package com.sun.identity.authentication.modules.securid;

import com.iplanet.am.console.base.AMNameValueViewBean;
import com.iplanet.am.util.Debug;
import com.iplanet.am.util.Locale;
import com.iplanet.am.util.Misc;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.authentication.spi.AuthenticationException;
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.ResourceBundle;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;

/* loaded from: input_file:117586-13/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/authentication/modules/securid/SecurID.class */
public class SecurID extends AMLoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private static String adminDN;
    private static String hostName;
    private String username;
    private static Debug debug;
    public int SECURID_CONFIG_PORT;
    public int SECURID_HELPER_PORT;
    public static final String str_DEFAULT_SECURID_HELPER_PORT = "57943";
    public static final String str_DEFAULT_SECURID_CONFIG_PORT = "58943";
    public static final int DEFAULT_SECURID_CONFIG_PORT = 58943;
    public static final int DEFAULT_SECURID_HELPER_PORT = 57943;
    public static final String DEFAULT_SECURID_TIMEOUT = "5";
    public static final String DEFAULT_SECURID_THREADS = "5";
    private SecurIDHelper securidClient;
    private static HashSet orgHash = new HashSet();
    static ResourceBundle bundle = null;
    private static String bundleName = "amAuthSecurID";
    private static Locale locale = null;
    private static HashMap helperConfigDone = new HashMap();
    private static HashMap helperConfigValues = new HashMap();
    private String userTokenId = null;
    private SecurIDPrincipal userPrincipal = null;
    private String wtOrgName = "";
    private boolean initialized = false;
    private final String CONFIG_PORT_SUFFIX = "_CONFIG_PORT";
    private final String HELPER_PORT_SUFFIX = "_HELPER_PORT";
    private final String CONFIG_PATH_SUFFIX = "_CONFIG_PATH";
    public String str_SECURID_CONFIG_PORT = "";
    public String str_SECURID_HELPER_PORT = "";
    public String str_SECURID_CONFIG_PATH = "/opt/ace/data";
    public int SECURID_TIMEOUT = 5;
    public int SECURID_THREADS = 5;
    public String str_SECURID_TIMEOUT = "5";
    public String str_SECURID_THREADS = "5";

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void init(Subject subject, Map map, Map map2) {
        try {
            bundle = AMLoginModule.amCache.getResBundle("amAuthSecurID", getLoginLocale());
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("SecurID resbundle locale=").append(getLoginLocale()).toString());
            }
            this.options = map2;
            getRequestOrg();
        } catch (Exception e) {
            debug.error("SecurID init Error...", e);
        }
    }

    private void init_helper() throws AuthenticationException {
        try {
            this.securidClient = new SecurIDHelper(this.SECURID_CONFIG_PORT, bundleName);
            if (debug.messageEnabled()) {
                debug.message("Re-initializing helper.");
            }
            int configHelper = this.securidClient.configHelper(this.str_SECURID_HELPER_PORT, this.str_SECURID_TIMEOUT, this.str_SECURID_THREADS, this.str_SECURID_CONFIG_PATH, debug, bundle);
            this.securidClient.destroy(bundle, debug);
            if (configHelper != 0) {
                if (debug.messageEnabled()) {
                    debug.message("Unable to contact helper to re-initialize(1).");
                }
                throw new AuthenticationException(bundleName, "SecurIDconfigHelper", new Object[]{new Integer(configHelper)});
            }
            if (debug.messageEnabled()) {
                debug.message("Re-initialized helper.");
            }
            this.securidClient = new SecurIDHelper(this.SECURID_HELPER_PORT, bundleName);
            if (debug.messageEnabled()) {
                debug.message("Re-opened auth port to helper.");
            }
        } catch (AuthenticationException e) {
            if (debug.messageEnabled()) {
                debug.message("Unable to contact helper to re-initialize(2).");
            }
            throw new AuthenticationException(bundleName, "SecurIDInitializeLex", new Object[]{e.getMessage()});
        } catch (Exception e2) {
            if (debug.messageEnabled()) {
                debug.message("Unable to contact helper to re-initialize(3).");
            }
            throw new AuthenticationException(bundleName, "SecurIDInitializeEx", new Object[]{e2.getMessage()});
