package com.sun.identity.authentication.service;

import com.iplanet.am.console.auth.model.ACModelBase;
import com.iplanet.am.console.base.model.AMAdminConstants;
import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMOrganization;
import com.iplanet.am.sdk.AMPeopleContainer;
import com.iplanet.am.sdk.AMSearchControl;
import com.iplanet.am.sdk.AMSearchResults;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.AMTemplate;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.am.util.FileLookup;
import com.iplanet.am.util.FileLookupException;
import com.iplanet.am.util.Misc;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.dpro.session.service.InternalSession;
import com.iplanet.dpro.session.share.SessionEncodeURL;
import com.iplanet.services.ldap.DSConfigMgr;
import com.iplanet.services.util.CookieUtils;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.iplanet.ums.Guid;
import com.iplanet.ums.dctree.DomainComponentTree;
import com.sun.identity.authentication.AuthContext;
import com.sun.identity.authentication.config.AMAuthConfigUtils;
import com.sun.identity.authentication.server.AuthContextLocal;
import com.sun.identity.authentication.spi.AMPostAuthProcessInterface;
import com.sun.identity.authentication.spi.AuthenticationException;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.common.Constants;
import com.sun.identity.common.ISLocaleContext;
import com.sun.identity.common.RequestUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.log.LogConstants;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.security.DecodeAction;
import com.sun.identity.security.EncodeAction;
import java.io.File;
import java.security.AccessController;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import netscape.ldap.LDAPDN;
import netscape.ldap.util.DN;

/* JADX WARN: Classes with same name are omitted:
  input_file:117586-19/SUNWamclt/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/authentication/service/LoginState.class
 */
/* loaded from: input_file:117586-19/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/authentication/service/LoginState.class */
public class LoginState {
    AMLoginContext amLoginContext;
    Callback[] receivedCallbackInfo;
    Callback[] prevCallback;
    Callback[] submittedCallbackInfo;
    InternalSession sess;
    HttpServletRequest servletRequest;
    HttpServletResponse servletResponse;
    String orgName;
    String userOrg;
    String orgDN;
    Hashtable requestHash;
    boolean requestType;
    Subject subject;
    int maxSession;
    int idleTime;
    int cacheTime;
    SessionID sid;
    SSOToken ssoToken;
    SSOTokenManager ssoManager;
    String filePath;
    private static boolean getUser;
    boolean isAdmin;
    int failedStatus;
    String role;
    String roleDN;
    String roleNamingAttr;
    String moduleName;
    Set tokenSet;
    String userName;
    AuthContext.IndexType indexType;
    private static final String invalidatePCookie = "inPersistentCookie";
    static final String AUTH_CONFIG_SERVICE = "iPlanetAMAuthConfiguration";
    public boolean userIDGeneratorEnabled;
    public String userIDGeneratorClassName;
    Map queryParamsMap;
    AuthContextLocal oldAuthContext;
    private static DomainComponentTree dcTree;
    static final String AUTH_PREFIX = "iPlanetAMAuth";
    static final String SERVICE = "Service";
    String defaultUserSuccessURL;
    String clientUserSuccessURL;
    String clientUserFailureURL;
    String defaultUserFailureURL;
    String clientSuccessRoleURL;
    String defaultSuccessRoleURL;
    String clientFailureRoleURL;
    String defaultFailureRoleURL;
    String userPostLoginClassName;
    String orgPostLoginClassName;
    private static final String USER_ALIAS_ATTR = "iplanet-am-user-alias-list";
    private static final String PROTO_HTTPS = "https";
    private static final String PROTO_HTTP = "http";
    private static final String URL_DELIMITER = "|";
    static String serviceURI;
    private static final String rootSuffix = SystemProperties.get(Constants.AM_ROOT_SUFFIX);
    private static final String consoleProto = SystemProperties.get(Constants.AM_CONSOLE_PROTOCOL, "http");
    private static final String consoleHost = SystemProperties.get(Constants.AM_CONSOLE_HOST);
    private static final String consolePort = SystemProperties.get(Constants.AM_CONSOLE_PORT);
    private static final boolean isConsoleRemote = Boolean.valueOf(SystemProperties.get(Constants.AM_CONSOLE_REMOTE)).booleanValue();
    private static boolean isSessionFailoverEnabled = Boolean.valueOf(SystemProperties.get(Constants.AM_SESSION_FAILOVER_ENABLED)).booleanValue();
    private static final boolean urlRewriteInPath = Boolean.valueOf(SystemProperties.get(Constants.REWRITE_AS_PATH, "")).booleanValue();
    private static AuthD ad = AuthD.getAuth();
    private static Set userAttributes = new HashSet();
    private static boolean isHttpSessionEnabled = Boolean.valueOf(SystemProperties.get(Constants.AM_SESSION_HTTP_SESSION_ENABLED)).booleanValue();
    public static final String installDir = SystemProperties.get(Constants.AM_INSTALL_BASEDIR);
    public static String installBaseDir = null;
    public static String templateDir = null;
    HashMap callbacksPerState = new HashMap();
    int loginStatus = 2;
    Set aliasAttrNames = null;
    public boolean inetDomainStatus = true;
    String userContainerDN = null;
    boolean nullUserContainerDN = false;
    boolean dnByUserContainer = false;
    String userNamingAttr = null;
    public Set defaultRoles = null;
    public String defaultRole = null;
    boolean dynamicProfileCreation = false;
    boolean ignoreUserProfile = false;
    boolean persistentCookieMode = false;
    public String persistentCookieTime = null;
    public boolean persistentCookieOn = false;
    public String defaultAuthLevel = AMAdminConstants.INHERIT_ATTRIBUTE;
    public String redirectURL = null;
    String acceptLangHeader = null;
    String token = null;
    String userDN = null;
    int authLevel = 0;
    int moduleAuthLevel = Integer.MIN_VALUE;
    String client = null;
    String clientType = null;
    String authMethName = "";
    String pAuthMethName = null;
    String cookieSupport = "true";
    String queryOrg = null;
    boolean cookieSupported = true;
    boolean cookieSet = false;
    boolean userEnabled = true;
    AMUser amUser = null;
    public String userId = null;
    boolean isApp = false;
    Set userAliasList = null;
    boolean hasAdminToken = false;
    String pCookieName = ad.getPersistentCookieName();
    private final String PCookieDelimiter = "%";
    String gotoURL = null;
    String gotoOnFailURL = null;
    String failureLoginURL = null;
    String successLoginURL = null;
    String moduleSuccessLoginURL = null;
    String moduleFailureLoginURL = null;
    Set orgSuccessLoginURLSet = null;
    String clientOrgSuccessLoginURL = null;
    String defaultOrgSuccessLoginURL = null;
    String clientOrgFailureLoginURL = null;
    String defaultOrgFailureLoginURL = null;
    Set orgFailureLoginURLSet = null;
    Map requestMap = new HashMap();
    String clientOrgLoginSuccessURL = null;
    String defaultOrgLoginSuccessURL = null;
    String orgLoginFailureURL = null;
    Set domainAuthenticators = null;
    Set moduleInstances = null;
    boolean sessionUpgrade = false;
    int upgradeAuthLevel = 0;
    String upgradeModuleList = null;
    String upgradeServiceName = null;
    String upgradeRoleName = null;
    String loginURL = null;
    long pageTimeOut = 60;
    long lastCallbackSent = System.currentTimeMillis();
    public boolean loginFailureLockoutMode = false;
    public String accountLife = null;
    public long loginFailureLockoutDuration = 0;
    public long loginFailureLockoutTime = 300000;
    public int loginFailureLockoutCount = 5;
    public String loginLockoutNotification = null;
    public String loginLockoutAttrName = null;
    public String loginLockoutAttrValue = null;
    public int loginLockoutUserWarning = 3;
    public int userWarningCount = 0;
    String errorCode = null;
    String errorMessage = null;
    String errorTemplate = null;
    String moduleErrorTemplate = null;
    String lockoutMsg = null;
    boolean timedOut = false;
    public String failureTokenId = null;
    String principalList = null;
    String pCookieUserName = null;
    private ISLocaleContext localeContext = new ISLocaleContext();
    String fileRoot = null;
    String fileSubPaths = null;
    String indexName = null;
    X509Certificate cert = null;
    Set userSuccessURLSet = Collections.EMPTY_SET;
    Set userFailureURLSet = Collections.EMPTY_SET;
    Set successRoleURLSet = Collections.EMPTY_SET;
    Set failureRoleURLSet = Collections.EMPTY_SET;
    Map serviceAttributesMap = new HashMap();
    String moduleErrorMessage = null;
    String defaultSuccessURL = null;
    String defaultFailureURL = null;
    String tempDefaultURL = null;
    AMPostAuthProcessInterface postLoginInstance = null;
    boolean isRemote = false;
    boolean cookieDetect = false;
    HashMap userCreationAttributes = null;
    Set externalAliasList = null;
    Set successModuleSet = new HashSet();
    Set failureModuleSet = new HashSet();
    String failureModuleList = "";
    String fqdnURL = null;
    String fqdnFailureLoginURL = null;

    public HttpServletRequest getHttpServletRequest() {
        return this.servletRequest;
    }

    public void setHttpServletRequest(HttpServletRequest httpServletRequest) {
        this.servletRequest = httpServletRequest;
    }

    public InternalSession getSession() {
        if (this.sess != null && this.sess.getState() != 2 && this.sess.getState() != 3) {
            return this.sess;
        }
        if (!AuthD.debug.messageEnabled()) {
            return null;
        }
        AuthD.debug.message(new StringBuffer().append("Session is null OR INACTIVE OR DESTROYED :").append(this.sess).toString());
        return null;
    }

    public void setSession(InternalSession internalSession) {
        this.sess = internalSession;
    }

    public void setReceivedCallback(Callback[] callbackArr, AMLoginContext aMLoginContext) {
        this.amLoginContext = aMLoginContext;
        synchronized (aMLoginContext) {
            this.submittedCallbackInfo = null;
            this.receivedCallbackInfo = callbackArr;
            this.prevCallback = callbackArr;
            aMLoginContext.notify();
        }
    }

    public void setSubmittedCallback(Callback[] callbackArr, AMLoginContext aMLoginContext) {
        this.amLoginContext = aMLoginContext;
        synchronized (aMLoginContext) {
            this.receivedCallbackInfo = null;
            this.prevCallback = this.receivedCallbackInfo;
            this.submittedCallbackInfo = callbackArr;
            aMLoginContext.notify();
        }
    }

    public Callback[] getReceivedInfo() {
        return this.receivedCallbackInfo;
    }

    public Callback[] getSubmittedInfo() {
        return this.submittedCallbackInfo;
    }

    public String getOrgDN() {
        try {
            if (this.orgDN == null) {
                this.orgDN = ad.getOrgDN(this.userOrg);
            }
        } catch (Exception e) {
            AuthD.debug.message("Error getting orgDN: ", e);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("orgDN is : ").append(this.orgDN).toString());
        }
        return this.orgDN;
    }

    public String getOrgName() {
        if (this.orgName == null) {
            this.orgName = DNtoName(this.orgDN);
        }
        return this.orgName;
    }

    public int getLoginStatus() {
        return this.loginStatus;
    }

    public synchronized void setLoginStatus(int i) {
        this.loginStatus = i;
    }

    public void setParamHash(Hashtable hashtable) {
        this.requestHash = hashtable;
        if (hashtable != null) {
            Enumeration keys = hashtable.keys();
            while (keys.hasMoreElements()) {
                Object nextElement = keys.nextElement();
                this.requestMap.put(nextElement, hashtable.get(nextElement));
            }
        }
    }

