package com.sun.identity.saml;

import com.iplanet.dpro.session.SessionID;
import com.iplanet.services.naming.URLNotFoundException;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.jaxrpc.SOAPClient;
import com.sun.identity.saml.assertion.Assertion;
import com.sun.identity.saml.common.LogUtils;
import com.sun.identity.saml.common.SAMLConstants;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLServiceManager;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.protocol.AssertionArtifact;
import com.sun.identity.saml.protocol.Request;
import com.sun.identity.saml.protocol.Response;
import com.sun.identity.saml.servlet.SAMLSOAPReceiver;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import java.util.logging.Level;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* JADX WARN: Classes with same name are omitted:
  input_file:119465-07/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/saml/SAMLClient.class
 */
/* loaded from: input_file:119465-07/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/saml/SAMLClient.class */
public class SAMLClient {
    private static void doSSO(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws IOException, SAMLException {
        if (httpServletRequest == null || httpServletResponse == null || str == null) {
            SAMLUtils.debug.error("SAMLClient:Input parameter is null.");
            throw new SAMLException(SAMLUtils.bundle.getString("nullInput"));
        }
        if (!str2.equals("samlawareservlet") && !str2.equals("samlpostservlet") && !str2.equals("samlsoapreceiver")) {
            SAMLUtils.debug.error("SAMLClient:illegal naming service name.");
            throw new SAMLException(SAMLUtils.bundle.getString("illegalNamingService"));
        }
        try {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            SSOToken createSSOToken = sSOTokenManager.createSSOToken(httpServletRequest);
            if (createSSOToken == null) {
                SAMLUtils.debug.error("SAMLClient:SSOToken is null.");
                throw new SAMLException(SAMLUtils.bundle.getString("nullSSOToken"));
            }
            if (!sSOTokenManager.isValidToken(createSSOToken)) {
                SAMLUtils.debug.error("SAMLClient:SSOToken is invalid.");
                throw new SAMLException(SAMLUtils.bundle.getString("invalidSSOToken"));
            }
            try {
                SessionID sessionID = new SessionID(createSSOToken.getTokenID().toString());
                URL serviceURL = WebtopNaming.getServiceURL(str2, sessionID.getSessionServerProtocol(), sessionID.getSessionServer(), sessionID.getSessionServerPort());
                StringBuffer stringBuffer = new StringBuffer(200);
                stringBuffer.append(serviceURL).append("?").append((String) SAMLServiceManager.getAttribute(SAMLConstants.TARGET_SPECIFIER)).append("=").append(str);
                httpServletResponse.sendRedirect(stringBuffer.toString());
            } catch (URLNotFoundException e) {
                SAMLUtils.debug.error("SAMLClient", e);
                throw new SAMLException(SAMLUtils.bundle.getString("URLNotFoundException"));
            }
        } catch (SSOException e2) {
            SAMLUtils.debug.error("SAMLClient", e2);
            throw new SAMLException(new StringBuffer().append("SAMLClient:doSSO:").append(e2.getMessage()).toString());
        }
    }

    public static void doWebArtifact(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, SAMLException {
        doSSO(httpServletRequest, httpServletResponse, str, "samlawareservlet");
    }

    public static void doWebPOST(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, SAMLException {
        doSSO(httpServletRequest, httpServletResponse, str, "samlpostservlet");
    }

    public static Assertion getAssertionByArtifact(AssertionArtifact assertionArtifact) throws IOException, SAMLException {
        return getAssertionByArtifact(assertionArtifact.getAssertionArtifact());
    }

