package com.iplanet.portalserver.auth.module.securid;

import com.iplanet.portalserver.auth.server.LoginException;
import com.iplanet.portalserver.profile.DomainProfile;
import com.iplanet.portalserver.profile.ProfileException;
import com.iplanet.portalserver.profile.ProfileManager;
import com.iplanet.portalserver.session.Session;
import com.iplanet.portalserver.util.Debug;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.Enumeration;
import java.util.ResourceBundle;
import java.util.StringTokenizer;

/* loaded from: input_file:116905-01/SUNWwtsdd/reloc/SUNWips/lib/ips_services.jar:com/iplanet/portalserver/auth/module/securid/SecurIDHelper.class */
public class SecurIDHelper {
    protected static final int DAEMON_TIMEOUT_mS = 7500;
    private final int MAXLOOP = 200;
    private Socket sock;
    private BufferedReader reader;
    private PrintWriter writer;
    private String replaceText;
    private static final String charSet = "ISO8859_1";
    private static final String sccsID = "@(#)SecurIDHelper.java\t1.20 01/07/20 Sun Microsystems, Inc.";

    public SecurIDHelper(int i, ResourceBundle resourceBundle) throws LoginException {
        this.sock = null;
        this.reader = null;
        this.writer = null;
        try {
            this.sock = new Socket("127.0.0.1", i);
            this.sock.setSoTimeout(DAEMON_TIMEOUT_mS);
            this.reader = new BufferedReader(new InputStreamReader(this.sock.getInputStream(), charSet));
            this.writer = new PrintWriter(new BufferedWriter(new OutputStreamWriter(this.sock.getOutputStream(), charSet)));
        } catch (UnknownHostException unused) {
            throw new LoginException(resourceBundle.getString("SecurIDHelperLocalhost"));
        } catch (IOException unused2) {
            throw new LoginException(resourceBundle.getString("SecurIDHelperIOEx"));
        }
    }

    public int authenticate(String str, String str2, String str3, Debug debug, ResourceBundle resourceBundle) {
        int i = 200;
        int i2 = 1000;
        do {
            try {
                String do_read = do_read(254, resourceBundle);
                if (do_read == null || do_read.equals("")) {
                    return -2;
                }
                if (debug.debugEnabled()) {
                    debug.message(new StringBuffer("SecurIDHelper:authenticate:instring=").append(do_read).toString());
                }
                if (do_read.startsWith("Enter Securid login:")) {
                    do_write(str2);
                    if (debug.debugEnabled()) {
                        debug.message(new StringBuffer("SecurID:authenticate:replied with: '").append(str2).append("'").toString());
                    }
                    i2 = 1000;
                } else if (do_read.startsWith("Enter Webtop DomainName")) {
                    do_write(str);
                    if (debug.debugEnabled()) {
                        debug.message(new StringBuffer("SecurID:authenticate:replied with: '").append(str).append("'").toString());
                    }
                    i2 = 1000;
                } else if (do_read.startsWith("Enter passcode:")) {
                    do_write(str3);
                    if (debug.debugEnabled()) {
                        debug.message(new StringBuffer("SecurID:authenticate:replied with passcode of ").append(str3.length()).append(" characters").toString());
                    }
                    i2 = 1000;
                } else if (do_read.startsWith("Authentication passed")) {
                    i2 = 0;
                } else if (do_read.startsWith("Access denied")) {
                    i2 = -1;
                } else if (do_read.startsWith("New PIN required; continue? (y/n): ")) {
                    do_write("y");
                    if (debug.debugEnabled()) {
                        debug.message("SecurID:authenticate:replied with: 'y'");
                    }
                    i2 = 1000;
                } else if (do_read.startsWith("New system PIN:")) {
                    this.replaceText = do_read;
                    if (debug.debugEnabled()) {
                        debug.message(new StringBuffer("SecurID:authenticate:replaceText = '").append(this.replaceText).append("'").toString());
                    }
                    i2 = 5;
                } else if (do_read.startsWith("System generated PIN? (y/n):")) {
                    this.replaceText = do_read;
                    if (debug.debugEnabled()) {
                        debug.message(new StringBuffer("SecurID:authenticate:replaceText = '").append(this.replaceText).append("'").toString());
                    }
                    i2 = 4;
                } else if (do_read.startsWith("Enter new PIN, containing")) {
                    i2 = 2;
                } else if (do_read.startsWith("Enter next PASSCODE:")) {
                    i2 = 3;
                } else if (do_read.startsWith("authentication failed")) {
                    i2 = -1;
                } else if (do_read.startsWith("unknown return code ")) {
                    i2 = -1;
                } else if (do_read.startsWith("Processing timed-")) {
                    i2 = -1;
                } else if (do_read.startsWith("Processing erro")) {
                    i2 = -1;
                } else if (do_read.startsWith("Wait for the code on your token to change, then connect again with the new PIN")) {
                    i2 = 5;
                }
                i--;
                if (i == 0) {
                    i2 = -1;
                }
            } catch (IOException unused) {
                return -1;
            }
        } while (i2 == 1000);
        return i2;
    }