    public void setRequestType(boolean z) {
        this.requestType = z;
    }

    public boolean isNewRequest() {
        return this.requestType;
    }

    public String getRootSuffix() {
        return rootSuffix;
    }

    public void populateOrgProfile() throws AuthException {
        try {
            this.inetDomainStatus = ad.getInetDomainStatus(this.orgDN);
            if (!this.inetDomainStatus) {
                logFailed(ad.bundle.getString("invalidDomain"));
                throw new AuthException(AMAuthErrorCode.AUTH_ORG_INACTIVE, null);
            }
            Map attributes = ad.getOrganizationTemplate(this.orgDN, "iPlanetAMAuthService").getAttributes();
            this.aliasAttrNames = (Set) attributes.get("iplanet-am-auth-alias-attr-name");
            this.userContainerDN = Misc.getMapAttr(attributes, AMAdminConstants.AUTH_USER_CONTAINER_ATTRIBUTE);
            if (this.userContainerDN == null) {
                AuthD.debug.message("user container DN is null");
                this.nullUserContainerDN = true;
                this.userContainerDN = new StringBuffer().append(AMStoreConnection.getNamingAttribute(5)).append("=People,").append(this.orgDN).toString();
            } else if (!Misc.isDescendantOf(this.userContainerDN, this.orgDN)) {
                AuthD.debug.error(new StringBuffer().append("populateOrgProfile : invalid user container ").append(this.userContainerDN).append(" for org ").append(this.orgDN).append(", set to default").toString());
                this.userContainerDN = new StringBuffer().append(AMStoreConnection.getNamingAttribute(5)).append("=People,").append(this.orgDN).toString();
            }
            this.userNamingAttr = Misc.getMapAttr(attributes, "iplanet-am-auth-user-naming-attr");
            this.defaultRoles = (Set) attributes.get("iplanet-am-auth-default-role");
            String mapAttr = Misc.getMapAttr(attributes, "iplanet-am-auth-dynamic-profile-creation");
            if (mapAttr.equalsIgnoreCase("true")) {
                this.dynamicProfileCreation = true;
            } else if (mapAttr.equalsIgnoreCase("ignore")) {
                this.ignoreUserProfile = true;
            }
            if (Misc.getMapAttr(attributes, "iplanet-am-auth-persistent-cookie-mode").equalsIgnoreCase("true")) {
                this.persistentCookieMode = true;
            }
            this.persistentCookieTime = Misc.getMapAttr(attributes, "iplanet-am-auth-persistent-cookie-time");
            this.domainAuthenticators = (Set) attributes.get("iplanet-am-auth-allowed-modules");
            if (this.domainAuthenticators == null) {
                this.domainAuthenticators = Collections.EMPTY_SET;
            }
            this.defaultAuthLevel = Misc.getMapAttr(attributes, "iplanet-am-auth-default-auth-level");
            if (this.defaultAuthLevel == null || this.defaultAuthLevel.equals("")) {
                this.defaultAuthLevel = AMAdminConstants.INHERIT_ATTRIBUTE;
            }
            AuthUtils.retainSupportedModules(this.domainAuthenticators, getClientType());
            this.defaultRole = Misc.getMapAttr(attributes, "iplanet-am-auth-default-role");
            this.localeContext.setLocale(this.servletRequest);
            this.localeContext.setOrgLocale(this.orgDN);
            this.orgSuccessLoginURLSet = (Set) attributes.get(ACModelBase.AUTH_SUCCESS_URL_KEY);
            if (this.orgSuccessLoginURLSet == null) {
                this.orgSuccessLoginURLSet = Collections.EMPTY_SET;
            }
            this.clientOrgSuccessLoginURL = getRedirectUrl(this.orgSuccessLoginURLSet);
            this.defaultOrgSuccessLoginURL = this.tempDefaultURL;
            this.orgFailureLoginURLSet = (Set) attributes.get(ACModelBase.AUTH_FAIL_URL_KEY);
            if (this.orgFailureLoginURLSet == null) {
                this.orgFailureLoginURLSet = Collections.EMPTY_SET;
            }
            this.clientOrgFailureLoginURL = getRedirectUrl(this.orgFailureLoginURLSet);
            this.defaultOrgFailureLoginURL = this.tempDefaultURL;
            this.orgPostLoginClassName = Misc.getMapAttr(attributes, ACModelBase.AUTH_REDIRECT_URL_KEY);
            String mapAttr2 = Misc.getMapAttr(attributes, "iplanet-am-auth-login-failure-lockout-mode");
            if (mapAttr2 != null && mapAttr2.equalsIgnoreCase("true")) {
                this.loginFailureLockoutMode = true;
            }
            String mapAttr3 = Misc.getMapAttr(attributes, "iplanet-am-auth-lockout-duration");
            if (mapAttr3 != null) {
                try {
                    this.loginFailureLockoutDuration = Long.parseLong(mapAttr3);
                } catch (NumberFormatException e) {
                    AuthD.debug.error("auth-lockout-duration bad format.");
                }
                this.loginFailureLockoutDuration *= 60000;
            }
            String mapAttr4 = Misc.getMapAttr(attributes, "iplanet-am-auth-login-failure-count");
            if (mapAttr4 != null) {
                try {
                    this.loginFailureLockoutCount = Integer.parseInt(mapAttr4);
                } catch (NumberFormatException e2) {
                    AuthD.debug.error("auth-lockout-count bad format.");
                }
            }
            String mapAttr5 = Misc.getMapAttr(attributes, "iplanet-am-auth-login-failure-duration");
            if (mapAttr5 != null) {
                try {
                    this.loginFailureLockoutTime = Long.parseLong(mapAttr5);
                } catch (NumberFormatException e3) {
                    AuthD.debug.error("auth-login-failure-duration bad format.");
                }
                this.loginFailureLockoutTime *= 60000;
            }
            String mapAttr6 = Misc.getMapAttr(attributes, "iplanet-am-auth-lockout-warn-user");
            if (mapAttr6 != null) {
                try {
                    this.loginLockoutUserWarning = Integer.parseInt(mapAttr6);
                } catch (NumberFormatException e4) {
                    AuthD.debug.error("auth-lockout-warn-user bad format.");
                }
            }
            this.loginLockoutNotification = Misc.getMapAttr(attributes, "iplanet-am-auth-lockout-email-address");
            String mapAttr7 = Misc.getMapAttr(attributes, "iplanet-am-auth-username-generator-enabled");
            if (mapAttr7 != null) {
                this.userIDGeneratorEnabled = Boolean.valueOf(mapAttr7).booleanValue();
            }
            this.userIDGeneratorClassName = Misc.getMapAttr(attributes, "iplanet-am-auth-username-generator-class");
            this.loginLockoutAttrName = Misc.getMapAttr(attributes, "iplanet-am-auth-lockout-attribute-name");
            this.loginLockoutAttrValue = Misc.getMapAttr(attributes, "iplanet-am-auth-lockout-attribute-value");
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Getting Org Profile: ").append(this.orgDN).append("\nlocale->").append(this.localeContext.getLocale()).append("\ncharset->").append(this.localeContext.getMIMECharset()).append("\ndynamicProfileCreation->").append(this.dynamicProfileCreation).append("\ndefaultRole->").append(this.defaultRole).append("\ndefaultAuthLevel->").append(this.defaultAuthLevel).append("\norgSucessLoginURLSet->").append(this.orgSuccessLoginURLSet).append("\norgFailureLoginURLSet->").append(this.orgFailureLoginURLSet).append("\nclientSuccessLoginURL ->").append(this.clientOrgSuccessLoginURL).append("\ndefaultSuccessLoginURL ->").append(this.defaultOrgSuccessLoginURL).append("\norgPostLoginClassName ->").append(this.orgPostLoginClassName).append("\nclientFailureLoginURL ->").append(this.clientOrgFailureLoginURL).append("\ndefaultFailureLoginURL ->").append(this.defaultOrgFailureLoginURL).append("\nloginFailureLockoutMode->").append(this.loginFailureLockoutMode).append("\nloginFailureLockoutCount->").append(this.loginFailureLockoutCount).append("\nloginFailureLockoutTime->").append(this.loginFailureLockoutTime).append("\nloginLockoutUserWarning->").append(this.loginLockoutUserWarning).append("\nloginLockoutNotification->").append(this.loginLockoutNotification).append("\npersistentCookieMode->").append(this.persistentCookieMode).toString());
            }
        } catch (AuthException e5) {
            AuthD.debug.error("Error in populateOrgProfile", e5);
            throw new AuthException(e5);
        } catch (Exception e6) {
            AuthD.debug.error("Error in populateOrgProfile", e6);
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
    }

    public void setSubject(Subject subject) {
        this.subject = subject;
    }

    public Subject getSubject() {
        return this.subject;
    }

    public int getMaxSession() {
        return this.maxSession;
    }

    public int getIdleTime() {
        return this.idleTime;
    }

    public int getCacheTime() {
        return this.cacheTime;
    }

    public String getUserDN(String str) {
        this.token = str;
        this.userDN = tokenToDN(str);
        return this.userDN;
    }

    public String getUserDN() {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("getUserDN: ").append(this.userDN).toString());
        }
        return this.userDN;
    }

    public int getAuthLevel() {
        return this.authLevel;
    }

    public void setClient(String str) {
        this.client = str;
    }

    public String getClient() {
        if (this.client != null) {
            return this.client;
        }
        String str = "";
        try {
            String str2 = null;
            if (this.requestHash != null) {
                str2 = (String) this.requestHash.get("client");
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("getClient : servletRequest is : ").append(this.client).toString());
                AuthD.debug.message(new StringBuffer().append("getClient : cli is : ").append(str2).toString());
            }
            if ((str2 == null || str2.equals("")) && this.servletRequest != null) {
                str = this.servletRequest.getRemoteAddr();
            }
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error getting clienty Type ", e);
            }
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Client is : ").append(str).toString());
        }
        this.client = str;
        return str;
    }

    public String tokenToDN(String str) {
        try {
            String lowerCase = str.toLowerCase();
            int indexOf = lowerCase.indexOf("|");
            if (indexOf != -1) {
                lowerCase = lowerCase.substring(0, indexOf);
            }
            if (Misc.isDescendantOf(lowerCase, this.orgDN)) {
                return lowerCase;
            }
            if (lowerCase.startsWith(ISAuthConstants.APPLICATION_USER_PREFIX.toLowerCase())) {
                return new StringBuffer().append("cn=").append(str).append(",ou=DSAME Users,").append(rootSuffix).toString();
            }
            if (ad.isSuperAdmin(lowerCase)) {
                return lowerCase;
            }
            String str2 = lowerCase;
            if (DN.isDN(lowerCase)) {
                str2 = LDAPDN.explodeDN(lowerCase, true)[0];
            }
            StringBuffer stringBuffer = new StringBuffer(200);
            stringBuffer.append(this.userNamingAttr).append("=").append(str2).append(",").append(this.userContainerDN);
            this.dnByUserContainer = true;
            String stringBuffer2 = stringBuffer.toString();
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("token=").append(str).append(", id=").append(str2).append(", DN=").append(stringBuffer2).toString());
            }
            return stringBuffer2;
        } catch (Exception e) {
            AuthD.debug.error(new StringBuffer().append("tokenToDN : ").append(e.getMessage()).toString());
            return str;
        }
    }

    public String getClientType() {
        if (this.clientType == null) {
            if (this.servletRequest != null) {
                this.clientType = ad.getClientType(this.servletRequest);
            } else {
                this.clientType = ad.getDefaultClient();
            }
        }
        return this.clientType;
    }

    public boolean activateSession(Subject subject) {
        try {
            this.subject = addSSOTokenPrincipal(subject);
            if (this.userName != null) {
                this.token = this.userName;
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("activateSession - Token is : ").append(this.token).toString());
                AuthD.debug.message(new StringBuffer().append("activateSession - userDN is : ").append(this.userDN).toString());
            }
            setSessionProperties(this.sess);
            try {
                boolean activate = this.sess.activate(this.userDN);
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("Activating session: ").append(this.sess).toString());
                }
                return activate;
            } catch (Exception e) {
                return false;
            }
        } catch (AuthException e2) {
            AuthD.debug.error("Error activating session: ");
            return false;
        }
    }

    public void setSessionProperties(InternalSession internalSession) throws AuthException {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("LoginState getSession = ").append(internalSession).append(" \nrequest token = ").append(this.token).toString());
        }
        if (this.token == null) {
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
        if (this.principalList == null) {
            getTokenFromPrincipal(this.subject);
        }
        addSidToPrincipalList();
        this.clientType = getClientType();
        this.client = getClient();
        if (this.cookieSupported) {
            this.cookieSupport = "true";
        } else {
            this.cookieSupport = "false";
        }
        if (this.userDN == null) {
            this.userDN = getUserDN(this.token);
        }
        if (this.userId == null) {
            if (DN.isDN(this.token)) {
                this.userId = DNtoName(this.token);
            } else {
                this.userId = this.token;
            }
        }
        String str = null;
        if (this.oldAuthContext != null) {
            str = AuthUtils.getLoginState(this.oldAuthContext).getUserDN();
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("userDN is : ").append(this.userDN).toString());
            AuthD.debug.message(new StringBuffer().append("oldUserDN is : ").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("sessonUpgrade is : ").append(this.sessionUpgrade).toString());
        }
        if (this.sessionUpgrade && str != null && this.userDN.equalsIgnoreCase(str)) {
            sessionUpgrade();
        } else {
            this.sessionUpgrade = false;
        }
        String str2 = null;
        try {
            str2 = SAMLUtils.dateToString(new Date());
        } catch (ParseException e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error getting authInstant ", e);
            }
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("setSessionProperties userDN = ").append(this.userDN).append("\n").append("client = ").append(this.client).append("\n").append("orgDN = ").append(this.orgDN).append("\n").append("locale = ").append(this.localeContext.getLocale()).append("\n").append("charset = ").append(this.localeContext.getMIMECharset()).append("\n").append("idleTime = ").append(this.idleTime).append("\n").append("cacheTime = ").append(this.cacheTime).append("\n").append("maxSession = ").append(this.maxSession).append("\n").append("authLevel = ").append(this.authLevel).append("\n").append("authMethName = ").append(this.authMethName).append("\n").append("Subject = ").append(this.subject.toString()).append("\n").append("cookieSupport = ").append(this.cookieSupport).append("\n").append("principals= ").append(this.principalList).append("\n").append("IndexType= ").append(this.indexType).append("\n").append("AuthInstant = ").append(str2).toString());
        }
        try {
            if (this.token.startsWith(ISAuthConstants.APPLICATION_USER_PREFIX)) {
                AuthD.debug.message("setSessionProperties for non-expiring service");
                internalSession.setClientID(this.token);
                internalSession.setExpire(false);
                internalSession.setType(1);
            } else {
                AuthD.debug.message("request: in putProperty stuff");
                internalSession.setClientID(this.userDN);
                internalSession.setMaxSessionTime(this.maxSession);
                internalSession.setMaxIdleTime(this.idleTime);
                internalSession.setMaxCachingTime(this.cacheTime);
            }
            internalSession.setClientDomain(this.orgDN);
            internalSession.setType(0);
            if (this.client != null) {
                internalSession.putProperty(ISAuthConstants.HOST, this.client);
            }
            if (!this.sessionUpgrade) {
                internalSession.putProperty("AuthLevel", new Integer(this.authLevel).toString());
                internalSession.putProperty("AuthType", this.authMethName);
            }
            internalSession.putProperty("Principal", this.userDN);
            internalSession.putProperty("UserId", this.token);
            internalSession.putProperty("UserToken", DNtoName(this.token));
            internalSession.putProperty("Organization", this.orgDN);
            internalSession.putProperty(AMAdminConstants.SSO_TOKEN_LOCALE_ATTRIBUTE_NAME, this.localeContext.getLocale().toString());
            internalSession.putProperty("CharSet", this.localeContext.getMIMECharset());
            internalSession.putProperty("clientType", this.clientType);
            internalSession.putProperty(ISAuthConstants.COOKIE_SUPPORT_PROPERTY, this.cookieSupport);
            internalSession.putProperty("authInstant", str2);
            internalSession.putProperty("Principals", this.principalList);
            if (this.indexType != null) {
                internalSession.putProperty("IndexType", this.indexType.toString());
            }
            if (this.loginURL != null) {
                int indexOf = this.loginURL.indexOf("?");
                String str3 = this.loginURL;
                if (indexOf != -1) {
                    str3 = this.loginURL.substring(0, indexOf);
                }
                internalSession.putProperty("loginURL", str3);
            }
            if (this.indexType == AuthContext.IndexType.ROLE && this.indexName != null && !this.sessionUpgrade) {
                internalSession.putProperty(IFSConstants.AC_ROLE, this.indexName);
            }
            if (this.indexType == AuthContext.IndexType.SERVICE && this.indexName != null && !this.sessionUpgrade) {
                internalSession.putProperty("Service", this.indexName);
            }
        } catch (Exception e2) {
            AuthD.debug.error("Exception in setSession ", e2);
            throw new AuthException(e2);
        }
    }

    public boolean getInetDomainStatus() {
        return this.inetDomainStatus;
    }

    public void setQueryOrg(String str) {
        this.queryOrg = str;
    }

    public String getQueryOrg() {
        return this.queryOrg;
    }

    public String getLocale() {
        return this.isRemote ? AuthD.platLocale : this.localeContext.getLocale().toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void destroySession() {
        if (this.sess != null) {
            SessionID id = this.sess.getID();
            ad.destroySession(id);
            this.sid = null;
            this.sess = null;
            AuthUtils.removeSessionFromHash(id);
        }
    }