    public static Assertion getAssertionByArtifact(String str) throws IOException, SAMLException {
        URL url;
        if (str == null || str.equals("")) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("SAMLClient: input is null.");
            }
            throw new SAMLException(SAMLUtils.bundle.getString("nullInput"));
        }
        AssertionArtifact assertionArtifact = new AssertionArtifact(str);
        String sourceID = assertionArtifact.getSourceID();
        String samlSoapUrl = getSamlSoapUrl(sourceID);
        try {
            if (samlSoapUrl == null) {
                Map map = (Map) SAMLServiceManager.getAttribute(SAMLConstants.INSTANCE_LIST);
                if (map == null || map.size() == 0) {
                    throw new SAMLException(SAMLUtils.bundle.getString("instancemapNull"));
                }
                String str2 = (String) map.get(sourceID);
                if (str2 == null || str2.equals("")) {
                    throw new SAMLException(SAMLUtils.bundle.getString("instanceNotFound"));
                }
                URL url2 = new URL(str2);
                url = WebtopNaming.getServiceURL("samlsoapreceiver", url2.getProtocol(), url2.getHost(), Integer.toString(url2.getPort()));
            } else {
                url = new URL(samlSoapUrl);
            }
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("SAMLClient:SOAPUrl=").append(url.toString()).toString());
            }
            if (!setLocalFlag(url)) {
                throw new SAMLException(SAMLUtils.bundle.getString("failSetLocalFlag"));
            }
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("SAMLClient:getAssertionByArtifact: check localFlag : ").append(SAMLServiceManager.localFlag).toString());
            }
            boolean equals = sourceID.equals(((String) SAMLServiceManager.getAttribute(SAMLConstants.SITE_ID)).trim());
            if (SAMLServiceManager.localFlag && equals) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("SAMLClient:getAssertionByArtifact:call AssertionManager.getAssertion(AssertionArtifact)");
                }
                return AssertionManager.getInstance().getAssertion(assertionArtifact);
            }
            String[] strArr = {str};
            List artifactQueryHandler = (equals && samlSoapUrl == null) ? artifactQueryHandler(strArr, url.toString()) : artifactQueryHandler(strArr, null);
            if (artifactQueryHandler != null && !artifactQueryHandler.isEmpty()) {
                return (Assertion) artifactQueryHandler.get(0);
            }
            if (!SAMLUtils.debug.messageEnabled()) {
                return null;
            }
            SAMLUtils.debug.message("SAMLClient:getAssertionByArtifact:returned assertion list is null.");
            return null;
        } catch (URLNotFoundException e) {
            SAMLUtils.debug.error("SAMLClient", e);
            throw new SAMLException(SAMLUtils.bundle.getString("URLNotFoundException"));
        }
    }

    private static String getSamlSoapUrl(String str) {
        String str2 = null;
        try {
            Map map = (Map) SAMLServiceManager.getAttribute("iplanet-am-saml-partner-urls");
            if (map == null) {
                SAMLUtils.debug.error("SAMLClient:Partner URL is null.");
                return null;
            }
            SAMLServiceManager.SOAPEntry sOAPEntry = (SAMLServiceManager.SOAPEntry) map.get(str);
            if (sOAPEntry != null) {
                str2 = sOAPEntry.getSOAPUrl();
            } else if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("SAMLClient: ").append(str).append(" is not on trusted site list.").toString());
            }
            return str2;
        } catch (Exception e) {
            SAMLUtils.debug.error("SAMLClient: ", e);
            return null;
        }
    }

    public static boolean setLocalFlag(URL url) {
        if (url == null) {
            SAMLUtils.debug.error("SAMLClient:setLocalFlag has null input.");
            return false;
        }
        try {
            Class.forName("com.sun.identity.saml.servlet.SAMLSOAPReceiver");
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("in setLocalFlag(), url : ").append(url.toString()).toString());
                SAMLUtils.debug.message(new StringBuffer().append("SAMLSOAPReceiver.localSAMLServiceID : ").append(SAMLSOAPReceiver.localSAMLServiceID).toString());
            }
            if (SAMLSOAPReceiver.localSAMLServiceID != null) {
                URL url2 = new URL(SAMLSOAPReceiver.localSAMLServiceID);
                if (url.getHost().equalsIgnoreCase(url2.getHost()) && url.getPort() == url2.getPort()) {
                    SAMLServiceManager.localFlag = true;
                    return true;
                }
            }
            SAMLServiceManager.localFlag = false;
            return true;
        } catch (ClassNotFoundException e) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("SAMLClient::setLocalFlag: ", e);
            }
            SAMLServiceManager.localFlag = false;
            return true;
        } catch (Exception e2) {
            SAMLUtils.debug.error("SAMLClient::setLocalFlag:: ", e2);
            return false;
        }
    }