    public int configHelper(String str, String str2, String str3, Session session, Debug debug, ResourceBundle resourceBundle) {
        String attributeString;
        int i = 0;
        try {
            if (!do_read(254, resourceBundle).startsWith("Enter SecurID Helper Listen Port")) {
                return -2;
            }
            do_write(str);
            try {
                if (!do_read(254, resourceBundle).startsWith("Enter SecurID Helper Session Timeout")) {
                    return -4;
                }
                do_write(str2);
                try {
                    if (!do_read(254, resourceBundle).startsWith("Enter SecurID Helper Max Sessions")) {
                        return -6;
                    }
                    do_write(str3);
                    try {
                        Enumeration domains = ProfileManager.getDomains(session);
                        while (true) {
                            if (!domains.hasMoreElements()) {
                                break;
                            }
                            String str4 = (String) domains.nextElement();
                            DomainProfile domainProfile = (DomainProfile) ProfileManager.getProfileAdmin(session, str4, 8);
                            Enumeration attribute = domainProfile.getAttribute("iwtAuth-authMenu");
                            boolean z = false;
                            while (attribute.hasMoreElements()) {
                                if (((String) attribute.nextElement()).equals("SecurID")) {
                                    z = true;
                                }
                            }
                            boolean z2 = false;
                            if (domainProfile.getAttributeString("iwtAuth-chainingEnabled").equalsIgnoreCase("true")) {
                                z2 = true;
                            }
                            if (z2 && (attributeString = domainProfile.getAttributeString("iwtAuth-chainingModules")) != null) {
                                StringTokenizer stringTokenizer = new StringTokenizer(attributeString);
                                while (stringTokenizer.hasMoreTokens()) {
                                    if (stringTokenizer.nextToken().equals("SecurID")) {
                                        z = true;
                                    }
                                }
                            }
                            if (debug.debugEnabled()) {
                                debug.message(new StringBuffer("SecurID for domain ").append(str4).append(" enabled is ").append(z).toString());
                            }
                            String str5 = "";
                            String str6 = "";
                            Enumeration attribute2 = domainProfile.getAttribute("iwtAuthSecurID-serverIDName");
                            while (attribute2.hasMoreElements()) {
                            }
                            Enumeration attribute3 = domainProfile.getAttribute("iwtAuthSecurID-serverConfigPath");
                            while (attribute3.hasMoreElements()) {
                                str5 = (String) attribute3.nextElement();
                            }
                            Enumeration attribute4 = domainProfile.getAttribute("iwtAuthSecurID-userConfigPath");
                            while (attribute4.hasMoreElements()) {
                                str6 = (String) attribute4.nextElement();
                            }
                            try {
                                String do_read = do_read(254, resourceBundle);
                                if (debug.debugEnabled()) {
                                    debug.message(new StringBuffer("SecurID:config:instring=").append(do_read).toString());
                                }
                                if (do_read.startsWith("Enter Webtop DomainName")) {
                                    do_write(str4);
                                    if (debug.debugEnabled()) {
                                        debug.message(new StringBuffer("SecurID:config:replied with: '").append(str4).append("'").toString());
                                    }
                                    try {
                                        if (!do_read(254, resourceBundle).startsWith("This domain have SecurID enabled")) {
                                            return -8;
                                        }
                                        if (z) {
                                            do_write("y");
                                        } else {
                                            do_write("n");
                                        }
                                        if (z) {
                                            try {
                                                if (!do_read(254, resourceBundle).startsWith("Enter Config Path for Server #")) {
                                                    return -10;
                                                }
                                                do_write(str5);
                                                if (debug.debugEnabled()) {
                                                    debug.message(new StringBuffer("SecurID:config:replied with: '").append(str5).append("'").toString());
                                                }
                                                try {
                                                    if (!do_read(254, resourceBundle).startsWith("Enter User Config Path for Server #")) {
                                                        return -12;