    String DNtoName(String str) {
        int indexOf = str.indexOf("=");
        int indexOf2 = str.indexOf(",");
        return indexOf2 == -1 ? str.substring(indexOf + 1).trim() : str.substring(indexOf + 1, indexOf2).trim();
    }

    public void persistentCookieArgExists() {
        String str = (String) this.requestHash.get("iPSPCookie");
        if (str == null || str.equals("")) {
            return;
        }
        if (str.equalsIgnoreCase("yes")) {
            this.persistentCookieOn = true;
        } else {
            this.persistentCookieOn = false;
        }
    }

    public SessionID getSid() {
        return this.sess.getID();
    }

    public String getUserDomain(HttpServletRequest httpServletRequest, SessionID sessionID, Hashtable hashtable) {
        String str = null;
        try {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            SSOToken createSSOToken = sSOTokenManager.createSSOToken(httpServletRequest);
            if (!this.sessionUpgrade && !hashtable.isEmpty() && sSOTokenManager.isValidToken(createSSOToken)) {
                str = createSSOToken.getProperty("Organization");
                AuthD.debug.message("User org from existing valid session");
            }
        } catch (Exception e) {
            AuthD.debug.message(new StringBuffer().append("ERROR in getUserDomain - ").append(e.toString()).toString());
        }
        if (str == null) {
            str = (!AuthUtils.newSessionArgExists(hashtable, sessionID) || sessionID.toString().length() <= 0) ? ad.getDomainNameByRequest(httpServletRequest, hashtable) : sessionID.getSessionDomain();
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("returning from getUserDomain : ").append(str).toString());
        }
        return str;
    }

    public AuthContextLocal createAuthContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SessionID sessionID, Hashtable hashtable) throws AuthException {
        StringBuffer stringBuffer = new StringBuffer(serviceURI);
        String decodedQueryString = getDecodedQueryString(hashtable, httpServletRequest.getQueryString());
        if (decodedQueryString != null && !decodedQueryString.equals("")) {
            stringBuffer.append("?");
            stringBuffer.append(decodedQueryString);
        }
        this.loginURL = stringBuffer.toString();
        this.localeContext.setLocale(httpServletRequest);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("locale : ").append(this.localeContext.getLocale()).toString());
        }
        this.userOrg = getUserDomain(httpServletRequest, sessionID, hashtable);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("createAuthContext: userOrg is : ").append(this.userOrg).toString());
        }
        if (this.userOrg == null || this.userOrg.equals("")) {
            AuthD.debug.message("domain is null, error condtion");
            logFailed(ad.bundle.getString("invalidDomain"));
            throw new AuthException(AMAuthErrorCode.AUTH_INVALID_DOMAIN, null);
        }
        AuthD.debug.message("AuthUtil:getAuthContext:Creating new AuthContextLocal & LoginState");
        AuthContextLocal authContextLocal = new AuthContextLocal(this.userOrg);
        this.requestType = true;
        this.servletRequest = httpServletRequest;
        this.servletResponse = httpServletResponse;
        this.requestHash = hashtable;
        this.client = getClient();
        this.sid = sessionID;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("requestType : ").append(this.requestType).toString());
            AuthD.debug.message(new StringBuffer().append("client : ").append(this.client).toString());
            AuthD.debug.message(new StringBuffer().append("sid : ").append(sessionID).toString());
        }
        try {
            createSession(httpServletRequest, authContextLocal);
            this.cookieSupport = ad.getCookieSupport(getClientType());
            this.cookieDetect = ad.getCookieDetect(this.cookieSupport);
            if (this.cookieSupport != null && this.cookieSupport.equals("false")) {
                this.cookieSupported = false;
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("cookieSupport is : ").append(this.cookieSupport).toString());
                AuthD.debug.message(new StringBuffer().append("cookieDetect is .. : ").append(this.cookieDetect).toString());
                AuthD.debug.message(new StringBuffer().append("cookieSupported is .. : ").append(this.cookieSupported).toString());
            }
            if (ad.isClientDetectionEnabled() && this.cookieDetect) {
                this.cookieSet = true;
            }
            setGoToURL();
            setGoToOnFailURL();
            persistentCookieArgExists();
            populateOrgProfile();
            return authContextLocal;
        } catch (Exception e) {
            AuthD.debug.error("Exception creating session .. :", e);
            throw new AuthException(e);
        }
    }

    boolean createSession(HttpServletRequest httpServletRequest, AuthContextLocal authContextLocal) throws AuthException {
        String orgDN = getOrgDN();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("LoginState: createSession: orgDN is.. :").append(orgDN).toString());
        }
        HttpSession httpSession = null;
        if (httpServletRequest != null && isHttpSessionEnabled) {
            httpSession = httpServletRequest.getSession(true);
        }
        AuthD.debug.message("LoginState: createSession: Creating new session: ");
        InternalSession newSession = ad.newSession(orgDN, httpSession);
        if (newSession == null) {
            AuthD.debug.error("Session is null");
            throw new AuthException(AMAuthErrorCode.AUTH_MAX_SESSION_REACHED, null);
        }
        SessionID id = newSession.getID();
        this.sid = id;
        AuthUtils.authContextHash.put(id, authContextLocal);
        this.sess = newSession;
        if (!AuthD.debug.messageEnabled()) {
            return true;
        }
        AuthD.debug.message(new StringBuffer().append("AuthUtil: createSession: New session: sid=").append(id).toString());
        AuthD.debug.message(new StringBuffer().append("Sess is. :").append(newSession).toString());
        return true;
    }

    public SSOToken getSSOToken() throws SSOException {
        if (this.ssoToken != null) {
            return this.ssoToken;
        }
        if (this.sess != null && this.sess.getState() == 2) {
            return null;
        }
        try {
            this.ssoManager = SSOTokenManager.getInstance();
            this.ssoToken = this.ssoManager.createSSOToken(this.sess.getID().toString());
            return this.ssoToken;
        } catch (SSOException e) {
            AuthD.debug.error("Error retrieving SSOToken :", e);
            throw new SSOException("amAuth", AMAuthErrorCode.AUTH_ERROR, null);
        }
    }

    public String encodeURL(String str, HttpServletResponse httpServletResponse) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message("in encodeURL");
            AuthD.debug.message(new StringBuffer().append("cookieDetect : ").append(this.cookieDetect).toString());
            AuthD.debug.message(new StringBuffer().append("cookieSupported : ").append(this.cookieSupported).toString());
        }
        if ((this.cookieDetect || !this.cookieSupported) && this.sess != null) {
            String encodeURL = urlRewriteInPath ? this.sess.encodeURL(str, (short) 2, false) : this.sess.encodeURL(httpServletResponse, str);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("AuthRequest encodeURL : URL=").append(str).append(", Rewritten URL=").append(encodeURL).toString());
            }
            return encodeURL;
        }
        return str;
    }

    public String getFileName(String str) {
        return getFileName(str, null);
    }

    public String getFileName(String str, String str2) {
        String locale = this.localeContext.getLocale().toString();
        String clientType = getClientType();
        String str3 = "/default";
        if (str2 == null) {
            str2 = templateDir == null ? getTemplateDir() : templateDir;
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Client Type is : ").append(clientType).toString());
        }
        String orgName = getOrgName();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("org is : ").append(orgName).toString());
        }
        if (orgName != null) {
            String DNtoName = DNtoName(rootSuffix);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("rootOrgName is : ").append(DNtoName).toString());
            }
            if (DNtoName != null) {
                str3 = new StringBuffer().append("/").append(DNtoName).toString();
            }
        }
        try {
            String str4 = null;
            if (this.orgDN != null && this.orgDN != rootSuffix && this.orgDN.endsWith(rootSuffix)) {
                int length = this.orgDN.length() - rootSuffix.length();
                if (length > 0) {
                    str4 = this.orgDN.substring(0, length - 1);
                }
            }
            String filePath = getFilePath();
            String orgFilePath = getOrgFilePath(str4);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Calling FileLookup : filename=").append(str).append(", domain=").append(str3).append(", locale : ").append(locale).append(", filePath=").append(filePath).append(", filename=").append(str).append(", templateDir=").append(str2).append(", orgPath : ").append(orgFilePath).toString());
            }
            File file = null;
            if (!clientType.equals(ad.getDefaultClient())) {
                file = FileLookup.getFirstExisting(str3, this.localeContext.getLocale().toString(), null, orgFilePath, filePath, getCharsetFileName(str), str2, true);
            }
            if (file == null) {
                file = FileLookup.getFirstExisting(str3, locale, null, orgFilePath, filePath, str, str2, true);
            }
            String path = file.getPath();
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("File is.. ").append(path).toString());
            }
            return path;
        } catch (FileLookupException e) {
            if (AuthD.debug.warningEnabled()) {
                AuthD.debug.warning("File Lookup Exception", e);
            }
            return new StringBuffer().append(str2).append("/").append(DSConfigMgr.DEFAULT).append("/").append(str).toString();
        } catch (Exception e2) {
            if (AuthD.debug.warningEnabled()) {
                AuthD.debug.warning("Exception in getFileName", e2);
            }
            return new StringBuffer().append(str2).append("/").append(DSConfigMgr.DEFAULT).append("/").append(str).toString();
        }
    }

    private String getCharsetFileName(String str) {
        String mIMECharset = this.localeContext.getMIMECharset();
        if (str == null) {
            return null;
        }
        int indexOf = str.indexOf(".");
        String stringBuffer = indexOf != -1 ? new StringBuffer().append(str.substring(0, indexOf)).append("_").append(mIMECharset).append(str.substring(indexOf)).toString() : new StringBuffer().append(str).append("_").append(mIMECharset).toString();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("charsetFilename is : ").append(stringBuffer).toString());
        }
        return stringBuffer;
    }

    public boolean createUserProfile(String str, Set set) {
        Set createUsers;
        this.userName = str;
        try {
            if (!this.dynamicProfileCreation) {
                AuthD.debug.message("Error this user requires a profile to login");
                return false;
            }
            if (isApplicationModule()) {
                AuthD.debug.message("No profile created for Application module");
                return false;
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Creating user entry: ").append(str).toString());
                AuthD.debug.message(new StringBuffer().append("aliasList : ").append(set).toString());
            }
            AMPeopleContainer peopleContainer = ad.getPeopleContainer(this.userContainerDN);
            HashSet hashSet = new HashSet();
            String DNtoName = DN.isDN(str) ? DNtoName(str) : str;
            hashSet.add(DNtoName);
            if (this.userCreationAttributes == null) {
                createUsers = peopleContainer.createUsers(hashSet);
            } else {
                HashMap hashMap = new HashMap();
                hashMap.put(DNtoName, this.userCreationAttributes);
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("userMap is : ").append(hashMap).toString());
                }
                createUsers = peopleContainer.createUsers(hashMap);
            }
            AMUser aMUser = (AMUser) createUsers.iterator().next();
            if (this.defaultRoles != null && !this.defaultRoles.isEmpty()) {
                for (String str2 : this.defaultRoles) {
                    if (Misc.isDescendantOf(str2, this.orgDN)) {
                        try {
                            if (str2.length() != 0) {
                                aMUser.assignRole(str2);
                            }
                        } catch (Exception e) {
                            AuthD.debug.message("createUserProfile():invalid role: ", e);
                        }
                    } else {
                        AuthD.debug.error(new StringBuffer().append("createUserProfile: role ").append(str2).append(" does not belong to org ").append(this.orgDN).toString());
                    }
                }
            }
            if (set == null || set.isEmpty()) {
                AuthD.debug.message("Aliast list is empty");
            } else {
                AuthD.debug.message("Adding alias list to user profile");
                HashMap hashMap2 = new HashMap();
                if (this.externalAliasList != null && !this.externalAliasList.isEmpty()) {
                    set.addAll(this.externalAliasList);
                }
                hashMap2.put(USER_ALIAS_ATTR, set);
                aMUser.setAttributes(hashMap2);
                aMUser.store();
            }
            this.userDN = aMUser.getDN();
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Newly created USER DN is : ").append(this.userDN).toString());
            }
            populateUserAttributes(aMUser.getAttributes(), true);
            return true;
        } catch (Exception e2) {
            AuthD.debug.error(new StringBuffer().append("Cannot create user profile for: ").append(str).toString());
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD.debug.message("Stack trace: ", e2);
            return false;
        }
    }

    void populateUserAttributes(Map map, boolean z) throws AMException {
        this.userPostLoginClassName = Misc.getMapAttr(map, ACModelBase.AUTH_REDIRECT_URL_KEY);
        if (!z) {
            this.userFailureURLSet = (Set) map.get("iplanet-am-user-failure-url");
            this.clientUserFailureURL = getRedirectUrl(this.userFailureURLSet);
            this.defaultUserFailureURL = this.tempDefaultURL;
            this.failureRoleURLSet = (Set) map.get(ACModelBase.AUTH_FAIL_URL_KEY);
            this.clientFailureRoleURL = getRedirectUrl(this.failureRoleURLSet);
            this.defaultFailureRoleURL = this.tempDefaultURL;
            return;
        }
        if (((Set) map.get("iplanet-am-auth-user-modules")) == null) {
            Set set = Collections.EMPTY_SET;
        }
        this.maxSession = Misc.getIntMapAttr(map, ISAuthConstants.MAX_SESSION_TIME, ad.getDefaultMaxSessionTime(), AuthD.debug);
        this.idleTime = Misc.getIntMapAttr(map, ISAuthConstants.SESS_MAX_IDLE_TIME, ad.getDefaultMaxIdleTime(), AuthD.debug);
        this.cacheTime = Misc.getIntMapAttr(map, ISAuthConstants.SESS_MAX_CACHING_TIME, ad.getDefaultMaxCachingTime(), AuthD.debug);
        String mapAttr = Misc.getMapAttr(map, "inetuserstatus", "active");
        String mapAttr2 = Misc.getMapAttr(map, "iplanet-am-user-login-status", "active");
        String mapAttr3 = Misc.getMapAttr(map, "nsaccountlock", "false");
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("nsaccountlock is : ").append(mapAttr3).toString());
        }
        if (!mapAttr2.equalsIgnoreCase("active") || !mapAttr.equalsIgnoreCase("active") || !mapAttr3.equalsIgnoreCase("false")) {
            this.userEnabled = false;
        }
        this.localeContext.setUserLocale(Misc.getMapAttr(map, "preferredlocale", null));
        this.userAliasList = (Set) map.get(USER_ALIAS_ATTR);
        if (this.aliasAttrNames != null && !this.aliasAttrNames.isEmpty()) {
            Iterator it = this.aliasAttrNames.iterator();
            while (it.hasNext()) {
                Set set2 = (Set) map.get((String) it.next());
                if (set2 != null) {
                    if (this.userAliasList == null) {
                        this.userAliasList = new HashSet();
                    }
                    this.userAliasList.addAll(set2);
                }
            }
        }
        this.accountLife = Misc.getMapAttr(map, "iplanet-am-user-account-life");
        this.userSuccessURLSet = (Set) map.get("iplanet-am-user-success-url");
        this.clientUserSuccessURL = getRedirectUrl(this.userSuccessURLSet);
        this.defaultUserSuccessURL = this.tempDefaultURL;
        this.successRoleURLSet = (Set) map.get(ACModelBase.AUTH_SUCCESS_URL_KEY);
        this.clientSuccessRoleURL = getRedirectUrl(this.successRoleURLSet);
        this.defaultSuccessRoleURL = this.tempDefaultURL;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Populate User attributes\n  idle->").append(this.idleTime).append("\n  cache->").append(this.cacheTime).append("\n  max->").append(this.maxSession).append("\n  userLoginEnabled->").append(this.userEnabled).append("\n  charset->").append(this.localeContext.getMIMECharset()).append("\n  locale->").append(this.localeContext.getLocale().toString()).append("\n  userAlias->  :").append(this.userAliasList).append("\n  userSuccessURLSet-> :").append(this.userSuccessURLSet).append("\n  clientUserSuccessURL->  :").append(this.clientUserSuccessURL).append("\n  defaultUserSuccessURL->  :").append(this.defaultUserSuccessURL).append("\n  userFailureURLSet-> :").append(this.userFailureURLSet).append("\n  clientUserFailureURL->  :").append(this.clientUserFailureURL).append("\n  defaultUserFailureURL->  :").append(this.defaultUserFailureURL).append("\n  clientSuccessRoleURL ->  :").append(this.clientSuccessRoleURL).append("\n  defaultSuccessRoleURL ->  :").append(this.defaultSuccessRoleURL).append("\n  clientFailureRoleURL ->  :").append(this.clientFailureRoleURL).append("\n  defaultFailureRoleURL ->  :").append(this.defaultFailureRoleURL).append("\n  userPostLoginClassName -> : ").append(this.userPostLoginClassName).append("\n  accountLife->").append(this.accountLife).toString());
        }
    }

