package com.sun.identity.wss.sts.spi;

import com.iplanet.services.util.Crypt;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.impl.FMSessionProvider;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml2.assertion.AssertionFactory;
import com.sun.identity.saml2.assertion.NameID;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.shared.xml.XMLUtils;
import com.sun.identity.workflow.ParameterKeys;
import com.sun.identity.wss.logging.LogUtil;
import com.sun.identity.wss.security.AssertionToken;
import com.sun.identity.wss.security.AssertionTokenSpec;
import com.sun.identity.wss.security.SAML11AssertionValidator;
import com.sun.identity.wss.security.SAML2AssertionValidator;
import com.sun.identity.wss.security.SAML2Token;
import com.sun.identity.wss.security.SAML2TokenSpec;
import com.sun.identity.wss.security.SecurityException;
import com.sun.identity.wss.security.SecurityMechanism;
import com.sun.identity.wss.security.SecurityToken;
import com.sun.identity.wss.security.SecurityTokenFactory;
import com.sun.identity.wss.security.UserNameTokenSpec;
import com.sun.identity.wss.security.WSSConstants;
import com.sun.identity.wss.security.WSSUtils;
import com.sun.identity.wss.sts.FAMSTSException;
import com.sun.identity.wss.sts.STSClientUserToken;
import com.sun.identity.wss.sts.STSConstants;
import com.sun.identity.wss.sts.STSUtils;
import com.sun.identity.wss.sts.config.FAMSTSConfiguration;
import com.sun.xml.ws.api.security.trust.STSTokenProvider;
import com.sun.xml.ws.api.security.trust.WSTrustException;
import com.sun.xml.ws.security.IssuedTokenContext;
import com.sun.xml.ws.security.trust.GenericToken;
import com.sun.xml.ws.security.trust.WSTrustElementFactory;
import com.sun.xml.ws.security.trust.WSTrustVersion;
import com.sun.xml.ws.security.trust.elements.str.SecurityTokenReference;
import com.sun.xml.ws.security.trust.logging.LogStringsMessages;
import com.sun.xml.ws.security.trust.util.WSTrustUtil;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.logging.Level;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.keys.keyresolver.KeyResolverException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/sun/identity/wss/sts/spi/FAMSTSTokenProvider.class */
public class FAMSTSTokenProvider implements STSTokenProvider {
    public void generateToken(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        Element createSAML11Assertion;
        STSUtils.debug.message("FAMSTSTokenProvider.generateToken called.");
        String tokenIssuer = issuedTokenContext.getTokenIssuer();
        String appliesTo = issuedTokenContext.getAppliesTo();
        String tokenType = issuedTokenContext.getTokenType();
        if (tokenType != null && tokenType.equals(SecurityToken.WSS_FAM_SSO_TOKEN)) {
            generateSSOToken(issuedTokenContext);
            return;
        }
        if (tokenType != null && (tokenType.equals(WSSConstants.PASSWORD_PLAIN_TYPE) || tokenType.equals(WSSConstants.PASSWORD_DIGEST_TYPE))) {
            generateUserNameToken(issuedTokenContext, tokenType);
            return;
        }
        String keyType = issuedTokenContext.getKeyType();
        long time = issuedTokenContext.getExpirationTime().getTime() - issuedTokenContext.getCreationTime().getTime();
        String str = (String) issuedTokenContext.getOtherProperties().get("samlConfirmationMethod");
        if ("urn:oasis:names:tc:SAML:1.0:cm::sender-vouches".equals(str)) {
            str = STSConstants.SAML_SENDER_VOUCHES_1_0;
        }
        Map<QName, List<String>> map = (Map) issuedTokenContext.getOtherProperties().get("cliamedAttributes");
        WSTrustVersion wSTrustVersion = (WSTrustVersion) issuedTokenContext.getOtherProperties().get("wstVersion");
        WSTrustElementFactory newInstance = WSTrustElementFactory.newInstance(wSTrustVersion);
        String certificateAlias = WSSUtils.getXMLSignatureManager().getKeyProvider().getCertificateAlias((X509Certificate) issuedTokenContext.getOtherProperties().get("stsCertificate"));
        KeyInfo createKeyInfo = createKeyInfo(issuedTokenContext);
        String str2 = "uuid-" + UUID.randomUUID().toString();
        if (STSUtils.debug.messageEnabled()) {
