package com.sun.identity.saml2.meta;

import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType;
import com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement;
import com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement;
import com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement;
import com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement;
import com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement;
import com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement;
import com.sun.identity.saml2.logging.LogUtil;
import com.sun.identity.saml2.logging.SAML2LogManager;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.ServiceConfig;
import com.sun.identity.sm.ServiceConfigManager;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import javax.xml.bind.JAXBException;

/* loaded from: input_file:122983-01/SUNWsaml2/reloc/SUNWam/saml2/lib/saml2.jar:com/sun/identity/saml2/meta/SAML2MetaManager.class */
public class SAML2MetaManager {
    static final String SAML2_META_SERVICE = "sunFMSAML2MetadataService";
    static final String SAML2_META_SERVICE_VERSION = "1.0";
    private static final String ATTR_METADATA = "sun-fm-saml2-metadata";
    private static final String ATTR_ENTITY_CONFIG = "sun-fm-saml2-entityconfig";
    private static final String SUBCONFIG_ID = "EntityDescriptor";
    private static final int SUBCONFIG_PRIORITY = 0;
    private ServiceConfigManager scm;
    private SSOToken ssoToken;
    private static Debug debug = SAML2MetaUtils.debug;
    private static LogUtil logUtil;
    private static SAML2COTManager cotm;
    public static final String NAME_META_ALIAS_IN_URI = "metaAlias";

    public SAML2MetaManager(SSOToken sSOToken) throws SAML2MetaException, SSOException {
        SSOTokenManager.getInstance().validateToken(sSOToken);
        this.ssoToken = sSOToken;
        try {
            this.scm = new ServiceConfigManager(this.ssoToken, SAML2_META_SERVICE, "1.0");
            cotm = new SAML2COTManager(this.ssoToken);
            SAML2MetaCache.addSSOTokenListener(sSOToken);
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.SAML2MetaManager:", e);
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public EntityDescriptorElement getEntityDescriptor(String str, String str2) throws SAML2MetaException, SSOException {
        Map attributes;
        Set set;
        if (str2 == null) {
            return null;
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {str2, str};
        EntityDescriptorElement entityDescriptor = SAML2MetaCache.getEntityDescriptor(str, str2, this.ssoToken);
        if (entityDescriptor != null) {
            if (logUtil != null) {
                logUtil.access(Level.FINE, LogUtil.GOT_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
            }
            return entityDescriptor;
        }
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.getEntityDescriptor: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_ENTITY_DESCRIPTOR, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null || (attributes = subConfig.getAttributes()) == null || (set = (Set) attributes.get(ATTR_METADATA)) == null || set.isEmpty()) {
                return null;
            }
            Object convertStringToJAXB = SAML2MetaUtils.convertStringToJAXB((String) set.iterator().next());
            if (!(convertStringToJAXB instanceof EntityDescriptorElement)) {
                debug.error("SAML2MetaManager.getEntityDescriptor: invalid descriptor");
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.GOT_INVALID_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_descriptor", strArr);
            }
            EntityDescriptorElement entityDescriptorElement = (EntityDescriptorElement) convertStringToJAXB;
            SAML2MetaCache.putEntityDescriptor(str, str2, entityDescriptorElement, this.ssoToken);
            if (logUtil != null) {
                logUtil.access(Level.FINE, LogUtil.GOT_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
            }
            return entityDescriptorElement;
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.getEntityDescriptor:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_ENTITY_DESCRIPTOR, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        } catch (JAXBException e2) {
            debug.error("SAML2MetaManager.getEntityDescriptor:", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.GOT_INVALID_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
            }
            throw new SAML2MetaException("invalid_descriptor", strArr);
        }
    }

    public SPSSODescriptorElement getSPSSODescriptor(String str, String str2) throws SAML2MetaException, SSOException {
        return SAML2MetaUtils.getSPSSODescriptor(getEntityDescriptor(str, str2));
    }

    public IDPSSODescriptorElement getIDPSSODescriptor(String str, String str2) throws SAML2MetaException, SSOException {
        return SAML2MetaUtils.getIDPSSODescriptor(getEntityDescriptor(str, str2));
    }