    private static String createSOAPMessage(Request request) throws SAMLException {
        if (request == null) {
            throw new SAMLException(SAMLUtils.bundle.getString("nullInput"));
        }
        try {
            StringBuffer stringBuffer = new StringBuffer(100);
            stringBuffer.append("<").append("soap-env").append(":Envelope").append(" ").append("xmlns:").append("soap-env").append("=\"").append("http://schemas.xmlsoap.org/soap/envelope/").append("\">").append("\n").append("<").append("soap-env").append(":Body>").append("\n");
            StringBuffer stringBuffer2 = new StringBuffer(100);
            stringBuffer2.append("</").append("soap-env").append(":Body>").append("\n").append("</").append("soap-env").append(":Envelope>").append("\n");
            StringBuffer stringBuffer3 = new StringBuffer(300);
            stringBuffer3.append((Object) stringBuffer).append(request.toString(true, true)).append((Object) stringBuffer2);
            return stringBuffer3.toString();
        } catch (Exception e) {
            throw new SAMLException(e.getMessage());
        }
    }

    private static String createSOAPReceiverUrl(SAMLServiceManager.SOAPEntry sOAPEntry, String str) throws IOException, SAMLException {
        String stringBuffer;
        if (sOAPEntry == null || str == null || str.equals("")) {
            throw new SAMLException(SAMLUtils.bundle.getString("nullInput"));
        }
        String authType = sOAPEntry.getAuthType();
        int indexOf = str.indexOf("//");
        if (indexOf == -1) {
            SAMLUtils.debug.error("SAMLClient:createSOAPReceiverUrl:Illegal format of input parameter.");
            throw new SAMLException(SAMLUtils.bundle.getString("illegalFormatSOAPUrl"));
        }
        String substring = str.substring(0, indexOf - 1);
        if (authType.equalsIgnoreCase("BASICAUTH") || authType.equalsIgnoreCase("NOAUTH")) {
            if (!substring.equals("http")) {
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("mismatchAuthTypeandProtocol"));
                }
                throw new SAMLException(SAMLUtils.bundle.getString("mismatchAuthTypeandProtocol"));
            }
        } else {
            if (!authType.equalsIgnoreCase("SSLWITHBASICAUTH") && !authType.equalsIgnoreCase("SSL")) {
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("wrongAuthType"));
                }
                throw new SAMLException(SAMLUtils.bundle.getString("wrongAuthType"));
            }
            if (!substring.equals("https")) {
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("mismatchAuthTypeandProtocol"));
                }
                throw new SAMLException(SAMLUtils.bundle.getString("mismatchAuthTypeandProtocol"));
            }
        }
        if (authType.equalsIgnoreCase("BASICAUTH") || authType.equalsIgnoreCase("SSLWITHBASICAUTH")) {
            Map sAMLUser = SAMLServiceManager.getSAMLUser(sOAPEntry.getUser());
            String str2 = (String) sAMLUser.get("iplanet-am-saml-user");
            String str3 = (String) sAMLUser.get("iplanet-am-saml-password");
            if (str2 == null || str3 == null) {
                SAMLUtils.debug.error("SAMLClient:createSOAPReceiverUrl:PartnerSite required basic authentication. But the user name or password used for authentication is null.");
                throw new SAMLException(SAMLUtils.bundle.getString("wrongConfigBasicAuth"));
            }
            stringBuffer = new StringBuffer().append(str.substring(0, indexOf + 2)).append(str2).append(":").append(str3).append("@").append(str.substring(indexOf + 2)).toString();
        } else {
            stringBuffer = str;
        }
        if (SAMLUtils.debug.messageEnabled()) {
            SAMLUtils.debug.message(new StringBuffer().append("Sending message to URL: ").append(stringBuffer).toString());
        }
        if (SAMLServiceManager.localFlag) {
            LogUtils.access(Level.FINE, new StringBuffer().append(SAMLUtils.bundle.getString("SOAPReceiverURL")).append(stringBuffer).toString());
        }
        return stringBuffer;
    }