        }
    }

    private void setDynamicText(boolean z, int i, String str) throws AuthLoginException {
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("setDynamic: isPswd=").append(z).append(", state=").append(i).append(", prompt=").append(str).toString());
        }
        Callback[] callback = getCallback(i);
        boolean z2 = false;
        if (z) {
            z2 = ((PasswordCallback) callback[0]).isEchoOn();
        }
        if (z) {
            callback[0] = new PasswordCallback(str, z2);
        } else {
            callback[0] = new NameCallback(str);
        }
        replaceCallback(i, 0, callback[0]);
    }

    private void initializeSecurID() throws AuthLoginException {
        debug.message("SecurID initialize()");
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("initializeSecurID:Org = ").append(this.wtOrgName).append("\n\tstr_SECURID_HELPER_PORT = ").append(this.str_SECURID_HELPER_PORT).append("\n\tstr_SECURID_CONFIG_PATH = ").append(this.str_SECURID_CONFIG_PATH).toString());
        }
        try {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("SecurID init done: Open request port ").append(this.SECURID_HELPER_PORT).append(" for org ").append(this.wtOrgName).toString());
            }
            this.securidClient = new SecurIDHelper(this.SECURID_HELPER_PORT, bundleName);
        } catch (AuthenticationException e) {
            if (debug.messageEnabled()) {
                debug.message("Unable to connect to auth port; Try initializing again.");
            }
            try {
                init_helper();
                if (debug.messageEnabled()) {
                    debug.message("Successfully re-initialized helper.");
                }
                try {
                    this.securidClient = new SecurIDHelper(this.SECURID_HELPER_PORT, bundleName);
                    if (debug.messageEnabled()) {
                        debug.message("Re-opened auth port to helper(2).");
                    }
                } catch (AuthenticationException e2) {
                    if (debug.messageEnabled()) {
                        debug.message("Unable to open auth port to helper(2).");
                    }
                    throw new AuthLoginException(bundleName, "SecurIDInitLex", null, e2);
                }
            } catch (AuthenticationException e3) {
                if (debug.messageEnabled()) {
                    debug.message("Unable to contact helper to re-initialize.");
                }
                throw new AuthLoginException(bundleName, "SecurIDInitLex", null, e3);
            }
        } catch (Exception e4) {
            throw new AuthLoginException(bundleName, "SecurIDInitEx", null, e4);
        }
    }

    private void getOrgConfig() throws AuthLoginException {
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("getOrgConfig:Org = ").append(this.wtOrgName).toString());
        }
        if (!helperConfigDone.containsKey(this.wtOrgName)) {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("getOrgConfig: config helper for org ").append(this.wtOrgName).toString());
            }
            try {
                initializeOrgProperties();
                this.securidClient = new SecurIDHelper(this.SECURID_CONFIG_PORT, bundleName);
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("getOrgConfig:Initializing helper for org ").append(this.wtOrgName).append(", using:").append("\n\tstr_SECURID_HELPER_PORT = ").append(this.str_SECURID_HELPER_PORT).append("\n\tstr_SECURID_CONFIG_PATH = ").append(this.str_SECURID_CONFIG_PATH).toString());
                }
                int configHelper = this.securidClient.configHelper(this.str_SECURID_HELPER_PORT, this.str_SECURID_TIMEOUT, this.str_SECURID_THREADS, this.str_SECURID_CONFIG_PATH, debug, bundle);
                this.securidClient.destroy(bundle, debug);
                if (configHelper != 0) {
                    if (debug.messageEnabled()) {
                        debug.message("getOrgConfig:Unable to contact helper to initialize(1).");
                    }
                    throw new AuthLoginException(bundleName, "SecurIDconfigHelper", new Object[]{new Integer(configHelper)});
                }
                helperConfigDone.put(this.wtOrgName, "true");
                debug.message("SecurID init: done with helper config");
                return;
            } catch (AuthenticationException e) {