    public void setEntityDescriptor(String str, EntityDescriptorElement entityDescriptorElement) throws SAML2MetaException, SSOException {
        String entityID = entityDescriptorElement.getEntityID();
        if (entityID == null) {
            debug.error("SAML2MetaManager.setEntityDescriptor: entity ID is null");
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_ENTITY_ID_SET_ENTITY_DESCRIPTOR, new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("empty_entityid", null);
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {entityID, str};
        try {
            Map convertJAXBToAttrMap = SAML2MetaUtils.convertJAXBToAttrMap(ATTR_METADATA, entityDescriptorElement);
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.setEntityDescriptor: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_SET_ENTITY_DESCRIPTOR, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(entityID);
            if (subConfig == null) {
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.NO_ENTITY_DESCRIPTOR_SET_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("entity_descriptor_not_exist", strArr);
            }
            Map attributes = subConfig.getAttributes();
            attributes.put(ATTR_METADATA, convertJAXBToAttrMap.get(ATTR_METADATA));
            subConfig.setAttributes(attributes);
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.SET_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
            }
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.setEntityDescriptor:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_SET_ENTITY_DESCRIPTOR, new String[]{e.getMessage(), entityID, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        } catch (JAXBException e2) {
            debug.error("SAML2MetaManager.setEntityDescriptor:", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.SET_INVALID_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
            }
            throw new SAML2MetaException("invalid_descriptor", strArr);
        }
    }

    public void createEntityDescriptor(String str, EntityDescriptorElement entityDescriptorElement) throws SAML2MetaException, SSOException {
        String entityID = entityDescriptorElement.getEntityID();
        if (entityID == null) {
            debug.error("SAML2MetaManager.createEntityDescriptor: entity ID is null");
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_ENTITY_ID_CREATE_ENTITY_DESCRIPTOR, new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("empty_entityid", null);
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {entityID, str};
        try {
            Map convertJAXBToAttrMap = SAML2MetaUtils.convertJAXBToAttrMap(ATTR_METADATA, entityDescriptorElement);
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.createEntityDescriptor: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_CREATE_ENTITY_DESCRIPTOR, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(entityID);
            if (subConfig == null) {
                organizationConfig.addSubConfig(entityID, SUBCONFIG_ID, 0, convertJAXBToAttrMap);
            } else {
                Map attributes = subConfig.getAttributes();
                if (attributes != null && attributes.containsKey(ATTR_METADATA)) {
                    if (logUtil != null) {
                        logUtil.error(Level.INFO, LogUtil.ENTITY_DESCRIPTOR_EXISTS, strArr, this.ssoToken);
                    }
                    throw new SAML2MetaException("entity_descriptor_exists", strArr);
                }
                subConfig.addAttribute(ATTR_METADATA, (Set) convertJAXBToAttrMap.get(ATTR_METADATA));
            }
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.ENTITY_DESCRIPTOR_CREATED, strArr, this.ssoToken);
            }
        } catch (JAXBException e) {
            debug.error("SAML2MetaManager.createEntityDescriptor:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CREATE_INVALID_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
            }
            throw new SAML2MetaException("invalid_descriptor", strArr);
        } catch (SMSException e2) {
            debug.error("SAML2MetaManager.createEntityDescriptor:", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_CREATE_ENTITY_DESCRIPTOR, new String[]{e2.getMessage(), entityID, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e2);
        }
    }