            STSUtils.debug.message("FAMSTSTokenProvider.tokenType : " + tokenType);
        }
        if (STSConstants.SAML10_ASSERTION.equals(tokenType) || "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1".equals(tokenType)) {
            try {
                createSAML11Assertion = createSAML11Assertion(wSTrustVersion, time, str, getAuthnMechanism(issuedTokenContext), tokenIssuer, appliesTo, createKeyInfo, map, keyType, str2, certificateAlias);
                if (LogUtil.isLogEnabled()) {
                    LogUtil.access(Level.INFO, LogUtil.CREATED_SAML11_ASSERTION, new String[]{str2, tokenIssuer, appliesTo, str, tokenType, keyType}, null);
                }
            } catch (FAMSTSException e) {
                STSUtils.debug.error("FAMSTSTokenProvider.generateToken: Could not generate SAML11 Assertion", e);
                throw new WSTrustException(e.getMessage());
            }
        } else {
            if (tokenType != null && !"urn:oasis:names:tc:SAML:2.0:assertion".equals(tokenType)) {
                STSUtils.debug.error("FAMSTSTokenProvider.generateToken ERROR : UNSUPPORTED_TOKEN_TYPE");
                LogUtil.error(Level.INFO, LogUtil.UNSUPPORTED_TOKEN_TYPE, new String[]{tokenType}, null);
                throw new WSTrustException(LogStringsMessages.WST_0031_UNSUPPORTED_TOKEN_TYPE(tokenType, appliesTo));
            }
            try {
                createSAML11Assertion = createSAML20Assertion(wSTrustVersion, time, str, str2, tokenIssuer, appliesTo, createKeyInfo, map, keyType, getAuthContextClassRef(issuedTokenContext), certificateAlias);
                if (LogUtil.isLogEnabled()) {
                    LogUtil.access(Level.INFO, LogUtil.CREATED_SAML20_ASSERTION, new String[]{str2, tokenIssuer, appliesTo, str, tokenType, keyType}, null);
                }
            } catch (FAMSTSException e2) {
                STSUtils.debug.error("FAMSTSTokenProvider.generateToken: Could not generate SAML2 Assertion", e2);
                throw new WSTrustException(e2.getMessage());
            }
        }
        if (STSUtils.debug.messageEnabled()) {
            STSUtils.debug.message("FAMSTSTokenProvider.signedAssertion : " + XMLUtils.print(createSAML11Assertion));
        }
        issuedTokenContext.setSecurityToken(new GenericToken(createSAML11Assertion));
        String str3 = null;
        if (STSConstants.SAML10_ASSERTION.equals(tokenType) || "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1".equals(tokenType)) {
            str3 = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID";
        } else if ("urn:oasis:names:tc:SAML:2.0:assertion".equals(tokenType)) {
            str3 = WSSConstants.SAML2_ASSERTION_VALUE_TYPE;
        }
        SecurityTokenReference createSecurityTokenReference = WSTrustUtil.createSecurityTokenReference(str2, str3);
        newInstance.createRequestedAttachedReference(createSecurityTokenReference);
        newInstance.createRequestedUnattachedReference(createSecurityTokenReference);
        issuedTokenContext.setAttachedSecurityTokenReference(createSecurityTokenReference);
        issuedTokenContext.setUnAttachedSecurityTokenReference(createSecurityTokenReference);
    }

    public void isValideToken(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    public void renewToken(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    public void invalidateToken(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    protected Element createSAML11Assertion(WSTrustVersion wSTrustVersion, long j, String str, String str2, String str3, String str4, KeyInfo keyInfo, Map<QName, List<String>> map, String str5, String str6, String str7) throws FAMSTSException {
        try {
            SecurityTokenFactory securityTokenFactory = SecurityTokenFactory.getInstance(WSSUtils.getAdminToken());
            String subjectName = getSubjectName(map);
            if (subjectName == null) {
                if (STSUtils.debug.warningEnabled()) {
                    STSUtils.debug.warning("FAMSTSTokenProvider.createSAML11Assertion: subject is null");
                }
