package com.sun.identity.configuration;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.cot.COTException;
import com.sun.identity.cot.CircleOfTrustManager;
import com.sun.identity.federation.meta.IDFFMetaException;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.monitoring.Agent;
import com.sun.identity.monitoring.MonitoringUtil;
import com.sun.identity.monitoring.SSOServerRealmFedInfo;
import com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement;
import com.sun.identity.saml2.meta.SAML2MetaException;
import com.sun.identity.saml2.meta.SAML2MetaManager;
import com.sun.identity.saml2.meta.SAML2MetaUtils;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.sm.AttributeSchema;
import com.sun.identity.sm.OrganizationConfigManager;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceSchema;
import com.sun.identity.sm.ServiceSchemaManager;
import com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement;
import com.sun.identity.wsfederation.jaxb.wsfederation.TokenIssuerEndpointElement;
import com.sun.identity.wsfederation.jaxb.wsfederation.UriNamedClaimTypesOfferedElement;
import com.sun.identity.wsfederation.meta.WSFederationMetaException;
import com.sun.identity.wsfederation.meta.WSFederationMetaManager;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import org.forgerock.openam.utils.Time;

/* loaded from: input_file:com/sun/identity/configuration/ConfigFedMonitoring.class */
public class ConfigFedMonitoring {
    Debug debug;
    SSOToken ssoToken;
    private ArrayList realmList;
    public static final String IDENTITY_PROVIDER = "IDP";
    public static final String SERVICE_PROVIDER = "SP";
    public static final String POLICY_DECISION_POINT_DESCRIPTOR = "PDP";
    public static final String POLICY_ENFORCEMENT_POINT_DESCRIPTOR = "PEP";
    public static final String SAML_ATTRAUTHORITY = "AttrAuthority";
    public static final String SAML_AUTHNAUTHORITY = "AuthnAuthority";
    public static final String SAML_ATTRQUERY = "AttrQuery";
    public static final String AFFILIATE = "Affiliate";

    public void configureFedMonitoring() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
        String format = simpleDateFormat.format(Time.newDate());
        this.debug = Debug.getInstance("amMonitoring");
        if (!MonitoringUtil.isRunning()) {
            if (this.debug.warningEnabled()) {
                this.debug.warning("ConfigFedMonitoring.configureMonitoring: monitoring is disabled");
                return;
            }
            return;
        }
        try {
            this.ssoToken = getSSOToken();
            getSAML1TPs();
            getAllRealms("/");
            Date newDate = Time.newDate();
            if (this.debug.messageEnabled()) {
                this.debug.message("ConfigFedMonitoring.configureMonitoring: \n    Start time " + format + "\n    End time = " + simpleDateFormat.format(newDate));
            }
        } catch (SSOException e) {
            this.debug.error("ConfigFedMonitoring.configureMonitoring: Could not get proper SSOToken", e);
        }
    }

    private SSOToken getSSOToken() throws SSOException {
        return (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance());
    }

    private void getSAML1TPs() {
        try {
            HashMap hashMap = new HashMap();
            ServiceSchemaManager serviceSchemaManager = new ServiceSchemaManager("iPlanetAMSAMLService", this.ssoToken);
            for (SchemaType schemaType : serviceSchemaManager.getSchemaTypes()) {
                ServiceSchema schema = serviceSchemaManager.getSchema(schemaType);
                if (schema != null) {
                    schemaType.getType();
                    for (AttributeSchema attributeSchema : schema.getAttributeSchemas()) {
                        String i18NKey = attributeSchema.getI18NKey();
                        if (i18NKey != null && i18NKey.trim().length() > 0) {
                            hashMap.put(attributeSchema.getName(), attributeSchema);
                        }
                    }
                }
            }
            StringBuffer stringBuffer = new StringBuffer("ConfigFedMonitoring.getSAML1TPs: SAML1.x Trusted Partners:\n");
            Set defaultValues = ((AttributeSchema) hashMap.get("iplanet-am-saml-partner-urls")).getDefaultValues();
            int size = defaultValues.size();
            if (this.debug.messageEnabled()) {
                stringBuffer.append("  has ").append(size).append(" entries:\n");
            }
            ArrayList arrayList = new ArrayList(size);
            if (size > 0) {
                Iterator it = defaultValues.iterator();
                while (it.hasNext()) {
                    StringTokenizer stringTokenizer = new StringTokenizer((String) it.next(), "|");
                    int countTokens = stringTokenizer.countTokens();
                    if (this.debug.messageEnabled()) {
                        stringBuffer.append("  #tokens = ").append(countTokens).append("\n");
                    }
                    String str = null;
                    while (stringTokenizer.hasMoreTokens()) {
                        StringTokenizer stringTokenizer2 = new StringTokenizer(stringTokenizer.nextToken(), "=");
                        if (stringTokenizer2.countTokens() == 2) {
                            String nextToken = stringTokenizer2.nextToken();
                            str = stringTokenizer2.nextToken();
                            if (nextToken.equalsIgnoreCase("PARTNERNAME")) {
                                if (this.debug.messageEnabled()) {
                                    stringBuffer.append("  **got PARTNERNAME**\n");
                                }
                                arrayList.add(str);
                            }
                        }
                    }
                    if (this.debug.messageEnabled()) {
                        stringBuffer.append("    ").append(str).append("\n");
                    }
                }
            }
            if (this.debug.messageEnabled()) {
                this.debug.message(stringBuffer.toString());
            }
            Agent.saml1TPConfig(arrayList);
        } catch (SMSException e) {
            this.debug.error("ConfigFedMonitoring.getSAML1TPs: sms ex getting saml1.x: " + e.getMessage());
        } catch (SSOException e2) {
            this.debug.error("ConfigFedMonitoring.getSAML1TPs: sso ex getting saml1.x: " + e2.getMessage());
        }
    }