    public void deleteEntityDescriptor(String str, String str2) throws SAML2MetaException, SSOException {
        if (str2 == null) {
            return;
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {str2, str};
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.deleteEntityDescriptor: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_DELETE_ENTITY_DESCRIPTOR, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            if (organizationConfig.getSubConfig(str2) == null) {
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.NO_ENTITY_DESCRIPTOR_DELETE_ENTITY_DESCRIPTOR, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("entity_descriptor_not_exist", strArr);
            }
            IDPSSOConfigElement iDPSSOConfig = getIDPSSOConfig(str, str2);
            if (iDPSSOConfig != null) {
                removeFromCircleOfTrust(iDPSSOConfig, str, str2);
            }
            SPSSOConfigElement sPSSOConfig = getSPSSOConfig(str, str2);
            if (sPSSOConfig != null) {
                removeFromCircleOfTrust(sPSSOConfig, str, str2);
            }
            organizationConfig.removeSubConfig(str2);
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.ENTITY_DESCRIPTOR_DELETED, strArr, this.ssoToken);
            }
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.deleteEntityDescriptor:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_DELETE_ENTITY_DESCRIPTOR, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public EntityConfigElement getEntityConfig(String str, String str2) throws SAML2MetaException, SSOException {
        Map attributes;
        Set set;
        if (str2 == null) {
            return null;
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {str2, str};
        EntityConfigElement entityConfig = SAML2MetaCache.getEntityConfig(str, str2, this.ssoToken);
        if (entityConfig != null) {
            if (logUtil != null) {
                logUtil.access(Level.FINE, LogUtil.GOT_ENTITY_CONFIG, strArr, this.ssoToken);
            }
            return entityConfig;
        }
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.getEntityConfig: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_ENTITY_CONFIG, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null || (attributes = subConfig.getAttributes()) == null || (set = (Set) attributes.get(ATTR_ENTITY_CONFIG)) == null || set.isEmpty()) {
                return null;
            }
            Object convertStringToJAXB = SAML2MetaUtils.convertStringToJAXB((String) set.iterator().next());
            if (!(convertStringToJAXB instanceof EntityConfigElement)) {
                debug.error("SAML2MetaManager.getEntityConfig: invalid config");
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.GOT_INVALID_ENTITY_CONFIG, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_config", strArr);
            }
            EntityConfigElement entityConfigElement = (EntityConfigElement) convertStringToJAXB;
            SAML2MetaCache.putEntityConfig(str, str2, entityConfigElement, this.ssoToken);
            if (logUtil != null) {
                logUtil.access(Level.FINE, LogUtil.GOT_ENTITY_CONFIG, strArr, this.ssoToken);
            }
            return entityConfigElement;
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.getEntityConfig:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_ENTITY_CONFIG, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        } catch (JAXBException e2) {
            debug.error("SAML2MetaManager.getEntityConfig:", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.GOT_INVALID_ENTITY_CONFIG, strArr, this.ssoToken);
            }
            throw new SAML2MetaException("invalid_config", strArr);
        }
    }

    public SPSSOConfigElement getSPSSOConfig(String str, String str2) throws SAML2MetaException, SSOException {
        EntityConfigElement entityConfig = getEntityConfig(str, str2);
        if (entityConfig == null) {
            return null;
        }
        for (Object obj : entityConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig()) {
            if (obj instanceof SPSSOConfigElement) {
                return (SPSSOConfigElement) obj;
            }
        }
        return null;
    }

    public IDPSSOConfigElement getIDPSSOConfig(String str, String str2) throws SAML2MetaException, SSOException {
        EntityConfigElement entityConfig = getEntityConfig(str, str2);
        if (entityConfig == null) {
            return null;
        }
        for (Object obj : entityConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig()) {
            if (obj instanceof IDPSSOConfigElement) {
                return (IDPSSOConfigElement) obj;
            }
        }
        return null;
    }

    public void setEntityConfig(String str, EntityConfigElement entityConfigElement) throws SAML2MetaException, SSOException {
        String entityID = entityConfigElement.getEntityID();
        if (entityID == null) {
            debug.error("SAML2MetaManager.setEntityConfig: entity ID is null");
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_ENTITY_ID_SET_ENTITY_CONFIG, new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("empty_entityid", null);
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {entityID, str};
        try {
            Map convertJAXBToAttrMap = SAML2MetaUtils.convertJAXBToAttrMap(ATTR_ENTITY_CONFIG, entityConfigElement);
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.setEntityConfig: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_SET_ENTITY_CONFIG, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(entityID);
            if (subConfig == null) {
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.NO_ENTITY_DESCRIPTOR_SET_ENTITY_CONFIG, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("entity_descriptor_not_exist", strArr);
            }
            Map attributes = subConfig.getAttributes();
            attributes.put(ATTR_ENTITY_CONFIG, convertJAXBToAttrMap.get(ATTR_ENTITY_CONFIG));
            subConfig.setAttributes(attributes);
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.SET_ENTITY_CONFIG, strArr, this.ssoToken);
            }
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.setEntityConfig:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_SET_ENTITY_CONFIG, new String[]{e.getMessage(), entityID, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        } catch (JAXBException e2) {
            debug.error("SAML2MetaManager.setEntityConfig:", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.SET_INVALID_ENTITY_CONFIG, strArr, this.ssoToken);
            }
            throw new SAML2MetaException("invalid_config", strArr);
        }
    }

