package com.sun.identity.federation.services;

import com.iplanet.dpro.session.share.SessionEncodeURL;
import com.sun.identity.federation.alliance.FSAllianceManagementException;
import com.sun.identity.federation.alliance.FSAllianceManager;
import com.sun.identity.federation.alliance.FSIDPAuthenticationContextInfo;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.services.util.FSServiceUtils;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:117586-14/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/federation/services/FSAuthnDecisionImpl.class */
public class FSAuthnDecisionImpl implements FSAuthnDecisionSPI {
    private Map idpAuthContextMap;
    private String loginURL;
    private static boolean messageEnabled;
    private static FSAllianceManager alliancemanager;
    private Map authPriorityModule = null;
    private int compAuthType = 0;

    public FSAuthnDecisionImpl(String str, HttpServletRequest httpServletRequest) {
        this.idpAuthContextMap = null;
        this.loginURL = null;
        if (messageEnabled) {
            FSUtils.debug.message(new StringBuffer().append("FSAuthnDecisionImpl::Constructor called with providerID").append(str).toString());
        }
        this.loginURL = new StringBuffer().append(FSServiceUtils.getBaseURL(httpServletRequest)).append("/UI/Login").toString();
        this.loginURL = new StringBuffer().append(this.loginURL).append('?').append(IFSConstants.ARGKEY).append('=').append(IFSConstants.NEWSESSION).toString();
        try {
            this.idpAuthContextMap = (HashMap) alliancemanager.getHostedProvider(str).getLocalConfiguration().getIDPAuthContextInfo();
        } catch (FSAllianceManagementException e) {
            FSUtils.debug.error(new StringBuffer().append("FSPostLogin::getFederationPage in alliance exception ").append(e.getMessage()).toString());
        }
    }

    private boolean doesQueryStringExist(String str) {
        if (messageEnabled) {
            FSUtils.debug.message(new StringBuffer().append("FSAuthnDecisionImpl::doesQueryStringExistin url").append(str).toString());
        }
        return str.indexOf(63) != -1;
    }

    private void fillAuthMap() {
        Iterator it = this.idpAuthContextMap.entrySet().iterator();
        this.authPriorityModule = new HashMap();
        while (it.hasNext()) {
            FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) ((Map.Entry) it.next()).getValue();
            this.authPriorityModule.put(new Integer(fSIDPAuthenticationContextInfo.getPriority()), fSIDPAuthenticationContextInfo);
        }
    }

    private FSIDPAuthenticationContextInfo getHigherAuthContext(int i) {
        if (messageEnabled) {
            FSUtils.debug.message("FSAuthDecisionImpl ::getHigherAuthContext called.");
        }
        fillAuthMap();
        for (int i2 = i - 1; i2 > 0; i2--) {
            FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) this.authPriorityModule.get(new Integer(i2));
            if (fSIDPAuthenticationContextInfo != null && fSIDPAuthenticationContextInfo.getIsSupported()) {
                return fSIDPAuthenticationContextInfo;
            }
        }
        if (!messageEnabled) {
            return null;
        }
        FSUtils.debug.message("FSAuthDecisionImpl ::getHigherAuthContext returning null");
        return null;
    }

    @Override // com.sun.identity.federation.services.FSAuthnDecisionSPI
    public FSAuthContextResult decideAuthnContext(List list, String str, String str2) {
        if (messageEnabled) {
            FSUtils.debug.message(new StringBuffer().append("FSAuthDecisionImpl ::decideAuthnContext called with list. ").append(list).append(" and authComparisonType ").append(str2).toString());
        }
        if (str2 == null) {
            str2 = IFSConstants.MINIMUM;
        }
        FSAuthContextResult fSAuthContextResult = new FSAuthContextResult();
        if (list != null && str2 != null) {
            if (str2 != null && str2.equals(IFSConstants.EXACT)) {
                return decideAuthnContext(list, str);
            }
            if (str2 != null && str2.equals(IFSConstants.MINIMUM)) {
                this.compAuthType = 1;
            } else if (str2 != null && str2.equals(IFSConstants.BETTER)) {
                this.compAuthType = 2;
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                fSAuthContextResult = decideAuthnContext((String) it.next(), str);
                if (fSAuthContextResult != null && fSAuthContextResult.getLoginURL() != null) {
                    return fSAuthContextResult;
                }
            }
        }
        return fSAuthContextResult;
    }

