package com.sun.identity.liberty.ws.disco;

import com.iplanet.sso.SSOToken;
import com.sun.identity.liberty.ws.common.wsse.BinarySecurityToken;
import com.sun.identity.liberty.ws.disco.common.DiscoUtils;
import com.sun.identity.liberty.ws.security.SecurityAssertion;
import com.sun.identity.liberty.ws.security.SecurityTokenManager;
import com.sun.identity.liberty.ws.soapbinding.Client;
import com.sun.identity.liberty.ws.soapbinding.Message;
import com.sun.identity.liberty.ws.soapbinding.ProviderHeader;
import com.sun.identity.liberty.ws.soapbinding.SOAPBindingException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.w3c.dom.Element;

/* loaded from: input_file:120954-02/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/liberty/ws/disco/DiscoveryClient.class */
public class DiscoveryClient {
    private String connectTo;
    private int clientMech;
    private ResourceID resID;
    private EncryptedResourceID encResID;
    private String certAlias;
    private String providerID;
    private boolean clientAuth;
    private SecurityAssertion assertion;
    private List assertions;
    private BinarySecurityToken token;
    private ResourceOffering offering;
    private boolean processed;
    private String soapAction;
    private SSOToken ssoToken;

    public DiscoveryClient(String str, String str2) {
        this.connectTo = null;
        this.clientMech = 0;
        this.resID = null;
        this.encResID = null;
        this.certAlias = null;
        this.providerID = null;
        this.clientAuth = false;
        this.assertion = null;
        this.assertions = null;
        this.token = null;
        this.offering = null;
        this.processed = true;
        this.soapAction = null;
        this.ssoToken = null;
        this.connectTo = str;
        this.providerID = str2;
    }

    public DiscoveryClient(SecurityAssertion securityAssertion, String str, String str2) {
        this.connectTo = null;
        this.clientMech = 0;
        this.resID = null;
        this.encResID = null;
        this.certAlias = null;
        this.providerID = null;
        this.clientAuth = false;
        this.assertion = null;
        this.assertions = null;
        this.token = null;
        this.offering = null;
        this.processed = true;
        this.soapAction = null;
        this.ssoToken = null;
        this.connectTo = str;
        if (securityAssertion == null || !securityAssertion.isBearer()) {
            this.clientMech = 2;
        } else {
            this.clientMech = 3;
        }
        this.assertion = securityAssertion;
        this.providerID = str2;
    }

    public DiscoveryClient(BinarySecurityToken binarySecurityToken, String str, String str2) {
        this.connectTo = null;
        this.clientMech = 0;
        this.resID = null;
        this.encResID = null;
        this.certAlias = null;
        this.providerID = null;
        this.clientAuth = false;
        this.assertion = null;
        this.assertions = null;
        this.token = null;
        this.offering = null;
        this.processed = true;
        this.soapAction = null;
        this.ssoToken = null;
        this.connectTo = str;
        this.clientMech = 1;
        this.token = binarySecurityToken;
        this.providerID = str2;
    }

    public DiscoveryClient(ResourceOffering resourceOffering, SSOToken sSOToken, String str) {
        this.connectTo = null;
        this.clientMech = 0;
        this.resID = null;
        this.encResID = null;
        this.certAlias = null;
        this.providerID = null;
        this.clientAuth = false;
        this.assertion = null;
        this.assertions = null;
        this.token = null;
        this.offering = null;
        this.processed = true;
        this.soapAction = null;
        this.ssoToken = null;
        this.offering = resourceOffering;
        this.processed = false;
        this.ssoToken = sSOToken;
        this.providerID = str;
    }

    public DiscoveryClient(ResourceOffering resourceOffering, SSOToken sSOToken, String str, List list) {
        this.connectTo = null;
        this.clientMech = 0;
        this.resID = null;
        this.encResID = null;
        this.certAlias = null;
        this.providerID = null;
        this.clientAuth = false;
        this.assertion = null;
        this.assertions = null;
        this.token = null;
        this.offering = null;
        this.processed = true;
        this.soapAction = null;
        this.ssoToken = null;
        this.offering = resourceOffering;
        this.processed = false;
        this.ssoToken = sSOToken;
        this.providerID = str;
        this.assertions = list;
    }