    public void createEntityConfig(String str, EntityConfigElement entityConfigElement) throws SAML2MetaException, SSOException {
        String entityID = entityConfigElement.getEntityID();
        if (entityID == null) {
            debug.error("SAML2MetaManager.createEntityConfig: entity ID is null");
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.NO_ENTITY_ID_CREATE_ENTITY_CONFIG, new String[]{str}, this.ssoToken);
            }
            throw new SAML2MetaException("empty_entityid", null);
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {entityID, str};
        try {
            Map convertJAXBToAttrMap = SAML2MetaUtils.convertJAXBToAttrMap(ATTR_ENTITY_CONFIG, entityConfigElement);
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.createEntityConfig: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_CREATE_ENTITY_CONFIG, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(entityID);
            if (subConfig == null) {
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.NO_ENTITY_DESCRIPTOR_CREATE_ENTITY_CONFIG, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("entity_descriptor_not_exist", strArr);
            }
            Set set = (Set) subConfig.getAttributes().get(ATTR_ENTITY_CONFIG);
            if (set != null && !set.isEmpty()) {
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.ENTITY_CONFIG_EXISTS, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("entity_config_exists", strArr);
            }
            subConfig.setAttributes(convertJAXBToAttrMap);
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.ENTITY_CONFIG_CREATED, strArr, this.ssoToken);
            }
            SPSSOConfigElement sPSSOConfig = getSPSSOConfig(str, entityID);
            if (sPSSOConfig != null) {
                addToCircleOfTrust(sPSSOConfig, str, entityID);
            }
            IDPSSOConfigElement iDPSSOConfig = getIDPSSOConfig(str, entityID);
            if (iDPSSOConfig != null) {
                addToCircleOfTrust(iDPSSOConfig, str, entityID);
            }
        } catch (JAXBException e) {
            debug.error("SAML2MetaManager.createEntityConfig:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CREATE_INVALID_ENTITY_CONFIG, strArr, this.ssoToken);
            }
            throw new SAML2MetaException("invalid_config", strArr);
        } catch (SMSException e2) {
            debug.error("SAML2MetaManager.createEntityConfig:", e2);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_CREATE_ENTITY_CONFIG, new String[]{e2.getMessage(), entityID, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e2);
        }
    }

    private void addToCircleOfTrust(BaseConfigType baseConfigType, String str, String str2) {
        if (baseConfigType != null) {
            try {
                ArrayList arrayList = new ArrayList((List) SAML2MetaUtils.getAttributes(baseConfigType).get(SAML2Constants.COT_LIST));
                if (arrayList != null && !arrayList.isEmpty()) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        cotm.addCircleOfTrustMember(str, (String) it.next(), str2);
                    }
                }
            } catch (Exception e) {
                debug.error(new StringBuffer().append("SAML2MetaManager.addToCircleOfTrust:Error while adding entity").append(str2).append("to COT.").toString(), e);
            }
        }
    }

    public void deleteEntityConfig(String str, String str2) throws SAML2MetaException, SSOException {
        if (str2 == null) {
            return;
        }
        if (str == null) {
            str = "/";
        }
        String[] strArr = {str2, str};
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.deleteEntityConfig: invalid realm ").append(str).toString());
                String[] strArr2 = {str};
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_DELETE_ENTITY_CONFIG, strArr2, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr2);
            }
            ServiceConfig subConfig = organizationConfig.getSubConfig(str2);
            if (subConfig == null) {
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.NO_ENTITY_DESCRIPTOR_DELETE_ENTITY_CONFIG, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("entity_config_not_exist", strArr);
            }
            Set set = (Set) subConfig.getAttributes().get(ATTR_ENTITY_CONFIG);
            if (set == null || set.isEmpty()) {
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.NO_ENTITY_DESCRIPTOR_DELETE_ENTITY_CONFIG, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("entity_config_not_exist", strArr);
            }
            IDPSSOConfigElement iDPSSOConfig = getIDPSSOConfig(str, str2);
            if (iDPSSOConfig != null) {
                removeFromCircleOfTrust(iDPSSOConfig, str, str2);
            }
            SPSSOConfigElement sPSSOConfig = getSPSSOConfig(str, str2);
            if (sPSSOConfig != null) {
                removeFromCircleOfTrust(sPSSOConfig, str, str2);
            }
            HashMap hashMap = new HashMap();
            hashMap.put(ATTR_ENTITY_CONFIG, Collections.EMPTY_SET);
            subConfig.setAttributes(hashMap);
            if (logUtil != null) {
                logUtil.access(Level.INFO, LogUtil.ENTITY_CONFIG_DELETED, strArr, this.ssoToken);
            }
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.deleteEntityConfig:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_DELETE_ENTITY_CONFIG, new String[]{e.getMessage(), str2, str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    private void removeFromCircleOfTrust(BaseConfigType baseConfigType, String str, String str2) {
        if (baseConfigType != null) {
            try {
                ArrayList arrayList = new ArrayList((List) SAML2MetaUtils.getAttributes(baseConfigType).get(SAML2Constants.COT_LIST));
                if (arrayList != null && !arrayList.isEmpty()) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        cotm.removeCircleOfTrustMember(str, (String) it.next(), str2);
                    }
                }
            } catch (Exception e) {
                debug.error(new StringBuffer().append("SAML2MetaManager.removeFromCircleOfTrust:Error while removing entity").append(str2).append("from COT.").toString(), e);
            }
        }
    }