                throw new FAMSTSException(STSUtils.bundle.getString("nullSubject"));
            }
            if (str == null) {
                str = str5.equals(wSTrustVersion.getBearerKeyTypeURI()) ? STSConstants.SAML_SENDER_VOUCHES_1_0 : STSConstants.SAML_HOLDER_OF_KEY_1_0;
            }
            AssertionTokenSpec assertionTokenSpec = new AssertionTokenSpec();
            assertionTokenSpec.setSenderIdentity(new NameIdentifier(subjectName));
            assertionTokenSpec.setAppliesTo(str4);
            assertionTokenSpec.setAssertionInterval(j);
            assertionTokenSpec.setIssuer(str3);
            assertionTokenSpec.setConfirmationMethod(str);
            assertionTokenSpec.setClaimedAttributes(map);
            X509Certificate x509Certificate = keyInfo.getX509Certificate();
            if (x509Certificate != null) {
                assertionTokenSpec.setSubjectCertAlias(WSSUtils.getXMLSignatureManager().getKeyProvider().getCertificateAlias(x509Certificate));
            }
            assertionTokenSpec.setAuthenticationMethod(str2);
            assertionTokenSpec.setAssertionID(str6);
            assertionTokenSpec.setSigningAlias(str7);
            if (keyInfo != null) {
                assertionTokenSpec.setKeyInfo(keyInfo.getElement());
            }
            return ((AssertionToken) securityTokenFactory.getSecurityToken(assertionTokenSpec)).toDocumentElement();
        } catch (KeyResolverException e) {
            STSUtils.debug.error("FAMSTSTokenProvider.createSAML11Assertion: failed in creating SAML11 Token", e);
            throw new FAMSTSException(e.getMessage());
        } catch (SecurityException e2) {
            STSUtils.debug.error("FAMSTSTokenProvider.createSAML11Assertion: failed in creating SAML11 Token", e2);
            throw new FAMSTSException(e2.getMessage());
        } catch (SAMLException e3) {
            STSUtils.debug.error("FAMSTSTokenProvider.createSAML11Assertion: failed in creating SAML11 Token", e3);
            throw new FAMSTSException(e3.getMessage());
        }
    }

    protected Element createSAML20Assertion(WSTrustVersion wSTrustVersion, long j, String str, String str2, String str3, String str4, KeyInfo keyInfo, Map<QName, List<String>> map, String str5, String str6, String str7) throws FAMSTSException {
        try {
            SecurityTokenFactory securityTokenFactory = SecurityTokenFactory.getInstance(WSSUtils.getAdminToken());
            String subjectName = getSubjectName(map);
            if (subjectName == null) {
                if (STSUtils.debug.warningEnabled()) {
                    STSUtils.debug.warning("FAMSTSTokenProvider.createSAML2Assertion: subject is null");
                }
                throw new FAMSTSException(STSUtils.bundle.getString("nullSubject"));
            }
            if (str == null) {
                str = str5.equals(wSTrustVersion.getBearerKeyTypeURI()) ? STSConstants.SAML_SENDER_VOUCHES_2_0 : STSConstants.SAML_HOLDER_OF_KEY_2_0;
            }
            SAML2TokenSpec sAML2TokenSpec = new SAML2TokenSpec();
            NameID createNameID = AssertionFactory.getInstance().createNameID();
            createNameID.setValue(subjectName);
            createNameID.setNameQualifier(str3);
            sAML2TokenSpec.setAssertionID(str2);
            sAML2TokenSpec.setSenderIdentity(createNameID);
            sAML2TokenSpec.setConfirmationMethod(str);
            X509Certificate x509Certificate = keyInfo.getX509Certificate();
            if (x509Certificate != null) {
                sAML2TokenSpec.setSubjectCertAlias(WSSUtils.getXMLSignatureManager().getKeyProvider().getCertificateAlias(x509Certificate));
            }
            sAML2TokenSpec.setAppliesTo(str4);
            sAML2TokenSpec.setClaimedAttributes(map);
            sAML2TokenSpec.setAssertionInterval(j);
            sAML2TokenSpec.setAuthnContextClassRef(str6);
            sAML2TokenSpec.setIssuer(str3);
            sAML2TokenSpec.setSigningAlias(str7);
            if (keyInfo != null) {
                sAML2TokenSpec.setKeyInfo(keyInfo.getElement());
            }
            return ((SAML2Token) securityTokenFactory.getSecurityToken(sAML2TokenSpec)).toDocumentElement();
