package com.sun.identity.liberty.ws.authnsvc.mechanism;

import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.liberty.ws.authnsvc.AuthnSvcUtils;
import com.sun.identity.liberty.ws.authnsvc.protocol.SASLRequest;
import com.sun.identity.liberty.ws.authnsvc.protocol.SASLResponse;
import com.sun.identity.liberty.ws.soapbinding.Message;
import com.sun.identity.sm.SMSEntry;

/* loaded from: input_file:com/sun/identity/liberty/ws/authnsvc/mechanism/SSOTokenMechanismHandler.class */
public class SSOTokenMechanismHandler implements MechanismHandler {
    private static String defaultOrg = SMSEntry.getRootSuffix();
    private static String MECHANISM_SSOTOKEN = "SSOTOKEN";

    public SASLResponse processSASLRequest(SASLRequest sASLRequest, Message message, String str) {
        SASLResponse sASLResponse;
        if (AuthnSvcUtils.debug.messageEnabled()) {
            AuthnSvcUtils.debug.message("SSOTokenMechanismHandler.processSASLRequest: ");
        }
        String refToMessageID = sASLRequest.getRefToMessageID();
        boolean z = refToMessageID == null || refToMessageID.length() == 0;
        if (AuthnSvcUtils.debug.messageEnabled()) {
            AuthnSvcUtils.debug.message("SSOTokenMechanismHandler.processSASLRequest: refToMessageID = " + refToMessageID);
        }
        byte[] data = sASLRequest.getData();
        if (data != null) {
            String str2 = null;
            try {
                str2 = new String(data, "UTF-8");
            } catch (Exception e) {
                AuthnSvcUtils.debug.error("SSOTokenMechanismHandler.processSASLRequest: ", e);
            }
            sASLResponse = str2 == null ? new SASLResponse("abort") : authenticate(str2, message);
            if (z) {
                sASLResponse = new SASLResponse("continue");
                sASLResponse.setServerMechanism(MECHANISM_SSOTOKEN);
            }
        } else if (z) {
            sASLResponse = new SASLResponse("continue");
            sASLResponse.setServerMechanism(MECHANISM_SSOTOKEN);
        } else {
            sASLResponse = new SASLResponse("abort");
        }
        return sASLResponse;
    }

    private SASLResponse authenticate(String str, Message message) {
        if (AuthnSvcUtils.debug.messageEnabled()) {
            AuthnSvcUtils.debug.message("SSOTokenMechanismHandler.authenticate: SSOTokenID = " + str);
        }
        try {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            SSOToken createSSOToken = sSOTokenManager.createSSOToken(str);
            sSOTokenManager.validateToken(createSSOToken);
            String name = createSSOToken.getPrincipal().getName();
            SASLResponse sASLResponse = new SASLResponse("OK");
            return !AuthnSvcUtils.setResourceOfferingAndCredentials(sASLResponse, message, name) ? new SASLResponse("abort") : sASLResponse;
        } catch (Exception e) {
            AuthnSvcUtils.debug.error("SSOTokenMechanismHandler.authenticate: ", e);
            return new SASLResponse("abort");
        }
    }
}