    @Override // com.sun.identity.federation.services.FSAuthnDecisionSPI
    public FSAuthContextResult getURLForAuthnContext(List list, String str) {
        if (messageEnabled) {
            FSUtils.debug.message(new StringBuffer().append("FSAuthDecisionImpl ::decideAuthnContext called with list. ").append(list).append(" and authComparisonType ").append(str).toString());
        }
        if (str == null) {
            str = IFSConstants.MINIMUM;
        }
        FSAuthContextResult fSAuthContextResult = new FSAuthContextResult();
        if (list != null && str != null) {
            if (str != null && str.equals(IFSConstants.EXACT)) {
                return getURLForAuthnContext(list);
            }
            if (str != null && str.equals(IFSConstants.MINIMUM)) {
                this.compAuthType = 1;
            } else if (str != null && str.equals(IFSConstants.BETTER)) {
                this.compAuthType = 2;
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                fSAuthContextResult = getURLForAuthnContext((String) it.next());
                if (fSAuthContextResult != null && fSAuthContextResult.getLoginURL() != null) {
                    return fSAuthContextResult;
                }
            }
        }
        return fSAuthContextResult;
    }

    @Override // com.sun.identity.federation.services.FSAuthnDecisionSPI
    public FSAuthContextResult getURLForAuthnContext(List list) {
        int i = 0;
        if (messageEnabled) {
            FSUtils.debug.message("FSAuthDecisionImpl ::getURLForAuthContext. Entered method");
        }
        if (list == null || this.idpAuthContextMap == null) {
            if (messageEnabled) {
                FSUtils.debug.message("FSAuthDecisionImpl ::getURLForAuthContext. Method called withauthenticationContext null");
            }
            return new FSAuthContextResult();
        }
        for (int i2 = 0; i2 < list.size(); i2++) {
            FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get((String) list.get(i));
            if (messageEnabled) {
                FSUtils.debug.message(new StringBuffer().append("FSAuthnDecisionImpl::getURLForAuthnContextin auth context checking for ").append((String) list.get(i)).toString());
            }
            if (fSIDPAuthenticationContextInfo != null) {
                String moduleIndicatorValue = fSIDPAuthenticationContextInfo.getModuleIndicatorValue();
                String moduleIndicatorKey = fSIDPAuthenticationContextInfo.getModuleIndicatorKey();
                new String();
                if (fSIDPAuthenticationContextInfo.getIsSupported() && this.loginURL != null) {
                    FSAuthContextResult fSAuthContextResult = new FSAuthContextResult();
                    fSAuthContextResult.setLoginURL((moduleIndicatorKey.equalsIgnoreCase("none") || moduleIndicatorValue == null) ? this.loginURL : new StringBuffer().append(this.loginURL).append(SessionEncodeURL.AMPERSAND).append(fSIDPAuthenticationContextInfo.getModuleIndicatorKey()).append("=").append(moduleIndicatorValue).toString());
                    fSAuthContextResult.setAuthContextRef(fSIDPAuthenticationContextInfo.getAuthenticationContext());
                    return fSAuthContextResult;
                }
            }
            i++;
        }
        FSUtils.debug.error("FSAuthnDecisionImpl::getURLForAuthnContext Required authenticationContext not avialable");
        return new FSAuthContextResult();
    }