    public boolean getUserProfile(String str, boolean z) throws AuthException {
        try {
            return getUserProfile(str, z, true);
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("getUserProfile(string,boolean)", e);
            }
            throw new AuthException(e);
        }
    }

    public boolean getUserProfile(String str, boolean z, boolean z2) throws AuthException {
        if (str == null || str.length() == 0) {
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
        this.dnByUserContainer = false;
        this.userDN = tokenToDN(str);
        this.userId = str;
        try {
        } catch (Exception e) {
            if (ad.isSuperAdmin(str)) {
                AuthD.debug.message("User is in the super admin list, no profile is ok");
                return false;
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("No profile for user in default container", e);
            }
        }
        if (!getUser) {
            if (!z) {
                return true;
            }
            populateDefaultUserAttributes();
            return true;
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Getting user profile: ").append(this.userDN).toString());
        }
        if (!this.nullUserContainerDN || !this.dnByUserContainer) {
            this.amUser = ad.getSDK().getUser(this.userDN);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("amUser is.. :").append(this.amUser).toString());
            }
            if (!z) {
                return true;
            }
            populateUserAttributes(this.amUser.getAttributes(userAttributes), z2);
            return true;
        }
        try {
            AMPeopleContainer peopleContainer = ad.getSDK().getPeopleContainer(this.userContainerDN);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Search ").append(this.userContainerDN).append(" for user ").append(str).toString());
            }
            AMSearchControl aMSearchControl = new AMSearchControl();
            aMSearchControl.setSearchScope(2);
            Set mergeSet = mergeSet(this.aliasAttrNames, userAttributes);
            aMSearchControl.setReturnAttributes(mergeSet);
            aMSearchControl.setMaxResults(2);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("alias attr=").append(this.aliasAttrNames).append(", attr=").append(userAttributes).append(",merge=").append(mergeSet).toString());
            }
            String str2 = str;
            if (DN.isDN(str)) {
                str2 = DNtoName(str);
            }
            AMSearchResults searchUsers = this.aliasAttrNames == null ? peopleContainer.searchUsers(str2, aMSearchControl) : peopleContainer.searchUsers("*", aMSearchControl, constructFilter(toAvPairMap(this.aliasAttrNames, str2)));
            if (searchUsers == null) {
                if (!AuthD.debug.messageEnabled()) {
                    return false;
                }
                AuthD.debug.message(new StringBuffer().append("No user Profile found for ").append(str2).toString());
                return false;
            }
            Map resultAttributes = searchUsers.getResultAttributes();
            if (resultAttributes == null || resultAttributes.isEmpty()) {
                return false;
            }
            if (resultAttributes.size() > 1) {
                AuthD.debug.error(new StringBuffer().append("getUserProfile : Multiple matches found for user '").append(this.userId).append("' in org ").append(this.orgDN).append("\nPlease make sure user is unique within the login ").append("organization, and contact your admin to fix the problem").toString());
                throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
            }
            String str3 = (String) resultAttributes.keySet().iterator().next();
            this.amUser = ad.getSDK().getUser(str3);
            this.userDN = this.amUser.getDN();
            this.userId = DNtoName(this.userDN);
            setToken(this.userId);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("userDN is : ").append(this.userDN).toString());
                AuthD.debug.message(new StringBuffer().append("userID(token) is : ").append(this.userId).toString());
                AuthD.debug.message(new StringBuffer().append("token is : ").append(str).toString());
            }
            if (!z) {
                return true;
            }
            populateUserAttributes((Map) resultAttributes.get(str3), z2);
            return true;
        } catch (AMException e2) {
            AuthD.debug.error(new StringBuffer().append("No aliases for: ").append(this.aliasAttrNames).append("=").append(str).toString());
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD.debug.message("Stack trace: ", e2);
            return false;
        } catch (SSOException e3) {
            AuthD.debug.error("SSOException");
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD.debug.message("Stack trace: ", e3);
            return false;
        }
    }

    public void populateDefaultUserAttributes() throws AMException {
        try {
            this.maxSession = Integer.parseInt(ad.getDefaultMaxSessionTime());
        } catch (Exception e) {
            this.maxSession = 120;
        }
        try {
            this.idleTime = Integer.parseInt(ad.getDefaultMaxIdleTime());
        } catch (Exception e2) {
            this.idleTime = 30;
        }
        try {
            this.cacheTime = Integer.parseInt(ad.getDefaultMaxCachingTime());
        } catch (Exception e3) {
            this.cacheTime = 3;
        }
        this.userEnabled = true;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Populate Default User attributes\n  idle->").append(this.idleTime).append("\n  cache->").append(this.cacheTime).append("\n  max->").append(this.maxSession).append("\n  userLoginEnabled->").append(this.userEnabled).append("\n  clientUserSuccessURL ->").append(this.clientUserSuccessURL).append("\n  defaultUserSuccessURL ->").append(this.defaultUserSuccessURL).append("\n  clientUserFailureURL ->").append(this.clientUserFailureURL).append("\n  defaultUserFailureURL ->").append(this.defaultUserFailureURL).append("\n  clientSuccessRoleURL ->").append(this.clientSuccessRoleURL).append("\n  defaultSuccessRoleURL ->").append(this.defaultSuccessRoleURL).append("\n  clientFailureRoleURL ->").append(this.clientFailureRoleURL).append("\n  defaultFailureRoleURL ->").append(this.defaultFailureRoleURL).append("\n  userPostLoginClassName ->").append(this.userPostLoginClassName).append("\n  charset->").append(this.localeContext.getMIMECharset()).append("\n  locale->").append(this.localeContext.getLocale().toString()).toString());
        }
    }

    public boolean searchUserProfile(Subject subject, AuthContext.IndexType indexType, String str) throws AuthException {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message("in searchUserProfile");
            AuthD.debug.message(new StringBuffer().append("indexType is.. :").append(indexType).toString());
            AuthD.debug.message(new StringBuffer().append("indexName is.. :").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("Subject is.. :").append(subject).toString());
            AuthD.debug.message(new StringBuffer().append("token is.. :").append(this.token).toString());
            AuthD.debug.message(new StringBuffer().append("tokenSet is.. :").append(this.tokenSet).toString());
            AuthD.debug.message(new StringBuffer().append("pCookieUserName is.. :").append(this.pCookieUserName).toString());
        }
        try {
            this.tokenSet = getTokenFromPrincipal(subject);
            Iterator it = this.tokenSet.iterator();
            boolean z = true;
            if (this.ignoreUserProfile || isApplicationModule()) {
                if (this.tokenSet.size() == 1) {
                    this.token = this.principalList;
                } else {
                    this.token = this.principalList.substring(0, this.principalList.indexOf("|"));
                }
                if (DN.isDN(this.token)) {
                    this.userId = DNtoName(this.token);
                    this.userDN = this.token;
                } else {
                    this.userId = this.token;
                    this.userDN = getUserDN(this.token);
                }
                populateDefaultUserAttributes();
                return true;
            }
            if (indexType == AuthContext.IndexType.USER || this.pCookieUserName != null) {
                if (this.token == null && this.pCookieUserName != null) {
                    this.token = this.pCookieUserName;
                }
                if (this.token == null) {
                    return false;
                }
                Map searchUserAliases = searchUserAliases(this.token, this.tokenSet, new HashMap());
                this.token = str;
                if (!checkAliasList(searchUserAliases)) {
                    throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
                }
            } else {
                if (this.tokenSet.isEmpty()) {
                    AuthD.debug.message("tokenset empty");
                    throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
                }
                if (this.tokenSet.size() == 1) {
                    AuthD.debug.message("tokenset size is 1");
                    this.token = (String) it.next();
                    if (AuthD.debug.messageEnabled()) {
                        AuthD.debug.message(new StringBuffer().append("principal is : ").append(this.principalList).toString());
                    }
                    z = getCreateUserProfile(this.principalList, true);
                    if (!this.userEnabled) {
                        throw new AuthException(AMAuthErrorCode.AUTH_USER_INACTIVE, null);
                    }
                    if (ad.isSuperAdmin(this.principalList)) {
                        this.userDN = this.principalList;
                        return true;
                    }
                    if (z && indexType == AuthContext.IndexType.ROLE) {
                        boolean userForRole = getUserForRole(getRoleDN(str, this.orgDN));
                        if (AuthD.debug.messageEnabled()) {
                            AuthD.debug.message(new StringBuffer().append("userRoleFound: ").append(userForRole).toString());
                        }
                        if (!userForRole) {
                            throw new AuthException(AMAuthErrorCode.AUTH_USER_NOT_FOUND, null);
                        }
                    }
                } else {
                    AuthD.debug.message("came here !! multiple modules , users ");
                    z = false;
                    HashMap hashMap = new HashMap();
                    HashMap hashMap2 = new HashMap();
                    Map hashMap3 = new HashMap();
                    HashMap hashMap4 = new HashMap();
                    Boolean bool = Boolean.FALSE;
                    String str2 = null;
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        this.token = (String) it.next();
                        if (AuthD.debug.messageEnabled()) {
                            AuthD.debug.message(new StringBuffer().append("BEGIN WHILE: Token is.. : ").append(this.token).toString());
                        }
                        z = getUserProfile(this.token, true);
                        hashMap4.put(this.token, new Boolean(z));
                        if (AuthD.debug.messageEnabled()) {
                            AuthD.debug.message(new StringBuffer().append("gotUserProfile : ").append(z).toString());
                        }
                        if (ad.isSuperAdmin(tokenToDN(this.token))) {
                            this.hasAdminToken = true;
                            str2 = this.token;
                            break;
                        }
                        if (z) {
                            hashMap.put(this.token, new Boolean(this.userEnabled));
                            if (indexType == AuthContext.IndexType.ROLE) {
                                hashMap2.put(this.token, new Boolean(getUserForRole(getRoleDN(str, this.orgDN))));
                            }
                            if (hashMap3.isEmpty() || hashMap3.containsValue(bool)) {
                                hashMap3 = searchUserAliases(this.token, this.tokenSet, hashMap3);
                                str2 = this.token;
                            }
                        }
                    }
                    if (AuthD.debug.messageEnabled()) {
                        AuthD.debug.message(new StringBuffer().append("Alias Token is : ").append(str2).toString());
                        AuthD.debug.message(new StringBuffer().append("Token is : ").append(this.token).toString());
                    }
                    if (str2 != null) {
                        this.token = str2;
                    }
                    if (!this.hasAdminToken) {
                        boolean userEnabled = getUserEnabled(hashMap);
                        if (!userEnabled) {
                            throw new AuthException(AMAuthErrorCode.AUTH_USER_INACTIVE, null);
                        }
                        if (indexType == AuthContext.IndexType.ROLE) {
                            boolean userRoleFound = getUserRoleFound(hashMap2);
                            if (!userRoleFound) {
                                throw new AuthException(AMAuthErrorCode.AUTH_USER_NOT_FOUND, null);
                            }
                            if (AuthD.debug.messageEnabled()) {
                                AuthD.debug.message(new StringBuffer().append("userRoleFound: ").append(userRoleFound).toString());
                            }
                        }
                        boolean foundUserAlias = getFoundUserAlias(hashMap3);
                        z = getGotUserProfile(hashMap4);
                        if (AuthD.debug.messageEnabled()) {
                            AuthD.debug.message(new StringBuffer().append("gotUserProfile : ").append(z).toString());
                            AuthD.debug.message(new StringBuffer().append("foundUserAlias: ").append(foundUserAlias).toString());
                            AuthD.debug.message(new StringBuffer().append("userEnabled : ").append(userEnabled).toString());
                        }
                        if (z && !foundUserAlias) {
                            if (!this.dynamicProfileCreation) {
                                throw new AuthException(AMAuthErrorCode.AUTH_LOGIN_FAILED, null);
                            }
                            if (AuthD.debug.messageEnabled()) {
                                AuthD.debug.message(new StringBuffer().append("dynamicProfileCreation : ").append(this.dynamicProfileCreation).toString());
                                AuthD.debug.message(new StringBuffer().append("foundUserAliasMap : ").append(hashMap3).toString());
                                AuthD.debug.message(new StringBuffer().append("foundUserAliasMap : ").append(foundUserAlias).toString());
                            }
                            addAliasToUserProfile(this.token, hashMap3);
                        }
                        if (!z) {
                            z = createUserProfileForTokens(this.tokenSet, hashMap4);
                        }
                    }
                }
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("LoginState:searchUserProfile:returning: ").append(z).toString());
            }
            return z;
        } catch (AuthException e) {
            throw new AuthException(e);
        } catch (Exception e2) {
            AuthD.debug.error("Error retrieving profile", e2);
            throw new AuthException(e2);
        }
    }

    boolean getCreateUserProfile(String str, boolean z) throws AuthException {
        boolean z2 = true;
        boolean userProfile = getUserProfile(str, z);
        boolean isSuperAdmin = ad.isSuperAdmin(str);
        if (!userProfile && !isSuperAdmin && !createUserProfile(str, null)) {
            z2 = false;
        }
        return z2;
    }

    boolean createUserProfileForTokens(Set set, Map map) {
        HashSet hashSet = new HashSet();
        String str = null;
        Iterator it = set.iterator();
        while (it.hasNext()) {
            str = (String) it.next();
            if (ad.isSuperAdmin(str)) {
                break;
            }
            while (it.hasNext()) {
                Object next = it.next();
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("alias list add token:").append((String) next).toString());
                }
                hashSet.add(next);
            }
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Tokens List is.. :").append(hashSet).toString());
        }
        try {
            return createUserProfile(str, hashSet);
        } catch (Exception e) {
            AuthD.debug.error(new StringBuffer().append("Cannot create user profile for: ").append(str).toString());
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD.debug.message("Stack trace: ", e);
            return false;
        }
    }