                                                    }
                                                    do_write(str6);
                                                    if (debug.debugEnabled()) {
                                                        debug.message(new StringBuffer("SecurID:config:replied with: '").append(str6).append("'").toString());
                                                    }
                                                } catch (IOException unused) {
                                                    return -11;
                                                }
                                            } catch (IOException unused2) {
                                                return -9;
                                            }
                                        }
                                        try {
                                            if (!do_read(254, resourceBundle).startsWith("More SecurID Servers")) {
                                                return -14;
                                            }
                                            if (domains.hasMoreElements()) {
                                                do_write("y");
                                                if (debug.debugEnabled()) {
                                                    debug.message("SecurID:config:replied with: 'y'");
                                                }
                                            } else {
                                                do_write("");
                                                if (debug.debugEnabled()) {
                                                    debug.message("SecurID:config:replied with: '<cr>'");
                                                }
                                            }
                                            String num = Integer.toString(i);
                                            i++;
                                            try {
                                                domainProfile.setAttributeString("iwtAuthSecurID-serverID", num, 6);
                                                domainProfile.store(false);
                                            } catch (ProfileException e) {
                                                if (!debug.debugEnabled()) {
                                                    return -15;
                                                }
                                                debug.message(new StringBuffer("SecurID:config:setAttr/store serverID ").append(e.getMessage()).toString());
                                                return -15;
                                            }
                                        } catch (IOException unused3) {
                                            return -13;
                                        }
                                    } catch (IOException unused4) {
                                        return -7;
                                    }
                                } else {
                                    if (!do_read.startsWith("Maximum number of servers")) {
                                        return -6;
                                    }
                                    if (debug.debugEnabled()) {
                                        debug.message("SecurID:config:max servers configured.");
                                    }
                                    do_write("ok");
                                }
                            } catch (IOException unused5) {
                                return -5;
                            }
                        }
                        try {
                            String do_read2 = do_read(254, resourceBundle);
                            if (debug.debugEnabled()) {
                                debug.message(new StringBuffer("SecurID:config:done:instring=").append(do_read2).toString());
                            }
                            return !do_read2.startsWith("get_config_info: doSecurID configured successfully") ? -18 : 0;
                        } catch (IOException unused6) {
                            return -17;
                        }
                    } catch (ProfileException e2) {
                        if (!debug.debugEnabled()) {
                            return -16;
                        }
                        debug.message(new StringBuffer("SecurID:config:getDomains: ").append(e2.getMessage()).toString());
                        return -16;
                    }
                } catch (IOException unused7) {
                    return -5;
                }
            } catch (IOException unused8) {
                return -3;
            }
        } catch (IOException unused9) {
            return -1;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void destroy(ResourceBundle resourceBundle) {
        try {
            if (this.writer != null) {
                this.writer.flush();
                this.writer.close();
                this.writer = null;
            }
            if (this.reader != null) {
                this.reader.close();
                this.reader = null;
            }
            if (this.sock != null) {
                this.sock.close();
                this.sock = null;
            }
        } catch (IOException unused) {
            System.err.println(resourceBundle.getString("SecurIDDestroyIOEx"));
            System.exit(1);
        } catch (Exception e) {
            System.err.println(new StringBuffer(String.valueOf(resourceBundle.getString("SecurIDDestroyEx"))).append(e.getMessage()).toString());
        }
    }