        } catch (SAML2Exception e) {
            STSUtils.debug.error("FAMSTSTokenProvider.createSAML2Assertion:  failed in creating SAML20 Token", e);
            throw new FAMSTSException(e.getMessage());
        } catch (KeyResolverException e2) {
            STSUtils.debug.error("FAMSTSTokenProvider.createSAML2Assertion:  failed in creating SAML20 Token", e2);
            throw new FAMSTSException(e2.getMessage());
        } catch (SecurityException e3) {
            STSUtils.debug.error("FAMSTSTokenProvider.createSAML2Assertion:  failed in creating SAML20 Token", e3);
            throw new FAMSTSException(e3.getMessage());
        }
    }

    private String getSubjectName(Map map) {
        for (Map.Entry entry : map.entrySet()) {
            QName qName = (QName) entry.getKey();
            List list = (List) entry.getValue();
            if (list != null && list.size() > 0 && "NameID".equals(qName.getLocalPart())) {
                return (String) list.get(0);
            }
        }
        return null;
    }

    private KeyInfo createKeyInfo(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        Element element = (Element) issuedTokenContext.getOtherProperties().get("ConfirmationKeyInfo");
        if (element != null) {
            try {
                return new KeyInfo(element, (String) null);
            } catch (XMLSecurityException e) {
                STSUtils.debug.error("FAMSTSTokenProvider.createKeyInfo : UNABLE_GET_CLIENT_CERT : ", e);
                throw new WSTrustException(LogStringsMessages.WST_0034_UNABLE_GET_CLIENT_CERT(), e);
            }
        }
        try {
            Document newDocument = XMLUtils.getSafeDocumentBuilder(false).newDocument();
            String appliesTo = issuedTokenContext.getAppliesTo();
            KeyInfo keyInfo = new KeyInfo(newDocument);
            String keyType = issuedTokenContext.getKeyType();
            WSTrustVersion wSTrustVersion = (WSTrustVersion) issuedTokenContext.getOtherProperties().get("wstVersion");
            if (wSTrustVersion.getSymmetricKeyTypeURI().equals(keyType)) {
                try {
                    keyInfo.add(WSSUtils.encryptKey(newDocument, issuedTokenContext.getProofKey(), (X509Certificate) issuedTokenContext.getOtherProperties().get("tagetedServiceCertificate"), null));
                } catch (Exception e2) {
                    STSUtils.debug.error("FAMSTSTokenProvider.createKeyInfo : ERROR_ENCRYPT_PROOFKEY : ", e2);
                    throw new WSTrustException(LogStringsMessages.WST_0040_ERROR_ENCRYPT_PROOFKEY(appliesTo), e2);
                }
            } else if (wSTrustVersion.getPublicKeyTypeURI().equals(keyType)) {
                X509Data x509Data = new X509Data(newDocument);
                try {
                    x509Data.addCertificate(issuedTokenContext.getRequestorCertificate());
                    keyInfo.add(x509Data);
                } catch (XMLSecurityException e3) {
                    STSUtils.debug.error("FAMSTSTokenProvider.createKeyInfo : UNABLE_GET_CLIENT_CERT : ", e3);
                    throw new WSTrustException(LogStringsMessages.WST_0034_UNABLE_GET_CLIENT_CERT(), e3);
                }
            }
            return keyInfo;
        } catch (ParserConfigurationException e4) {
            STSUtils.debug.error("FAMSTSTokenProvider.createKeyInfo : ERROR_CREATING_DOCFACTORY : ", e4);
            throw new WSTrustException(LogStringsMessages.WST_0039_ERROR_CREATING_DOCFACTORY(), e4);
        }
    }

    private void generateSSOToken(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        Subject requestorSubject = issuedTokenContext.getRequestorSubject();
        if (requestorSubject == null) {
            throw new WSTrustException(STSUtils.bundle.getString("nullSubject"));
        }
        String str = null;
        Map map = null;
        FAMSTSConfiguration fAMSTSConfiguration = new FAMSTSConfiguration();
        for (Object obj : requestorSubject.getPublicCredentials()) {
            if (obj instanceof Element) {
                Element element = (Element) obj;
                if (element.getLocalName().equals("FAMToken")) {