    Map searchUserAliases(String str, Set set, Map map) {
        String str2 = str;
        if (DN.isDN(str)) {
            str2 = DNtoName(str);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("userAliastList is.. :").append(this.userAliasList).toString());
            AuthD.debug.message(new StringBuffer().append("userTokenDN is.. :").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("userToken is.. :").append(str2).toString());
            AuthD.debug.message(new StringBuffer().append("tokenSet is.. :").append(set).toString());
            AuthD.debug.message(new StringBuffer().append("foundUserAliasMAP is.. :").append(map).toString());
        }
        Iterator it = set.iterator();
        if (set.size() == 1) {
            String str3 = (String) it.next();
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Token name is.. :").append(str3).toString());
                AuthD.debug.message(new StringBuffer().append("User Token is .. :").append(str2).toString());
            }
            if (str3.equals(str2)) {
                map.put(str3, Boolean.TRUE);
            } else if (this.userAliasList == null || this.userAliasList.isEmpty()) {
                map.put(str3, Boolean.FALSE);
            } else if (this.userAliasList.contains(str3)) {
                map.put(str3, Boolean.TRUE);
            } else {
                map.put(str3, Boolean.FALSE);
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("foundUserAliasMap is : ").append(map).toString());
            }
            return map;
        }
        AuthD.debug.message("tokenSet size is not 1");
        if (this.userAliasList != null && !this.userAliasList.isEmpty()) {
            while (it.hasNext()) {
                String str4 = (String) it.next();
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("AuthToken is : ").append(str4).toString());
                    AuthD.debug.message(new StringBuffer().append("userTokenDN is : ").append(str).toString());
                }
                if (str4.equals(str2)) {
                    map.put(str4, Boolean.TRUE);
                } else if (this.userAliasList.contains(str4)) {
                    map.put(str4, Boolean.TRUE);
                } else if (!map.containsKey(str4)) {
                    map.put(str4, Boolean.FALSE);
                }
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("foundUserAliasMap : ").append(map).toString());
            }
            return map;
        }
        if (this.userAliasList != null && this.userAliasList.isEmpty() && set.size() > 1) {
            while (it.hasNext()) {
                String str5 = (String) it.next();
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("token is... : ").append(str5).toString());
                    AuthD.debug.message(new StringBuffer().append("User Token is .. :").append(str2).toString());
                }
                if (!tokenToDN(str5).equals(tokenToDN(str2)) && !map.containsKey(str5)) {
                    map.put(str5, Boolean.FALSE);
                    return map;
                }
            }
            map.put(this.token, Boolean.TRUE);
            return map;
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message("userAliasList has tokens: multiple user tokens");
            AuthD.debug.message(new StringBuffer().append("userAliasList userToken : ").append(str2).toString());
            AuthD.debug.message(new StringBuffer().append("userAliasList tokenSet : ").append(set).toString());
        }
        HashMap hashMap = new HashMap();
        Boolean bool = Boolean.FALSE;
        Boolean bool2 = Boolean.TRUE;
        while (it.hasNext()) {
            Object next = it.next();
            if (this.userAliasList.contains(next)) {
                hashMap.put(next, bool2);
                map.put(next, bool2);
            } else if (!str2.equals((String) next)) {
                hashMap.put(next, bool);
                map.put(next, bool);
            }
        }
        return map;
    }

    Set getTokenFromPrincipal(Subject subject) {
        Set<Principal> principals = subject.getPrincipals();
        StringBuffer stringBuffer = new StringBuffer();
        Iterator<Principal> it = principals.iterator();
        HashSet hashSet = new HashSet();
        while (it.hasNext()) {
            String name = it.next().getName();
            if (name != null && !containsToken(stringBuffer, name)) {
                stringBuffer.append(name).append("|");
            }
            if (DN.isDN(name)) {
                hashSet.add(DNtoName(name));
            } else {
                hashSet.add(name);
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("principal name is... :").append(name).toString());
            }
        }
        String stringBuffer2 = stringBuffer.toString();
        if (stringBuffer2 != null && stringBuffer2.length() > 0) {
            this.principalList = stringBuffer2.substring(0, stringBuffer2.length() - 1);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Principal List is :").append(this.principalList).toString());
        }
        return hashSet;
    }

    public boolean isUserEnabled() {
        return this.userEnabled;
    }

    public void setAuthLevel(String str) {
        if (str == null) {
            this.authLevel = 0;
        } else {
            try {
                this.authLevel = Integer.parseInt(str);
            } catch (NumberFormatException e) {
                this.authLevel = 0;
            }
        }
        if (this.authLevel < this.moduleAuthLevel) {
            this.authLevel = this.moduleAuthLevel;
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("AuthLevel is set to : ").append(this.authLevel).toString());
        }
    }

    public void setAuthRoleName(String str) {
        this.role = str;
    }

    public String getRoleDN(String str, String str2) {
        this.role = str;
        if (this.roleDN == null) {
            this.roleDN = roleToDN(this.role, str2);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Role dn is.. :").append(this.roleDN).toString());
        }
        return this.roleDN;
    }

    String roleToDN(String str, String str2) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("rolename : ").append(str).toString());
        }
        if (str == null) {
            return null;
        }
        String str3 = null;
        try {
            str3 = searchRole(ad.getSDK().getOrganization(str2), str);
        } catch (Exception e) {
            AuthD.debug.error("getRole: Error : ", e);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Role is .. : ").append(str3).toString());
        }
        return str3;
    }

    String searchRole(AMOrganization aMOrganization, String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("in getRoleName org : ").append(aMOrganization).toString());
            AuthD.debug.message(new StringBuffer().append("in getRoleName role: ").append(str).toString());
        }
        String str2 = null;
        try {
            str2 = (String) aMOrganization.searchAllRoles(str, 2).iterator().next();
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error getRoleName : ", e);
            }
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("LoginState:searchRole").append(str2).toString());
        }
        return str2;
    }

    public void setAuthModuleName(String str) {
        if (this.pAuthMethName != null) {
            this.authMethName = new StringBuffer().append(this.pAuthMethName).append("|").append(str).toString();
        } else {
            this.authMethName = str;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x00a6, code lost:
    
        if (r6.equals("") != false) goto L22;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean getUserForRole(java.lang.String r5) {
        /*
            Method dump skipped, instructions count: 235
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.authentication.service.LoginState.getUserForRole(java.lang.String):boolean");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setIndexType(AuthContext.IndexType indexType) {
        this.indexType = indexType;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setUserName(String str) {
        this.userName = str;
    }

    public boolean isPersistentCookieOn() {
        return this.persistentCookieOn;
    }

    public boolean getPersistentCookieMode() {
        return this.persistentCookieMode;
    }

    void setToken(String str) {
        this.token = str;
    }

    void setUserDN(String str) {
        this.userDN = str;
    }

    public Hashtable getRequestParamHash() {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("LoginStateReturning.. hash :").append(this.requestHash).toString());
        }
        return this.requestHash;
    }

    boolean getUserEnabled(Map map) {
        if (map.containsValue(Boolean.FALSE)) {
            this.userEnabled = false;
        } else {
            this.userEnabled = true;
        }
        return this.userEnabled;
    }

    boolean getUserRoleFound(Map map) {
        boolean z = true;
        if (map.containsValue(Boolean.FALSE)) {
            z = false;
        }
        return z;
    }

    boolean getFoundUserAlias(Map map) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("foundAliasMap :").append(map).toString());
        }
        return map.containsValue(Boolean.TRUE);
    }

    boolean getGotUserProfile(Map map) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("GotUserProfileMAP is: ").append(map).toString());
        }
        boolean z = false;
        if (map.containsValue(Boolean.TRUE)) {
            z = true;
        }
        return z;
    }

    void addAliasToUserProfile(String str, Map map) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Token : ").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("foundUserAliasMap : ").append(map).toString());
        }
        try {
            AMUser user = AuthD.getAuth().getSDK().getUser(tokenToDN(str));
            if (map != null && !map.isEmpty()) {
                for (String str2 : map.keySet()) {
                    if (!this.userAliasList.contains(str2)) {
                        this.userAliasList.add(str2);
                    }
                }
                AuthD.debug.message("Adding alias list to user profile");
                HashMap hashMap = new HashMap();
                if (this.externalAliasList != null && !this.externalAliasList.isEmpty()) {
                    this.userAliasList.addAll(this.externalAliasList);
                }
                hashMap.put(USER_ALIAS_ATTR, this.userAliasList);
                user.setAttributes(hashMap);
                user.store();
            }
        } catch (Exception e) {
            AuthD.debug.error(new StringBuffer().append("Exception : ").append(e.getMessage()).toString(), e);
        }
    }

    boolean checkAliasList(Map map) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("UserAliasList is.. : ").append(map).toString());
        }
        boolean z = true;
        Iterator it = map.keySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Token is.. : ").append((String) next).toString());
            }
            if (!ad.isSuperAdmin(tokenToDN((String) next)) && ((Boolean) map.get(next)).toString().equals("false")) {
                z = false;
                break;
            }
        }
        return z;
    }

    public String searchPersistentCookie() {
        try {
            String str = null;
            String cookieValueFromReq = CookieUtils.getCookieValueFromReq(this.servletRequest, this.pCookieName);
            if (cookieValueFromReq != null) {
                str = parsePersistentCookie(cookieValueFromReq);
            }
            return str;
        } catch (Exception e) {
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD.debug.message("ERROR searchPersistentCookie ", e);
            return null;
        }
    }

    private String parsePersistentCookie(String str) {
        String str2;
        int indexOf;
        try {
            String str3 = (String) AccessController.doPrivileged(new EncodeAction(invalidatePCookie));
            if (str == null || str.equals("") || str.equals(str3) || (indexOf = (str2 = (String) AccessController.doPrivileged(new DecodeAction(str))).indexOf("%")) == -1) {
                return null;
            }
            String substring = str2.substring(0, indexOf);
            String substring2 = str2.substring(indexOf + 1);
            int indexOf2 = substring2.indexOf("%");
            if (indexOf2 == -1) {
                return null;
            }
            String substring3 = substring2.substring(0, indexOf2);
            String substring4 = substring2.substring(indexOf2 + 1);
            int indexOf3 = substring4.indexOf("%");
            if (indexOf3 == -1) {
                return null;
            }
            String substring5 = substring4.substring(0, indexOf3);
            String substring6 = substring4.substring(indexOf3 + 1);
            int indexOf4 = substring6.indexOf("%");
            if (indexOf4 == -1) {
                return null;
            }
            int parseInt = Integer.parseInt(substring6.substring(0, indexOf4));
            String substring7 = substring6.substring(indexOf4 + 1);
            int indexOf5 = substring7.indexOf("%");
            if (indexOf5 == -1) {
                return null;
            }
            int parseInt2 = Integer.parseInt(substring7.substring(0, indexOf5));
            int parseInt3 = Integer.parseInt(substring7.substring(indexOf5 + 1));
            if (!getOrgName().equals(substring3)) {
                this.orgName = substring3;
                this.userOrg = this.orgName;
                this.orgDN = getOrgDN();
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("authMethStr: ").append(substring5).toString());
            }
            int i = 0;
            while (true) {
                if (i == -1) {
                    break;
                }
                i = substring5.indexOf("|");
                if (i == -1) {
                    String authenticatorForName = ad.getAuthenticatorForName(substring5);
                    if (AuthD.debug.messageEnabled()) {
                        AuthD.debug.message(new StringBuffer().append("authMethStr is : ").append(substring5).toString());
                        AuthD.debug.message(new StringBuffer().append("authModuleName is : ").append(authenticatorForName).toString());
                    }
                    if (authenticatorForName == null) {
                        return null;
                    }
                } else {
                    String substring8 = substring5.substring(0, i);
                    String authenticatorForName2 = ad.getAuthenticatorForName(substring8);
                    if (AuthD.debug.messageEnabled()) {
                        AuthD.debug.message(new StringBuffer().append("authModulename is : ").append(substring8).toString());
                        AuthD.debug.message(new StringBuffer().append("authModuleName instance is : ").append(authenticatorForName2).toString());
                    }
                    if (authenticatorForName2 == null) {
                        return null;
                    }
                    substring5 = substring5.substring(i + 1, substring5.length());
                }
            }
            this.pAuthMethName = substring5;
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Found valid PC : username=").append(substring).append("\ndomainname=").append(substring3).append("\nauthMethod=").append(substring5).append("\nmaxSession=").append(parseInt).append("\nidleTime=").append(parseInt2).append("\ncacheTime=").append(parseInt3).append("\norgDN=").append(this.orgDN).toString());
            }
            return substring;
        } catch (Exception e) {
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD.debug.message("ERROR:parsePersistentCookie : ", e);
            return null;
        }
    }

    public static String encodePCookie() {
        return (String) AccessController.doPrivileged(new EncodeAction(invalidatePCookie));
    }

    public Cookie setPersistentCookie(String str) throws SSOException, AMException {
        int i;
        String str2 = this.persistentCookieTime;
        Cookie cookie = null;
        if (str2 != null) {
            try {
                i = Integer.parseInt(str2);
            } catch (Exception e) {
                i = 0;
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Add Cookie: maxage=").append(i).toString());
            }
            if (i > 0) {
                String stringBuffer = new StringBuffer().append(getUserDN(this.userId)).append("%").append(getOrgName()).append("%").append(this.authMethName).append("%").append(Integer.toString(this.maxSession)).append("%").append(Integer.toString(this.idleTime)).append("%").append(Integer.toString(this.cacheTime)).toString();
                cookie = createPersistentCookie(ad.getPersistentCookieName(), (String) AccessController.doPrivileged(new EncodeAction(stringBuffer)), i, str);
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("Add PCookie = ").append(stringBuffer).toString());
                }
            } else if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Persistent Cookie Mode configured for domain ").append(this.orgName).append(", but no persistentCookieTime = ").append(str2).toString());
            }
        }
        return cookie;
    }

    public static Cookie createPersistentCookie(String str, String str2, int i, String str3) {
        Cookie newCookie = CookieUtils.newCookie(str, str2, "/", str3);
        if (i >= 0) {
            newCookie.setMaxAge(i);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("pCookie is.. :").append(newCookie).toString());
        }
        return newCookie;
    }