    private List getRealmsList(String str) {
        try {
            Set subOrganizationNames = new OrganizationConfigManager(this.ssoToken, str).getSubOrganizationNames("*", true);
            this.realmList = new ArrayList(1 + subOrganizationNames.size());
            this.realmList.add(str);
            Iterator it = subOrganizationNames.iterator();
            while (it.hasNext()) {
                this.realmList.add("/" + ((String) it.next()));
            }
            return this.realmList;
        } catch (SMSException e) {
            this.debug.error("ConfigFedMonitoring.getRealmsList: SMSException getting OrgConfigMgr: " + e.getMessage());
            return new ArrayList();
        }
    }

    private void getAllRealms(String str) {
        StringBuffer stringBuffer = new StringBuffer("ConfigFedMonitoring.getAllRealms: ");
        stringBuffer.append("orgnames starting from ").append(str).append(":\n");
        stringBuffer.append("  ").append(str).append("\n");
        List<String> realmsList = getRealmsList(str);
        try {
            CircleOfTrustManager circleOfTrustManager = new CircleOfTrustManager();
            SAML2MetaManager sAML2MetaManager = new SAML2MetaManager();
            IDFFMetaManager iDFFMetaManager = new IDFFMetaManager(this.ssoToken);
            for (String str2 : realmsList) {
                Set cOTs = getCOTs(str2, circleOfTrustManager);
                Map map = null;
                if (1 == 0) {
                    map = getSAML2Entities(str2, sAML2MetaManager);
                }
                Map wSFedEntities = getWSFedEntities(str2);
                Agent.federationConfig(new SSOServerRealmFedInfo.SSOServerRealmFedInfoBuilder(str2).cots(cOTs).samlv2Entities(map).wsEntities(wSFedEntities).idffEntities(getIDFFEntities(str2, iDFFMetaManager)).membEntities(getCOTMembers(str2, cOTs, circleOfTrustManager)).build());
            }
        } catch (IDFFMetaException e) {
            this.debug.error("ConfigFedMonitoring.getAllRealms: IDFF ex: " + e.getMessage());
        } catch (SAML2MetaException e2) {
            this.debug.error("ConfigFedMonitoring.getAllRealms: SAML2 ex: " + e2.getMessage());
        } catch (COTException e3) {
            this.debug.error("ConfigFedMonitoring.getAllRealms: COT ex: " + e3.getMessage());
        }
    }

    public List getWSFedRoles(String str, String str2) {
        FederationElement entityDescriptor;
        ArrayList arrayList = new ArrayList(4);
        boolean z = true;
        int i = 0;
        try {
            WSFederationMetaManager wSFederationMetaManager = new WSFederationMetaManager();
            if (wSFederationMetaManager.getIDPSSOConfig(str2, str) != null) {
                arrayList.add(IDENTITY_PROVIDER);
            }
            if (wSFederationMetaManager.getSPSSOConfig(str2, str) != null) {
                arrayList.add(SERVICE_PROVIDER);
            }
            if (arrayList.isEmpty() && (entityDescriptor = wSFederationMetaManager.getEntityDescriptor(str2, str)) != null) {
                for (Object obj : entityDescriptor.getAny()) {
                    if (obj instanceof UriNamedClaimTypesOfferedElement) {
                        arrayList.add(IDENTITY_PROVIDER);
                        z = false;
                    } else if (obj instanceof TokenIssuerEndpointElement) {
                        i++;
                    }
                }
                if (z || i > 1) {
                    arrayList.add(SERVICE_PROVIDER);
                }
            }
        } catch (WSFederationMetaException e) {
            this.debug.warning("ConfigFedMonitoring.getWSFedRoles", e);
        }
        return arrayList != null ? arrayList : Collections.EMPTY_LIST;
    }