                    try {
                        Element documentElement = XMLUtils.toDOMDocument(new STSClientUserToken(element).getTokenId(), STSUtils.debug).getDocumentElement();
                        if (documentElement == null) {
                            throw new WSTrustException(STSUtils.bundle.getString("nullAssertion"));
                        }
                        if (documentElement.getLocalName().equals("Assertion")) {
                            String namespaceURI = documentElement.getNamespaceURI();
                            try {
                                if (STSConstants.SAML10_ASSERTION.equals(namespaceURI)) {
                                    SAML11AssertionValidator sAML11AssertionValidator = new SAML11AssertionValidator(documentElement, fAMSTSConfiguration);
                                    str = sAML11AssertionValidator.getSubjectName();
                                    map = sAML11AssertionValidator.getAttributes();
                                } else if ("urn:oasis:names:tc:SAML:2.0:assertion".equals(namespaceURI)) {
                                    SAML2AssertionValidator sAML2AssertionValidator = new SAML2AssertionValidator(documentElement, fAMSTSConfiguration);
                                    str = sAML2AssertionValidator.getSubjectName();
                                    map = sAML2AssertionValidator.getAttributes();
                                }
                            } catch (SecurityException e) {
                                throw new WSTrustException(e.getMessage());
                            }
                        } else {
                            continue;
                        }
                    } catch (FAMSTSException e2) {
                        throw new WSTrustException(e2.getMessage());
                    }
                } else {
                    continue;
                }
            }
        }
        if (str == null) {
            throw new WSTrustException(STSUtils.bundle.getString("assertion subject is null"));
        }
        HashMap hashMap = new HashMap();
        hashMap.put(ParameterKeys.P_REALM, "/");
        hashMap.put("principalName", str);
        hashMap.put("AuthLevel", "0");
        try {
            SSOToken sSOToken = (SSOToken) new FMSessionProvider().createSession(hashMap, null, null, null);
            if (map != null && !map.isEmpty()) {
                for (String str2 : map.keySet()) {
                    String str3 = (String) map.get(str2);
                    sSOToken.setProperty(str2, str3);
                    if (STSUtils.debug.messageEnabled()) {
                        STSUtils.debug.message("FAMSTSTokenProvider.generateSSOToken: setting session property " + str2 + "=" + str3);
                    }
                }
            }
            STSClientUserToken sTSClientUserToken = new STSClientUserToken();
            sTSClientUserToken.init(sSOToken);
            issuedTokenContext.setSecurityToken(sTSClientUserToken);
        } catch (SSOException e3) {
            STSUtils.debug.error("FAMSTSTokenProvider.generateSSOToken: SSOException ", e3);
            throw new WSTrustException(e3.getMessage());
        } catch (FAMSTSException e4) {
            STSUtils.debug.error("FAMSTSTokenProvider.generateSSOToken: FAMSTSException ", e4);
            throw new WSTrustException(e4.getMessage());
        } catch (SessionException e5) {
            STSUtils.debug.error("FAMSTSTokenProvider.generateSSOToken: session exception ", e5);
            throw new WSTrustException(e5.getMessage());
        }
    }

    private void generateUserNameToken(IssuedTokenContext issuedTokenContext, String str) throws WSTrustException {
        String property;
        Subject requestorSubject = issuedTokenContext.getRequestorSubject();
        if (requestorSubject == null) {
            return;
        }
        for (Object obj : requestorSubject.getPublicCredentials()) {
            if (obj instanceof Element) {
                Element element = (Element) obj;
                if (element.getLocalName().equals("FAMToken")) {
