package com.tivoli.am.fim.demo.sts;

import com.ibm.websphere.wssecurity.wssapi.WSSException;
import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.websphere.wssecurity.wssapi.trust.WSSTrustClient;
import com.ibm.websphere.wssecurity.wssapi.trust.WSSTrustClientValidateResult;
import com.ibm.wsspi.wssecurity.trust.config.ProviderConfig;
import com.ibm.wsspi.wssecurity.trust.config.RequesterConfig;
import com.ibm.wsspi.wssecurity.wssapi.OMStructure;
import java.io.StringWriter;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMElement;

/* loaded from: input_file:com/tivoli/am/fim/demo/sts/WebSphereFIMSTSClient.class */
public class WebSphereFIMSTSClient implements FIMSTSClient {
    public static final String STSCONFIG_POLICY_SET_NAME = "STSCONFIG_POLICY_SET_NAME";
    public static final String STSCONFIG_BINDING_NAME = "STSCONFIG_BINDING_NAME";
    public static final String STSCONFIG_BINDING_SCOPE = "STSCONFIG_BINDING_SCOPE";
    static final String WST12_VALID = "http://schemas.xmlsoap.org/ws/2005/02/trust/status/valid";
    static final String WST13_VALID = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid";
    private static String CLASSNAME = WebSphereFIMSTSClient.class.getName();
    private static Logger _log = Logger.getLogger(CLASSNAME);

    @Override // com.tivoli.am.fim.demo.sts.FIMSTSClient
    public String doSTSExchange(Map<String, String> map) throws FIMSTSClientException {
        String str;
        String str2;
        Object obj;
        boolean isLoggable = _log.isLoggable(Level.FINEST);
        try {
            try {
                try {
                    _log.entering(CLASSNAME, "doSTSExchange", new Object[]{map});
                    String str3 = map.get(FIMSTSClient.STSCONFIG_WSTRUST_VERSION);
                    if (str3 != null && str3.equals("1.2")) {
                        str = "http://schemas.xmlsoap.org/ws/2005/02/trust";
                        str2 = "http://schemas.xmlsoap.org/soap/envelope/";
                        obj = WST12_VALID;
                    } else {
                        str = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
                        str2 = "http://www.w3.org/2003/05/soap-envelope";
                        obj = WST13_VALID;
                    }
                    ProviderConfig newProviderConfig = WSSTrustClient.newProviderConfig(str, map.get(FIMSTSClient.STSCONFIG_STSURL));
                    if (isLoggable) {
                        showProviderConfigDefaultValue(newProviderConfig);
                    }
                    String str4 = map.get(STSCONFIG_POLICY_SET_NAME);
                    if (str4 != null) {
                        newProviderConfig.setPolicySetName(str4);
                    }
                    String str5 = map.get(STSCONFIG_BINDING_NAME);
                    if (str5 != null) {
                        newProviderConfig.setBindingName(str5);
                    }
                    String str6 = map.get(STSCONFIG_BINDING_SCOPE);
                    if (str6 != null) {
                        newProviderConfig.setBindingScope(str6);
                    }
                    RequesterConfig newRequesterConfig = WSSTrustClient.newRequesterConfig(str);
                    if (isLoggable) {
                        showRequestConfigDefaultValue(newRequesterConfig);
                    }
                    String str7 = map.get(FIMSTSClient.STSCONFIG_APPLIESTO_ADDRESS);
                    String str8 = map.get(FIMSTSClient.STSCONFIG_ISSUER_ADDRESS);
                    String str9 = map.get(FIMSTSClient.STSCONFIG_TOKEN_TYPE);
                    String str10 = map.get(FIMSTSClient.STSCONFIG_CLAIMS);
                    if (str7 != null) {
                        newRequesterConfig.put("wstrustClientAppliesToAddress", str7);
                    }
                    if (str8 != null) {
                        newRequesterConfig.put("wstrustClientIssuerAddress", str8);
                    }
                    if (str9 != null) {
                        newRequesterConfig.put("wstrustClientTokenType", str9);
                    }
                    if (str10 != null) {
                        newRequesterConfig.put("wstrustClientClaims", str10);
                    }
                    newRequesterConfig.setSOAPNamespace(str2);
                    newRequesterConfig.put("wstrustClientValidateTargetTokenXML", map.get(FIMSTSClient.STSCONFIG_VALIDATE_TARGET_TOKEN));
                    List wSTrustValidateResults = J2EEHelper.getWSTrustValidateResults(WSSTrustClient.getInstance(newProviderConfig), newProviderConfig, newRequesterConfig);
                    if (wSTrustValidateResults == null || wSTrustValidateResults.isEmpty()) {
                        throw new FIMSTSClientException("No validation result returned from WebSphere WS-Trust client");
                    }
                    WSSTrustClientValidateResult wSSTrustClientValidateResult = (WSSTrustClientValidateResult) wSTrustValidateResults.get(0);
                    String statusCode = wSSTrustClientValidateResult.getStatusCode();
                    String statusReason = wSSTrustClientValidateResult.getStatusReason();
                    SecurityToken securityToken = wSSTrustClientValidateResult.getSecurityToken();
                    if (statusCode == null || !statusCode.equals(obj)) {
                        throw new FIMSTSClientException("STS did not return valid status. Status = " + statusCode + " Reason = " + statusReason);
                    }
                    if (securityToken == null) {
                        throw new FIMSTSClientException("STS returned a null security token");
                    }
                    OMStructure xml = securityToken.getXML();
                    if (xml == null || !(xml instanceof OMStructure)) {
                        throw new FIMSTSClientException("STS returned a security token which is not a valid XMLStructure");
                    }
                    OMElement node = xml.getNode();
                    if (node == null) {
                        throw new FIMSTSClientException("STS returned a security token which did not contain a valid OMElement");
                    }
                    StringWriter stringWriter = new StringWriter();
                    node.serialize(stringWriter);
                    String stringWriter2 = stringWriter.toString();
                    _log.exiting(CLASSNAME, "doSTSExchange", stringWriter2);
                    return stringWriter2;
                } catch (WSSException e) {
                    e.printStackTrace();
                    throw new FIMSTSClientException("Exception using WebSphere WS-Trust client", e);
                }
            } catch (XMLStreamException e2) {
                e2.printStackTrace();
                throw new FIMSTSClientException("Exception using WebSphere WS-Trust client", e2);
            }
        } catch (Throwable th) {
            _log.exiting(CLASSNAME, "doSTSExchange", null);
            throw th;
        }
    }

