package com.sun.identity.policy.plugins;

import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.CaseInsensitiveHashSet;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.policy.ConditionDecision;
import com.sun.identity.policy.PolicyEvaluator;
import com.sun.identity.policy.PolicyException;
import com.sun.identity.policy.Syntax;
import com.sun.identity.policy.interfaces.Condition;
import com.sun.identity.sm.SMSUtils;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;

/* JADX WARN: Classes with same name are omitted:
  input_file:120954-02/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/policy/plugins/UserSelfCheckCondition.class
 */
/* loaded from: input_file:120954-02/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/policy/plugins/UserSelfCheckCondition.class */
public class UserSelfCheckCondition implements Condition {
    public static final String ATTRIBUTES = "attributes";
    static final String RESOURCE_PREFIX = "sms://";
    static final String RESOURCE_NAME = "/sunIdentityRepositoryService/1.0/application/";
    private boolean allowAllAttributes;
    private Map properties;
    private static List propertyNames;
    Debug debug = Debug.getInstance("amPolicy");
    private Set attributes = Collections.EMPTY_SET;

    @Override // com.sun.identity.policy.interfaces.Condition
    public List getPropertyNames() {
        if (propertyNames == null) {
            LinkedList linkedList = new LinkedList();
            linkedList.add(ATTRIBUTES);
            propertyNames = Collections.unmodifiableList(linkedList);
        }
        return propertyNames;
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Syntax getPropertySyntax(String str) {
        return Syntax.ANY;
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public String getDisplayName(String str, Locale locale) throws PolicyException {
        return str;
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Set getValidValues(String str) throws PolicyException {
        return Collections.EMPTY_SET;
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public void setProperties(Map map) throws PolicyException {
        if (map == null || map.keySet() == null) {
            throw new PolicyException("amPolicy", "properties_can_not_be_null_or_empty", null, null);
        }
        this.properties = Collections.unmodifiableMap(map);
        Object obj = map.get(ATTRIBUTES);
        if (obj == null || !(obj instanceof Set)) {
            throw new PolicyException("amPolicy", "required_properties_can_not_be_null_or_empty", new String[]{ATTRIBUTES}, null);
        }
        this.attributes = new CaseInsensitiveHashSet();
        this.attributes.addAll((Set) obj);
        if (this.attributes.contains("*")) {
            this.allowAllAttributes = true;
        } else {
            this.allowAllAttributes = false;
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("UserSelfCheckCondition.setProperties():attributes = ").append(map.get(ATTRIBUTES)).toString());
        }
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Map getProperties() {
        return this.properties;
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public ConditionDecision getConditionDecision(SSOToken sSOToken, Map map) throws PolicyException, SSOException {
        boolean z = false;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("UserSelfCheckCondition.getConditionDecision: called with Token: ").append(sSOToken.getPrincipal().getName()).append(", requestedResource: ").append(map.get(PolicyEvaluator.SUN_AM_REQUESTED_RESOURCE)).toString());
        }
        boolean z2 = this.allowAllAttributes;
        if (!z2) {
            Object obj = map.get(ATTRIBUTES);
            if (obj == null || !(obj instanceof Set)) {
                if (this.debug.warningEnabled()) {
                    this.debug.warning("UserSelfCheckCondition.getConditionDecision Invalid attribute set in env params");
                }
            } else if (!((Set) obj).isEmpty()) {
                CaseInsensitiveHashSet caseInsensitiveHashSet = new CaseInsensitiveHashSet();
                caseInsensitiveHashSet.addAll((Set) obj);
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("UserSelfCheckCondition.getConditionDecision: Is attributes ").append(caseInsensitiveHashSet).append(" subset of config attrs: ").append(this.attributes).toString());
                }
                if (this.attributes.containsAll(caseInsensitiveHashSet)) {
                    z2 = true;
                }
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("UserSelfCheckCondition.getConditionDecision: attributes check:").append(z2).toString());
        }
        if (z2) {
            StringBuffer stringBuffer = new StringBuffer(100);
            stringBuffer.append(RESOURCE_PREFIX);
            try {
                AMIdentity identity = IdUtils.getIdentity(sSOToken);
                stringBuffer.append(identity.getRealm());
                stringBuffer.append(RESOURCE_NAME);
                stringBuffer.append(identity.getType().getName()).append("/");
                stringBuffer.append(identity.getName());
            } catch (SSOException e) {
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("UserSelfCheckCondition.getConditionDecision: invalid sso token: ").append(e.getMessage()).toString());
                }
            } catch (IdRepoException e2) {
                if (this.debug.messageEnabled()) {
                    this.debug.message("UserSelfCheckCondition.getConditionDecision IdRepo exception: ", e2);
                }
            }
            Object obj2 = map.get(PolicyEvaluator.SUN_AM_REQUESTED_RESOURCE);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("UserSelfCheckCondition.getConditionDecision: name: ").append((Object) stringBuffer).append(" resource: ").append(obj2).toString());
            }
            if (obj2 != null) {
                String str = null;
                if (obj2 instanceof String) {
                    str = (String) obj2;
                } else if (obj2 instanceof Set) {
                    str = (String) ((Set) obj2).iterator().next();
                } else if (this.debug.warningEnabled()) {
                    str = "";
                    this.debug.warning("UserSelfCheckCondition.getConditionDecision: Unable to get resource name");
                }
                if (str.equalsIgnoreCase(stringBuffer.toString())) {
                    z = true;
                    if (this.debug.messageEnabled()) {
                        this.debug.message("UserSelfCheckCondition.getConditionDecision: returning true");
                    }
                } else if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("UserSelfCheckCondition.getConditionDecision: Resource names donot match: ").append(str).append(" ").append((Object) stringBuffer).toString());
                }
            }
        }
        return new ConditionDecision(z);
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Object clone() {
        try {
            UserSelfCheckCondition userSelfCheckCondition = (UserSelfCheckCondition) super.clone();
            userSelfCheckCondition.properties = Collections.unmodifiableMap(SMSUtils.copyAttributes(this.properties));
            return userSelfCheckCondition;
        } catch (CloneNotSupportedException e) {
            throw new InternalError();
        }
    }
}
