package com.sun.identity.policy.plugins;

import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.policy.ConditionDecision;
import com.sun.identity.policy.PolicyException;
import com.sun.identity.policy.Syntax;
import com.sun.identity.policy.interfaces.Condition;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;

/* JADX WARN: Classes with same name are omitted:
  input_file:117586-20/SUNWamclt/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/policy/plugins/AuthLevelCondition.class
 */
/* loaded from: input_file:117586-20/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/policy/plugins/AuthLevelCondition.class */
public class AuthLevelCondition implements Condition {
    public static final String AUTH_LEVEL = "AuthLevel";
    public static final String REQUEST_AUTH_LEVEL = "requestAuthLevel";
    public static final String AUTH_LEVEL_CONDITION_ADVICE = "AuthLevelConditionAdvice";
    private Map properties;
    private int authLevel;
    private static final Debug DEBUG = Debug.getInstance("amPolicy");
    private static List propertyNames = new ArrayList(1);

    @Override // com.sun.identity.policy.interfaces.Condition
    public List getPropertyNames() {
        return new ArrayList(propertyNames);
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Syntax getPropertySyntax(String str) {
        return Syntax.NONE;
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public String getDisplayName(String str, Locale locale) throws PolicyException {
        return "";
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Set getValidValues(String str) throws PolicyException {
        return Collections.EMPTY_SET;
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public void setProperties(Map map) throws PolicyException {
        this.properties = (HashMap) map;
        validateProperties();
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Map getProperties() {
        if (this.properties == null) {
            return null;
        }
        return Collections.unmodifiableMap(this.properties);
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public ConditionDecision getConditionDecision(SSOToken sSOToken, Map map) throws PolicyException, SSOException {
        boolean z = false;
        Integer num = null;
        if (map != null && map.get(REQUEST_AUTH_LEVEL) != null) {
            try {
                num = (Integer) map.get(REQUEST_AUTH_LEVEL);
            } catch (ClassCastException e) {
                throw new PolicyException("amPolicy", "property_is_not_an_Integer", new String[]{REQUEST_AUTH_LEVEL}, e);
            }
        } else if (sSOToken != null) {
            num = new Integer(sSOToken.getAuthLevel());
        }
        if (DEBUG.messageEnabled()) {
            DEBUG.message(new StringBuffer().append("At AuthLevelCondition.getConditionDecision():authLevel,  requestAuthLevel, allowed = ").append(this.authLevel).append(", ").append(num).append(",").append(false).toString());
        }
        if (num != null && num.intValue() >= this.authLevel) {
            z = true;
        }
        HashMap hashMap = new HashMap();
        if (!z) {
            HashSet hashSet = new HashSet(1);
            hashSet.add(Integer.toString(this.authLevel));
            hashMap.put(AUTH_LEVEL_CONDITION_ADVICE, hashSet);
        }
        return new ConditionDecision(z, hashMap);
    }

    @Override // com.sun.identity.policy.interfaces.Condition
    public Object clone() {
        try {
            AuthLevelCondition authLevelCondition = (AuthLevelCondition) super.clone();
            if (this.properties != null) {
                authLevelCondition.properties = new HashMap();
                for (Object obj : this.properties.keySet()) {
                    HashSet hashSet = new HashSet();
                    hashSet.addAll((Set) this.properties.get(obj));
                    authLevelCondition.properties.put(obj, hashSet);
                }
            }
            return authLevelCondition;
        } catch (CloneNotSupportedException e) {
            throw new InternalError();
        }
    }

    private boolean validateProperties() throws PolicyException {
        if (this.properties == null || this.properties.keySet() == null) {
            throw new PolicyException("amPolicy", "properties_can_not_be_null_or_empty", null, null);
        }
        Set<String> keySet = this.properties.keySet();
        if (!keySet.contains("AuthLevel")) {
            throw new PolicyException("amPolicy", "property_value_not_defined", new String[]{"AuthLevel"}, null);
        }
        for (String str : keySet) {
            if (!"AuthLevel".equals(str)) {
                throw new PolicyException("amPolicy", "attempt_to_set_invalid_property ", new String[]{str}, null);
            }
        }
        Set set = (Set) this.properties.get("AuthLevel");
        if (set == null) {
            return true;
        }
        validateAuthLevels(set);
        return true;
    }

    private boolean validateAuthLevels(Set set) throws PolicyException {
        if (set.isEmpty() || set.size() > 1) {
            throw new PolicyException("amPolicy", "property_does_not_allow_empty_or_multiple_values", new String[]{"AuthLevel"}, null);
        }
        try {
            this.authLevel = Integer.parseInt((String) set.iterator().next());
            return true;
        } catch (Exception e) {
            throw new PolicyException("amPolicy", "property_is_not_an_Integer", new String[]{"AuthLevel"}, null);
        }
    }

    private boolean isAllowed(SSOToken sSOToken, Map map) throws PolicyException, SSOException {
        return getConditionDecision(sSOToken, map).isAllowed();
    }

    static {
        propertyNames.add("AuthLevel");
    }
}