    public String do_read(int i, ResourceBundle resourceBundle) throws IOException {
        char[] cArr = new char[254];
        try {
            this.reader.read(cArr, 0, i);
            String str = new String(cArr);
            try {
                if (str.equals(new String(str.getBytes("ASCII"), "ASCII"))) {
                    return str;
                }
                throw new IOException(resourceBundle.getString("SecurIDHelperInputNotASCII"));
            } catch (UnsupportedEncodingException unused) {
                throw new IOException(resourceBundle.getString("SecurIDHelperInputEncodingException"));
            }
        } catch (IOException e) {
            throw e;
        }
    }

    protected synchronized int do_write(String str) {
        this.writer.println(str);
        this.writer.flush();
        return str.length();
    }

    public String getReplaceText() {
        return this.replaceText;
    }

    public int newPINAnswer(String str, Debug debug, ResourceBundle resourceBundle) {
        int i;
        do_write(str);
        try {
            String do_read = do_read(254, resourceBundle);
            if (do_read.length() == 0) {
                return -1;
            }
            if (do_read.startsWith("Authentication passed")) {
                i = 0;
            } else if (do_read.startsWith("Access denied")) {
                i = -1;
            } else if (do_read.startsWith("unknown return code ")) {
                i = -1;
            } else if (do_read.startsWith("Processing timed-")) {
                i = -1;
            } else if (do_read.startsWith("Processing erro")) {
                i = -1;
            } else if (do_read.startsWith("authentication failed")) {
                i = -1;
            } else if (do_read.startsWith("Access challenge failed")) {
                i = -1;
            } else if (do_read.startsWith("Enter new PIN, containing")) {
                i = 2;
            } else if (do_read.startsWith("New system PIN:")) {
                this.replaceText = do_read;
                i = 5;
            } else {
                i = -1;
            }
            return i;
        } catch (IOException e) {
            System.err.println(e);
            return -1;
        }
    }

    public int newPINMode(String str, Debug debug, ResourceBundle resourceBundle) {
        int i = 200;
        do_write(str);
        int i2 = 1000;
        do {
            try {
                String do_read = do_read(254, resourceBundle);
                if (do_read.length() == 0) {
                    return -1;
                }
                if (do_read.startsWith("Authentication passed")) {
                    i2 = 0;
                } else if (do_read.startsWith("authentication failed")) {
                    i2 = -1;
                } else if (do_read.startsWith("Access challenge failed")) {
                    i2 = -1;
                } else if (do_read.indexOf("Access denied") != -1) {
                    i2 = -1;
                } else if (do_read.startsWith("Enter Challenge Response:")) {
                    i2 = 3;
                } else if (do_read.startsWith("unknown return code ")) {
                    i2 = -1;
                } else if (do_read.startsWith("Processing timed-")) {
                    i2 = -1;
                } else if (do_read.startsWith("Processing erro")) {
                    i2 = -1;
                } else if (do_read.startsWith("Access challenge failed")) {
                    i2 = -1;
                } else if (do_read.startsWith("Wait for the code on your token to change, then connect again with the new PIN")) {
                    i2 = 5;
                    this.replaceText = new String("New PIN accepted");
                } else if (do_read.startsWith("PIN must have between ")) {
                    i2 = -1;
                }
                i--;
                if (i == 0) {
                    i2 = -1;
                }
            } catch (IOException e) {
                System.err.println(e);
                return -1;
            }
        } while (i2 == 1000);
        return i2;
    }

    public int nextTokenMode(String str, Debug debug, ResourceBundle resourceBundle) {
        do_write(str);
        try {
            String do_read = do_read(254, resourceBundle);
            if (do_read.length() == 0) {
                return -1;
            }
            return do_read.startsWith("Authentication passed") ? 0 : do_read.startsWith("Access denied") ? -1 : do_read.startsWith("unknown return code ") ? -1 : do_read.startsWith("Processing timed-") ? -1 : do_read.startsWith("Processing erro") ? -1 : do_read.startsWith("authentication failed") ? -1 : do_read.startsWith("Access challenge failed") ? -1 : -1;
        } catch (IOException e) {
            System.err.println(e);
            return -1;
        }
    }
}