    public List getAllHostedEntities(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        String[] strArr = {str};
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.getAllHostedEntities: invalid realm ").append(str).toString());
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_ALL_HOSTED_ENTITIES, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            Set<String> subConfigNames = organizationConfig.getSubConfigNames();
            if (subConfigNames != null && !subConfigNames.isEmpty()) {
                for (String str2 : subConfigNames) {
                    EntityConfigElement entityConfig = getEntityConfig(str, str2);
                    if (entityConfig != null && entityConfig.isHosted()) {
                        arrayList.add(str2);
                    }
                }
            }
            if (logUtil != null) {
                logUtil.access(Level.FINE, LogUtil.GOT_ALL_HOSTED_ENTITIES, strArr, this.ssoToken);
            }
            return arrayList;
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.getAllHostedEntities:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_ALL_HOSTED_ENTITIES, new String[]{e.getMessage(), str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public List getAllHostedServiceProviderEntities(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        for (String str2 : getAllHostedEntities(str)) {
            if (getSPSSODescriptor(str, str2) != null) {
                arrayList.add(str2);
            }
        }
        return arrayList;
    }

    public List getAllHostedIdentityProviderEntities(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        for (String str2 : getAllHostedEntities(str)) {
            if (getIDPSSODescriptor(str, str2) != null) {
                arrayList.add(str2);
            }
        }
        return arrayList;
    }

    public List getAllRemoteEntities(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        String[] strArr = {str};
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.getAllRemoteEntities: invalid realm ").append(str).toString());
                if (logUtil != null) {
                    logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_ALL_REMOTE_ENTITIES, strArr, this.ssoToken);
                }
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            Set<String> subConfigNames = organizationConfig.getSubConfigNames();
            if (subConfigNames != null && !subConfigNames.isEmpty()) {
                for (String str2 : subConfigNames) {
                    EntityConfigElement entityConfig = getEntityConfig(str, str2);
                    if (entityConfig == null || !entityConfig.isHosted()) {
                        arrayList.add(str2);
                    }
                }
            }
            if (logUtil != null) {
                logUtil.access(Level.FINE, LogUtil.GOT_ALL_REMOTE_ENTITIES, strArr, this.ssoToken);
            }
            return arrayList;
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.getAllRemoteEntities:", e);
            if (logUtil != null) {
                logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_ALL_REMOTE_ENTITIES, new String[]{e.getMessage(), str}, this.ssoToken);
            }
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public List getAllRemoteServiceProviderEntities(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        for (String str2 : getAllRemoteEntities(str)) {
            if (getSPSSODescriptor(str, str2) != null) {
                arrayList.add(str2);
            }
        }
        return arrayList;
    }

    public List getAllRemoteIdentityProviderEntities(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        for (String str2 : getAllRemoteEntities(str)) {
            if (getIDPSSODescriptor(str, str2) != null) {
                arrayList.add(str2);
            }
        }
        return arrayList;
    }

