if (this.scm != null) {
                serviceConfig = this.scm.getOrganizationConfig(str, (String) null);
            }
            if (serviceConfig != null) {
                return str2.equals("*") ? serviceConfig.getSubConfigNames() : serviceConfig.getSubConfigNames(str2);
            }
            debug.error(new StringBuffer().append("SAML2COTManager.getAllCircleOfTrust: ").append("invalid realm ").append(str).toString());
            String[] strArr = {str};
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_ALL_COT_DESCRIPTOR, strArr, this.ssoToken);
            }
            throw new SAML2MetaException("invalid_realm", strArr);
        } catch (SMSException e) {
            debug.error("SAML2COTManager.getAllCircleOfTrust: ", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_ALL_COT_DESCRIPTOR, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public Set getAllActiveCirclesOfTrust(String str) throws SAML2MetaException, SSOException {
        HashSet hashSet = new HashSet();
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2COTManager.getAllActiveCirclesOfTrust: ").append("invalid realm ").append(str).toString());
                String[] strArr = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_ALL_ACTIVE_COT, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            Set<String> subConfigNames = organizationConfig.getSubConfigNames();
            if (subConfigNames != null && !subConfigNames.isEmpty()) {
                for (String str2 : subConfigNames) {
                    if (SAML2MetaUtils.getFirstEntry(organizationConfig.getSubConfig(str2).getAttributes(), SAML2MetaConstants.AUTHDOMAIN_STATUS).equalsIgnoreCase(SAML2MetaConstants.ACTIVE)) {
                        hashSet.add(str2);
                    }
                }
            }
            return hashSet;
        } catch (SMSException e) {
            debug.error("SAML2COTManager.getAllActiveCirclesOfTrust: ", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_ALL_ACTIVE_COT, new String[]{e.getMessage(), str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public Set getAllCirclesOfTrust(String str) throws SAML2MetaException, SSOException {
        return getAllCirclesOfTrust(str, "*");
    }

    public boolean isInCircleOfTrust(String str, String str2, String str3) {
        try {
            Set trustedProviders = getCircleOfTrust(str, str2).getTrustedProviders();
            if (trustedProviders == null) {
                return false;
            }
            return trustedProviders.contains(str3);
        } catch (Exception e) {
            debug.error("SAML2COTManager.isInCircleOfTrust", e);
            if (logUtil == null) {
                return false;
            }
            logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_IS_IN_COT, new String[]{e.getMessage(), str2, str3, str}, this.ssoToken);
            return false;
        }
    }

    private void updateEntityConfig(String str, String str2, String str3) throws SAML2MetaException, JAXBException, SSOException {
        SAML2MetaManager sAML2MetaManager = new SAML2MetaManager(this.ssoToken);
        ObjectFactory objectFactory = new ObjectFactory();
        EntityDescriptorElement entityDescriptor = sAML2MetaManager.getEntityDescriptor(str, str3);
        if (entityDescriptor == null) {
            debug.error(new StringBuffer().append("SAML2COTManager.updateEntityConfig: ").append("No such entity: ").append(str3).toString());
            throw new SAML2MetaException("entityid_invalid", new String[]{str, str3});
        }
        EntityConfigElement entityConfig = sAML2MetaManager.getEntityConfig(str, str3);
        if (entityConfig == null) {
            AttributeType createAttributeType = objectFactory.createAttributeType();
            createAttributeType.setName(SAML2Constants.COT_LIST);
            createAttributeType.getValue().add(str2);
            EntityConfigElement createEntityConfigElement = objectFactory.createEntityConfigElement();
            createEntityConfigElement.setEntityID(str3);
            createEntityConfigElement.setHosted(false);
            List iDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig = createEntityConfigElement.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
            if (SAML2MetaUtils.getSPSSODescriptor(entityDescriptor) != null) {
                SPSSOConfigElement createSPSSOConfigElement = objectFactory.createSPSSOConfigElement();
                createSPSSOConfigElement.getAttribute().add(createAttributeType);
                iDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig.add(createSPSSOConfigElement);
            }
            if (SAML2MetaUtils.getIDPSSODescriptor(entityDescriptor) != null) {
                IDPSSOConfigElement createIDPSSOConfigElement = objectFactory.createIDPSSOConfigElement();
                createIDPSSOConfigElement.getAttribute().add(createAttributeType);
                iDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig.add(createIDPSSOConfigElement);
            }
            sAML2MetaManager.setEntityConfig(str, createEntityConfigElement);
            return;
        }
        boolean z = false;
        Iterator it = entityConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig().iterator();
        while (it.hasNext()) {
            List<AttributeType> attribute = ((BaseConfigType) it.next()).getAttribute();
            for (AttributeType attributeType : attribute) {
                if (attributeType.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST)) {
                    z = true;
                    List value = attributeType.getValue();
                    if (value.isEmpty() || !containsValue(value, str2)) {
                        value.add(str2);
                        sAML2MetaManager.setEntityConfig(str, entityConfig);
                        break;
                    }
                }
            }
            if (!z) {
                AttributeType createAttributeType2 = objectFactory.createAttributeType();
                createAttributeType2.setName(SAML2Constants.COT_LIST);
                createAttributeType2.getValue().add(str2);
                attribute.add(createAttributeType2);
                sAML2MetaManager.setEntityConfig(str, entityConfig);
            }
        }
    }

    private boolean containsValue(List list, String str) {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            if (((String) it.next()).trim().equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    private void removeFromEntityConfig(String str, String str2, String str3) throws SAML2MetaException, JAXBException, SSOException {
        List value;
        SAML2MetaManager sAML2MetaManager = new SAML2MetaManager(this.ssoToken);
        new ObjectFactory();
        if (sAML2MetaManager.getEntityDescriptor(str, str3) == null) {
            debug.error(new StringBuffer().append("SAML2COTManager.removeFromEntityConfig: ").append("No such entity: ").append(str3).toString());
            throw new SAML2MetaException("entityid_invalid", new String[]{str, str3});
        }
        EntityConfigElement entityConfig = sAML2MetaManager.getEntityConfig(str, str3);
        if (entityConfig != null) {
            Iterator it = entityConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig().iterator();
            while (it.hasNext()) {
                Iterator it2 = ((BaseConfigType) it.next()).getAttribute().iterator();
                while (true) {
                    if (it2.hasNext()) {
                        AttributeType attributeType = (AttributeType) it2.next();
                        if (attributeType.getName().trim().equalsIgnoreCase(SAML2Constants.COT_LIST) && (value = attributeType.getValue()) != null && !value.isEmpty() && containsValue(value, str2)) {
                            value.remove(str2);
                            sAML2MetaManager.setEntityConfig(str, entityConfig);
                            break;
                        }
                    }
                }
            }
        }
    }

    static {
        logUtil = null;
        try {
            logUtil = SAML2LogManager.getLogInstance();
        } catch (Throwable th) {
            debug.error("SAML2COTManager.static: Unable to get LogUtil.", th);
        }
    }
}