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("getOrgConfig:SecurID init lex: ").append(e.getMessage()).toString());
                }
                throw new AuthLoginException(bundleName, "SecurIDInitializeLex", null, e);
            } catch (Exception e2) {
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("getOrgConfig:SecurID init ex: ").append(e2.getMessage()).toString());
                }
                throw new AuthLoginException(bundleName, "SecurIDInitializeEx", null, e2);
            }
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("getOrgConfig:initialize: Org ").append(this.wtOrgName).append(" init-ed; retrieve config values").toString());
        }
        String stringBuffer = new StringBuffer().append(this.wtOrgName).append("_CONFIG_PORT").toString();
        if (!helperConfigValues.containsKey(stringBuffer)) {
            debug.error(new StringBuffer().append("getOrgConfig:Can't find key ").append(stringBuffer).append(" in helperConfigValues").toString());
            throw new AuthLoginException(bundleName, "SecurIDInitializeEx", null);
        }
        this.str_SECURID_CONFIG_PORT = (String) helperConfigValues.get(stringBuffer);
        try {
            this.SECURID_CONFIG_PORT = Integer.parseInt(this.str_SECURID_CONFIG_PORT);
            String stringBuffer2 = new StringBuffer().append(this.wtOrgName).append("_HELPER_PORT").toString();
            if (!helperConfigValues.containsKey(stringBuffer2)) {
                debug.error(new StringBuffer().append("getOrgConfig:Can't find key ").append(stringBuffer2).append(" in helperConfigValues").toString());
                throw new AuthLoginException(bundleName, "SecurIDInitializeEx", null);
            }
            this.str_SECURID_HELPER_PORT = (String) helperConfigValues.get(stringBuffer2);
            try {
                this.SECURID_HELPER_PORT = Integer.parseInt(this.str_SECURID_HELPER_PORT);
                String stringBuffer3 = new StringBuffer().append(this.wtOrgName).append("_CONFIG_PATH").toString();
                if (!helperConfigValues.containsKey(stringBuffer3)) {
                    debug.error(new StringBuffer().append("getOrgConfig:Can't find key ").append(stringBuffer3).append(" in helperConfigValues").toString());
                    throw new AuthLoginException(bundleName, "SecurIDInitializeEx", null);
                }
                this.str_SECURID_CONFIG_PATH = (String) helperConfigValues.get(stringBuffer3);
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("getOrgConfig:retrieved config values:\n\tSECURID_CONFIG_PORT = ").append(this.SECURID_CONFIG_PORT).append("\n\tSECURID_HELPER_PORT = ").append(this.SECURID_HELPER_PORT).append("\n\tSECURID_CONFIG_PATH = ").append(this.str_SECURID_CONFIG_PATH).toString());
                }
            } catch (NumberFormatException e3) {
                debug.error(new StringBuffer().append("getOrgConfig:Can't convert str_SECURID_CONFIG_PORT = ").append(this.str_SECURID_CONFIG_PORT).append(" to int").toString());
                throw new AuthLoginException(bundleName, "SecurIDInitializeEx", null, e3);
            }
        } catch (NumberFormatException e4) {
            debug.error(new StringBuffer().append("getOrgConfig:Can't convert str_SECURID_CONFIG_PORT = ").append(this.str_SECURID_CONFIG_PORT).append(" to int").toString());
            throw new AuthLoginException(bundleName, "SecurIDInitializeEx", null, e4);
        }
    }

    private void initializeOrgProperties() throws AuthLoginException {
        if (this.options == null) {
            debug.error("SecurID options not initialized");
            return;
        }
        try {
            String serverMapAttr = Misc.getServerMapAttr(this.options, "iplanet-am-auth-securid-config-port");
            String serverMapAttr2 = Misc.getServerMapAttr(this.options, "iplanet-am-auth-securid-helper-port");
            String serverMapAttr3 = Misc.getServerMapAttr(this.options, "iplanet-am-auth-securid-server-config-path");
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("SecurID init: config_port=").append(serverMapAttr).append("\n\thelper_port=").append(serverMapAttr2).append("\n\tconfig_path=").append(serverMapAttr3).toString());
            }
            try {
                this.SECURID_CONFIG_PORT = Integer.parseInt(serverMapAttr);
                this.str_SECURID_CONFIG_PORT = serverMapAttr;
            } catch (NumberFormatException e) {
                debug.error(new StringBuffer().append("initializeOrgProperties: config port = ").append(serverMapAttr).append("; invalid, set to default = ").append(str_DEFAULT_SECURID_CONFIG_PORT).toString());
