package com.sun.identity.authentication.spi;

import com.iplanet.services.util.Crypt;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.wss.security.WSSConstants;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/sun/identity/authentication/spi/WSSReplayPasswd.class */
public class WSSReplayPasswd implements AMPostAuthProcessInterface {
    private static final String PASSWORD_TOKEN = "IDToken2";
    private static boolean useHashedPassword = Boolean.valueOf(SystemConfigurationUtil.getProperty("com.sun.identity.wss.security.useHashedPassword", "true")).booleanValue();
    private static Debug debug = Debug.getInstance("WebServicesSecurity");

    public void onLoginSuccess(Map map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SSOToken sSOToken) throws AuthenticationException {
        try {
            if (useHashedPassword) {
                String name = sSOToken.getPrincipal().getName();
                String property = sSOToken.getProperty("sun.am.UniversalIdentifier");
                if (debug.messageEnabled()) {
                    debug.message("WSSReplayPassword:Authenticated user : " + name);
                    debug.message("WSSReplayPassword:Authenticated UUID : " + property);
                }
                Set attribute = new AMIdentity(getAdminToken(), property).getAttribute("userPassword");
                if (attribute != null && !attribute.isEmpty()) {
                    sSOToken.setProperty(WSSConstants.HASHED_USER_PASSWORD, (String) attribute.iterator().next());
                }
            } else {
                String parameter = httpServletRequest.getParameter(PASSWORD_TOKEN);
                if (parameter != null) {
                    sSOToken.setProperty(WSSConstants.ENCRYPTED_USER_PASSWORD, Crypt.encrypt(parameter));
                }
            }
        } catch (SSOException e) {
            debug.warning("WSSReplayPasswd.onLoginSuccess: sso exception", e);
        } catch (IdRepoException e2) {
            if (debug.warningEnabled()) {
                debug.warning("WSSReplayPassword.onLoginSuccess: ", e2);
            }
        }
    }

    public void onLoginFailure(Map map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
    }

    public void onLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SSOToken sSOToken) throws AuthenticationException {
    }

    private static SSOToken getAdminToken() {
        return (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance());
    }
}