    private void processResourceOffering() throws DiscoveryException {
        ServiceInstance serviceInstance = this.offering.getServiceInstance();
        if (!serviceInstance.getServiceType().equals("urn:liberty:disco:2003-08")) {
            DiscoUtils.debug.error("DiscoveryClient.processResourceOffering: ServiceType in ResourceOffering is not discovery service type.");
            throw new DiscoveryException(DiscoUtils.bundle.getString("notDiscoServiceType"));
        }
        this.resID = this.offering.getResourceID();
        this.encResID = this.offering.getEncryptedResourceID();
        for (Description description : serviceInstance.getDescription()) {
            this.connectTo = description.getEndpoint();
            this.soapAction = description.getSoapAction();
            for (String str : description.getSecurityMechID()) {
                if (str.equals(Message.NULL_NULL) || str.equals(Message.TLS_NULL) || str.equals(Message.CLIENT_TLS_NULL)) {
                    this.clientMech = 0;
                    DiscoUtils.debug.message("DiscoClient: null");
                    if (str.equals(Message.CLIENT_TLS_NULL)) {
                        this.clientAuth = true;
                        DiscoUtils.debug.message("DiscoClient: clientAuth on");
                        return;
                    }
                    return;
                }
                if (str.equals(Message.NULL_X509) || str.equals(Message.TLS_X509) || str.equals(Message.CLIENT_TLS_X509)) {
                    this.clientMech = 1;
                    DiscoUtils.debug.message("DiscoClient: x509");
                    try {
                        SecurityTokenManager securityTokenManager = new SecurityTokenManager(this.ssoToken);
                        securityTokenManager.setCertAlias(this.certAlias);
                        this.token = securityTokenManager.getX509CertificateToken();
                        if (str.equals(Message.CLIENT_TLS_X509)) {
                            this.clientAuth = true;
                            DiscoUtils.debug.message("DiscoClient: clientAuth on");
                            return;
                        }
                        return;
                    } catch (Exception e) {
                        DiscoUtils.debug.error("DiscoveryClient.processResourceOffering: couldn't generate X509 token: ", e);
                        throw new DiscoveryException(e.getMessage());
                    }
                }
                if (str.equals(Message.NULL_SAML) || str.equals(Message.TLS_SAML) || str.equals(Message.CLIENT_TLS_SAML)) {
                    this.clientMech = 2;
                    DiscoUtils.debug.message("DiscoClient: saml token");
                    List credentialRef = description.getCredentialRef();
                    if (credentialRef == null || credentialRef.size() == 0) {
                        throw new DiscoveryException(DiscoUtils.bundle.getString("noCredential"));
                    }
                    String str2 = (String) credentialRef.get(0);
                    if (this.assertions == null) {
                        throw new DiscoveryException(DiscoUtils.bundle.getString("noCredential"));
                    }
                    Iterator it = this.assertions.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        SecurityAssertion securityAssertion = (SecurityAssertion) it.next();
                        if (str2.equals(securityAssertion.getAssertionID())) {
                            this.assertion = securityAssertion;
                            break;
                        }
                    }
                    if (this.assertion == null) {
                        throw new DiscoveryException(DiscoUtils.bundle.getString("noCredential"));
                    }
                    if (str.equals(Message.CLIENT_TLS_SAML)) {
                        this.clientAuth = true;
                        DiscoUtils.debug.message("DiscoClient: clientAuth on");
                        return;
                    }
                    return;
                }
                if (str.equals(Message.NULL_BEARER) || str.equals(Message.TLS_BEARER) || str.equals(Message.CLIENT_TLS_BEARER)) {
                    this.clientMech = 3;
                    DiscoUtils.debug.message("DiscoClient: bearer token");
                    List credentialRef2 = description.getCredentialRef();
                    if (credentialRef2 == null || credentialRef2.size() == 0) {
                        throw new DiscoveryException(DiscoUtils.bundle.getString("noCredential"));
                    }
                    String str3 = (String) credentialRef2.get(0);
                    if (str3 == null || this.assertions == null) {
                        throw new DiscoveryException(DiscoUtils.bundle.getString("noCredential"));
                    }
                    Iterator it2 = this.assertions.iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        SecurityAssertion securityAssertion2 = (SecurityAssertion) it2.next();
                        if (str3.equals(securityAssertion2.getAssertionID())) {
                            this.assertion = securityAssertion2;
                            break;
                        }
                    }
                    if (this.assertion == null) {
                        throw new DiscoveryException(DiscoUtils.bundle.getString("noCredential"));
                    }
                    if (str.equals(Message.CLIENT_TLS_BEARER)) {
                        this.clientAuth = true;
                        DiscoUtils.debug.message("DiscoClient: clientAuth on");
                        return;
                    }
                    return;
                }
            }
        }
        DiscoUtils.debug.error("DiscoveryClient.processResourceOffering: Couldn't find supported SecurityMechID from ResourceOffering.");
        throw new DiscoveryException(DiscoUtils.bundle.getString("noSupportedSecuMechID"));
    }