                this.SECURID_CONFIG_PORT = DEFAULT_SECURID_CONFIG_PORT;
                this.str_SECURID_CONFIG_PORT = str_DEFAULT_SECURID_CONFIG_PORT;
            }
            try {
                this.SECURID_HELPER_PORT = Integer.parseInt(serverMapAttr2);
                this.str_SECURID_HELPER_PORT = serverMapAttr2;
            } catch (NumberFormatException e2) {
                debug.error(new StringBuffer().append("initializeOrgProperties: helper port = ").append(serverMapAttr2).append("; invalid, set to default = ").append(str_DEFAULT_SECURID_HELPER_PORT).toString());
                this.SECURID_HELPER_PORT = DEFAULT_SECURID_HELPER_PORT;
                this.str_SECURID_HELPER_PORT = str_DEFAULT_SECURID_HELPER_PORT;
            }
            if (serverMapAttr3 == null || serverMapAttr3.equals("")) {
                debug.error(new StringBuffer().append("No SecurID config path specified for org = ").append(this.wtOrgName).toString());
                throw new AuthLoginException(bundleName, "SecurIDNoSrvrPath", null);
            }
            String stringBuffer = new StringBuffer().append(serverMapAttr3).append("/sdconf.rec").toString();
            File file = new File(stringBuffer);
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("About to check on Server File Path ").append(stringBuffer).append(" for Org ").append(this.wtOrgName).toString());
            }
            if (!file.exists()) {
                debug.error(new StringBuffer().append("SecurID Server Path '").append(stringBuffer).append("' does not exist.  Organization = ").append(this.wtOrgName).toString());
                throw new AuthLoginException(bundleName, "SecurIDSrvrPathNoExist", null);
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("found SecurID Server Path = ").append(stringBuffer).append(" for Org ").append(this.wtOrgName).toString());
            }
            this.str_SECURID_CONFIG_PATH = serverMapAttr3;
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("SecurID (org=").append(this.wtOrgName).append(")->configPort = ").append(this.SECURID_CONFIG_PORT).append("\n\thelperPort = ").append(this.str_SECURID_HELPER_PORT).append("\n\ttimeout = ").append(this.str_SECURID_TIMEOUT).append("\n\tconfig path = ").append(this.str_SECURID_CONFIG_PATH).toString());
            }
            String stringBuffer2 = new StringBuffer().append(this.wtOrgName).append("_CONFIG_PORT").toString();
            if (helperConfigValues.containsKey(stringBuffer2)) {
                helperConfigValues.remove(stringBuffer2);
            }
            helperConfigValues.put(stringBuffer2, this.str_SECURID_CONFIG_PORT);
            String stringBuffer3 = new StringBuffer().append(this.wtOrgName).append("_HELPER_PORT").toString();
            if (helperConfigValues.containsKey(stringBuffer3)) {
                helperConfigValues.remove(stringBuffer3);
            }
            helperConfigValues.put(stringBuffer3, this.str_SECURID_HELPER_PORT);
            String stringBuffer4 = new StringBuffer().append(this.wtOrgName).append("_CONFIG_PATH").toString();
            if (helperConfigValues.containsKey(stringBuffer4)) {
                helperConfigValues.remove(stringBuffer4);
            }
            helperConfigValues.put(stringBuffer4, this.str_SECURID_CONFIG_PATH);
        } catch (Exception e3) {
            debug.error("SecurID parameters initialization failure", e3);
        }
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public int process(Callback[] callbackArr, int i) throws AuthLoginException {
        int i2;
        String str;
        this.wtOrgName = getRequestOrg();
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("process: Org = ").append(this.wtOrgName).append("\n\tSECURID_CONFIG_PORT = ").append(this.SECURID_CONFIG_PORT).append("\n\tSECURID_HELPER_PORT = ").append(this.SECURID_HELPER_PORT).append("\n\tstr_SECURID_CONFIG_PATH = ").append(this.str_SECURID_CONFIG_PATH).append("\n\tinitialized = ").append(this.initialized).toString());
        }
        if (!this.initialized) {
            getOrgConfig();
            initializeSecurID();
            this.initialized = true;
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("process; after getOrgConfig: Org = ").append(this.wtOrgName).append("\n\tSECURID_CONFIG_PORT = ").append(this.SECURID_CONFIG_PORT).append("\n\tSECURID_HELPER_PORT = ").append(this.SECURID_HELPER_PORT).append("\n\tstr_SECURID_CONFIG_PATH = ").append(this.str_SECURID_CONFIG_PATH).append("\n\tstate = ").append(i).append("\n\tuserTokenId = ").append(this.userTokenId).append("\n\tusername = ").append(this.username).toString());