    public String getEntityByMetaAlias(String str) throws SAML2MetaException, SSOException {
        String realmByMetaAlias = SAML2MetaUtils.getRealmByMetaAlias(str);
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(realmByMetaAlias, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.getEntityByMetaAlias: invalid realm ").append(realmByMetaAlias).toString());
                throw new SAML2MetaException("invalid_realm", new String[]{realmByMetaAlias});
            }
            Set<String> subConfigNames = organizationConfig.getSubConfigNames();
            if (subConfigNames == null || subConfigNames.isEmpty()) {
                return null;
            }
            for (String str2 : subConfigNames) {
                EntityConfigElement entityConfig = getEntityConfig(realmByMetaAlias, str2);
                if (entityConfig != null) {
                    Iterator it = entityConfig.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig().iterator();
                    while (it.hasNext()) {
                        String metaAlias = ((BaseConfigType) it.next()).getMetaAlias();
                        if (metaAlias != null && metaAlias.equals(str)) {
                            return str2;
                        }
                    }
                }
            }
            return null;
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.getEntityByMetaAlias:", e);
            throw new SAML2MetaException((Throwable) e);
        }
    }

    public List getAllHostedIdentityProviderMetaAliases(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        Iterator it = getAllHostedIdentityProviderEntities(str).iterator();
        while (it.hasNext()) {
            IDPSSOConfigElement iDPSSOConfig = getIDPSSOConfig(str, (String) it.next());
            if (iDPSSOConfig != null) {
                arrayList.add(iDPSSOConfig.getMetaAlias());
            }
        }
        return arrayList;
    }

    public List getAllHostedServiceProviderMetaAliases(String str) throws SAML2MetaException, SSOException {
        ArrayList arrayList = new ArrayList();
        Iterator it = getAllHostedServiceProviderEntities(str).iterator();
        while (it.hasNext()) {
            SPSSOConfigElement sPSSOConfig = getSPSSOConfig(str, (String) it.next());
            if (sPSSOConfig != null) {
                arrayList.add(sPSSOConfig.getMetaAlias());
            }
        }
        return arrayList;
    }

    public boolean isTrustedProvider(String str, String str2, String str3) throws SAML2MetaException, SSOException {
        boolean z = false;
        SPSSOConfigElement sPSSOConfig = getSPSSOConfig(str, str2);
        if (sPSSOConfig != null) {
            z = isSameCircleOfTrust(sPSSOConfig, str, str3);
        }
        if (z) {
            return true;
        }
        IDPSSOConfigElement iDPSSOConfig = getIDPSSOConfig(str, str2);
        if (iDPSSOConfig != null) {
            return isSameCircleOfTrust(iDPSSOConfig, str, str3);
        }
        return false;
    }

    private boolean isSameCircleOfTrust(BaseConfigType baseConfigType, String str, String str2) {
        if (baseConfigType == null) {
            return false;
        }
        try {
            List list = (List) SAML2MetaUtils.getAttributes(baseConfigType).get(SAML2Constants.COT_LIST);
            if (list == null || list.isEmpty()) {
                return false;
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                if (cotm.isInCircleOfTrust(str, (String) it.next(), str2)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            debug.error("SAML2MetaManager.isSameCircleOfTrust: Error while determining two entities are in the same COT.");
            return false;
        }
    }

    public Set getAllEntities(String str) throws SAML2MetaException, SSOException {
        HashSet hashSet = new HashSet();
        String[] strArr = {str};
        try {
            ServiceConfig organizationConfig = this.scm.getOrganizationConfig(str, (String) null);
            if (organizationConfig == null) {
                debug.error(new StringBuffer().append("SAML2MetaManager.getAllEntities: invalid realm ").append(str).toString());
                logUtil.error(Level.INFO, LogUtil.INVALID_REALM_GET_ALL_ENTITIES, strArr, this.ssoToken);
                throw new SAML2MetaException("invalid_realm", strArr);
            }
            Set subConfigNames = organizationConfig.getSubConfigNames();
            if (subConfigNames != null && !subConfigNames.isEmpty()) {
                hashSet.addAll(subConfigNames);
            }
            logUtil.access(Level.FINE, LogUtil.GOT_ALL_ENTITIES, strArr, this.ssoToken);
            return hashSet;
        } catch (SMSException e) {
            debug.error("SAML2MetaManager.getAllEntities:", e);
            logUtil.error(Level.INFO, LogUtil.CONFIG_ERROR_GET_ALL_ENTITIES, new String[]{e.getMessage(), str}, this.ssoToken);
            throw new SAML2MetaException((Throwable) e);
        }
    }

    static {
        logUtil = null;
        try {
            logUtil = SAML2LogManager.getLogInstance();
        } catch (Throwable th) {
            debug.error("SAML2MetaManager.static: Unable to get LogUtil.", th);
        }
    }
}
