package com.sun.identity.idm;

import com.iplanet.am.sdk.AMDirectoryAccessFactory;
import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMSDKBundle;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.common.IDirectoryServices;
import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.CaseInsensitiveHashMap;
import com.sun.identity.common.Constants;
import com.sun.identity.password.ui.model.PWResetModel;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.sm.DNMapper;
import com.sun.identity.sm.OrganizationConfigManager;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.ServiceConfig;
import com.sun.identity.sm.ServiceConfigManager;
import com.sun.identity.sm.ServiceManager;
import java.security.AccessController;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import netscape.ldap.util.DN;

/* JADX WARN: Classes with same name are omitted:
  input_file:120954-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/idm/IdUtils.class
 */
/* loaded from: input_file:120954-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/idm/IdUtils.class */
public final class IdUtils {
    private static Debug debug = AMIdentityRepository.debug;
    private static Map mapSupportedTypes = new CaseInsensitiveHashMap(10);
    public static Set supportedTypes = new HashSet();
    private static Map mapTypesToServiceNames = new CaseInsensitiveHashMap();
    protected static Map typesCanBeMemberOf = new CaseInsensitiveHashMap();
    protected static Map typesCanHaveMembers = new CaseInsensitiveHashMap();
    protected static Map typesCanAddMembers = new CaseInsensitiveHashMap();
    private static Map orgIdentifierToOrgName = new CaseInsensitiveHashMap();
    private static ServiceConfigManager serviceConfigManager;

    public static AMIdentity getIdentity(SSOToken sSOToken) throws IdRepoException, SSOException {
        String property = sSOToken.getProperty(Constants.UNIVERSAL_IDENTIFIER);
        if (property == null) {
            String name = sSOToken.getPrincipal().getName();
            if (name == null || !DN.isDN(name)) {
                Object[] objArr = {property};
                throw new IdRepoException(IdRepoBundle.getString("215", objArr), "215", objArr);
            }
            property = new StringBuffer().append("id=").append(new DN(name).explodeDN(true)[0]).append(",ou=").append(IdType.USER.getName()).append(",").append(sSOToken.getProperty("Organization")).append(",amsdkdn=").append(name).toString();
        }
        return getIdentity(sSOToken, property);
    }

    public static String getUniversalId(AMIdentity aMIdentity) {
        return aMIdentity.getUniversalId();
    }

    public static AMIdentity getIdentity(SSOToken sSOToken, String str) throws IdRepoException {
        if (!str.startsWith("id=")) {
            return getIdentity(sSOToken, str, DNMapper.orgNameToDN("/"));
        }
        String str2 = str;
        String str3 = null;
        if (!DN.isDN(str)) {
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "215", new Object[]{str});
        }
        int indexOf = str.indexOf(",amsdkdn=");
        if (indexOf > 0) {
            str2 = str.substring(0, indexOf);
            str3 = str.substring(indexOf + 9);
        }
        DN dn = new DN(str2);
        String[] explodeDN = dn.explodeDN(true);
        String str4 = explodeDN[0];
        if (supportedType(explodeDN[1])) {
            return new AMIdentity(sSOToken, str4, new IdType(explodeDN[1]), dn.getParent().getParent().toRFCString(), str3);
        }
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "215", new Object[]{str});
    }

    public static AMIdentity getIdentity(SSOToken sSOToken, String str, String str2) throws IdRepoException {
        if (str == null || !DN.isDN(str)) {
            return null;
        }
        try {
            if (ServiceManager.isCoexistenceMode()) {
                return getIdentityFromAMSDKDN(sSOToken, str, str2);
            }
            ServiceConfig organizationConfig = serviceConfigManager.getOrganizationConfig(str2, null);
            if (organizationConfig != null) {
                Iterator it = organizationConfig.getSubConfigNames().iterator();
                while (it.hasNext()) {
                    if (organizationConfig.getSubConfig((String) it.next()).getSchemaID().equalsIgnoreCase("amSDK")) {
                        return getIdentityFromAMSDKDN(sSOToken, str, str2);
                    }
                }
            }
            return null;
        } catch (AMException e) {
            if (!debug.messageEnabled()) {
                return null;
            }
            debug.message(new StringBuffer().append("IdUtils.getIdentity: Unable to resolve AMSDK DN: ").append(str).toString(), e);
            return null;
        } catch (SSOException e2) {
            if (!debug.messageEnabled()) {
                return null;
            }
            debug.message("IdUtils.getIdentity: Unable to resolve AMSDK DN. Got SSOException", e2);
            return null;
        } catch (IdRepoException e3) {
            if (!debug.messageEnabled()) {
                return null;
            }
            debug.message("IdUtils.getIdentity: Unable to resolve AMSDK DN. Got IdRepoException", e3);
            return null;
        } catch (SMSException e4) {
            if (!debug.messageEnabled()) {
                return null;
            }
            debug.message("IdUtils.getIdentity: Unable to resolve AMSDK DN. Got SMSException", e4);
            return null;
        }
    }

