package com.sun.identity.policy.plugins;

import com.iplanet.am.util.Debug;
import com.iplanet.services.util.I18n;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.policy.InvalidNameException;
import com.sun.identity.policy.PolicyException;
import com.sun.identity.policy.Syntax;
import com.sun.identity.policy.ValidValues;
import com.sun.identity.policy.interfaces.Subject;
import com.sun.identity.saml.xmlsig.JKSKeyProvider;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;

/* JADX WARN: Classes with same name are omitted:
  input_file:120954-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/policy/plugins/WebServicesClients.class
 */
/* loaded from: input_file:120954-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/policy/plugins/WebServicesClients.class */
public class WebServicesClients implements Subject {
    private Set selectedWebServicesClients = Collections.EMPTY_SET;
    static Debug debug = Debug.getInstance("amPolicy");
    static I18n i18n = I18n.getInstance("iPlanetAMPolicyService");

    public void WebServicesClients() {
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public void initialize(Map map) {
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public Syntax getValueSyntax(SSOToken sSOToken) {
        return Syntax.MULTIPLE_CHOICE;
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public ValidValues getValidValues(SSOToken sSOToken) throws SSOException, PolicyException {
        return getValidValues(sSOToken, "*");
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public ValidValues getValidValues(SSOToken sSOToken, String str) throws SSOException, PolicyException {
        HashSet hashSet = new HashSet();
        try {
            KeyStore keyStore = new JKSKeyProvider().getKeyStore();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("WSClient.getValidValues: alias=").append(nextElement).toString());
                }
                if (keyStore.isCertificateEntry(nextElement)) {
                    debug.message("WSClient.getValidValues: alias is trusted.");
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                    if (x509Certificate != null) {
                        debug.message("WSClient.getValidValues:cert not null");
                        String name = x509Certificate.getSubjectDN().getName();
                        if (name != null && !name.equals("")) {
                            hashSet.add(name);
                        }
                    } else {
                        debug.message("WSClient.getValidValues: cert is null");
                    }
                } else {
                    debug.message("WSClient.getValidValues:alias not trusted.");
                }
            }
            return new ValidValues(0, hashSet);
        } catch (KeyStoreException e) {
            if (debug.warningEnabled()) {
                debug.warning("WebServicesClients: couldn't get subjects", e);
            }
            throw new PolicyException(null, e);
        }
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public String getDisplayNameForValue(String str, Locale locale) {
        return str;
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public Set getValues() {
        return this.selectedWebServicesClients;
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public void setValues(Set set) throws InvalidNameException {
        if (set == null) {
            debug.error("WebServicesClients.setValues(): Invalid names");
            throw new InvalidNameException(i18n.getString("webservicesclients_subject_invalid_user_names", "null"), "null", 5);
        }
        this.selectedWebServicesClients = new HashSet();
        this.selectedWebServicesClients.addAll(set);
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("WebServicesClients.setValues(): selected web service clients names=").append(this.selectedWebServicesClients).toString());
        }
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public boolean isMember(SSOToken sSOToken) throws SSOException, PolicyException {
        if (this.selectedWebServicesClients.contains(sSOToken.getPrincipal().getName())) {
            debug.message("WebServicesClients.isMemeber():principal is member");
            return true;
        }
        String property = sSOToken.getProperty(ISAuthConstants.PRINCIPALS);
        new HashSet();
        if (property == null || property.equals("")) {
            return false;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(property, "|");
        while (stringTokenizer.hasMoreTokens()) {
            if (this.selectedWebServicesClients.contains(stringTokenizer.nextToken())) {
                if (!debug.messageEnabled()) {
                    return true;
                }
                debug.message("WebServicesClients.isMemeber(): principals is member.");
                return true;
            }
        }
        return false;
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public boolean equals(Object obj) {
        if (!(obj instanceof WebServicesClients)) {
            return false;
        }
        WebServicesClients webServicesClients = (WebServicesClients) obj;
        return (this.selectedWebServicesClients == null || webServicesClients.selectedWebServicesClients == null || !this.selectedWebServicesClients.equals(webServicesClients.selectedWebServicesClients)) ? false : true;
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public Object clone() {
        try {
            WebServicesClients webServicesClients = (WebServicesClients) super.clone();
            if (this.selectedWebServicesClients != null) {
                webServicesClients.selectedWebServicesClients = new HashSet();
                webServicesClients.selectedWebServicesClients.addAll(this.selectedWebServicesClients);
            }
            return webServicesClients;
        } catch (CloneNotSupportedException e) {
            throw new InternalError();
        }
    }

    @Override // com.sun.identity.policy.interfaces.Subject
    public int hashCode() {
        return super.hashCode();
    }
}