    private static void showProviderConfigDefaultValue(ProviderConfig providerConfig) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("providerConfig.getApplicationName() = " + providerConfig.getApplicationName());
        stringBuffer.append(" providerConfig.getBindingName() = " + providerConfig.getBindingName());
        stringBuffer.append(" providerConfig.getBindingScope() = " + providerConfig.getBindingScope());
        stringBuffer.append(" providerConfig.getIssuerURI() = " + providerConfig.getIssuerURI());
        stringBuffer.append(" providerConfig.getPolicySetName() = " + providerConfig.getPolicySetName());
        stringBuffer.append(" providerConfig.getPortName() = " + providerConfig.getPortName());
        stringBuffer.append(" providerConfig.getProvider() = " + providerConfig.getProvider());
        stringBuffer.append(" providerConfig.getServiceName() = " + providerConfig.getServiceName());
        stringBuffer.append(" providerConfig.getWSTrustNamespace() = " + providerConfig.getWSTrustNamespace());
        stringBuffer.append(" providerConfig.toString() = " + providerConfig.toString());
        _log.logp(Level.FINEST, CLASSNAME, "showProviderConfigDefaultValue", stringBuffer.toString());
    }

    private static void showRequestConfigDefaultValue(RequesterConfig requesterConfig) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("requesterConfig.getRSTTProperties() = " + requesterConfig.getRSTTProperties());
        stringBuffer.append(" requesterConfig.getSecondaryParameters() = " + requesterConfig.getSecondaryParameters());
        stringBuffer.append(" requesterConfig.getSOAPNamespace() = " + requesterConfig.getSOAPNamespace());
        stringBuffer.append(" requesterConfig.getWSAddressingNamespace() = " + requesterConfig.getWSAddressingNamespace());
        stringBuffer.append(" requesterConfig.getMessageID() = " + requesterConfig.getMessageID());
        stringBuffer.append(" requesterConfig.toString() = " + requesterConfig.toString());
        _log.logp(Level.FINEST, CLASSNAME, "showRequestConfigDefaultValue", stringBuffer.toString());
    }
}