    public static String getServiceName(IdType idType) {
        return (String) mapTypesToServiceNames.get(idType.getName());
    }

    public static IdType getType(String str) throws IdRepoException {
        IdType idType = (IdType) mapSupportedTypes.get(str);
        if (idType == null) {
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "217", new Object[]{str});
        }
        return idType;
    }

    public static String getDN(AMIdentity aMIdentity) {
        return aMIdentity.getDN() != null ? aMIdentity.getDN() : aMIdentity.getUniversalId();
    }

    public static String getOrganization(SSOToken sSOToken, String str) throws IdRepoException, SSOException {
        String str2 = (String) orgIdentifierToOrgName.get(str);
        String str3 = str2;
        if (str2 != null) {
            return str3;
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("IdUtils:getOrganization Input orgname: ").append(str).toString());
        }
        if (str == null || str.length() == 0 || str.equals("/")) {
            str3 = DNMapper.orgNameToDN("/");
        } else if (str.startsWith("/")) {
            str3 = DNMapper.orgNameToDN(str);
        } else if (DN.isDN(str)) {
            str3 = str;
        } else if (ServiceManager.isCoexistenceMode()) {
            if (debug.messageEnabled()) {
                debug.message("IdUtils.getOrganization: getting from AMSDK");
            }
            try {
                str3 = new AMStoreConnection(sSOToken).getOrganizationDN(str, null);
            } catch (AMException e) {
                if (debug.messageEnabled()) {
                    debug.message("IdUtils.getOrganization Exception in getting org name from AMSDK", e);
                }
                throw convertAMException(e);
            }
        } else {
            if (debug.messageEnabled()) {
                debug.message("IdUtils.getOrganization: getting from SMS realms");
            }
            try {
                ServiceManager serviceManager = new ServiceManager(sSOToken);
                Set<String> subOrganizationNames = serviceManager.getOrganizationConfigManager("/").getSubOrganizationNames(str, true);
                if (subOrganizationNames != null && !subOrganizationNames.isEmpty()) {
                    if (subOrganizationNames.size() == 1) {
                        str3 = DNMapper.orgNameToDN((String) subOrganizationNames.iterator().next());
                    } else {
                        for (String str4 : subOrganizationNames) {
                            StringTokenizer stringTokenizer = new StringTokenizer(str4, "/");
                            while (true) {
                                if (stringTokenizer.hasMoreTokens()) {
                                    if (stringTokenizer.nextToken().equalsIgnoreCase(str)) {
                                        str3 = DNMapper.orgNameToDN(str4);
                                        break;
                                    }
                                }
                            }
                        }
                    }
                }
                if (str3 == null) {
                    HashSet hashSet = new HashSet();
                    hashSet.add(str);
                    Set searchOrganizationNames = serviceManager.searchOrganizationNames("sunIdentityRepositoryService", IdConstants.ORGANIZATION_ALIAS_ATTR, hashSet);
                    if (searchOrganizationNames == null || searchOrganizationNames.isEmpty()) {
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("IdUtils.getOrganization Unable to find Org name for: ").append(str).toString());
                        }
                        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "401", new Object[]{str});
                    }
                    str3 = DNMapper.orgNameToDN((String) searchOrganizationNames.iterator().next());
                }
            } catch (SMSException e2) {
                if (debug.messageEnabled()) {
                    debug.message("IdUtils.getOrganization Exception in getting org name from SMS", e2);
                }
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "401", new Object[]{str});
            }
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("IdUtils: Returning base DN: ").append(str3).toString());
        }
        orgIdentifierToOrgName.put(str, str3);
        return str3;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void clearOrganizationNamesCache() {
        orgIdentifierToOrgName = new CaseInsensitiveHashMap();
        if (debug.messageEnabled()) {
            debug.message("IdUtils.clearOrganizationNamesCache called");
        }
    }

    public static boolean isOrganizationActive(SSOToken sSOToken, String str) throws IdRepoException, SSOException {
        boolean equalsIgnoreCase;
        if (ServiceManager.isCoexistenceMode()) {
            try {
                equalsIgnoreCase = new AMStoreConnection(sSOToken).getOrganization(str).isActivated();
            } catch (AMException e) {
                throw convertAMException(e);
            }
        } else {
            try {
                OrganizationConfigManager organizationConfigManager = new OrganizationConfigManager(sSOToken, str);
                if (organizationConfigManager == null) {
                    throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "401", new Object[]{str});
                }
                Set set = (Set) organizationConfigManager.getAttributes("sunIdentityRepositoryService").get(IdConstants.ORGANIZATION_STATUS_ATTR);
                equalsIgnoreCase = (set == null || set.isEmpty()) ? true : ((String) set.iterator().next()).equalsIgnoreCase(PWResetModel.ACTIVE);
            } catch (SMSException e2) {
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "401", new Object[]{str});
            }
        }
        return equalsIgnoreCase;
    }