                    try {
                        STSClientUserToken sTSClientUserToken = new STSClientUserToken(element);
                        String tokenId = sTSClientUserToken.getTokenId();
                        if (sTSClientUserToken.getType().equals(SecurityToken.WSS_FAM_SSO_TOKEN)) {
                            SSOToken createSSOToken = SSOTokenManager.getInstance().createSSOToken(tokenId);
                            String property2 = createSSOToken.getProperty("UserId");
                            if (Boolean.valueOf(SystemConfigurationUtil.getProperty("com.sun.identity.wss.security.useHashedPassword", "true")).booleanValue()) {
                                property = createSSOToken.getProperty(WSSConstants.HASHED_USER_PASSWORD);
                            } else {
                                String property3 = createSSOToken.getProperty(WSSConstants.ENCRYPTED_USER_PASSWORD);
                                if (property3 == null || property3.length() == 0) {
                                    throw new WSTrustException("noEncryptedPassword");
                                }
                                property = Crypt.decrypt(property3);
                            }
                            if (property == null || property.length() == 0) {
                                throw new WSTrustException("noUserPassword");
                            }
                            UserNameTokenSpec userNameTokenSpec = new UserNameTokenSpec();
                            userNameTokenSpec.setCreateTimeStamp(true);
                            userNameTokenSpec.setNonce(true);
                            userNameTokenSpec.setPassword(property);
                            userNameTokenSpec.setUserName(property2);
                            userNameTokenSpec.setPasswordType(str);
                            issuedTokenContext.setSecurityToken(new GenericToken(SecurityTokenFactory.getInstance(WSSUtils.getAdminToken()).getSecurityToken(userNameTokenSpec).toDocumentElement()));
                        }
                    } catch (SSOException e) {
                        STSUtils.debug.error("FAMSTSTokenProvider.generateUserNameToken: SSOException ", e);
                        throw new WSTrustException(e.getMessage());
                    } catch (SecurityException e2) {
                        STSUtils.debug.error("FAMSTSTokenProvider.generateUserNameToken: SSOException ", e2);
                        throw new WSTrustException(e2.getMessage());
                    } catch (FAMSTSException e3) {
                        STSUtils.debug.error("FAMSTSTokenProvider.generateUserNameToken: FAMSTSException ", e3);
                        throw new WSTrustException(e3.getMessage());
                    }
                } else {
                    continue;
                }
            }
        }
    }

    private String getAuthnMechanism(IssuedTokenContext issuedTokenContext) {
        Set<Object> publicCredentials;
        Subject requestorSubject = issuedTokenContext.getRequestorSubject();
        if (requestorSubject == null || (publicCredentials = requestorSubject.getPublicCredentials()) == null || publicCredentials.isEmpty()) {
            return null;
        }
        for (Object obj : publicCredentials) {
            if (obj instanceof Map) {
                return (String) ((Map) obj).get(WSSConstants.AUTH_METHOD);
            }
        }
        return null;
    }

    private String getAuthContextClassRef(IssuedTokenContext issuedTokenContext) {
        String authnMechanism = getAuthnMechanism(issuedTokenContext);
        return SecurityMechanism.WSS_NULL_KERBEROS_TOKEN_URI.equals(authnMechanism) ? WSSConstants.KERBEROS_AUTH_CTX_CLASS_REF : SecurityMechanism.WSS_NULL_USERNAME_TOKEN_PLAIN_URI.equals(authnMechanism) ? WSSConstants.PASSWORD_AUTH_CTX_CLASS_REF : SecurityMechanism.WSS_NULL_USERNAME_TOKEN_URI.equals(authnMechanism) ? WSSConstants.PASSWORD_PROTECTED_AUTH_CTX_CLASS_REF : SecurityMechanism.WSS_NULL_X509_TOKEN_URI.equals(authnMechanism) ? WSSConstants.PUBLIC_KEY_AUTH_CTX_CLASS_REF : WSSConstants.SOFTWARE_PKI_AUTH_CTX_CLASS_REF;
    }
}