    private List getSAMLv2Roles(String str, String str2) {
        ArrayList arrayList = new ArrayList();
        try {
            SAML2MetaManager sAML2MetaManager = new SAML2MetaManager();
            EntityDescriptorElement entityDescriptor = sAML2MetaManager.getEntityDescriptor(str2, str);
            if (entityDescriptor != null) {
                if (SAML2MetaUtils.getSPSSODescriptor(entityDescriptor) != null) {
                    arrayList.add(SERVICE_PROVIDER);
                }
                if (SAML2MetaUtils.getIDPSSODescriptor(entityDescriptor) != null) {
                    arrayList.add(IDENTITY_PROVIDER);
                }
                if (SAML2MetaUtils.getPolicyDecisionPointDescriptor(entityDescriptor) != null) {
                    arrayList.add(POLICY_DECISION_POINT_DESCRIPTOR);
                }
                if (SAML2MetaUtils.getPolicyEnforcementPointDescriptor(entityDescriptor) != null) {
                    arrayList.add(POLICY_ENFORCEMENT_POINT_DESCRIPTOR);
                }
                if (SAML2MetaUtils.getAttributeAuthorityDescriptor(entityDescriptor) != null) {
                    arrayList.add(SAML_ATTRAUTHORITY);
                }
                if (SAML2MetaUtils.getAuthnAuthorityDescriptor(entityDescriptor) != null) {
                    arrayList.add(SAML_AUTHNAUTHORITY);
                }
                if (SAML2MetaUtils.getAttributeQueryDescriptor(entityDescriptor) != null) {
                    arrayList.add(SAML_ATTRQUERY);
                }
                if (sAML2MetaManager.getAffiliationDescriptor(str2, str) != null) {
                    arrayList.add(AFFILIATE);
                }
            }
        } catch (SAML2MetaException e) {
            if (this.debug.warningEnabled()) {
                this.debug.warning("ConfigFedMonitoring.getSAMLv2Roles() - Couldn't get SAMLMetaManager");
            }
        }
        return arrayList != null ? arrayList : Collections.EMPTY_LIST;
    }

    private List getIDFFRoles(String str, String str2) {
        ArrayList arrayList = new ArrayList(6);
        try {
            IDFFMetaManager iDFFMetaManager = new IDFFMetaManager(this.ssoToken);
            if (iDFFMetaManager.getIDPDescriptor(str2, str) != null) {
                arrayList.add(IDENTITY_PROVIDER);
            }
            if (iDFFMetaManager.getSPDescriptor(str2, str) != null) {
                arrayList.add(SERVICE_PROVIDER);
            }
            if (iDFFMetaManager.getAffiliationDescriptor(str2, str) != null) {
                arrayList.add(AFFILIATE);
            }
        } catch (IDFFMetaException e) {
            if (this.debug.warningEnabled()) {
                this.debug.warning("ConfigFedMonitoring.getIDFFRoles() - Couldn't get SAMLMetaManager");
            }
        }
        return arrayList;
    }

    private String listToString(List list) {
        StringBuffer stringBuffer = new StringBuffer();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (stringBuffer.length() > 0) {
                stringBuffer.append("; ");
            }
            stringBuffer.append(getLocalizedString(str));
        }
        return stringBuffer.toString();
    }

    private String getLocalizedString(String str) {
        return str;
    }

    private Set getCOTs(String str, CircleOfTrustManager circleOfTrustManager) {
        Set set = null;
        try {
            set = circleOfTrustManager.getAllCirclesOfTrust(str);
        } catch (COTException e) {
            this.debug.error("ConfigFedMonitoring.getCOTs: COTMgr error: " + e.getMessage());
        }
        return set;
    }