    private static AMIdentity getIdentityFromAMSDKDN(SSOToken sSOToken, String str, String str2) throws AMException, SSOException, IdRepoException {
        IDirectoryServices directoryServices = AMDirectoryAccessFactory.getDirectoryServices();
        directoryServices.getAttributes(sSOToken, str, 1);
        IdType type = getType(AMStoreConnection.getObjectName(directoryServices.getObjectType(sSOToken, str)));
        String str3 = new DN(str).explodeDN(true)[0];
        if (ServiceManager.isCoexistenceMode()) {
            str2 = directoryServices.getOrganizationDN(sSOToken, str);
        }
        return new AMIdentity(sSOToken, str3, type, str2, str);
    }

    public static IdRepoException convertAMException(AMException aMException) {
        Object[] messageArgs = aMException.getMessageArgs();
        return messageArgs == null ? new IdRepoException(AMSDKBundle.BUNDLE_NAME, aMException.getErrorCode(), null) : new IdRepoException(AMSDKBundle.BUNDLE_NAME, aMException.getErrorCode(), messageArgs);
    }

    private static boolean supportedType(String str) {
        return mapSupportedTypes.get(str) != null;
    }

    private static void loadDefaultTypes() {
        supportedTypes.add(IdType.AGENT);
        supportedTypes.add(IdType.USER);
        supportedTypes.add(IdType.ROLE);
        supportedTypes.add(IdType.GROUP);
        supportedTypes.add(IdType.FILTEREDROLE);
        mapSupportedTypes.put(IdType.USER.getName(), IdType.USER);
        mapSupportedTypes.put(IdType.ROLE.getName(), IdType.ROLE);
        mapSupportedTypes.put(IdType.FILTEREDROLE.getName(), IdType.FILTEREDROLE);
        mapSupportedTypes.put(IdType.AGENT.getName(), IdType.AGENT);
        mapSupportedTypes.put(IdType.GROUP.getName(), IdType.GROUP);
        HashSet hashSet = new HashSet();
        hashSet.add(IdType.ROLE);
        hashSet.add(IdType.GROUP);
        hashSet.add(IdType.FILTEREDROLE);
        typesCanBeMemberOf.put(IdType.USER.getName(), hashSet);
        HashSet hashSet2 = new HashSet();
        hashSet2.add(IdType.USER);
        typesCanHaveMembers.put(IdType.ROLE.getName(), hashSet2);
        typesCanHaveMembers.put(IdType.GROUP.getName(), hashSet2);
        typesCanHaveMembers.put(IdType.FILTEREDROLE.getName(), hashSet2);
        typesCanAddMembers.put(IdType.GROUP.getName(), hashSet2);
        typesCanAddMembers.put(IdType.ROLE.getName(), hashSet2);
    }

    private static Set getMemberSet(Set set) {
        HashSet hashSet = new HashSet(set.size() * 2);
        Iterator it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(new IdType((String) it.next()));
        }
        return hashSet;
    }

    static {
        if (!ServiceManager.isConfigMigratedTo70()) {
            loadDefaultTypes();
            return;
        }
        try {
            serviceConfigManager = new ServiceConfigManager((SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance()), "sunIdentityRepositoryService", "1.0");
            ServiceConfig globalConfig = serviceConfigManager.getGlobalConfig(null);
            Set<String> subConfigNames = globalConfig.getSubConfigNames("*", IdConstants.SUPPORTED_TYPES);
            if (subConfigNames == null || subConfigNames.isEmpty()) {
                loadDefaultTypes();
            } else {
                for (String str : subConfigNames) {
                    IdType idType = new IdType(str);
                    supportedTypes.add(idType);
                    mapSupportedTypes.put(idType.getName(), idType);
                    Map attributes = globalConfig.getSubConfig(str).getAttributes();
                    Set set = (Set) attributes.get(IdConstants.SERVICE_NAME);
                    Set set2 = (Set) attributes.get(IdConstants.ATTR_MEMBER_OF);
                    Set set3 = (Set) attributes.get(IdConstants.ATTR_HAVE_MEMBERS);
                    Set set4 = (Set) attributes.get(IdConstants.ATTR_ADD_MEMBERS);
                    if (set != null && !set.isEmpty()) {
                        mapTypesToServiceNames.put(str, (String) set.iterator().next());
                    }
                    if (set2 != null && !set2.isEmpty()) {
                        typesCanBeMemberOf.put(str, getMemberSet(set2));
                    }
                    if (set3 != null && !set3.isEmpty()) {
                        typesCanHaveMembers.put(str, getMemberSet(set3));
                    }
                    if (set4 != null && !set4.isEmpty()) {
                        typesCanAddMembers.put(str, getMemberSet(set4));
                    }
                }
            }
        } catch (SSOException e) {
            debug.error("IdUtils: Loading default types. Caught exception..", e);
            loadDefaultTypes();
        } catch (SMSException e2) {
            debug.error("IdUtils: Loading default types. Caught exception..", e2);
            loadDefaultTypes();
        }
    }
}
