package com.iplanet.im.server;

import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenEvent;
import com.iplanet.sso.SSOTokenID;
import com.iplanet.sso.SSOTokenListener;
import com.iplanet.sso.SSOTokenManager;
import com.sun.im.identity.util.Auth;
import com.sun.im.provider.Realm;
import com.sun.im.provider.SSOProvider;
import com.sun.im.service.util.StringUtility;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:118789-01/SUNWiimdv/reloc/usr/share/lib/xmpp/xmppd.jar:com/iplanet/im/server/DSAMESSOProvider.class */
public class DSAMESSOProvider implements SSOProvider, SSOTokenListener {
    Hashtable uid2token = new Hashtable();
    Hashtable token2uid = new Hashtable();
    Realm realm;
    boolean usePolicy;

    public DSAMESSOProvider() {
        this.realm = null;
        this.usePolicy = false;
        this.realm = RealmManager.getRealm();
        if (this.realm instanceof IdentityRealm) {
            this.usePolicy = true;
        }
    }

    @Override // com.sun.im.provider.SSOProvider
    public boolean verify(String str, String str2, Map map, Set set) {
        Log.info("Authenticating using Identity Server SSO");
        try {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            SSOToken createSSOToken = sSOTokenManager.createSSOToken(str2);
            SSOTokenID tokenID = createSSOToken.getTokenID();
            if (!sSOTokenManager.isValidToken(createSSOToken)) {
                Log.info("[IS-SSO] SSO Validation failed");
                return false;
            }
            createSSOToken.addSSOTokenListener(this);
            String localPartFromAddress = StringUtility.getLocalPartFromAddress(str);
            String appendDomainToAddress = StringUtility.appendDomainToAddress(str, RealmManager.getDomainName(Auth.getOrganizationDN(tokenID.toString())));
            this.token2uid.put(tokenID.toString(), appendDomainToAddress);
            this.uid2token.put(appendDomainToAddress, createSSOToken);
            AMStoreConnection aMStoreConnection = new AMStoreConnection(createSSOToken);
            String name = createSSOToken.getPrincipal().getName();
            AMUser user = aMStoreConnection.getUser(name);
            Set attribute = user.getAttribute("uid");
            String str3 = name;
            if (attribute != null && !attribute.isEmpty()) {
                str3 = (String) attribute.iterator().next();
            }
            if (!str3.equals(localPartFromAddress)) {
                Log.info("[IS-SSO] uid mismatch: ");
                return false;
            }
            Log.debug(new StringBuffer().append("[IS-SSO] Session Created: ").append(str).toString());
            if (this.usePolicy) {
                ((IdentityRealm) this.realm).loadUserAttributes(createSSOToken, user, map, set);
                return true;
            }
            map.putAll(user.getAttributes(set));
            map.put("dn", user.getDN());
            return true;
        } catch (Exception e) {
            Log.printStackTrace(e);
            return false;
        }
    }

    public void ssoTokenChanged(SSOTokenEvent sSOTokenEvent) {
        try {
            SSOTokenID tokenID = sSOTokenEvent.getToken().getTokenID();
            String str = (String) this.token2uid.get(tokenID.toString());
            if (str != null) {
                this.uid2token.remove(str);
                this.token2uid.remove(tokenID.toString());
            }
            Log.info(new StringBuffer().append("[IS-SSO] Session Expired: ").append(str).append(" reason=").append(sSOTokenEvent.getType()).toString());
        } catch (Exception e) {
            Log.printStackTrace(e);
        }
    }

    @Override // com.sun.im.provider.SSOProvider
    public boolean refresh(String str) {
        SSOToken sSOToken = (SSOToken) this.uid2token.get(str);
        if (sSOToken == null) {
            Log.debug(new StringBuffer().append("[IS-SSO] Session token not found: ").append(str).toString());
            return false;
        }
        try {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            if (!sSOTokenManager.isValidToken(sSOToken)) {
                Log.debug(new StringBuffer().append("[IS-SSO] Token Invalid: ").append(str).toString());
                return false;
            }
            if (sSOToken.getIdleTime() * 2 <= sSOToken.getIdleTime() * 60) {
                return true;
            }
            sSOTokenManager.refreshSession(sSOToken);
            Log.debug(new StringBuffer().append("[IS-SSO] Session Refreshed: ").append(str).toString());
            return true;
        } catch (Exception e) {
            Log.printStackTrace(e);
            return false;
        }
    }

    @Override // com.sun.im.provider.SSOProvider
    public void open() throws Exception {
    }

    @Override // com.sun.im.provider.SSOProvider
    public void close() {
    }
}