        }
        switch (i) {
            case 1:
                this.username = ((NameCallback) callbackArr[0]).getName();
                if (this.username != null && !this.username.equals("")) {
                    String charToString = charToString(((PasswordCallback) callbackArr[1]).getPassword(), callbackArr[1]);
                    if (charToString != null && !charToString.equals("")) {
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("username: ").append(this.username).toString());
                        }
                        int authenticate = this.securidClient.authenticate(this.str_SECURID_CONFIG_PATH, this.username, charToString, debug, bundle);
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("SecurID:validate: authenticate rtn = ").append(authenticate).toString());
                        }
                        switch (authenticate) {
                            case 0:
                                this.securidClient.destroy(bundle, debug);
                                this.userTokenId = this.username;
                                i2 = -1;
                                break;
                            case 1:
                            default:
                                this.securidClient.destroy(bundle, debug);
                                setFailureID(this.username);
                                throw new AuthLoginException(bundleName, "SecurIDLoginFailed", new Object[]{this.username});
                            case 2:
                                setDynamicText(true, authenticate, this.securidClient.getReplaceText());
                                i2 = 2;
                                break;
                            case 3:
                                i2 = 3;
                                break;
                            case 4:
                                setDynamicText(false, authenticate, this.securidClient.getReplaceText());
                                i2 = 4;
                                break;
                            case 5:
                                setDynamicText(true, authenticate, this.securidClient.getReplaceText());
                                i2 = 5;
                                break;
                        }
                    } else {
                        this.securidClient.destroy(bundle, debug);
                        throw new AuthLoginException(bundleName, "SecurIDPasscodeNull", null);
                    }
                } else {
                    this.securidClient.destroy(bundle, debug);
                    throw new AuthLoginException(bundleName, "SecurIDUserIdNull", null);
                }
            case 2:
                String charToString2 = charToString(((PasswordCallback) callbackArr[0]).getPassword(), callbackArr[0]);
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("validate:state2: token length = ").append(charToString2.length()).toString());
                }
                if (charToString2 == null || charToString2.equals("")) {
                    this.securidClient.destroy(bundle, debug);
                    setFailureID(this.username);
                    throw new AuthLoginException(bundleName, "SecurIDInvNewPin", null);
                }
                try {
                    if (!charToString2.equals(new String(charToString2.getBytes("ASCII"), "ASCII"))) {
                        setFailureID(this.username);
                        throw new AuthLoginException(bundleName, "SecurIDNewPINNotASCII", null);
                    }
                    int newPINMode = this.securidClient.newPINMode(charToString2, debug, bundle);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("process state 2:newPINMode returns ").append(newPINMode).toString());
                    }
                    if (newPINMode != 0) {
                        if (newPINMode != -1) {
                            String replaceText = this.securidClient.getReplaceText();
                            if (debug.messageEnabled()) {
                                debug.message(new StringBuffer().append("process state 2: newPINMode returned ").append(newPINMode).append(", rpText = ").append(replaceText).toString());
                            }
                            if (replaceText == null || replaceText.equals("")) {