    private Map getCOTMembers(String str, Set set, CircleOfTrustManager circleOfTrustManager) {
        StringBuffer stringBuffer = new StringBuffer("ConfigFedMonitoring.getCOTMembers: ");
        HashMap hashMap = new HashMap();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            String str2 = (String) it.next();
            if (this.debug.messageEnabled()) {
                stringBuffer.append(" cotName = ").append(str2).append("\n");
            }
            HashMap hashMap2 = new HashMap();
            try {
                Set listCircleOfTrustMember = circleOfTrustManager.listCircleOfTrustMember(str, str2, "saml2");
                Set listCircleOfTrustMember2 = circleOfTrustManager.listCircleOfTrustMember(str, str2, "idff");
                Set listCircleOfTrustMember3 = circleOfTrustManager.listCircleOfTrustMember(str, str2, "wsfed");
                hashMap2.put("SAML", listCircleOfTrustMember);
                hashMap2.put("IDFF", listCircleOfTrustMember2);
                hashMap2.put("WSFed", listCircleOfTrustMember3);
                hashMap.put(str2, hashMap2);
                if (this.debug.messageEnabled()) {
                    stringBuffer.append("    SAMLv2 members: ");
                    if (listCircleOfTrustMember == null || listCircleOfTrustMember.size() <= 0) {
                        stringBuffer.append("none\n");
                    } else {
                        Iterator it2 = listCircleOfTrustMember.iterator();
                        while (it2.hasNext()) {
                            stringBuffer.append("      ").append((String) it2.next()).append("\n");
                        }
                    }
                    stringBuffer.append("    IDFF members: ");
                    if (listCircleOfTrustMember2 == null || listCircleOfTrustMember2.size() <= 0) {
                        stringBuffer.append("none\n");
                    } else {
                        Iterator it3 = listCircleOfTrustMember2.iterator();
                        while (it3.hasNext()) {
                            stringBuffer.append("      ").append((String) it3.next()).append("\n");
                        }
                    }
                    stringBuffer.append("    WSFed members: ");
                    if (listCircleOfTrustMember3 == null || listCircleOfTrustMember3.size() <= 0) {
                        stringBuffer.append("none\n");
                    } else {
                        Iterator it4 = listCircleOfTrustMember3.iterator();
                        while (it4.hasNext()) {
                            stringBuffer.append("      ").append((String) it4.next()).append("\n");
                        }
                    }
                }
            } catch (COTException e) {
                this.debug.error("ConfigFedMonitoring.getCOTMembers: COTException: " + e.getMessage());
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.error(stringBuffer.toString());
        }
        return hashMap;
    }

    private Map getSAML2Entities(String str, SAML2MetaManager sAML2MetaManager) {
        HashMap hashMap = new HashMap();
        try {
            Set<String> allEntities = sAML2MetaManager.getAllEntities(str);
            List allHostedEntities = sAML2MetaManager.getAllHostedEntities(str);
            for (String str2 : allEntities) {
                HashMap hashMap2 = new HashMap();
                if (allHostedEntities == null || !allHostedEntities.contains(str2)) {
                    hashMap2.put("location", "remote");
                } else {
                    hashMap2.put("location", "hosted");
                }
                hashMap2.put("roles", listToString(getSAMLv2Roles(str2, str)));
                hashMap.put(str2, hashMap2);
            }
        } catch (SAML2MetaException e) {
            this.debug.error("ConfigFedMonitoring.getSAML2Entities:getting SAML2 entity providers for realm " + str + ": " + e.getMessage());
        }
        return hashMap;
    }

    private Map getWSFedEntities(String str) {
        HashMap hashMap = new HashMap();
        try {
            WSFederationMetaManager wSFederationMetaManager = new WSFederationMetaManager();
            Set<String> allEntities = wSFederationMetaManager.getAllEntities(str);
            List allHostedEntities = wSFederationMetaManager.getAllHostedEntities(str);
            for (String str2 : allEntities) {
                HashMap hashMap2 = new HashMap();
                if (allHostedEntities == null || !allHostedEntities.contains(str2)) {
                    hashMap2.put("location", "remote");
                } else {
                    hashMap2.put("location", "hosted");
                }
                hashMap2.put("roles", listToString(getWSFedRoles(str2, str)));
                hashMap.put(str2, hashMap2);
            }
        } catch (WSFederationMetaException e) {
            this.debug.error("ConfigFedMonitoring.getWSFedEntities:getting WSFed entities for realm " + str + ": " + e.getMessage());
        }
        return hashMap;
    }

    private Map getIDFFEntities(String str, IDFFMetaManager iDFFMetaManager) {
        HashMap hashMap = new HashMap();
        try {
            Set<String> allEntities = iDFFMetaManager.getAllEntities(str);
            List allHostedEntities = iDFFMetaManager.getAllHostedEntities(str);
            for (String str2 : allEntities) {
                HashMap hashMap2 = new HashMap();
                if (allHostedEntities == null || !allHostedEntities.contains(str2)) {
                    hashMap2.put("location", "remote");
                } else {
                    hashMap2.put("location", "hosted");
                }
                hashMap2.put("roles", listToString(getIDFFRoles(str2, str)));
                hashMap.put(str2, hashMap2);
            }
        } catch (IDFFMetaException e) {
            this.debug.error("ConfigFedMonitoring.getIDFFEntities:getting IDFF entity providers for realm " + str + ": " + e.getMessage());
        }
        return hashMap;
    }
}