    /* JADX WARN: Code restructure failed: missing block: B:60:0x0234, code lost:
    
        continue;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static com.sun.identity.saml.protocol.Response getSAMLResponse(java.lang.String r5) throws java.io.IOException, com.sun.identity.saml.common.SAMLException {
        /*
            Method dump skipped, instructions count: 576
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.saml.SAMLClient.getSAMLResponse(java.lang.String):com.sun.identity.saml.protocol.Response");
    }

    private static List getAssertionList(Response response, List list) throws SAMLException {
        if (response == null || list == null) {
            throw new SAMLException(SAMLUtils.bundle.getString("nullInput"));
        }
        new ArrayList();
        List assertion = response.getAssertion();
        if (assertion == null || assertion.isEmpty()) {
            if (SAMLServiceManager.localFlag) {
                LogUtils.error(Level.INFO, new StringBuffer().append(SAMLUtils.bundle.getString("noAssertioninResponse")).append(response.getStatus().toString()).toString());
            }
            throw new SAMLException(SAMLUtils.displayXML(response.getStatus().toString()));
        }
        if (assertion.size() == list.size()) {
            return assertion;
        }
        SAMLUtils.debug.error("The SAML response containing assertions <>the number of artifacts in SAML request");
        if (SAMLServiceManager.localFlag) {
            LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("wrongNumberAssertions"));
        }
        throw new SAMLException(SAMLUtils.bundle.getString("wrongNumberAssertions"));
    }