    @Override // com.sun.identity.federation.services.FSAuthnDecisionSPI
    public FSAuthContextResult getURLForAuthnContext(String str) {
        if (messageEnabled) {
            FSUtils.debug.message("FSAuthDecisionImpl ::getURLForAuthContext. Entered method");
        }
        if (str == null || this.idpAuthContextMap == null) {
            if (messageEnabled) {
                FSUtils.debug.message("FSAuthDecisionImpl::getURLForAuthContext. Method called withauthContextMinRef null");
            }
            return new FSAuthContextResult();
        }
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get(str);
        if (messageEnabled) {
            FSUtils.debug.message(new StringBuffer().append("FSAuthnDecisionImpl::getURLForAuthnContextin auth context checking for ").append(str).toString());
        }
        if (fSIDPAuthenticationContextInfo == null) {
            FSUtils.debug.error("FSAuthnDecisionImpl::getURLForAuthnContext. Could not get any authcontext");
            return new FSAuthContextResult();
        }
        String moduleIndicatorValue = fSIDPAuthenticationContextInfo.getModuleIndicatorValue();
        String moduleIndicatorKey = fSIDPAuthenticationContextInfo.getModuleIndicatorKey();
        new String();
        if (!fSIDPAuthenticationContextInfo.getIsSupported() || this.compAuthType == 2) {
            if (messageEnabled) {
                FSUtils.debug.message("FSAuthnDecisionImpl::getURLForAuthnContextThe given authContextMinRef not supported");
            }
            fSIDPAuthenticationContextInfo = getHigherAuthContext(fSIDPAuthenticationContextInfo.getPriority());
            if (fSIDPAuthenticationContextInfo != null) {
                moduleIndicatorValue = fSIDPAuthenticationContextInfo.getModuleIndicatorValue();
                moduleIndicatorKey = fSIDPAuthenticationContextInfo.getModuleIndicatorKey();
            }
        }
        if (this.loginURL == null || !fSIDPAuthenticationContextInfo.getIsSupported()) {
            FSUtils.debug.error("FSAuthnDecisionImpl::getURLForAuthnContext.Login url is null");
            return new FSAuthContextResult();
        }
        FSAuthContextResult fSAuthContextResult = new FSAuthContextResult();
        fSAuthContextResult.setLoginURL((moduleIndicatorKey.equalsIgnoreCase("none") || moduleIndicatorValue == null) ? this.loginURL : new StringBuffer().append(this.loginURL).append(SessionEncodeURL.AMPERSAND).append(fSIDPAuthenticationContextInfo.getModuleIndicatorKey()).append("=").append(moduleIndicatorValue).toString());
        fSAuthContextResult.setAuthContextRef(fSIDPAuthenticationContextInfo.getAuthenticationContext());
        return fSAuthContextResult;
    }

    @Override // com.sun.identity.federation.services.FSAuthnDecisionSPI
    public FSAuthContextResult decideAuthnContext(List list, String str) {
        if (messageEnabled) {
            FSUtils.debug.message("FSAuthDecisionImpl ::decideAuthnContext. Entered method");
        }
        int i = 0;
        if (list == null || this.idpAuthContextMap == null) {
            if (!messageEnabled) {
                return null;
            }
            FSUtils.debug.message("FSAuthDecisionImpl::decideAuthnContext. Method called withauthContextRef null");
            return null;
        }
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get(str);
        for (int i2 = 0; i2 < list.size(); i2++) {
            FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo2 = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get((String) list.get(i));
            if (fSIDPAuthenticationContextInfo != null && fSIDPAuthenticationContextInfo2 != null) {
                if (fSIDPAuthenticationContextInfo.getPriority() <= fSIDPAuthenticationContextInfo2.getPriority()) {
                    if (messageEnabled) {
                        FSUtils.debug.message("FSAuthDecisionImpl::decideAuthnContext.Present AuthLevel higher than needed.");
                    }
                    return new FSAuthContextResult();
                }
                ArrayList arrayList = new ArrayList();
                arrayList.add(fSIDPAuthenticationContextInfo2.getAuthenticationContext());
                FSAuthContextResult uRLForAuthnContext = getURLForAuthnContext(arrayList);
                if (uRLForAuthnContext != null) {
                    return uRLForAuthnContext;
                }
                i++;
            }
            i++;
        }
        FSUtils.debug.error("FSAuthDecisionImpl::decideAuthnContext. AuthContextRef not supported returing null");
        return null;
    }

    @Override // com.sun.identity.federation.services.FSAuthnDecisionSPI
    public FSAuthContextResult decideAuthnContext(String str, String str2) {
        if (messageEnabled) {
            FSUtils.debug.message("FSAuthDecisionImpl ::decideAuthnContext. Entered method");
        }
        if (str == null || this.idpAuthContextMap == null) {
            if (!messageEnabled) {
                return null;
            }
            FSUtils.debug.message("FSAuthDecisionImpl::decideAuthnContext. Method called withauthContextMinRef null");
            return null;
        }
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get(str2);
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo2 = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get(str);
        if (fSIDPAuthenticationContextInfo == null || fSIDPAuthenticationContextInfo2 == null) {
            FSUtils.debug.error("FSAuthDecisionImpl::decideAuthnContextNot Supported AuthContext");
            return null;
        }
        if (fSIDPAuthenticationContextInfo.getPriority() > fSIDPAuthenticationContextInfo2.getPriority()) {
            return getURLForAuthnContext(str);
        }
        if (messageEnabled) {
            FSUtils.debug.message("FSAuthDecisionImpl::decideAuthnContext.Present Auth Level higher than needed.");
        }
        return new FSAuthContextResult();
    }

    static {
        messageEnabled = false;
        alliancemanager = null;
        if (FSUtils.debug.messageEnabled()) {
            messageEnabled = true;
        }
        alliancemanager = FSServiceUtils.getAllianceInstance();
    }
}
