package org.forgerock.openam.authentication.modules.deviceprint;

import com.iplanet.sso.SSOException;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdSearchControl;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdType;
import com.sun.identity.shared.datastruct.CollectionHelper;
import com.sun.identity.shared.debug.Debug;
import java.io.IOException;
import java.security.Principal;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.login.LoginException;
import org.forgerock.openam.authentication.modules.scripted.ScriptedPrinciple;

/* loaded from: input_file:org/forgerock/openam/authentication/modules/deviceprint/DeviceIdSave.class */
public class DeviceIdSave extends AMLoginModule {
    private static final String AUTO_STORE_PROFILES_KEY = "iplanet-am-auth-device-id-save-auto-store-profile";
    private static final String MAX_PROFILES_ALLOWED_KEY = "iplanet-am-auth-device-id-save-max-profiles-allowed";
    private static final String DEVICE_PRINT_PROFILE_KEY = "devicePrintProfile";
    static final int SAVE_PROFILE_STATE = 2;
    static final int NAME_PROFILE_STATE = 3;
    private static final String DEBUG_NAME = "amAuthDeviceIdSave";
    private static final Debug DEBUG = Debug.getInstance(DEBUG_NAME);
    private String userName;
    private PersistModuleProcessor processor;

    public void init(Subject subject, Map map, Map map2) {
        int parseInt = Integer.parseInt(CollectionHelper.getMapAttr(map2, MAX_PROFILES_ALLOWED_KEY));
        this.userName = (String) map.get(getUserKey());
        try {
            this.processor = new PersistModuleProcessor((Map) DevicePrintDao.MAPPER.readValue((String) map.get(DEVICE_PRINT_PROFILE_KEY), Map.class), Boolean.parseBoolean(CollectionHelper.getMapAttr(map2, AUTO_STORE_PROFILES_KEY)), new ProfilePersister(parseInt, new DevicePrintDao(), getIdentity()));
        } catch (IOException e) {
            DEBUG.error("DeviceIdSave.init : Module exception : ", e);
        }
    }

    public int process(Callback[] callbackArr, int i) throws LoginException {
        return this.processor.process(callbackArr, i);
    }

    private AMIdentityWrapper getIdentity() {
        AMIdentityWrapper aMIdentityWrapper = null;
        AMIdentityRepository aMIdentityRepository = getAMIdentityRepository(getRequestOrg());
        IdSearchControl idSearchControl = new IdSearchControl();
        idSearchControl.setAllReturnAttributes(true);
        Set emptySet = Collections.emptySet();
        try {
            idSearchControl.setMaxResults(0);
            IdSearchResults searchIdentities = aMIdentityRepository.searchIdentities(IdType.USER, this.userName, idSearchControl);
            if (searchIdentities != null) {
                emptySet = searchIdentities.getSearchResults();
            }
            if (emptySet.isEmpty()) {
                DEBUG.error("DeviceIdSave.getIdentity : User " + this.userName + " is not found");
            } else if (emptySet.size() > 1) {
                DEBUG.error("DeviceIdSave.getIdentity : More than one user found for the userName " + this.userName);
            } else {
                aMIdentityWrapper = new AMIdentityWrapper((AMIdentity) emptySet.iterator().next());
            }
        } catch (SSOException e) {
            DEBUG.error("DeviceIdSave.getIdentity : Module exception : ", e);
        } catch (IdRepoException e2) {
            DEBUG.error("DeviceIdSave.getIdentity : Error searching Identities with username : " + this.userName, e2);
        }
        return aMIdentityWrapper;
    }

    public Principal getPrincipal() {
        return new ScriptedPrinciple(this.userName);
    }
}