    public Cookie setlbCookie(String str, boolean z) throws SSOException, AMException {
        int i;
        String str2 = ad.getlbCookieName();
        String str3 = ad.getlbCookieValue();
        String str4 = this.persistentCookieTime;
        Cookie cookie = null;
        if (str4 == null || !z) {
            cookie = createPersistentCookie(str2, str3, -1, str);
        } else {
            try {
                i = Integer.parseInt(str4);
            } catch (Exception e) {
                i = 0;
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Add Load Balance Cookie: maxage=").append(i).toString());
            }
            if (i > 0) {
                cookie = createPersistentCookie(str2, str3, i, str);
                AuthD.debug.message("Add Load Balance Cookie!");
            } else {
                AuthD.debug.message("No Load Balance Cookie set!");
            }
        }
        return cookie;
    }

    public AuthContext.IndexType getIndexType() {
        return this.indexType;
    }

    void setGoToURL() {
        String str = (String) this.requestHash.get("goto");
        if (str == null || str.equals("")) {
            return;
        }
        this.gotoURL = str;
    }

    void setGoToOnFailURL() {
        String str = (String) this.requestHash.get("gotoOnFail");
        if (str == null || str.equals("")) {
            return;
        }
        this.gotoOnFailURL = str;
    }

    public String getSuccessLoginURL() {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("gotoURL is : ").append(this.gotoURL).toString());
        }
        if (this.gotoURL != null && !this.gotoURL.equals("") && !this.gotoURL.equalsIgnoreCase("null")) {
            this.fqdnURL = this.gotoURL;
        }
        if (this.fqdnURL == null || this.fqdnURL.equals("")) {
            AuthD.debug.message("NULL gotoURL");
            this.fqdnURL = processURL(this.successLoginURL);
        }
        String encodeURL = encodeURL(this.fqdnURL, this.servletResponse);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("getSuccessLoginURL : ").append(this.successLoginURL).toString());
            AuthD.debug.message(new StringBuffer().append("getSuccessLoginURL (fqdnURL) : ").append(this.fqdnURL).toString());
            AuthD.debug.message(new StringBuffer().append("getSuccessLoginURL (encoded) : ").append(encodeURL).toString());
        }
        return encodeURL;
    }

    public String getConfiguredSuccessLoginURL() {
        String encodeURL = encodeURL(processURL(this.successLoginURL), this.servletResponse);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("getSuccessLoginURL : ").append(this.successLoginURL).toString());
            AuthD.debug.message(new StringBuffer().append("getSuccessLoginURL (encoded) : ").append(encodeURL).toString());
        }
        return encodeURL;
    }

    String getSuccessURLForRole() {
        String str = null;
        try {
            str = getRoleURLFromAttribute(getAMTemplate(), ACModelBase.AUTH_SUCCESS_URL_KEY);
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Execption:getSuccessURLForRole : ", e);
            }
        }
        return str;
    }

    String getFailureURLForRole() {
        String str = null;
        try {
            str = getRoleURLFromAttribute(getAMTemplate(), ACModelBase.AUTH_FAIL_URL_KEY);
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error retrieving url ");
                AuthD.debug.message("Exception : ", e);
            }
        }
        return str;
    }

    AMTemplate getAMTemplate() throws Exception {
        try {
            AMTemplate template = ad.getSDK().getRole(this.roleDN).getTemplate("iPlanetAMAuthConfiguration", AMTemplate.DYNAMIC_TEMPLATE);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Returning AMTemplate : ").append(template).toString());
                AuthD.debug.message(new StringBuffer().append("for roleDN : ").append(this.roleDN).toString());
            }
            return template;
        } catch (Exception e) {
            AuthD.debug.error("Error getting AMTemplate : ", e);
            throw new Exception(AMAuthErrorCode.AUTH_ERROR);
        }
    }

    String getRolePostLoginProcessClassName(AMTemplate aMTemplate) {
        try {
            Set attribute = aMTemplate.getAttribute(ACModelBase.AUTH_REDIRECT_URL_KEY);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("postLoginProcess Class :").append(attribute).toString());
            }
            if (attribute.isEmpty()) {
                return null;
            }
            String str = (String) attribute.iterator().next();
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Returning PostLoginProcess Classname :").append(str).toString());
            }
            return str;
        } catch (Exception e) {
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD.debug.message("Error retrieving classname : ");
            AuthD.debug.message("Exception : ", e);
            return null;
        }
    }

    String getSuccessURLForService(String str) {
        String str2 = null;
        try {
            if (this.serviceAttributesMap != null && this.serviceAttributesMap.isEmpty()) {
                this.serviceAttributesMap = getServiceAttributes(str);
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("AttributeMAP is.. :").append(this.serviceAttributesMap).toString());
            }
            str2 = getServiceURLFromAttribute(this.serviceAttributesMap, ACModelBase.AUTH_SUCCESS_URL_KEY);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("successURL : ").append(str2).toString());
            }
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error retrieving url ");
                AuthD.debug.message("Exception : ", e);
            }
        }
        return str2;
    }

    String getFailureURLForService(String str) {
        String str2 = null;
        try {
            if (this.serviceAttributesMap.isEmpty()) {
                this.serviceAttributesMap = getServiceAttributes(str);
            }
            str2 = getServiceURLFromAttribute(this.serviceAttributesMap, ACModelBase.AUTH_FAIL_URL_KEY);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Service failureURL: ").append(str2).toString());
            }
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error retrieving url ");
                AuthD.debug.message("Exception : ", e);
            }
        }
        return str2;
    }

    String getStringFromSet(Set set) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("getStringFromSET : ").append(set).toString());
        }
        if (set == null || set.isEmpty()) {
            return null;
        }
        return (String) set.iterator().next();
    }

    Map getServiceAttributes(String str) throws Exception {
        try {
            return AMAuthConfigUtils.getNamedConfig(str, this.orgDN, AuthD.getAuth().getSSOAuthSession());
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error getting service attribute: ");
                AuthD.debug.message(new StringBuffer().append(" Exception : ").append(e.getMessage()).toString());
            }
            throw new Exception(e.getMessage());
        }
    }

    AMPostAuthProcessInterface getPostLoginProcessInstance(String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("postLoginProcess Class Name is : ").append(str).toString());
        }
        if (str == null || str.equals("")) {
            return null;
        }
        try {
            return (AMPostAuthProcessInterface) Class.forName(str).newInstance();
        } catch (ClassNotFoundException e) {
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD.debug.message("Class not Found :", e);
            return null;
        } catch (Exception e2) {
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD.debug.message("Error: ", e2);
            return null;
        }
    }

    public void setSuccessLoginURL(String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("URL : from modle  : ").append(str).toString());
        }
        this.moduleSuccessLoginURL = str;
    }

    public void setFailureLoginURL(String str) {
        this.moduleFailureLoginURL = str;
    }

    public void setSuccessLoginURL(AuthContext.IndexType indexType, String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("moduleSucessLoginURL : ").append(this.moduleSuccessLoginURL).toString());
        }
        if (this.moduleSuccessLoginURL != null && !this.moduleSuccessLoginURL.equals("")) {
            this.successLoginURL = this.moduleSuccessLoginURL;
            return;
        }
        if (this.clientUserSuccessURL != null && !this.clientUserSuccessURL.equals("")) {
            this.successLoginURL = this.clientUserSuccessURL;
            if (this.successLoginURL != null) {
                return;
            }
        }
        String str2 = this.defaultUserSuccessURL;
        if (indexType == AuthContext.IndexType.ROLE) {
            String successURLForRole = getSuccessURLForRole();
            if (successURLForRole != null && !successURLForRole.equals("")) {
                this.successLoginURL = successURLForRole;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (indexType == AuthContext.IndexType.SERVICE) {
            String successURLForService = getSuccessURLForService(str);
            if (successURLForService != null && !successURLForService.equals("")) {
                this.successLoginURL = successURLForService;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (this.clientSuccessRoleURL != null && !this.clientSuccessRoleURL.equals("")) {
            this.successLoginURL = this.clientSuccessRoleURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultSuccessRoleURL;
        }
        if (this.clientOrgSuccessLoginURL != null && !this.clientOrgSuccessLoginURL.equals("")) {
            this.successLoginURL = this.clientOrgSuccessLoginURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultOrgSuccessLoginURL;
        }
        this.defaultSuccessURL = getRedirectUrl(ad.defaultSuccessURLSet);
        if (this.defaultSuccessURL != null && !this.defaultSuccessURL.equals("")) {
            this.successLoginURL = this.defaultSuccessURL;
            ad.defaultSuccessURL = this.tempDefaultURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.tempDefaultURL;
        }
        this.successLoginURL = str2;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Default url:").append(this.successLoginURL).toString());
        }
    }

    public void setFailureLoginURL(AuthContext.IndexType indexType, String str) {
        if (this.moduleFailureLoginURL != null && !this.moduleFailureLoginURL.equals("")) {
            this.failureLoginURL = this.moduleFailureLoginURL;
            return;
        }
        if (this.gotoOnFailURL != null && !this.gotoOnFailURL.equals("")) {
            this.failureLoginURL = this.gotoOnFailURL;
            return;
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("failureTokenId in setFailureLoginURL = ").append(this.failureTokenId).toString());
        }
        String str2 = null;
        if (this.failureTokenId != null) {
            try {
                getUserProfile(this.failureTokenId, true, false);
                if (this.clientUserFailureURL != null && !this.clientUserFailureURL.equals("")) {
                    this.failureLoginURL = this.clientUserFailureURL;
                    return;
                }
                str2 = this.defaultUserFailureURL;
            } catch (Exception e) {
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("Error retreiving profile for : ").append(this.failureTokenId).toString(), e);
                }
            }
        }
        if (indexType == AuthContext.IndexType.ROLE) {
            String failureURLForRole = getFailureURLForRole();
            if (this.failureLoginURL != null && !this.failureLoginURL.equals("")) {
                this.failureLoginURL = failureURLForRole;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (indexType == AuthContext.IndexType.SERVICE) {
            String failureURLForService = getFailureURLForService(str);
            if (failureURLForService != null && !failureURLForService.equals("")) {
                this.failureLoginURL = failureURLForService;
                return;
            } else if (str2 == null || str2.equals("")) {
                str2 = this.tempDefaultURL;
            }
        }
        if (this.clientFailureRoleURL != null && !this.clientFailureRoleURL.equals("")) {
            this.failureLoginURL = this.clientFailureRoleURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultFailureRoleURL;
        }
        if (this.clientOrgFailureLoginURL != null && !this.clientOrgFailureLoginURL.equals("")) {
            this.failureLoginURL = this.clientOrgFailureLoginURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.defaultOrgFailureLoginURL;
        }
        this.defaultFailureURL = getRedirectUrl(ad.defaultFailureURLSet);
        if (this.defaultFailureURL != null && !this.defaultFailureURL.equals("")) {
            this.failureLoginURL = this.defaultFailureURL;
            ad.defaultFailureURL = this.tempDefaultURL;
            return;
        }
        if (str2 == null || str2.equals("")) {
            str2 = this.tempDefaultURL;
        }
        this.failureLoginURL = str2;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("defaultFailureURL : ").append(this.failureLoginURL).toString());
        }
    }

    private String processURL(String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("processURL, incoming URL : ").append(str).toString());
        }
        if (str == null) {
            return str;
        }
        String processDynamicVariables = processDynamicVariables(str);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("processURL : ").append(processDynamicVariables).toString());
        }
        return processDynamicVariables;
    }

    private String processDynamicVariables(String str) {
        if (str.indexOf("%") != -1) {
            StringBuffer stringBuffer = new StringBuffer(200);
            int indexOf = str.indexOf("%protocol");
            if (indexOf != -1) {
                stringBuffer.append(str.substring(0, indexOf));
                if (isConsoleRemote) {
                    stringBuffer.append(consoleProto);
                } else {
                    String str2 = null;
                    if (this.servletRequest != null) {
                        str2 = RequestUtils.getRedirectProtocol(this.servletRequest.getScheme(), this.servletRequest.getServerName());
                    }
                    if (str2 != null) {
                        stringBuffer.append(str2);
                    } else {
                        stringBuffer.append(consoleProto);
                    }
                }
                stringBuffer.append(str.substring(indexOf + "%protocol".length()));
                str = stringBuffer.toString();
            }
            int indexOf2 = str.indexOf("%host");
            if (indexOf2 != -1) {
                int length = "%host".length();
                stringBuffer.delete(0, 200);
                stringBuffer.append(str.substring(0, indexOf2));
                if (isConsoleRemote) {
                    stringBuffer.append(consoleHost);
                } else {
                    String str3 = null;
                    if (this.servletRequest != null) {
                        str3 = this.servletRequest.getHeader(ISAuthConstants.HOST);
                    }
                    if (str3 != null) {
                        stringBuffer.append(str3);
                        length++;
                    } else {
                        stringBuffer.append(consoleHost);
                    }
                }
                stringBuffer.append(str.substring(indexOf2 + length));
                str = stringBuffer.toString();
            }
            int indexOf3 = str.indexOf("%port");
            if (indexOf3 != -1) {
                stringBuffer.delete(0, 200);
                stringBuffer.append(str.substring(0, indexOf3));
                if (isConsoleRemote) {
                    stringBuffer.append(consolePort);
                }
                stringBuffer.append(str.substring(indexOf3 + "%port".length()));
                str = stringBuffer.toString();
            }
        }
        return str;
    }

    public String getFailureLoginURL() {
        if (this.fqdnFailureLoginURL == null || this.fqdnFailureLoginURL.length() == 0) {
            this.fqdnFailureLoginURL = processURL(this.failureLoginURL);
        }
        return this.fqdnFailureLoginURL;
    }

    String getRoleURLFromAttribute(AMTemplate aMTemplate, String str) {
        try {
            return getRedirectUrl(aMTemplate.getAttribute(str));
        } catch (Exception e) {
            if (!AuthD.debug.messageEnabled()) {
                return null;
            }
            AuthD.debug.message("Error getting role attribute ", e);
            return null;
        }
    }