                                replaceText = " ";
                            }
                            setDynamicText(true, 5, replaceText);
                            i2 = 5;
                            break;
                        } else {
                            this.securidClient.destroy(bundle, debug);
                            debug.message("validate:state2: New PIN specified is invalid.");
                            setFailureID(this.username);
                            throw new AuthLoginException(bundleName, "SecurIDAuthInvNewPin", null);
                        }
                    } else {
                        this.securidClient.destroy(bundle, debug);
                        this.userTokenId = this.username;
                        i2 = -1;
                        break;
                    }
                } catch (UnsupportedEncodingException e) {
                    setFailureID(this.username);
                    throw new AuthLoginException(bundleName, "SecurIDInputEncodingException", null);
                }
                break;
            case 3:
                String charToString3 = charToString(((PasswordCallback) callbackArr[0]).getPassword(), callbackArr[0]);
                if (charToString3 == null || charToString3.equals("")) {
                    this.securidClient.destroy(bundle, debug);
                    throw new AuthLoginException(bundleName, "SecurIDInvNextToken", null);
                }
                try {
                    if (!charToString3.equals(new String(charToString3.getBytes("ASCII"), "ASCII"))) {
                        setFailureID(this.username);
                        throw new AuthLoginException(bundleName, "SecurIDNextTokenNotASCII", null);
                    }
                    if (this.securidClient.nextTokenMode(charToString3, debug, bundle) != 0) {
                        setFailureID(this.username);
                        throw new AuthLoginException(bundleName, "SecurIDInvNextToken", null);
                    }
                    this.securidClient.destroy(bundle, debug);
                    this.userTokenId = this.username;
                    i2 = -1;
                    break;
                } catch (UnsupportedEncodingException e2) {
                    setFailureID(this.username);
                    throw new AuthLoginException(bundleName, "SecurIDInputEncodingException", null);
                }
                break;
            case 4:
                String name = ((NameCallback) callbackArr[0]).getName();
                debug.message(new StringBuffer().append("received answer(state 4) = ").append(name).toString());
                if (name == null || name.equals("")) {
                    str = "y";
                    debug.message(new StringBuffer().append("made answer(state 4) = ").append(str).toString());
                } else {
                    str = (name.startsWith("y") || name.startsWith("Y")) ? "y" : (name.startsWith(AMNameValueViewBean.QUERY_PARAM_NAME) || name.startsWith("N")) ? AMNameValueViewBean.QUERY_PARAM_NAME : AMNameValueViewBean.QUERY_PARAM_NAME;
                }
                try {
                    if (!str.equals(new String(str.getBytes("ASCII"), "ASCII"))) {
                        setFailureID(this.username);
                        throw new AuthLoginException(bundleName, "SecurIDNextTokenNotASCII", null);
                    }
                    int newPINAnswer = this.securidClient.newPINAnswer(str, debug, bundle);
                    debug.message(new StringBuffer().append("return from newPINAnswer = ").append(newPINAnswer).toString());
                    if (newPINAnswer != 0) {
                        debug.message(new StringBuffer().append("return from curstate4 = ").append(newPINAnswer).toString());
                        String replaceText2 = this.securidClient.getReplaceText();
                        if (replaceText2 == null || replaceText2.equals("")) {
                            replaceText2 = " ";
                        }
                        setDynamicText(true, newPINAnswer, replaceText2);
                        i2 = newPINAnswer;
                        break;
                    } else {
                        this.securidClient.destroy(bundle, debug);
                        this.userTokenId = this.username;
                        i2 = -1;
                        break;
                    }
                } catch (UnsupportedEncodingException e3) {