    public void setClientCert(String str) {
        this.certAlias = str;
    }

    public void setClientAuthentication(boolean z) {
        this.clientAuth = z;
    }

    public void setResourceID(String str) {
        this.resID = new ResourceID(str);
    }

    public void setResourceID(EncryptedResourceID encryptedResourceID) {
        this.encResID = encryptedResourceID;
    }

    public void setProviderID(String str) {
        this.providerID = str;
    }

    public QueryResponse getResourceOffering(List list) throws DiscoveryException {
        if (!this.processed) {
            processResourceOffering();
            this.processed = true;
        }
        Iterator it = list.iterator();
        ArrayList arrayList = new ArrayList();
        while (it.hasNext()) {
            arrayList.add(new RequestedService(null, (String) it.next()));
        }
        return getResourceOffering(this.resID != null ? new Query(this.resID, arrayList) : new Query(this.encResID, arrayList));
    }

    public QueryResponse getResourceOffering(Query query) throws DiscoveryException {
        Message createRequest = createRequest();
        createRequest.setSOAPBody(DiscoUtils.parseXML(query.toString()));
        return new QueryResponse(getResponse(createRequest));
    }

    private Message createRequest() throws DiscoveryException {
        Message message;
        if (!this.processed) {
            processResourceOffering();
            this.processed = true;
        }
        ProviderHeader providerHeader = null;
        if (this.providerID != null) {
            try {
                providerHeader = new ProviderHeader(this.providerID);
            } catch (SOAPBindingException e) {
                throw new DiscoveryException(e.getMessage());
            }
        }
        if (this.clientMech == 1) {
            DiscoUtils.debug.message("DiscoveryClient.createRequest: mech=x509");
            try {
                message = new Message(providerHeader, this.token);
            } catch (SOAPBindingException e2) {
                throw new DiscoveryException(e2.getMessage());
            }
        } else if (this.clientMech == 2 || this.clientMech == 3) {
            if (DiscoUtils.debug.messageEnabled()) {
                DiscoUtils.debug.message("DiscoveryClient.createRequest: mech=saml or bearer");
            }
            try {
                message = new Message(providerHeader, this.assertion);
            } catch (SOAPBindingException e3) {
                throw new DiscoveryException(e3.getMessage());
            }
        } else {
            if (DiscoUtils.debug.messageEnabled()) {
                DiscoUtils.debug.message("DiscoveryClient.createRequest: mech=anon");
            }
            try {
                message = new Message(providerHeader);
            } catch (SOAPBindingException e4) {
                throw new DiscoveryException(e4.getMessage());
            }
        }
        if (this.clientAuth) {
            message.setClientAuthentication(this.clientAuth);
        }
        return message;
    }

    private Element getResponse(Message message) throws DiscoveryException {
        try {
            List bodies = Client.sendRequest(message, this.connectTo, this.certAlias, this.soapAction).getBodies();
            if (bodies.size() == 1) {
                return (Element) bodies.iterator().next();
            }
            DiscoUtils.debug.error("DiscoveryClient.getResponse: SOAP Response didn't contain one SOAPBody.");
            throw new DiscoveryException(DiscoUtils.bundle.getString("oneBody"));
        } catch (Exception e) {
            DiscoUtils.debug.error("DiscoveryClient.getResponse:", e);
            throw new DiscoveryException(e.getMessage());
        }
    }

    public ModifyResponse modify(Modify modify) throws DiscoveryException {
        Message createRequest = createRequest();
        createRequest.setSOAPBody(DiscoUtils.parseXML(modify.toString()));
        return new ModifyResponse(getResponse(createRequest));
    }
}