    public static List artifactQueryHandler(String[] strArr, String str) throws IOException, SAMLException {
        String str2;
        if (strArr == null || strArr.length == 0) {
            SAMLUtils.debug.message("artifactQueryHandler: null input.");
            throw new SAMLException(SAMLUtils.bundle.getString("nullInput"));
        }
        SAMLServiceManager.SOAPEntry sOAPEntry = null;
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        AssertionArtifact assertionArtifact = new AssertionArtifact(strArr[0]);
        String sourceID = assertionArtifact.getSourceID();
        if (SAMLServiceManager.localFlag) {
            LogUtils.access(Level.INFO, new StringBuffer().append(SAMLUtils.bundle.getString("Artifact")).append("0 : ").append(strArr[0]).toString());
        }
        arrayList2.add(assertionArtifact);
        arrayList.add(strArr[0]);
        for (int i = 1; i < strArr.length; i++) {
            AssertionArtifact assertionArtifact2 = new AssertionArtifact(strArr[i]);
            String sourceID2 = assertionArtifact2.getSourceID();
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("SourceID within the Artifact is ").append(sourceID2).toString());
            }
            if (!sourceID2.equals(sourceID)) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Received multiple Artifacts have different source id.");
                }
                throw new SAMLException(SAMLUtils.bundle.getString("sourceidDifferent"));
            }
            if (SAMLServiceManager.localFlag) {
                LogUtils.access(Level.FINE, new StringBuffer().append(SAMLUtils.bundle.getString("Artifact")).append(i).append(" : ").append(strArr[i]).toString());
            }
            arrayList2.add(assertionArtifact2);
            arrayList.add(strArr[i]);
        }
        try {
            Map map = (Map) SAMLServiceManager.getAttribute("iplanet-am-saml-partner-urls");
            if (map == null) {
                SAMLUtils.debug.error(SAMLUtils.bundle.getString("nullPartnerUrl"));
                throw new SAMLException(SAMLUtils.bundle.getString("nullPartnerUrl"));
            }
            if (map.containsKey(sourceID)) {
                sOAPEntry = (SAMLServiceManager.SOAPEntry) map.get(sourceID);
                String sOAPUrl = sOAPEntry.getSOAPUrl();
                if (sOAPUrl != null) {
                    str2 = createSOAPReceiverUrl(sOAPEntry, sOAPUrl);
                } else {
                    if (str == null || str.equals("")) {
                        if (SAMLServiceManager.localFlag) {
                            LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("wrongConfigPartnerUrl"));
                        }
                        throw new SAMLException(SAMLUtils.bundle.getString("wrongConfigPartnerUrl"));
                    }
                    str2 = str;
                }
            } else {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("SAMLClient:artifactQueryHandler: Failed to locate SOAP-Receiver-URL using the source id from AssertionArtifact.");
                }
                if (str == null || str.equals("")) {
                    throw new SAMLException(SAMLUtils.bundle.getString("failedLocateSOAPUrl"));
                }
                str2 = str;
            }
            if (str2 == null) {
                SAMLUtils.debug.error("SAMLClient:artifactQueryHandler:createSOAPReceiverURL Error!");
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("failCreateURLEndpoint"));
                }
                throw new SAMLException(SAMLUtils.bundle.getString("failCreateURLEndpoint"));
            }
            Request request = new Request((String) null, arrayList2);
            String version = sOAPEntry.getVersion();
            if (version != null) {
                StringTokenizer stringTokenizer = new StringTokenizer(version, ".");
                if (stringTokenizer.countTokens() == 2) {
                    request.setMajorVersion(Integer.parseInt(stringTokenizer.nextToken().trim()));
                    request.setMinorVersion(Integer.parseInt(stringTokenizer.nextToken().trim()));
                }
            }
            if (((Boolean) SAMLServiceManager.getAttribute(SAMLConstants.SIGN_REQUEST)).booleanValue()) {
                request.signXML();
            }
            String createSOAPMessage = createSOAPMessage(request);
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("SENDING message: \n ").append(createSOAPMessage).toString());
            }
            if (WebtopNaming.isServerMode()) {
                LogUtils.access(Level.FINE, new StringBuffer().append(SAMLUtils.bundle.getString("sendingSAMLRequest")).append(createSOAPMessage).toString());
            }
            StringBuffer call = new SOAPClient(new String[]{str2}).call(createSOAPMessage, null);
            if (call == null) {
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("noReplyfromSOAPReceiver"));
                }
                throw new SAMLException(SAMLUtils.bundle.getString("noReplyfromSOAPReceiver"));
            }
            String stringBuffer = call.toString();
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("REPLIED message: \n ").append(stringBuffer).toString());
            }
            if (WebtopNaming.isServerMode()) {
                LogUtils.access(Level.FINE, new StringBuffer().append(SAMLUtils.bundle.getString("repliedSOAPMessage")).append(stringBuffer).toString());
            }
            Response sAMLResponse = getSAMLResponse(stringBuffer);
            if (sAMLResponse == null) {
                SAMLUtils.debug.error("SAMLClient:artifactQueryHandler:No SAML Response contained in SOAPMessage.");
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("noSAMLResponse"));
                }
                throw new SAMLException(SAMLUtils.bundle.getString("noSAMLResponse"));
            }
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Start to process SAML Response...");
            }
            if (!sAMLResponse.isSignatureValid()) {
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("cannotVerifyResponse"));
                }
                throw new SAMLException(SAMLUtils.bundle.getString("cannotVerifyResponse"));
            }
            try {
                String value = sAMLResponse.getStatus().getStatusCode().getValue();
                int indexOf = value.indexOf(":");
                if (indexOf == -1) {
                    throw new SAMLException(SAMLUtils.bundle.getString("wrongformatStatusCode"));
                }
                if (value.substring(indexOf).equals(":Success")) {
                    new ArrayList();
                    return getAssertionList(sAMLResponse, arrayList);
                }
                SAMLUtils.debug.error("Error:SAML StatusCode is not Success");
                throw new SAMLException(SAMLUtils.displayXML(sAMLResponse.getStatus().toString()));
            } catch (Exception e) {
                if (SAMLServiceManager.localFlag) {
                    LogUtils.error(Level.INFO, SAMLUtils.bundle.getString("errorSAMLStatusCode"));
                }
                throw new SAMLException(e.getMessage());
            }
        } catch (Exception e2) {
            SAMLUtils.debug.error("SAMLClient:artifactQueryHandler", e2);
            throw new SAMLException(e2.getMessage());
        }
    }
}