                    setFailureID(this.username);
                    throw new AuthLoginException(bundleName, "SecurIDInputEncodingException", null);
                }
                break;
            case 5:
                String requestOrg = getRequestOrg();
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("about to get securid service template for Org '").append(requestOrg).append("'").toString());
                }
                if (this.username == null || this.username.equals("")) {
                    this.securidClient.destroy(bundle, debug);
                    setFailureID(this.username);
                    throw new AuthLoginException(bundleName, "SecurIDPrevUserid", null);
                }
                String charToString4 = charToString(((PasswordCallback) callbackArr[0]).getPassword(), callbackArr[0]);
                if (charToString4 == null || charToString4.equals("")) {
                    this.securidClient.destroy(bundle, debug);
                    throw new AuthLoginException(bundleName, "SecurIDInvNextToken", null);
                }
                try {
                    if (!charToString4.equals(new String(charToString4.getBytes("ASCII"), "ASCII"))) {
                        setFailureID(this.username);
                        throw new AuthLoginException(bundleName, "SecurIDNextTokenNotASCII", null);
                    }
                    this.securidClient.destroy(bundle, debug);
                    try {
                        this.securidClient = new SecurIDHelper(this.SECURID_HELPER_PORT, bundleName);
                        int authenticate2 = this.securidClient.authenticate(this.str_SECURID_CONFIG_PATH, this.username, charToString4, debug, bundle);
                        this.securidClient.destroy(bundle, debug);
                        if (authenticate2 != 0) {
                            setFailureID(this.username);
                            throw new AuthLoginException(bundleName, "SecurIDLoginFailed", new Object[]{this.username});
                        }
                        this.userTokenId = this.username;
                        i2 = -1;
                        break;
                    } catch (Exception e4) {
                        setFailureID(this.username);
                        throw new AuthLoginException(bundleName, "SecurIDIntializeEx", null, e4);
                    }
                } catch (UnsupportedEncodingException e5) {
                    setFailureID(this.username);
                    throw new AuthLoginException(bundleName, "SecurIDInputEncodingException", null);
                }
                break;
            default:
                this.securidClient.destroy(bundle, debug);
                setFailureID(this.username);
                throw new AuthLoginException(bundleName, "SecurIDAuth", null);
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("process; after process:\n\tstate = ").append(i).append("\n\tuserTokenId = ").append(this.userTokenId).append("\n\tusername = ").append(this.username).toString());
        }
        return i2;
    }

    private String charToString(char[] cArr, Callback callback) {
        if (cArr == null) {
            cArr = new char[0];
        }
        char[] cArr2 = new char[cArr.length];
        System.arraycopy(cArr, 0, cArr2, 0, cArr.length);
        ((PasswordCallback) callback).clearPassword();
        return new String(cArr2);
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public Principal getPrincipal() {
        if (this.userPrincipal != null) {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("getPrincipal: userPrincipal not null; userPrincipal = ").append(this.userPrincipal).toString());
            }
            return this.userPrincipal;
        }
        if (this.userTokenId != null) {
            this.userPrincipal = new SecurIDPrincipal(this.userTokenId);
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("getPrincipal: userPrincipal null, userTokenId = ").append(this.userTokenId).append(", returning userPrincipal = ").append(this.userPrincipal).toString());
            }
            return this.userPrincipal;
        }
        if (!debug.messageEnabled()) {
            return null;
        }
        debug.message("getPrincipal: returning null");
        return null;
    }

    public void shutdown() {
    }

    static {
        debug = null;
        if (debug == null) {
            debug = Debug.getInstance("amAuthSecurID");
        }
    }
}