    String getServiceURLFromAttribute(Map map, String str) {
        String redirectUrl = getRedirectUrl((Set) map.get(str));
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("serviceURL : ").append(redirectUrl).toString());
        }
        return redirectUrl;
    }

    public HttpServletResponse getHttpServletResponse() {
        return this.servletResponse;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setHttpServletResponse(HttpServletResponse httpServletResponse) {
        this.servletResponse = httpServletResponse;
    }

    public synchronized void setPersistentCookieOn() {
        this.persistentCookieOn = true;
    }

    public Callback[] getRecdCallback() {
        return this.prevCallback;
    }

    public synchronized void setPrevCallback(Callback[] callbackArr) {
        this.prevCallback = callbackArr;
    }

    protected AMUser getAMUser() {
        return this.amUser;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAccountLife() {
        return this.accountLife;
    }

    protected String getUserToken() {
        return this.token;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean getLoginFailureLockoutMode() {
        return this.loginFailureLockoutMode;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public long getLoginFailureLockoutTime() {
        return this.loginFailureLockoutTime;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int getLoginFailureLockoutCount() {
        return this.loginFailureLockoutCount;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getLoginLockoutNotification() {
        return this.loginLockoutNotification;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int getLoginLockoutUserWarning() {
        return this.loginLockoutUserWarning;
    }

    public void setErrorCode(String str) {
        this.errorCode = str;
    }

    public String getErrorCode() {
        return this.errorCode;
    }

    public void setErrorMessage(String str) {
        this.errorMessage = str;
    }

    public String getErrorMessage() {
        return this.errorMessage;
    }

    public void setErrorTemplate(String str) {
        this.errorTemplate = str;
    }

    public String getErrorTemplate() {
        return this.errorTemplate;
    }

    public void setModuleErrorTemplate(String str) {
        this.moduleErrorTemplate = str;
    }

    public String getModuleErrorTemplate() {
        return this.moduleErrorTemplate;
    }

    public void setTimedOut(boolean z) {
        this.timedOut = z;
    }

    public boolean isTimedOut() {
        return this.timedOut;
    }

    public void setLockoutMsg(String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("setLockoutMsg :").append(str).toString());
        }
        this.lockoutMsg = str;
    }

    public String getLockoutMsg() {
        return this.lockoutMsg;
    }

    public static String getTemplateDir() {
        if (installBaseDir == null) {
            installBaseDir = getInstallDir();
        }
        templateDir = new StringBuffer().append(installBaseDir).append("/").append("config").append("/").append("auth").toString();
        return templateDir;
    }

    public void setIndexName(String str) {
        this.indexName = str;
    }

    public static String getInstallDir() {
        int lastIndexOf = installDir.lastIndexOf("/");
        if (lastIndexOf != -1) {
            installBaseDir = installDir.substring(0, lastIndexOf);
        } else {
            installBaseDir = installDir;
        }
        return installBaseDir;
    }

    String getClientFilePath() {
        return this.filePath != null ? this.filePath : ad.getFilePath(getClientType());
    }

    String getFilePath() {
        this.filePath = getClientFilePath();
        String str = null;
        StringBuffer stringBuffer = new StringBuffer();
        if (this.indexType != null && this.indexType.equals(AuthContext.IndexType.SERVICE)) {
            str = this.indexName;
        }
        if (this.filePath == null && str == null) {
            return null;
        }
        if (this.filePath != null && !this.filePath.equals("")) {
            stringBuffer.append("/").append(this.filePath);
        }
        if (str != null && !str.equals("")) {
            stringBuffer.append("/").append(str);
        }
        String stringBuffer2 = stringBuffer.toString();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("FilePath is.. :").append(stringBuffer2).toString());
        }
        return stringBuffer2;
    }

    String getOrgFilePath(String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("remOrgName is: ").append(str).toString());
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (str != null) {
            while (str != null && str.length() != 0) {
                int lastIndexOf = str.lastIndexOf(",");
                if (lastIndexOf == -1) {
                    int indexOf = str.indexOf("=");
                    if (indexOf == -1) {
                        stringBuffer.append("/").append(str);
                    } else {
                        stringBuffer.append("/").append(str.substring(indexOf + 1, str.length()));
                    }
                    str = null;
                } else {
                    String substring = str.substring(lastIndexOf + 1, str.length());
                    str = str.substring(0, lastIndexOf);
                    int indexOf2 = substring.indexOf("=");
                    if (indexOf2 != -1) {
                        substring = substring.substring(indexOf2 + 1, substring.length());
                    }
                    stringBuffer.append("/").append(substring);
                }
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("remOrgName is : ").append(str).toString());
                }
            }
        }
        String stringBuffer2 = stringBuffer.toString();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("orgPath is : ").append(stringBuffer2).toString());
        }
        return stringBuffer2;
    }

    public AuthContextLocal createAuthContext(SessionID sessionID, String str) throws AuthException {
        this.userOrg = getDomainNameByOrg(str);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("createAuthContext: userOrg is : ").append(this.userOrg).toString());
        }
        if (this.userOrg == "" || this.userOrg == null) {
            AuthD.debug.error("domain is null, error condtion");
            logFailed(ad.bundle.getString("invalidDomain"));
            throw new AuthException(AMAuthErrorCode.AUTH_INVALID_DOMAIN, null);
        }
        AuthD.debug.message("AuthUtil:getAuthContext:Creating new AuthContextLocal & LoginState");
        AuthContextLocal authContextLocal = new AuthContextLocal(this.userOrg);
        this.requestType = true;
        this.sid = sessionID;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("requestType : ").append(this.requestType).toString());
            AuthD.debug.message(new StringBuffer().append("sid : ").append(sessionID).toString());
            AuthD.debug.message(new StringBuffer().append("orgName passed: ").append(str).toString());
        }
        try {
            createSession(null, authContextLocal);
            populateOrgProfile();
            this.isRemote = true;
            return authContextLocal;
        } catch (Exception e) {
            AuthD.debug.error("Exception creating session .. :", e);
            throw new AuthException(AMAuthErrorCode.AUTH_ERROR, null);
        }
    }

    public void setAuthLevel(int i) {
        this.moduleAuthLevel = i;
        if (this.authLevel < this.moduleAuthLevel) {
            this.authLevel = this.moduleAuthLevel;
        }
    }

    public String getDomainNameByOrg(String str) {
        String str2 = null;
        try {
            str2 = ad.getOrganizationDN(str, false, null);
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Incorrect orgName passed:").append(str).toString(), e);
            }
        }
        return str2;
    }

    public Set getModuleInstances() {
        try {
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error getting moduleInstances ", e);
            }
        }
        if (this.moduleInstances != null && !this.moduleInstances.isEmpty()) {
            return this.moduleInstances;
        }
        this.moduleInstances = this.domainAuthenticators;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("moduleInstances are : ").append(this.moduleInstances).toString());
        }
        if (this.moduleInstances == null) {
            this.moduleInstances = Collections.EMPTY_SET;
        }
        return this.moduleInstances;
    }

    public Set getDomainAuthenticators() {
        return this.domainAuthenticators;
    }

    public void setX509Certificate(X509Certificate x509Certificate) {
        this.cert = x509Certificate;
    }

    public X509Certificate getX509Certificate() {
        return this.cert;
    }

    public void logSuccess() {
        try {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(ad.bundle.getString("loginSuccess"));
            if (this.indexType != null && this.indexName != null) {
                stringBuffer.append(" ").append(this.indexType.toString()).append("->").append(this.indexName);
            }
            Hashtable hashtable = new Hashtable();
            if (this.client != null) {
                hashtable.put(LogConstants.IP_ADDR, this.client);
            }
            if (this.userDN != null) {
                hashtable.put(LogConstants.LOGIN_ID, this.userDN);
            }
            if (this.orgDN != null) {
                hashtable.put(LogConstants.DOMAIN, this.orgDN);
            }
            if (this.authMethName != null) {
                hashtable.put(LogConstants.MODULE_NAME, this.authMethName);
            }
            if (this.sess != null) {
                hashtable.put(LogConstants.LOGIN_ID_SID, this.sess.getID().toString());
            }
            ad.logIt(stringBuffer.toString(), 0, hashtable);
        } catch (Exception e) {
            AuthD.debug.message("Error creating logSuccess message", e);
        }
    }

    public void logFailed(String str) {
        try {
            StringBuffer stringBuffer = new StringBuffer();
            if (str == null) {
                str = ad.bundle.getString("loginFailed");
            }
            stringBuffer.append(str);
            if (this.indexType != null && this.indexName != null) {
                stringBuffer.append(" ").append(this.indexType.toString()).append("->").append(this.indexName);
            }
            Hashtable hashtable = new Hashtable();
            if (this.client != null) {
                hashtable.put(LogConstants.IP_ADDR, this.client);
            }
            if (this.userDN != null) {
                hashtable.put(LogConstants.LOGIN_ID, this.userDN);
            } else if (this.failureTokenId != null && this.failureTokenId.startsWith("uid=")) {
                hashtable.put(LogConstants.LOGIN_ID, this.failureTokenId);
            } else if (this.callbacksPerState != null && this.callbacksPerState.values() != null && this.callbacksPerState.values().size() > 0) {
                Object[] array = this.callbacksPerState.values().toArray();
                for (int i = 0; i < array.length; i++) {
                    if (array[i] instanceof Callback[]) {
                        NameCallback[] nameCallbackArr = (Callback[]) array[i];
                        for (int i2 = 0; i2 < nameCallbackArr.length; i2++) {
                            if (nameCallbackArr[i2] instanceof NameCallback) {
                                this.userDN = nameCallbackArr[i2].getName();
                                if (AuthD.debug.messageEnabled()) {
                                    AuthD.debug.message(new StringBuffer().append("userDN is null, setting to ").append(this.userDN).toString());
                                }
                                hashtable.put(LogConstants.LOGIN_ID, this.userDN);
                            }
                        }
                    }
                }
            }
            if (this.orgDN != null) {
                hashtable.put(LogConstants.DOMAIN, this.orgDN);
            }
            if (this.failureModuleList != null && this.failureModuleList.length() > 0) {
                hashtable.put(LogConstants.MODULE_NAME, this.failureModuleList);
            }
            if (this.sess != null) {
                hashtable.put(LogConstants.LOGIN_ID_SID, this.sess.getID().toString());
            }
            ad.logIt(stringBuffer.toString(), 1, hashtable);
        } catch (Exception e) {
            AuthD.debug.error("Error creating logFailed message", e);
        }
    }

    public void logLogout() {
        try {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(ad.bundle.getString("logout"));
            if (this.indexType != null && this.indexName != null) {
                stringBuffer.append(" ").append(this.indexType.toString()).append("->").append(this.indexName);
            }
            Hashtable hashtable = new Hashtable();
            if (this.client != null) {
                hashtable.put(LogConstants.IP_ADDR, this.client);
            }
            if (this.userDN != null) {
                hashtable.put(LogConstants.LOGIN_ID, this.userDN);
            }
            if (this.orgDN != null) {
                hashtable.put(LogConstants.DOMAIN, this.orgDN);
            }
            if (this.authMethName != null) {
                hashtable.put(LogConstants.MODULE_NAME, this.authMethName);
            }
            if (this.sess != null) {
                hashtable.put(LogConstants.LOGIN_ID_SID, this.sess.getID().toString());
            }
            ad.logIt(stringBuffer.toString(), 0, hashtable);
        } catch (Exception e) {
            AuthD.debug.error("Error creating logout message", e);
        }
    }

    public String getLoginLockoutAttrName() {
        return this.loginLockoutAttrName;
    }

    public String getLoginLockoutAttrValue() {
        return this.loginLockoutAttrValue;
    }

    public long getLoginFailureLockoutDuration() {
        return this.loginFailureLockoutDuration;
    }

    public void setPrevAuthContext(AuthContextLocal authContextLocal) {
        this.oldAuthContext = authContextLocal;
    }

    public AuthContextLocal getPrevAuthContext() {
        return this.oldAuthContext;
    }

    public void setSessionUpgrade(boolean z) {
        this.sessionUpgrade = z;
    }

    public boolean isSessionUpgrade() {
        return this.sessionUpgrade;
    }

    void sessionUpgrade() {
        LoginState loginState = AuthUtils.getLoginState(this.oldAuthContext);
        InternalSession internalSession = null;
        if (loginState != null) {
            internalSession = loginState.getSession();
        }
        if (internalSession == null) {
            return;
        }
        int i = 0;
        try {
            i = Integer.parseInt(internalSession.getProperty("AuthLevel"));
        } catch (NumberFormatException e) {
            AuthD.debug.error("AuthLevel from session property bad format");
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("prevAuthLevel : ").append(i).toString());
        }
        if (i > this.authLevel) {
            this.upgradeAuthLevel = i;
        } else {
            this.upgradeAuthLevel = this.authLevel;
        }
        String property = internalSession.getProperty("Service");
        this.upgradeServiceName = property;
        String str = null;
        if (this.indexType == AuthContext.IndexType.SERVICE) {
            str = this.indexName;
            if (property != null) {
                this.upgradeServiceName = property;
                if (this.indexName != null && property.indexOf(this.indexName) == -1) {
                    this.upgradeServiceName = new StringBuffer().append(this.indexName).append("|").append(property).toString();
                }
            } else {
                this.upgradeServiceName = this.indexName;
            }
        }
        String property2 = internalSession.getProperty(IFSConstants.AC_ROLE);
        this.upgradeRoleName = property2;
        if (this.indexType == AuthContext.IndexType.ROLE) {
            if (property2 != null) {
                this.upgradeRoleName = property2;
                if (this.indexName != null && property2.indexOf(this.indexName) == -1) {
                    this.upgradeRoleName = new StringBuffer().append(this.indexName).append("|").append(property2).toString();
                }
            } else {
                this.upgradeRoleName = this.indexName;
            }
        }
        String property3 = internalSession.getProperty("AuthType");
        String str2 = this.authMethName;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("authMethName (newModuleList) : ").append(this.authMethName).toString());
            AuthD.debug.message(new StringBuffer().append("prevModuleList : ").append(property3).toString());
        }
        this.upgradeModuleList = null;
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str2);
        if (property3 != str2) {
            this.upgradeModuleList = parsePropertyList(property3, str2);
        } else {
            this.upgradeModuleList = stringBuffer.toString();
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("oldAuthLevel : ").append(i).toString());
            AuthD.debug.message(new StringBuffer().append("newAuthLevel : ").append(this.authLevel).toString());
            AuthD.debug.message(new StringBuffer().append("upgradeAuthLevel : ").append(this.upgradeAuthLevel).toString());
            AuthD.debug.message(new StringBuffer().append("prevServiceName : ").append(property).toString());
            AuthD.debug.message(new StringBuffer().append("newServiceName : ").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("upgradeServiceName : ").append(this.upgradeServiceName).toString());
            AuthD.debug.message(new StringBuffer().append("preRoleName : ").append(property2).toString());
            AuthD.debug.message(new StringBuffer().append("newRoleName : ").append(this.roleDN).toString());
            AuthD.debug.message(new StringBuffer().append("upgradeRoleName : ").append(this.upgradeRoleName).toString());
            AuthD.debug.message(new StringBuffer().append("prevModuleList: ").append(property3).toString());
            AuthD.debug.message(new StringBuffer().append("newModuleList: ").append(str2).toString());
            AuthD.debug.message(new StringBuffer().append("upgradeModuleList: ").append(this.upgradeModuleList).toString());
        }
        updateSessionProperty("AuthLevel", new Integer(this.upgradeAuthLevel).toString());
        updateSessionProperty("AuthType", this.upgradeModuleList);
        updateSessionProperty("Service", this.upgradeServiceName);
        updateSessionProperty(IFSConstants.AC_ROLE, this.upgradeRoleName);
    }

    void updateSessionProperty(String str, String str2) {
        if (str2 == null) {
            return;
        }
        this.sess.putProperty(str, str2);
    }

