package com.sun.identity.policy;

import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.sm.ServiceManager;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import netscape.ldap.util.DN;

/* loaded from: input_file:115766-11/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/policy/ProxyPolicyEvaluator.class */
public class ProxyPolicyEvaluator {
    private static final String TOP_LEVEL_ADMIN_ROLE = "cn=Top-level Admin Role,";
    private static final String TOP_LEVEL_POLICY_ADMIN_ROLE = "cn=Top-level Policy Admin Role,";
    private static final String ORG_ADMIN_ROLE = "cn=Organization Admin Role,";
    private static final String ORG_POLICY_ADMIN_ROLE = "cn=Organization Policy Admin Role,";
    private SSOToken adminToken;
    private AMUser adminUser;
    private String serviceType;
    private PolicyEvaluator policyEvaluator;
    private static String baseDNString = ServiceManager.getBaseDN();
    private static DN baseDN = new DN(baseDNString);

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProxyPolicyEvaluator(SSOToken sSOToken, String str) throws NoPermissionException, NameNotFoundException, PolicyException, SSOException {
        SSOTokenManager.getInstance().validateToken(sSOToken);
        this.adminToken = sSOToken;
        this.serviceType = str;
        this.adminUser = new AMStoreConnection(this.adminToken).getUser(this.adminToken.getPrincipal().getName());
        this.policyEvaluator = PolicyEvaluatorFactory.getInstance().getPolicyEvaluator(sSOToken, str);
    }

    public boolean isAllowed(String str, String str2, String str3, Map map) throws PolicyException, SSOException {
        return this.policyEvaluator.isAllowed(getProxyToken(str), str2, str3, map);
    }

    public PolicyDecision getPolicyDecision(String str, String str2, Map map) throws PolicyException, SSOException {
        String policyDecision;
        SSOToken proxyToken = getProxyToken(str);
        PolicyDecision policyDecision2 = this.policyEvaluator.getPolicyDecision(proxyToken, str2, null, map);
        if (PolicyUtils.logStatus && (policyDecision = policyDecision2.toString()) != null && !policyDecision.equals("")) {
            String[] strArr = {this.adminToken.getPrincipal().getName(), str, str2, policyDecision};
            PolicyUtils.logAccessMessage(Level.INFO, ResBundleUtils.getString("proxied_policy_evaluation"), this.adminToken);
        }
        if (PolicyManager.debug.messageEnabled()) {
            PolicyManager.debug.message(new StringBuffer().append(" Admin: ").append(this.adminToken.getPrincipal().getName()).append(" got policy decision ").append(" for principal: ").append(proxyToken.getPrincipal().getName()).append(" for resourceName:").append(str2).append(" for serviceType :").append(this.serviceType).append(" is ").append(policyDecision2).toString());
        }
        return policyDecision2;
    }

    public PolicyDecision getPolicyDecisionIgnoreSubjects(String str, Set set, Map map) throws PolicyException, SSOException {
        String policyDecision;
        PolicyDecision policyDecisionIgnoreSubjects = this.policyEvaluator.getPolicyDecisionIgnoreSubjects(str, set, map);
        if (PolicyUtils.logStatus && (policyDecision = policyDecisionIgnoreSubjects.toString()) != null && !policyDecision.equals("")) {
            String[] strArr = {this.adminToken.getPrincipal().getName(), str, policyDecision};
            PolicyUtils.logAccessMessage(Level.INFO, ResBundleUtils.getString("proxied_policy_evaluation_ignoring_subjects"), this.adminToken);
        }
        if (PolicyManager.debug.messageEnabled()) {
            PolicyManager.debug.message(new StringBuffer().append(" Admin: ").append(this.adminToken.getPrincipal().getName()).append(" got policy decision ").append(" ignoring subjects ").append(" for resourceName:").append(str).append(" for serviceType :").append(this.serviceType).append(" is ").append(policyDecisionIgnoreSubjects).toString());
        }
        return policyDecisionIgnoreSubjects;
    }

    public Set getProtectedResourcesIgnoreConditions(String str, String str2) throws PolicyException, SSOException {
        return this.policyEvaluator.getProtectedResourcesIgnoreConditions(getProxyToken(str), str2);
    }

    /* JADX WARN: Code restructure failed: missing block: B:52:0x014d, code lost:
    
        r12 = true;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private com.iplanet.sso.SSOToken getProxyToken(java.lang.String r10) throws com.sun.identity.policy.PolicyException, com.iplanet.sso.SSOException {
        /*
            Method dump skipped, instructions count: 504
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.policy.ProxyPolicyEvaluator.getProxyToken(java.lang.String):com.iplanet.sso.SSOToken");
    }
}