    String parsePropertyList(String str, String str2) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("oldProperty : ").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("newProperty : ").append(str2).toString());
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str2);
        StringTokenizer stringTokenizer = new StringTokenizer(str, "|");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (str2.indexOf(nextToken) == -1) {
                stringBuffer.append("|").append(nextToken);
            }
        }
        String stringBuffer2 = stringBuffer.toString();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("propertyList is : ").append(stringBuffer2).toString());
        }
        return stringBuffer2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCookieSet(boolean z) {
        this.cookieSet = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isCookieSet() {
        return this.cookieSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCookieSupported(boolean z) {
        this.cookieSupported = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isCookieSupported() {
        return this.cookieSupported;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onSuccessProcess(AuthContext.IndexType indexType, String str) {
        this.postLoginInstance = getPostLoginClass(indexType, str);
        if (this.postLoginInstance == null) {
            return;
        }
        executePostLoginSPI(this.postLoginInstance, true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onFailureProcess(AuthContext.IndexType indexType, String str) {
        AMPostAuthProcessInterface postLoginClass = getPostLoginClass(indexType, str);
        if (postLoginClass == null) {
            return;
        }
        executePostLoginSPI(postLoginClass, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onLogoutProcess(AuthContext.IndexType indexType, String str) {
        if (this.postLoginInstance == null) {
            return;
        }
        try {
            this.postLoginInstance.onLogout(this.servletRequest, this.servletResponse, getSSOToken());
        } catch (AuthenticationException e) {
            AuthD.debug.error("Error executing postLoginInstance.", e);
        } catch (Exception e2) {
            AuthD.debug.error("Error executing postLoginInstance.", e2);
        }
    }

    void executePostLoginSPI(AMPostAuthProcessInterface aMPostAuthProcessInterface, boolean z) {
        try {
            if (z) {
                aMPostAuthProcessInterface.onLoginSuccess(this.requestMap, this.servletRequest, this.servletResponse, getSSOToken());
            } else {
                aMPostAuthProcessInterface.onLoginFailure(this.requestMap, this.servletRequest, this.servletResponse);
            }
        } catch (AuthenticationException e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error ", e);
            }
        } catch (Exception e2) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error ", e2);
            }
        }
    }

    AMPostAuthProcessInterface getPostLoginClass(AuthContext.IndexType indexType, String str) {
        AMPostAuthProcessInterface postLoginProcessInstance;
        String str2 = null;
        if (indexType == AuthContext.IndexType.ROLE) {
            str2 = getRolePostLoginClassName();
        } else if (indexType == AuthContext.IndexType.SERVICE) {
            str2 = getServicePostLoginClassName(str);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("getPostLoginClassName : ").append(str2).toString());
        }
        if (str2 != null && !str2.equals("") && (postLoginProcessInstance = getPostLoginProcessInstance(str2)) != null) {
            return postLoginProcessInstance;
        }
        if (this.userPostLoginClassName != null && !this.userPostLoginClassName.equals("")) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("userPostLoginClass is : ").append(this.userPostLoginClassName).toString());
            }
            AMPostAuthProcessInterface postLoginProcessInstance2 = getPostLoginProcessInstance(this.userPostLoginClassName);
            if (postLoginProcessInstance2 != null) {
                return postLoginProcessInstance2;
            }
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("orgPostLoginClassName: ").append(this.orgPostLoginClassName).toString());
        }
        return getPostLoginProcessInstance(this.orgPostLoginClassName);
    }

    String getRolePostLoginClassName() {
        String str = null;
        try {
            str = getRolePostLoginProcessClassName(getAMTemplate());
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Role Post Login Class Name : ").append(str).toString());
            }
            return str;
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message("Error get role class name ", e);
            }
            return str;
        }
    }

    String getServicePostLoginClassName(String str) {
        String str2 = null;
        try {
            if (this.serviceAttributesMap != null && this.serviceAttributesMap.isEmpty()) {
                this.serviceAttributesMap = getServiceAttributes(str);
            }
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Service Attributes are . :").append(this.serviceAttributesMap).toString());
            }
            str2 = getStringFromSet((Set) this.serviceAttributesMap.get(ACModelBase.AUTH_REDIRECT_URL_KEY));
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("postLoginClassName: ").append(str2).toString());
            }
        } catch (Exception e) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("Error get service post login class name ").append(e.getMessage()).toString());
            }
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setFailureId(String str) {
        this.failureTokenId = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setModuleErrorMessage(String str) {
        this.moduleErrorMessage = str;
    }

    public String getModuleErrorMessage() {
        return this.moduleErrorMessage;
    }

    public String getLoginURL() {
        return this.loginURL;
    }

    public synchronized void setPageTimeOut(long j) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Setting page timeout :").append(j).toString());
        }
        this.pageTimeOut = j;
    }

    public long getPageTimeOut() {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Returning page timeout :").append(this.pageTimeOut).toString());
        }
        return this.pageTimeOut;
    }

    public void setLastCallbackSent(long j) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("setting Last Callback Sent :").append(j).toString());
        }
        this.lastCallbackSent = j;
    }

    public long getLastCallbackSent() {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Returning Last Callback Sent :").append(this.lastCallbackSent).toString());
        }
        return this.lastCallbackSent;
    }

    private String getRedirectUrl(Set set) {
        String str = null;
        this.tempDefaultURL = null;
        if (set != null && !set.isEmpty()) {
            String str2 = null;
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                if (AuthD.debug.messageEnabled()) {
                    AuthD.debug.message(new StringBuffer().append("URL is : ").append(str3).toString());
                }
                if (str3 != null && str3.length() > 0) {
                    int indexOf = str3.indexOf("|");
                    if (indexOf != -1) {
                        if (str == null) {
                            str = getClientURLFromString(str3, indexOf);
                        }
                    } else if (str2 == null || str2.length() == 0) {
                        str2 = str3;
                    }
                }
            }
            this.tempDefaultURL = str2;
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("defaultURL : ").append(str2).toString());
                AuthD.debug.message(new StringBuffer().append("tempDefaultURL : ").append(this.tempDefaultURL).toString());
            }
        }
        return str;
    }

    public boolean ignoreProfile() {
        return this.ignoreUserProfile;
    }

    boolean containsToken(StringBuffer stringBuffer, String str) {
        String stringBuffer2 = stringBuffer.toString();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("principalString : ").append(stringBuffer2).toString());
        }
        if (stringBuffer2 == null) {
            return false;
        }
        try {
            StringTokenizer stringTokenizer = new StringTokenizer(stringBuffer2, "|");
            while (stringTokenizer.hasMoreTokens()) {
                if (stringTokenizer.nextToken().equals(str)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            if (!AuthD.debug.warningEnabled()) {
                return false;
            }
            AuthD.debug.warning("getToken: ", e);
            return false;
        }
    }

    private Set mergeSet(Set set, Set set2) {
        if (set == null || set.isEmpty()) {
            return (set2 == null || set2.isEmpty()) ? Collections.EMPTY_SET : set2;
        }
        if (set2 == null || set2.isEmpty()) {
            return set;
        }
        HashSet hashSet = new HashSet(set);
        hashSet.addAll(set2);
        return hashSet;
    }

    private Map toAvPairMap(Set set, String str) throws AMException {
        if (str == null) {
            return Collections.EMPTY_MAP;
        }
        HashMap hashMap = new HashMap();
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        hashMap.put(AMStoreConnection.getNamingAttribute(1), hashSet);
        if (set == null || set.isEmpty()) {
            return hashMap;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            hashMap.put((String) it.next(), hashSet);
        }
        return hashMap;
    }

    String getDecodedQueryString(Hashtable hashtable, String str) {
        if (str == null || str.equals("")) {
            AuthD.debug.message("returning null no querystring");
            return null;
        }
        Enumeration keys = hashtable.keys();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("paramNames is : ").append(keys).toString());
        }
        StringBuffer stringBuffer = new StringBuffer();
        StringBuffer stringBuffer2 = new StringBuffer();
        this.queryParamsMap = new HashMap();
        while (keys.hasMoreElements()) {
            String str2 = (String) keys.nextElement();
            if (str.startsWith(new StringBuffer().append(str2).append("=").toString()) || str.indexOf(new StringBuffer().append(SessionEncodeURL.AMPERSAND).append(str2).append("=").toString()) != -1) {
                String str3 = (String) hashtable.get(str2);
                stringBuffer.append(str2).append("=").append(str3);
                this.queryParamsMap.put(str2, str3);
                stringBuffer2.append(str2).append(",");
                stringBuffer.append(SessionEncodeURL.AMPERSAND);
            }
        }
        String stringBuffer3 = stringBuffer.toString();
        if (stringBuffer3 != null && stringBuffer3.length() > 0) {
            stringBuffer3 = stringBuffer3.substring(0, stringBuffer3.length() - 1);
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Returing decode query string : ").append(stringBuffer3).toString());
        }
        return stringBuffer3;
    }

    public Map getQueryParamsMap() {
        return this.queryParamsMap;
    }

    public void setFailedUserId(String str) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("setting userID : ").append(str).toString());
        }
        this.failureTokenId = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateSessionForFailover() {
        getSession().setIsISStored(true);
    }

    public Callback[] getCallbacksPerState(String str) {
        return (Callback[]) this.callbacksPerState.get(str);
    }

    public void setCallbacksPerState(String str, Callback[] callbackArr) {
        this.callbacksPerState.put(str, callbackArr);
    }

    public void setPCookieUserName(String str) {
        this.pCookieUserName = str;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Setting Pcookie user name : ").append(this.pCookieUserName).toString());
        }
    }

    public void setCookieDetect(boolean z) {
        this.cookieDetect = z;
    }

    public boolean isCookieDetect() {
        return this.cookieDetect;
    }

    private Subject addSSOTokenPrincipal(Subject subject) {
        if (subject == null) {
            subject = new Subject();
        }
        String sessionID = getSid().toString();
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("sid is.. ").append(sessionID).toString());
        }
        subject.getPrincipals().add(new SSOTokenPrincipal(sessionID));
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Subject is.. :").append(subject).toString());
        }
        return subject;
    }

    private void addSidToPrincipalList() {
        String sessionID = getSid().toString();
        if (this.principalList == null) {
            this.principalList = sessionID;
            return;
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(this.principalList).append("|").append(sessionID);
        this.principalList = stringBuffer.toString();
    }

    public void setUserCreationAttributes(Map map) {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("attributeValuePairs : ").append(map).toString());
        }
        if (map == null || map.isEmpty()) {
            return;
        }
        if (this.userCreationAttributes == null) {
            this.userCreationAttributes = new HashMap();
        }
        if (map.containsKey(USER_ALIAS_ATTR)) {
            this.externalAliasList = (HashSet) map.get(USER_ALIAS_ATTR);
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("externalAliasList:").append(this.externalAliasList).toString());
            }
            map.remove(USER_ALIAS_ATTR);
        }
        this.userCreationAttributes.putAll(map);
    }

    public void setSuccessModuleName(String str) {
        this.successModuleSet.add(str);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Module name is .. ").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("successModuleSet is : ").append(this.successModuleSet).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set getSuccessModuleSet() {
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("getSuccessModuleSet : ").append(this.successModuleSet).toString());
        }
        return this.successModuleSet;
    }

    private String getClientURLFromString(String str, int i) {
        String str2 = null;
        String substring = str.substring(0, i);
        if (substring != null && substring.equals(this.clientType) && str.length() > i) {
            str2 = str.substring(i + 1, str.length());
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("URL is :").append(str2).toString());
        }
        return str2;
    }

    private boolean isApplicationModule() {
        boolean z = false;
        if (this.requestHash != null && !this.requestHash.isEmpty()) {
            String str = (String) this.requestHash.get("module");
            z = str != null && str.equalsIgnoreCase("Application");
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("is Application Module : ").append(z).toString());
        }
        return z;
    }

    public void setFailureModuleName(String str) {
        this.failureModuleSet.add(str);
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Module name is .. ").append(str).toString());
            AuthD.debug.message(new StringBuffer().append("failureModuleSet is : ").append(this.failureModuleSet).toString());
        }
    }

    public Set getFailureModuleSet() {
        return this.failureModuleSet;
    }

    public void setFailureModuleList(String str) {
        this.failureModuleList = str;
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("failureModulelist :").append(str).toString());
        }
    }

    protected static String constructFilter(Map map) {
        String str = "";
        if (map != null) {
            if (AuthD.debug.messageEnabled()) {
                AuthD.debug.message(new StringBuffer().append("avPairs Map : ").append(map).toString());
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("(|");
            for (String str2 : map.keySet()) {
                Iterator it = ((Set) map.get(str2)).iterator();
                while (it.hasNext()) {
                    stringBuffer.append("(").append(str2).append("=").append((String) it.next()).append(")");
                }
            }
            stringBuffer.append(")");
            str = stringBuffer.toString();
        }
        if (AuthD.debug.messageEnabled()) {
            AuthD.debug.message(new StringBuffer().append("Search filter string : ").append(str).toString());
        }
        return str;
    }

    static {
        getUser = true;
        dcTree = null;
        serviceURI = null;
        userAttributes.add(ISAuthConstants.MAX_SESSION_TIME);
        userAttributes.add("iplanet-am-auth-user-modules");
        userAttributes.add(ISAuthConstants.SESS_MAX_IDLE_TIME);
        userAttributes.add(ISAuthConstants.SESS_MAX_CACHING_TIME);
        userAttributes.add("iplanet-am-user-auth-modules");
        userAttributes.add("inetuserstatus");
        userAttributes.add("nsaccountlock");
        userAttributes.add("preferredlocale");
        userAttributes.add("iplanet-am-user-login-status");
        userAttributes.add("iplanet-am-user-account-life");
        userAttributes.add(USER_ALIAS_ATTR);
        userAttributes.add("iplanet-am-user-success-url");
        userAttributes.add("iplanet-am-user-failure-url");
        userAttributes.add(ACModelBase.AUTH_SUCCESS_URL_KEY);
        userAttributes.add(ACModelBase.AUTH_FAIL_URL_KEY);
        userAttributes.add(ACModelBase.AUTH_REDIRECT_URL_KEY);
        if (SystemProperties.get("com.sun.identity.authentication.getuserprofile", "true").equalsIgnoreCase("false")) {
            getUser = false;
        }
        String str = SystemProperties.get(Constants.AM_DOMAIN_COMPONENT);
        if (str != null) {
            try {
                dcTree = new DomainComponentTree(AuthD.getAuth().getSSOAuthSession(), new Guid(str));
            } catch (Exception e) {
                if (AuthD.debug.warningEnabled()) {
                    AuthD.debug.warning(new StringBuffer().append("LoginState: Unable to find DC Tree dn: ").append(str).toString(), e);
                }
            }
        }
        serviceURI = new StringBuffer().append(SystemProperties.get("com.iplanet.am.services.deploymentDescriptor")).append("/UI/Login").toString();
    }
}
